This YANG module defines the generic configuration data for key-chain. It is intended that the module will be extended by vendor...
Version: 2015-02-24
module ietf-key-chain { yang-version 1; namespace "urn:ietf:params:xml:ns:yang:ietf-key-chain"; prefix key-chain; import ietf-yang-types { prefix yang; } organization "Cisco Systems 170 West Tasman Drive San Jose, CA 95134-1706 USA"; contact "Acee Lindem - acee@cisco.com"; description "This YANG module defines the generic configuration data for key-chain. It is intended that the module will be extended by vendors to define vendor-specific key-chain configuration parameters. "; revision "2015-02-24" { description "Initial revision."; reference "RFC XXXX: A YANG Data Model for key-chain"; } typedef key-chain-ref { type leafref { path "/key-chain:key-chains/key-chain-list/key-chain:name"; } description "This type is used by data models that need to reference configured key-chains."; } feature hex-key-string { description "Support hexadecimal key string."; } feature accept-tolerance { description "To specify the tolerance or acceptance limit."; } feature independent-send-accept-lifetime { description "Support for independent send and accept key lifetimes."; } feature crypto-hmac-sha-1-12 { description "Support for TCP HMAC-SHA-1 12 byte digest hack."; } container key-chains { description "All configured key-chains for the device."; list key-chain-list { key "name"; description "List of key-chains."; leaf name { type string; description "Name of the key-chain."; } container accept-tolerance { if-feature accept-tolerance; description "Tolerance for key lifetime acceptance (seconds)."; leaf duration { type uint32; units "seconds"; default "0"; description "Tolerance range, in seconds."; } } // container accept-tolerance list key-chain-entry { key "key-id"; description "One key."; leaf key-id { type uint64; description "Key id."; } container key-string { description "The key string."; choice key-string-style { description "Key string styles"; leaf keystring { type string; description "Key string in ASCII format."; } case hexadecimal { if-feature hex-key-string; leaf hexadecimal-string { type yang:hex-string; description "Key in hexadecimal string format."; } } // case hexadecimal } // choice key-string-style } // container key-string container lifetime { description "Specify a key's lifetime."; choice lifetime { description "Options for specification of send and accept lifetimes."; case send-and-accept-lifetime { description "Send and accept key have the same lifetime."; container send-accept-lifetime { description "Single lifetime specification for both send and accept lifetimes."; choice lifetime { default "always"; description "Options for specifying key accept or send lifetimes"; leaf always { type empty; description "Indicates key lifetime is always valid."; } case start-end-time { leaf start-date-time { type yang:date-and-time; description "Start time."; } choice end-time { default "infinite"; description "End-time setting."; leaf no-end-time { type empty; description "Indicates key lifetime end-time in infinite."; } leaf duration { type uint32 { range "1..2147483646"; } units "seconds"; description "Key lifetime duration, in seconds"; } leaf end-date-time { type yang:date-and-time; description "End time."; } } // choice end-time } // case start-end-time } // choice lifetime } // container send-accept-lifetime } // case send-and-accept-lifetime case independent-send-accept-lifetime { if-feature independent-send-accept-lifetime; description "Independent send and accept key lifetimes."; container send-lifetime { description "Separate lifetime specification for send lifetime."; choice lifetime { default "always"; description "Options for specifying key accept or send lifetimes"; leaf always { type empty; description "Indicates key lifetime is always valid."; } case start-end-time { leaf start-date-time { type yang:date-and-time; description "Start time."; } choice end-time { default "infinite"; description "End-time setting."; leaf no-end-time { type empty; description "Indicates key lifetime end-time in infinite."; } leaf duration { type uint32 { range "1..2147483646"; } units "seconds"; description "Key lifetime duration, in seconds"; } leaf end-date-time { type yang:date-and-time; description "End time."; } } // choice end-time } // case start-end-time } // choice lifetime } // container send-lifetime container accept-lifetime { description "Separate lifetime specification for accept lifetime."; choice lifetime { default "always"; description "Options for specifying key accept or send lifetimes"; leaf always { type empty; description "Indicates key lifetime is always valid."; } case start-end-time { leaf start-date-time { type yang:date-and-time; description "Start time."; } choice end-time { default "infinite"; description "End-time setting."; leaf no-end-time { type empty; description "Indicates key lifetime end-time in infinite."; } leaf duration { type uint32 { range "1..2147483646"; } units "seconds"; description "Key lifetime duration, in seconds"; } leaf end-date-time { type yang:date-and-time; description "End time."; } } // choice end-time } // case start-end-time } // choice lifetime } // container accept-lifetime } // case independent-send-accept-lifetime } // choice lifetime } // container lifetime container crypto-algorithm { description "Cryptographic algorithm associated with key."; choice algorithm { description "Options for crytographic algorithm specification."; case hmac-sha-1-12 { if-feature crypto-hmac-sha-1-12; leaf hmac-sha1-12 { type empty; description "The HMAC-SHA-1-12 algorithm."; } } // case hmac-sha-1-12 leaf md5 { type empty; description "The MD5 algorithm."; } leaf sha-1 { type empty; description "The SHA-1 algorithm."; } leaf hmac-sha-1 { type empty; description "HMAC-SHA-1 authentication algorithm."; } leaf hmac-sha-256 { type empty; description "HMAC-SHA-256 authentication algorithm."; } leaf hmac-sha-384 { type empty; description "HMAC-SHA-384 authentication algorithm."; } leaf hmac-sha-512 { type empty; description "HMAC-SHA-512 authentication algorithm."; } } // choice algorithm } // container crypto-algorithm } // list key-chain-entry } // list key-chain-list } // container key-chains container key-chains-state { config false; description "All configured key-chains state."; list key-chain-list-state { description "One key-chain state."; leaf name-state { type string; description "Configured name of the key-chain."; } container accept-tolerance-state { description "Configured tolerance for key lifetime acceptance (seconds)."; leaf duration { type uint32; description "Configured tolerance range, in seconds."; } } // container accept-tolerance-state list key-chain-entry { key "key-id"; description "One key."; leaf key-id { type uint64; description "Configurd key id."; } container lifetime-state { description "Configured key's lifetime."; container send-lifetime { description "Configured send-lifetime."; choice lifetime { default "always"; description "Options for specifying key accept or send lifetimes"; leaf always { type empty; description "Indicates key lifetime is always valid."; } case start-end-time { leaf start-date-time { type yang:date-and-time; description "Start time."; } choice end-time { default "infinite"; description "End-time setting."; leaf no-end-time { type empty; description "Indicates key lifetime end-time in infinite."; } leaf duration { type uint32 { range "1..2147483646"; } units "seconds"; description "Key lifetime duration, in seconds"; } leaf end-date-time { type yang:date-and-time; description "End time."; } } // choice end-time } // case start-end-time } // choice lifetime } // container send-lifetime leaf send-valid { type boolean; description "Status of send-lifetime."; } container accept-lifetime { description "Configured accept-lifetime."; choice lifetime { default "always"; description "Options for specifying key accept or send lifetimes"; leaf always { type empty; description "Indicates key lifetime is always valid."; } case start-end-time { leaf start-date-time { type yang:date-and-time; description "Start time."; } choice end-time { default "infinite"; description "End-time setting."; leaf no-end-time { type empty; description "Indicates key lifetime end-time in infinite."; } leaf duration { type uint32 { range "1..2147483646"; } units "seconds"; description "Key lifetime duration, in seconds"; } leaf end-date-time { type yang:date-and-time; description "End time."; } } // choice end-time } // case start-end-time } // choice lifetime } // container accept-lifetime leaf accept-valid { type boolean; description "Status of accept-lifetime."; } } // container lifetime-state container crypto-algorithm-state { description "Configured cryptographic algorithm."; choice algorithm { description "Options for crytographic algorithm specification."; case hmac-sha-1-12 { if-feature crypto-hmac-sha-1-12; leaf hmac-sha1-12 { type empty; description "The HMAC-SHA-1-12 algorithm."; } } // case hmac-sha-1-12 leaf md5 { type empty; description "The MD5 algorithm."; } leaf sha-1 { type empty; description "The SHA-1 algorithm."; } leaf hmac-sha-1 { type empty; description "HMAC-SHA-1 authentication algorithm."; } leaf hmac-sha-256 { type empty; description "HMAC-SHA-256 authentication algorithm."; } leaf hmac-sha-384 { type empty; description "HMAC-SHA-384 authentication algorithm."; } leaf hmac-sha-512 { type empty; description "HMAC-SHA-512 authentication algorithm."; } } // choice algorithm } // container crypto-algorithm-state } // list key-chain-entry } // list key-chain-list-state } // container key-chains-state } // module ietf-key-chain
© 2024 YumaWorks, Inc. All rights reserved.