+++ /dev/null
-module org-openroadm-key-chain {
- namespace "http://org/openroadm/key-chain";
- prefix org-openroadm-key-chain;
-
- import ietf-yang-types {
- prefix yang;
- revision-date 2013-07-15;
- }
-
- organization
- "Open ROADM MSA";
- contact
- "OpenROADM.org";
- description
- "This model defines the Yang model for key chain.
-
- This model reuses data items defined in the IETF YANG model for
- key-chain as described by RFC 8177.
-
- Some attributes which are not required in Open ROADM MSA are removed.
- Yang file included are changed to fit into Open ROADM MSA yang structure.
-
- IETF code is subject to the following copyright and license:
- Copyright (c) IETF Trust and the persons identified as authors of
- the code.
- All rights reserved.
-
- Redistribution and use in source and binary forms, with or without
- modification, is permitted pursuant to, and subject to the license
- terms contained in, the Simplified BSD License set forth in
- Section 4.c of the IETF Trust's Legal Provisions Relating
- to IETF Documents (http://trustee.ietf.org/license-info).";
-
- revision 2019-11-29 {
- description
- "Version 6.1.0";
- }
- revision 2019-03-29 {
- description
- "Version 5.0.0";
- }
- revision 2018-03-30 {
- description
- "Initial revision.";
- }
-
- feature hex-key-string {
- description
- "Support hexadecimal key string.";
- }
-
- feature independent-send-accept-lifetime {
- description
- "Support for independent send and accept key lifetimes.";
- }
-
- feature crypto-hmac-sha-1-12 {
- description
- "Support for TCP HMAC-SHA-1 12 byte digest hack.";
- }
-
- typedef key-chain-ref {
- type leafref {
- path "/org-openroadm-key-chain:key-chains/key-chain-list/org-openroadm-key-chain:name";
- }
- description
- "This type is used by data models that need to reference
- configured key-chains.";
- }
-
- grouping lifetime {
- description
- "Key lifetime specification.";
- choice lifetime {
- default "always";
- description
- "Options for specifying key accept or send lifetimes";
- case always {
- leaf always {
- type empty;
- description
- "Indicates key lifetime is always valid.";
- }
- }
- case start-end-time {
- leaf start-date-time {
- type yang:date-and-time;
- description
- "Start time.";
- }
- choice end-time {
- default "infinite";
- description
- "End-time setting.";
- case infinite {
- leaf no-end-time {
- type empty;
- description
- "Indicates key lifetime end-time in infinite.";
- }
- }
- case duration {
- leaf duration {
- type uint32 {
- range "1..2147483646";
- }
- units "seconds";
- description
- "Key lifetime duration, in seconds";
- }
- }
- case end-date-time {
- leaf end-date-time {
- type yang:date-and-time;
- description
- "End time.";
- }
- }
- }
- }
- }
- }
-
- grouping crypto-algorithm-types {
- description
- "Cryptographic algorithm types.";
- choice algorithm {
- description
- "Options for crytographic algorithm specification.";
- case md5 {
- leaf md5 {
- type empty;
- description
- "The MD5 algorithm.";
- }
- }
- }
- }
-
- grouping key-chain {
- description
- "key-chain specification grouping.";
- leaf name {
- type string;
- description
- "Name of the key-chain.";
- }
- list key-chain-entry {
- key "key-id";
- description
- "One key.";
- leaf key-id {
- type uint64 {
- range "1..255" {
- error-message "Configured value is out of range";
- }
- }
- description
- "Key id.";
- }
- container key-string {
- description
- "The key string.";
- choice key-string-style {
- description
- "Key string styles";
- case keystring {
- leaf keystring {
- type string {
- length "1..16" {
- error-message "Configured string exceeds the maximum length";
- }
- }
- description
- "Key string in ASCII format.";
- }
- }
- case hexadecimal {
- if-feature "hex-key-string";
- }
- }
- }
- container crypto-algorithm {
- description
- "Cryptographic algorithm associated with key.";
- uses crypto-algorithm-types;
- }
- }
- }
-
- container key-chains {
- description
- "All configured key-chains for the device.";
- list key-chain-list {
- key "name";
- description
- "List of key-chains.";
- uses key-chain;
- }
- }
- container key-chains-state {
- config false;
- description
- "All configured key-chains state.";
- list key-chain-list-state {
- description
- "One key-chain state.";
- leaf name-state {
- type string;
- description
- "Configured name of the key-chain.";
- }
- list key-chain-entry {
- key "key-id";
- description
- "One key.";
- leaf key-id {
- type uint64;
- description
- "Configurd key id.";
- }
- container crypto-algorithm-state {
- description
- "Configured cryptographic algorithm.";
- uses crypto-algorithm-types;
- }
- }
- }
- }
-}