├── .gitignore
├── README.md
├── changelog.5.11.2.txt
├── docs
    ├── README.md
    ├── aix-definitions-schema.md
    ├── aix-system-characteristics-schema.md
    ├── android-definitions-schema.md
    ├── android-system-characteristics-schema.md
    ├── apache-definitions-schema.md
    ├── apache-system-characteristics-schema.md
    ├── apple-ios-definitions-schema.md
    ├── apple-ios-system-characteristics-schema.md
    ├── asa-definitions-schema.md
    ├── asa-system-characteristics-schema.md
    ├── catos-definitions-schema.md
    ├── catos-system-characteristics-schema.md
    ├── esx-definitions-schema.md
    ├── esx-system-characteristics-schema.md
    ├── evaluation-ids.md
    ├── freebsd-definitions-schema.md
    ├── freebsd-system-characteristics-schema.md
    ├── hpux-definitions-schema.md
    ├── hpux-system-characteristics-schema.md
    ├── independent-definitions-schema.md
    ├── independent-system-characteristics-schema.md
    ├── ios-definitions-schema.md
    ├── ios-system-characteristics-schema.md
    ├── iosxe-definitions-schema.md
    ├── iosxe-system-characteristics-schema.md
    ├── junos-definitions-schema.md
    ├── junos-system-characteristics-schema.md
    ├── linux-definitions-schema.md
    ├── linux-system-characteristics-schema.md
    ├── macos-definitions-schema.md
    ├── macos-system-characteristics-schema.md
    ├── netconf-definitions-schema.md
    ├── netconf-system-characteristics-schema.md
    ├── oval-common-schema.md
    ├── oval-definitions-schema.md
    ├── oval-directives-schema.md
    ├── oval-results-schema.md
    ├── oval-system-characteristics-schema.md
    ├── oval-variables-schema.md
    ├── pixos-definitions-schema.md
    ├── pixos-system-characteristics-schema.md
    ├── sharepoint-definitions-schema.md
    ├── sharepoint-system-characteristics-schema.md
    ├── solaris-definitions-schema.md
    ├── solaris-system-characteristics-schema.md
    ├── unix-definitions-schema.md
    ├── unix-system-characteristics-schema.md
    ├── windows-definitions-schema.md
    └── windows-system-characteristics-schema.md
├── schemas
    ├── aix-definitions-schema.xsd
    ├── aix-system-characteristics-schema.xsd
    ├── android-definitions-schema.xsd
    ├── android-system-characteristics-schema.xsd
    ├── apache-definitions-schema.xsd
    ├── apache-system-characteristics-schema.xsd
    ├── apple-ios-definitions-schema.xsd
    ├── apple-ios-system-characteristics-schema.xsd
    ├── asa-definitions-schema.xsd
    ├── asa-system-characteristics-schema.xsd
    ├── catos-definitions-schema.xsd
    ├── catos-system-characteristics-schema.xsd
    ├── esx-definitions-schema.xsd
    ├── esx-system-characteristics-schema.xsd
    ├── evaluation-ids.xsd
    ├── freebsd-definitions-schema.xsd
    ├── freebsd-system-characteristics-schema.xsd
    ├── hpux-definitions-schema.xsd
    ├── hpux-system-characteristics-schema.xsd
    ├── independent-definitions-schema.xsd
    ├── independent-system-characteristics-schema.xsd
    ├── ios-definitions-schema.xsd
    ├── ios-system-characteristics-schema.xsd
    ├── iosxe-definitions-schema.xsd
    ├── iosxe-system-characteristics-schema.xsd
    ├── junos-definitions-schema.xsd
    ├── junos-system-characteristics-schema.xsd
    ├── linux-definitions-schema.xsd
    ├── linux-system-characteristics-schema.xsd
    ├── macos-definitions-schema.xsd
    ├── macos-system-characteristics-schema.xsd
    ├── netconf-definitions-schema.xsd
    ├── netconf-system-characteristics-schema.xsd
    ├── oval-common-schema.xsd
    ├── oval-definitions-schema.xsd
    ├── oval-directives-schema.xsd
    ├── oval-results-schema.xsd
    ├── oval-system-characteristics-schema.xsd
    ├── oval-variables-schema.xsd
    ├── pixos-definitions-schema.xsd
    ├── pixos-system-characteristics-schema.xsd
    ├── sharepoint-definitions-schema.xsd
    ├── sharepoint-system-characteristics-schema.xsd
    ├── solaris-definitions-schema.xsd
    ├── solaris-system-characteristics-schema.xsd
    ├── unix-definitions-schema.xsd
    ├── unix-system-characteristics-schema.xsd
    ├── windows-definitions-schema.xsd
    ├── windows-system-characteristics-schema.xsd
    └── xmldsig-core-schema.xsd
├── specifications
    ├── oval-language-specification.docx
    ├── oval-unix-extension-specification.docx
    └── oval-windows-extension-specification.docx
└── tools
    ├── ExtractSchFromXSD.xsl
    └── oval_xsd2md.xsl


/.gitignore:
--------------------------------------------------------------------------------
1 | .DS_Store
2 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | ## OVAL Language
 2 | 
 3 | This is a read-only archive of OVAL 5.11.2, please visit https://github.com/OVAL-Community for the current open source managed version of OVAL.  
 4 | 
 5 | 
 6 | International in scope and free for public use, OVAL is an information security community effort to standardize how to assess and report upon the machine state of computer systems. OVAL includes a language to encode system details, and an assortment of content repositories held throughout the community.
 7 | 
 8 | This GitHub project hosts the OVAL Language Schemas and Specifications to improve transparency and the community's ability to track changes before a release. As of the OVAL 5.11.1 release, official releases of the OVAL Language are posted on this GitHub project.
 9 | 
10 | Official: [OVAL 5.11.2] (https://github.com/OVALProject/Language/tree/5.11.2)<br>
11 | Previous: [OVAL 5.11.1] (https://github.com/OVALProject/Language/tree/5.11.1)<br>
12 | 
13 | 
14 | 


--------------------------------------------------------------------------------
/changelog.5.11.2.txt:
--------------------------------------------------------------------------------
 1 | # Changes from 5.11.1 to 5.11.2
 2 | Further specify how to evaluate deprecated constructs. Issue #7.
 3 | Clarify the name entity documentation in the win-def:metabase_test. Issue #17.
 4 | Complete documentation of comparing objects/states and items. Issue #22.
 5 | Make the command_line entity nillable in the Windows process tests. Issue #57.
 6 | Fix inconsistencies between the diagrams and tables in the specification. Issue #58.
 7 | Clarify how to handle reg_multi_sz values with no values. Issue #61.
 8 | Fix contradictions regarding how to assign status values to items and item entities. Issue #69.
 9 | Re-examine whether to include regular expression modifiers. Issue #72.
10 | Clarify the documentation of the unix-def:shadow_test/flag entity. Issue #74.
11 | Update the foreign_port documentation in the macos-def:inetlisteningservers510_test. Issue #77.
12 | Fix documentation for foreign_* entities on win-def:port_test. Issue #81.
13 | Fix truth table for evaluation of "at_least_one_exists" existence check. Issue #82.
14 | Clarify how check_existence works. Issue #83.
15 | Clarify exec_shield entity documentation in the unix-def:process58_test. Issue #95.
16 | Added support for the HKEY_CURRENT_USER_LOCAL_SETTINGS hive in the Windows registry-based tests. Issue #97.
17 | Change the priority entity datatype in the win-def:process_test and the win-def:process58_test to integer. Issue #98.
18 | Improve the documentation associated with the user and group tests in the windows. Issue #101.
19 | Added a sub-section on the check_existence attribute to the Evaluating OVAL State Entities section of the OVAL Language specification.
20 | Document not collected item entities versus not collecting item entities enhancement. Issue #105.
21 | Change the macos-def:diskutil_test to allow for checking if the owners, groups, or symlink status have changed. Issue #109.
22 | Deprecate the win-def:activedirectory57_test and the ind-def:ldap57_test. Issue #121.
23 | Correct spweb_object entity name. Issue #124.
24 | Fix Section 5.3.4.1.4 Determining the Final Result of an OVAL State Entity Evaluation. Issue #135.
25 | Add WIN8/WIN2012 audit subcategories. Issue #136.
26 | Consistently document user and group accounts and the use of a machine qualifier in Windows Definitions. Issue #157, and #165.
27 | Domain group memberships not returned for domain users in user_item\group values. Issue #162.
28 | Migrate the additional entities for the win-def:user_test. Issue #168.
29 | Document how bitwise ops work on integers. Issue #171.
30 | Document how to handle no epoch in the evr entity of the linux-def:dpkginfo_test. Issue #175.
31 | Update maxOccurs on the selinux_domain_label in the unix-sc:process58_item.  Issue #178.
32 | Document handling xsi:nil="true" in the ind-def:environmentvariable58_test with a remote scan. Issue #180.
33 | Investigate normalization of line endings. Issue #179.
34 | Fix documentation around the processing of the state_operator and check properties. Issue #181.
35 | Update partition_test. Issue #183.
36 | Fix incorrect reference in 5.3.3.5, Filter Evaluation to ArithmeticEnumeration. Issue #184.
37 | Determining item uniqueness. Issue #187.
38 | Remove operation restriction on the module_version entity in the win-def:cmdlet_object. Issue #234.
39 | Add support for variable instance to Variables schema. Issue #193.
40 | Update terms of use links. Issue #194.
41 | Clarification for nillable entities in win-def:cmdlet_object. Issue #246.
42 | asa-sc and asa-def: EntityItemInpsectionType/EntityStateInpsectionType misspelled. Issue #248.
43 | Implement proposed updates to Linux partition_test; clarification for linux-def:partition_state/space_left. Issue #262, and #269.
44 | Make ind-sc:environmentvariable58_item/pid entity nillable. Issue #264.
45 | Need a way to assess security policy LSAAnonymousNameLookup setting on non-Domain-connected Windows machines. Issue #267.
46 | Change HPUX trusted item element 'login_tty_u' datatype to string. Issue #270.
47 | Change the win-sc:file_item/product_version to an EntityItemAnySimpleType. Issue #272.
48 | Typo in macos-definitions-schema.xsd. Issue #273.
49 | Integrate Cisco and MacOS changes from PR258. Issue #274.
50 | Add junos-def/junos-sc Entity[State/Item]JunosReleaseTypeType missing types. Issue #266.
51 | Fix junos-def:version_state issue. Issue #265.
52 | Update README.md for the 5.11.2 release.
53 | Rpm Info Item extended_name and '(none)' architecture. Issue #261.
54 | Separate out Windows file attributes from type. Issue #275.
55 | Bug fixes for previous 5.11.2 commits.
56 | Additional fix to close out PR#142. Issue #98.
57 | Clarify how to handle reg_multi_sz values with no values (PR#156). Issue #61.
58 | Add the windows_view behavior to the win-def:peheader_test. Issue #59.
59 | Ported remaining fixes from Jasen's Tracker Items PR#134.
60 | Exposing filesystem links on Windows via the addition of a win:junction test, and addition of a corresponding recurse attribute for Windows FileBehaviors.
61 | Added XPATH-centric macos:plist511 test. Issue #276.
62 | Add support for negative instance values in ind-def:textfilecontent54_object. Issue #277.
63 | Schema documentation clarifications for issues raised by 5706e13.
64 | junos:version_state/item does not sufficiently describe possible JunOS versions. Issue #278.
65 | <xinetd_item> change. Issue #257.
66 | Behaviors is missing from win:serviceeffectiverights_object. Issue #279
67 | Use schematron to validate DWORD values (require >0). Issue #192.
68 | Added linux-def:apparmorstatus_test.
69 | Added Windows audit subcategory GUID 0cce924a-69ae-11d9-bed3-505054503030
70 | Add a way to retrieve the expanded value of a REG_EXPAND_SZ. Issue #280.
71 | Platform schema versions should use a minimum base schema version prefix. Issue #281.
72 | MacOS:pwpolicy59_object schematron update. Issue #282.
73 | Implement SPAWAR change proposal for win-def:userright_test. Issue #283.
74 | Add missing evaluation-ids.xsd schema. Issue #284.
75 | Replace MITRE attributions with OVAL Community attributions. Issue #285.
76 | Make pwpolicy59_test/target_user nillable. Issue #286.
77 | Added this changelog document.
78 | Added schema documentation markdown and tools for generation of the same.
79 | 


--------------------------------------------------------------------------------
/docs/README.md:
--------------------------------------------------------------------------------
 1 | # Schema Documentation for OVAL 5.11.2
 2 | 
 3 | This is an index page for quick reference to generated schema documentation. For more information
 4 | about the Open Vulnerability and Assessment Language (OVAL) language, or to raise an issue concerning the language
 5 | (including issues concerning documentation), see the [OVAL Language Project Homepage](https://github.com/OVALProject/Language) on Github.
 6 |     
 7 | The OVAL Language operates under the [OVAL Terms of Use](http://oval.cisecurity.org/terms).
 8 | 
 9 | ## Core Schemas
10 | 
11 | * [Common](oval-common-schema.md) 
12 | * [Definitions](oval-definitions-schema.md) 
13 | * [System-Characteristics](oval-systm-characteristics.md)
14 | * [Results](oval-results-schema.md)
15 | 
16 | ## OVAL Interpreter Schemas
17 | 
18 | * [Directives](oval-directives-schema.md)
19 | * [Evaluation-IDs](evaluation-ids.md)
20 | * [External Variables](oval-variables-schema.md)
21 | 
22 | ## Platform Schemas
23 | 
24 | ### Independent
25 | 
26 | * Platform-Independent: [Definitions](independent-definitions-schema.md), [System Characteristics](independent-system-characteristics-schema.md)
27 | 
28 | ### Mobile Devices
29 | 
30 | * Apple iOS: [Definitions](apple-ios-definitions-schema.md), [System Characteristics](apple-ios-system-characteristics-schema.md)
31 | * Google Andriod: [Definitions](android-definitions-schema.md), [System Characteristics](android-system-characteristics-schema.md)
32 | 
33 | ### Network Devices
34 | 
35 | * Cisco ASA: [Definitions](asa-definitions-schema.md), [System Characteristics](asa-system-characteristics-schema.md)
36 | * Cisco CATOS: [Definitions](catos-definitions-schema.md), [System Characteristics](catos-system-characteristics-schema.md)
37 | * Cisco IOS: [Definitions](ios-definitions-schema.md), [System Characteristics](ios-system-characteristics-schema.md)
38 | * Cisco IOS-XE: [Definitions](iosxe-definitions-schema.md), [System Characteristics](iosxe-system-characteristics-schema.md)
39 | * Cisco PIX: [Definitions](pixos-definitions-schema.md), [System Characteristics](pixos-system-characteristics-schema.md)
40 | * Juniper JunOS: [Definitions](junos-definitions-schema.md), [System Characteristics](junos-system-characteristics-schema.md)
41 | * NETCONF: [Definitions](netconf-definitions-schema.md), [System Characteristics](netconf-system-characteristics-schema.md)
42 | 
43 | ### Microsoft-Specific
44 | 
45 | * Windows: [Definitions](windows-definitions-schema.md), [System Characteristics](windows-system-characteristics-schema.md)
46 | * Sharepoint: [Definitions](sharepoint-definitions-schema.md), [System Characteristics](sharepoint-system-characteristics-schema.md)
47 | 
48 | ### Unix Operating Systems
49 | 
50 | * Unix (Generic): [Definitions](unix-definitions-schema.md), [System Characteristics](unix-system-characteristics-schema.md)
51 | * Apple MacOS: [Definitions](macos-definitions-schema.md), [System Characteristics](macos-system-characteristics-schema.md)
52 | * FreeBSD: [Definitions](freebsd-definitions-schema.md), [System Characteristics](freebsd-system-characteristics-schema.md)
53 | * HP-UX: [Definitions](hpux-definitions-schema.md), [System Characteristics](hpux-system-characteristics-schema.md)
54 | * IBM AIX: [Definitions](aix-definitions-schema.md), [System Characteristics](aix-system-characteristics-schema.md)
55 | * Linux: [Definitions](linux-definitions-schema.md), [System Characteristics](linux-system-characteristics-schema.md)
56 | * Oracle Solaris: [Definitions](solaris-definitions-schema.md), [System Characteristics](solaris-system-characteristics-schema.md)
57 | * VMWare ESX: [Definitions](esx-definitions-schema.md), [System Characteristics](esx-system-characteristics-schema.md)
58 | 
59 | ### Application-Specific
60 | 
61 | * Apache: [Definitions](apache-definitions-schema.md), [System Characteristics](apache-system-characteristics-schema.md)
62 | 


--------------------------------------------------------------------------------
/docs/aix-system-characteristics-schema.md:
--------------------------------------------------------------------------------
  1 | # Open Vulnerability and Assessment Language: Element Dictionary
  2 | 
  3 | * Schema: AIX System Characteristics  
  4 | * Version: 5.11.1:1.1  
  5 | * Release Date: 11/30/2016 09:00:00 AM
  6 | 
  7 | The following is a description of the elements, types, and attributes that compose the AIX specific system characteristic items found in Open Vulnerability and Assessment Language (OVAL). Each item is an extension of the standard test element defined in the Core Definition Schema. Through extension, each test inherits a set of elements and attributes that are shared amongst all OVAL tests. Each test is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core Definition Schema is not outlined here.
  8 | 
  9 | This schema was originally developed by Yuzheng Zhou and Todd Dolinsky at Hewlett-Packard. The OVAL Schema is maintained by the OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.cisecurity.org.
 10 | 
 11 | ______________
 12 |   
 13 | ## <a name="interim_fix_item"></a>< interim_fix_item >
 14 | 
 15 | From emgr -l -u VUID Command. See instfix manpage for specific fields.
 16 | 
 17 | **Extends:** [oval-sc:ItemType](oval-system-characteristics-schema.md#ItemType) 
 18 | 
 19 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
 20 | |:-------------- |:--------------------------- |  
 21 | | vuid | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
 22 | ||<div>Virtually Unique ID. A combination of time and cpuid, this ID can be used to differentiate fixes that are otherwise identical.</div>|  
 23 | | label | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
 24 | ||<div>Each efix that is installed on a given system has a unique efix label.</div>|  
 25 | | abstract | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
 26 | ||<div>Describes the efix package.</div>|  
 27 | | state | [aix-sc:EntityItemInterimFixStateType](#EntityItemInterimFixStateType)  (0..1) |  
 28 | ||<div>The the emergency fix state.</div>|  
 29 |   
 30 | ______________
 31 |   
 32 | ## <a name="fileset_item"></a>< fileset_item >
 33 | 
 34 | Output of /usr/bin/lslpp -l FilesetName. See lslpp manpage for specific fields.
 35 | 
 36 | **Extends:** [oval-sc:ItemType](oval-system-characteristics-schema.md#ItemType) 
 37 | 
 38 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
 39 | |:-------------- |:--------------------------- |  
 40 | | flstinst | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
 41 | ||<div>Represents the name of the fileset being checked.</div>|  
 42 | | level | [oval-sc:EntityItemVersionType](oval-system-characteristics-schema.md#EntityItemVersionType)  (0..1) |  
 43 | ||<div>Maintenance level (also known as version in Solaris or Linux) of the fileset. For example, "5.3.0.10" is the level for 'bos.txt.tfs' fileset in one AIX machine.</div>|  
 44 | | state | [aix-sc:EntityItemFilesetStateType](#EntityItemFilesetStateType)  (0..1) |  
 45 | ||<div>This gives the state of the fileset being checked. The state can be 'APPLIED', 'APPLYING','BROKEN', 'COMMITTED', 'EFIX LOCKED', 'OBSOLETE', 'COMMITTING','REJECTING'. See the manpage of the 'lslpp' command more information.</div>|  
 46 | | description | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
 47 | ||<div>Short description of the fileset being checked.</div>|  
 48 |   
 49 | ______________
 50 |   
 51 | ## <a name="fix_item"></a>< fix_item >
 52 | 
 53 | From /usr/sbin/instfix -iavk APARNum Command. See instfix manpage for specific fields.
 54 | 
 55 | **Extends:** [oval-sc:ItemType](oval-system-characteristics-schema.md#ItemType) 
 56 | 
 57 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
 58 | |:-------------- |:--------------------------- |  
 59 | | apar_number | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
 60 | ||<div>APAR is the short for 'Authorized Program Analysis Report'. APAR identifies and describes a software product defect. An APAR number can obtain a PTF (Program Temporary Fix) for the defect, if a PTF is available. An example of an apar_number is 'IY78751', it includes two alphabetic characters and a 5-digit integer.</div>|  
 61 | | abstract | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
 62 | ||<div>The abstract of the APAR being checked. For instance, 'LL syas rXct are available even when not susea' is the abstract of APAR 'IY78751'.</div>|  
 63 | | symptom | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
 64 | ||<div>The symptom text related to the APAR being checked. For example, the symptom text for 'IY75211' is 'Daylight savings change for year 2007 and beyond'.</div>|  
 65 | | installation_status | [aix-sc:EntityItemFixInstallationStatusType](#EntityItemFixInstallationStatusType)  (0..1) |  
 66 | ||<div>The installation status of files associated with the APAR.</div>|  
 67 |   
 68 | ______________
 69 |   
 70 | ## <a name="no_item"></a>< no_item >
 71 | 
 72 | The no_item is used to hold information related to the /usr/sbin/no command and the tunable parameters it manages. Currently, /usr/sbin/no is used to configure network tuning parameters. The /usr/sbin/no command sets or displays current or next boot values for network tuning parameters. The /usr/sbin/no command queries the named parameter, retrieves the value associated with the specified parameter, and displays it.
 73 | 
 74 | **Extends:** [oval-sc:ItemType](oval-system-characteristics-schema.md#ItemType) 
 75 | 
 76 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
 77 | |:-------------- |:--------------------------- |  
 78 | | tunable | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
 79 | ||<div>The name of the target parameter to be queried by the /usr/sbin/no command. Examples include ip_forwarding and tcp_keepalive_interval.</div>|  
 80 | | value | [oval-sc:EntityItemAnySimpleType](oval-system-characteristics-schema.md#EntityItemAnySimpleType)  (0..1) |  
 81 | ||<div>The value entity defines the value assigned to the tunable parameter being examined.</div>|  
 82 |   
 83 | ______________
 84 |   
 85 | ## <a name="oslevel_item"></a>< oslevel_item >
 86 | 
 87 | Information about the release and maintenance level of AIX operating system. This information can be retrieved by the /usr/bin/oslevel -r command.
 88 | 
 89 | **Extends:** [oval-sc:ItemType](oval-system-characteristics-schema.md#ItemType) 
 90 | 
 91 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
 92 | |:-------------- |:--------------------------- |  
 93 | | maintenance_level | [oval-sc:EntityItemVersionType](oval-system-characteristics-schema.md#EntityItemVersionType)  (0..1) |  
 94 | ||<div>This is the maintenance level (system version) of current AIX operating system.</div>|  
 95 |   
 96 | ## <a name="EntityItemFilesetStateType"></a>== EntityItemFilesetStateType ==
 97 | 
 98 | The EntityStateFilesetStateType complex type defines the different values that are valid for the state entity of a fileset state. The empty string value is permitted here to allow for detailed error reporting.
 99 | 
100 | **Restricts:** [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType) 
101 | 
102 | | Value | Description |  
103 | | ----- | ----------- |  
104 | | APPLIED | <div>The specified fileset is installed on the system. The APPLIED state means that the fileset can be rejected with the installp command and the previous level of the fileset restored. This state is only valid for Version 4 fileset updates and 3.2 migrated filesets.</div> |  
105 | | APPLYING | <div>An attempt was made to apply the specified fileset, but it did not complete successfully, and cleanup was not performed.</div> |  
106 | | BROKEN | <div>The specified fileset or fileset update is broken and should be reinstalled before being used.</div> |  
107 | | COMMITTED | <div>The specified fileset is installed on the system. The COMMITTED state means that a commitment has been made to this level of the software. A committed fileset update cannot be rejected, but a committed fileset base level and its updates (regardless of state) can be removed or deinstalled by the installp command.</div> |  
108 | | COMMITTING | <div>An attempt was made to commit the specified fileset, but it did not complete successfully, and cleanup was not performed.</div> |  
109 | | EFIX LOCKED | <div>The specified fileset was installed sucessfully and locked by the interim fix (interim fix) manager.</div> |  
110 | | OBSOLETE | <div>The specified fileset was installed with an earlier version of the operating system but has been replaced by a repackaged (renamed) newer version. Some of the files that belonged to this fileset have been replaced by versions from the repackaged fileset.</div> |  
111 | | REJECTING | <div>An attempt was made to reject the specified fileset, but it did not complete successfully, and cleanup was not performed.</div> |  
112 | |  |  |  
113 |   
114 | ## <a name="EntityItemFixInstallationStatusType"></a>== EntityItemFixInstallationStatusType ==
115 | 
116 | The EntityStateFixInstallationStatusType defines the different values that are valid for the installation_status entity of a fix_state item. The empty string is also allowed as a valid value to support empty emlements associated with error conditions.
117 | 
118 | **Restricts:** [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType) 
119 | 
120 | | Value | Description |  
121 | | ----- | ----------- |  
122 | | ALL_INSTALLED | <div>All filesets for XXXXXXX were found</div> |  
123 | | SOME_INSTALLED | <div>Not all filesets for XXXXXXX were found</div> |  
124 | | NONE_INSTALLED | <div>No filesets which have fixes for XXXXXXX are currently installed.</div> |  
125 | |  | <div>The empty string value is permitted here to allow for detailed error reporting.</div> |  
126 |   
127 | ## <a name="EntityItemInterimFixStateType"></a>== EntityItemInterimFixStateType ==
128 | 
129 | The EntityItemInterimFixStateType complex type defines the different values that are valid for the state entity of a interim_fix_state state. Please refer to the AIX documentation of Emergency Fix States. The empty string value is permitted here to allow for detailed error reporting.
130 | 
131 | **Restricts:** [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType) 
132 | 
133 | | Value | Description |  
134 | | ----- | ----------- |  
135 | | STABLE | <div>The efix was installed with a standard installation, and successfully completed the last installation operation.</div> |  
136 | | MOUNTED | <div>The efix was installed with a mount installation operation, and successfully completed the last installation or mount operation.</div> |  
137 | | UNMOUNTED | <div>The efix was installed with a mount installation operation and one or more efix files were unmounted in a previous emgr command operation.</div> |  
138 | | BROKEN | <div>An unrecoverable error occurred during an installation or removal operation. The status of the efix is unreliable.</div> |  
139 | | INSTALLING | <div>The efix is in the process of installing.</div> |  
140 | | REBOOT_REQUIRED | <div>The efix was installed successfully and requires a reboot to fully integrate into the target system.</div> |  
141 | | REMOVING | <div>The efix is in the process of being removed.</div> |  
142 | |  | <div>The empty string value is permitted here to allow for detailed error reporting.</div> |  
143 |   
144 | 


--------------------------------------------------------------------------------
/docs/apache-definitions-schema.md:
--------------------------------------------------------------------------------
 1 | # Open Vulnerability and Assessment Language: Element Dictionary
 2 | 
 3 | * Schema: Apache Definition  
 4 | * Version: 5.11.1:1.1  
 5 | * Release Date: 11/30/2016 09:00:00 AM
 6 | 
 7 | The following is a description of the elements, types, and attributes that compose the Apache specific tests found in Open Vulnerability and Assessment Language (OVAL). Each test is an extension of the standard test element defined in the Core Definition Schema. Through extension, each test inherits a set of elements and attributes that are shared amongst all OVAL tests. Each test is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core Definition Schema is not outlined here.
 8 | 
 9 | The OVAL Schema is maintained by the OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.cisecurity.org.
10 | 
11 | ## Test Listing
12 | 
13 |  *[ ~~httpd_test~~ ](#httpd_test)  
14 |   
15 | ______________
16 |   
17 | ## <a name="httpd_test"></a><  ~~httpd_test~~  >
18 | 
19 | > :small_red_triangle: **Deprecated As Of Version 5.8** :small_red_triangle: <br />**Reason:** The httpd_test does not specify how to detect instances of httpd and cannot be reasonably specified to allow for products to detect all instances of httpd across platforms, packaging systems, and typical user compiled and configured installations. Without a proper definition of how to identify instances of httpd products will not reliably produce consistent assessment results because they will naturally utilize different approaches to locating instances of httpd which will lead to differences in the set of collected instances of https.<br />**Comment:** This test has been deprecated and may be removed in a future version of the language.<br />
20 | 
21 | The httpd test is used to check the version of an installed httpd binary. It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more information. The required object element references an httpd_test and the optional state element specifies the data to check.
22 | 
23 | **Extends:** [oval-def:TestType](oval-definitions-schema.md#TestType) 
24 | 
25 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
26 | |:-------------- |:--------------------------- |  
27 | | object | [oval-def:ObjectRefType](oval-definitions-schema.md#ObjectRefType)  (1..1) |  
28 | |||  
29 | | state | [oval-def:StateRefType](oval-definitions-schema.md#StateRefType)  (0..unbounded) |  
30 | |||  
31 |   
32 | ## <a name="httpd_object"></a><  ~~httpd_object~~  >
33 | 
34 | > :small_red_triangle: **Deprecated As Of Version 5.8** :small_red_triangle: <br />**Reason:** The httpd_object does not specify how to detect instances of httpd and cannot be reasonably specified to allow for products to detect all instances of httpd across platforms, packaging systems, and typical user compiled and configured installations. Without a proper definition of how to identify instances of httpd products will not reliably produce consistent assessment results because they will naturally utilize different approaches to locating instances of httpd which will lead to differences in the set of collected instances of https.<br />**Comment:** This object has been deprecated and may be removed in a future version of the language.<br />
35 | 
36 | The httpd_object element is used by a httpd test to define the different httpd binary installed on a system. There is actually only one object relating to this and it is the collection of all httpd binaries. Therefore, there are no child entities defined. Any OVAL Test written to check version will reference the same httpd_object which is basically an empty object element. A tool that implements the httpd_test and collects the httpd_object must know how to find all the httpd binaries on the system and verify that they are in fact httpd binaries.
37 | 
38 | **Extends:** [oval-def:ObjectType](oval-definitions-schema.md#ObjectType) 
39 | 
40 | ## <a name="httpd_state"></a><  ~~httpd_state~~  >
41 | 
42 | > :small_red_triangle: **Deprecated As Of Version 5.8** :small_red_triangle: <br />**Reason:** The httpd_state does not specify how to detect instances of httpd and cannot be reasonably specified to allow for products to detect all instances of httpd across platforms, packaging systems, and typical user compiled and configured installations. Without a proper definition of how to identify instances of httpd products will not reliably produce consistent assessment results because they will naturally utilize different approaches to locating instances of httpd which will lead to differences in the set of collected instances of https.<br />**Comment:** This state has been deprecated and may be removed in a future version of the language.<br />
43 | 
44 | The httpd_state element defines information associated with a specific httpd binary.
45 | 
46 | **Extends:** [oval-def:StateType](oval-definitions-schema.md#StateType) 
47 | 
48 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
49 | |:-------------- |:--------------------------- |  
50 | | path | [oval-def:EntityStateStringType](oval-definitions-schema.md#EntityStateStringType)  (0..1) |  
51 | ||<div>The path element specifies the directory component of the absolute path to a httpd binary on the system.</div>|  
52 | | binary_name | [oval-def:EntityStateStringType](oval-definitions-schema.md#EntityStateStringType)  (0..1) |  
53 | ||<div>The binary_name element specifies the name of the file. If the xsi:nil attribute is set to true, then the object being specified is the higher level path. In this case, the binary_name element should not be collected or used in analysis. Setting xsi:nil equal to true is different than using a .* pattern match, says to collect every file under a given path.</div>|  
54 | | version | [oval-def:EntityStateVersionType](oval-definitions-schema.md#EntityStateVersionType)  (0..1) |  
55 | ||<div>The version entity is used to check the version of the httpd binary. The datatype for the version entity is 'version' which means the value should be a delimited set of numbers. It is obtained by running 'httpd -v'.</div>|  
56 |   
57 | 


--------------------------------------------------------------------------------
/docs/apache-system-characteristics-schema.md:
--------------------------------------------------------------------------------
 1 | # Open Vulnerability and Assessment Language: Element Dictionary
 2 | 
 3 | * Schema: Apache System Characteristics  
 4 | * Version: 5.11.1:1.1  
 5 | * Release Date: 11/30/2016 09:00:00 AM
 6 | 
 7 | The following is a description of the elements, types, and attributes that compose the Apache specific system characteristic items found in Open Vulnerability and Assessment Language (OVAL). Each item is an extension of the standard item element defined in the Core System Characteristic Schema. Through extension, each item inherits a set of elements and attributes that are shared amongst all OVAL Items. Each item is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core System Characteristic Schema is not outlined here.
 8 | 
 9 | The OVAL Schema is maintained by the OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.cisecurity.org.
10 | 
11 | ______________
12 |   
13 | ## <a name="httpd_item"></a><  ~~httpd_item~~  >
14 | 
15 | > :small_red_triangle: **Deprecated As Of Version 5.8** :small_red_triangle: <br />**Reason:** The httpd_item does not specify how to detect instances of httpd and cannot be reasonably specified to allow for products to detect all instances of httpd across platforms, packaging systems, and typical user compiled and configured installations. Without a proper definition of how to identify instances of httpd products will not reliably produce consistent assessment results because they will naturally utilize different approaches to locating instances of httpd which will lead to differences in the set of collected instances of https.<br />**Comment:** This item has been deprecated and may be removed in a future version of the language.<br />
16 | 
17 | The httpd item holds information about a installed Apache HTTPD binary. It extends the standard ItemType as defined in the oval-system-characteristics schema and one should refer to the ItemType description for more information.
18 | 
19 | **Extends:** [oval-sc:ItemType](oval-system-characteristics-schema.md#ItemType) 
20 | 
21 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
22 | |:-------------- |:--------------------------- |  
23 | | path | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
24 | ||<div>The path element specifies the directory component of the absolute path to a httpd binary found on the system.</div>|  
25 | | binary_name | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
26 | ||<div>The name of the httpd binary.</div>|  
27 | | version | [oval-sc:EntityItemVersionType](oval-system-characteristics-schema.md#EntityItemVersionType)  (0..1) |  
28 | ||<div>The version entity holds the version of the specified httpd binary.</div>|  
29 |   
30 | 


--------------------------------------------------------------------------------
/docs/catos-system-characteristics-schema.md:
--------------------------------------------------------------------------------
 1 | # Open Vulnerability and Assessment Language: Element Dictionary
 2 | 
 3 | * Schema: CatOS System Characteristics  
 4 | * Version: 5.11.1:1.1  
 5 | * Release Date: 11/30/2016 09:00:00 AM
 6 | 
 7 | The following is a description of the elements, types, and attributes that compose the Cisco CatOS specific system characteristic items found in Open Vulnerability and Assessment Language (OVAL). Each item is an extension of the standard test element defined in the Core Definition Schema. Through extension, each test inherits a set of elements and attributes that are shared amongst all OVAL tests. Each test is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core Definition Schema is not outlined here.
 8 | 
 9 | This schema was originally developed by Yuzheng Zhou at Hewlett-Packard. The OVAL Schema is maintained by the OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.cisecurity.org.
10 | 
11 | ______________
12 |   
13 | ## <a name="line_item"></a>< line_item >
14 | 
15 | Stores the properties of specific lines in the catos config file.
16 | 
17 | **Extends:** [oval-sc:ItemType](oval-system-characteristics-schema.md#ItemType) 
18 | 
19 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
20 | |:-------------- |:--------------------------- |  
21 | | show_subcommand | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
22 | ||<div>The name of the SHOW sub-command.</div>|  
23 | | config_line | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
24 | ||<div>The value returned from by the specified SHOW sub-command.</div>|  
25 |   
26 | ______________
27 |   
28 | ## <a name="module_item"></a>< module_item >
29 | 
30 | Stores results from SHOW MODULE command.
31 | 
32 | **Extends:** [oval-sc:ItemType](oval-system-characteristics-schema.md#ItemType) 
33 | 
34 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
35 | |:-------------- |:--------------------------- |  
36 | | module_number | [oval-sc:EntityItemIntType](oval-system-characteristics-schema.md#EntityItemIntType)  (0..1) |  
37 | ||<div></div>|  
38 | | type | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
39 | ||<div></div>|  
40 | | model | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
41 | ||<div></div>|  
42 | | software_major_release | [oval-sc:EntityItemVersionType](oval-system-characteristics-schema.md#EntityItemVersionType)  (0..1) |  
43 | ||<div></div>|  
44 | | software_individual_release | [oval-sc:EntityItemIntType](oval-system-characteristics-schema.md#EntityItemIntType)  (0..1) |  
45 | ||<div></div>|  
46 | | software_version_id | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
47 | ||<div></div>|  
48 | | hardware_major_release | [oval-sc:EntityItemVersionType](oval-system-characteristics-schema.md#EntityItemVersionType)  (0..1) |  
49 | ||<div></div>|  
50 | | hardware_individual_release | [oval-sc:EntityItemIntType](oval-system-characteristics-schema.md#EntityItemIntType)  (0..1) |  
51 | ||<div></div>|  
52 | | firmware_major_release | [oval-sc:EntityItemVersionType](oval-system-characteristics-schema.md#EntityItemVersionType)  (0..1) |  
53 | ||<div></div>|  
54 | | firmware_individual_release | [oval-sc:EntityItemIntType](oval-system-characteristics-schema.md#EntityItemIntType)  (0..1) |  
55 | ||<div></div>|  
56 |   
57 | ______________
58 |   
59 | ## <a name="version_item"></a>< version_item >
60 | 
61 | Stores results from SHOW VERSION command.
62 | 
63 | **Extends:** [oval-sc:ItemType](oval-system-characteristics-schema.md#ItemType) 
64 | 
65 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
66 | |:-------------- |:--------------------------- |  
67 | | switch_series | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
68 | ||<div>The switch_series entity specifies the target Catalyst switch series for the given version of CatOS.</div>|  
69 | | image_name | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
70 | ||<div>The image_name entity specifies the name of the CatOS image.</div>|  
71 | | catos_release | [oval-sc:EntityItemVersionType](oval-system-characteristics-schema.md#EntityItemVersionType)  (0..1) |  
72 | ||<div>The catos_release entity specifies the release version of CatOS.</div>|  
73 | | ~~catos_major_release~~ | ~~[oval-sc:EntityItemVersionType](oval-system-characteristics-schema.md#EntityItemVersionType)  (0..1~~) |  
74 | ||~~~~|  
75 | | ~~catos_individual_release~~ | ~~[oval-sc:EntityItemIntType](oval-system-characteristics-schema.md#EntityItemIntType)  (0..1~~) |  
76 | ||~~~~|  
77 | | ~~catos_version_id~~ | ~~[oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1~~) |  
78 | ||~~~~|  
79 |   
80 | 


--------------------------------------------------------------------------------
/docs/esx-system-characteristics-schema.md:
--------------------------------------------------------------------------------
 1 | # Open Vulnerability and Assessment Language: Element Dictionary
 2 | 
 3 | * Schema: VMware ESX server System Characteristics  
 4 | * Version: 5.11.1:1.1  
 5 | * Release Date: 11/30/2016 09:00:00 AM
 6 | 
 7 | The following is a description of the elements, types, and attributes that compose the VMware ESX server specific system characteristic items found in Open Vulnerability and Assessment Language (OVAL). Each item is an extension of the standard test element defined in the Core Definition Schema. Through extension, each test inherits a set of elements and attributes that are shared amongst all OVAL tests. Each test is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core Definition Schema is not outlined here.
 8 | 
 9 | This schema was originally developed by Yuzheng Zhou and Todd Dolinsky at Hewlett-Packard. The OVAL Schema is maintained by the OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.cisecurity.org.
10 | 
11 | ______________
12 |   
13 | ## <a name="patch_item"></a>< patch_item >
14 | 
15 | Installation information about a specific patch in the VMware ESX server. This information can be retrieved by the "esxupdate query | grep ESX-xxxxxxx" command.
16 | 
17 | **Extends:** [oval-sc:ItemType](oval-system-characteristics-schema.md#ItemType) 
18 | 
19 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
20 | |:-------------- |:--------------------------- |  
21 | | ~~patch_number~~ | ~~[oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1~~) |  
22 | ||~~<div>This is the patch number which identifies the patch being checked in current VMware ESX server. Many of the security bulletins for VMWARE ESX Server contain non-numerical characters in the patch number, therefore this entity has a datatype of string.</div>~~|  
23 | | patch_name | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
24 | ||<div>The patch_name entity indetifies the name of the patch. For example: ESX-200603 or ESX350-200904401-BG. The value of this entity should correspond to the values returned under the "name" column of the "esxupdate query" command.</div>|  
25 | | knowledge_base_id | [oval-sc:EntityItemIntType](oval-system-characteristics-schema.md#EntityItemIntType)  (0..1) |  
26 | ||<div>The knowledge_base_id entity specifies the knowledge base article identifier number associated with a given patch from ESX versions 3.0.2 and earlier. It is comprised of the numerical string at the end of the patch name. For example, the patch ESX-200603 would have a knowledge base identifier of 200603. For patches from ESX version 3.0.3 and later, the patch name uses a different format and does not include the knowledge base id. This entity should be marked with a status of 'does not exist' in those cases.</div>|  
27 | | bundle_id | [oval-sc:EntityItemIntType](oval-system-characteristics-schema.md#EntityItemIntType)  (0..1) |  
28 | ||<div>The bundle_id entity specifies the unique ID for the patch. Note that for version 3.0.3 and version 3.5 this is comprised of the year and month the bundle was released and a 3-digit unique ID. It is in the format YYYYMM###. For example, the first patch released in January 2008 might have a BundleID of 200801001. For patches from ESX version 3.0.2 and earlier, this entity should be marked with a status of 'does not exist' since patch name has a different format and doesn't include a bundle id.</div>|  
29 | | classification | [esx-sc:EntityItemClassificationType](#EntityItemClassificationType)  (0..1) |  
30 | ||<div>The classification entity specifies the type of patch. It can be one of: B - bug, U - update, S - security, or R - roll-up. For patches from ESX version 3.0.2 and earlier, this entity should be marked with a status of 'does not exist' since patch name has a different format and doesn't include a classification.</div>|  
31 | | support_level | [esx-sc:EntityItemSupportLevelType](#EntityItemSupportLevelType)  (0..1) |  
32 | ||<div>The support_level entity specifies the support level of the patch. If can be one of: G - GA patch, H - hot patch, D - debugging patch, or C - custom patch. For patches from ESX version 3.0.2 and earlier, this entity should be marked with a status of 'does not exist' since patch name has a different format and doesn't include a support level.</div>|  
33 | | status | [oval-sc:EntityItemBoolType](oval-system-characteristics-schema.md#EntityItemBoolType)  (0..1) |  
34 | ||<div>This is the installtaion status of the specific patch.</div>|  
35 |   
36 | ______________
37 |   
38 | ## <a name="version_item"></a>< version_item >
39 | 
40 | Information about the release and build version of VMware ESX server. This information can be retrieved by the "vmware -v" command or by checking the /proc/vmware/version file.
41 | 
42 | **Extends:** [oval-sc:ItemType](oval-system-characteristics-schema.md#ItemType) 
43 | 
44 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
45 | |:-------------- |:--------------------------- |  
46 | | release | [oval-sc:EntityItemVersionType](oval-system-characteristics-schema.md#EntityItemVersionType)  (0..1) |  
47 | ||<div>This is the release of current VMware ESX server.</div>|  
48 | | build | [oval-sc:EntityItemIntType](oval-system-characteristics-schema.md#EntityItemIntType)  (0..1) |  
49 | ||<div>This is the build version of current VMware ESX server.</div>|  
50 |   
51 | ______________
52 |   
53 | ## <a name="visdkmanagedobject_item"></a>< visdkmanagedobject_item >
54 | 
55 | The visdkmanagedobject_item is used to represent information about Managed Objects in the VMware Infrastructure.
56 | 
57 | **Extends:** [oval-sc:ItemType](oval-system-characteristics-schema.md#ItemType) 
58 | 
59 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
60 | |:-------------- |:--------------------------- |  
61 | | property | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
62 | ||<div>The property entity holds a string that represents the object path and name of a particular setting for the Managed Entity. In the VMware Infrastructure SDK, property names are case-sensitive and thus case must be correct relative to the properties in the SDK. For example, a Virtual Machine might have ethernet0.connectionType of 'bridged'.</div>|  
63 | | value | [oval-sc:EntityItemAnySimpleType](oval-system-characteristics-schema.md#EntityItemAnySimpleType)  (0..unbounded) |  
64 | ||<div>The value entity holds a string that represents a value that's associated with the specified setting for the Managed Entity. Some properties will return an array of values. In such cases consider each value individually and then make final evaluation based on the entity_check attribute.</div>|  
65 |   
66 | ## <a name="EntityItemClassificationType"></a>== EntityItemClassificationType ==
67 | 
68 | The EntityItemClassificationType complex type restricts a string value to a specific set of values that describe the classification of a given ESX Server patch. The empty string is also allowed to support empty elements associated with error conditions.
69 | 
70 | **Restricts:** [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType) 
71 | 
72 | | Value | Description |  
73 | | ----- | ----------- |  
74 | | B | <div>Bug patches fix minor flaws that affect product functionality or behavior. Bug patches are optional. Before they are applied, one should determine whether they are necessary for your environment.</div> |  
75 | | R | <div>Roll‐up patches contain any number of bundles for ESX Server 3.0.3 or ESX Server 3.5 hosts. They can contain bug patches, update patches, and security patches. They do not contain upgrade bundles for minor releases or update bundles for maintenance releases.</div> |  
76 | | S | <div>Security patches fix one or more potential security vulnerabilities in the product. They should be implemented immediately to prevent the vulnerabilities from being exploited.</div> |  
77 | | U | <div>Update patches can contain new driver updates and small non‐intrusive enhancements. Before they are applied, one should determine whether they are necessary for your environment.</div> |  
78 | |  | <div>The empty string value is permitted here to allow for detailed error reporting.</div> |  
79 |   
80 | ## <a name="EntityItemSupportLevelType"></a>== EntityItemSupportLevelType ==
81 | 
82 | The EntityItemSupportLevelType complex type restricts a string value to a specific set of values that describe the support level of a given ESX Server patch. The empty string is also allowed to support empty elements associated with error conditions.
83 | 
84 | **Restricts:** [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType) 
85 | 
86 | | Value | Description |  
87 | | ----- | ----------- |  
88 | | C | <div>Custom patches are special fixes provided to a customer. They are usually specific to customer's environment, and are most likely not required by customers not reporting the issue. Custom patches have been tested in the customer's environment.</div> |  
89 | | D | <div>Debugging patches are released to all customers and are used by VMware to troubleshoot complex product issues. They can contain debug messages and code, and drivers. Debugging patches usually require VMware assistance to install.</div> |  
90 | | G | <div>GA patches are released to all customers and have been thoroughly tested. They contain fixes for ESX Server 3 software issues.</div> |  
91 | | H | <div>Hot patches are released to specific customers for solving critical problems specific to their environment. They contain fixes for security issues or problems that can potentially cause data loss or severe service disruptions. Hot patches should be implemented immediately.</div> |  
92 | |  | <div>The empty string value is permitted here to allow for detailed error reporting.</div> |  
93 |   
94 | 


--------------------------------------------------------------------------------
/docs/evaluation-ids.md:
--------------------------------------------------------------------------------
 1 | # Open Vulnerability and Assessment Language: Element Dictionary
 2 | 
 3 | * Schema: OVAL Definition Interpreter - Evaluation Id Schema  
 4 | * Version: 5.11.2  
 5 | * Release Date: 11/30/2016 09:00:00 AM
 6 | 
 7 | This schema defines an xml format for inputing a set of OVAL Definition ids into the reference OVAL Interpreter for evaluation.
 8 | 
 9 | ______________
10 |   
11 | ## <a name="evalutation-definition-ids"></a>< evalutation-definition-ids >
12 | 
13 | The evaluation-definition-ids element is the root the Document. Its purpose is to bind together the a set of definition elements.
14 | 
15 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
16 | |:-------------- |:--------------------------- |  
17 | | definition | [oval:DefinitionIDPattern](oval-common-schema.md#DefinitionIDPattern)  (1..unbounded) |  
18 | ||<div>Each definition represents the id of a definition to be evaluated.</div>|  
19 |   
20 | 


--------------------------------------------------------------------------------
/docs/freebsd-definitions-schema.md:
--------------------------------------------------------------------------------
 1 | # Open Vulnerability and Assessment Language: Element Dictionary
 2 | 
 3 | * Schema: FreeBSD Definition  
 4 | * Version: 5.11.1:1.1  
 5 | * Release Date: 11/30/2016 09:00:00 AM
 6 | 
 7 | The following is a description of the elements, types, and attributes that compose the FreeBSD specific tests found in Open Vulnerability and Assessment Language (OVAL). Each test is an extension of the standard test element defined in the Core Definition Schema. Through extension, each test inherits a set of elements and attributes that are shared amongst all OVAL tests. Each test is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core Definition Schema is not outlined here.
 8 | 
 9 | The OVAL Schema is maintained by the OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.cisecurity.org.
10 | 
11 | ## Test Listing
12 | 
13 |  *[ portinfo_test ](#portinfo_test)  
14 |   
15 | ______________
16 |   
17 | ## <a name="portinfo_test"></a>< portinfo_test >
18 | 
19 | The port info test is used to check the properties of a component of a FreeBSD system. It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more information. The required object element references an portinfo_object and the optional state element specifies the data to check.
20 | 
21 | **Extends:** [oval-def:TestType](oval-definitions-schema.md#TestType) 
22 | 
23 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
24 | |:-------------- |:--------------------------- |  
25 | | object | [oval-def:ObjectRefType](oval-definitions-schema.md#ObjectRefType)  (1..1) |  
26 | |||  
27 | | state | [oval-def:StateRefType](oval-definitions-schema.md#StateRefType)  (0..unbounded) |  
28 | |||  
29 |   
30 | ## <a name="portinfo_object"></a>< portinfo_object >
31 | 
32 | The portinfo_object element is used by a port info test to define the specific FreeBSD package to be evaluated. Each object extends the standard ObjectType as defined in the oval-definitions-schema and one should refer to the ObjectType description for more information. The common set element allows complex objects to be created using filters and set logic. Again, please refer to the description of the set element in the oval-definitions-schema.
33 | 
34 | A port info object consists of a single pkginst element that identifies a specific package.
35 | 
36 | **Extends:** [oval-def:ObjectType](oval-definitions-schema.md#ObjectType) 
37 | 
38 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
39 | |:-------------- |:--------------------------- |  
40 | | pkginst | [oval-def:EntityObjectStringType](oval-definitions-schema.md#EntityObjectStringType)  (1..1) |  
41 | ||<div></div>|  
42 | | [oval-def:filter](oval-definitions-schema.md#filter)  | n/a (0..unbounded) |  
43 | |||  
44 |   
45 | ## <a name="portinfo_state"></a>< portinfo_state >
46 | 
47 | The portinfo_state element defines the different information that can be used to evaluate the specified package. This includes the name, category, version, vendor, and description. Please refer to the individual elements in the schema for more details about what each represents.
48 | 
49 | **Extends:** [oval-def:StateType](oval-definitions-schema.md#StateType) 
50 | 
51 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
52 | |:-------------- |:--------------------------- |  
53 | | pkginst | [oval-def:EntityStateStringType](oval-definitions-schema.md#EntityStateStringType)  (0..1) |  
54 | ||<div></div>|  
55 | | name | [oval-def:EntityStateStringType](oval-definitions-schema.md#EntityStateStringType)  (0..1) |  
56 | ||<div>The name of a package.</div>|  
57 | | category | [oval-def:EntityStateStringType](oval-definitions-schema.md#EntityStateStringType)  (0..1) |  
58 | ||<div></div>|  
59 | | version | Restriction of [oval-def:EntityStateAnySimpleType](oval-definitions-schema.md#EntityStateAnySimpleType) . See schema for details. (0..1) |  
60 | ||<div>The version of a package.</div>|  
61 | | vendor | [oval-def:EntityStateStringType](oval-definitions-schema.md#EntityStateStringType)  (0..1) |  
62 | ||<div></div>|  
63 | | description | [oval-def:EntityStateStringType](oval-definitions-schema.md#EntityStateStringType)  (0..1) |  
64 | ||<div></div>|  
65 |   
66 | 


--------------------------------------------------------------------------------
/docs/freebsd-system-characteristics-schema.md:
--------------------------------------------------------------------------------
 1 | # Open Vulnerability and Assessment Language: Element Dictionary
 2 | 
 3 | * Schema: FreeBSD System Characteristics  
 4 | * Version: 5.11.1:1.1  
 5 | * Release Date: 11/30/2016 09:00:00 AM
 6 | 
 7 | The following is a description of the elements, types, and attributes that compose the FreeBSD specific system characteristic items found in Open Vulnerability and Assessment Language (OVAL). Each item is an extension of the standard test element defined in the Core Definition Schema. Through extension, each test inherits a set of elements and attributes that are shared amongst all OVAL tests. Each test is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core Definition Schema is not outlined here.
 8 | 
 9 | The OVAL Schema is maintained by the OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.cisecurity.org.
10 | 
11 | ______________
12 |   
13 | ## <a name="portinfo_item"></a>< portinfo_item >
14 | 
15 | 
16 | 
17 | **Extends:** [oval-sc:ItemType](oval-system-characteristics-schema.md#ItemType) 
18 | 
19 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
20 | |:-------------- |:--------------------------- |  
21 | | pkginst | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
22 | ||<div></div>|  
23 | | name | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
24 | ||<div></div>|  
25 | | category | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
26 | ||<div></div>|  
27 | | version | Restriction of [oval-sc:EntityItemAnySimpleType](oval-system-characteristics-schema.md#EntityItemAnySimpleType) . See schema for details. (0..1) |  
28 | ||<div></div>|  
29 | | vendor | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
30 | ||<div></div>|  
31 | | description | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
32 | ||<div></div>|  
33 |   
34 | 


--------------------------------------------------------------------------------
/docs/hpux-system-characteristics-schema.md:
--------------------------------------------------------------------------------
  1 | # Open Vulnerability and Assessment Language: Element Dictionary
  2 | 
  3 | * Schema: HP-UX System Characteristics  
  4 | * Version: 5.11.1:1.1  
  5 | * Release Date: 11/30/2016 09:00:00 AM
  6 | 
  7 | The following is a description of the elements, types, and attributes that compose the HP-UX specific system characteristic items found in Open Vulnerability and Assessment Language (OVAL). Each item is an extension of the standard item element defined in the Core System Characteristic Schema. Through extension, each item inherits a set of elements and attributes that are shared amongst all OVAL Items. Each item is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core System Characteristic Schema is not outlined here.
  8 | 
  9 | The OVAL Schema is maintained by the OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.cisecurity.org.
 10 | 
 11 | ______________
 12 |   
 13 | ## <a name="getconf_item"></a>< getconf_item >
 14 | 
 15 | These items contain getconf items.
 16 | 
 17 | **Extends:** [oval-sc:ItemType](oval-system-characteristics-schema.md#ItemType) 
 18 | 
 19 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
 20 | |:-------------- |:--------------------------- |  
 21 | | parameter_name | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
 22 | ||<div>This is the parameter name to check</div>|  
 23 | | pathname | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
 24 | ||<div>This is the pathname to check</div>|  
 25 | | output | [oval-sc:EntityItemAnySimpleType](oval-system-characteristics-schema.md#EntityItemAnySimpleType)  (0..1) |  
 26 | ||<div>The output produced by the getconf command.</div>|  
 27 |   
 28 | ______________
 29 |   
 30 | ## <a name="ndd_item"></a>< ndd_item >
 31 | 
 32 | This item represents data collected by the ndd command.
 33 | 
 34 | **Extends:** [oval-sc:ItemType](oval-system-characteristics-schema.md#ItemType) 
 35 | 
 36 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
 37 | |:-------------- |:--------------------------- |  
 38 | | device | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
 39 | ||<div>The name of the device for which the parameter was collected.</div>|  
 40 | | parameter | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
 41 | ||<div>The name of a parameter for example, ip_forwarding</div>|  
 42 | | value | [oval-sc:EntityItemAnySimpleType](oval-system-characteristics-schema.md#EntityItemAnySimpleType)  (0..1) |  
 43 | ||<div>The observed value of the named parameter.</div>|  
 44 |   
 45 | ______________
 46 |   
 47 | ## <a name="patch_item"></a>< patch_item >
 48 | 
 49 | From /usr/sbin/swlist -l patch PHxx_yyyyy. See swlist manpage for specific fields
 50 | 
 51 | **Extends:** [oval-sc:ItemType](oval-system-characteristics-schema.md#ItemType) 
 52 | 
 53 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
 54 | |:-------------- |:--------------------------- |  
 55 | | patch_name | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
 56 | ||<div>This is the patch name to check.</div>|  
 57 | | swtype | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
 58 | ||<div>HP-UX patch names begin with 'PH'</div>|  
 59 | | area_patched | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
 60 | ||<div>The third and fourth characters in HP-UX patch names indicate the area of software being patched. CO - General HP-UX commands KL - Kernel patches NE - Network specific patches SS - All other subsystems (X11, starbase, etc.)</div>|  
 61 | | patch_base | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
 62 | ||<div>The sixth through tenth characters in HP-UX patch names represent a unique numeric identifier for the patch.</div>|  
 63 |   
 64 | ______________
 65 |   
 66 | ## <a name="swlist_item"></a>< swlist_item >
 67 | 
 68 | Output of /usr/sbin/swlist command. Note: A quick way to check for the installation of a specific fileset is to use the command 'swlist -a version -l fileset filesetname'. See manpage for swlist for explanation of additional command options.
 69 | 
 70 | **Extends:** [oval-sc:ItemType](oval-system-characteristics-schema.md#ItemType) 
 71 | 
 72 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
 73 | |:-------------- |:--------------------------- |  
 74 | | swlist | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
 75 | ||<div>This is the name of the bundle or fileset to check.</div>|  
 76 | | bundle | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
 77 | ||<div></div>|  
 78 | | fileset | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
 79 | ||<div></div>|  
 80 | | version | Restriction of [oval-sc:EntityItemAnySimpleType](oval-system-characteristics-schema.md#EntityItemAnySimpleType) . See schema for details. (0..1) |  
 81 | ||<div></div>|  
 82 | | title | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
 83 | ||<div></div>|  
 84 | | vendor | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
 85 | ||<div></div>|  
 86 |   
 87 | ______________
 88 |   
 89 | ## <a name="trusted_item"></a>< trusted_item >
 90 | 
 91 | These items contain account settings for trusted HP-UX installations.
 92 | 
 93 | **Extends:** [oval-sc:ItemType](oval-system-characteristics-schema.md#ItemType) 
 94 | 
 95 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
 96 | |:-------------- |:--------------------------- |  
 97 | | username | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
 98 | ||<div>This is the name of the user being checked</div>|  
 99 | | uid | [oval-sc:EntityItemIntType](oval-system-characteristics-schema.md#EntityItemIntType)  (0..1) |  
100 | ||<div>The user's ID</div>|  
101 | | password | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
102 | ||<div>This is the encrypted version of the user's password</div>|  
103 | | account_owner | [oval-sc:EntityItemIntType](oval-system-characteristics-schema.md#EntityItemIntType)  (0..1) |  
104 | ||<div>The Account owner for pseudo-users</div>|  
105 | | boot_auth | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
106 | ||<div>Boot authorization</div>|  
107 | | audit_id | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
108 | ||<div>getprpwaid uses the audit ID rather than the UID</div>|  
109 | | audit_flag | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
110 | ||<div></div>|  
111 | | pw_change_min | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
112 | ||<div>Minimum time between password changes</div>|  
113 | | pw_max_size | [oval-sc:EntityItemIntType](oval-system-characteristics-schema.md#EntityItemIntType)  (0..1) |  
114 | ||<div>Maximum password length in characters</div>|  
115 | | pw_expiration | [oval-sc:EntityItemIntType](oval-system-characteristics-schema.md#EntityItemIntType)  (0..1) |  
116 | ||<div>Password expiration time in seconds</div>|  
117 | | pw_life | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
118 | ||<div>Trusted lifetime, after which the account is locked</div>|  
119 | | pw_change_s | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
120 | ||<div>Time of last successful password change</div>|  
121 | | pw_change_u | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
122 | ||<div>Time of last unsuccessful password change</div>|  
123 | | acct_expire | [oval-sc:EntityItemIntType](oval-system-characteristics-schema.md#EntityItemIntType)  (0..1) |  
124 | ||<div>Absolute account lifetime in seconds</div>|  
125 | | max_llogin | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
126 | ||<div>Maximum time allowed between logins before the account is locked</div>|  
127 | | exp_warning | [oval-sc:EntityItemIntType](oval-system-characteristics-schema.md#EntityItemIntType)  (0..1) |  
128 | ||<div>The time in seconds before expiration when a warning will appear</div>|  
129 | | usr_chg_pw | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
130 | ||<div>Who can change this user's password</div>|  
131 | | gen_pw | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
132 | ||<div>Allows user to use system-generated passwords</div>|  
133 | | pw_restrict | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
134 | ||<div>Whether a triviality check is performed on user-generated passwords</div>|  
135 | | pw_null | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
136 | ||<div>Determines if null passwords are allowed for this account</div>|  
137 | | pw_gen_char | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
138 | ||<div>Allows password generator to use random printable ASCII characters</div>|  
139 | | pw_gen_let | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
140 | ||<div>Allows password generator to use random letters</div>|  
141 | | login_time | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
142 | ||<div>Specifies the times when the user may login to this account</div>|  
143 | | pw_changer | [oval-sc:EntityItemIntType](oval-system-characteristics-schema.md#EntityItemIntType)  (0..1) |  
144 | ||<div>The user ID of the user who last changed the password on the user's account, if it was not the account owner</div>|  
145 | | login_time_s | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
146 | ||<div>The time of the last successful login using this account</div>|  
147 | | login_time_u | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
148 | ||<div>The time of the last unsuccessful login using this account</div>|  
149 | | login_tty_s | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
150 | ||<div>The terminal or remote host associated with the last successful login to the account</div>|  
151 | | login_tty_u | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
152 | ||<div>The terminal or remote hosts associated with the last unsuccessful login to the account</div>|  
153 | | num_u_logins | [oval-sc:EntityItemIntType](oval-system-characteristics-schema.md#EntityItemIntType)  (0..1) |  
154 | ||<div>The number of unsuccessful login attempts since that last successful login</div>|  
155 | | max_u_logins | [oval-sc:EntityItemIntType](oval-system-characteristics-schema.md#EntityItemIntType)  (0..1) |  
156 | ||<div>The maximum number of unsuccessful login attempts before the account is locked</div>|  
157 | | lock_flag | [oval-sc:EntityItemBoolType](oval-system-characteristics-schema.md#EntityItemBoolType)  (0..1) |  
158 | ||<div>Indicates whether the administrative lock on the account is set</div>|  
159 |   
160 | 


--------------------------------------------------------------------------------
/docs/junos-definitions-schema.md:
--------------------------------------------------------------------------------
  1 | # Open Vulnerability and Assessment Language: Element Dictionary
  2 | 
  3 | * Schema: Junos Definition  
  4 | * Version: 5.11.1:1.1  
  5 | * Release Date: 11/30/2016 09:00:00 AM
  6 | 
  7 | The following is a description of the elements, types, and attributes that compose the Junos-specific tests found in Open Vulnerability and Assessment Language (OVAL). Each test is an extension of the standard test element defined in the Core Definition Schema. Through extension, each test inherits a set of elements and attributes that are shared amongst all OVAL tests. Each test is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core Definition Schema is not outlined here.
  8 | 
  9 | This schema was originally developed by David Solin at jOVAL.org. The OVAL Schema is maintained by the OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.cisecurity.org.
 10 | 
 11 | ## Test Listing
 12 | 
 13 |  *[ xml_config_test ](#xml_config_test)  
 14 |  *[ show_test ](#show_test)  
 15 |  *[ version_test ](#version_test)  
 16 |  *[ xml_show_test ](#xml_show_test)  
 17 |   
 18 | ______________
 19 |   
 20 | ## <a name="xml_config_test"></a>< xml_config_test >
 21 | 
 22 | **Extends:** [oval-def:TestType](oval-definitions-schema.md#TestType) 
 23 | 
 24 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
 25 | |:-------------- |:--------------------------- |  
 26 | | object | [oval-def:ObjectRefType](oval-definitions-schema.md#ObjectRefType)  (1..1) |  
 27 | |||  
 28 | | state | [oval-def:StateRefType](oval-definitions-schema.md#StateRefType)  (0..unbounded) |  
 29 | |||  
 30 |   
 31 | ## <a name="xml_config_object"></a>< xml_config_object >
 32 | 
 33 | The xml_config_object element is used by an XML config test to define the object to be evaluated. For the most part this object checks for existence and is used without a state comparision. Each object extends the standard ObjectType as defined in the oval-definitions-schema and one should refer to the ObjectType description for more information. The common set element allows complex objects to be created using filters and set logic. Again, please refer to the description of the set element in the oval-definitions-schema.
 34 | 
 35 | **Extends:** [oval-def:ObjectType](oval-definitions-schema.md#ObjectType) 
 36 | 
 37 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
 38 | |:-------------- |:--------------------------- |  
 39 | | xpath | [oval-def:EntityObjectStringType](oval-definitions-schema.md#EntityObjectStringType)  (1..1) |  
 40 | ||<div>An XPATH 1.0 expression that should be evaluated against the XML configuration file. Any valid XPATH 1.0 statement is usable with one exception, at most one field may be identified in the XPATH. This is because the value_of element in the data section is only designed to work against a single field. The only valid operator for xpath is equals since there is an infinite number of possible xpaths and determinining all those that do not equal a given xpath would be impossible.</div>|  
 41 | | [oval-def:filter](oval-definitions-schema.md#filter)  | n/a (0..unbounded) |  
 42 | |||  
 43 |   
 44 | ## <a name="xml_config_state"></a>< xml_config_state >
 45 | 
 46 | The xml_config_state element defines the different information that can be used to evaluate the result of an XPATH query against the XML configuration file. Please refer to the individual elements in the schema for more details about what each represents.
 47 | 
 48 | **Extends:** [oval-def:StateType](oval-definitions-schema.md#StateType) 
 49 | 
 50 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
 51 | |:-------------- |:--------------------------- |  
 52 | | xpath | [oval-def:EntityStateStringType](oval-definitions-schema.md#EntityStateStringType)  (0..1) |  
 53 | ||<div>An XPATH 1.0 expression that was evaluated against the XML config file.</div>|  
 54 | | value_of | [oval-def:EntityStateAnySimpleType](oval-definitions-schema.md#EntityStateAnySimpleType)  (0..1) |  
 55 | ||<div>The result of the evaluation of the XPATH expression against the XML config file.</div>|  
 56 |   
 57 | ______________
 58 |   
 59 | ## <a name="show_test"></a>< show_test >
 60 | 
 61 | The show test is used to check the properties of specific output lines from a SHOW command, such as "show configuration". It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more information. The required object element references a show_object and the optional state element specifies the data to check.
 62 | 
 63 | **Extends:** [oval-def:TestType](oval-definitions-schema.md#TestType) 
 64 | 
 65 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
 66 | |:-------------- |:--------------------------- |  
 67 | | object | [oval-def:ObjectRefType](oval-definitions-schema.md#ObjectRefType)  (1..1) |  
 68 | |||  
 69 | | state | [oval-def:StateRefType](oval-definitions-schema.md#StateRefType)  (0..unbounded) |  
 70 | |||  
 71 |   
 72 | ## <a name="show_object"></a>< show_object >
 73 | 
 74 | The show_object element is used by a show test to define the object to be evaluated. Each object extends the standard ObjectType as defined in the oval-definitions-schema and one should refer to the ObjectType description for more information. The common set element allows complex objects to be created using filters and set logic. Again, please refer to the description of the set element in the oval-definitions-schema.
 75 | 
 76 | **Extends:** [oval-def:ObjectType](oval-definitions-schema.md#ObjectType) 
 77 | 
 78 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
 79 | |:-------------- |:--------------------------- |  
 80 | | subcommand | [oval-def:EntityObjectStringType](oval-definitions-schema.md#EntityObjectStringType)  (1..1) |  
 81 | ||<div>The name of a SHOW sub-command to be tested.</div>|  
 82 | | [oval-def:filter](oval-definitions-schema.md#filter)  | n/a (0..unbounded) |  
 83 | |||  
 84 |   
 85 | ## <a name="show_state"></a>< show_state >
 86 | 
 87 | The show_state element defines the different information that can be used to evaluate the result of a specific SHOW sub-command. This includes the name of the sub-command and the corresponding config output. Please refer to the individual elements in the schema for more details about what each represents.
 88 | 
 89 | **Extends:** [oval-def:StateType](oval-definitions-schema.md#StateType) 
 90 | 
 91 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
 92 | |:-------------- |:--------------------------- |  
 93 | | subcommand | [oval-def:EntityStateStringType](oval-definitions-schema.md#EntityStateStringType)  (0..1) |  
 94 | ||<div>The name of the SHOW sub-command.</div>|  
 95 | | value | [oval-def:EntityStateStringType](oval-definitions-schema.md#EntityStateStringType)  (0..1) |  
 96 | ||<div>The value returned from by the specified SHOW sub-command. This may consist of multiple lines of information, whose raw form will be captured by the item.</div>|  
 97 |   
 98 | ______________
 99 |   
100 | ## <a name="version_test"></a>< version_test >
101 | 
102 | The version_test is used to check the version of components of the JunOS operating system. It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more information. The required object element references a version_object and the optional state element specifies the data to check.
103 | 
104 | **Extends:** [oval-def:TestType](oval-definitions-schema.md#TestType) 
105 | 
106 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
107 | |:-------------- |:--------------------------- |  
108 | | object | [oval-def:ObjectRefType](oval-definitions-schema.md#ObjectRefType)  (1..1) |  
109 | |||  
110 | | state | [oval-def:StateRefType](oval-definitions-schema.md#StateRefType)  (0..unbounded) |  
111 | |||  
112 |   
113 | ## <a name="version_object"></a>< version_object >
114 | 
115 | The version_object element is used by a version_test to define the different version information associated with a JunOS system.
116 | 
117 | **Extends:** [oval-def:ObjectType](oval-definitions-schema.md#ObjectType) 
118 | 
119 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
120 | |:-------------- |:--------------------------- |  
121 | | component | [oval-def:EntityObjectStringType](oval-definitions-schema.md#EntityObjectStringType)  (1..1) |  
122 | ||<div>The name of the JunOS component whose version should be retrieved.</div>|  
123 | | [oval-def:filter](oval-definitions-schema.md#filter)  | n/a (0..unbounded) |  
124 | |||  
125 |   
126 | ## <a name="version_state"></a>< version_state >
127 | 
128 | The version_state element defines the version information held by a JunOS component.
129 | 
130 | **Extends:** [oval-def:StateType](oval-definitions-schema.md#StateType) 
131 | 
132 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
133 | |:-------------- |:--------------------------- |  
134 | | component | [oval-def:EntityStateStringType](oval-definitions-schema.md#EntityStateStringType)  (0..1) |  
135 | ||<div>The name of the JunOS component whose version should be retrieved.</div>|  
136 | | raw_value | [oval-def:EntityStateStringType](oval-definitions-schema.md#EntityStateStringType)  (0..1) |  
137 | ||<div>The raw release version string for the component, e.g., 12.2R6.1 or 12.1X44-D10.4.</div>|  
138 | | major | [oval-def:EntityStateIntType](oval-definitions-schema.md#EntityStateIntType)  (0..1) |  
139 | ||<div>The part of the release version of the component corresponding to the year in which the release occurred. For example, the major value for 12.2R6.1 would be '12'.</div>|  
140 | | minor | [oval-def:EntityStateIntType](oval-definitions-schema.md#EntityStateIntType)  (0..1) |  
141 | ||<div>The part of the release version of the component corresponding to the quarter in which the release occurred. For example, the minor value for 12.2R6.1 would be '2'.</div>|  
142 | | type | [junos-def:EntityStateJunosReleaseTypeType](#EntityStateJunosReleaseTypeType)  (0..1) |  
143 | ||<div>The release type embedded in the version of the component. For example, the type value for 12.2R6.1 is 'R'.</div>|  
144 | | build | [oval-def:EntityStateIntType](oval-definitions-schema.md#EntityStateIntType)  (0..1) |  
145 | ||<div>The build number of the component's version. For example, the revision for 12.2R6.1 has a build number of '6'; 12.1X44-D10.4 has a build number of '44'.</div>|  
146 | | maintenance_release | [oval-def:EntityStateIntType](oval-definitions-schema.md#EntityStateIntType)  (0..1) |  
147 | ||<div>A maintenance_release value can appear in an R-type service release or an X-type release (where it takes the value of the D-number). For example, version 14.2R3-S4.5 has a maintenance_release of '4'. For version 10.4S4.2, the maintenance_release entity would have a status of 'does not exist'. For version 12.1X44-D10.4, the maintenance_release entity value would be '10'.</div>|  
148 | | spin | [oval-def:EntityStateIntType](oval-definitions-schema.md#EntityStateIntType)  (0..1) |  
149 | ||<div>The spin number of the component. For example, 12.2R6.1 has a spin value of '1'; 12.1X44-D10.4 has a spin value of '4'.</div>|  
150 | | build_date | [oval-def:EntityStateIntType](oval-definitions-schema.md#EntityStateIntType)  (0..1) |  
151 | ||<div>The build date of the component, specified in milliseconds since the Epoch (midnight, January 1, 1970 GMT).</div>|  
152 |   
153 | ______________
154 |   
155 | ## <a name="xml_show_test"></a>< xml_show_test >
156 | 
157 | The XML show test is used to check the properties of specific output from an XML SHOW command, such as "show configuration | display xml". It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more information. The required object element references a xml_show_object and the optional state element specifies the data to check.
158 | 
159 | **Extends:** [oval-def:TestType](oval-definitions-schema.md#TestType) 
160 | 
161 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
162 | |:-------------- |:--------------------------- |  
163 | | object | [oval-def:ObjectRefType](oval-definitions-schema.md#ObjectRefType)  (1..1) |  
164 | |||  
165 | | state | [oval-def:StateRefType](oval-definitions-schema.md#StateRefType)  (0..unbounded) |  
166 | |||  
167 |   
168 | ## <a name="xml_show_object"></a>< xml_show_object >
169 | 
170 | The xml_show_object element is used by an XML show test to define the object to be evaluated. Each object extends the standard ObjectType as defined in the oval-definitions-schema and one should refer to the ObjectType description for more information. The common set element allows complex objects to be created using filters and set logic. Again, please refer to the description of the set element in the oval-definitions-schema.
171 | 
172 | **Extends:** [oval-def:ObjectType](oval-definitions-schema.md#ObjectType) 
173 | 
174 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
175 | |:-------------- |:--------------------------- |  
176 | | subcommand | [oval-def:EntityObjectStringType](oval-definitions-schema.md#EntityObjectStringType)  (1..1) |  
177 | ||<div>The name of a SHOW sub-command to be tested.</div>|  
178 | | xpath | [oval-def:EntityObjectStringType](oval-definitions-schema.md#EntityObjectStringType)  (1..1) |  
179 | ||<div>An XPATH 1.0 expression that should be evaluated against the XML data resulting from the XML show subcommand. Any valid XPATH 1.0 statement is usable with one exception, at most one field may be identified in the XPATH. This is because the value_of element in the data section is only designed to work against a single field. The only valid operator for xpath is equals since there is an infinite number of possible xpaths and determinining all those that do not equal a given xpath would be impossible.</div>|  
180 | | [oval-def:filter](oval-definitions-schema.md#filter)  | n/a (0..unbounded) |  
181 | |||  
182 |   
183 | ## <a name="xml_show_state"></a>< xml_show_state >
184 | 
185 | The xml_show_state element defines the different information that can be used to evaluate the result of a specific XML SHOW sub-command. This includes the name of the sub-command, the XPATH and the corresponding XPATH query result. Please refer to the individual elements in the schema for more details about what each represents.
186 | 
187 | **Extends:** [oval-def:StateType](oval-definitions-schema.md#StateType) 
188 | 
189 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
190 | |:-------------- |:--------------------------- |  
191 | | subcommand | [oval-def:EntityStateStringType](oval-definitions-schema.md#EntityStateStringType)  (0..1) |  
192 | ||<div>The name of a SHOW sub-command to be tested.</div>|  
193 | | xpath | [oval-def:EntityStateStringType](oval-definitions-schema.md#EntityStateStringType)  (0..1) |  
194 | ||<div>An XPATH 1.0 expression that should be evaluated against the XML data resulting from the XML show subcommand.</div>|  
195 | | value_of | [oval-def:EntityStateAnySimpleType](oval-definitions-schema.md#EntityStateAnySimpleType)  (0..1) |  
196 | ||<div>The result of the evaluation of the XPATH expression against the XML data returned from the XML show subcommand.</div>|  
197 |   
198 | ## <a name="EntityStateJunosReleaseTypeType"></a>== EntityStateJunosReleaseTypeType ==
199 | 
200 | The EntityStateJunosReleaseTypeType complex type defines the different values that are valid for the release_type entity of a system_metric state. These values describe the release type specified in the raw version string.
201 | 
202 | **Restricts:** [oval-def:EntityStateStringType](oval-definitions-schema.md#EntityStateStringType) 
203 | 
204 | | Value | Description |  
205 | | ----- | ----------- |  
206 | | R | <div>Indicates a normal release.</div> |  
207 | | I | <div>Indicates an internal release.</div> |  
208 | | F | <div>Indicates a feature release.</div> |  
209 | | S | <div>Indicates a service release.</div> |  
210 | | B | <div>Indicates a beta release.</div> |  
211 | | X | <div>Indicates an exception release (e.g., every release of the SRX branch so far).</div> |  
212 | |  | <div>The empty string value is permitted here to allow for empty elements associated with variable references.</div> |  
213 |   
214 | 


--------------------------------------------------------------------------------
/docs/junos-system-characteristics-schema.md:
--------------------------------------------------------------------------------
  1 | # Open Vulnerability and Assessment Language: Element Dictionary
  2 | 
  3 | * Schema: Junos System Characteristics  
  4 | * Version: 5.11.1:1.1  
  5 | * Release Date: 11/30/2016 09:00:00 AM
  6 | 
  7 | The following is a description of the elements, types, and attributes that compose the Junos-specific system characteristic items found in Open Vulnerability and Assessment Language (OVAL). Each item is an extension of the standard item element defined in the Core System Characteristic Schema. Through extension, each item inherits a set of elements and attributes that are shared amongst all OVAL Items. Each item is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core System Characteristic Schema is not outlined here.
  8 | 
  9 | This schema was originally developed by David Solin at jOVAL.org. The OVAL Schema is maintained by the OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.cisecurity.org.
 10 | 
 11 | ______________
 12 |   
 13 | ## <a name="xml_config_item"></a>< xml_config_item >
 14 | 
 15 | Stores information about the existence of a particular XPATH query result from the JunOS XML config file.
 16 | 
 17 | **Extends:** [oval-sc:ItemType](oval-system-characteristics-schema.md#ItemType) 
 18 | 
 19 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
 20 | |:-------------- |:--------------------------- |  
 21 | | xpath | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
 22 | ||<div>An XPATH 1.0 expression that was evaluated against the XML config file.</div>|  
 23 | | value_of | [oval-sc:EntityItemAnySimpleType](oval-system-characteristics-schema.md#EntityItemAnySimpleType)  (0..unbounded) |  
 24 | ||<div>The result of the evaluation of the XPATH expression against the XML config file.</div>|  
 25 |   
 26 | ______________
 27 |   
 28 | ## <a name="show_item"></a>< show_item >
 29 | 
 30 | Stores the resulting configuration data provided by the execution of a specific show command.
 31 | 
 32 | **Extends:** [oval-sc:ItemType](oval-system-characteristics-schema.md#ItemType) 
 33 | 
 34 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
 35 | |:-------------- |:--------------------------- |  
 36 | | subcommand | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
 37 | ||<div>The name of the SHOW sub-command.</div>|  
 38 | | value | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
 39 | ||<div>The value returned from by the specified SHOW sub-command. This may consist of multiple lines of information.</div>|  
 40 |   
 41 | ______________
 42 |   
 43 | ## <a name="version_item"></a>< version_item >
 44 | 
 45 | The version_item holds information about the version of a particular component of the JunOS operating system. It extends the standard ItemType as defined in the oval-system-characteristics schema and one should refer to the ItemType description for more information.
 46 | 
 47 | **Extends:** [oval-sc:ItemType](oval-system-characteristics-schema.md#ItemType) 
 48 | 
 49 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
 50 | |:-------------- |:--------------------------- |  
 51 | | component | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
 52 | ||<div>The name of the JunOS component whose version should be retrieved.</div>|  
 53 | | raw_value | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
 54 | ||<div>The raw release version string for the component, e.g., 12.2R6.1 or 12.1X44-D10.4.</div>|  
 55 | | major | [oval-sc:EntityItemIntType](oval-system-characteristics-schema.md#EntityItemIntType)  (0..1) |  
 56 | ||<div>The part of the release version of the component corresponding to the year in which the release occurred. For example, the major value for 12.2R6.1 would be '12'.</div>|  
 57 | | minor | [oval-sc:EntityItemIntType](oval-system-characteristics-schema.md#EntityItemIntType)  (0..1) |  
 58 | ||<div>The part of the release version of the component corresponding to the quarter in which the release occurred. For example, the minor value for 12.2R6.1 would be '2'.</div>|  
 59 | | type | [junos-sc:EntityItemJunosReleaseTypeType](#EntityItemJunosReleaseTypeType)  (0..1) |  
 60 | ||<div>The release type embedded in the version of the component. For example, the type value for 12.2R6.1 is 'R'.</div>|  
 61 | | build | [oval-sc:EntityItemIntType](oval-system-characteristics-schema.md#EntityItemIntType)  (0..1) |  
 62 | ||<div>The build number of the component's version. For example, the revision for 12.2R6.1 has a build number of '6'; 12.1X44-D10.4 has a build number of '44'.</div>|  
 63 | | maintenance_release | [oval-sc:EntityItemIntType](oval-system-characteristics-schema.md#EntityItemIntType)  (0..1) |  
 64 | ||<div>A maintenance_release value can appear in an R-type service release or an X-type release (where it takes the value of the D-number). For example, version 14.2R3-S4.5 has a maintenance_release of '4'. For version 10.4S4.2, the maintenance_release entity would have a status of 'does not exist'. For version 12.1X44-D10.4, the maintenance_release entity value would be '10'.</div>|  
 65 | | spin | [oval-sc:EntityItemIntType](oval-system-characteristics-schema.md#EntityItemIntType)  (0..1) |  
 66 | ||<div>The spin number of the component. For example, 12.2R6.1 has a spin value of '1'; 12.1X44-D10.4 has a spin value of '4'.</div>|  
 67 | | build_date | [oval-sc:EntityItemIntType](oval-system-characteristics-schema.md#EntityItemIntType)  (0..1) |  
 68 | ||<div>The build date of the component, specified in milliseconds since the Epoch (midnight, January 1, 1970 GMT).</div>|  
 69 |   
 70 | ______________
 71 |   
 72 | ## <a name="xml_show_item"></a>< xml_show_item >
 73 | 
 74 | Stores the result of the application of an XPATH query applied to the JunOS configuration data provided by the execution of a specific show command, which has been piped to "display xml".
 75 | 
 76 | **Extends:** [oval-sc:ItemType](oval-system-characteristics-schema.md#ItemType) 
 77 | 
 78 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
 79 | |:-------------- |:--------------------------- |  
 80 | | subcommand | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
 81 | ||<div>The name of a SHOW sub-command to be tested.</div>|  
 82 | | xpath | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
 83 | ||<div>An XPATH 1.0 expression that should be evaluated against the XML data resulting from the XML show subcommand.</div>|  
 84 | | value_of | [oval-sc:EntityItemAnySimpleType](oval-system-characteristics-schema.md#EntityItemAnySimpleType)  (0..unbounded) |  
 85 | ||<div>The result of the evaluation of the XPATH expression against the XML data returned from the XML show subcommand.</div>|  
 86 |   
 87 | ## <a name="EntityItemJunosReleaseTypeType"></a>== EntityItemJunosReleaseTypeType ==
 88 | 
 89 | The EntityItemJunosReleaseTypeType complex type defines the different values that are valid for the release_type entity of a system_metric state. These values describe the release type specified in the raw version string.
 90 | 
 91 | **Restricts:** [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType) 
 92 | 
 93 | | Value | Description |  
 94 | | ----- | ----------- |  
 95 | | R | <div>Indicates a normal release.</div> |  
 96 | | I | <div>Indicates an internal release.</div> |  
 97 | | F | <div>Indicates a feature release.</div> |  
 98 | | S | <div>Indicates a service release.</div> |  
 99 | | B | <div>Indicates a beta release.</div> |  
100 | | X | <div>Indicates an exception release (e.g., every release of the SRX branch so far).</div> |  
101 | |  | <div>The empty string value is permitted here to allow for empty elements associated with error conditions.</div> |  
102 |   
103 | 


--------------------------------------------------------------------------------
/docs/netconf-definitions-schema.md:
--------------------------------------------------------------------------------
 1 | # Open Vulnerability and Assessment Language: Element Dictionary
 2 | 
 3 | * Schema: NETCONF Definitions  
 4 | * Version: 5.11.1:1.1  
 5 | * Release Date: 11/30/2016 09:00:00 AM
 6 | 
 7 | The following is a description of the elements, types, and attributes that compose the NETCONF (RFC 6241) protocol-specific tests found in Open Vulnerability and Assessment Language (OVAL). Each test is an extension of the standard test element defined in the Core Definition Schema. Through extension, each test inherits a set of elements and attributes that are shared amongst all OVAL tests. Each test is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core Definition Schema is not outlined here
 8 | 
 9 | This schema was originally developed by David Solin at jOVAL.org. The OVAL Schema is maintained by the OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.cisecurity.org.
10 | 
11 | ## Test Listing
12 | 
13 |  *[ config_test ](#config_test)  
14 |   
15 | ______________
16 |   
17 | ## <a name="config_test"></a>< config_test >
18 | 
19 | The config_test is used to check the properties of the XML output from a GET-CONFIG command, for the running configuration. It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more information. The required object element references a config_object and the optional state element specifies the data to check.
20 | 
21 | **Extends:** [oval-def:TestType](oval-definitions-schema.md#TestType) 
22 | 
23 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
24 | |:-------------- |:--------------------------- |  
25 | | object | [oval-def:ObjectRefType](oval-definitions-schema.md#ObjectRefType)  (1..1) |  
26 | |||  
27 | | state | [oval-def:StateRefType](oval-definitions-schema.md#StateRefType)  (0..unbounded) |  
28 | |||  
29 |   
30 | ## <a name="config_object"></a>< config_object >
31 | 
32 | The config_object element is used by a config_test to define the object to be evaluated. Each object extends the standard ObjectType as defined in the oval-definitions-schema and one should refer to the ObjectType description for more information. The common set element allows complex objects to be created using filters and set logic. Again, please refer to the description of the set element in the oval-definitions-schema.
33 | 
34 | A config_object consists of an xpath entity that contains an XPATH 1.0 query to perform on the NETCONF get-config response XML data. The response data is assumed to consist of a <data> entity in the urn:ietf:params:xml:ns:netconf:base:1.0 XML namespace, with arbitrary (i.e., vendor-specific) child nodes.
35 | 
36 | **Extends:** [oval-def:ObjectType](oval-definitions-schema.md#ObjectType) 
37 | 
38 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
39 | |:-------------- |:--------------------------- |  
40 | | xpath | [oval-def:EntityObjectStringType](oval-definitions-schema.md#EntityObjectStringType)  (1..1) |  
41 | ||<div>Specifies an Xpath expression describing the text node(s) or attribute(s) to look at. Any valid Xpath 1.0 statement is usable with one exception, at most one field may be identified in the Xpath. This is because the value_of element in the data section is only designed to work against a single field. The only valid operator for xpath is equals since there is an infinite number of possible xpaths and determinining all those that do not equal a given xpath would be impossible.</div>|  
42 | | [oval-def:filter](oval-definitions-schema.md#filter)  | n/a (0..unbounded) |  
43 | |||  
44 |   
45 | ## <a name="config_state"></a>< config_state >
46 | 
47 | The config_state element defines the different information that can be used to evaluate the result of a specific config xpath evaluation. This includes the xpath used and the value of this xpath.
48 | 
49 | **Extends:** [oval-def:StateType](oval-definitions-schema.md#StateType) 
50 | 
51 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
52 | |:-------------- |:--------------------------- |  
53 | | xpath | [oval-def:EntityStateStringType](oval-definitions-schema.md#EntityStateStringType)  (0..1) |  
54 | ||<div>Specifies an Xpath expression describing the text node(s) or attribute(s) to look at.</div>|  
55 | | value_of | [oval-def:EntityStateAnySimpleType](oval-definitions-schema.md#EntityStateAnySimpleType)  (0..1) |  
56 | ||<div>The value_of element checks the value(s) of the text node(s) or attribute(s) found.</div>|  
57 |   
58 | 


--------------------------------------------------------------------------------
/docs/netconf-system-characteristics-schema.md:
--------------------------------------------------------------------------------
 1 | # Open Vulnerability and Assessment Language: Element Dictionary
 2 | 
 3 | * Schema: NETCONF System Characteristics  
 4 | * Version: 5.11.1:1.1  
 5 | * Release Date: 11/30/2016 09:00:00 AM
 6 | 
 7 | This document outlines the items of the OVAL System Characteristics XML schema that are composed of NETCONF (RFC 6241) protocol-specific tests. Each item is an extention of a basic System Characteristics item defined in the core System Characteristics XML schema.
 8 | 
 9 | This schema was originally developed by David Solin at jOVAL.org. The OVAL Schema is maintained by the OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.cisecurity.org.
10 | 
11 | ______________
12 |   
13 | ## <a name="config_item"></a>< config_item >
14 | 
15 | This item stores results from checking the contents of an xml configuration.
16 | 
17 | **Extends:** [oval-sc:ItemType](oval-system-characteristics-schema.md#ItemType) 
18 | 
19 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
20 | |:-------------- |:--------------------------- |  
21 | | xpath | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
22 | ||<div>Specifies an Xpath expression describing the text node(s) or attribute(s) to look at.</div>|  
23 | | value_of | [oval-sc:EntityItemAnySimpleType](oval-system-characteristics-schema.md#EntityItemAnySimpleType)  (0..unbounded) |  
24 | ||<div>The value_of element checks the value(s) of the text node(s) or attribute(s) found. How this is used is entirely controlled by operator attributes.</div>|  
25 |   
26 | 


--------------------------------------------------------------------------------
/docs/oval-directives-schema.md:
--------------------------------------------------------------------------------
 1 | # Open Vulnerability and Assessment Language: Element Dictionary
 2 | 
 3 | * Schema: Core Directives  
 4 | * Version: 5.11.2  
 5 | * Release Date: 11/30/2016 09:00:00 AM
 6 | 
 7 | The following is a description of the elements, types, and attributes that compose the core schema for encoding Open Vulnerability and Assessment Language (OVAL) Directives. Each of the elements, types, and attributes that make up the Core Directives Schema are described in detail and should provide the information necessary to understand what each object represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between these objects is not outlined here.
 8 | 
 9 | The OVAL Schema is maintained by The MITRE Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.
10 | 
11 | ______________
12 |   
13 | ## <a name="oval_directives"></a>< oval_directives >
14 | 
15 | The oval_directives element is the root of an OVAL Directive Document. Its purpose is to bind together the generator and the set of directives contained in the document. The generator section must be present and provides information about when the directives document was compiled and under what version. The optional Signature element allows an XML Signature as defined by the W3C to be attached to the document. This allows authentication and data integrity to be provided to the user. Enveloped signatures are supported. More information about the official W3C Recommendation regarding XML digital signatures can be found at http://www.w3.org/TR/xmldsig-core/.
16 | 
17 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
18 | |:-------------- |:--------------------------- |  
19 | | generator | [oval:GeneratorType](oval-common-schema.md#GeneratorType)  (1..1) |  
20 | ||<div>The required generator section provides information about when the directives document was compiled and under what version.</div>|  
21 | | directives | [oval-res:DefaultDirectivesType](oval-results-schema.md#DefaultDirectivesType)  (1..1) |  
22 | ||<div>The required directives section presents flags describing what information must be been included in an oval results document. This element represents the default set of directives. These directives apply to all classes of definitions for which there is not a class specific set of directives.</div>|  
23 | | class_directives | [oval-res:ClassDirectivesType](oval-results-schema.md#ClassDirectivesType)  (0..5) |  
24 | ||<div>The optional class_directives section presents flags describing what information has been included in the results document for a specific OVAL Definition class. The directives for a particlar class override the default directives.</div>|  
25 | | [ds:Signature](http://www.w3.org/TR/xmldsig-core/#sec-Signature)  | n/a (0..1) |  
26 | ||<div>The optional Signature element allows an XML Signature as defined by the W3C to be attached to the document. This allows authentication and data integrity to be provided to the user. Enveloped signatures are supported. More information about the official W3C Recommendation regarding XML digital signatures can be found at http://www.w3.org/TR/xmldsig-core/.</div>|  
27 |   
28 | 


--------------------------------------------------------------------------------
/docs/oval-variables-schema.md:
--------------------------------------------------------------------------------
 1 | # Open Vulnerability and Assessment Language: Element Dictionary
 2 | 
 3 | * Schema: Core Variable  
 4 | * Version: 5.11.2  
 5 | * Release Date: 11/30/2016 09:00:00 AM
 6 | 
 7 | 
 8 | 
 9 | The following is a description of the elements, types, and attributes that compose the core schema for encoding Open Vulnerability and Assessment Language (OVAL) Variables. This schema is provided to give structure to any external variables and their values that an OVAL Definition is expecting.
10 | 
11 | The OVAL Schema is maintained by The MITRE Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.
12 | 
13 | ______________
14 |   
15 | ## <a name="oval_variables"></a>< oval_variables >
16 | 
17 | The oval_variables element is the root of an OVAL Variable Document. Its purpose is to bind together the different variables contained in the document. The generator section must be present and provides information about when the variable file was compiled and under what version. The optional Signature element allows an XML Signature as defined by the W3C to be attached to the document. This allows authentication and data integrity to be provided to the user. Enveloped signatures are supported. More information about the official W3C Recommendation regarding XML digital signatures can be found at http://www.w3.org/TR/xmldsig-core/.
18 | 
19 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
20 | |:-------------- |:--------------------------- |  
21 | | generator | [oval:GeneratorType](oval-common-schema.md#GeneratorType)  (1..1) |  
22 | |||  
23 | | variables | [oval-var:VariablesType](oval-variables-schema.md#VariablesType)  (0..1) |  
24 | |||  
25 | | [ds:Signature](http://www.w3.org/TR/xmldsig-core/#sec-Signature)  | n/a (0..1) |  
26 | |||  
27 |   
28 | ______________
29 |   
30 | ## <a name="VariablesType"></a>== VariablesType ==
31 | 
32 | The VariablesType complex type is a container for one or more variable elements. Each variable element holds the value of an external variable used in an OVAL Definition. Please refer to the description of the VariableType for more information about an individual variable.
33 | 
34 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
35 | |:-------------- |:--------------------------- |  
36 | | variable | [oval-var:VariableType](oval-variables-schema.md#VariableType)  (1..unbounded) |  
37 | |||  
38 |   
39 | ## <a name="VariableType"></a>== VariableType ==
40 | 
41 | Each variable element contains the associated datatype and value which will be substituted into the OVAL Definition that is referencing this specific variable.
42 | 
43 | The notes section of a variable should be used to hold information that might be helpful to someone examining the technical aspects of the variable. Please refer to the description of the NotesType complex type for more information about the notes element.
44 | 
45 | #### Attributes:
46 | 
47 | *	**id** [oval:VariableIDPattern](oval-common-schema.md#VariableIDPattern)  (required)  
48 | *	**datatype** [oval:SimpleDatatypeEnumeration](oval-common-schema.md#SimpleDatatypeEnumeration)  (required)  
49 | Note that the 'record' datatype is not permitted on variables.  
50 | *	**instance** xsd:nonNegativeInteger  
51 | Use to specify multiple variable instances.  
52 | *	**comment** xsd:string (required)  
53 |   
54 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
55 | |:-------------- |:--------------------------- |  
56 | | value | xsd:anySimpleType (1..unbounded) |  
57 | |||  
58 | | notes | [oval:NotesType](oval-common-schema.md#NotesType)  (0..1) |  
59 | |||  
60 |   
61 | 


--------------------------------------------------------------------------------
/docs/pixos-definitions-schema.md:
--------------------------------------------------------------------------------
 1 | # Open Vulnerability and Assessment Language: Element Dictionary
 2 | 
 3 | * Schema: PixOS Definition  
 4 | * Version: 5.11.1:1.1  
 5 | * Release Date: 11/30/2016 09:00:00 AM
 6 | 
 7 | The following is a description of the elements, types, and attributes that compose the PIX specific tests found in Open Vulnerability and Assessment Language (OVAL). Each test is an extension of the standard test element defined in the Core Definition Schema. Through extension, each test inherits a set of elements and attributes that are shared amongst all OVAL tests. Each test is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core Definition Schema is not outlined here.
 8 | 
 9 | This schema was originally developed by Yuzheng Zhou and Eric Grey at Hewlett-Packard. The OVAL Schema is maintained by the OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.cisecurity.org.
10 | 
11 | ## Test Listing
12 | 
13 |  *[ line_test ](#line_test)  
14 |  *[ version_test ](#version_test)  
15 |   
16 | ______________
17 |   
18 | ## <a name="line_test"></a>< line_test >
19 | 
20 | The line_test is used to check the properties of specific output lines from a SHOW command, such as SHOW RUNNING-CONFIG. It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more information. The required object element references a line_object and the optional state element specifies the data to check.
21 | 
22 | **Extends:** [oval-def:TestType](oval-definitions-schema.md#TestType) 
23 | 
24 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
25 | |:-------------- |:--------------------------- |  
26 | | object | [oval-def:ObjectRefType](oval-definitions-schema.md#ObjectRefType)  (1..1) |  
27 | |||  
28 | | state | [oval-def:StateRefType](oval-definitions-schema.md#StateRefType)  (0..unbounded) |  
29 | |||  
30 |   
31 | ## <a name="line_object"></a>< line_object >
32 | 
33 | The line_object element is used by a line_test to define the object to be evaluated. Each object extends the standard ObjectType as defined in the oval-definitions-schema and one should refer to the ObjectType description for more information. The common set element allows complex objects to be created using filters and set logic. Again, please refer to the description of the set element in the oval-definitions-schema.
34 | 
35 | A line object consists of a show_subcommand entity that is the name of a SHOW sub-command to be tested.
36 | 
37 | **Extends:** [oval-def:ObjectType](oval-definitions-schema.md#ObjectType) 
38 | 
39 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
40 | |:-------------- |:--------------------------- |  
41 | | show_subcommand | [oval-def:EntityObjectStringType](oval-definitions-schema.md#EntityObjectStringType)  (1..1) |  
42 | ||<div>The name of a SHOW sub-command.</div>|  
43 | | [oval-def:filter](oval-definitions-schema.md#filter)  | n/a (0..unbounded) |  
44 | |||  
45 |   
46 | ## <a name="line_state"></a>< line_state >
47 | 
48 | The line_state element defines the different information that can be used to evaluate the result of a specific SHOW sub-command. This includes the name of ths sub-command and the corresponding config line. Please refer to the individual elements in the schema for more details about what each represents.
49 | 
50 | **Extends:** [oval-def:StateType](oval-definitions-schema.md#StateType) 
51 | 
52 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
53 | |:-------------- |:--------------------------- |  
54 | | show_subcommand | [oval-def:EntityStateStringType](oval-definitions-schema.md#EntityStateStringType)  (0..1) |  
55 | ||<div>The name of the SHOW sub-command.</div>|  
56 | | config_line | [oval-def:EntityStateStringType](oval-definitions-schema.md#EntityStateStringType)  (0..1) |  
57 | ||<div>The value returned from by the specified SHOW sub-command.</div>|  
58 |   
59 | ______________
60 |   
61 | ## <a name="version_test"></a>< version_test >
62 | 
63 | The version test is used to check the version of the PIX operating system. It is based off of the SHOW VERSION command. It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more information. The required object element references a version_object and the optional state element specifies the data to check.
64 | 
65 | **Extends:** [oval-def:TestType](oval-definitions-schema.md#TestType) 
66 | 
67 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
68 | |:-------------- |:--------------------------- |  
69 | | object | [oval-def:ObjectRefType](oval-definitions-schema.md#ObjectRefType)  (1..1) |  
70 | |||  
71 | | state | [oval-def:StateRefType](oval-definitions-schema.md#StateRefType)  (0..unbounded) |  
72 | |||  
73 |   
74 | ## <a name="version_object"></a>< version_object >
75 | 
76 | The version_object element is used by a version test to define the different version information associated with a PIX system. There is actually only one object relating to version and this is the system as a whole. Therefore, there are no child entities defined. Any OVAL Test written to check version will reference the same version_object which is basically an empty object element.
77 | 
78 | **Extends:** [oval-def:ObjectType](oval-definitions-schema.md#ObjectType) 
79 | 
80 | ## <a name="version_state"></a>< version_state >
81 | 
82 | The version_state element defines the version information held within a Cisco PIX software release. The pix_release element specifies the whole PIX version information. The pix_major_release, pix_minor_release and pix_build elements specify seperated parts of PIX software version information. For instance, if the PIX version is 7.1(2.3)49, then pix_release is 7.1(2.3)49, pix_major_release is 7.1, pix_minor_release is 2.3 and pix_build is 49. See the SHOW VERSION command within PIX for more information.
83 | 
84 | **Extends:** [oval-def:StateType](oval-definitions-schema.md#StateType) 
85 | 
86 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
87 | |:-------------- |:--------------------------- |  
88 | | pix_release | [oval-def:EntityStateStringType](oval-definitions-schema.md#EntityStateStringType)  (0..1) |  
89 | ||<div>The pix_release element specifies the whole PIX version information.</div>|  
90 | | pix_major_release | [oval-def:EntityStateVersionType](oval-definitions-schema.md#EntityStateVersionType)  (0..1) |  
91 | ||<div>The pix_major_release is the dotted version that starts a version string. For example the pix_release 7.1(2.3)49 has a pix_major_release of 7.1.</div>|  
92 | | pix_minor_release | [oval-def:EntityStateVersionType](oval-definitions-schema.md#EntityStateVersionType)  (0..1) |  
93 | ||<div>The pix_minor_release is the dotted version that starts a version string. For example the pix_release 7.1(2.3)49 has a pix_minor_release of 2.3.</div>|  
94 | | pix_build | [oval-def:EntityStateIntType](oval-definitions-schema.md#EntityStateIntType)  (0..1) |  
95 | ||<div>The pix_build is an integer. For example the pix_release 7.1(2.3)49 has a pix_build of 49.</div>|  
96 |   
97 | 


--------------------------------------------------------------------------------
/docs/pixos-system-characteristics-schema.md:
--------------------------------------------------------------------------------
 1 | # Open Vulnerability and Assessment Language: Element Dictionary
 2 | 
 3 | * Schema: PixOS System Characteristics  
 4 | * Version: 5.11.1:1.1  
 5 | * Release Date: 11/30/2016 09:00:00 AM
 6 | 
 7 | The following is a description of the elements, types, and attributes that compose the Cisco PIX (Private Internet Exchange) specific system characteristic items found in Open Vulnerability and Assessment Language (OVAL). Each item is an extension of the standard test element defined in the Core Definition Schema. Through extension, each test inherits a set of elements and attributes that are shared amongst all OVAL tests. Each test is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core Definition Schema is not outlined here.
 8 | 
 9 | This schema was originally developed by Yuzheng Zhou and Eric Grey at Hewlett-Packard. The OVAL Schema is maintained by the OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.cisecurity.org.
10 | 
11 | ______________
12 |   
13 | ## <a name="line_item"></a>< line_item >
14 | 
15 | Stores the properties of specific lines in the PIX config file.
16 | 
17 | **Extends:** [oval-sc:ItemType](oval-system-characteristics-schema.md#ItemType) 
18 | 
19 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
20 | |:-------------- |:--------------------------- |  
21 | | show_subcommand | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
22 | ||<div>The name of the SHOW sub-command.</div>|  
23 | | config_line | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
24 | ||<div>The value returned from by the specified SHOW sub-command.</div>|  
25 |   
26 | ______________
27 |   
28 | ## <a name="version_item"></a>< version_item >
29 | 
30 | Stores results from SHOW VERSION command.
31 | 
32 | **Extends:** [oval-sc:ItemType](oval-system-characteristics-schema.md#ItemType) 
33 | 
34 | | Child Elements | Type (MinOccurs..MaxOccurs) |  
35 | |:-------------- |:--------------------------- |  
36 | | pix_release | [oval-sc:EntityItemStringType](oval-system-characteristics-schema.md#EntityItemStringType)  (0..1) |  
37 | ||<div></div>|  
38 | | pix_major_release | [oval-sc:EntityItemVersionType](oval-system-characteristics-schema.md#EntityItemVersionType)  (0..1) |  
39 | ||<div></div>|  
40 | | pix_minor_release | [oval-sc:EntityItemVersionType](oval-system-characteristics-schema.md#EntityItemVersionType)  (0..1) |  
41 | ||<div></div>|  
42 | | pix_build | [oval-sc:EntityItemIntType](oval-system-characteristics-schema.md#EntityItemIntType)  (0..1) |  
43 | ||<div></div>|  
44 |   
45 | 


--------------------------------------------------------------------------------
/schemas/apache-definitions-schema.xsd:
--------------------------------------------------------------------------------
  1 | <?xml version="1.0" encoding="utf-8"?>
  2 | <xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema"
  3 |             xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5"
  4 |             xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5"
  5 |             xmlns:apache-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#apache"
  6 |             xmlns:sch="http://purl.oclc.org/dsdl/schematron"
  7 |             targetNamespace="http://oval.mitre.org/XMLSchema/oval-definitions-5#apache"
  8 |             elementFormDefault="qualified" version="5.11">
  9 |       <xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-common-5" schemaLocation="oval-common-schema.xsd"/>
 10 |       <xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-definitions-5" schemaLocation="oval-definitions-schema.xsd"/>
 11 |       <xsd:annotation>
 12 |             <xsd:documentation>The following is a description of the elements, types, and attributes that compose the Apache specific tests found in Open Vulnerability and Assessment Language (OVAL). Each test is an extension of the standard test element defined in the Core Definition Schema. Through extension, each test inherits a set of elements and attributes that are shared amongst all OVAL tests. Each test is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core Definition Schema is not outlined here.</xsd:documentation>
 13 |             <xsd:documentation>The OVAL Schema is maintained by the OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.cisecurity.org.</xsd:documentation>
 14 |             <xsd:appinfo>
 15 |                   <schema>Apache Definition</schema>
 16 |                   <version>5.11.1:1.1</version>
 17 |                   <date>11/30/2016 09:00:00 AM</date>
 18 |                   <terms_of_use>Copyright (c) 2016, Center for Internet Security. All rights reserved.  The contents of this file are subject to the terms of the OVAL License located at https://oval.cisecurity.org/terms. See the OVAL License for the specific language governing permissions and limitations for use of this schema.  When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
 19 |                   <sch:ns prefix="oval-def" uri="http://oval.mitre.org/XMLSchema/oval-definitions-5"/>
 20 |                   <sch:ns prefix="apache-def" uri="http://oval.mitre.org/XMLSchema/oval-definitions-5#apache"/>
 21 |                   <sch:ns prefix="xsi" uri="http://www.w3.org/2001/XMLSchema-instance"/>
 22 |             </xsd:appinfo>
 23 |       </xsd:annotation>
 24 |       <!-- =============================================================================== -->
 25 |       <!-- =================================  HTTPD TEST  ================================ -->
 26 |       <!-- =============================================================================== -->
 27 |       <xsd:element name="httpd_test" substitutionGroup="oval-def:test">
 28 |             <xsd:annotation>
 29 |                   <xsd:documentation>The httpd test is used to check the version of an installed httpd binary. It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more information. The required object element references an httpd_test and the optional state element specifies the data to check.</xsd:documentation>
 30 |                   <xsd:appinfo>
 31 |                         <oval:element_mapping>
 32 |                               <oval:test>httpd_test</oval:test>
 33 |                               <oval:object>httpd_object</oval:object>
 34 |                               <oval:state>httpd_state</oval:state>
 35 |                               <oval:item target_namespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#apache">httpd_item</oval:item>
 36 |                         </oval:element_mapping>
 37 |                   </xsd:appinfo>
 38 |                   <xsd:appinfo>
 39 |                         <oval:deprecated_info>
 40 |                               <oval:version>5.8</oval:version>
 41 |                               <oval:reason>The httpd_test does not specify how to detect instances of httpd and cannot be reasonably specified to allow for products to detect all instances of httpd across platforms, packaging systems, and typical user compiled and configured installations. Without a proper definition of how to identify instances of httpd products will not reliably produce consistent assessment results because they will naturally utilize different approaches to locating instances of httpd which will lead to differences in the set of collected instances of https.</oval:reason>
 42 |                               <oval:comment>This test has been deprecated and may be removed in a future version of the language.</oval:comment>
 43 |                         </oval:deprecated_info>
 44 |                         <sch:pattern id="apache-def_httpd_test_dep">
 45 |                               <sch:rule context="apache-def:httpd_test">
 46 |                                     <sch:report test="true()">DEPRECATED TEST: <sch:value-of select="name()"/> ID: <sch:value-of select="@id"/></sch:report>
 47 |                               </sch:rule>
 48 |                         </sch:pattern> 
 49 |                   </xsd:appinfo>
 50 |                   <xsd:appinfo>
 51 |                         <sch:pattern id="apache-def_httpdtst">
 52 |                               <sch:rule context="apache-def:httpd_test/apache-def:object">
 53 |                                     <sch:assert test="@object_ref=ancestor::oval-def:oval_definitions/oval-def:objects/apache-def:httpd_object/@id"><sch:value-of select="../@id"/> - the object child element of a httpd_test must reference a httpd_object</sch:assert>
 54 |                               </sch:rule>
 55 |                               <sch:rule context="apache-def:httpd_test/apache-def:state">
 56 |                                     <sch:assert test="@state_ref=ancestor::oval-def:oval_definitions/oval-def:states/apache-def:httpd_state/@id"><sch:value-of select="../@id"/> - the state child element of a httpd_test must reference a httpd_state</sch:assert>
 57 |                               </sch:rule>
 58 |                         </sch:pattern>
 59 |                   </xsd:appinfo>
 60 |             </xsd:annotation>
 61 |             <xsd:complexType>
 62 |                   <xsd:complexContent>
 63 |                         <xsd:extension base="oval-def:TestType">
 64 |                               <xsd:sequence>
 65 |                                     <xsd:element name="object" type="oval-def:ObjectRefType" />
 66 |                                     <xsd:element name="state" type="oval-def:StateRefType" minOccurs="0" maxOccurs="unbounded"/>
 67 |                               </xsd:sequence>
 68 |                         </xsd:extension>
 69 |                   </xsd:complexContent>
 70 |             </xsd:complexType>
 71 |       </xsd:element>
 72 |       <xsd:element name="httpd_object" substitutionGroup="oval-def:object">
 73 |             <xsd:annotation>
 74 |                   <xsd:documentation>The httpd_object element is used by a httpd test to define the different httpd binary installed on a system. There is actually only one object relating to this and it is the collection of all httpd binaries. Therefore, there are no child entities defined. Any OVAL Test written to check version will reference the same httpd_object which is basically an empty object element. A tool that implements the httpd_test and collects the httpd_object must know how to find all the httpd binaries on the system and verify that they are in fact httpd binaries.</xsd:documentation>
 75 |                   <xsd:appinfo>
 76 |                         <oval:deprecated_info>
 77 |                               <oval:version>5.8</oval:version>
 78 |                               <oval:reason>The httpd_object does not specify how to detect instances of httpd and cannot be reasonably specified to allow for products to detect all instances of httpd across platforms, packaging systems, and typical user compiled and configured installations. Without a proper definition of how to identify instances of httpd products will not reliably produce consistent assessment results because they will naturally utilize different approaches to locating instances of httpd which will lead to differences in the set of collected instances of https.</oval:reason>
 79 |                               <oval:comment>This object has been deprecated and may be removed in a future version of the language.</oval:comment>
 80 |                         </oval:deprecated_info>
 81 |                         <sch:pattern id="apache-def_httpd_object_dep">
 82 |                               <sch:rule context="apache-def:httpd_object">
 83 |                                     <sch:report test="true()">DEPRECATED OBJECT: <sch:value-of select="name()"/> ID: <sch:value-of select="@id"/></sch:report>
 84 |                               </sch:rule>
 85 |                         </sch:pattern> 
 86 |                   </xsd:appinfo>
 87 |             </xsd:annotation>
 88 |             <xsd:complexType>
 89 |                   <xsd:complexContent>
 90 |                         <xsd:extension base="oval-def:ObjectType"/>
 91 |                   </xsd:complexContent>
 92 |             </xsd:complexType>
 93 |       </xsd:element>
 94 |       <xsd:element name="httpd_state" substitutionGroup="oval-def:state">
 95 |             <xsd:annotation>
 96 |                   <xsd:documentation>The httpd_state element defines information associated with a specific httpd binary.</xsd:documentation>
 97 |                   <xsd:appinfo>
 98 |                         <oval:deprecated_info>
 99 |                               <oval:version>5.8</oval:version>
100 |                               <oval:reason>The httpd_state does not specify how to detect instances of httpd and cannot be reasonably specified to allow for products to detect all instances of httpd across platforms, packaging systems, and typical user compiled and configured installations. Without a proper definition of how to identify instances of httpd products will not reliably produce consistent assessment results because they will naturally utilize different approaches to locating instances of httpd which will lead to differences in the set of collected instances of https.</oval:reason>
101 |                               <oval:comment>This state has been deprecated and may be removed in a future version of the language.</oval:comment>
102 |                         </oval:deprecated_info>
103 |                         <sch:pattern id="apache-def_httpd_state_dep">
104 |                               <sch:rule context="apache-def:httpd_state">
105 |                                     <sch:report test="true()">DEPRECATED STATE: <sch:value-of select="name()"/> ID: <sch:value-of select="@id"/></sch:report>
106 |                               </sch:rule>
107 |                         </sch:pattern> 
108 |                   </xsd:appinfo>
109 |             </xsd:annotation>
110 |             <xsd:complexType>
111 |                   <xsd:complexContent>
112 |                         <xsd:extension base="oval-def:StateType">
113 |                               <xsd:sequence>
114 |                                     <xsd:element name="path" type="oval-def:EntityStateStringType" minOccurs="0" maxOccurs="1">
115 |                                           <xsd:annotation>
116 |                                                 <xsd:documentation>The path element specifies the directory component of the absolute path to a httpd binary on the system.</xsd:documentation>
117 |                                           </xsd:annotation>
118 |                                     </xsd:element>
119 |                                     <xsd:element name="binary_name" type="oval-def:EntityStateStringType" minOccurs="0" maxOccurs="1" nillable="true">
120 |                                           <xsd:annotation>
121 |                                                 <xsd:documentation>The binary_name element specifies the name of the file. If the xsi:nil attribute is set to true, then the object being specified is the higher level path. In this case, the binary_name element should not be collected or used in analysis. Setting xsi:nil equal to true is different than using a .* pattern match, says to collect every file under a given path.</xsd:documentation>
122 |                                           </xsd:annotation>
123 |                                     </xsd:element>
124 |                                     <xsd:element name="version" type="oval-def:EntityStateVersionType" minOccurs="0" maxOccurs="1">
125 |                                           <xsd:annotation>
126 |                                                 <xsd:documentation>The version entity is used to check the version of the httpd binary. The datatype for the version entity is 'version' which means the value should be a delimited set of numbers. It is obtained by running 'httpd -v'.</xsd:documentation>
127 |                                           </xsd:annotation>
128 |                                     </xsd:element>
129 |                               </xsd:sequence>
130 |                         </xsd:extension>
131 |                   </xsd:complexContent>
132 |             </xsd:complexType>
133 |       </xsd:element>
134 |       <!-- =============================================================================== -->
135 |       <!-- =============================================================================== -->
136 |       <!-- =============================================================================== -->
137 | </xsd:schema>
138 | 


--------------------------------------------------------------------------------
/schemas/apache-system-characteristics-schema.xsd:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema"
 3 |             xmlns:oval-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5"
 4 |             xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5"
 5 |             xmlns:apache-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#apache"
 6 |             xmlns:sch="http://purl.oclc.org/dsdl/schematron"
 7 |             targetNamespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#apache"
 8 |             elementFormDefault="qualified" version="5.11">
 9 | 	<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" schemaLocation="oval-system-characteristics-schema.xsd"/>
10 | 	<xsd:annotation>
11 | 		<xsd:documentation>The following is a description of the elements, types, and attributes that compose the Apache specific system characteristic items found in Open Vulnerability and Assessment Language (OVAL).  Each item is an extension of the standard item element defined in the Core System Characteristic Schema.  Through extension, each item inherits a set of elements and attributes that are shared amongst all OVAL Items.  Each item is described in detail and should provide the information necessary to understand what each element and attribute represents.  This document is intended for developers and assumes some familiarity with XML.  A high level description of the interaction between the different tests and their relationship to the Core System Characteristic Schema is not outlined here.</xsd:documentation>
12 | 		<xsd:documentation>The OVAL Schema is maintained by the OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.cisecurity.org.</xsd:documentation>
13 | 		<xsd:appinfo>
14 | 		     <schema>Apache System Characteristics</schema>
15 | 		     <version>5.11.1:1.1</version>
16 | 		     <date>11/30/2016 09:00:00 AM</date>
17 | 		      <terms_of_use>Copyright (c) 2016, Center for Internet Security. All rights reserved.  The contents of this file are subject to the terms of the OVAL License located at https://oval.cisecurity.org/terms. See the OVAL License for the specific language governing permissions and limitations for use of this schema.  When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
18 | 			<sch:ns prefix="oval-sc" uri="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5"/>
19 | 			<sch:ns prefix="apache-sc" uri="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#windows"/>
20 | 		    <sch:ns prefix="xsi" uri="http://www.w3.org/2001/XMLSchema-instance"/>
21 | 		</xsd:appinfo>
22 | 	</xsd:annotation>
23 | 	<!-- =============================================================================== -->
24 | 	<!-- ================================  HTTPD ITEM  ================================= -->
25 | 	<!-- =============================================================================== -->
26 | 	<xsd:element name="httpd_item" substitutionGroup="oval-sc:item">
27 | 		<xsd:annotation>
28 | 			<xsd:documentation>The httpd item holds information about a installed Apache HTTPD binary.  It extends the standard ItemType as defined in the oval-system-characteristics schema and one should refer to the ItemType description for more information.</xsd:documentation>
29 | 			<xsd:appinfo>
30 | 				<oval:deprecated_info>
31 | 					<oval:version>5.8</oval:version>
32 | 					<oval:reason>The httpd_item does not specify how to detect instances of httpd and cannot be reasonably specified to allow for products to detect all instances of httpd across platforms, packaging systems, and typical user compiled and configured installations. Without a proper definition of how to identify instances of httpd products will not reliably produce consistent assessment results because they will naturally utilize different approaches to locating instances of httpd which will lead to differences in the set of collected instances of https.</oval:reason>
33 | 					<oval:comment>This item has been deprecated and may be removed in a future version of the language.</oval:comment>
34 | 				</oval:deprecated_info>
35 | 				<sch:pattern id="apache-sc_httpd_item_dep">
36 | 					<sch:rule context="apache-sc:httpd_item">
37 | 						<sch:report test="true()">DEPRECATED ITEM: <sch:value-of select="name()"/> ID: <sch:value-of select="@id"/></sch:report>
38 | 					</sch:rule>
39 | 				</sch:pattern>
40 | 			</xsd:appinfo>
41 | 		</xsd:annotation>
42 | 		<xsd:complexType>
43 | 			<xsd:complexContent>
44 | 				<xsd:extension base="oval-sc:ItemType">
45 | 					<xsd:sequence>
46 | 						<xsd:element name="path" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
47 | 							<xsd:annotation>
48 | 								<xsd:documentation>The path element specifies the directory component of the absolute path to a httpd binary found on the system.</xsd:documentation>
49 | 							</xsd:annotation>
50 | 						</xsd:element>
51 | 						<xsd:element name="binary_name" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
52 | 							<xsd:annotation>
53 | 								<xsd:documentation>The name of the httpd binary.</xsd:documentation>
54 | 							</xsd:annotation>
55 | 						</xsd:element>
56 | 						<xsd:element name="version" type="oval-sc:EntityItemVersionType" minOccurs="0" maxOccurs="1">
57 | 							<xsd:annotation>
58 | 								<xsd:documentation>The version entity holds the version of the specified httpd binary.</xsd:documentation>
59 | 							</xsd:annotation>
60 | 						</xsd:element>
61 | 					</xsd:sequence>
62 | 				</xsd:extension>
63 | 			</xsd:complexContent>
64 | 		</xsd:complexType>
65 | 	</xsd:element>
66 | 	<!-- =============================================================================== -->
67 | 	<!-- =============================================================================== -->
68 | 	<!-- =============================================================================== -->
69 | </xsd:schema>
70 | 


--------------------------------------------------------------------------------
/schemas/catos-system-characteristics-schema.xsd:
--------------------------------------------------------------------------------
  1 | <?xml version="1.0" encoding="utf-8"?>
  2 | <xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema"
  3 |             xmlns:oval-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5"
  4 |             xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5"
  5 |             xmlns:catos-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#catos"
  6 |             xmlns:sch="http://purl.oclc.org/dsdl/schematron"
  7 |             targetNamespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#catos"
  8 |             elementFormDefault="qualified" version="5.11">
  9 |      <xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" schemaLocation="oval-system-characteristics-schema.xsd"/>
 10 |      <xsd:annotation>
 11 |           <xsd:documentation>The following is a description of the elements, types, and attributes that compose the Cisco CatOS specific system characteristic items found in Open Vulnerability and Assessment Language (OVAL). Each item is an extension of the standard test element defined in the Core Definition Schema. Through extension, each test inherits a set of elements and attributes that are shared amongst all OVAL tests. Each test is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core Definition Schema is not outlined here.</xsd:documentation>
 12 |           <xsd:documentation>This schema was originally developed by Yuzheng Zhou at Hewlett-Packard. The OVAL Schema is maintained by the OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.cisecurity.org.</xsd:documentation>
 13 |           <xsd:appinfo>
 14 |                <schema>CatOS System Characteristics</schema>
 15 |                <version>5.11.1:1.1</version>
 16 |                <date>11/30/2016 09:00:00 AM</date>
 17 |                 <terms_of_use>Copyright (c) 2016, Center for Internet Security. All rights reserved.  The contents of this file are subject to the terms of the OVAL License located at https://oval.cisecurity.org/terms. See the OVAL License for the specific language governing permissions and limitations for use of this schema.  When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
 18 |                <sch:ns prefix="oval-sc" uri="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5"/>
 19 |                <sch:ns prefix="catos-sc" uri="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#catos"/>
 20 |               <sch:ns prefix="xsi" uri="http://www.w3.org/2001/XMLSchema-instance"/>
 21 |           </xsd:appinfo>
 22 |      </xsd:annotation>
 23 |     <!-- =============================================================================== -->
 24 |     <!-- ============================  CATOS LINE ITEM  ================================== -->
 25 |     <!-- =============================================================================== -->
 26 |     <xsd:element name="line_item" substitutionGroup="oval-sc:item">
 27 |         <xsd:annotation>
 28 |             <xsd:documentation>Stores the properties of specific lines in the catos config file.</xsd:documentation>
 29 |         </xsd:annotation>
 30 |         <xsd:complexType>
 31 |             <xsd:complexContent>
 32 |                 <xsd:extension base="oval-sc:ItemType">
 33 |                     <xsd:sequence>
 34 |                         <xsd:element name="show_subcommand" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
 35 |                             <xsd:annotation>
 36 |                                 <xsd:documentation>The name of the SHOW sub-command.</xsd:documentation>
 37 |                             </xsd:annotation>
 38 |                         </xsd:element>
 39 |                         <xsd:element name="config_line" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
 40 |                             <xsd:annotation>
 41 |                                 <xsd:documentation>The value returned from by the specified SHOW sub-command.</xsd:documentation>
 42 |                             </xsd:annotation>
 43 |                         </xsd:element>
 44 |                     </xsd:sequence>
 45 |                 </xsd:extension>
 46 |             </xsd:complexContent>
 47 |         </xsd:complexType>
 48 |     </xsd:element>
 49 |     <!-- =============================================================================== -->
 50 |      <!-- ========================  CATOS MODULE ITEM  ================================= -->
 51 |      <!-- =============================================================================== -->
 52 |      <xsd:element name="module_item" substitutionGroup="oval-sc:item">
 53 |           <xsd:annotation>
 54 |                <xsd:documentation>Stores results from SHOW MODULE command.</xsd:documentation>
 55 |           </xsd:annotation>
 56 |           <xsd:complexType>
 57 |                <xsd:complexContent>
 58 |                     <xsd:extension base="oval-sc:ItemType">
 59 |                          <xsd:sequence>
 60 |                               <xsd:element name="module_number" type="oval-sc:EntityItemIntType" minOccurs="0" maxOccurs="1">
 61 |                                    <xsd:annotation>
 62 |                                         <xsd:documentation/>
 63 |                                    </xsd:annotation>
 64 |                               </xsd:element>
 65 |                               <xsd:element name="type" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
 66 |                                    <xsd:annotation>
 67 |                                         <xsd:documentation/>
 68 |                                    </xsd:annotation>
 69 |                               </xsd:element>
 70 |                               <xsd:element name="model" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
 71 |                                    <xsd:annotation>
 72 |                                         <xsd:documentation/>
 73 |                                    </xsd:annotation>
 74 |                               </xsd:element>
 75 |                               <xsd:element name="software_major_release" type="oval-sc:EntityItemVersionType" minOccurs="0" maxOccurs="1">
 76 |                                    <xsd:annotation>
 77 |                                         <xsd:documentation/>
 78 |                                    </xsd:annotation>
 79 |                               </xsd:element>
 80 |                               <xsd:element name="software_individual_release" type="oval-sc:EntityItemIntType" minOccurs="0" maxOccurs="1">
 81 |                                    <xsd:annotation>
 82 |                                         <xsd:documentation/>
 83 |                                    </xsd:annotation>
 84 |                               </xsd:element>
 85 |                               <xsd:element name="software_version_id" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
 86 |                                    <xsd:annotation>
 87 |                                         <xsd:documentation/>
 88 |                                    </xsd:annotation>
 89 |                               </xsd:element>
 90 |                               <xsd:element name="hardware_major_release" type="oval-sc:EntityItemVersionType" minOccurs="0" maxOccurs="1">
 91 |                                    <xsd:annotation>
 92 |                                         <xsd:documentation/>
 93 |                                    </xsd:annotation>
 94 |                               </xsd:element>
 95 |                               <xsd:element name="hardware_individual_release" type="oval-sc:EntityItemIntType" minOccurs="0" maxOccurs="1">
 96 |                                    <xsd:annotation>
 97 |                                         <xsd:documentation/>
 98 |                                    </xsd:annotation>
 99 |                               </xsd:element>
100 |                               <xsd:element name="firmware_major_release" type="oval-sc:EntityItemVersionType" minOccurs="0" maxOccurs="1">
101 |                                    <xsd:annotation>
102 |                                         <xsd:documentation/>
103 |                                    </xsd:annotation>
104 |                               </xsd:element>
105 |                               <xsd:element name="firmware_individual_release" type="oval-sc:EntityItemIntType" minOccurs="0" maxOccurs="1">
106 |                                    <xsd:annotation>
107 |                                         <xsd:documentation/>
108 |                                    </xsd:annotation>
109 |                               </xsd:element>
110 |                          </xsd:sequence>
111 |                     </xsd:extension>
112 |                </xsd:complexContent>
113 |           </xsd:complexType>
114 |      </xsd:element>
115 |      <!-- =============================================================================== -->
116 |      <!-- ============================  CATOS VERSION ITEM  ============================= -->
117 |      <!-- =============================================================================== -->
118 |      <xsd:element name="version_item" substitutionGroup="oval-sc:item">
119 |           <xsd:annotation>
120 |                <xsd:documentation>Stores results from SHOW VERSION command.</xsd:documentation>
121 |           </xsd:annotation>
122 |           <xsd:complexType>
123 |                <xsd:complexContent>
124 |                     <xsd:extension base="oval-sc:ItemType">
125 |                          <xsd:sequence>
126 |                               <xsd:element name="switch_series" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
127 |                                    <xsd:annotation>
128 |                                        <xsd:documentation>The switch_series entity specifies the target Catalyst switch series for the given version of CatOS.</xsd:documentation>
129 |                                    </xsd:annotation>
130 |                               </xsd:element>
131 |                               <xsd:element name="image_name" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
132 |                                    <xsd:annotation>
133 |                                        <xsd:documentation>The image_name entity specifies the name of the CatOS image.</xsd:documentation>
134 |                                    </xsd:annotation>
135 |                               </xsd:element>
136 |                              <xsd:element name="catos_release" type="oval-sc:EntityItemVersionType" minOccurs="0" maxOccurs="1">
137 |                                  <xsd:annotation>
138 |                                      <xsd:documentation>The catos_release entity specifies the release version of CatOS.</xsd:documentation>
139 |                                  </xsd:annotation>
140 |                              </xsd:element>
141 |                              <xsd:element name="catos_major_release" type="oval-sc:EntityItemVersionType" minOccurs="0" maxOccurs="1">
142 |                                    <xsd:annotation>
143 |                                        <xsd:appinfo>
144 |                                             <oval:deprecated_info>
145 |                                                  <oval:version>5.5</oval:version>
146 |                                                  <oval:reason>Due to the fact it's not clear on how to separate the CatOS version, it was decided that the catos_major_release, catos_individual_release, and catos_version_id entities would be combined into a new single entity catos_release. Therefore, the catos_major_release entity is no longer needed.</oval:reason>
147 |                                                  <oval:comment>This entity has been deprecated and will be removed in version 6.0 of the language.</oval:comment>
148 |                                             </oval:deprecated_info>
149 |                                              <sch:pattern id="catos-sc_versionitemcatos_major_release">
150 |                                                   <sch:rule context="catos-sc:version_item/catos-sc:catos_major_release">
151 |                                                         <sch:report test="true()">DEPRECATED ELEMENT: <sch:value-of select="name()"/> ID: <sch:value-of select="@id"/></sch:report>
152 |                                                   </sch:rule>
153 |                                              </sch:pattern>
154 |                                         </xsd:appinfo>
155 |                                    </xsd:annotation>
156 |                               </xsd:element>
157 |                               <xsd:element name="catos_individual_release" type="oval-sc:EntityItemIntType" minOccurs="0" maxOccurs="1">
158 |                                    <xsd:annotation>
159 |                                         <xsd:appinfo>
160 |                                              <oval:deprecated_info>
161 |                                                   <oval:version>5.5</oval:version>
162 |                                                   <oval:reason>Due to the fact it's not clear on how to separate the CatOS version, it was decided that the catos_major_release, catos_individual_release, and catos_version_id entities would be combined into a new single entity catos_release. Therefore, the catos_individual_release entity is no longer needed.</oval:reason>
163 |                                                   <oval:comment>This entity has been deprecated and will be removed in version 6.0 of the language.</oval:comment>
164 |                                              </oval:deprecated_info>
165 |                                              <sch:pattern id="catos-sc_versionitemcatos_individual_release">
166 |                                                   <sch:rule context="catos-sc:version_item/catos-sc:catos_individual_release">
167 |                                                         <sch:report test="true()">DEPRECATED ELEMENT: <sch:value-of select="name()"/> ID: <sch:value-of select="@id"/></sch:report>
168 |                                                   </sch:rule>
169 |                                              </sch:pattern>
170 |                                         </xsd:appinfo>
171 |                                    </xsd:annotation>
172 |                               </xsd:element>
173 |                               <xsd:element name="catos_version_id" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
174 |                                    <xsd:annotation>
175 |                                        <xsd:appinfo>
176 |                                             <oval:deprecated_info>
177 |                                                  <oval:version>5.5</oval:version>
178 |                                                  <oval:reason>Due to the fact it's not clear on how to separate the CatOS version, it was decided that the catos_major_release, catos_individual_release, and catos_version_id entities would be combined into a new single entity catos_release. Therefore, the catos_version_id entity is no longer needed.</oval:reason>
179 |                                                  <oval:comment>This entity has been deprecated and will be removed in version 6.0 of the language.</oval:comment>
180 |                                             </oval:deprecated_info>
181 |                                              <sch:pattern id="catos-sc_versionitemcatos_version_id">
182 |                                                   <sch:rule context="catos-sc:version_item/catos-sc:catos_version_id">
183 |                                                         <sch:report test="true()">DEPRECATED ELEMENT: <sch:value-of select="name()"/> ID: <sch:value-of select="@id"/></sch:report>
184 |                                                   </sch:rule>
185 |                                              </sch:pattern>
186 |                                         </xsd:appinfo>
187 |                                    </xsd:annotation>
188 |                               </xsd:element>
189 |                          </xsd:sequence>
190 |                     </xsd:extension>
191 |                </xsd:complexContent>
192 |           </xsd:complexType>
193 |      </xsd:element>
194 |       <!-- =============================================================================== -->
195 |       <!-- =============================================================================== -->
196 |       <!-- =============================================================================== -->
197 | </xsd:schema>
198 | 


--------------------------------------------------------------------------------
/schemas/evaluation-ids.xsd:
--------------------------------------------------------------------------------
 1 | <xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" 
 2 |     xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" 
 3 |     xmlns:evalids="http://oval.mitre.org/XMLSchema/ovaldi/evalids" targetNamespace="http://oval.mitre.org/XMLSchema/ovaldi/evalids" elementFormDefault="qualified">
 4 |     <xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-common-5"/>
 5 |     <xsd:annotation>
 6 |         <xsd:documentation>This schema defines an xml format for inputing a set of OVAL Definition ids into the reference OVAL Interpreter for evaluation.</xsd:documentation>
 7 |         <xsd:appinfo>
 8 |             <schema>OVAL Definition Interpreter - Evaluation Id Schema</schema>
 9 |             <version>5.11.2</version>
10 |             <date>11/30/2016 09:00:00 AM</date>
11 |             <terms_of_use>Copyright (c) 2016, Center for Internet Security. All rights reserved.  The contents of this file are subject to the terms of the OVAL License located at https://oval.cisecurity.org/terms. See the OVAL License for the specific language governing permissions and limitations for use of this schema.  When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
12 |         </xsd:appinfo>
13 |     </xsd:annotation>
14 |     
15 |     <xsd:element name="evalutation-definition-ids">
16 |         <xsd:annotation>
17 |             <xsd:documentation>The evaluation-definition-ids element is the root the Document. Its purpose is to bind together the a set of definition elements.</xsd:documentation>
18 |         </xsd:annotation>
19 |         <xsd:complexType>
20 |             <xsd:sequence>
21 |                 <xsd:element name="definition" type="oval:DefinitionIDPattern" minOccurs="1" maxOccurs="unbounded">
22 |                     <xsd:annotation>
23 |                         <xsd:documentation>Each definition represents the id of a definition to be evaluated.</xsd:documentation>
24 |                     </xsd:annotation>
25 |                 </xsd:element>
26 |             </xsd:sequence>
27 |         </xsd:complexType>
28 |         <xsd:unique name="UniqueDefinitionId">
29 |             <xsd:annotation>
30 |                 <xsd:documentation>Enforce uniqueness amongst the definition ids found in the document.</xsd:documentation>
31 |             </xsd:annotation>
32 |             <xsd:selector xpath="evalids:definition"/>
33 |             <xsd:field xpath="."/>
34 |         </xsd:unique>
35 |     </xsd:element>
36 | </xsd:schema>
37 | 


--------------------------------------------------------------------------------
/schemas/freebsd-definitions-schema.xsd:
--------------------------------------------------------------------------------
  1 | <?xml version="1.0" encoding="utf-8"?>
  2 | <xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema"
  3 |             xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5"
  4 |             xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5"
  5 |             xmlns:freebsd-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#freebsd"
  6 |             xmlns:sch="http://purl.oclc.org/dsdl/schematron"
  7 |             targetNamespace="http://oval.mitre.org/XMLSchema/oval-definitions-5#freebsd"
  8 |             elementFormDefault="qualified" version="5.11">
  9 |       <xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-definitions-5" schemaLocation="oval-definitions-schema.xsd"/>
 10 |       <xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-common-5" schemaLocation="oval-common-schema.xsd"/>
 11 |       <xsd:annotation>
 12 |             <xsd:documentation>The following is a description of the elements, types, and attributes that compose the FreeBSD specific tests found in Open Vulnerability and Assessment Language (OVAL). Each test is an extension of the standard test element defined in the Core Definition Schema. Through extension, each test inherits a set of elements and attributes that are shared amongst all OVAL tests. Each test is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core Definition Schema is not outlined here.</xsd:documentation>
 13 |             <xsd:documentation>The OVAL Schema is maintained by the OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.cisecurity.org.</xsd:documentation>
 14 |             <xsd:appinfo>
 15 |                   <schema>FreeBSD Definition</schema>
 16 |                   <version>5.11.1:1.1</version>
 17 |                   <date>11/30/2016 09:00:00 AM</date>
 18 |                   <terms_of_use>Copyright (c) 2016, Center for Internet Security. All rights reserved.  The contents of this file are subject to the terms of the OVAL License located at https://oval.cisecurity.org/terms. See the OVAL License for the specific language governing permissions and limitations for use of this schema.  When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
 19 |                   <sch:ns prefix="oval-def" uri="http://oval.mitre.org/XMLSchema/oval-definitions-5"/>
 20 |                   <sch:ns prefix="freebsd-def" uri="http://oval.mitre.org/XMLSchema/oval-definitions-5#freebsd"/>
 21 |                   <xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-common-5" schemaLocation="oval-common-schema.xsd"/>
 22 |                   <sch:ns prefix="xsi" uri="http://www.w3.org/2001/XMLSchema-instance"/>
 23 |             </xsd:appinfo>
 24 |       </xsd:annotation>
 25 |       <!-- =============================================================================== -->
 26 |       <!-- ==============================  PORT INFO TEST  =============================== -->
 27 |       <!-- =============================================================================== -->
 28 |       <xsd:element name="portinfo_test" substitutionGroup="oval-def:test">
 29 |             <xsd:annotation>
 30 |                   <xsd:documentation>The port info test is used to check the properties of a component of a FreeBSD system. It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more information. The required object element references an portinfo_object and the optional state element specifies the data to check.</xsd:documentation>
 31 |                   <xsd:appinfo>
 32 |                         <oval:element_mapping>
 33 |                               <oval:test>portinfo_test</oval:test>
 34 |                               <oval:object>portinfo_object</oval:object>
 35 |                               <oval:state>portinfo_state</oval:state>
 36 |                               <oval:item target_namespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#freebsd">portinfo_item</oval:item>
 37 |                         </oval:element_mapping>
 38 |                   </xsd:appinfo>
 39 |                   <xsd:appinfo>
 40 |                         <sch:pattern id="freebsd-def_portinfotst">
 41 |                               <sch:rule context="freebsd-def:portinfo_test/freebsd-def:object">
 42 |                                     <sch:assert test="@object_ref=ancestor::oval-def:oval_definitions/oval-def:objects/freebsd-def:portinfo_object/@id"><sch:value-of select="../@id"/> - the object child element of a portinfo_test must reference an portinfo_object</sch:assert>
 43 |                               </sch:rule>
 44 |                               <sch:rule context="freebsd-def:portinfo_test/freebsd-def:state">
 45 |                                     <sch:assert test="@state_ref=ancestor::oval-def:oval_definitions/oval-def:states/freebsd-def:portinfo_state/@id"><sch:value-of select="../@id"/> - the state child element of a portinfo_test must reference an portinfo_state</sch:assert>
 46 |                               </sch:rule>
 47 |                         </sch:pattern>
 48 |                   </xsd:appinfo>
 49 |             </xsd:annotation>
 50 |             <xsd:complexType>
 51 |                   <xsd:complexContent>
 52 |                         <xsd:extension base="oval-def:TestType">
 53 |                               <xsd:sequence>
 54 |                                     <xsd:element name="object" type="oval-def:ObjectRefType" />
 55 |                                     <xsd:element name="state" type="oval-def:StateRefType" minOccurs="0" maxOccurs="unbounded"/>
 56 |                               </xsd:sequence>
 57 |                         </xsd:extension>
 58 |                   </xsd:complexContent>
 59 |             </xsd:complexType>
 60 |       </xsd:element>
 61 |       <xsd:element name="portinfo_object" substitutionGroup="oval-def:object">
 62 |             <xsd:annotation>
 63 |                   <xsd:documentation>The portinfo_object element is used by a port info test to define the specific FreeBSD package to be evaluated. Each object extends the standard ObjectType as defined in the oval-definitions-schema and one should refer to the ObjectType description for more information. The common set element allows complex objects to be created using filters and set logic. Again, please refer to the description of the set element in the oval-definitions-schema.</xsd:documentation>
 64 |                   <xsd:documentation>A port info object consists of a single pkginst element that identifies a specific package.</xsd:documentation>
 65 |                   <xsd:appinfo>
 66 |                         <sch:pattern id="freebsd-def_portinfo_object_verify_filter_state">
 67 |                               <sch:rule context="freebsd-def:portinfo_object//oval-def:filter">
 68 |                                     <sch:let name="parent_object" value="ancestor::freebsd-def:portinfo_object"/>
 69 |                                     <sch:let name="parent_object_id" value="$parent_object/@id"/>
 70 |                                     <sch:let name="state_ref" value="."/>
 71 |                                     <sch:let name="reffed_state" value="ancestor::oval-def:oval_definitions/oval-def:states/*[@id=$state_ref]"/>
 72 |                                     <sch:let name="state_name" value="local-name($reffed_state)"/>
 73 |                                     <sch:let name="state_namespace" value="namespace-uri($reffed_state)"/>
 74 |                                     <sch:assert test="(($state_namespace='http://oval.mitre.org/XMLSchema/oval-definitions-5#freebsd') and ($state_name='portinfo_state'))">State referenced in filter for <sch:value-of select="name($parent_object)"/> '<sch:value-of select="$parent_object_id"/>' is of the wrong type. </sch:assert>
 75 |                               </sch:rule>
 76 |                         </sch:pattern>
 77 |                   </xsd:appinfo>
 78 |             </xsd:annotation>
 79 |             <xsd:complexType>
 80 |                   <xsd:complexContent>
 81 |                         <xsd:extension base="oval-def:ObjectType">
 82 |                               <xsd:sequence>
 83 |                                     <xsd:choice>
 84 |                                           <xsd:element ref="oval-def:set"/>
 85 |                                           <xsd:sequence>
 86 |                                                 <xsd:element name="pkginst" type="oval-def:EntityObjectStringType">
 87 |                                                       <xsd:annotation>
 88 |                                                             <xsd:documentation/>
 89 |                                                       </xsd:annotation>
 90 |                                                 </xsd:element>
 91 |                                                 <xsd:element ref="oval-def:filter" minOccurs="0" maxOccurs="unbounded"/>
 92 |                                           </xsd:sequence>
 93 |                                     </xsd:choice>
 94 |                               </xsd:sequence>
 95 |                         </xsd:extension>
 96 |                   </xsd:complexContent>
 97 |             </xsd:complexType>
 98 |       </xsd:element>
 99 |       <xsd:element name="portinfo_state" substitutionGroup="oval-def:state">
100 |             <xsd:annotation>
101 |                   <xsd:documentation>The portinfo_state element defines the different information that can be used to evaluate the specified package. This includes the name, category, version, vendor, and description. Please refer to the individual elements in the schema for more details about what each represents.</xsd:documentation>
102 |             </xsd:annotation>
103 |             <xsd:complexType>
104 |                   <xsd:complexContent>
105 |                         <xsd:extension base="oval-def:StateType">
106 |                               <xsd:sequence>
107 |                                     <xsd:element name="pkginst" type="oval-def:EntityStateStringType" minOccurs="0" maxOccurs="1">
108 |                                           <xsd:annotation>
109 |                                                 <xsd:documentation/>
110 |                                           </xsd:annotation>
111 |                                     </xsd:element>
112 |                                     <xsd:element name="name" type="oval-def:EntityStateStringType" minOccurs="0" maxOccurs="1">
113 |                                           <xsd:annotation>
114 |                                                 <xsd:documentation>The name of a package.</xsd:documentation>
115 |                                           </xsd:annotation>
116 |                                     </xsd:element>
117 |                                     <xsd:element name="category" type="oval-def:EntityStateStringType" minOccurs="0" maxOccurs="1">
118 |                                           <xsd:annotation>
119 |                                                 <xsd:documentation/>
120 |                                           </xsd:annotation>
121 |                                     </xsd:element>
122 |                                     <xsd:element name="version" minOccurs="0" maxOccurs="1">
123 |                                           <xsd:annotation>
124 |                                                 <xsd:documentation>The version of a package.</xsd:documentation>
125 |                                           </xsd:annotation>
126 |                                           <xsd:complexType>
127 |                                                 <xsd:simpleContent>
128 |                                                       <xsd:restriction base="oval-def:EntityStateAnySimpleType">
129 |                                                             <xsd:attribute name="datatype" use="optional" default="string">
130 |                                                                   <xsd:simpleType>
131 |                                                                         <xsd:restriction base="oval:SimpleDatatypeEnumeration">
132 |                                                                               <xsd:enumeration value="string"/>
133 |                                                                               <xsd:enumeration value="version"/>
134 |                                                                         </xsd:restriction>
135 |                                                                   </xsd:simpleType>
136 |                                                             </xsd:attribute>
137 |                                                       </xsd:restriction>
138 |                                                 </xsd:simpleContent>
139 |                                           </xsd:complexType>
140 |                                     </xsd:element>
141 |                                     <xsd:element name="vendor" type="oval-def:EntityStateStringType" minOccurs="0" maxOccurs="1">
142 |                                           <xsd:annotation>
143 |                                                 <xsd:documentation/>
144 |                                           </xsd:annotation>
145 |                                     </xsd:element>
146 |                                     <xsd:element name="description" type="oval-def:EntityStateStringType" minOccurs="0" maxOccurs="1">
147 |                                           <xsd:annotation>
148 |                                                 <xsd:documentation/>
149 |                                           </xsd:annotation>
150 |                                     </xsd:element>
151 |                               </xsd:sequence>
152 |                         </xsd:extension>
153 |                   </xsd:complexContent>
154 |             </xsd:complexType>
155 |       </xsd:element>
156 |       <!-- =============================================================================== -->
157 |       <!-- =============================================================================== -->
158 |       <!-- =============================================================================== -->
159 | </xsd:schema>
160 | 


--------------------------------------------------------------------------------
/schemas/freebsd-system-characteristics-schema.xsd:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema"
 3 |             xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5"
 4 |             xmlns:oval-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5"
 5 |             xmlns:freebsd-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#freebsd"
 6 |             xmlns:sch="http://purl.oclc.org/dsdl/schematron"
 7 |             targetNamespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#freebsd"
 8 |             elementFormDefault="qualified" version="5.11">
 9 |      <xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" schemaLocation="oval-system-characteristics-schema.xsd"/>
10 |      <xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-common-5" schemaLocation="oval-common-schema.xsd"/>
11 |      <xsd:annotation>
12 |           <xsd:documentation>The following is a description of the elements, types, and attributes that compose the FreeBSD specific system characteristic items found in Open Vulnerability and Assessment Language (OVAL). Each item is an extension of the standard test element defined in the Core Definition Schema. Through extension, each test inherits a set of elements and attributes that are shared amongst all OVAL tests. Each test is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core Definition Schema is not outlined here.</xsd:documentation>
13 |           <xsd:documentation>The OVAL Schema is maintained by the OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.cisecurity.org.</xsd:documentation>
14 |           <xsd:appinfo>
15 |                <schema>FreeBSD System Characteristics</schema>
16 |                <version>5.11.1:1.1</version>
17 |                <date>11/30/2016 09:00:00 AM</date>
18 |                 <terms_of_use>Copyright (c) 2016, Center for Internet Security. All rights reserved.  The contents of this file are subject to the terms of the OVAL License located at https://oval.cisecurity.org/terms. See the OVAL License for the specific language governing permissions and limitations for use of this schema.  When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
19 |                <sch:ns prefix="oval-sc" uri="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5"/>
20 |                <sch:ns prefix="freebsd-sc" uri="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#freebsd"/>
21 |               <sch:ns prefix="xsi" uri="http://www.w3.org/2001/XMLSchema-instance"/>
22 |           </xsd:appinfo>
23 |      </xsd:annotation>
24 |      <!-- =============================================================================== -->
25 |      <!-- ===============================  PACKAGE ITEM  ================================ -->
26 |      <!-- =============================================================================== -->
27 |      <xsd:element name="portinfo_item" substitutionGroup="oval-sc:item">
28 |           <xsd:annotation>
29 |                <xsd:documentation/>
30 |           </xsd:annotation>
31 |           <xsd:complexType>
32 |                <xsd:complexContent>
33 |                     <xsd:extension base="oval-sc:ItemType">
34 |                          <xsd:sequence>
35 |                               <xsd:element name="pkginst" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
36 |                                    <xsd:annotation>
37 |                                         <xsd:documentation/>
38 |                                    </xsd:annotation>
39 |                               </xsd:element>
40 |                               <xsd:element name="name" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
41 |                                    <xsd:annotation>
42 |                                         <xsd:documentation/>
43 |                                    </xsd:annotation>
44 |                               </xsd:element>
45 |                               <xsd:element name="category" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
46 |                                    <xsd:annotation>
47 |                                         <xsd:documentation/>
48 |                                    </xsd:annotation>
49 |                               </xsd:element>
50 |                               <xsd:element name="version" minOccurs="0" maxOccurs="1">
51 |                                    <xsd:annotation>
52 |                                         <xsd:documentation/>
53 |                                    </xsd:annotation>
54 |                                    <xsd:complexType>
55 |                                         <xsd:simpleContent>
56 |                                              <xsd:restriction base="oval-sc:EntityItemAnySimpleType">
57 |                                                   <xsd:attribute name="datatype" use="optional" default="string">
58 |                                                        <xsd:simpleType>
59 |                                                             <xsd:restriction base="oval:SimpleDatatypeEnumeration">
60 |                                                                  <xsd:enumeration value="string"/>
61 |                                                                  <xsd:enumeration value="version"/>
62 |                                                             </xsd:restriction>
63 |                                                        </xsd:simpleType>
64 |                                                   </xsd:attribute>
65 |                                              </xsd:restriction>
66 |                                         </xsd:simpleContent>
67 |                                    </xsd:complexType>                                                        
68 |                               </xsd:element>
69 |                               <xsd:element name="vendor" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
70 |                                    <xsd:annotation>
71 |                                         <xsd:documentation/>
72 |                                    </xsd:annotation>
73 |                               </xsd:element>
74 |                               <xsd:element name="description" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
75 |                                    <xsd:annotation>
76 |                                         <xsd:documentation/>
77 |                                    </xsd:annotation>
78 |                               </xsd:element>
79 |                          </xsd:sequence>
80 |                     </xsd:extension>
81 |                </xsd:complexContent>
82 |           </xsd:complexType>
83 |      </xsd:element>
84 | 
85 |      <!-- =============================================================================== -->
86 |      <!-- =============================================================================== -->
87 |      <!-- =============================================================================== -->
88 | </xsd:schema>
89 | 


--------------------------------------------------------------------------------
/schemas/netconf-definitions-schema.xsd:
--------------------------------------------------------------------------------
  1 | <?xml version="1.0" encoding="UTF-8"?>
  2 | <xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema"
  3 |             xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5"
  4 |             xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5"
  5 |             xmlns:netconf-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#netconf"
  6 |             xmlns:sch="http://purl.oclc.org/dsdl/schematron"
  7 |             targetNamespace="http://oval.mitre.org/XMLSchema/oval-definitions-5#netconf"
  8 |             elementFormDefault="qualified" version="5.11">
  9 |     <xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-definitions-5" schemaLocation="oval-definitions-schema.xsd"/>
 10 |     <xsd:annotation>
 11 |         <xsd:documentation>The following is a description of the elements, types, and attributes that compose the NETCONF (RFC 6241) protocol-specific tests found in Open Vulnerability and Assessment Language (OVAL). Each test is an extension of the standard test element defined in the Core Definition Schema. Through extension, each test inherits a set of elements and attributes that are shared amongst all OVAL tests. Each test is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core Definition Schema is not outlined here</xsd:documentation>
 12 |         <xsd:documentation>This schema was originally developed by David Solin at jOVAL.org. The OVAL Schema is maintained by the OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.cisecurity.org.</xsd:documentation>
 13 |         <xsd:appinfo>
 14 |             <schema>NETCONF Definitions</schema>
 15 |             <version>5.11.1:1.1</version>
 16 |             <date>11/30/2016 09:00:00 AM</date>
 17 |             <terms_of_use>Copyright (c) 2016, Center for Internet Security. All rights reserved.  The contents of this file are subject to the terms of the OVAL License located at https://oval.cisecurity.org/terms. See the OVAL License for the specific language governing permissions and limitations for use of this schema.  When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
 18 |             <sch:ns prefix="oval-def" uri="http://oval.mitre.org/XMLSchema/oval-definitions-5"/>
 19 |             <sch:ns prefix="netconf-def" uri="http://oval.mitre.org/XMLSchema/oval-definitions-5#netconf"/>
 20 |             <sch:ns prefix="xsi" uri="http://www.w3.org/2001/XMLSchema-instance"/>
 21 |         </xsd:appinfo>
 22 |     </xsd:annotation>
 23 |     <!-- ============================================================================ -->
 24 |     <!-- ================================  CONFIG TEST  ============================= -->
 25 |     <!-- ============================================================================ -->
 26 |     <xsd:element name="config_test" substitutionGroup="oval-def:test">
 27 |         <xsd:annotation>
 28 |             <xsd:documentation>The config_test is used to check the properties of the XML output from a GET-CONFIG command, for the running configuration. It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more information. The required object element references a config_object and the optional state element specifies the data to check.</xsd:documentation>
 29 |             <xsd:appinfo>
 30 |                 <oval:element_mapping>
 31 |                     <oval:test>config_test</oval:test>
 32 |                     <oval:object>config_object</oval:object>
 33 |                     <oval:state>config_state</oval:state>
 34 |                     <oval:item target_namespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#netconf">config_item</oval:item>
 35 |                 </oval:element_mapping>
 36 |             </xsd:appinfo>
 37 |             <xsd:appinfo>
 38 |                 <sch:pattern id="netconf-def_configtst">
 39 |                     <sch:rule context="netconf-def:config_test/netconf-def:object">
 40 |                         <sch:assert test="@object_ref=ancestor::oval-def:oval_definitions/oval-def:objects/netconf-def:config_object/@id"><sch:value-of select="../@id"/> - the object child element of a config_test must reference a config_object</sch:assert>
 41 |                     </sch:rule>
 42 |                     <sch:rule context="netconf-def:config_test/netconf-def:state">
 43 |                         <sch:assert test="@state_ref=ancestor::oval-def:oval_definitions/oval-def:states/netconf-def:config_state/@id"><sch:value-of select="../@id"/> - the state child element of a config_test must reference a config_state</sch:assert>
 44 |                     </sch:rule>
 45 |                 </sch:pattern>
 46 |             </xsd:appinfo>
 47 |         </xsd:annotation>
 48 |         <xsd:complexType>
 49 |             <xsd:complexContent>
 50 |                 <xsd:extension base="oval-def:TestType">
 51 |                     <xsd:sequence>
 52 |                         <xsd:element name="object" type="oval-def:ObjectRefType"/>
 53 |                         <xsd:element name="state" type="oval-def:StateRefType" minOccurs="0" maxOccurs="unbounded"/>
 54 |                     </xsd:sequence>
 55 |                 </xsd:extension>
 56 |             </xsd:complexContent>
 57 |         </xsd:complexType>
 58 |     </xsd:element>
 59 |     <xsd:element name="config_object" substitutionGroup="oval-def:object">
 60 |         <xsd:annotation>
 61 |             <xsd:documentation>The config_object element is used by a config_test to define the object to be evaluated. Each object extends the standard ObjectType as defined in the oval-definitions-schema and one should refer to the ObjectType description for more information. The common set element allows complex objects to be created using filters and set logic. Again, please refer to the description of the set element in the oval-definitions-schema.</xsd:documentation>
 62 |             <xsd:documentation>A config_object consists of an xpath entity that contains an XPATH 1.0 query to perform on the NETCONF get-config response XML data.  The response data is assumed to consist of a &lt;data&gt; entity in the urn:ietf:params:xml:ns:netconf:base:1.0 XML namespace, with arbitrary (i.e., vendor-specific) child nodes.</xsd:documentation>
 63 |             <xsd:appinfo>
 64 |                 <sch:pattern id="netconf-def_netconf_object_verify_filter_state">
 65 |                     <sch:rule context="netconf-def:netconf_object//oval-def:filter">
 66 |                         <sch:let name="parent_object" value="ancestor::netconf-def:config_object"/>
 67 |                         <sch:let name="parent_object_id" value="$parent_object/@id"/>
 68 |                         <sch:let name="state_ref" value="."/>
 69 |                         <sch:let name="reffed_state" value="ancestor::oval-def:oval_definitions/oval-def:states/*[@id=$state_ref]"/>
 70 |                         <sch:let name="state_name" value="local-name($reffed_state)"/>
 71 |                         <sch:let name="state_namespace" value="namespace-uri($reffed_state)"/>
 72 |                         <sch:assert test="(($state_namespace='http://oval.mitre.org/XMLSchema/oval-definitions-5#netconf') and ($state_name='config_state'))">State referenced in filter for <sch:value-of select="name($parent_object)"/> '<sch:value-of select="$parent_object_id"/>' is of the wrong type. </sch:assert>
 73 |                     </sch:rule>
 74 |                 </sch:pattern>
 75 |             </xsd:appinfo>
 76 |         </xsd:annotation>
 77 |         <xsd:complexType>
 78 |             <xsd:complexContent>
 79 |                 <xsd:extension base="oval-def:ObjectType">
 80 |                     <xsd:sequence>
 81 |                         <xsd:choice>
 82 |                             <xsd:element ref="oval-def:set"/>
 83 |                             <xsd:sequence>
 84 |                                 <xsd:element name="xpath" type="oval-def:EntityObjectStringType">
 85 |                                     <xsd:annotation>
 86 |                                         <xsd:documentation>Specifies an Xpath expression describing the text node(s) or attribute(s) to look at. Any valid Xpath 1.0 statement is usable with one exception, at most one field may be identified in the Xpath. This is because the value_of element in the data section is only designed to work against a single field. The only valid operator for xpath is equals since there is an infinite number of possible xpaths and determinining all those that do not equal a given xpath would be impossible.</xsd:documentation>
 87 |                                         <xsd:appinfo>
 88 |                                             <sch:pattern id="netconf-def_xmlobjxpath">
 89 |                                                 <sch:rule context="netconf-def:config_object/netconf-def:xpath">
 90 |                                                     <sch:assert test="not(@operation) or @operation='equals'"><sch:value-of select="../@id"/> - operation attribute for the xpath entity of a config_object should be 'equals', note that this overrules the general operation attribute validation (i.e. follow this one)</sch:assert>
 91 |                                                 </sch:rule>
 92 |                                             </sch:pattern>
 93 |                                         </xsd:appinfo>
 94 |                                     </xsd:annotation>
 95 |                                 </xsd:element>
 96 |                                 <xsd:element ref="oval-def:filter" minOccurs="0" maxOccurs="unbounded"/>
 97 |                             </xsd:sequence>
 98 |                         </xsd:choice>
 99 |                     </xsd:sequence>
100 |                 </xsd:extension>
101 |             </xsd:complexContent>
102 |         </xsd:complexType>
103 |     </xsd:element>
104 |     <xsd:element name="config_state" substitutionGroup="oval-def:state">
105 |         <xsd:annotation>
106 |             <xsd:documentation>The config_state element defines the different information that can be used to evaluate the result of a specific config xpath evaluation. This includes the xpath used and the value of this xpath.</xsd:documentation>
107 |         </xsd:annotation>
108 |         <xsd:complexType>
109 |             <xsd:complexContent>
110 |                 <xsd:extension base="oval-def:StateType">
111 |                     <xsd:sequence>
112 |                         <xsd:element name="xpath" type="oval-def:EntityStateStringType" minOccurs="0" maxOccurs="1">
113 |                             <xsd:annotation>
114 |                                 <xsd:documentation>Specifies an Xpath expression describing the text node(s) or attribute(s) to look at.</xsd:documentation>
115 |                             </xsd:annotation>
116 |                         </xsd:element>
117 |                         <xsd:element name="value_of" type="oval-def:EntityStateAnySimpleType" minOccurs="0" maxOccurs="1">
118 |                             <xsd:annotation>
119 |                                 <xsd:documentation>The value_of element checks the value(s) of the text node(s) or attribute(s) found.</xsd:documentation>
120 |                             </xsd:annotation>
121 |                         </xsd:element>
122 |                     </xsd:sequence>
123 |                 </xsd:extension>
124 |             </xsd:complexContent>
125 |         </xsd:complexType>
126 |     </xsd:element>
127 | </xsd:schema>
128 | 


--------------------------------------------------------------------------------
/schemas/netconf-system-characteristics-schema.xsd:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="UTF-8"?>
 2 | <xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema"
 3 |             xmlns:oval-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5"
 4 |             xmlns:netconf-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#netconf"
 5 |             xmlns:sch="http://purl.oclc.org/dsdl/schematron"
 6 |             targetNamespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#netconf"
 7 |             elementFormDefault="qualified" version="5.11">
 8 |     <xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" schemaLocation="oval-system-characteristics-schema.xsd"/>
 9 |     <xsd:annotation>
10 |         <xsd:documentation>This document outlines the items of the OVAL System Characteristics XML schema that are composed of NETCONF (RFC 6241) protocol-specific tests. Each item is an extention of a basic System Characteristics item defined in the core System Characteristics XML schema.</xsd:documentation>
11 |         <xsd:documentation>This schema was originally developed by David Solin at jOVAL.org. The OVAL Schema is maintained by the OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.cisecurity.org.</xsd:documentation>
12 |         <xsd:appinfo>
13 |             <schema>NETCONF System Characteristics</schema>
14 |             <version>5.11.1:1.1</version>
15 |             <date>11/30/2016 09:00:00 AM</date>
16 |             <terms_of_use>Copyright (c) 2016, Center for Internet Security. All rights reserved.  The contents of this file are subject to the terms of the OVAL License located at https://oval.cisecurity.org/terms. See the OVAL License for the specific language governing permissions and limitations for use of this schema.  When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
17 |             <sch:ns prefix="oval-sc" uri="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5"/>
18 |             <sch:ns prefix="netconf-sc" uri="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#netconf"/>
19 |             <sch:ns prefix="xsi" uri="http://www.w3.org/2001/XMLSchema-instance"/>
20 |         </xsd:appinfo>
21 |     </xsd:annotation>
22 |     <!-- =============================================================================== -->
23 |     <!-- ============================  CONFIG CONTENT ITEM  ============================ -->
24 |     <!-- =============================================================================== -->
25 |     <xsd:element name="config_item" substitutionGroup="oval-sc:item">
26 |         <xsd:annotation>
27 |             <xsd:documentation>This item stores results from checking the contents of an xml configuration.</xsd:documentation>
28 |         </xsd:annotation>
29 |         <xsd:complexType>
30 |             <xsd:complexContent>
31 |                 <xsd:extension base="oval-sc:ItemType">
32 |                     <xsd:sequence>
33 |                         <xsd:element name="xpath" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
34 |                             <xsd:annotation>
35 |                                 <xsd:documentation>Specifies an Xpath expression describing the text node(s) or attribute(s) to look at.</xsd:documentation>
36 |                             </xsd:annotation>
37 |                         </xsd:element>
38 |                         <xsd:element name="value_of" type="oval-sc:EntityItemAnySimpleType" minOccurs="0" maxOccurs="unbounded">
39 |                             <xsd:annotation>
40 |                                 <xsd:documentation>The value_of element checks the value(s) of the text node(s) or attribute(s) found. How this is used is entirely controlled by operator attributes.</xsd:documentation>
41 |                             </xsd:annotation>
42 |                         </xsd:element>
43 |                     </xsd:sequence>
44 |                 </xsd:extension>
45 |             </xsd:complexContent>
46 |         </xsd:complexType>
47 |     </xsd:element>
48 | </xsd:schema>
49 | 


--------------------------------------------------------------------------------
/schemas/oval-directives-schema.xsd:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema"
 3 |             xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5"
 4 |             xmlns:oval-res="http://oval.mitre.org/XMLSchema/oval-results-5"
 5 |             xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
 6 |             xmlns:sch="http://purl.oclc.org/dsdl/schematron"
 7 |             xmlns:oval-dir="http://oval.mitre.org/XMLSchema/oval-directives-5"
 8 |             targetNamespace="http://oval.mitre.org/XMLSchema/oval-directives-5"
 9 |             elementFormDefault="qualified" version="5.11">
10 |      <xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-common-5" schemaLocation="oval-common-schema.xsd"/>
11 |      <xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-results-5" schemaLocation="oval-results-schema.xsd"/>
12 |      <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/>
13 |      <xsd:annotation>
14 |           <xsd:documentation>The following is a description of the elements, types, and attributes that compose the core schema for encoding Open Vulnerability and Assessment Language (OVAL) Directives. Each of the elements, types, and attributes that make up the Core Directives Schema are described in detail and should provide the information necessary to understand what each object represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between these objects is not outlined here.</xsd:documentation>
15 |           <xsd:documentation>The OVAL Schema is maintained by The MITRE Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.</xsd:documentation>
16 |           <xsd:appinfo>
17 |                <schema>Core Directives</schema>
18 |                <version>5.11.2</version>
19 |                <date>11/30/2016 09:00:00 AM</date>
20 |                <terms_of_use>Copyright (c) 2016, Center for Internet Security. All rights reserved.  The contents of this file are subject to the terms of the OVAL License located at https://oval.cisecurity.org/terms. See the OVAL License for the specific language governing permissions and limitations for use of this schema.  When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
21 |                <sch:ns prefix="oval-dir" uri="http://oval.mitre.org/XMLSchema/oval-directives-5"/>
22 |           </xsd:appinfo>
23 |      </xsd:annotation>
24 |      <!-- =============================================================================== -->
25 |      <!-- =============================================================================== -->
26 |      <!-- =============================================================================== -->
27 |      <xsd:element name="oval_directives">
28 |           <xsd:annotation>
29 |                <xsd:documentation>The oval_directives element is the root of an OVAL Directive Document. Its purpose is to bind together the generator and the set of directives contained in the document. The generator section must be present and provides information about when the directives document was compiled and under what version. The optional Signature element allows an XML Signature as defined by the W3C to be attached to the document. This allows authentication and data integrity to be provided to the user. Enveloped signatures are supported. More information about the official W3C Recommendation regarding XML digital signatures can be found at http://www.w3.org/TR/xmldsig-core/.</xsd:documentation>
30 |           </xsd:annotation>
31 |           <xsd:complexType>
32 |                <xsd:sequence>
33 |                     <xsd:element name="generator" type="oval:GeneratorType">
34 |                          <xsd:annotation>
35 |                               <xsd:documentation>The required generator section provides information about when the directives document was compiled and under what version.</xsd:documentation>
36 |                          </xsd:annotation>
37 |                     </xsd:element>
38 |                     <xsd:element name="directives" type="oval-res:DefaultDirectivesType">
39 |                          <xsd:annotation>
40 |                               <xsd:documentation>The required directives section presents flags describing what information must be been included in an oval results document. This element represents the default set of directives. These directives apply to all classes of definitions for which there is not a class specific set of directives.</xsd:documentation>
41 |                          </xsd:annotation>
42 |                     </xsd:element>
43 |                     <xsd:element name="class_directives" type="oval-res:ClassDirectivesType" minOccurs="0" maxOccurs="5">
44 |                          <xsd:annotation>
45 |                               <xsd:documentation>The optional class_directives section presents flags describing what information has been included in the results document for a specific OVAL Definition class. The directives for a particlar class override the default directives.</xsd:documentation>
46 |                          </xsd:annotation>
47 |                     </xsd:element>                         
48 |                     <xsd:element ref="ds:Signature" minOccurs="0" maxOccurs="1">
49 |                          <xsd:annotation>
50 |                               <xsd:documentation>The optional Signature element allows an XML Signature as defined by the W3C to be attached to the document. This allows authentication and data integrity to be provided to the user. Enveloped signatures are supported. More information about the official W3C Recommendation regarding XML digital signatures can be found at http://www.w3.org/TR/xmldsig-core/.</xsd:documentation>
51 |                          </xsd:annotation>
52 |                     </xsd:element>
53 |                </xsd:sequence>
54 |           </xsd:complexType>
55 |           <xsd:unique name="UniqueDirectiveClass">
56 |                <xsd:annotation>
57 |                     <xsd:documentation>The class attribute on class_directives must be unique.</xsd:documentation>
58 |                </xsd:annotation>
59 |                <xsd:selector xpath="oval-dir:class_directives"/>
60 |                <xsd:field xpath="@class"/>
61 |           </xsd:unique>
62 |      </xsd:element>
63 |      
64 |      <!-- =============================================================================== -->
65 |      <!-- =================================  GENERATOR  ================================= -->
66 |      <!-- =============================================================================== -->
67 |      <!--
68 |           The GeneratorType is defined by the oval-common-schema.  Please refer to
69 |           that documentation for a description of the complex type.
70 |      -->
71 |      <!-- =============================================================================== -->
72 |      <!-- ================================  DIRECTIVES  ================================= -->
73 |      <!-- =============================================================================== -->
74 |      <!--
75 |           The DefaultDirectivesType is defined by the oval-results-schema.  Please refer to
76 |           that documentation for a description of the complex type.
77 |      -->
78 |      <!-- =============================================================================== -->
79 |      <!-- ================================  DIRECTIVES  ================================= -->
80 |      <!-- =============================================================================== -->
81 |      <!--
82 |           The ClassDirectivesType is defined by the oval-results-schema.  Please refer to
83 |           that documentation for a description of the complex type.
84 |      -->
85 | </xsd:schema>
86 | 


--------------------------------------------------------------------------------
/schemas/oval-variables-schema.xsd:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema"
 3 |             xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5"
 4 |             xmlns:oval-var="http://oval.mitre.org/XMLSchema/oval-variables-5"
 5 |             xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
 6 |             xmlns:sch="http://purl.oclc.org/dsdl/schematron"
 7 |             targetNamespace="http://oval.mitre.org/XMLSchema/oval-variables-5"
 8 |             elementFormDefault="qualified" version="5.11">
 9 |      <xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-common-5" schemaLocation="oval-common-schema.xsd"/>
10 |      <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/>
11 |      <xsd:annotation>
12 |           <xsd:documentation/>
13 |           <xsd:documentation>The following is a description of the elements, types, and attributes that compose the core schema for encoding Open Vulnerability and Assessment Language (OVAL) Variables. This schema is provided to give structure to any external variables and their values that an OVAL Definition is expecting.</xsd:documentation>
14 |           <xsd:documentation>The OVAL Schema is maintained by The MITRE Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.</xsd:documentation>
15 |           <xsd:appinfo>
16 |                <schema>Core Variable</schema>
17 |                <version>5.11.2</version>
18 |                <date>11/30/2016 09:00:00 AM</date>
19 |                <terms_of_use>Copyright (c) 2016, Center for Internet Security. All rights reserved.  The contents of this file are subject to the terms of the OVAL License located at https://oval.cisecurity.org/terms. See the OVAL License for the specific language governing permissions and limitations for use of this schema.  When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
20 |               <sch:ns prefix="oval-var" uri="http://oval.mitre.org/XMLSchema/oval-variables-5"/>
21 |           </xsd:appinfo>
22 |      </xsd:annotation>
23 |      <!-- =============================================================================== -->
24 |      <!-- =============================================================================== -->
25 |      <!-- =============================================================================== -->
26 |      <xsd:element name="oval_variables">
27 |           <xsd:annotation>
28 |                <xsd:documentation>The oval_variables element is the root of an OVAL Variable Document. Its purpose is to bind together the different variables contained in the document. The generator section must be present and provides information about when the variable file was compiled and under what version. The optional Signature element allows an XML Signature as defined by the W3C to be attached to the document. This allows authentication and data integrity to be provided to the user. Enveloped signatures are supported. More information about the official W3C Recommendation regarding XML digital signatures can be found at http://www.w3.org/TR/xmldsig-core/.</xsd:documentation>
29 |           </xsd:annotation>
30 |           <xsd:complexType>
31 |                <xsd:sequence>
32 |                     <xsd:element name="generator" type="oval:GeneratorType" />
33 |                     <xsd:element name="variables" type="oval-var:VariablesType" minOccurs="0" maxOccurs="1"/>
34 |                     <xsd:element ref="ds:Signature" minOccurs="0" maxOccurs="1"/>
35 |                </xsd:sequence>
36 |           </xsd:complexType>
37 |           <xsd:key name="varKey">
38 |                <xsd:annotation>
39 |                     <xsd:documentation>Enforce uniqueness amongst the variable ids found in the variable document.</xsd:documentation>
40 |                </xsd:annotation>
41 |                <xsd:selector xpath=".//oval-var:variable"/>
42 |                <xsd:field xpath="@id"/>
43 |           </xsd:key>
44 |      </xsd:element>
45 |      <!-- =============================================================================== -->
46 |      <!-- =================================  GENERATOR  ================================= -->
47 |      <!-- =============================================================================== -->
48 |      <!--
49 | 		The GeneratorType is defined by the oval common schema.  Please refer to
50 | 		that documentation for a description of the complex type.
51 | 	-->
52 |      <!-- =============================================================================== -->
53 |      <!-- ================================  DEFINITIONS  ================================ -->
54 |      <!-- =============================================================================== -->
55 |      <xsd:complexType name="VariablesType">
56 |           <xsd:annotation>
57 |                <xsd:documentation>The VariablesType complex type is a container for one or more variable elements. Each variable element holds the value of an external variable used in an OVAL Definition. Please refer to the description of the VariableType for more information about an individual variable.</xsd:documentation>
58 |           </xsd:annotation>
59 |           <xsd:sequence>
60 |                <xsd:element name="variable" type="oval-var:VariableType" minOccurs="1" maxOccurs="unbounded"/>
61 |           </xsd:sequence>
62 |      </xsd:complexType>
63 |      <xsd:complexType name="VariableType">
64 |           <xsd:annotation>
65 |                <xsd:documentation>Each variable element contains the associated datatype and value which will be substituted into the OVAL Definition that is referencing this specific variable.</xsd:documentation>
66 |                <xsd:documentation>The notes section of a variable should be used to hold information that might be helpful to someone examining the technical aspects of the variable. Please refer to the description of the NotesType complex type for more information about the notes element.</xsd:documentation>
67 |           </xsd:annotation>
68 |           <xsd:sequence>
69 |                <xsd:element name="value" type="xsd:anySimpleType" minOccurs="1" maxOccurs="unbounded"/>
70 |                <xsd:element name="notes" type="oval:NotesType" minOccurs="0" maxOccurs="1"/>
71 |           </xsd:sequence>
72 |           <xsd:attribute name="id" type="oval:VariableIDPattern" use="required"/>
73 |           <xsd:attribute name="datatype" use="required" type="oval:SimpleDatatypeEnumeration">
74 |                <xsd:annotation>
75 |                     <xsd:documentation>Note that the 'record' datatype is not permitted on variables.</xsd:documentation>
76 |                </xsd:annotation>
77 |           </xsd:attribute>
78 |           <xsd:attribute name="instance" type="xsd:nonNegativeInteger" default="1">
79 |                <xsd:annotation>
80 |                     <xsd:documentation>Use to specify multiple variable instances.</xsd:documentation>
81 |                </xsd:annotation>
82 |           </xsd:attribute>
83 |           <xsd:attribute name="comment" type="xsd:string" use="required"/>
84 |      </xsd:complexType>
85 |      <!-- =============================================================================== -->
86 |      <!-- =================================  SIGNATURE  ================================= -->
87 |      <!-- =============================================================================== -->
88 |      <!--
89 | 		The signature element is defined by the xmldsig schema.  Please refer to that
90 | 		documentation for a description of the valid elements and types.  More
91 | 		information about the official W3C Recommendation regarding XML digital
92 | 		signatures can be found at http://www.w3.org/TR/xmldsig-core/.
93 | 	-->
94 |      <!-- =============================================================================== -->
95 |      <!-- =============================================================================== -->
96 |      <!-- =============================================================================== -->
97 | </xsd:schema>
98 | 


--------------------------------------------------------------------------------
/schemas/pixos-system-characteristics-schema.xsd:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema"
 3 |             xmlns:oval-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5"
 4 |             xmlns:pixos-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#pixos"
 5 |             xmlns:sch="http://purl.oclc.org/dsdl/schematron"
 6 |             targetNamespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#pixos"
 7 |             elementFormDefault="qualified" version="5.11">
 8 |      <xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" schemaLocation="oval-system-characteristics-schema.xsd"/>
 9 |      <xsd:annotation>
10 |           <xsd:documentation>The following is a description of the elements, types, and attributes that compose the Cisco PIX (Private Internet Exchange)  specific system characteristic items found in Open Vulnerability and Assessment Language (OVAL). Each item is an extension of the standard test element defined in the Core Definition Schema. Through extension, each test inherits a set of elements and attributes that are shared amongst all OVAL tests. Each test is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core Definition Schema is not outlined here.</xsd:documentation>
11 |           <xsd:documentation>This schema was originally developed by Yuzheng Zhou and Eric Grey at Hewlett-Packard. The OVAL Schema is maintained by the OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.cisecurity.org.</xsd:documentation>
12 |           <xsd:appinfo>
13 |                <schema>PixOS System Characteristics</schema>
14 |                <version>5.11.1:1.1</version>
15 |                <date>11/30/2016 09:00:00 AM</date>
16 |                 <terms_of_use>Copyright (c) 2016, Center for Internet Security. All rights reserved.  The contents of this file are subject to the terms of the OVAL License located at https://oval.cisecurity.org/terms. See the OVAL License for the specific language governing permissions and limitations for use of this schema.  When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
17 |                <sch:ns prefix="oval-sc" uri="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5"/>
18 |                <sch:ns prefix="pixos-sc" uri="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#pixos"/>
19 |               <sch:ns prefix="xsi" uri="http://www.w3.org/2001/XMLSchema-instance"/>
20 |           </xsd:appinfo>
21 |      </xsd:annotation>
22 |     <!-- =============================================================================== -->
23 |      <!-- ============================  PIX LINE ITEM  ================================== -->
24 |      <!-- =============================================================================== -->
25 |      <xsd:element name="line_item" substitutionGroup="oval-sc:item">
26 |           <xsd:annotation>
27 |                <xsd:documentation>Stores the properties of specific lines in the PIX config file.</xsd:documentation>
28 |           </xsd:annotation>
29 |           <xsd:complexType>
30 |                <xsd:complexContent>
31 |                     <xsd:extension base="oval-sc:ItemType">
32 |                          <xsd:sequence>
33 |                               <xsd:element name="show_subcommand" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
34 |                                    <xsd:annotation>
35 |                                         <xsd:documentation>The name of the SHOW sub-command.</xsd:documentation>
36 |                                    </xsd:annotation>
37 |                               </xsd:element>
38 |                               <xsd:element name="config_line" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
39 |                                    <xsd:annotation>
40 |                                         <xsd:documentation>The value returned from by the specified SHOW sub-command.</xsd:documentation>
41 |                                    </xsd:annotation>
42 |                               </xsd:element>
43 |                          </xsd:sequence>
44 |                     </xsd:extension>
45 |                </xsd:complexContent>
46 |           </xsd:complexType>
47 |      </xsd:element>
48 |      <!-- =============================================================================== -->
49 |      <!-- ============================  PIX VERSION ITEM  ================================== -->
50 |      <!-- =============================================================================== -->
51 |      <xsd:element name="version_item" substitutionGroup="oval-sc:item">
52 |           <xsd:annotation>
53 |                <xsd:documentation>Stores results from SHOW VERSION command.</xsd:documentation>
54 |           </xsd:annotation>
55 |           <xsd:complexType>
56 |                <xsd:complexContent>
57 |                     <xsd:extension base="oval-sc:ItemType">
58 |                          <xsd:sequence>
59 |                               <xsd:element name="pix_release" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
60 |                                    <xsd:annotation>
61 |                                         <xsd:documentation/>
62 |                                    </xsd:annotation>
63 |                               </xsd:element>
64 |                               <xsd:element name="pix_major_release" type="oval-sc:EntityItemVersionType" minOccurs="0" maxOccurs="1">
65 |                                    <xsd:annotation>
66 |                                         <xsd:documentation/>
67 |                                    </xsd:annotation>
68 |                               </xsd:element>
69 |                               <xsd:element name="pix_minor_release" type="oval-sc:EntityItemVersionType" minOccurs="0" maxOccurs="1">
70 |                                    <xsd:annotation>
71 |                                         <xsd:documentation/>
72 |                                    </xsd:annotation>
73 |                               </xsd:element>
74 |                               <xsd:element name="pix_build" type="oval-sc:EntityItemIntType" minOccurs="0" maxOccurs="1">
75 |                                    <xsd:annotation>
76 |                                         <xsd:documentation/>
77 |                                    </xsd:annotation>
78 |                               </xsd:element>
79 |                          </xsd:sequence>
80 |                     </xsd:extension>
81 |                </xsd:complexContent>
82 |           </xsd:complexType>
83 |      </xsd:element>
84 |       <!-- =============================================================================== -->
85 |       <!-- =============================================================================== -->
86 |       <!-- =============================================================================== -->
87 | </xsd:schema>
88 | 


--------------------------------------------------------------------------------
/schemas/xmldsig-core-schema.xsd:
--------------------------------------------------------------------------------
  1 | <?xml version="1.0" encoding="utf-8"?>
  2 | 
  3 | <!-- Schema for XML Signatures
  4 |     http://www.w3.org/2000/09/xmldsig#
  5 |     $Revision: 1777 $ on $Date: 2005-11-03 11:33:41 -0500 (Thu, 03 Nov 2005) $ by $Author: abuttner $
  6 | 
  7 |     Copyright 2001 The Internet Society and W3C (Massachusetts Institute
  8 |     of Technology, Institut National de Recherche en Informatique et en
  9 |     Automatique, Keio University). All Rights Reserved.
 10 |     http://www.w3.org/Consortium/Legal/
 11 | 
 12 |     This document is governed by the W3C Software License [1] as described
 13 |     in the FAQ [2].
 14 | 
 15 |     [1] http://www.w3.org/Consortium/Legal/copyright-software-19980720
 16 |     [2] http://www.w3.org/Consortium/Legal/IPR-FAQ-20000620.html#DTD
 17 | -->
 18 | 
 19 | 
 20 | <schema xmlns="http://www.w3.org/2001/XMLSchema"
 21 |         xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
 22 |         targetNamespace="http://www.w3.org/2000/09/xmldsig#"
 23 |         version="0.1" elementFormDefault="qualified"> 
 24 | 
 25 | <!-- Basic Types Defined for Signatures -->
 26 | 
 27 | <simpleType name="CryptoBinary">
 28 |   <restriction base="base64Binary">
 29 |   </restriction>
 30 | </simpleType>
 31 | 
 32 | <!-- Start Signature -->
 33 | 
 34 | <element name="Signature" type="ds:SignatureType"/>
 35 | <complexType name="SignatureType">
 36 |   <sequence> 
 37 |     <element ref="ds:SignedInfo"/> 
 38 |     <element ref="ds:SignatureValue"/> 
 39 |     <element ref="ds:KeyInfo" minOccurs="0"/> 
 40 |     <element ref="ds:Object" minOccurs="0" maxOccurs="unbounded"/> 
 41 |   </sequence>  
 42 |   <attribute name="Id" type="ID" use="optional"/>
 43 | </complexType>
 44 | 
 45 |   <element name="SignatureValue" type="ds:SignatureValueType"/> 
 46 |   <complexType name="SignatureValueType">
 47 |     <simpleContent>
 48 |       <extension base="base64Binary">
 49 |         <attribute name="Id" type="ID" use="optional"/>
 50 |       </extension>
 51 |     </simpleContent>
 52 |   </complexType>
 53 | 
 54 | <!-- Start SignedInfo -->
 55 | 
 56 | <element name="SignedInfo" type="ds:SignedInfoType"/>
 57 | <complexType name="SignedInfoType">
 58 |   <sequence> 
 59 |     <element ref="ds:CanonicalizationMethod"/> 
 60 |     <element ref="ds:SignatureMethod"/> 
 61 |     <element ref="ds:Reference" maxOccurs="unbounded"/> 
 62 |   </sequence>  
 63 |   <attribute name="Id" type="ID" use="optional"/> 
 64 | </complexType>
 65 | 
 66 |   <element name="CanonicalizationMethod" type="ds:CanonicalizationMethodType"/> 
 67 |   <complexType name="CanonicalizationMethodType" mixed="true">
 68 |     <sequence>
 69 |       <any namespace="##any" minOccurs="0" maxOccurs="unbounded"/>
 70 |       <!-- (0,unbounded) elements from (1,1) namespace -->
 71 |     </sequence>
 72 |     <attribute name="Algorithm" type="anyURI" use="required"/> 
 73 |   </complexType>
 74 | 
 75 |   <element name="SignatureMethod" type="ds:SignatureMethodType"/>
 76 |   <complexType name="SignatureMethodType" mixed="true">
 77 |     <sequence>
 78 |       <element name="HMACOutputLength" minOccurs="0" type="ds:HMACOutputLengthType"/>
 79 |       <any namespace="##other" minOccurs="0" maxOccurs="unbounded"/>
 80 |       <!-- (0,unbounded) elements from (1,1) external namespace -->
 81 |     </sequence>
 82 |     <attribute name="Algorithm" type="anyURI" use="required"/> 
 83 |   </complexType>
 84 | 
 85 | <!-- Start Reference -->
 86 | 
 87 | <element name="Reference" type="ds:ReferenceType"/>
 88 | <complexType name="ReferenceType">
 89 |   <sequence> 
 90 |     <element ref="ds:Transforms" minOccurs="0"/> 
 91 |     <element ref="ds:DigestMethod"/> 
 92 |     <element ref="ds:DigestValue"/> 
 93 |   </sequence>
 94 |   <attribute name="Id" type="ID" use="optional"/> 
 95 |   <attribute name="URI" type="anyURI" use="optional"/> 
 96 |   <attribute name="Type" type="anyURI" use="optional"/> 
 97 | </complexType>
 98 | 
 99 |   <element name="Transforms" type="ds:TransformsType"/>
100 |   <complexType name="TransformsType">
101 |     <sequence>
102 |       <element ref="ds:Transform" maxOccurs="unbounded"/>  
103 |     </sequence>
104 |   </complexType>
105 | 
106 |   <element name="Transform" type="ds:TransformType"/>
107 |   <complexType name="TransformType" mixed="true">
108 |     <choice minOccurs="0" maxOccurs="unbounded"> 
109 |       <any namespace="##other" processContents="lax"/>
110 |       <!-- (1,1) elements from (0,unbounded) namespaces -->
111 |       <element name="XPath" type="string"/> 
112 |     </choice>
113 |     <attribute name="Algorithm" type="anyURI" use="required"/> 
114 |   </complexType>
115 | 
116 | <!-- End Reference -->
117 | 
118 | <element name="DigestMethod" type="ds:DigestMethodType"/>
119 | <complexType name="DigestMethodType" mixed="true"> 
120 |   <sequence>
121 |     <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
122 |   </sequence>    
123 |   <attribute name="Algorithm" type="anyURI" use="required"/> 
124 | </complexType>
125 | 
126 | <element name="DigestValue" type="ds:DigestValueType"/>
127 | <simpleType name="DigestValueType">
128 |   <restriction base="base64Binary"/>
129 | </simpleType>
130 | 
131 | <!-- End SignedInfo -->
132 | 
133 | <!-- Start KeyInfo -->
134 | 
135 | <element name="KeyInfo" type="ds:KeyInfoType"/> 
136 | <complexType name="KeyInfoType" mixed="true">
137 |   <choice maxOccurs="unbounded">     
138 |     <element ref="ds:KeyName"/> 
139 |     <element ref="ds:KeyValue"/> 
140 |     <element ref="ds:RetrievalMethod"/> 
141 |     <element ref="ds:X509Data"/> 
142 |     <element ref="ds:PGPData"/> 
143 |     <element ref="ds:SPKIData"/>
144 |     <element ref="ds:MgmtData"/>
145 |     <any processContents="lax" namespace="##other"/>
146 |     <!-- (1,1) elements from (0,unbounded) namespaces -->
147 |   </choice>
148 |   <attribute name="Id" type="ID" use="optional"/> 
149 | </complexType>
150 | 
151 |   <element name="KeyName" type="string"/>
152 |   <element name="MgmtData" type="string"/>
153 | 
154 |   <element name="KeyValue" type="ds:KeyValueType"/> 
155 |   <complexType name="KeyValueType" mixed="true">
156 |    <choice>
157 |      <element ref="ds:DSAKeyValue"/>
158 |      <element ref="ds:RSAKeyValue"/>
159 |      <any namespace="##other" processContents="lax"/>
160 |    </choice>
161 |   </complexType>
162 | 
163 |   <element name="RetrievalMethod" type="ds:RetrievalMethodType"/> 
164 |   <complexType name="RetrievalMethodType">
165 |     <sequence>
166 |       <element ref="ds:Transforms" minOccurs="0"/> 
167 |     </sequence>  
168 |     <attribute name="URI" type="anyURI"/>
169 |     <attribute name="Type" type="anyURI" use="optional"/>
170 |   </complexType>
171 | 
172 | <!-- Start X509Data -->
173 | 
174 | <element name="X509Data" type="ds:X509DataType"/> 
175 | <complexType name="X509DataType">
176 |   <sequence maxOccurs="unbounded">
177 |     <choice>
178 |       <element name="X509IssuerSerial" type="ds:X509IssuerSerialType"/>
179 |       <element name="X509SKI" type="base64Binary"/>
180 |       <element name="X509SubjectName" type="string"/>
181 |       <element name="X509Certificate" type="base64Binary"/>
182 |       <element name="X509CRL" type="base64Binary"/>
183 |       <any namespace="##other" processContents="lax"/>
184 |     </choice>
185 |   </sequence>
186 | </complexType>
187 | 
188 | <complexType name="X509IssuerSerialType"> 
189 |   <sequence> 
190 |     <element name="X509IssuerName" type="string"/> 
191 |     <element name="X509SerialNumber" type="integer"/> 
192 |   </sequence>
193 | </complexType>
194 | 
195 | <!-- End X509Data -->
196 | 
197 | <!-- Begin PGPData -->
198 | 
199 | <element name="PGPData" type="ds:PGPDataType"/> 
200 | <complexType name="PGPDataType"> 
201 |   <choice>
202 |     <sequence>
203 |       <element name="PGPKeyID" type="base64Binary"/> 
204 |       <element name="PGPKeyPacket" type="base64Binary" minOccurs="0"/> 
205 |       <any namespace="##other" processContents="lax" minOccurs="0"
206 |        maxOccurs="unbounded"/>
207 |     </sequence>
208 |     <sequence>
209 |       <element name="PGPKeyPacket" type="base64Binary"/> 
210 |       <any namespace="##other" processContents="lax" minOccurs="0"
211 |        maxOccurs="unbounded"/>
212 |     </sequence>
213 |   </choice>
214 | </complexType>
215 | 
216 | <!-- End PGPData -->
217 | 
218 | <!-- Begin SPKIData -->
219 | 
220 | <element name="SPKIData" type="ds:SPKIDataType"/> 
221 | <complexType name="SPKIDataType">
222 |   <sequence maxOccurs="unbounded">
223 |     <element name="SPKISexp" type="base64Binary"/>
224 |     <any namespace="##other" processContents="lax" minOccurs="0"/>
225 |   </sequence>
226 | </complexType> 
227 | 
228 | <!-- End SPKIData -->
229 | 
230 | <!-- End KeyInfo -->
231 | 
232 | <!-- Start Object (Manifest, SignatureProperty) -->
233 | 
234 | <element name="Object" type="ds:ObjectType"/> 
235 | <complexType name="ObjectType" mixed="true">
236 |   <sequence minOccurs="0" maxOccurs="unbounded">
237 |     <any namespace="##any" processContents="lax"/>
238 |   </sequence>
239 |   <attribute name="Id" type="ID" use="optional"/> 
240 |   <attribute name="MimeType" type="string" use="optional"/> <!-- add a grep facet -->
241 |   <attribute name="Encoding" type="anyURI" use="optional"/> 
242 | </complexType>
243 | 
244 | <element name="Manifest" type="ds:ManifestType"/> 
245 | <complexType name="ManifestType">
246 |   <sequence>
247 |     <element ref="ds:Reference" maxOccurs="unbounded"/> 
248 |   </sequence>
249 |   <attribute name="Id" type="ID" use="optional"/> 
250 | </complexType>
251 | 
252 | <element name="SignatureProperties" type="ds:SignaturePropertiesType"/> 
253 | <complexType name="SignaturePropertiesType">
254 |   <sequence>
255 |     <element ref="ds:SignatureProperty" maxOccurs="unbounded"/> 
256 |   </sequence>
257 |   <attribute name="Id" type="ID" use="optional"/> 
258 | </complexType>
259 | 
260 |    <element name="SignatureProperty" type="ds:SignaturePropertyType"/> 
261 |    <complexType name="SignaturePropertyType" mixed="true">
262 |      <choice maxOccurs="unbounded">
263 |        <any namespace="##other" processContents="lax"/>
264 |        <!-- (1,1) elements from (1,unbounded) namespaces -->
265 |      </choice>
266 |      <attribute name="Target" type="anyURI" use="required"/> 
267 |      <attribute name="Id" type="ID" use="optional"/> 
268 |    </complexType>
269 | 
270 | <!-- End Object (Manifest, SignatureProperty) -->
271 | 
272 | <!-- Start Algorithm Parameters -->
273 | 
274 | <simpleType name="HMACOutputLengthType">
275 |   <restriction base="integer"/>
276 | </simpleType>
277 | 
278 | <!-- Start KeyValue Element-types -->
279 | 
280 | <element name="DSAKeyValue" type="ds:DSAKeyValueType"/>
281 | <complexType name="DSAKeyValueType">
282 |   <sequence>
283 |     <sequence minOccurs="0">
284 |       <element name="P" type="ds:CryptoBinary"/>
285 |       <element name="Q" type="ds:CryptoBinary"/>
286 |     </sequence>
287 |     <element name="G" type="ds:CryptoBinary" minOccurs="0"/>
288 |     <element name="Y" type="ds:CryptoBinary"/>
289 |     <element name="J" type="ds:CryptoBinary" minOccurs="0"/>
290 |     <sequence minOccurs="0">
291 |       <element name="Seed" type="ds:CryptoBinary"/>
292 |       <element name="PgenCounter" type="ds:CryptoBinary"/>
293 |     </sequence>
294 |   </sequence>
295 | </complexType>
296 | 
297 | <element name="RSAKeyValue" type="ds:RSAKeyValueType"/>
298 | <complexType name="RSAKeyValueType">
299 |   <sequence>
300 |     <element name="Modulus" type="ds:CryptoBinary"/> 
301 |     <element name="Exponent" type="ds:CryptoBinary"/> 
302 |   </sequence>
303 | </complexType> 
304 | 
305 | <!-- End KeyValue Element-types -->
306 | 
307 | <!-- End Signature -->
308 | 
309 | </schema>
310 | 


--------------------------------------------------------------------------------
/specifications/oval-language-specification.docx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/OVALProject/Language/7a3efac6429f9378fea3b3929cdf316ecf14d491/specifications/oval-language-specification.docx


--------------------------------------------------------------------------------
/specifications/oval-unix-extension-specification.docx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/OVALProject/Language/7a3efac6429f9378fea3b3929cdf316ecf14d491/specifications/oval-unix-extension-specification.docx


--------------------------------------------------------------------------------
/specifications/oval-windows-extension-specification.docx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/OVALProject/Language/7a3efac6429f9378fea3b3929cdf316ecf14d491/specifications/oval-windows-extension-specification.docx


--------------------------------------------------------------------------------
/tools/ExtractSchFromXSD.xsl:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="UTF-8"?>
 2 | <!--
 3 |         based on an original transform by Eddie Robertsson
 4 |         2001/04/21      fn: added support for included schemas
 5 |         2001/06/27      er: changed XMl Schema prefix from xsd: to xs: and changed to the Rec namespace
 6 |         2010/04/14    	rj: Update for ISO Schematron 
 7 | -->
 8 | <xsl:transform version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" 
 9 | xmlns:sch="http://purl.oclc.org/dsdl/schematron" xmlns:xs="http://www.w3.org/2001/XMLSchema">
10 |         <!-- Set the output to be XML with an XML declaration and use indentation -->
11 |         <xsl:output method="xml" omit-xml-declaration="no" indent="yes" standalone="yes"/>
12 |         <!-- -->
13 |         <!-- match schema and call recursive template to extract included schemas -->
14 |         <!-- -->
15 |         <xsl:template match="xs:schema">
16 |                 <!-- call the schema definition template ... -->
17 |                 <xsl:call-template name="gatherSchema">
18 |                         <!-- ... with current current root as the $schemas parameter ... -->
19 |                         <xsl:with-param name="schemas" select="/"/>
20 |                         <!-- ... and any includes in the $include parameter -->
21 |                         <xsl:with-param name="includes" 
22 | 						select="document(/xs:schema/xs:*[self::xs:include or self::xs:import or self::xs:redefine]/@schemaLocation)"/>
23 |                 </xsl:call-template>
24 |         </xsl:template>
25 |         <!-- -->
26 |         <!-- gather all included schemas into a single parameter variable -->
27 |         <!-- -->
28 |         <xsl:template name="gatherSchema">
29 |                 <xsl:param name="schemas"/>
30 |                 <xsl:param name="includes"/>
31 |                 <xsl:choose>
32 |                         <xsl:when test="count($schemas) &lt; count($schemas | $includes)">
33 |                                 <!-- when $includes includes something new, recurse ... -->
34 |                                 <xsl:call-template name="gatherSchema">
35 |                                         <!-- ... with current $includes added to the $schemas parameter ... -->
36 |                                         <xsl:with-param name="schemas" select="$schemas | $includes"/>
37 |                                         <!-- ... and any *new* includes in the $include parameter -->
38 |                                         <xsl:with-param name="includes" 
39 | 										select="document($includes/xs:schema/xs:*[self::xs:include or self::xs:import or self::xs:redefine]/@schemaLocation)"/>
40 |                                 </xsl:call-template>
41 |                         </xsl:when>
42 |                         <xsl:otherwise>
43 |                                 <!-- we have the complete set of included schemas, 
44 | 								so now let's output the embedded schematron -->
45 |                                 <xsl:call-template name="output">
46 |                                         <xsl:with-param name="schemas" select="$schemas"/>
47 |                                 </xsl:call-template>
48 |                         </xsl:otherwise>
49 |                 </xsl:choose>
50 |         </xsl:template>
51 |         <!-- -->
52 |         <!-- output the schematron information -->
53 |         <!-- -->
54 |         <xsl:template name="output">
55 |                 <xsl:param name="schemas"/>
56 |                 <!-- -->
57 |                 <sch:schema>
58 |                         <!-- get header-type elements - eg title and especially ns -->
59 |                         <!-- title (just one) -->
60 |                         <xsl:copy-of select="$schemas//xs:appinfo/sch:title[1]"/>
61 |                         <!-- get remaining schematron schema children -->
62 |                         <!-- get non-blank namespace elements, dropping duplicates -->
63 |                         <xsl:for-each select="$schemas//xs:appinfo/sch:ns">
64 |                                 <xsl:if test="generate-id(.) = 
65 | 								generate-id($schemas//xs:appinfo/sch:ns[@prefix = current()/@prefix][1])">
66 |                                         <xsl:copy-of select="."/>
67 |                                 </xsl:if>
68 |                         </xsl:for-each>
69 |                         <xsl:copy-of select="$schemas//xs:appinfo/sch:phase"/>
70 |                         <xsl:copy-of select="$schemas//xs:appinfo/sch:pattern"/>
71 |                         <sch:diagnostics>
72 |                                 <xsl:copy-of select="$schemas//xs:appinfo/sch:diagnostics/*"/>
73 |                         </sch:diagnostics>
74 |                 </sch:schema>
75 |         </xsl:template>
76 |         <!-- -->
77 | </xsl:transform>


--------------------------------------------------------------------------------