import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Host;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.IetfInetUtil;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.PortNumber;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.netconf.client.rev231228.netconf.client.initiate.stack.grouping.transport.ssh.ssh.TcpClientParametersBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.netconf.client.rev240208.netconf.client.initiate.stack.grouping.transport.ssh.ssh.TcpClientParametersBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.device.rev240120.connection.parameters.Protocol;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.device.rev240120.connection.parameters.ProtocolBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev231121.NetconfNodeBuilder;
import org.opendaylight.netconf.transport.ssh.SSHTransportStackFactory;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.IetfInetUtil;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.PortNumber;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.netconf.client.rev231228.netconf.client.initiate.stack.grouping.transport.ssh.ssh.SshClientParametersBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.netconf.client.rev231228.netconf.client.listen.stack.grouping.transport.ssh.ssh.TcpServerParametersBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev231228.ssh.client.grouping.ClientIdentityBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.server.rev231228.TcpServerGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.netconf.client.rev240208.netconf.client.initiate.stack.grouping.transport.ssh.ssh.SshClientParametersBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.netconf.client.rev240208.netconf.client.listen.stack.grouping.transport.ssh.ssh.TcpServerParametersBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev240208.ssh.client.grouping.ClientIdentityBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.server.rev240208.TcpServerGrouping;
import org.opendaylight.yangtools.yang.common.Uint16;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.opendaylight.netconf.transport.tls.TLSClient;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.IetfInetUtil;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.PortNumber;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.netconf.client.rev231228.netconf.client.listen.stack.grouping.transport.ssh.ssh.TcpServerParametersBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.server.rev231228.TcpServerGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.netconf.client.rev240208.netconf.client.listen.stack.grouping.transport.ssh.ssh.TcpServerParametersBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.server.rev240208.TcpServerGrouping;
import org.opendaylight.yangtools.yang.common.Uint16;
public final class CallHomeTlsServer implements AutoCloseable {
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Host;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.IetfInetUtil;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.PortNumber;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.netconf.client.rev231228.netconf.client.initiate.stack.grouping.transport.ssh.ssh.TcpClientParametersBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.netconf.client.rev240208.netconf.client.initiate.stack.grouping.transport.ssh.ssh.TcpClientParametersBuilder;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.netconf.monitoring.rev101004.netconf.state.Capabilities;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.netconf.monitoring.rev101004.netconf.state.CapabilitiesBuilder;
import org.opendaylight.yangtools.yang.common.Uint16;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Host;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.IetfInetUtil;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.PortNumber;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.netconf.client.rev231228.netconf.client.initiate.stack.grouping.transport.ssh.ssh.TcpClientParametersBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.netconf.client.rev240208.netconf.client.initiate.stack.grouping.transport.ssh.ssh.TcpClientParametersBuilder;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.netconf.monitoring.rev101004.netconf.state.Capabilities;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.netconf.monitoring.rev101004.netconf.state.CapabilitiesBuilder;
import org.opendaylight.yangtools.yang.common.Uint16;
import org.opendaylight.netconf.transport.ssh.SSHServer;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.IetfInetUtil;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.PortNumber;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.netconf.server.rev231228.netconf.server.listen.stack.grouping.transport.ssh.ssh.TcpServerParametersBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.server.rev231228.TcpServerGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.netconf.server.rev240208.netconf.server.listen.stack.grouping.transport.ssh.ssh.TcpServerParametersBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.server.rev240208.TcpServerGrouping;
import org.opendaylight.yangtools.yang.common.Uint16;
import org.osgi.service.component.annotations.Activate;
import org.osgi.service.component.annotations.Component;
import org.opendaylight.netconf.transport.tcp.TCPServer;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.IetfInetUtil;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.PortNumber;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.netconf.server.rev231228.netconf.server.listen.stack.grouping.transport.tls.tls.TcpServerParametersBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.server.rev231228.TcpServerGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.netconf.server.rev240208.netconf.server.listen.stack.grouping.transport.tls.tls.TcpServerParametersBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.server.rev240208.TcpServerGrouping;
import org.opendaylight.yangtools.yang.common.Uint16;
import org.osgi.service.component.annotations.Activate;
import org.osgi.service.component.annotations.Component;
import org.opendaylight.netconf.shaded.sshd.client.auth.pubkey.UserAuthPublicKeyFactory;
import org.opendaylight.netconf.shaded.sshd.common.keyprovider.KeyIdentityProvider;
import org.opendaylight.netconf.transport.tls.FixedSslHandlerFactory;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev231228.password.grouping.password.type.CleartextPasswordBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.netconf.client.rev231228.netconf.client.initiate.stack.grouping.transport.ssh.ssh.SshClientParametersBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.netconf.client.rev231228.netconf.client.initiate.stack.grouping.transport.ssh.ssh.TcpClientParametersBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev231228.ssh.client.grouping.ClientIdentity;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev231228.ssh.client.grouping.ClientIdentityBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev231228.ssh.client.grouping.client.identity.PasswordBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev240208.password.grouping.password.type.CleartextPasswordBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.netconf.client.rev240208.netconf.client.initiate.stack.grouping.transport.ssh.ssh.SshClientParametersBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.netconf.client.rev240208.netconf.client.initiate.stack.grouping.transport.ssh.ssh.TcpClientParametersBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev240208.ssh.client.grouping.ClientIdentity;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev240208.ssh.client.grouping.ClientIdentityBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev240208.ssh.client.grouping.client.identity.PasswordBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.device.rev240120.connection.parameters.Protocol.Name;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.device.rev240120.credentials.Credentials;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.device.rev240120.credentials.credentials.KeyAuth;
"This module defines a 'keystore' to centralize management
of security credentials.
- Copyright (c) 2023 IETF Trust and the persons identified
+ Copyright (c) 2024 IETF Trust and the persons identified
as authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with
(RFC 8174) when, and only when, they appear in all
capitals, as shown here.";
- revision 2023-12-28 {
+ revision 2024-02-08 {
description
"Initial version";
reference
/* Typedefs */
/****************/
- typedef symmetric-key-ref {
+ typedef central-symmetric-key-ref {
type leafref {
path "/ks:keystore/ks:symmetric-keys/ks:symmetric-key"
+ "/ks:name";
to a symmetric key stored in the central keystore.";
}
- typedef asymmetric-key-ref {
+ typedef central-asymmetric-key-ref {
type leafref {
path "/ks:keystore/ks:asymmetric-keys/ks:asymmetric-key"
+ "/ks:name";
mandatory true;
description
"A choice amongst other symmetric or asymmetric keys.";
- case symmetric-key-ref {
+ case central-symmetric-key-ref {
if-feature "central-keystore-supported";
if-feature "symmetric-keys";
leaf symmetric-key-ref {
- type ks:symmetric-key-ref;
+ type ks:central-symmetric-key-ref;
description
"Identifies the symmetric key used to encrypt the
associated key.";
}
}
- case asymmetric-key-ref {
+ case central-asymmetric-key-ref {
if-feature "central-keystore-supported";
if-feature "asymmetric-keys";
leaf asymmetric-key-ref {
- type ks:asymmetric-key-ref;
+ type ks:central-asymmetric-key-ref;
description
"Identifies the asymmetric key whose public key
encrypted the associated key.";
// *-ref groupings
- grouping asymmetric-key-certificate-ref-grouping {
+ grouping central-asymmetric-key-certificate-ref-grouping {
description
"Grouping for the reference to a certificate associated
with an asymmetric key stored in the central keystore.";
nacm:default-deny-write;
if-feature "central-keystore-supported";
if-feature "asymmetric-keys";
- type ks:asymmetric-key-ref;
+ type ks:central-asymmetric-key-ref;
must '../certificate';
description
"A reference to an asymmetric key in the keystore.";
symmetric key may be defined inline or as a reference to
a symmetric key stored in the central keystore.
- Servers that do not define the 'central-keystore-supported'
- feature SHOULD augment in custom 'case' statements enabling
- references to alternate keystore locations.";
+ Servers that wish to define alternate keystore locations
+ SHOULD augment in custom 'case' statements enabling
+ references to those alternate keystore locations.";
choice inline-or-keystore {
nacm:default-deny-write;
mandatory true;
if-feature "central-keystore-supported";
if-feature "symmetric-keys";
leaf central-keystore-reference {
- type ks:symmetric-key-ref;
+ type ks:central-symmetric-key-ref;
description
"A reference to an symmetric key that exists in
the central keystore.";
asymmetric key may be defined inline or as a reference to
an asymmetric key stored in the central keystore.
- Servers that do not define the 'central-keystore-supported'
- feature SHOULD augment in custom 'case' statements enabling
- references to alternate keystore locations.";
+ Servers that wish to define alternate keystore locations
+ SHOULD augment in custom 'case' statements enabling
+ references to those alternate keystore locations.";
choice inline-or-keystore {
nacm:default-deny-write;
mandatory true;
if-feature "central-keystore-supported";
if-feature "asymmetric-keys";
leaf central-keystore-reference {
- type ks:asymmetric-key-ref;
+ type ks:central-asymmetric-key-ref;
description
"A reference to an asymmetric key that exists in
the central keystore. The intent is to reference
reference to an asymmetric key (and its associated
certificates) in the central keystore.
- Servers that do not define the 'central-keystore-supported'
- feature SHOULD augment in custom 'case' statements enabling
- references to alternate keystore locations.";
+ Servers that wish to define alternate keystore locations
+ SHOULD augment in custom 'case' statements enabling
+ references to those alternate keystore locations.";
choice inline-or-keystore {
nacm:default-deny-write;
mandatory true;
if-feature "central-keystore-supported";
if-feature "asymmetric-keys";
leaf central-keystore-reference {
- type ks:asymmetric-key-ref;
+ type ks:central-asymmetric-key-ref;
description
"A reference to an asymmetric-key (and all of its
associated certificates) in the keystore, when
inline or as a reference to an asymmetric key (and its
associated end-entity certificate) in the central keystore.
- Servers that do not define the 'central-keystore-supported'
- feature SHOULD augment in custom 'case' statements enabling
- references to alternate keystore locations.";
+ Servers that wish to define alternate keystore locations
+ SHOULD augment in custom 'case' statements enabling
+ references to those alternate keystore locations.";
choice inline-or-keystore {
nacm:default-deny-write;
mandatory true;
if-feature "central-keystore-supported";
if-feature "asymmetric-keys";
container central-keystore-reference {
- uses asymmetric-key-certificate-ref-grouping;
+ uses central-asymmetric-key-certificate-ref-grouping;
description
"A reference to a specific certificate associated with
an asymmetric key stored in the central keystore.";
a list of asymmetric keys.";
nacm:default-deny-write;
uses keystore-grouping {
- augment "symmetric-keys/symmetric-key/key-type/encrypted-key/"
- + "encrypted-key/encrypted-by" {
+ augment "symmetric-keys/symmetric-key/key-type/encrypted-"
+ + "symmetric-key/encrypted-symmetric-key/encrypted-by" {
description
"Augments in a choice statement enabling the encrypting
key to be any other symmetric or asymmetric key in the
import java.util.Set;
import org.eclipse.jdt.annotation.NonNullByDefault;
import org.kohsuke.MetaInfServices;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore.rev231228.AsymmetricKeys;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore.rev231228.IetfKeystoreData;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore.rev231228.InlineDefinitionsSupported;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore.rev240208.AsymmetricKeys;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore.rev240208.IetfKeystoreData;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore.rev240208.InlineDefinitionsSupported;
import org.opendaylight.yangtools.yang.binding.YangFeature;
import org.opendaylight.yangtools.yang.binding.YangFeatureProvider;
"This module defines common YANG types for cryptographic
applications.
- Copyright (c) 2023 IETF Trust and the persons identified
+ Copyright (c) 2024 IETF Trust and the persons identified
as authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with
(RFC 8174) when, and only when, they appear in all
capitals, as shown here.";
- revision 2023-12-28 {
+ revision 2024-02-08 {
description
"Initial version";
reference
base private-key-format;
description
"Indicates that the private key value is encoded as
- an RSAPrivateKey (from RFC 3447), encoded using ASN.1
+ an RSAPrivateKey (from RFC 8017), encoded using ASN.1
distinguished encoding rules (DER), as specified in
ITU-T X.690.";
reference
- "RFC 3447:
+ "RFC 8017:
PKCS #1: RSA Cryptography Specifications Version 2.2
ITU-T X.690:
Information technology - ASN.1 encoding rules:
If 'encrypted-by' points to a symmetric key, then a
'symmetrically-encrypted-value-format' based identity
- MUST by set (e.g., cms-encrypted-data-format).
+ MUST be set (e.g., cms-encrypted-data-format).
If 'encrypted-by' points to an asymmetric key, then an
'asymmetrically-encrypted-value-format' based identity
- MUST by set (e.g., cms-enveloped-data-format).";
+ MUST be set (e.g., cms-enveloped-data-format).";
}
leaf encrypted-value {
nacm:default-deny-write;
grouping password-grouping {
description
- "A password that may be encrypted.";
+ "A password used for authenticating to a remote system.
+
+ The 'ianach:crypt-hash' typedef from RFC 7317 should be
+ used instead when needing a password to authencate a
+ local account.";
choice password-type {
nacm:default-deny-write;
mandatory true;
mandatory true;
description
"Choice between key types.";
- case cleartext-key {
- leaf cleartext-key {
+ case cleartext-symmetric-key {
+ leaf cleartext-symmetric-key {
if-feature "cleartext-symmetric-keys";
nacm:default-deny-all;
type binary;
the value is defined by the 'key-format' field.";
}
}
- case hidden-key {
+ case hidden-symmetric-key {
if-feature "hidden-symmetric-keys";
- leaf hidden-key {
+ leaf hidden-symmetric-key {
type empty;
must 'not(../key-format)';
description
- "A hidden key. How such keys are created is outside
- the scope of this module.";
+ "A hidden key is not exportable, and not extractable,
+ and therefore, it is of type 'empty' as its value is
+ inaccessible via management interfaces. Though hidden
+ to users, such keys are not hidden to the server and
+ may be referenced by configuration to indicate which
+ key a server should use for a cryptographic operation.
+ How such keys are created is outside the scope of this
+ module.";
}
}
- case encrypted-key {
+ case encrypted-symmetric-key {
if-feature "encrypted-symmetric-keys";
- container encrypted-key {
+ container encrypted-symmetric-key {
must '../key-format';
description
"A container for the encrypted symmetric key value.
type empty;
must 'not(../private-key-format)';
description
- "A hidden key. How such keys are created is
- outside the scope of this module.";
+ "A hidden key. It is of type 'empty' as its value is
+ inaccessible via management interfaces. Though hidden
+ to users, such keys are not hidden to the server and
+ and may be referenced by configuration to indicate which
+ key a server should use for a cryptographic operation.
+ How such keys are created is outside the scope of this
+ module.";
}
}
case encrypted-private-key {
grouping asymmetric-key-pair-grouping {
description
"A private key and, optionally, its associated public key.
- Implementations SHOULD ensure that the two keys, when both
+ Implementations MUST ensure that the two keys, when both
are specified, are a matching pair.";
uses public-key-grouping {
refine public-key-format {
"A trust anchor certificate, and a notification for when
it is about to (or already has) expire.";
leaf cert-data {
- nacm:default-deny-write;
+ nacm:default-deny-all;
type trust-anchor-cert-cms;
description
"The binary certificate data for this certificate.";
SHOULD assert that, where used, the end entity certificate
contains the expected public key.";
leaf cert-data {
- nacm:default-deny-write;
+ nacm:default-deny-all;
type end-entity-cert-cms;
description
"The binary certificate data for this certificate.";
This action statement is only available when the
associated 'public-key-format' node's value is
'subject-public-key-info-format'.";
- reference
- "RFC 6125:
- Representation and Verification of Domain-Based
- Application Service Identity within Internet Public Key
- Infrastructure Using X.509 (PKIX) Certificates in the
- Context of Transport Layer Security (TLS)";
input {
leaf csr-format {
type identityref {
grouping asymmetric-key-pair-with-cert-grouping {
description
"A private/public key pair and an associated certificate.
- Implementations SHOULD assert that the certificate contains
+ Implementations MUST assert that the certificate contains
the matching public key.";
uses asymmetric-key-pair-grouping;
uses end-entity-cert-grouping;
grouping asymmetric-key-pair-with-certs-grouping {
description
"A private/public key pair and a list of associated
- certificates. Implementations SHOULD assert that
+ certificates. Implementations MUST assert that
certificates contain the matching public key.";
uses asymmetric-key-pair-grouping;
container certificates {
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.IetfInetUtil;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.IpAddress;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.PortNumber;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.netconf.server.rev231228.netconf.server.listen.stack.grouping.transport.ssh.ssh.TcpServerParametersBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.server.rev231228.TcpServerGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.netconf.server.rev240208.netconf.server.listen.stack.grouping.transport.ssh.ssh.TcpServerParametersBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.server.rev240208.TcpServerGrouping;
import org.opendaylight.yangtools.yang.common.Revision;
import org.opendaylight.yangtools.yang.common.Uint16;
import org.opendaylight.yangtools.yang.model.api.EffectiveModelContext;
import org.opendaylight.netconf.test.tool.TestToolUtils;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.netconf.base._1._0.rev110601.CommitInput;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.netconf.base._1._0.rev110601.EditConfigInput;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev231228.password.grouping.password.type.CleartextPasswordBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev240208.password.grouping.password.type.CleartextPasswordBuilder;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Host;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.IetfInetUtil;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.PortNumber;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Uri;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.netconf.client.rev231228.netconf.client.initiate.stack.grouping.transport.ssh.ssh.SshClientParametersBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.netconf.client.rev231228.netconf.client.initiate.stack.grouping.transport.ssh.ssh.TcpClientParametersBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev231228.ssh.client.grouping.ClientIdentityBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev231228.ssh.client.grouping.client.identity.PasswordBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.netconf.client.rev240208.netconf.client.initiate.stack.grouping.transport.ssh.ssh.SshClientParametersBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.netconf.client.rev240208.netconf.client.initiate.stack.grouping.transport.ssh.ssh.TcpClientParametersBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev240208.ssh.client.grouping.ClientIdentityBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev240208.ssh.client.grouping.client.identity.PasswordBuilder;
import org.opendaylight.yangtools.yang.common.QName;
import org.opendaylight.yangtools.yang.common.Uint16;
import org.slf4j.Logger;
import org.opendaylight.netconf.common.impl.DefaultNetconfTimer;
import org.opendaylight.netconf.test.tool.config.Configuration;
import org.opendaylight.netconf.test.tool.config.ConfigurationBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev231228.password.grouping.password.type.CleartextPasswordBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev240208.password.grouping.password.type.CleartextPasswordBuilder;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Host;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.IetfInetUtil;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.PortNumber;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.netconf.client.rev231228.netconf.client.initiate.stack.grouping.transport.ssh.ssh.TcpClientParametersBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.netconf.client.rev231228.netconf.client.listen.stack.grouping.transport.ssh.ssh.SshClientParametersBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev231228.ssh.client.grouping.ClientIdentityBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev231228.ssh.client.grouping.client.identity.PasswordBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.netconf.client.rev240208.netconf.client.initiate.stack.grouping.transport.ssh.ssh.TcpClientParametersBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.netconf.client.rev240208.netconf.client.listen.stack.grouping.transport.ssh.ssh.SshClientParametersBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev240208.ssh.client.grouping.ClientIdentityBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev240208.ssh.client.grouping.client.identity.PasswordBuilder;
import org.opendaylight.yangtools.yang.common.Uint16;
import org.w3c.dom.Document;
import org.opendaylight.netconf.transport.ssh.ClientFactoryManagerConfigurator;
import org.opendaylight.netconf.transport.tls.SslHandlerFactory;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Uri;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev231228.SshClientGrouping;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.client.rev231228.TcpClientGrouping;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.client.rev231228.TlsClientGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev240208.SshClientGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.client.rev240208.TcpClientGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.client.rev240208.TlsClientGrouping;
public final class NetconfClientConfiguration {
import org.opendaylight.netconf.transport.ssh.ClientFactoryManagerConfigurator;
import org.opendaylight.netconf.transport.tls.SslHandlerFactory;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Uri;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev231228.SshClientGrouping;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.client.rev231228.TcpClientGrouping;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.client.rev231228.TlsClientGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev240208.SshClientGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.client.rev240208.TcpClientGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.client.rev240208.TlsClientGrouping;
/**
* Builder for {@link NetconfClientConfiguration}.
"This module contains a collection of YANG definitions
for configuring NETCONF clients.
- Copyright (c) 2023 IETF Trust and the persons identified
+ Copyright (c) 2024 IETF Trust and the persons identified
as authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with
(RFC 8174) when, and only when, they appear in all
capitals, as shown here.";
- revision 2023-12-28 {
+ revision 2024-02-08 {
description
"Initial version";
reference
import org.opendaylight.netconf.transport.ssh.ClientFactoryManagerConfigurator;
import org.opendaylight.netconf.transport.tls.SslHandlerFactory;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Uri;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev231228.SshClientGrouping;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.client.rev231228.TcpClientGrouping;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.client.rev231228.TlsClientGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev240208.SshClientGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.client.rev240208.TcpClientGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.client.rev240208.TlsClientGrouping;
@ExtendWith(MockitoExtension.class)
class NetconfClientConfigurationTest {
import org.opendaylight.netconf.transport.tls.FixedSslHandlerFactory;
import org.opendaylight.netconf.transport.tls.TLSServer;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.crypt.hash.rev140806.CryptHash;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev231228.RsaPrivateKeyFormat;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev231228.SubjectPublicKeyInfoFormat;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev231228._private.key.grouping._private.key.type.CleartextPrivateKeyBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev231228.password.grouping.password.type.CleartextPasswordBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev240208.RsaPrivateKeyFormat;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev240208.SubjectPublicKeyInfoFormat;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev240208._private.key.grouping._private.key.type.CleartextPrivateKeyBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev240208.password.grouping.password.type.CleartextPasswordBuilder;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Host;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.IetfInetUtil;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.PortNumber;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore.rev231228.inline.or.keystore.asymmetric.key.grouping.inline.or.keystore.InlineBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore.rev231228.inline.or.keystore.asymmetric.key.grouping.inline.or.keystore.inline.InlineDefinitionBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.netconf.client.rev231228.netconf.client.initiate.stack.grouping.transport.tls.tls.TcpClientParametersBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.netconf.client.rev231228.netconf.client.listen.stack.grouping.transport.ssh.ssh.SshClientParametersBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.netconf.client.rev231228.netconf.client.listen.stack.grouping.transport.ssh.ssh.TcpServerParametersBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev231228.ssh.client.grouping.ClientIdentityBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev231228.ssh.client.grouping.client.identity.PasswordBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev231228.SshServerGrouping;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev231228.ssh.server.grouping.ClientAuthentication;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev231228.ssh.server.grouping.ClientAuthenticationBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev231228.ssh.server.grouping.ServerIdentity;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev231228.ssh.server.grouping.ServerIdentityBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev231228.ssh.server.grouping.client.authentication.UsersBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev231228.ssh.server.grouping.client.authentication.users.UserBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev231228.ssh.server.grouping.server.identity.HostKeyBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev231228.ssh.server.grouping.server.identity.host.key.host.key.type.PublicKeyBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.client.rev231228.TcpClientGrouping;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.server.rev231228.TcpServerGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore.rev240208.inline.or.keystore.asymmetric.key.grouping.inline.or.keystore.InlineBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore.rev240208.inline.or.keystore.asymmetric.key.grouping.inline.or.keystore.inline.InlineDefinitionBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.netconf.client.rev240208.netconf.client.initiate.stack.grouping.transport.tls.tls.TcpClientParametersBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.netconf.client.rev240208.netconf.client.listen.stack.grouping.transport.ssh.ssh.SshClientParametersBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.netconf.client.rev240208.netconf.client.listen.stack.grouping.transport.ssh.ssh.TcpServerParametersBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev240208.ssh.client.grouping.ClientIdentityBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev240208.ssh.client.grouping.client.identity.PasswordBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208.SshServerGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208.ssh.server.grouping.ClientAuthentication;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208.ssh.server.grouping.ClientAuthenticationBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208.ssh.server.grouping.ServerIdentity;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208.ssh.server.grouping.ServerIdentityBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208.ssh.server.grouping.client.authentication.UsersBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208.ssh.server.grouping.client.authentication.users.UserBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208.ssh.server.grouping.server.identity.HostKeyBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208.ssh.server.grouping.server.identity.host.key.host.key.type.PublicKeyBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.client.rev240208.TcpClientGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.server.rev240208.TcpServerGrouping;
import org.opendaylight.yangtools.yang.common.Uint16;
@ExtendWith(MockitoExtension.class)
).build();
final var inline = new InlineBuilder().setInlineDefinition(inlineDef).build();
final var publicKey = new PublicKeyBuilder().setPublicKey(
- new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev231228
+ new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208
.ssh.server.grouping.server.identity.host.key.host.key.type._public.key
.PublicKeyBuilder().setInlineOrKeystore(inline).build()
).build();
}
private static ClientAuthentication buildSshClientAuth() {
- final var user = new UserBuilder().setName(USERNAME).setPassword(new CryptHash("$0$" + PASSWORD)).build();
+ final var user = new UserBuilder().setName(USERNAME)
+ .setPassword(new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208.ssh
+ .server.grouping.client.authentication.users.user.PasswordBuilder()
+ .setHashedPassword(new CryptHash("$0$" + PASSWORD))
+ .build())
+ .build();
return new ClientAuthenticationBuilder().setUsers(
new UsersBuilder().setUser(Map.of(user.key(), user)).build()
).build();
"This module contains a collection of YANG definitions
for configuring NETCONF servers.
- Copyright (c) 2023 IETF Trust and the persons identified
+ Copyright (c) 2024 IETF Trust and the persons identified
as authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with
(RFC 8174) when, and only when, they appear in all
capitals, as shown here.";
- revision 2023-12-28 {
+ revision 2024-02-08 {
description
"Initial version";
reference
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Host;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.IetfInetUtil;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.PortNumber;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.netconf.client.rev231228.netconf.client.initiate.stack.grouping.transport.ssh.ssh.TcpClientParametersBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.netconf.client.rev240208.netconf.client.initiate.stack.grouping.transport.ssh.ssh.TcpClientParametersBuilder;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.netconf.monitoring.rev101004.netconf.state.Capabilities;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.netconf.monitoring.rev101004.netconf.state.CapabilitiesBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.netconf.server.rev231228.netconf.server.listen.stack.grouping.transport.ssh.ssh.TcpServerParametersBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.client.rev231228.TcpClientGrouping;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.server.rev231228.TcpServerGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.netconf.server.rev240208.netconf.server.listen.stack.grouping.transport.ssh.ssh.TcpServerParametersBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.client.rev240208.TcpClientGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.server.rev240208.TcpServerGrouping;
import org.opendaylight.yangtools.concepts.Registration;
import org.opendaylight.yangtools.yang.common.Uint16;
import org.slf4j.Logger;
import java.util.Set;
import org.eclipse.jdt.annotation.NonNullByDefault;
import org.kohsuke.MetaInfServices;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.restconf.client.rev230417.IetfRestconfClientData;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.restconf.client.rev240208.IetfRestconfClientData;
import org.opendaylight.yangtools.yang.binding.YangFeature;
import org.opendaylight.yangtools.yang.binding.YangFeatureProvider;
"This module contains a collection of YANG definitions
for configuring RESTCONF clients.
- Copyright (c) 2023 IETF Trust and the persons identified
+ Copyright (c) 2024 IETF Trust and the persons identified
as authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with
(RFC 8174) when, and only when, they appear in all
capitals, as shown here.";
- revision 2023-04-17 {
+ revision 2024-02-08 {
description
"Initial version";
reference
description
"The 'http-listen' feature indicates that the RESTCONF client
supports opening a port to listen for incoming RESTCONF
- server call-home connections. This feature exists as not
- all RESTCONF clients may support RESTCONF call home.";
+ server call-home connections using HTTP. This feature
+ exists as not all RESTCONF clients may support RESTCONF
+ call home.";
reference
"RFC 8071: NETCONF Call Home and RESTCONF Call Home";
}
description
"The 'https-listen' feature indicates that the RESTCONF client
supports opening a port to listen for incoming RESTCONF
- server call-home connections. This feature exists as not
- all RESTCONF clients may support RESTCONF call home.";
+ server call-home connections using HTTPS. This feature
+ exists as not all RESTCONF clients may support RESTCONF
+ call home.";
reference
"RFC 8071: NETCONF Call Home and RESTCONF Call Home";
}
grouping restconf-client-initiate-stack-grouping {
description
"A reusable grouping for configuring a RESTCONF client
- 'initiate' protocol stack for a single connection.";
+ 'initiate' protocol stack for a single outbound connection.";
choice transport {
mandatory true;
description
- "Selects between available transports. This is a
- 'choice' statement so as to support additional
- transport options to be augmented in.";
+ "Selects between available transports.";
case https {
if-feature "https-initiate";
container https {
must 'tls-client-parameters/client-identity
or http-client-parameters/client-identity';
description
- "Specifies HTTPS-specific transport
- configuration.";
+ "TCP, TLS, HTTP, and RESTCONF configuration to
+ initiate a RESTCONF over HTTPS connection.";
container tcp-client-parameters {
description
- "A wrapper around the TCP client parameters
- to avoid name collisions.";
+ "TCP-level client parameters to initiate
+ a RESTCONF over HTTPS connection.";
uses tcpc:tcp-client-grouping {
refine "remote-port" {
default "443";
}
container tls-client-parameters {
description
- "A wrapper around the TLS client parameters
- to avoid name collisions.";
+ "TLS-level client parameters to initiate
+ a RESTCONF over HTTPS connection.";
uses tlsc:tls-client-grouping;
}
container http-client-parameters {
description
- "A wrapper around the HTTP client parameters
- to avoid name collisions.";
+ "HTTP-level client parameters to initiate
+ a RESTCONF over HTTPS connection.";
uses httpc:http-client-grouping;
}
container restconf-client-parameters {
description
- "A wrapper around the RESTCONF client parameters
- to avoid name collisions.
-
- This container does not define any nodes. It
- exists as a potential augmentation target by
- other modules.";
+ "RESTCONF-level client parameters to initiate
+ a RESTCONF over HTTPS connection.";
uses rcc:restconf-client-grouping;
}
}
grouping restconf-client-listen-stack-grouping {
description
"A reusable grouping for configuring a RESTCONF client
- 'listen' protocol stack for a single connection. The
+ 'listen' protocol stack for listening on a single port. The
'listen' stack supports call home connections, as
described in RFC 8071";
reference
choice transport {
mandatory true;
description
- "Selects between available transports. This is a
- 'choice' statement so as to support additional
- transport options to be augmented in.";
+ "Selects between available transports.";
case http {
if-feature "http-listen";
container http {
description
- "HTTP-specific listening configuration for inbound
- connections.
+ "TCP, HTTP, and RESTCONF configuration to
+ listen for RESTCONF over HTTPS connections.
This transport option is made available to support
deployments where the TLS connections are terminated
the client.";
container tcp-server-parameters {
description
- "A wrapper around the TCP client parameters
- to avoid name collisions.";
+ "TCP-level server parameters to listen for
+ RESTCONF over HTTP connections.";
uses tcps:tcp-server-grouping {
refine "local-port" {
default "4336";
}
container http-client-parameters {
description
- "A wrapper around the HTTP client parameters
- to avoid name collisions.";
+ "HTTP-level client parameters to listen for
+ RESTCONF over HTTP connections.";
uses httpc:http-client-grouping;
}
container restconf-client-parameters {
description
- "A wrapper around the RESTCONF client parameters
- to avoid name collisions.
-
- This container does not define any nodes. It
- exists as a potential augmentation target by
- other modules.";
+ "RESTCONF-level client parameters to listen
+ for RESTCONF over HTTP connections.";
uses rcc:restconf-client-grouping;
}
}
must 'tls-client-parameters/client-identity
or http-client-parameters/client-identity';
description
- "HTTPS-specific listening configuration for inbound
- connections.";
+ "TCP, TLS, HTTP, and RESTCONF configuration to
+ listen for RESTCONF over HTTPS connections.";
container tcp-server-parameters {
description
- "A wrapper around the TCP client parameters
- to avoid name collisions.";
+ "TCP-level server parameters to listen
+ for RESTCONF over HTTPS connections.";
uses tcps:tcp-server-grouping {
refine "local-port" {
default "4336";
}
container tls-client-parameters {
description
- "A wrapper around the TLS client parameters
- to avoid name collisions.";
+ "TLS-level client parameters to listen
+ for RESTCONF over HTTPS connections.";
uses tlsc:tls-client-grouping;
}
container http-client-parameters {
description
- "A wrapper around the HTTP client parameters
- to avoid name collisions.";
+ "HTTP-level client parameters to listen
+ for RESTCONF over HTTPS connections.";
uses httpc:http-client-grouping;
}
container restconf-client-parameters {
description
- "A wrapper around the RESTCONF client parameters
- to avoid name collisions.
-
- This container does not define any nodes. It
- exists as a potential augmentation target by
- other modules.";
+ "RESTCONF-level client parameters to listen
+ for RESTCONF over HTTPS connections.";
uses rcc:restconf-client-grouping;
}
}
}
container endpoints {
description
- "Container for the list of endpoints.";
+ "Container for a list of endpoints.";
list endpoint {
key "name";
min-elements 1;
}
}
} // initiate
+
container listen {
if-feature "http-listen or https-listen";
presence
the server will never drop a session because it is
idle.";
}
- list endpoint {
- key "name";
- min-elements 1;
+ container endpoints {
description
- "List of endpoints to listen for RESTCONF connections.";
- leaf name {
- type string;
+ "Container for a list of endpoints.";
+ list endpoint {
+ key "name";
+ min-elements 1;
description
- "An arbitrary name for the RESTCONF listen endpoint.";
+ "List of endpoints to listen for RESTCONF connections.";
+ leaf name {
+ type string;
+ description
+ "An arbitrary name for the RESTCONF listen endpoint.";
+ }
+ uses restconf-client-listen-stack-grouping;
}
- uses restconf-client-listen-stack-grouping;
}
- }
+ } // listen
} // restconf-client-app-grouping
// Protocol accessible node for servers that implement this module.
import java.util.Set;
import org.eclipse.jdt.annotation.NonNullByDefault;
import org.kohsuke.MetaInfServices;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.restconf.server.rev230417.IetfRestconfServerData;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.restconf.server.rev240208.IetfRestconfServerData;
import org.opendaylight.yangtools.yang.binding.YangFeature;
import org.opendaylight.yangtools.yang.binding.YangFeatureProvider;
"This module contains a collection of YANG definitions
for configuring RESTCONF servers.
- Copyright (c) 2023 IETF Trust and the persons identified
+ Copyright (c) 2024 IETF Trust and the persons identified
as authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with
(RFC 8174) when, and only when, they appear in all
capitals, as shown here.";
- revision 2023-04-17 {
+ revision 2024-02-08 {
description
"Initial version";
reference
grouping restconf-server-listen-stack-grouping {
description
"A reusable grouping for configuring a RESTCONF server
- 'listen' protocol stack for a single connection.";
+ 'listen' protocol stack for listening on a single port.";
choice transport {
mandatory true;
description
- "Selects between available transports. This is a
- 'choice' statement so as to support additional
- transport options to be augmented in.";
+ "Selects between available transports.";
case http {
if-feature "http-listen";
container http {
description
"Configures RESTCONF server stack assuming that
- TLS-termination is handled externally.";
+ TLS-termination is handled externally.
+
+ How a RESTCONF-server identifies RESTCONF-clients
+ authenticating using a TLS-level client-certificate
+ with external TLS termination is out of scope of
+ this document.";
container external-endpoint {
presence
"Identifies that an external endpoint has been
description
"Identifies contact information for the external
system that terminates connections before passing
- them thru to this server (e.g., a network address
+ them through to this server (e.g., a network address
translator or a load balancer). These values have
no effect on the local operation of this server,
but may be used by the application when needing to
type inet:host;
mandatory true;
description
- "The IP address or hostname of the external system
- that terminates incoming RESTCONF client
- connections before forwarding them to this
- server.";
+ "The IP address or hostname of the external
+ system that terminates incoming RESTCONF
+ client connections before forwarding them
+ to this server.";
}
leaf port {
type inet:port-number;
}
container tcp-server-parameters {
description
- "A wrapper around the TCP server parameters
- to avoid name collisions.";
+ "TCP-level server parameters to listen for
+ RESTCONF over HTTP connections.";
uses tcps:tcp-server-grouping {
refine "local-port" {
default "80";
}
container http-server-parameters {
description
- "A wrapper around the HTTP server parameters
- to avoid name collisions.";
+ "HTTP-level server parameters to listen
+ for RESTCONF over HTTP connections.";
uses https:http-server-grouping;
}
container restconf-server-parameters {
description
- "A wrapper around the RESTCONF server parameters
- to avoid name collisions.";
+ "RESTCONF-level server parameters to listen
+ for RESTCONF over HTTP connections.";
uses rcs:restconf-server-grouping;
}
}
server).";
container tcp-server-parameters {
description
- "A wrapper around the TCP server parameters
- to avoid name collisions.";
+ "TCP-level server parameters to listen for
+ RESTCONF over HTTPS connections.";
uses tcps:tcp-server-grouping {
refine "local-port" {
default "443";
}
container tls-server-parameters {
description
- "A wrapper around the TLS server parameters
- to avoid name collisions.";
+ "TLS-level server parameters to listen
+ for RESTCONF over HTTPS connections.";
uses tlss:tls-server-grouping;
}
container http-server-parameters {
description
- "A wrapper around the HTTP server parameters
- to avoid name collisions.";
+ "HTTP-level server parameters to listen
+ for RESTCONF over HTTPS connections.";
uses https:http-server-grouping;
}
container restconf-server-parameters {
description
- "A wrapper around the RESTCONF server parameters
- to avoid name collisions.";
+ "RESTCONF-level server parameters to listen
+ for RESTCONF over HTTPS connections.";
uses rcs:restconf-server-grouping;
}
}
grouping restconf-server-callhome-stack-grouping {
description
"A reusable grouping for configuring a RESTCONF server
- 'call-home' protocol stack, for a single connection.";
+ 'call-home' protocol stack, for a single outbound
+ connection.";
choice transport {
mandatory true;
description
- "Selects between available transports. This is a
- 'choice' statement so as to support additional
- transport options to be augmented in.";
+ "Selects between available transports.";
case https {
- if-feature "https-listen";
+ if-feature "https-call-home";
container https {
description
"Configures RESTCONF server stack assuming that
TLS-termination is handled internally.";
container tcp-client-parameters {
description
- "A wrapper around the TCP client parameters
- to avoid name collisions.";
+ "TCP-level client parameters to initiate a
+ RESTCONF over HTTPS Call Home connection.";
uses tcpc:tcp-client-grouping {
refine "remote-port" {
default "4336";
}
container tls-server-parameters {
description
- "A wrapper around the TLS server parameters
- to avoid name collisions.";
+ "TLS-level server parameters to initiate a
+ RESTCONF over HTTPS Call Home connection.";
uses tlss:tls-server-grouping;
}
container http-server-parameters {
description
- "A wrapper around the HTTP server parameters
- to avoid name collisions.";
+ "HTTP-level server parameters to initiate a
+ RESTCONF over HTTPS Call Home connection.";
uses https:http-server-grouping;
}
container restconf-server-parameters {
description
- "A wrapper around the RESTCONF server parameters
- to avoid name collisions.";
+ "RESTCONF-level server parameters to initiate
+ a RESTCONF over HTTPS Call Home connection.";
uses rcs:restconf-server-grouping;
}
}
description
"Configures the RESTCONF server to listen for RESTCONF
client connections.";
- list endpoint {
- key "name";
- min-elements 1;
+ container endpoints {
description
- "List of endpoints to listen for RESTCONF connections.";
- leaf name {
- type string;
+ "Container for a list of endpoints.";
+ list endpoint {
+ key "name";
+ min-elements 1;
description
- "An arbitrary name for the RESTCONF listen endpoint.";
+ "List of endpoints to listen for RESTCONF connections.";
+ leaf name {
+ type string;
+ description
+ "An arbitrary name for the RESTCONF listen endpoint.";
+ }
+ uses restconf-server-listen-stack-grouping;
}
- uses restconf-server-listen-stack-grouping;
}
}
container call-home {
import java.util.Set;
import org.eclipse.jdt.annotation.NonNullByDefault;
import org.kohsuke.MetaInfServices;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.http.client.rev230417.BasicAuth;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.http.client.rev230417.IetfHttpClientData;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.http.client.rev230417.TcpSupported;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.http.client.rev230417.TlsSupported;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.http.client.rev240208.BasicAuth;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.http.client.rev240208.IetfHttpClientData;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.http.client.rev240208.TcpSupported;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.http.client.rev240208.TlsSupported;
import org.opendaylight.yangtools.yang.binding.YangFeature;
import org.opendaylight.yangtools.yang.binding.YangFeatureProvider;
import java.util.Set;
import org.eclipse.jdt.annotation.NonNullByDefault;
import org.kohsuke.MetaInfServices;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.http.server.rev230417.IetfHttpServerData;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.http.server.rev230417.TcpSupported;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.http.server.rev230417.TlsSupported;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.http.server.rev240208.IetfHttpServerData;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.http.server.rev240208.TcpSupported;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.http.server.rev240208.TlsSupported;
import org.opendaylight.yangtools.yang.binding.YangFeature;
import org.opendaylight.yangtools.yang.binding.YangFeatureProvider;
"This module defines reusable groupings for HTTP clients that
can be used as a basis for specific HTTP client instances.
- Copyright (c) 2023 IETF Trust and the persons identified
+ Copyright (c) 2024 IETF Trust and the persons identified
as authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with
(RFC 8174) when, and only when, they appear in all
capitals, as shown here.";
- revision 2023-04-17 {
+ revision 2024-02-08 {
description
"Initial version";
reference
configured.";
description
"Configures the proxy server the HTTP-client is to
- connect thru.";
+ connect through.";
choice proxy-type {
mandatory true;
description
configuration parameters.";
container tcp-client-parameters {
description
- "A wrapper around the TCP parameters to avoid
- name collisions.";
+ "TCP client parameters.";
uses tcpc:tcp-client-grouping;
}
container http-client-parameters {
description
- "A wrapper around the HTTP parameters to avoid
- name collisions.";
+ "HTTP client parameters.";
uses http-client-identity-grouping;
}
}
configuration parameters.";
container tcp-client-parameters {
description
- "A wrapper around the TCP parameters to avoid
- name collisions.";
+ "TCP client parameters.";
uses tcpc:tcp-client-grouping;
}
container tls-client-parameters {
description
- "A wrapper around the TLS parameters to avoid
- name collisions.";
+ "TLS client parameters.";
uses tlsc:tls-client-grouping;
}
container http-client-parameters {
description
- "A wrapper around the HTTP parameters to avoid
- name collisions.";
+ "HTTP client parameters.";
uses http-client-identity-grouping;
}
}
"Container for TCP-based HTTP protocols.";
container tcp-client-parameters {
description
- "A wrapper around the TCP parameters to avoid
- name collisions.";
+ "TCP client parameters.";
uses tcpc:tcp-client-grouping;
}
container http-client-parameters {
description
- "A wrapper around the HTTP parameters to avoid
- name collisions.";
+ "HTTP client parameters.";
uses http-client-grouping;
}
}
"Container for TLS-based HTTP protocols.";
container tcp-client-parameters {
description
- "A wrapper around the TCP parameters to avoid
- name collisions.";
+ "TCP client parameters.";
uses tcpc:tcp-client-grouping;
}
container tls-client-parameters {
description
- "A wrapper around the TLS parameters to avoid
- name collisions.";
+ "TLS client parameters.";
uses tlsc:tls-client-grouping;
}
container http-client-parameters {
description
- "A wrapper around the HTTP parameters to avoid
- name collisions.";
+ "HTTP client parameters.";
uses http-client-grouping;
}
}
namespace "urn:ietf:params:xml:ns:yang:ietf-http-server";
prefix https;
+ import ietf-yang-types {
+ prefix yang;
+ reference
+ "RFC 6991: Common YANG Data Types";
+ }
+
import iana-crypt-hash {
prefix ianach;
reference
"This module defines reusable groupings for HTTP servers that
can be used as a basis for specific HTTP server instances.
- Copyright (c) 2023 IETF Trust and the persons identified
+ Copyright (c) 2024 IETF Trust and the persons identified
as authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with
(RFC 8174) when, and only when, they appear in all
capitals, as shown here.";
- revision 2023-04-17 {
+ revision 2024-02-08 {
description
"Initial version";
reference
case basic {
container basic {
if-feature "basic-auth";
- leaf user-id {
+ leaf username {
type string;
description
- "The user-id for the authenticating client.";
+ "The username for the authenticating HTTP
+ client.";
}
- leaf password {
- nacm:default-deny-write;
- type ianach:crypt-hash;
+ container password {
description
- "The password for the authenticating client.";
+ "The hashed password the HTTP server uses to
+ authenticate this user. A user is authenticated
+ if the hash of the supplied password matches
+ this value.";
+ leaf hashed-password {
+ type ianach:crypt-hash;
+ description
+ "The password for the authenticating client.";
+ }
+ leaf last-modified {
+ type yang:date-and-time;
+ config false;
+ description
+ "Identifies when the password was last set.";
+ }
}
description
"The 'basic' HTTP scheme credentials.";
"Container for TCP-based HTTP protocols.";
container tcp-server-parameters {
description
- "A wrapper around the TCP parameters to avoid
- name collisions.";
+ "TCP-level server parameters to
+ listen for HTTP connections.";
uses tcps:tcp-server-grouping;
}
container http-server-parameters {
description
- "A wrapper around the HTTP parameters to avoid
- name collisions.";
+ "HTTP-level server parameters to
+ listen for HTTP connections.";
uses http-server-grouping;
}
}
"Container for TLS-based HTTP protocols.";
container tcp-server-parameters {
description
- "A wrapper around the TCP parameters to avoid
- name collisions.";
+ "TCP-level server parameters to
+ listen for HTTPS connections.";
uses tcps:tcp-server-grouping;
}
container tls-server-parameters {
description
- "A wrapper around the TLS parameters to avoid
- name collisions.";
+ "TLS-level server parameters to
+ listen for HTTPS connections.";
uses tlss:tls-server-grouping;
}
container http-server-parameters {
description
- "A wrapper around the HTTP parameters to avoid
- name collisions.";
+ "HTTP-level server parameters to
+ listen for HTTPS connections.";
uses http-server-grouping;
}
}
import org.opendaylight.netconf.shaded.sshd.common.kex.KeyExchangeFactory;
import org.opendaylight.netconf.shaded.sshd.common.session.SessionHeartbeatController;
import org.opendaylight.netconf.transport.api.UnsupportedConfigurationException;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev231228.AsymmetricKeyPairGrouping;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev231228.EcPrivateKeyFormat;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev231228.RsaPrivateKeyFormat;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev231228.SshPublicKeyFormat;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev231228.SubjectPublicKeyInfoFormat;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev231228._private.key.grouping._private.key.type.CleartextPrivateKey;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore.rev231228.InlineOrKeystoreEndEntityCertWithKeyGrouping;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev231228.ssh.client.grouping.server.authentication.SshHostKeys;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.common.rev231228.TransportParamsGrouping;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.common.rev231228.transport.params.grouping.KeyExchange;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.truststore.rev231228.InlineOrTruststoreCertsGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev240208.AsymmetricKeyPairGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev240208.EcPrivateKeyFormat;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev240208.RsaPrivateKeyFormat;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev240208.SshPublicKeyFormat;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev240208.SubjectPublicKeyInfoFormat;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev240208._private.key.grouping._private.key.type.CleartextPrivateKey;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore.rev240208.InlineOrKeystoreEndEntityCertWithKeyGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev240208.ssh.client.grouping.server.authentication.SshHostKeys;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.common.rev240208.TransportParamsGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.common.rev240208.transport.params.grouping.KeyExchange;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.truststore.rev240208.InlineOrTruststoreCertsGrouping;
import org.opendaylight.yangtools.yang.common.Uint16;
import org.opendaylight.yangtools.yang.common.Uint8;
}
static List<KeyPair> extractServerHostKeys(
- final List<org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev231228
+ final List<org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208
.ssh.server.grouping.server.identity.HostKey> serverHostKeys)
throws UnsupportedConfigurationException {
var listBuilder = ImmutableList.<KeyPair>builder();
for (var hostKey : serverHostKeys) {
if (hostKey.getHostKeyType()
- instanceof org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev231228
+ instanceof org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208
.ssh.server.grouping.server.identity.host.key.host.key.type.PublicKey publicKey
&& publicKey.getPublicKey() != null) {
listBuilder.add(extractKeyPair(publicKey.getPublicKey().getInlineOrKeystore()));
} else if (hostKey.getHostKeyType()
- instanceof org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev231228
+ instanceof org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208
.ssh.server.grouping.server.identity.host.key.host.key.type.Certificate certificate
&& certificate.getCertificate() != null) {
listBuilder.add(extractCertificateEntry(certificate.getCertificate()).getKey());
}
static KeyPair extractKeyPair(
- final org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore.rev231228
+ final org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore.rev240208
.inline.or.keystore.asymmetric.key.grouping.InlineOrKeystore input)
throws UnsupportedConfigurationException {
- final var inline = ofType(org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore.rev231228
+ final var inline = ofType(org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore.rev240208
.inline.or.keystore.asymmetric.key.grouping.inline.or.keystore.Inline.class, input);
final var inlineDef = inline.getInlineDefinition();
if (inlineDef == null) {
return List.of();
}
final var inline = ofType(org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.truststore
- .rev231228.inline.or.truststore.certs.grouping.inline.or.truststore.Inline.class,
+ .rev240208.inline.or.truststore.certs.grouping.inline.or.truststore.Inline.class,
input.getInlineOrTruststore());
final var inlineDef = inline.getInlineDefinition();
if (inlineDef == null) {
private static Map.Entry<KeyPair, List<X509Certificate>> extractCertificateEntry(
final InlineOrKeystoreEndEntityCertWithKeyGrouping input) throws UnsupportedConfigurationException {
- final var inline = ofType(org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore.rev231228
+ final var inline = ofType(org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore.rev240208
.inline.or.keystore.end.entity.cert.with.key.grouping.inline.or.keystore.Inline.class,
input.getInlineOrKeystore());
final var inlineDef = inline.getInlineDefinition();
}
static List<PublicKey> extractPublicKeys(
- final org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.truststore.rev231228
+ final org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.truststore.rev240208
.inline.or.truststore._public.keys.grouping.InlineOrTruststore input)
throws UnsupportedConfigurationException {
- final var inline = ofType(org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.truststore.rev231228
+ final var inline = ofType(org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.truststore.rev240208
.inline.or.truststore._public.keys.grouping.inline.or.truststore.Inline.class, input);
final var inlineDef = inline.getInlineDefinition();
if (inlineDef == null) {
import java.util.Set;
import org.eclipse.jdt.annotation.NonNullByDefault;
import org.kohsuke.MetaInfServices;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev231228.ClientIdentHostbased;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev231228.ClientIdentPassword;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev231228.ClientIdentPublickey;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev231228.IetfSshClientData;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev231228.SshClientKeepalives;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev240208.ClientIdentHostbased;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev240208.ClientIdentPassword;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev240208.ClientIdentPublickey;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev240208.IetfSshClientData;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev240208.SshClientKeepalives;
import org.opendaylight.yangtools.yang.binding.YangFeature;
import org.opendaylight.yangtools.yang.binding.YangFeatureProvider;
import java.util.Set;
import org.eclipse.jdt.annotation.NonNullByDefault;
import org.kohsuke.MetaInfServices;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.common.rev231228.IetfSshCommonData;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.common.rev231228.SshX509Certs;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.common.rev231228.TransportParams;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.common.rev240208.IetfSshCommonData;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.common.rev240208.SshX509Certs;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.common.rev240208.TransportParams;
import org.opendaylight.yangtools.yang.binding.YangFeature;
import org.opendaylight.yangtools.yang.binding.YangFeatureProvider;
import java.util.Set;
import org.eclipse.jdt.annotation.NonNullByDefault;
import org.kohsuke.MetaInfServices;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev231228.IetfSshServerData;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev231228.LocalUserAuthHostbased;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev231228.LocalUserAuthPassword;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev231228.LocalUserAuthPublickey;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev231228.LocalUsersSupported;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev231228.SshServerKeepalives;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208.IetfSshServerData;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208.LocalUserAuthHostbased;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208.LocalUserAuthPassword;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208.LocalUserAuthPublickey;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208.LocalUsersSupported;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208.SshServerKeepalives;
import org.opendaylight.yangtools.yang.binding.YangFeature;
import org.opendaylight.yangtools.yang.binding.YangFeatureProvider;
import org.opendaylight.netconf.transport.api.UnsupportedConfigurationException;
import org.opendaylight.netconf.transport.tcp.TCPClient;
import org.opendaylight.netconf.transport.tcp.TCPServer;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev231228.SshClientGrouping;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.client.rev231228.TcpClientGrouping;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.server.rev231228.TcpServerGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev240208.SshClientGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.client.rev240208.TcpClientGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.server.rev240208.TcpServerGrouping;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.opendaylight.netconf.transport.api.UnsupportedConfigurationException;
import org.opendaylight.netconf.transport.tcp.TCPClient;
import org.opendaylight.netconf.transport.tcp.TCPServer;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev231228.SshServerGrouping;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.client.rev231228.TcpClientGrouping;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.server.rev231228.TcpServerGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208.SshServerGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.client.rev240208.TcpClientGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.server.rev240208.TcpServerGrouping;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.opendaylight.netconf.transport.api.TransportChannelListener;
import org.opendaylight.netconf.transport.api.UnsupportedConfigurationException;
import org.opendaylight.netconf.transport.tcp.BootstrapFactory;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev231228.SshClientGrouping;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev231228.SshServerGrouping;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.client.rev231228.TcpClientGrouping;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.server.rev231228.TcpServerGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev240208.SshClientGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208.SshServerGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.client.rev240208.TcpClientGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.server.rev240208.TcpServerGrouping;
/**
* A {@link BootstrapFactory} additionally capable of instantiating {@link SSHClient}s and {@link SSHServer}s.
import org.opendaylight.netconf.shaded.sshd.common.keyprovider.KeyIdentityProvider;
import org.opendaylight.netconf.shaded.sshd.netty.NettyIoServiceFactoryFactory;
import org.opendaylight.netconf.transport.api.UnsupportedConfigurationException;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev231228.password.grouping.password.type.CleartextPassword;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev231228.ssh.client.grouping.ClientIdentity;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev231228.ssh.client.grouping.Keepalives;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev231228.ssh.client.grouping.ServerAuthentication;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.common.rev231228.TransportParamsGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev240208.password.grouping.password.type.CleartextPassword;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev240208.ssh.client.grouping.ClientIdentity;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev240208.ssh.client.grouping.Keepalives;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev240208.ssh.client.grouping.ServerAuthentication;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.common.rev240208.TransportParamsGrouping;
/**
* Our internal-use {@link SshClient}. We reuse all the properties and logic of an {@link SshClient}, but we never allow
import org.opendaylight.netconf.shaded.sshd.server.auth.pubkey.UserAuthPublicKeyFactory;
import org.opendaylight.netconf.shaded.sshd.server.forward.DirectTcpipFactory;
import org.opendaylight.netconf.transport.api.UnsupportedConfigurationException;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev231228.SshServerGrouping;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev231228.ssh.server.grouping.ClientAuthentication;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev231228.ssh.server.grouping.Keepalives;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev231228.ssh.server.grouping.ServerIdentity;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208.SshServerGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208.ssh.server.grouping.ClientAuthentication;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208.ssh.server.grouping.Keepalives;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208.ssh.server.grouping.ServerIdentity;
/**
* Our internal-use {@link SshServer}. We reuse all the properties and logic of an {@link SshServer}, but we never allow
for (var entry : userMap.entrySet()) {
final var username = entry.getKey().getName();
final var value = entry.getValue();
- final var password = value.getPassword();
+ final var password = value.nonnullPassword().getHashedPassword();
if (password != null) {
passwordMapBuilder.put(username, password.getValue());
}
import org.opendaylight.netconf.shaded.sshd.server.ServerBuilder;
import org.opendaylight.netconf.transport.api.TransportChannel;
import org.opendaylight.netconf.transport.api.UnsupportedConfigurationException;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh._public.key.algs.rev220616.EcdsaSha2Nistp256;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh._public.key.algs.rev220616.EcdsaSha2Nistp384;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh._public.key.algs.rev220616.EcdsaSha2Nistp521;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh._public.key.algs.rev220616.PublicKeyAlgBase;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh._public.key.algs.rev220616.RsaSha2256;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh._public.key.algs.rev220616.RsaSha2512;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh._public.key.algs.rev220616.SshDss;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh._public.key.algs.rev220616.SshEd25519;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh._public.key.algs.rev220616.SshRsa;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.encryption.algs.rev220616.AeadAes128Gcm;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.encryption.algs.rev220616.AeadAes256Gcm;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.encryption.algs.rev220616.Aes128Cbc;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.encryption.algs.rev220616.Aes128Ctr;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.encryption.algs.rev220616.Aes192Cbc;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.encryption.algs.rev220616.Aes192Ctr;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.encryption.algs.rev220616.Aes256Cbc;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.encryption.algs.rev220616.Aes256Ctr;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.encryption.algs.rev220616.Arcfour128;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.encryption.algs.rev220616.Arcfour256;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.encryption.algs.rev220616.BlowfishCbc;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.encryption.algs.rev220616.EncryptionAlgBase;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.encryption.algs.rev220616.None;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.encryption.algs.rev220616.TripleDesCbc;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.key.exchange.algs.rev220616.Curve25519Sha256;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.key.exchange.algs.rev220616.Curve448Sha512;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.key.exchange.algs.rev220616.DiffieHellmanGroup14Sha1;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.key.exchange.algs.rev220616.DiffieHellmanGroup14Sha256;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.key.exchange.algs.rev220616.DiffieHellmanGroup15Sha512;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.key.exchange.algs.rev220616.DiffieHellmanGroup16Sha512;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.key.exchange.algs.rev220616.DiffieHellmanGroup17Sha512;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.key.exchange.algs.rev220616.DiffieHellmanGroup18Sha512;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.key.exchange.algs.rev220616.DiffieHellmanGroup1Sha1;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.key.exchange.algs.rev220616.DiffieHellmanGroupExchangeSha1;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.key.exchange.algs.rev220616.DiffieHellmanGroupExchangeSha256;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.key.exchange.algs.rev220616.EcdhSha2Nistp256;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.key.exchange.algs.rev220616.EcdhSha2Nistp384;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.key.exchange.algs.rev220616.EcdhSha2Nistp521;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.key.exchange.algs.rev220616.KeyExchangeAlgBase;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.mac.algs.rev220616.HmacMd5;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.mac.algs.rev220616.HmacMd596;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.mac.algs.rev220616.HmacSha1;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.mac.algs.rev220616.HmacSha196;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.mac.algs.rev220616.HmacSha2256;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.mac.algs.rev220616.HmacSha2512;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.mac.algs.rev220616.MacAlgBase;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.common.rev231228.transport.params.grouping.Encryption;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.common.rev231228.transport.params.grouping.HostKey;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.common.rev231228.transport.params.grouping.KeyExchange;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh._public.key.algs.rev240208.EcdsaSha2Nistp256;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh._public.key.algs.rev240208.EcdsaSha2Nistp384;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh._public.key.algs.rev240208.EcdsaSha2Nistp521;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh._public.key.algs.rev240208.PublicKeyAlgBase;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh._public.key.algs.rev240208.RsaSha2256;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh._public.key.algs.rev240208.RsaSha2512;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh._public.key.algs.rev240208.SshDss;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh._public.key.algs.rev240208.SshEd25519;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh._public.key.algs.rev240208.SshRsa;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.encryption.algs.rev240208.AEADAES128GCM;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.encryption.algs.rev240208.AEADAES256GCM;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.encryption.algs.rev240208.Aes128Cbc;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.encryption.algs.rev240208.Aes128Ctr;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.encryption.algs.rev240208.Aes192Cbc;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.encryption.algs.rev240208.Aes192Ctr;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.encryption.algs.rev240208.Aes256Cbc;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.encryption.algs.rev240208.Aes256Ctr;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.encryption.algs.rev240208.Arcfour128;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.encryption.algs.rev240208.Arcfour256;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.encryption.algs.rev240208.BlowfishCbc;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.encryption.algs.rev240208.EncryptionAlgBase;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.encryption.algs.rev240208.None;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.encryption.algs.rev240208.TripleDesCbc;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.key.exchange.algs.rev240208.Curve25519Sha256;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.key.exchange.algs.rev240208.Curve448Sha512;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.key.exchange.algs.rev240208.DiffieHellmanGroup14Sha1;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.key.exchange.algs.rev240208.DiffieHellmanGroup14Sha256;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.key.exchange.algs.rev240208.DiffieHellmanGroup15Sha512;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.key.exchange.algs.rev240208.DiffieHellmanGroup16Sha512;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.key.exchange.algs.rev240208.DiffieHellmanGroup17Sha512;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.key.exchange.algs.rev240208.DiffieHellmanGroup18Sha512;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.key.exchange.algs.rev240208.DiffieHellmanGroup1Sha1;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.key.exchange.algs.rev240208.DiffieHellmanGroupExchangeSha1;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.key.exchange.algs.rev240208.DiffieHellmanGroupExchangeSha256;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.key.exchange.algs.rev240208.EcdhSha2Nistp256;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.key.exchange.algs.rev240208.EcdhSha2Nistp384;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.key.exchange.algs.rev240208.EcdhSha2Nistp521;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.key.exchange.algs.rev240208.KeyExchangeAlgBase;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.mac.algs.rev240208.HmacMd5;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.mac.algs.rev240208.HmacMd596;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.mac.algs.rev240208.HmacSha1;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.mac.algs.rev240208.HmacSha196;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.mac.algs.rev240208.HmacSha2256;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.mac.algs.rev240208.HmacSha2512;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.ssh.mac.algs.rev240208.MacAlgBase;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.common.rev240208.transport.params.grouping.Encryption;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.common.rev240208.transport.params.grouping.HostKey;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.common.rev240208.transport.params.grouping.KeyExchange;
final class TransportUtils {
private static final Map<EncryptionAlgBase, NamedFactory<Cipher>> CIPHERS =
ImmutableMap.<EncryptionAlgBase, NamedFactory<Cipher>>builder()
- .put(AeadAes128Gcm.VALUE, BuiltinCiphers.aes128gcm)
- .put(AeadAes256Gcm.VALUE, BuiltinCiphers.aes256cbc)
+ .put(AEADAES128GCM.VALUE, BuiltinCiphers.aes128gcm)
+ .put(AEADAES256GCM.VALUE, BuiltinCiphers.aes256cbc)
.put(Aes128Cbc.VALUE, BuiltinCiphers.aes128cbc)
.put(Aes128Ctr.VALUE, BuiltinCiphers.aes128ctr)
.put(Aes192Cbc.VALUE, BuiltinCiphers.aes192cbc)
}
public static List<NamedFactory<Mac>> getMacFactories(
- final org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.common.rev231228
+ final org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.common.rev240208
.transport.params.grouping.Mac mac) throws UnsupportedConfigurationException {
if (mac != null) {
final var macAlg = mac.getMacAlg();
'Secure Shell (SSH) Protocol Parameters' registry maintained
by IANA.
- Copyright (c) 2022 IETF Trust and the persons identified as
+ Copyright (c) 2024 IETF Trust and the persons identified as
authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with
(https://www.rfc-editor.org/info/rfcEEEE); see the RFC
itself for full legal notices.";
- revision 2022-06-16 {
+ revision 2024-02-08 {
description
- "Reflects contents of the encryption algorithms registry
- on June 16, 2022.";
+ "Reflects contents of the encryption algorithms registry.";
reference
"RFC EEEE: YANG Groupings for SSH Clients and SSH Servers";
}
base "encryption-alg-base";
}
description
- "A reference to a SSH encryption algorithm identifier.";
+ "A reference to an SSH encryption algorithm identifier.";
}
identity encryption-alg-base {
description
- "Base identity used to identify encryption algorithms.";
+ "Base identity for SSH encryption algorithms.";
}
- identity triple-des-cbc { // YANG IDs cannot begin with a number
+ identity triple-des-cbc {
base encryption-alg-base;
description
- "3DES-CBC";
+ "Identity for the '3des-cbc' algorithm. Section 6.3";
reference
"RFC 4253:
The Secure Shell (SSH) Transport Layer Protocol";
identity blowfish-cbc {
base encryption-alg-base;
description
- "BLOWFISH-CBC";
+ "Identity for the 'blowfish-cbc' algorithm. Section 6.3";
reference
"RFC 4253:
The Secure Shell (SSH) Transport Layer Protocol";
identity twofish256-cbc {
base encryption-alg-base;
description
- "TWOFISH256-CBC";
+ "Identity for the 'twofish256-cbc' algorithm. Section 6.3";
reference
"RFC 4253:
The Secure Shell (SSH) Transport Layer Protocol";
identity twofish-cbc {
base encryption-alg-base;
description
- "TWOFISH-CBC";
+ "Identity for the 'twofish-cbc' algorithm. Section 6.3";
reference
"RFC 4253:
The Secure Shell (SSH) Transport Layer Protocol";
identity twofish192-cbc {
base encryption-alg-base;
description
- "TWOFISH192-CBC";
+ "Identity for the 'twofish192-cbc' algorithm. Section 6.3";
reference
"RFC 4253:
The Secure Shell (SSH) Transport Layer Protocol";
identity twofish128-cbc {
base encryption-alg-base;
description
- "TWOFISH128-CBC";
+ "Identity for the 'twofish128-cbc' algorithm. Section 6.3";
reference
"RFC 4253:
The Secure Shell (SSH) Transport Layer Protocol";
identity aes256-cbc {
base encryption-alg-base;
description
- "AES256-CBC";
+ "Identity for the 'aes256-cbc' algorithm. Section 6.3";
reference
"RFC 4253:
The Secure Shell (SSH) Transport Layer Protocol";
identity aes192-cbc {
base encryption-alg-base;
description
- "AES192-CBC";
+ "Identity for the 'aes192-cbc' algorithm. Section 6.3";
reference
"RFC 4253:
The Secure Shell (SSH) Transport Layer Protocol";
identity aes128-cbc {
base encryption-alg-base;
- status deprecated;
description
- "AES128-CBC";
+ "Identity for the 'aes128-cbc' algorithm. Section 6.3";
reference
"RFC 4253:
The Secure Shell (SSH) Transport Layer Protocol";
identity serpent256-cbc {
base encryption-alg-base;
description
- "SERPENT256-CBC";
+ "Identity for the 'serpent256-cbc' algorithm. Section 6.3";
reference
"RFC 4253:
The Secure Shell (SSH) Transport Layer Protocol";
identity serpent192-cbc {
base encryption-alg-base;
description
- "SERPENT192-CBC";
+ "Identity for the 'serpent192-cbc' algorithm. Section 6.3";
reference
"RFC 4253:
The Secure Shell (SSH) Transport Layer Protocol";
identity serpent128-cbc {
base encryption-alg-base;
description
- "SERPENT128-CBC";
+ "Identity for the 'serpent128-cbc' algorithm. Section 6.3";
reference
"RFC 4253:
The Secure Shell (SSH) Transport Layer Protocol";
base encryption-alg-base;
status obsolete;
description
- "ARCFOUR";
+ "Identity for the 'arcfour' algorithm.";
reference
"RFC 8758:
Deprecating RC4 in Secure Shell (SSH)";
identity idea-cbc {
base encryption-alg-base;
description
- "IDEA-CBC";
+ "Identity for the 'idea-cbc' algorithm. Section 6.3";
reference
"RFC 4253:
The Secure Shell (SSH) Transport Layer Protocol";
identity cast128-cbc {
base encryption-alg-base;
description
- "CAST128-CBC";
+ "Identity for the 'cast128-cbc' algorithm. Section 6.3";
reference
"RFC 4253:
The Secure Shell (SSH) Transport Layer Protocol";
identity none {
base encryption-alg-base;
description
- "NONE";
+ "Identity for the 'none' algorithm. Section 6.3";
reference
"RFC 4253:
The Secure Shell (SSH) Transport Layer Protocol";
base encryption-alg-base;
status obsolete;
description
- "DES-CBC";
+ "Identity for the 'des-cbc' algorithm.";
reference
- "FIPS 46-3:
+ "FIPS-46-3:
Data Encryption Standard (DES)";
}
base encryption-alg-base;
status obsolete;
description
- "ARCFOUR128";
+ "Identity for the 'arcfour128' algorithm.";
reference
"RFC 8758:
Deprecating RC4 in Secure Shell (SSH)";
base encryption-alg-base;
status obsolete;
description
- "ARCFOUR256";
+ "Identity for the 'arcfour256' algorithm.";
reference
"RFC 8758:
Deprecating RC4 in Secure Shell (SSH)";
identity aes128-ctr {
base encryption-alg-base;
- status deprecated;
description
- "AES128-CTR";
+ "Identity for the 'aes128-ctr' algorithm.";
reference
"RFC 4344:
The Secure Shell (SSH) Transport Layer Encryption Modes";
identity aes192-ctr {
base encryption-alg-base;
description
- "AES192-CTR";
+ "Identity for the 'aes192-ctr' algorithm.";
reference
"RFC 4344:
The Secure Shell (SSH) Transport Layer Encryption Modes";
identity aes256-ctr {
base encryption-alg-base;
description
- "AES256-CTR";
+ "Identity for the 'aes256-ctr' algorithm.";
reference
"RFC 4344:
The Secure Shell (SSH) Transport Layer Encryption Modes";
}
- identity triple-des-ctr { // YANG IDs cannot begin with a number
+ identity triple-des-ctr {
base encryption-alg-base;
description
- "3DES-CTR";
+ "Identity for the '3des-ctr' algorithm.";
reference
"RFC 4344:
The Secure Shell (SSH) Transport Layer Encryption Modes";
identity blowfish-ctr {
base encryption-alg-base;
description
- "BLOWFISH-CTR";
+ "Identity for the 'blowfish-ctr' algorithm.";
reference
"RFC 4344:
The Secure Shell (SSH) Transport Layer Encryption Modes";
identity twofish128-ctr {
base encryption-alg-base;
description
- "TWOFISH128-CTR";
+ "Identity for the 'twofish128-ctr' algorithm.";
reference
"RFC 4344:
The Secure Shell (SSH) Transport Layer Encryption Modes";
identity twofish192-ctr {
base encryption-alg-base;
description
- "TWOFISH192-CTR";
+ "Identity for the 'twofish192-ctr' algorithm.";
reference
"RFC 4344:
The Secure Shell (SSH) Transport Layer Encryption Modes";
identity twofish256-ctr {
base encryption-alg-base;
description
- "TWOFISH256-CTR";
+ "Identity for the 'twofish256-ctr' algorithm.";
reference
"RFC 4344:
The Secure Shell (SSH) Transport Layer Encryption Modes";
identity serpent128-ctr {
base encryption-alg-base;
description
- "SERPENT128-CTR";
+ "Identity for the 'serpent128-ctr' algorithm.";
reference
"RFC 4344:
The Secure Shell (SSH) Transport Layer Encryption Modes";
identity serpent192-ctr {
base encryption-alg-base;
description
- "SERPENT192-CTR";
+ "Identity for the 'serpent192-ctr' algorithm.";
reference
"RFC 4344:
The Secure Shell (SSH) Transport Layer Encryption Modes";
identity serpent256-ctr {
base encryption-alg-base;
description
- "SERPENT256-CTR";
+ "Identity for the 'serpent256-ctr' algorithm.";
reference
"RFC 4344:
The Secure Shell (SSH) Transport Layer Encryption Modes";
identity idea-ctr {
base encryption-alg-base;
description
- "IDEA-CTR";
+ "Identity for the 'idea-ctr' algorithm.";
reference
"RFC 4344:
The Secure Shell (SSH) Transport Layer Encryption Modes";
identity cast128-ctr {
base encryption-alg-base;
description
- "CAST128-CTR";
+ "Identity for the 'cast128-ctr' algorithm.";
reference
"RFC 4344:
The Secure Shell (SSH) Transport Layer Encryption Modes";
}
- identity aead-aes-128-gcm {
+ identity AEAD_AES_128_GCM {
base encryption-alg-base;
description
- "AEAD_AES_128_GCM";
+ "Identity for the 'AEAD_AES_128_GCM' algorithm. Section 6.1";
reference
"RFC 5647:
- AES Galois Counter Mode for the
- Secure Shell Transport Layer Protocol";
+ AES Galois Counter Mode for the Secure Shell Transport Layer
+ Protocol";
}
- identity aead-aes-256-gcm {
+ identity AEAD_AES_256_GCM {
base encryption-alg-base;
description
- "AEAD_AES_256_GCM";
+ "Identity for the 'AEAD_AES_256_GCM' algorithm. Section 6.2";
reference
"RFC 5647:
- AES Galois Counter Mode for the
- Secure Shell Transport Layer Protocol";
- }
-
- // Protocol-accessible Nodes
-
- container supported-algorithms {
- config false;
- description
- "A container for a list of encryption algorithms
- supported by the server.";
- leaf-list supported-algorithm {
- type encryption-algorithm-ref;
- description
- "An encryption algorithm supported by the server.";
- }
+ AES Galois Counter Mode for the Secure Shell Transport Layer
+ Protocol";
}
}
+++ /dev/null
-module iana-ssh-key-exchange-algs {
- yang-version 1.1;
- namespace "urn:ietf:params:xml:ns:yang:iana-ssh-key-exchange-algs";
- prefix sshkea;
-
- organization
- "Internet Assigned Numbers Authority (IANA)";
-
- contact
- "Postal: ICANN
- 12025 Waterfront Drive, Suite 300
- Los Angeles, CA 90094-2536
- United States of America
- Tel: +1 310 301 5800
- Email: iana@iana.org";
-
- description
- "This module defines identities for the key exchange algorithms
- defined in the 'Key Exchange Method Names' sub-registry of the
- 'Secure Shell (SSH) Protocol Parameters' registry maintained
- by IANA.
-
- Copyright (c) 2022 IETF Trust and the persons identified
- as authors of the code. All rights reserved.
-
- Redistribution and use in source and binary forms, with
- or without modification, is permitted pursuant to, and
- subject to the license terms contained in, the Revised
- BSD License set forth in Section 4.c of the IETF Trust's
- Legal Provisions Relating to IETF Documents
- (https://trustee.ietf.org/license-info).
-
- The initial version of this YANG module is part of RFC EEEE
- (https://www.rfc-editor.org/info/rfcEEEE); see the RFC
- itself for full legal notices.";
-
- revision 2022-06-16 {
- description
- "Reflects contents of the key exchange algorithms registry
- on June 16, 2022.";
- reference
- "RFC EEEE: YANG Groupings for SSH Clients and SSH Servers";
- }
-
- // Typedefs
-
- typedef key-exchange-algorithm-ref {
- type identityref {
- base "key-exchange-alg-base";
- }
- description
- "A reference to a SSH key exchange algorithm identifier.";
- }
-
-
- // Identities
-
- identity key-exchange-alg-base {
- description
- "Base identity used to identify key exchange algorithms.";
- }
-
- identity diffie-hellman-group-exchange-sha1 {
- base key-exchange-alg-base;
- status deprecated;
- description
- "DIFFIE-HELLMAN-GROUP-EXCHANGE-SHA1";
- reference
- "RFC 4419:
- Diffie-Hellman Group Exchange for the
- Secure Shell (SSH) Transport Layer Protocol";
- }
-
- identity diffie-hellman-group-exchange-sha256 {
- base key-exchange-alg-base;
- description
- "DIFFIE-HELLMAN-GROUP-EXCHANGE-SHA256";
- reference
- "RFC 4419:
- Diffie-Hellman Group Exchange for the
- Secure Shell (SSH) Transport Layer Protocol";
- }
-
- identity diffie-hellman-group1-sha1 {
- base key-exchange-alg-base;
- status deprecated;
- description
- "DIFFIE-HELLMAN-GROUP1-SHA1";
- reference
- "RFC 4253:
- The Secure Shell (SSH) Transport Layer Protocol";
- }
-
- identity diffie-hellman-group14-sha1 {
- base key-exchange-alg-base;
- status deprecated;
- description
- "DIFFIE-HELLMAN-GROUP14-SHA1";
- reference
- "RFC 4253:
- The Secure Shell (SSH) Transport Layer Protocol";
- }
-
- identity diffie-hellman-group14-sha256 {
- base key-exchange-alg-base;
- status deprecated;
- description
- "DIFFIE-HELLMAN-GROUP14-SHA256";
- reference
- "RFC 8268:
- More Modular Exponentiation (MODP) Diffie-Hellman (DH)
- Key Exchange (KEX) Groups for Secure Shell (SSH)";
- }
-
- identity diffie-hellman-group15-sha512 {
- base key-exchange-alg-base;
- description
- "DIFFIE-HELLMAN-GROUP15-SHA512";
- reference
- "RFC 8268:
- More Modular Exponentiation (MODP) Diffie-Hellman (DH)
- Key Exchange (KEX) Groups for Secure Shell (SSH)";
- }
-
- identity diffie-hellman-group16-sha512 {
- base key-exchange-alg-base;
- description
- "DIFFIE-HELLMAN-GROUP16-SHA512";
- reference
- "RFC 8268:
- More Modular Exponentiation (MODP) Diffie-Hellman (DH)
- Key Exchange (KEX) Groups for Secure Shell (SSH)";
- }
-
- identity diffie-hellman-group17-sha512 {
- base key-exchange-alg-base;
- description
- "DIFFIE-HELLMAN-GROUP17-SHA512";
- reference
- "RFC 8268:
- More Modular Exponentiation (MODP) Diffie-Hellman (DH)
- Key Exchange (KEX) Groups for Secure Shell (SSH)";
- }
-
- identity diffie-hellman-group18-sha512 {
- base key-exchange-alg-base;
- description
- "DIFFIE-HELLMAN-GROUP18-SHA512";
- reference
- "RFC 8268:
- More Modular Exponentiation (MODP) Diffie-Hellman (DH)
- Key Exchange (KEX) Groups for Secure Shell (SSH)";
- }
-
- identity ecdh-sha2-nistp256 {
- base key-exchange-alg-base;
- status deprecated;
- description
- "ECDH-SHA2-NISTP256 (secp256r1)";
- reference
- "RFC 5656:
- Elliptic Curve Algorithm Integration in the
- Secure Shell Transport Layer";
- }
-
- identity ecdh-sha2-nistp384 {
- base key-exchange-alg-base;
- description
- "ECDH-SHA2-NISTP384 (secp384r1)";
- reference
- "RFC 5656:
- Elliptic Curve Algorithm Integration in the
- Secure Shell Transport Layer";
- }
-
- identity ecdh-sha2-nistp521 {
- base key-exchange-alg-base;
- description
- "ECDH-SHA2-NISTP521 (secp521r1)";
- reference
- "RFC 5656:
- Elliptic Curve Algorithm Integration in the
- Secure Shell Transport Layer";
- }
-
- identity ecdh-sha2-1.3.132.0.1 {
- base key-exchange-alg-base;
- description
- "ECDH-SHA2-1.3.132.0.1 (nistk163, sect163k1)";
- reference
- "RFC 5656:
- Elliptic Curve Algorithm Integration in the
- Secure Shell Transport Layer";
- }
-
- identity ecdh-sha2-1.2.840.10045.3.1.1 {
- base key-exchange-alg-base;
- description
- "ECDH-SHA2-1.2.840.10045.3.1.1 (nistp192, secp192r1)";
- reference
- "RFC 5656:
- Elliptic Curve Algorithm Integration in the
- Secure Shell Transport Layer";
- }
-
- identity ecdh-sha2-1.3.132.0.33 {
- base key-exchange-alg-base;
- description
- "ECDH-SHA2-1.3.132.0.33 (nistp224, secp224r1)";
- reference
- "RFC 5656:
- Elliptic Curve Algorithm Integration in the
- Secure Shell Transport Layer";
- }
-
- identity ecdh-sha2-1.3.132.0.26 {
- base key-exchange-alg-base;
- description
- "ECDH-SHA2-1.3.132.0.26 (nistk233, sect233k1)";
- reference
- "RFC 5656:
- Elliptic Curve Algorithm Integration in the
- Secure Shell Transport Layer";
- }
-
- identity ecdh-sha2-1.3.132.0.27 {
- base key-exchange-alg-base;
- description
- "ECDH-SHA2-1.3.132.0.27 (nistb233, sect233r1)";
- reference
- "RFC 5656:
- Elliptic Curve Algorithm Integration in the
- Secure Shell Transport Layer";
- }
-
- identity ecdh-sha2-1.3.132.0.16 {
- base key-exchange-alg-base;
- description
- "ECDH-SHA2-1.3.132.0.16 (nistk283, sect283k1)";
- reference
- "RFC 5656:
- Elliptic Curve Algorithm Integration in the
- Secure Shell Transport Layer";
- }
-
- identity ecdh-sha2-1.3.132.0.36 {
- base key-exchange-alg-base;
- description
- "ECDH-SHA2-1.3.132.0.36 (nistk409, sect409k1)";
- reference
- "RFC 5656:
- Elliptic Curve Algorithm Integration in the
- Secure Shell Transport Layer";
- }
-
- identity ecdh-sha2-1.3.132.0.37 {
- base key-exchange-alg-base;
- description
- "ECDH-SHA2-1.3.132.0.37 (nistb409, sect409r1)";
- reference
- "RFC 5656:
- Elliptic Curve Algorithm Integration in the
- Secure Shell Transport Layer";
- }
-
- identity ecdh-sha2-1.3.132.0.38 {
- base key-exchange-alg-base;
- description
- "ECDH-SHA2-1.3.132.0.38 (nistt571, sect571k1)";
- reference
- "RFC 5656:
- Elliptic Curve Algorithm Integration in the
- Secure Shell Transport Layer";
- }
-
- identity ecmqv-sha2 {
- base key-exchange-alg-base;
- description
- "ECMQV-SHA2";
- reference
- "RFC 5656:
- Elliptic Curve Algorithm Integration in the
- Secure Shell Transport Layer";
- }
-
- identity gss-group1-sha1-nistp256 {
- base key-exchange-alg-base;
- status deprecated;
- description
- "GSS-GROUP1-SHA1-NISTP256 (secp256r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group1-sha1-nistp384 {
- base key-exchange-alg-base;
- status deprecated;
- description
- "GSS-GROUP1-SHA1-NISTP384 (secp384r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group1-sha1-nistp521 {
- base key-exchange-alg-base;
- status deprecated;
- description
- "GSS-GROUP1-SHA1-NISTP521 (secp521r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group1-sha1-1.3.132.0.1 {
- base key-exchange-alg-base;
- status deprecated;
- description
- "GSS-GROUP1-SHA1-1.3.132.0.1 (nistk163, sect163k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group1-sha1-1.2.840.10045.3.1.1 {
- base key-exchange-alg-base;
- status deprecated;
- description
- "GSS-GROUP1-SHA1-1.2.840.10045.3.1.1 (nistp192, secp192r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group1-sha1-1.3.132.0.33 {
- base key-exchange-alg-base;
- status deprecated;
- description
- "GSS-GROUP1-SHA1-1.3.132.0.33 (nistp224, secp224r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group1-sha1-1.3.132.0.26 {
- base key-exchange-alg-base;
- status deprecated;
- description
- "GSS-GROUP1-SHA1-1.3.132.0.26 (nistk233, sect233k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group1-sha1-1.3.132.0.27 {
- base key-exchange-alg-base;
- status deprecated;
- description
- "GSS-GROUP1-SHA1-1.3.132.0.27 (nistb233, sect233r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group1-sha1-1.3.132.0.16 {
- base key-exchange-alg-base;
- status deprecated;
- description
- "GSS-GROUP1-SHA1-1.3.132.0.16 (nistk283, sect283k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group1-sha1-1.3.132.0.36 {
- base key-exchange-alg-base;
- status deprecated;
- description
- "GSS-GROUP1-SHA1-1.3.132.0.36 (nistk409, sect409k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group1-sha1-1.3.132.0.37 {
- base key-exchange-alg-base;
- status deprecated;
- description
- "GSS-GROUP1-SHA1-1.3.132.0.37 (nistb409, sect409r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group1-sha1-1.3.132.0.38 {
- base key-exchange-alg-base;
- status deprecated;
- description
- "GSS-GROUP1-SHA1-1.3.132.0.38 (nistt571, sect571k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group1-sha1-curve25519-sha256 {
- base key-exchange-alg-base;
- status deprecated;
- description
- "GSS-GROUP1-SHA1-CURVE25519-SHA256";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group1-sha1-curve448-sha512 {
- base key-exchange-alg-base;
- status deprecated;
- description
- "GSS-GROUP1-SHA1-CURVE448-SHA512";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group14-sha1-nistp256 {
- base key-exchange-alg-base;
- status deprecated;
- description
- "GSS-GROUP14-SHA1-NISTP256 (secp256r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group14-sha1-nistp384 {
- base key-exchange-alg-base;
- status deprecated;
- description
- "GSS-GROUP14-SHA1-NISTP384 (secp384r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group14-sha1-nistp521 {
- base key-exchange-alg-base;
- status deprecated;
- description
- "GSS-GROUP14-SHA1-NISTP521 (secp521r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group14-sha1-1.3.132.0.1 {
- base key-exchange-alg-base;
- status deprecated;
- description
- "GSS-GROUP14-SHA1-1.3.132.0.1 (nistk163, sect163k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group14-sha1-1.2.840.10045.3.1.1 {
- base key-exchange-alg-base;
- status deprecated;
- description
- "GSS-GROUP14-SHA1-1.2.840.10045.3.1.1 (nistp192, secp192r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group14-sha1-1.3.132.0.33 {
- base key-exchange-alg-base;
- status deprecated;
- description
- "GSS-GROUP14-SHA1-1.3.132.0.33 (nistp224, secp224r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group14-sha1-1.3.132.0.26 {
- base key-exchange-alg-base;
- status deprecated;
- description
- "GSS-GROUP14-SHA1-1.3.132.0.26 (nistk233, sect233k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group14-sha1-1.3.132.0.27 {
- base key-exchange-alg-base;
- status deprecated;
- description
- "GSS-GROUP14-SHA1-1.3.132.0.27 (nistb233, sect233r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group14-sha1-1.3.132.0.16 {
- base key-exchange-alg-base;
- status deprecated;
- description
- "GSS-GROUP14-SHA1-1.3.132.0.16 (nistk283, sect283k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group14-sha1-1.3.132.0.36 {
- base key-exchange-alg-base;
- status deprecated;
- description
- "GSS-GROUP14-SHA1-1.3.132.0.36 (nistk409, sect409k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group14-sha1-1.3.132.0.37 {
- base key-exchange-alg-base;
- status deprecated;
- description
- "GSS-GROUP14-SHA1-1.3.132.0.37 (nistb409, sect409r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group14-sha1-1.3.132.0.38 {
- base key-exchange-alg-base;
- status deprecated;
- description
- "GSS-GROUP14-SHA1-1.3.132.0.38 (nistt571, sect571k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group14-sha1-curve25519-sha256 {
- base key-exchange-alg-base;
- status deprecated;
- description
- "GSS-GROUP14-SHA1-CURVE25519-SHA256";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group14-sha1-curve448-sha512 {
- base key-exchange-alg-base;
- status deprecated;
- description
- "GSS-GROUP14-SHA1-CURVE448-SHA512";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-gex-sha1-nistp256 {
- base key-exchange-alg-base;
- status deprecated;
- description
- "GSS-GEX-SHA1-NISTP256 (secp256r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-gex-sha1-nistp384 {
- base key-exchange-alg-base;
- status deprecated;
- description
- "GSS-GEX-SHA1-NISTP384 (secp384r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-gex-sha1-nistp521 {
- base key-exchange-alg-base;
- status deprecated;
- description
- "GSS-GEX-SHA1-NISTP521 (secp521r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-gex-sha1-1.3.132.0.1 {
- base key-exchange-alg-base;
- status deprecated;
- description
- "GSS-GEX-SHA1-1.3.132.0.1 (nistk163, sect163k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-gex-sha1-1.2.840.10045.3.1.1 {
- base key-exchange-alg-base;
- status deprecated;
- description
- "GSS-GEX-SHA1-1.2.840.10045.3.1.1 (nistp192, secp192r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-gex-sha1-1.3.132.0.33 {
- base key-exchange-alg-base;
- status deprecated;
- description
- "GSS-GEX-SHA1-1.3.132.0.33 (nistp224, secp224r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-gex-sha1-1.3.132.0.26 {
- base key-exchange-alg-base;
- status deprecated;
- description
- "GSS-GEX-SHA1-1.3.132.0.26 (nistk233, sect233k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-gex-sha1-1.3.132.0.27 {
- base key-exchange-alg-base;
- status deprecated;
- description
- "GSS-GEX-SHA1-1.3.132.0.27 (nistb233, sect233r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-gex-sha1-1.3.132.0.16 {
- base key-exchange-alg-base;
- status deprecated;
- description
- "GSS-GEX-SHA1-1.3.132.0.16 (nistk283, sect283k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-gex-sha1-1.3.132.0.36 {
- base key-exchange-alg-base;
- status deprecated;
- description
- "GSS-GEX-SHA1-1.3.132.0.36 (nistk409, sect409k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-gex-sha1-1.3.132.0.37 {
- base key-exchange-alg-base;
- status deprecated;
- description
- "GSS-GEX-SHA1-1.3.132.0.37 (nistb409, sect409r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-gex-sha1-1.3.132.0.38 {
- base key-exchange-alg-base;
- status deprecated;
- description
- "GSS-GEX-SHA1-1.3.132.0.38 (nistt571, sect571k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-gex-sha1-curve25519-sha256 {
- base key-exchange-alg-base;
- status deprecated;
- description
- "GSS-GEX-SHA1-CURVE25519-SHA256";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-gex-sha1-curve448-sha512 {
- base key-exchange-alg-base;
- status deprecated;
- description
- "GSS-GEX-SHA1-CURVE448-SHA512";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity rsa1024-sha1 {
- base key-exchange-alg-base;
- status obsolete;
- description
- "RSA1024-SHA1";
- reference
- "RFC 4432:
- RSA Key Exchange for the Secure Shell (SSH)
- Transport Layer Protocol";
- }
-
- identity rsa2048-sha256 {
- base key-exchange-alg-base;
- description
- "RSA2048-SHA256";
- reference
- "RFC 4432:
- RSA Key Exchange for the Secure Shell (SSH)
- Transport Layer Protocol";
- }
-
- identity ext-info-s {
- base key-exchange-alg-base;
- description
- "EXT-INFO-S";
- reference
- "RFC 8308:
- Extension Negotiation in the Secure Shell (SSH) Protocol";
- }
-
- identity ext-info-c {
- base key-exchange-alg-base;
- description
- "EXT-INFO-C";
- reference
- "RFC 8308:
- Extension Negotiation in the Secure Shell (SSH) Protocol";
- }
-
- identity gss-group14-sha256-nistp256 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP14-SHA256-NISTP256 (secp256r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group14-sha256-nistp384 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP14-SHA256-NISTP384 (secp384r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group14-sha256-nistp521 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP14-SHA256-NISTP521 (secp521r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group14-sha256-1.3.132.0.1 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP14-SHA256-1.3.132.0.1 (nistk163, sect163k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group14-sha256-1.2.840.10045.3.1.1 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP14-SHA256-1.2.840.10045.3.1.1 (nistp192, secp192r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group14-sha256-1.3.132.0.33 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP14-SHA256-1.3.132.0.33 (nistp224, secp224r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group14-sha256-1.3.132.0.26 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP14-SHA256-1.3.132.0.26 (nistk233, sect233k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group14-sha256-1.3.132.0.27 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP14-SHA256-1.3.132.0.27 (nistb233, sect233r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group14-sha256-1.3.132.0.16 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP14-SHA256-1.3.132.0.16 (nistk283, sect283k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group14-sha256-1.3.132.0.36 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP14-SHA256-1.3.132.0.36 (nistk409, sect409k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group14-sha256-1.3.132.0.37 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP14-SHA256-1.3.132.0.37 (nistb409, sect409r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group14-sha256-1.3.132.0.38 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP14-SHA256-1.3.132.0.38 (nistt571, sect571k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group14-sha256-curve25519-sha256 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP14-SHA256-CURVE25519-SHA256";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group14-sha256-curve448-sha512 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP14-SHA256-CURVE448-SHA512";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group15-sha512-nistp256 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP15-SHA512-NISTP256 (secp256r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group15-sha512-nistp384 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP15-SHA512-NISTP384 (secp384r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group15-sha512-nistp521 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP15-SHA512-NISTP521 (secp521r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group15-sha512-1.3.132.0.1 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP15-SHA512-1.3.132.0.1 (nistk163, sect163k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group15-sha512-1.2.840.10045.3.1.1 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP15-SHA512-1.2.840.10045.3.1.1 (nistp192, secp192r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group15-sha512-1.3.132.0.33 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP15-SHA512-1.3.132.0.33 (nistp224, secp224r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group15-sha512-1.3.132.0.26 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP15-SHA512-1.3.132.0.26 (nistk233, sect233k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group15-sha512-1.3.132.0.27 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP15-SHA512-1.3.132.0.27 (nistb233, sect233r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group15-sha512-1.3.132.0.16 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP15-SHA512-1.3.132.0.16 (nistk283, sect283k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group15-sha512-1.3.132.0.36 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP15-SHA512-1.3.132.0.36 (nistk409, sect409k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group15-sha512-1.3.132.0.37 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP15-SHA512-1.3.132.0.37 (nistb409, sect409r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group15-sha512-1.3.132.0.38 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP15-SHA512-1.3.132.0.38 (nistt571, sect571k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group15-sha512-curve25519-sha256 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP15-SHA512-CURVE25519-SHA256";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group15-sha512-curve448-sha512 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP15-SHA512-CURVE448-SHA512";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group16-sha512-nistp256 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP16-SHA512-NISTP256 (secp256r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group16-sha512-nistp384 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP16-SHA512-NISTP384 (secp384r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group16-sha512-nistp521 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP16-SHA512-NISTP521 (secp521r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group16-sha512-1.3.132.0.1 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP16-SHA512-1.3.132.0.1 (nistk163, sect163k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group16-sha512-1.2.840.10045.3.1.1 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP16-SHA512-1.2.840.10045.3.1.1 (nistp192, secp192r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group16-sha512-1.3.132.0.33 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP16-SHA512-1.3.132.0.33 (nistp224, secp224r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group16-sha512-1.3.132.0.26 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP16-SHA512-1.3.132.0.26 (nistk233, sect233k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group16-sha512-1.3.132.0.27 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP16-SHA512-1.3.132.0.27 (nistb233, sect233r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group16-sha512-1.3.132.0.16 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP16-SHA512-1.3.132.0.16 (nistk283, sect283k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group16-sha512-1.3.132.0.36 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP16-SHA512-1.3.132.0.36 (nistk409, sect409k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group16-sha512-1.3.132.0.37 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP16-SHA512-1.3.132.0.37 (nistb409, sect409r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group16-sha512-1.3.132.0.38 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP16-SHA512-1.3.132.0.38 (nistt571, sect571k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group16-sha512-curve25519-sha256 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP16-SHA512-CURVE25519-SHA256";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group16-sha512-curve448-sha512 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP16-SHA512-CURVE448-SHA512";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group17-sha512-nistp256 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP17-SHA512-NISTP256 (secp256r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group17-sha512-nistp384 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP17-SHA512-NISTP384 (secp384r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group17-sha512-nistp521 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP17-SHA512-NISTP521 (secp521r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group17-sha512-1.3.132.0.1 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP17-SHA512-1.3.132.0.1 (nistk163, sect163k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group17-sha512-1.2.840.10045.3.1.1 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP17-SHA512-1.2.840.10045.3.1.1 (nistp192, secp192r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group17-sha512-1.3.132.0.33 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP17-SHA512-1.3.132.0.33 (nistp224, secp224r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group17-sha512-1.3.132.0.26 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP17-SHA512-1.3.132.0.26 (nistk233, sect233k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group17-sha512-1.3.132.0.27 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP17-SHA512-1.3.132.0.27 (nistb233, sect233r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group17-sha512-1.3.132.0.16 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP17-SHA512-1.3.132.0.16 (nistk283, sect283k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group17-sha512-1.3.132.0.36 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP17-SHA512-1.3.132.0.36 (nistk409, sect409k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group17-sha512-1.3.132.0.37 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP17-SHA512-1.3.132.0.37 (nistb409, sect409r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group17-sha512-1.3.132.0.38 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP17-SHA512-1.3.132.0.38 (nistt571, sect571k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group17-sha512-curve25519-sha256 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP17-SHA512-CURVE25519-SHA256";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group17-sha512-curve448-sha512 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP17-SHA512-CURVE448-SHA512";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group18-sha512-nistp256 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP18-SHA512-NISTP256 (secp256r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group18-sha512-nistp384 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP18-SHA512-NISTP384 (secp384r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group18-sha512-nistp521 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP18-SHA512-NISTP521 (secp521r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group18-sha512-1.3.132.0.1 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP18-SHA512-1.3.132.0.1 (nistk163, sect163k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group18-sha512-1.2.840.10045.3.1.1 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP18-SHA512-1.2.840.10045.3.1.1 (nistp192, secp192r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group18-sha512-1.3.132.0.33 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP18-SHA512-1.3.132.0.33 (nistp224, secp224r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group18-sha512-1.3.132.0.26 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP18-SHA512-1.3.132.0.26 (nistk233, sect233k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group18-sha512-1.3.132.0.27 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP18-SHA512-1.3.132.0.27 (nistb233, sect233r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group18-sha512-1.3.132.0.16 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP18-SHA512-1.3.132.0.16 (nistk283, sect283k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group18-sha512-1.3.132.0.36 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP18-SHA512-1.3.132.0.36 (nistk409, sect409k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group18-sha512-1.3.132.0.37 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP18-SHA512-1.3.132.0.37 (nistb409, sect409r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group18-sha512-1.3.132.0.38 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP18-SHA512-1.3.132.0.38 (nistt571, sect571k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group18-sha512-curve25519-sha256 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP18-SHA512-CURVE25519-SHA256";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-group18-sha512-curve448-sha512 {
- base key-exchange-alg-base;
- description
- "GSS-GROUP18-SHA512-CURVE448-SHA512";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-nistp256-sha256-nistp256 {
- base key-exchange-alg-base;
- description
- "GSS-NISTP256-SHA256-NISTP256 (secp256r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-nistp256-sha256-nistp384 {
- base key-exchange-alg-base;
- description
- "GSS-NISTP256-SHA256-NISTP384 (secp384r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-nistp256-sha256-nistp521 {
- base key-exchange-alg-base;
- description
- "GSS-NISTP256-SHA256-NISTP521 (secp521r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-nistp256-sha256-1.3.132.0.1 {
- base key-exchange-alg-base;
- description
- "GSS-NISTP256-SHA256-1.3.132.0.1 (nistk163, sect163k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-nistp256-sha256-1.2.840.10045.3.1.1 {
- base key-exchange-alg-base;
- description
- "GSS-NISTP256-SHA256-1.2.840.10045.3.1.1 (nistp192, secp192r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-nistp256-sha256-1.3.132.0.33 {
- base key-exchange-alg-base;
- description
- "GSS-NISTP256-SHA256-1.3.132.0.33 (nistp224, secp224r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-nistp256-sha256-1.3.132.0.26 {
- base key-exchange-alg-base;
- description
- "GSS-NISTP256-SHA256-1.3.132.0.26 (nistk233, sect233k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-nistp256-sha256-1.3.132.0.27 {
- base key-exchange-alg-base;
- description
- "GSS-NISTP256-SHA256-1.3.132.0.27 (nistb233, sect233r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-nistp256-sha256-1.3.132.0.16 {
- base key-exchange-alg-base;
- description
- "GSS-NISTP256-SHA256-1.3.132.0.16 (nistk283, sect283k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-nistp256-sha256-1.3.132.0.36 {
- base key-exchange-alg-base;
- description
- "GSS-NISTP256-SHA256-1.3.132.0.36 (nistk409, sect409k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-nistp256-sha256-1.3.132.0.37 {
- base key-exchange-alg-base;
- description
- "GSS-NISTP256-SHA256-1.3.132.0.37 (nistb409, sect409r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-nistp256-sha256-1.3.132.0.38 {
- base key-exchange-alg-base;
- description
- "GSS-NISTP256-SHA256-1.3.132.0.38 (nistt571, sect571k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-nistp256-sha256-curve25519-sha256 {
- base key-exchange-alg-base;
- description
- "GSS-NISTP256-SHA256-CURVE25519-SHA256";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-nistp256-sha256-curve448-sha512 {
- base key-exchange-alg-base;
- description
- "GSS-NISTP256-SHA256-CURVE448-SHA512";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-nistp384-sha384-nistp256 {
- base key-exchange-alg-base;
- description
- "GSS-NISTP384-SHA384-NISTP256 (secp256r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-nistp384-sha384-nistp384 {
- base key-exchange-alg-base;
- description
- "GSS-NISTP384-SHA384-NISTP384 (secp384r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-nistp384-sha384-nistp521 {
- base key-exchange-alg-base;
- description
- "GSS-NISTP384-SHA384-NISTP521 (secp521r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-nistp384-sha384-1.3.132.0.1 {
- base key-exchange-alg-base;
- description
- "GSS-NISTP384-SHA384-1.3.132.0.1 (nistk163, sect163k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-nistp384-sha384-1.2.840.10045.3.1.1 {
- base key-exchange-alg-base;
- description
- "GSS-NISTP384-SHA384-1.2.840.10045.3.1.1 (nistp192, secp192r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-nistp384-sha384-1.3.132.0.33 {
- base key-exchange-alg-base;
- description
- "GSS-NISTP384-SHA384-1.3.132.0.33 (nistp224, secp224r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-nistp384-sha384-1.3.132.0.26 {
- base key-exchange-alg-base;
- description
- "GSS-NISTP384-SHA384-1.3.132.0.26 (nistk233, sect233k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-nistp384-sha384-1.3.132.0.27 {
- base key-exchange-alg-base;
- description
- "GSS-NISTP384-SHA384-1.3.132.0.27 (nistb233, sect233r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-nistp384-sha384-1.3.132.0.16 {
- base key-exchange-alg-base;
- description
- "GSS-NISTP384-SHA384-1.3.132.0.16 (nistk283, sect283k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-nistp384-sha384-1.3.132.0.36 {
- base key-exchange-alg-base;
- description
- "GSS-NISTP384-SHA384-1.3.132.0.36 (nistk409, sect409k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-nistp384-sha384-1.3.132.0.37 {
- base key-exchange-alg-base;
- description
- "GSS-NISTP384-SHA384-1.3.132.0.37 (nistb409, sect409r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-nistp384-sha384-1.3.132.0.38 {
- base key-exchange-alg-base;
- description
- "GSS-NISTP384-SHA384-1.3.132.0.38 (nistt571, sect571k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-nistp384-sha384-curve25519-sha256 {
- base key-exchange-alg-base;
- description
- "GSS-NISTP384-SHA384-CURVE25519-SHA256";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-nistp384-sha384-curve448-sha512 {
- base key-exchange-alg-base;
- description
- "GSS-NISTP384-SHA384-CURVE448-SHA512";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-nistp521-sha512-nistp256 {
- base key-exchange-alg-base;
- description
- "GSS-NISTP521-SHA512-NISTP256 (secp256r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-nistp521-sha512-nistp384 {
- base key-exchange-alg-base;
- description
- "GSS-NISTP521-SHA512-NISTP384 (secp384r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-nistp521-sha512-nistp521 {
- base key-exchange-alg-base;
- description
- "GSS-NISTP521-SHA512-NISTP521 (secp521r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-nistp521-sha512-1.3.132.0.1 {
- base key-exchange-alg-base;
- description
- "GSS-NISTP521-SHA512-1.3.132.0.1 (nistk163, sect163k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-nistp521-sha512-1.2.840.10045.3.1.1 {
- base key-exchange-alg-base;
- description
- "GSS-NISTP521-SHA512-1.2.840.10045.3.1.1 (nistp192, secp192r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-nistp521-sha512-1.3.132.0.33 {
- base key-exchange-alg-base;
- description
- "GSS-NISTP521-SHA512-1.3.132.0.33 (nistp224, secp224r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-nistp521-sha512-1.3.132.0.26 {
- base key-exchange-alg-base;
- description
- "GSS-NISTP521-SHA512-1.3.132.0.26 (nistk233, sect233k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-nistp521-sha512-1.3.132.0.27 {
- base key-exchange-alg-base;
- description
- "GSS-NISTP521-SHA512-1.3.132.0.27 (nistb233, sect233r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-nistp521-sha512-1.3.132.0.16 {
- base key-exchange-alg-base;
- description
- "GSS-NISTP521-SHA512-1.3.132.0.16 (nistk283, sect283k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-nistp521-sha512-1.3.132.0.36 {
- base key-exchange-alg-base;
- description
- "GSS-NISTP521-SHA512-1.3.132.0.36 (nistk409, sect409k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-nistp521-sha512-1.3.132.0.37 {
- base key-exchange-alg-base;
- description
- "GSS-NISTP521-SHA512-1.3.132.0.37 (nistb409, sect409r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-nistp521-sha512-1.3.132.0.38 {
- base key-exchange-alg-base;
- description
- "GSS-NISTP521-SHA512-1.3.132.0.38 (nistt571, sect571k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-nistp521-sha512-curve25519-sha256 {
- base key-exchange-alg-base;
- description
- "GSS-NISTP521-SHA512-CURVE25519-SHA256";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-nistp521-sha512-curve448-sha512 {
- base key-exchange-alg-base;
- description
- "GSS-NISTP521-SHA512-CURVE448-SHA512";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-curve25519-sha256-nistp256 {
- base key-exchange-alg-base;
- description
- "GSS-CURVE25519-SHA256-NISTP256 (secp256r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-curve25519-sha256-nistp384 {
- base key-exchange-alg-base;
- description
- "GSS-CURVE25519-SHA256-NISTP384 (secp384r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-curve25519-sha256-nistp521 {
- base key-exchange-alg-base;
- description
- "GSS-CURVE25519-SHA256-NISTP521 (secp521r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-curve25519-sha256-1.3.132.0.1 {
- base key-exchange-alg-base;
- description
- "GSS-CURVE25519-SHA256-1.3.132.0.1 (nistk163, sect163k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-curve25519-sha256-1.2.840.10045.3.1.1 {
- base key-exchange-alg-base;
- description
- "GSS-CURVE25519-SHA256-1.2.840.10045.3.1.1 (nistp192,
- secp192r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-curve25519-sha256-1.3.132.0.33 {
- base key-exchange-alg-base;
- description
- "GSS-CURVE25519-SHA256-1.3.132.0.33 (nistp224, secp224r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-curve25519-sha256-1.3.132.0.26 {
- base key-exchange-alg-base;
- description
- "GSS-CURVE25519-SHA256-1.3.132.0.26 (nistk233, sect233k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-curve25519-sha256-1.3.132.0.27 {
- base key-exchange-alg-base;
- description
- "GSS-CURVE25519-SHA256-1.3.132.0.27 (nistb233, sect233r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-curve25519-sha256-1.3.132.0.16 {
- base key-exchange-alg-base;
- description
- "GSS-CURVE25519-SHA256-1.3.132.0.16 (nistk283, sect283k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-curve25519-sha256-1.3.132.0.36 {
- base key-exchange-alg-base;
- description
- "GSS-CURVE25519-SHA256-1.3.132.0.36 (nistk409, sect409k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-curve25519-sha256-1.3.132.0.37 {
- base key-exchange-alg-base;
- description
- "GSS-CURVE25519-SHA256-1.3.132.0.37 (nistb409, sect409r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-curve25519-sha256-1.3.132.0.38 {
- base key-exchange-alg-base;
- description
- "GSS-CURVE25519-SHA256-1.3.132.0.38 (nistt571, sect571k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-curve25519-sha256-curve25519-sha256 {
- base key-exchange-alg-base;
- description
- "GSS-CURVE25519-SHA256-CURVE25519-SHA256";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-curve25519-sha256-curve448-sha512 {
- base key-exchange-alg-base;
- description
- "GSS-CURVE25519-SHA256-CURVE448-SHA512";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-curve448-sha512-nistp256 {
- base key-exchange-alg-base;
- description
- "GSS-CURVE448-SHA512-NISTP256 (secp256r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-curve448-sha512-nistp384 {
- base key-exchange-alg-base;
- description
- "GSS-CURVE448-SHA512-NISTP384 (secp384r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-curve448-sha512-nistp521 {
- base key-exchange-alg-base;
- description
- "GSS-CURVE448-SHA512-NISTP521 (secp521r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-curve448-sha512-1.3.132.0.1 {
- base key-exchange-alg-base;
- description
- "GSS-CURVE448-SHA512-1.3.132.0.1 (nistk163, sect163k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-curve448-sha512-1.2.840.10045.3.1.1 {
- base key-exchange-alg-base;
- description
- "GSS-CURVE448-SHA512-1.2.840.10045.3.1.1 (nistp192, secp192r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-curve448-sha512-1.3.132.0.33 {
- base key-exchange-alg-base;
- description
- "GSS-CURVE448-SHA512-1.3.132.0.33 (nistp224, secp224r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-curve448-sha512-1.3.132.0.26 {
- base key-exchange-alg-base;
- description
- "GSS-CURVE448-SHA512-1.3.132.0.26 (nistk233, sect233k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-curve448-sha512-1.3.132.0.27 {
- base key-exchange-alg-base;
- description
- "GSS-CURVE448-SHA512-1.3.132.0.27 (nistb233, sect233r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-curve448-sha512-1.3.132.0.16 {
- base key-exchange-alg-base;
- description
- "GSS-CURVE448-SHA512-1.3.132.0.16 (nistk283, sect283k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-curve448-sha512-1.3.132.0.36 {
- base key-exchange-alg-base;
- description
- "GSS-CURVE448-SHA512-1.3.132.0.36 (nistk409, sect409k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-curve448-sha512-1.3.132.0.37 {
- base key-exchange-alg-base;
- description
- "GSS-CURVE448-SHA512-1.3.132.0.37 (nistb409, sect409r1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-curve448-sha512-1.3.132.0.38 {
- base key-exchange-alg-base;
- description
- "GSS-CURVE448-SHA512-1.3.132.0.38 (nistt571, sect571k1)";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-curve448-sha512-curve25519-sha256 {
- base key-exchange-alg-base;
- description
- "GSS-CURVE448-SHA512-CURVE25519-SHA256";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity gss-curve448-sha512-curve448-sha512 {
- base key-exchange-alg-base;
- description
- "GSS-CURVE448-SHA512-CURVE448-SHA512";
- reference
- "RFC 8732:
- Generic Security Service Application Program Interface
- (GSS-API) Key Exchange with SHA-2";
- }
-
- identity curve25519-sha256 {
- base key-exchange-alg-base;
- description
- "CURVE25519-SHA256";
- reference
- "RFC 8731:
- Secure Shell (SSH) Key Exchange Method
- Using Curve25519 and Curve448";
- }
-
- identity curve448-sha512 {
- base key-exchange-alg-base;
- description
- "CURVE448-SHA512";
- reference
- "RFC 8731:
- Secure Shell (SSH) Key Exchange Method
- Using Curve25519 and Curve448";
- }
-
- // Protocol-accessible Nodes
-
- container supported-algorithms {
- config false;
- description
- "A container for a list of key exchange algorithms
- supported by the server.";
- leaf-list supported-algorithm {
- type key-exchange-algorithm-ref;
- description
- "A key exchange algorithm supported by the server.";
- }
- }
-
-}
--- /dev/null
+module iana-ssh-key-exchange-algs {
+ yang-version 1.1;
+ namespace "urn:ietf:params:xml:ns:yang:iana-ssh-key-exchange-algs";
+ prefix sshkea;
+
+ organization
+ "Internet Assigned Numbers Authority (IANA)";
+
+ contact
+ "Postal: ICANN
+ 12025 Waterfront Drive, Suite 300
+ Los Angeles, CA 90094-2536
+ United States of America
+ Tel: +1 310 301 5800
+ Email: iana@iana.org";
+
+ description
+ "This module defines identities for the key exchange algorithms
+ defined in the 'Key Exchange Method Names' sub-registry of the
+ 'Secure Shell (SSH) Protocol Parameters' registry maintained
+ by IANA.
+
+ Copyright (c) 2024 IETF Trust and the persons identified as
+ authors of the code. All rights reserved.
+
+ Redistribution and use in source and binary forms, with
+ or without modification, is permitted pursuant to, and
+ subject to the license terms contained in, the Revised
+ BSD License set forth in Section 4.c of the IETF Trust's
+ Legal Provisions Relating to IETF Documents
+ (https://trustee.ietf.org/license-info).
+
+ The initial version of this YANG module is part of RFC EEEE
+ (https://www.rfc-editor.org/info/rfcEEEE); see the RFC
+ itself for full legal notices.";
+
+ revision 2024-02-08 {
+ description
+ "Reflects contents of the key exchange algorithms registry.";
+ reference
+ "RFC EEEE: YANG Groupings for SSH Clients and SSH Servers";
+ }
+
+ // Typedefs
+
+ typedef key-exchange-algorithm-ref {
+ type identityref {
+ base "key-exchange-alg-base";
+ }
+ description
+ "A reference to an SSH key exchange algorithm identifier.";
+ }
+
+
+ // Identities
+
+ identity key-exchange-alg-base {
+ description
+ "Base identity for SSH key exchange algorithms.";
+ }
+
+ identity diffie-hellman-group-exchange-sha1 {
+ base key-exchange-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'diffie-hellman-group-exchange-sha1'
+ algorithm. Section 4.1";
+ reference
+ "RFC 4419:
+ Diffie-Hellman Group Exchange for the Secure Shell (SSH)
+ Transport Layer Protocol
+ RFC 8270:
+ Increase the Secure Shell Minimum Recommended Diffie-Hellman
+ Modulus Size to 2048 Bits";
+ }
+
+ identity diffie-hellman-group-exchange-sha256 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'diffie-hellman-group-exchange-sha256'
+ algorithm. Section 4.2";
+ reference
+ "RFC 4419:
+ Diffie-Hellman Group Exchange for the Secure Shell (SSH)
+ Transport Layer Protocol
+ RFC 8270:
+ Increase the Secure Shell Minimum Recommended Diffie-Hellman
+ Modulus Size to 2048 Bits";
+ }
+
+ identity diffie-hellman-group1-sha1 {
+ base key-exchange-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'diffie-hellman-group1-sha1' algorithm.
+ Section 8.1";
+ reference
+ "RFC 4253:
+ The Secure Shell (SSH) Transport Layer Protocol";
+ }
+
+ identity diffie-hellman-group14-sha1 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'diffie-hellman-group14-sha1' algorithm.
+ Section 8.2";
+ reference
+ "RFC 4253:
+ The Secure Shell (SSH) Transport Layer Protocol";
+ }
+
+ identity diffie-hellman-group14-sha256 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'diffie-hellman-group14-sha256' algorithm.";
+ reference
+ "RFC 8268:
+ More Modular Exponentiation (MODP) Diffie-Hellman (DH) Key
+ Exchange (KEX) Groups for Secure Shell (SSH)";
+ }
+
+ identity diffie-hellman-group15-sha512 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'diffie-hellman-group15-sha512' algorithm.";
+ reference
+ "RFC 8268:
+ More Modular Exponentiation (MODP) Diffie-Hellman (DH) Key
+ Exchange (KEX) Groups for Secure Shell (SSH)";
+ }
+
+ identity diffie-hellman-group16-sha512 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'diffie-hellman-group16-sha512' algorithm.";
+ reference
+ "RFC 8268:
+ More Modular Exponentiation (MODP) Diffie-Hellman (DH) Key
+ Exchange (KEX) Groups for Secure Shell (SSH)";
+ }
+
+ identity diffie-hellman-group17-sha512 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'diffie-hellman-group17-sha512' algorithm.";
+ reference
+ "RFC 8268:
+ More Modular Exponentiation (MODP) Diffie-Hellman (DH) Key
+ Exchange (KEX) Groups for Secure Shell (SSH)";
+ }
+
+ identity diffie-hellman-group18-sha512 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'diffie-hellman-group18-sha512' algorithm.";
+ reference
+ "RFC 8268:
+ More Modular Exponentiation (MODP) Diffie-Hellman (DH) Key
+ Exchange (KEX) Groups for Secure Shell (SSH)";
+ }
+
+ identity ecdh-sha2-nistp256 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'ecdh-sha2-nistp256' algorithm.";
+ reference
+ "RFC 5656:
+ Elliptic Curve Algorithm Integration in the Secure Shell
+ Transport Layer";
+ }
+
+ identity ecdh-sha2-nistp384 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'ecdh-sha2-nistp384' algorithm.";
+ reference
+ "RFC 5656:
+ Elliptic Curve Algorithm Integration in the Secure Shell
+ Transport Layer";
+ }
+
+ identity ecdh-sha2-nistp521 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'ecdh-sha2-nistp521' algorithm.";
+ reference
+ "RFC 5656:
+ Elliptic Curve Algorithm Integration in the Secure Shell
+ Transport Layer";
+ }
+
+ identity ecdh-sha2-1.3.132.0.1 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'ecdh-sha2-1.3.132.0.1' algorithm.";
+ reference
+ "RFC 5656:
+ Elliptic Curve Algorithm Integration in the Secure Shell
+ Transport Layer";
+ }
+
+ identity ecdh-sha2-1.2.840.10045.3.1.1 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'ecdh-sha2-1.2.840.10045.3.1.1' algorithm.";
+ reference
+ "RFC 5656:
+ Elliptic Curve Algorithm Integration in the Secure Shell
+ Transport Layer";
+ }
+
+ identity ecdh-sha2-1.3.132.0.33 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'ecdh-sha2-1.3.132.0.33' algorithm.";
+ reference
+ "RFC 5656:
+ Elliptic Curve Algorithm Integration in the Secure Shell
+ Transport Layer";
+ }
+
+ identity ecdh-sha2-1.3.132.0.26 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'ecdh-sha2-1.3.132.0.26' algorithm.";
+ reference
+ "RFC 5656:
+ Elliptic Curve Algorithm Integration in the Secure Shell
+ Transport Layer";
+ }
+
+ identity ecdh-sha2-1.3.132.0.27 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'ecdh-sha2-1.3.132.0.27' algorithm.";
+ reference
+ "RFC 5656:
+ Elliptic Curve Algorithm Integration in the Secure Shell
+ Transport Layer";
+ }
+
+ identity ecdh-sha2-1.3.132.0.16 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'ecdh-sha2-1.3.132.0.16' algorithm.";
+ reference
+ "RFC 5656:
+ Elliptic Curve Algorithm Integration in the Secure Shell
+ Transport Layer";
+ }
+
+ identity ecdh-sha2-1.3.132.0.36 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'ecdh-sha2-1.3.132.0.36' algorithm.";
+ reference
+ "RFC 5656:
+ Elliptic Curve Algorithm Integration in the Secure Shell
+ Transport Layer";
+ }
+
+ identity ecdh-sha2-1.3.132.0.37 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'ecdh-sha2-1.3.132.0.37' algorithm.";
+ reference
+ "RFC 5656:
+ Elliptic Curve Algorithm Integration in the Secure Shell
+ Transport Layer";
+ }
+
+ identity ecdh-sha2-1.3.132.0.38 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'ecdh-sha2-1.3.132.0.38' algorithm.";
+ reference
+ "RFC 5656:
+ Elliptic Curve Algorithm Integration in the Secure Shell
+ Transport Layer";
+ }
+
+ identity ecmqv-sha2 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'ecmqv-sha2' algorithm.";
+ reference
+ "RFC 5656:
+ Elliptic Curve Algorithm Integration in the Secure Shell
+ Transport Layer";
+ }
+
+ identity gss-group1-sha1-nistp256 {
+ base key-exchange-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'gss-group1-sha1-nistp256' algorithm.";
+ reference
+ "RFC 4462:
+ Generic Security Service Application Program Interface (GSS-
+ API) Authentication and Key Exchange for the Secure Shell
+ (SSH) Protocol
+ RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group1-sha1-nistp384 {
+ base key-exchange-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'gss-group1-sha1-nistp384' algorithm.";
+ reference
+ "RFC 4462:
+ Generic Security Service Application Program Interface (GSS-
+ API) Authentication and Key Exchange for the Secure Shell
+ (SSH) Protocol
+ RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group1-sha1-nistp521 {
+ base key-exchange-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'gss-group1-sha1-nistp521' algorithm.";
+ reference
+ "RFC 4462:
+ Generic Security Service Application Program Interface (GSS-
+ API) Authentication and Key Exchange for the Secure Shell
+ (SSH) Protocol
+ RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group1-sha1-1.3.132.0.1 {
+ base key-exchange-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'gss-group1-sha1-1.3.132.0.1' algorithm.";
+ reference
+ "RFC 4462:
+ Generic Security Service Application Program Interface (GSS-
+ API) Authentication and Key Exchange for the Secure Shell
+ (SSH) Protocol
+ RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group1-sha1-1.2.840.10045.3.1.1 {
+ base key-exchange-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'gss-group1-sha1-1.2.840.10045.3.1.1'
+ algorithm.";
+ reference
+ "RFC 4462:
+ Generic Security Service Application Program Interface (GSS-
+ API) Authentication and Key Exchange for the Secure Shell
+ (SSH) Protocol
+ RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group1-sha1-1.3.132.0.33 {
+ base key-exchange-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'gss-group1-sha1-1.3.132.0.33' algorithm.";
+ reference
+ "RFC 4462:
+ Generic Security Service Application Program Interface (GSS-
+ API) Authentication and Key Exchange for the Secure Shell
+ (SSH) Protocol
+ RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group1-sha1-1.3.132.0.26 {
+ base key-exchange-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'gss-group1-sha1-1.3.132.0.26' algorithm.";
+ reference
+ "RFC 4462:
+ Generic Security Service Application Program Interface (GSS-
+ API) Authentication and Key Exchange for the Secure Shell
+ (SSH) Protocol
+ RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group1-sha1-1.3.132.0.27 {
+ base key-exchange-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'gss-group1-sha1-1.3.132.0.27' algorithm.";
+ reference
+ "RFC 4462:
+ Generic Security Service Application Program Interface (GSS-
+ API) Authentication and Key Exchange for the Secure Shell
+ (SSH) Protocol
+ RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group1-sha1-1.3.132.0.16 {
+ base key-exchange-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'gss-group1-sha1-1.3.132.0.16' algorithm.";
+ reference
+ "RFC 4462:
+ Generic Security Service Application Program Interface (GSS-
+ API) Authentication and Key Exchange for the Secure Shell
+ (SSH) Protocol
+ RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group1-sha1-1.3.132.0.36 {
+ base key-exchange-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'gss-group1-sha1-1.3.132.0.36' algorithm.";
+ reference
+ "RFC 4462:
+ Generic Security Service Application Program Interface (GSS-
+ API) Authentication and Key Exchange for the Secure Shell
+ (SSH) Protocol
+ RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group1-sha1-1.3.132.0.37 {
+ base key-exchange-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'gss-group1-sha1-1.3.132.0.37' algorithm.";
+ reference
+ "RFC 4462:
+ Generic Security Service Application Program Interface (GSS-
+ API) Authentication and Key Exchange for the Secure Shell
+ (SSH) Protocol
+ RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group1-sha1-1.3.132.0.38 {
+ base key-exchange-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'gss-group1-sha1-1.3.132.0.38' algorithm.";
+ reference
+ "RFC 4462:
+ Generic Security Service Application Program Interface (GSS-
+ API) Authentication and Key Exchange for the Secure Shell
+ (SSH) Protocol
+ RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group14-sha1-nistp256 {
+ base key-exchange-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'gss-group14-sha1-nistp256' algorithm.";
+ reference
+ "RFC 4462:
+ Generic Security Service Application Program Interface (GSS-
+ API) Authentication and Key Exchange for the Secure Shell
+ (SSH) Protocol
+ RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group14-sha1-nistp384 {
+ base key-exchange-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'gss-group14-sha1-nistp384' algorithm.";
+ reference
+ "RFC 4462:
+ Generic Security Service Application Program Interface (GSS-
+ API) Authentication and Key Exchange for the Secure Shell
+ (SSH) Protocol
+ RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group14-sha1-nistp521 {
+ base key-exchange-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'gss-group14-sha1-nistp521' algorithm.";
+ reference
+ "RFC 4462:
+ Generic Security Service Application Program Interface (GSS-
+ API) Authentication and Key Exchange for the Secure Shell
+ (SSH) Protocol
+ RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group14-sha1-1.3.132.0.1 {
+ base key-exchange-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'gss-group14-sha1-1.3.132.0.1' algorithm.";
+ reference
+ "RFC 4462:
+ Generic Security Service Application Program Interface (GSS-
+ API) Authentication and Key Exchange for the Secure Shell
+ (SSH) Protocol
+ RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group14-sha1-1.2.840.10045.3.1.1 {
+ base key-exchange-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'gss-group14-sha1-1.2.840.10045.3.1.1'
+ algorithm.";
+ reference
+ "RFC 4462:
+ Generic Security Service Application Program Interface (GSS-
+ API) Authentication and Key Exchange for the Secure Shell
+ (SSH) Protocol
+ RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group14-sha1-1.3.132.0.33 {
+ base key-exchange-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'gss-group14-sha1-1.3.132.0.33' algorithm.";
+ reference
+ "RFC 4462:
+ Generic Security Service Application Program Interface (GSS-
+ API) Authentication and Key Exchange for the Secure Shell
+ (SSH) Protocol
+ RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group14-sha1-1.3.132.0.26 {
+ base key-exchange-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'gss-group14-sha1-1.3.132.0.26' algorithm.";
+ reference
+ "RFC 4462:
+ Generic Security Service Application Program Interface (GSS-
+ API) Authentication and Key Exchange for the Secure Shell
+ (SSH) Protocol
+ RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group14-sha1-1.3.132.0.27 {
+ base key-exchange-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'gss-group14-sha1-1.3.132.0.27' algorithm.";
+ reference
+ "RFC 4462:
+ Generic Security Service Application Program Interface (GSS-
+ API) Authentication and Key Exchange for the Secure Shell
+ (SSH) Protocol
+ RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group14-sha1-1.3.132.0.16 {
+ base key-exchange-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'gss-group14-sha1-1.3.132.0.16' algorithm.";
+ reference
+ "RFC 4462:
+ Generic Security Service Application Program Interface (GSS-
+ API) Authentication and Key Exchange for the Secure Shell
+ (SSH) Protocol
+ RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group14-sha1-1.3.132.0.36 {
+ base key-exchange-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'gss-group14-sha1-1.3.132.0.36' algorithm.";
+ reference
+ "RFC 4462:
+ Generic Security Service Application Program Interface (GSS-
+ API) Authentication and Key Exchange for the Secure Shell
+ (SSH) Protocol
+ RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group14-sha1-1.3.132.0.37 {
+ base key-exchange-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'gss-group14-sha1-1.3.132.0.37' algorithm.";
+ reference
+ "RFC 4462:
+ Generic Security Service Application Program Interface (GSS-
+ API) Authentication and Key Exchange for the Secure Shell
+ (SSH) Protocol
+ RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group14-sha1-1.3.132.0.38 {
+ base key-exchange-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'gss-group14-sha1-1.3.132.0.38' algorithm.";
+ reference
+ "RFC 4462:
+ Generic Security Service Application Program Interface (GSS-
+ API) Authentication and Key Exchange for the Secure Shell
+ (SSH) Protocol
+ RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-gex-sha1-nistp256 {
+ base key-exchange-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'gss-gex-sha1-nistp256' algorithm.";
+ reference
+ "RFC 4462:
+ Generic Security Service Application Program Interface (GSS-
+ API) Authentication and Key Exchange for the Secure Shell
+ (SSH) Protocol
+ RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-gex-sha1-nistp384 {
+ base key-exchange-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'gss-gex-sha1-nistp384' algorithm.";
+ reference
+ "RFC 4462:
+ Generic Security Service Application Program Interface (GSS-
+ API) Authentication and Key Exchange for the Secure Shell
+ (SSH) Protocol
+ RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-gex-sha1-nistp521 {
+ base key-exchange-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'gss-gex-sha1-nistp521' algorithm.";
+ reference
+ "RFC 4462:
+ Generic Security Service Application Program Interface (GSS-
+ API) Authentication and Key Exchange for the Secure Shell
+ (SSH) Protocol
+ RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-gex-sha1-1.3.132.0.1 {
+ base key-exchange-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'gss-gex-sha1-1.3.132.0.1' algorithm.";
+ reference
+ "RFC 4462:
+ Generic Security Service Application Program Interface (GSS-
+ API) Authentication and Key Exchange for the Secure Shell
+ (SSH) Protocol
+ RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-gex-sha1-1.2.840.10045.3.1.1 {
+ base key-exchange-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'gss-gex-sha1-1.2.840.10045.3.1.1'
+ algorithm.";
+ reference
+ "RFC 4462:
+ Generic Security Service Application Program Interface (GSS-
+ API) Authentication and Key Exchange for the Secure Shell
+ (SSH) Protocol
+ RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-gex-sha1-1.3.132.0.33 {
+ base key-exchange-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'gss-gex-sha1-1.3.132.0.33' algorithm.";
+ reference
+ "RFC 4462:
+ Generic Security Service Application Program Interface (GSS-
+ API) Authentication and Key Exchange for the Secure Shell
+ (SSH) Protocol
+ RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-gex-sha1-1.3.132.0.26 {
+ base key-exchange-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'gss-gex-sha1-1.3.132.0.26' algorithm.";
+ reference
+ "RFC 4462:
+ Generic Security Service Application Program Interface (GSS-
+ API) Authentication and Key Exchange for the Secure Shell
+ (SSH) Protocol
+ RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-gex-sha1-1.3.132.0.27 {
+ base key-exchange-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'gss-gex-sha1-1.3.132.0.27' algorithm.";
+ reference
+ "RFC 4462:
+ Generic Security Service Application Program Interface (GSS-
+ API) Authentication and Key Exchange for the Secure Shell
+ (SSH) Protocol
+ RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-gex-sha1-1.3.132.0.16 {
+ base key-exchange-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'gss-gex-sha1-1.3.132.0.16' algorithm.";
+ reference
+ "RFC 4462:
+ Generic Security Service Application Program Interface (GSS-
+ API) Authentication and Key Exchange for the Secure Shell
+ (SSH) Protocol
+ RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-gex-sha1-1.3.132.0.36 {
+ base key-exchange-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'gss-gex-sha1-1.3.132.0.36' algorithm.";
+ reference
+ "RFC 4462:
+ Generic Security Service Application Program Interface (GSS-
+ API) Authentication and Key Exchange for the Secure Shell
+ (SSH) Protocol
+ RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-gex-sha1-1.3.132.0.37 {
+ base key-exchange-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'gss-gex-sha1-1.3.132.0.37' algorithm.";
+ reference
+ "RFC 4462:
+ Generic Security Service Application Program Interface (GSS-
+ API) Authentication and Key Exchange for the Secure Shell
+ (SSH) Protocol
+ RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-gex-sha1-1.3.132.0.38 {
+ base key-exchange-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'gss-gex-sha1-1.3.132.0.38' algorithm.";
+ reference
+ "RFC 4462:
+ Generic Security Service Application Program Interface (GSS-
+ API) Authentication and Key Exchange for the Secure Shell
+ (SSH) Protocol
+ RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss- {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-' algorithm. Section 2.6";
+ reference
+ "RFC 4462:
+ Generic Security Service Application Program Interface (GSS-
+ API) Authentication and Key Exchange for the Secure Shell
+ (SSH) Protocol";
+ }
+
+ identity rsa1024-sha1 {
+ base key-exchange-alg-base;
+ status obsolete;
+ description
+ "Identity for the 'rsa1024-sha1' algorithm.";
+ reference
+ "RFC 4432:
+ RSA Key Exchange for the Secure Shell (SSH) Transport Layer
+ Protocol";
+ }
+
+ identity rsa2048-sha256 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'rsa2048-sha256' algorithm.";
+ reference
+ "RFC 4432:
+ RSA Key Exchange for the Secure Shell (SSH) Transport Layer
+ Protocol";
+ }
+
+ identity ext-info-s {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'ext-info-s' algorithm. Section 2";
+ reference
+ "RFC 8308:
+ Extension Negotiation in the Secure Shell (SSH) Protocol";
+ }
+
+ identity ext-info-c {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'ext-info-c' algorithm. Section 2";
+ reference
+ "RFC 8308:
+ Extension Negotiation in the Secure Shell (SSH) Protocol";
+ }
+
+ identity gss-group14-sha256-nistp256 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group14-sha256-nistp256' algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group14-sha256-nistp384 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group14-sha256-nistp384' algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group14-sha256-nistp521 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group14-sha256-nistp521' algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group14-sha256-1.3.132.0.1 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group14-sha256-1.3.132.0.1' algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group14-sha256-1.2.840.10045.3.1.1 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group14-sha256-1.2.840.10045.3.1.1'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group14-sha256-1.3.132.0.33 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group14-sha256-1.3.132.0.33'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group14-sha256-1.3.132.0.26 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group14-sha256-1.3.132.0.26'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group14-sha256-1.3.132.0.27 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group14-sha256-1.3.132.0.27'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group14-sha256-1.3.132.0.16 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group14-sha256-1.3.132.0.16'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group14-sha256-1.3.132.0.36 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group14-sha256-1.3.132.0.36'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group14-sha256-1.3.132.0.37 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group14-sha256-1.3.132.0.37'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group14-sha256-1.3.132.0.38 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group14-sha256-1.3.132.0.38'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group15-sha512-nistp256 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group15-sha512-nistp256' algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group15-sha512-nistp384 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group15-sha512-nistp384' algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group15-sha512-nistp521 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group15-sha512-nistp521' algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group15-sha512-1.3.132.0.1 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group15-sha512-1.3.132.0.1' algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group15-sha512-1.2.840.10045.3.1.1 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group15-sha512-1.2.840.10045.3.1.1'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group15-sha512-1.3.132.0.33 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group15-sha512-1.3.132.0.33'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group15-sha512-1.3.132.0.26 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group15-sha512-1.3.132.0.26'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group15-sha512-1.3.132.0.27 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group15-sha512-1.3.132.0.27'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group15-sha512-1.3.132.0.16 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group15-sha512-1.3.132.0.16'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group15-sha512-1.3.132.0.36 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group15-sha512-1.3.132.0.36'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group15-sha512-1.3.132.0.37 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group15-sha512-1.3.132.0.37'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group15-sha512-1.3.132.0.38 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group15-sha512-1.3.132.0.38'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group16-sha512-nistp256 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group16-sha512-nistp256' algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group16-sha512-nistp384 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group16-sha512-nistp384' algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group16-sha512-nistp521 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group16-sha512-nistp521' algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group16-sha512-1.3.132.0.1 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group16-sha512-1.3.132.0.1' algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group16-sha512-1.2.840.10045.3.1.1 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group16-sha512-1.2.840.10045.3.1.1'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group16-sha512-1.3.132.0.33 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group16-sha512-1.3.132.0.33'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group16-sha512-1.3.132.0.26 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group16-sha512-1.3.132.0.26'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group16-sha512-1.3.132.0.27 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group16-sha512-1.3.132.0.27'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group16-sha512-1.3.132.0.16 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group16-sha512-1.3.132.0.16'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group16-sha512-1.3.132.0.36 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group16-sha512-1.3.132.0.36'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group16-sha512-1.3.132.0.37 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group16-sha512-1.3.132.0.37'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group16-sha512-1.3.132.0.38 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group16-sha512-1.3.132.0.38'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group17-sha512-nistp256 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group17-sha512-nistp256' algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group17-sha512-nistp384 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group17-sha512-nistp384' algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group17-sha512-nistp521 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group17-sha512-nistp521' algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group17-sha512-1.3.132.0.1 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group17-sha512-1.3.132.0.1' algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group17-sha512-1.2.840.10045.3.1.1 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group17-sha512-1.2.840.10045.3.1.1'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group17-sha512-1.3.132.0.33 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group17-sha512-1.3.132.0.33'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group17-sha512-1.3.132.0.26 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group17-sha512-1.3.132.0.26'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group17-sha512-1.3.132.0.27 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group17-sha512-1.3.132.0.27'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group17-sha512-1.3.132.0.16 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group17-sha512-1.3.132.0.16'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group17-sha512-1.3.132.0.36 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group17-sha512-1.3.132.0.36'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group17-sha512-1.3.132.0.37 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group17-sha512-1.3.132.0.37'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group17-sha512-1.3.132.0.38 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group17-sha512-1.3.132.0.38'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group18-sha512-nistp256 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group18-sha512-nistp256' algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group18-sha512-nistp384 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group18-sha512-nistp384' algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group18-sha512-nistp521 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group18-sha512-nistp521' algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group18-sha512-1.3.132.0.1 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group18-sha512-1.3.132.0.1' algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group18-sha512-1.2.840.10045.3.1.1 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group18-sha512-1.2.840.10045.3.1.1'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group18-sha512-1.3.132.0.33 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group18-sha512-1.3.132.0.33'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group18-sha512-1.3.132.0.26 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group18-sha512-1.3.132.0.26'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group18-sha512-1.3.132.0.27 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group18-sha512-1.3.132.0.27'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group18-sha512-1.3.132.0.16 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group18-sha512-1.3.132.0.16'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group18-sha512-1.3.132.0.36 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group18-sha512-1.3.132.0.36'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group18-sha512-1.3.132.0.37 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group18-sha512-1.3.132.0.37'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-group18-sha512-1.3.132.0.38 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-group18-sha512-1.3.132.0.38'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-nistp256-sha256-nistp256 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-nistp256-sha256-nistp256' algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-nistp256-sha256-nistp384 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-nistp256-sha256-nistp384' algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-nistp256-sha256-nistp521 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-nistp256-sha256-nistp521' algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-nistp256-sha256-1.3.132.0.1 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-nistp256-sha256-1.3.132.0.1'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-nistp256-sha256-1.2.840.10045.3.1.1 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-nistp256-sha256-1.2.840.10045.3.1.1'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-nistp256-sha256-1.3.132.0.33 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-nistp256-sha256-1.3.132.0.33'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-nistp256-sha256-1.3.132.0.26 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-nistp256-sha256-1.3.132.0.26'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-nistp256-sha256-1.3.132.0.27 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-nistp256-sha256-1.3.132.0.27'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-nistp256-sha256-1.3.132.0.16 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-nistp256-sha256-1.3.132.0.16'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-nistp256-sha256-1.3.132.0.36 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-nistp256-sha256-1.3.132.0.36'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-nistp256-sha256-1.3.132.0.37 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-nistp256-sha256-1.3.132.0.37'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-nistp256-sha256-1.3.132.0.38 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-nistp256-sha256-1.3.132.0.38'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-nistp384-sha384-nistp256 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-nistp384-sha384-nistp256' algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-nistp384-sha384-nistp384 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-nistp384-sha384-nistp384' algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-nistp384-sha384-nistp521 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-nistp384-sha384-nistp521' algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-nistp384-sha384-1.3.132.0.1 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-nistp384-sha384-1.3.132.0.1'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-nistp384-sha384-1.2.840.10045.3.1.1 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-nistp384-sha384-1.2.840.10045.3.1.1'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-nistp384-sha384-1.3.132.0.33 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-nistp384-sha384-1.3.132.0.33'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-nistp384-sha384-1.3.132.0.26 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-nistp384-sha384-1.3.132.0.26'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-nistp384-sha384-1.3.132.0.27 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-nistp384-sha384-1.3.132.0.27'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-nistp384-sha384-1.3.132.0.16 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-nistp384-sha384-1.3.132.0.16'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-nistp384-sha384-1.3.132.0.36 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-nistp384-sha384-1.3.132.0.36'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-nistp384-sha384-1.3.132.0.37 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-nistp384-sha384-1.3.132.0.37'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-nistp384-sha384-1.3.132.0.38 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-nistp384-sha384-1.3.132.0.38'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-nistp521-sha512-nistp256 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-nistp521-sha512-nistp256' algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-nistp521-sha512-nistp384 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-nistp521-sha512-nistp384' algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-nistp521-sha512-nistp521 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-nistp521-sha512-nistp521' algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-nistp521-sha512-1.3.132.0.1 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-nistp521-sha512-1.3.132.0.1'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-nistp521-sha512-1.2.840.10045.3.1.1 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-nistp521-sha512-1.2.840.10045.3.1.1'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-nistp521-sha512-1.3.132.0.33 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-nistp521-sha512-1.3.132.0.33'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-nistp521-sha512-1.3.132.0.26 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-nistp521-sha512-1.3.132.0.26'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-nistp521-sha512-1.3.132.0.27 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-nistp521-sha512-1.3.132.0.27'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-nistp521-sha512-1.3.132.0.16 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-nistp521-sha512-1.3.132.0.16'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-nistp521-sha512-1.3.132.0.36 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-nistp521-sha512-1.3.132.0.36'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-nistp521-sha512-1.3.132.0.37 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-nistp521-sha512-1.3.132.0.37'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-nistp521-sha512-1.3.132.0.38 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-nistp521-sha512-1.3.132.0.38'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-curve25519-sha256-nistp256 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-curve25519-sha256-nistp256' algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-curve25519-sha256-nistp384 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-curve25519-sha256-nistp384' algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-curve25519-sha256-nistp521 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-curve25519-sha256-nistp521' algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-curve25519-sha256-1.3.132.0.1 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-curve25519-sha256-1.3.132.0.1'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-curve25519-sha256-1.2.840.10045.3.1.1 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-curve25519-sha256-1.2.840.10045.3.1.1'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-curve25519-sha256-1.3.132.0.33 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-curve25519-sha256-1.3.132.0.33'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-curve25519-sha256-1.3.132.0.26 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-curve25519-sha256-1.3.132.0.26'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-curve25519-sha256-1.3.132.0.27 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-curve25519-sha256-1.3.132.0.27'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-curve25519-sha256-1.3.132.0.16 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-curve25519-sha256-1.3.132.0.16'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-curve25519-sha256-1.3.132.0.36 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-curve25519-sha256-1.3.132.0.36'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-curve25519-sha256-1.3.132.0.37 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-curve25519-sha256-1.3.132.0.37'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-curve25519-sha256-1.3.132.0.38 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-curve25519-sha256-1.3.132.0.38'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-curve448-sha512-nistp256 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-curve448-sha512-nistp256' algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-curve448-sha512-nistp384 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-curve448-sha512-nistp384' algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-curve448-sha512-nistp521 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-curve448-sha512-nistp521' algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-curve448-sha512-1.3.132.0.1 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-curve448-sha512-1.3.132.0.1'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-curve448-sha512-1.2.840.10045.3.1.1 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-curve448-sha512-1.2.840.10045.3.1.1'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-curve448-sha512-1.3.132.0.33 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-curve448-sha512-1.3.132.0.33'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-curve448-sha512-1.3.132.0.26 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-curve448-sha512-1.3.132.0.26'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-curve448-sha512-1.3.132.0.27 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-curve448-sha512-1.3.132.0.27'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-curve448-sha512-1.3.132.0.16 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-curve448-sha512-1.3.132.0.16'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-curve448-sha512-1.3.132.0.36 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-curve448-sha512-1.3.132.0.36'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-curve448-sha512-1.3.132.0.37 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-curve448-sha512-1.3.132.0.37'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity gss-curve448-sha512-1.3.132.0.38 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'gss-curve448-sha512-1.3.132.0.38'
+ algorithm.";
+ reference
+ "RFC 8732:
+ Generic Security Service Application Program Interface (GSS-
+ API) Key Exchange with SHA-2";
+ }
+
+ identity curve25519-sha256 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'curve25519-sha256' algorithm.";
+ reference
+ "RFC 8731:
+ Secure Shell (SSH) Key Exchange Method Using Curve25519 and
+ Curve448";
+ }
+
+ identity curve448-sha512 {
+ base key-exchange-alg-base;
+ description
+ "Identity for the 'curve448-sha512' algorithm.";
+ reference
+ "RFC 8731:
+ Secure Shell (SSH) Key Exchange Method Using Curve25519 and
+ Curve448";
+ }
+
+}
'Secure Shell (SSH) Protocol Parameters' registry maintained
by IANA.
- Copyright (c) 2022 IETF Trust and the persons identified as
+ Copyright (c) 2024 IETF Trust and the persons identified as
authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with
(https://www.rfc-editor.org/info/rfcEEEE); see the RFC
itself for full legal notices.";
- revision 2022-06-16 {
+ revision 2024-02-08 {
description
- "Reflects contents of the MAC algorithms registry on
- June 16, 2022.";
+ "Reflects contents of the mac algorithms registry.";
reference
"RFC EEEE: YANG Groupings for SSH Clients and SSH Servers";
}
base "mac-alg-base";
}
description
- "A reference to a SSH mac algorithm identifier.";
+ "A reference to an SSH mac algorithm identifier.";
}
identity mac-alg-base {
description
- "Base identity used to identify message authentication
- code (MAC) algorithms.";
+ "Base identity for SSH mac algorithms.";
}
identity hmac-sha1 {
base mac-alg-base;
description
- "HMAC-SHA1";
+ "Identity for the 'hmac-sha1' algorithm. Section 6.4";
reference
"RFC 4253:
The Secure Shell (SSH) Transport Layer Protocol";
identity hmac-sha1-96 {
base mac-alg-base;
description
- "HMAC-SHA1-96";
+ "Identity for the 'hmac-sha1-96' algorithm. Section 6.4";
reference
"RFC 4253:
The Secure Shell (SSH) Transport Layer Protocol";
identity hmac-md5 {
base mac-alg-base;
description
- "HMAC-MD5";
+ "Identity for the 'hmac-md5' algorithm. Section 6.4";
reference
"RFC 4253:
The Secure Shell (SSH) Transport Layer Protocol";
identity hmac-md5-96 {
base mac-alg-base;
description
- "HMAC-MD5-96";
+ "Identity for the 'hmac-md5-96' algorithm. Section 6.4";
reference
"RFC 4253:
The Secure Shell (SSH) Transport Layer Protocol";
identity none {
base mac-alg-base;
description
- "NONE";
+ "Identity for the 'none' algorithm. Section 6.4";
reference
"RFC 4253:
The Secure Shell (SSH) Transport Layer Protocol";
}
- identity aead-aes-128-gcm {
+ identity AEAD_AES_128_GCM {
base mac-alg-base;
description
- "AEAD_AES_128_GCM";
+ "Identity for the 'AEAD_AES_128_GCM' algorithm. Section 6.1";
reference
"RFC 5647:
- AES Galois Counter Mode for the
- Secure Shell Transport Layer Protocol";
+ AES Galois Counter Mode for the Secure Shell Transport Layer
+ Protocol";
}
- identity aead-aes-256-gcm {
+ identity AEAD_AES_256_GCM {
base mac-alg-base;
description
- "AEAD_AES_256_GCM";
+ "Identity for the 'AEAD_AES_256_GCM' algorithm. Section 6.2";
reference
"RFC 5647:
- AES Galois Counter Mode for the
- Secure Shell Transport Layer Protocol";
+ AES Galois Counter Mode for the Secure Shell Transport Layer
+ Protocol";
}
identity hmac-sha2-256 {
base mac-alg-base;
description
- "HMAC-SHA2-256";
+ "Identity for the 'hmac-sha2-256' algorithm. Section 2";
reference
"RFC 6668:
- SHA-2 Data Integrity Verification for the
- Secure Shell (SSH) Transport Layer Protocol";
+ SHA-2 Data Integrity Verification for the Secure Shell (SSH)
+ Transport Layer Protocol";
}
identity hmac-sha2-512 {
base mac-alg-base;
description
- "HMAC-SHA2-512";
+ "Identity for the 'hmac-sha2-512' algorithm. Section 2";
reference
"RFC 6668:
- SHA-2 Data Integrity Verification for the
- Secure Shell (SSH) Transport Layer Protocol";
- }
-
- // Protocol-accessible Nodes
-
- container supported-algorithms {
- config false;
- description
- "A container for a list of MAC algorithms
- supported by the server.";
- leaf-list supported-algorithm {
- type mac-algorithm-ref;
- description
- "A MAC algorithm supported by the server.";
- }
+ SHA-2 Data Integrity Verification for the Secure Shell (SSH)
+ Transport Layer Protocol";
}
}
'Secure Shell (SSH) Protocol Parameters' registry maintained
by IANA.
- Copyright (c) 2022 IETF Trust and the persons identified as
+ Copyright (c) 2024 IETF Trust and the persons identified as
authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with
(https://www.rfc-editor.org/info/rfcEEEE); see the RFC
itself for full legal notices.";
- revision 2022-06-16 {
+ revision 2024-02-08 {
description
- "Reflects contents of the public key algorithms registry
- on June 16, 2022.";
+ "Reflects contents of the public key algorithms registry.";
reference
"RFC EEEE: YANG Groupings for SSH Clients and SSH Servers";
}
base "public-key-alg-base";
}
description
- "A reference to a SSH public key algorithm identifier.";
+ "A reference to an SSH public key algorithm identifier.";
}
identity public-key-alg-base {
description
- "Base identity used to identify public key algorithms.";
+ "Base identity for SSH public key algorithms.";
}
identity ssh-dss {
base public-key-alg-base;
description
- "SSH-DSS";
+ "Identity for the 'ssh-dss' algorithm. Section 6.6";
reference
"RFC 4253:
The Secure Shell (SSH) Transport Layer Protocol";
identity ssh-rsa {
base public-key-alg-base;
description
- "SSH-RSA";
+ "Identity for the 'ssh-rsa' algorithm. Section 6.6";
reference
"RFC 4253:
The Secure Shell (SSH) Transport Layer Protocol";
identity rsa-sha2-256 {
base public-key-alg-base;
description
- "RSA-SHA2-256";
+ "Identity for the 'rsa-sha2-256' algorithm. Section 3";
reference
"RFC 8332:
- Use of RSA Keys with SHA-256 and SHA-512
- in the Secure Shell (SSH) Protocol";
+ Use of RSA Keys with SHA-256 and SHA-512 in the Secure Shell
+ (SSH) Protocol";
}
identity rsa-sha2-512 {
base public-key-alg-base;
description
- "RSA-SHA2-512";
+ "Identity for the 'rsa-sha2-512' algorithm. Section 3";
reference
"RFC 8332:
- Use of RSA Keys with SHA-256 and SHA-512
- in the Secure Shell (SSH) Protocol";
+ Use of RSA Keys with SHA-256 and SHA-512 in the Secure Shell
+ (SSH) Protocol";
}
identity spki-sign-rsa {
base public-key-alg-base;
description
- "SPKI-SIGN-RSA";
+ "Identity for the 'spki-sign-rsa' algorithm. Section 6.6";
reference
"RFC 4253:
The Secure Shell (SSH) Transport Layer Protocol";
identity spki-sign-dss {
base public-key-alg-base;
description
- "SPKI-SIGN-DSS";
+ "Identity for the 'spki-sign-dss' algorithm. Section 6.6";
reference
"RFC 4253:
The Secure Shell (SSH) Transport Layer Protocol";
identity pgp-sign-rsa {
base public-key-alg-base;
description
- "PGP-SIGN-RSA";
+ "Identity for the 'pgp-sign-rsa' algorithm. Section 6.6";
reference
"RFC 4253:
The Secure Shell (SSH) Transport Layer Protocol";
identity pgp-sign-dss {
base public-key-alg-base;
description
- "PGP-SIGN-DSS";
+ "Identity for the 'pgp-sign-dss' algorithm. Section 6.6";
reference
"RFC 4253:
The Secure Shell (SSH) Transport Layer Protocol";
identity null {
base public-key-alg-base;
description
- "NULL";
+ "Identity for the 'null' algorithm. Section 5";
reference
"RFC 4462:
- Generic Security Service Application Program Interface
- (GSS-API) Authentication and Key Exchange for the
- Secure Shell (SSH) Protocol";
+ Generic Security Service Application Program Interface (GSS-
+ API) Authentication and Key Exchange for the Secure Shell
+ (SSH) Protocol";
}
identity ecdsa-sha2-nistp256 {
base public-key-alg-base;
- status deprecated;
description
- "ECDSA-SHA2-NISTP256 (secp256r1)";
+ "Identity for the 'ecdsa-sha2-nistp256' algorithm.";
reference
"RFC 5656:
- Elliptic Curve Algorithm Integration in the
- Secure Shell Transport Layer";
+ Elliptic Curve Algorithm Integration in the Secure Shell
+ Transport Layer";
}
identity ecdsa-sha2-nistp384 {
base public-key-alg-base;
description
- "ECDSA-SHA2-NISTP384 (secp384r1)";
+ "Identity for the 'ecdsa-sha2-nistp384' algorithm.";
reference
"RFC 5656:
- Elliptic Curve Algorithm Integration in the
- Secure Shell Transport Layer";
+ Elliptic Curve Algorithm Integration in the Secure Shell
+ Transport Layer";
}
identity ecdsa-sha2-nistp521 {
base public-key-alg-base;
description
- "ECDSA-SHA2-NISTP521 (secp521r1)";
+ "Identity for the 'ecdsa-sha2-nistp521' algorithm.";
reference
"RFC 5656:
- Elliptic Curve Algorithm Integration in the
- Secure Shell Transport Layer";
+ Elliptic Curve Algorithm Integration in the Secure Shell
+ Transport Layer";
}
identity ecdsa-sha2-1.3.132.0.1 {
base public-key-alg-base;
description
- "ECDSA-SHA2-1.3.132.0.1 (nistk163, sect163k1)";
+ "Identity for the 'ecdsa-sha2-1.3.132.0.1' algorithm.";
reference
"RFC 5656:
- Elliptic Curve Algorithm Integration in the
- Secure Shell Transport Layer";
+ Elliptic Curve Algorithm Integration in the Secure Shell
+ Transport Layer";
}
identity ecdsa-sha2-1.2.840.10045.3.1.1 {
base public-key-alg-base;
description
- "ECDSA-SHA2-1.2.840.10045.3.1.1 (nistp192, secp192r1)";
+ "Identity for the 'ecdsa-sha2-1.2.840.10045.3.1.1' algorithm.";
reference
"RFC 5656:
- Elliptic Curve Algorithm Integration in the
- Secure Shell Transport Layer";
+ Elliptic Curve Algorithm Integration in the Secure Shell
+ Transport Layer";
}
identity ecdsa-sha2-1.3.132.0.33 {
base public-key-alg-base;
description
- "ECDSA-SHA2-1.3.132.0.33 (nistp224, secp224r1)";
+ "Identity for the 'ecdsa-sha2-1.3.132.0.33' algorithm.";
reference
"RFC 5656:
- Elliptic Curve Algorithm Integration in the
- Secure Shell Transport Layer";
+ Elliptic Curve Algorithm Integration in the Secure Shell
+ Transport Layer";
}
identity ecdsa-sha2-1.3.132.0.26 {
base public-key-alg-base;
description
- "ECDSA-SHA2-1.3.132.0.26 (nistk233, sect233k1)";
+ "Identity for the 'ecdsa-sha2-1.3.132.0.26' algorithm.";
reference
"RFC 5656:
- Elliptic Curve Algorithm Integration in the
- Secure Shell Transport Layer";
+ Elliptic Curve Algorithm Integration in the Secure Shell
+ Transport Layer";
}
identity ecdsa-sha2-1.3.132.0.27 {
base public-key-alg-base;
description
- "ECDSA-SHA2-1.3.132.0.27 (nistb233, sect233r1)";
+ "Identity for the 'ecdsa-sha2-1.3.132.0.27' algorithm.";
reference
"RFC 5656:
- Elliptic Curve Algorithm Integration in the
- Secure Shell Transport Layer";
+ Elliptic Curve Algorithm Integration in the Secure Shell
+ Transport Layer";
}
identity ecdsa-sha2-1.3.132.0.16 {
base public-key-alg-base;
description
- "ECDSA-SHA2-1.3.132.0.16 (nistk283, sect283k1)";
+ "Identity for the 'ecdsa-sha2-1.3.132.0.16' algorithm.";
reference
"RFC 5656:
- Elliptic Curve Algorithm Integration in the
- Secure Shell Transport Layer";
+ Elliptic Curve Algorithm Integration in the Secure Shell
+ Transport Layer";
}
identity ecdsa-sha2-1.3.132.0.36 {
base public-key-alg-base;
description
- "ECDSA-SHA2-1.3.132.0.36 (nistk409, sect409k1)";
+ "Identity for the 'ecdsa-sha2-1.3.132.0.36' algorithm.";
reference
"RFC 5656:
- Elliptic Curve Algorithm Integration in the
- Secure Shell Transport Layer";
+ Elliptic Curve Algorithm Integration in the Secure Shell
+ Transport Layer";
}
identity ecdsa-sha2-1.3.132.0.37 {
base public-key-alg-base;
description
- "ECDSA-SHA2-1.3.132.0.37 (nistb409, sect409r1)";
+ "Identity for the 'ecdsa-sha2-1.3.132.0.37' algorithm.";
reference
"RFC 5656:
- Elliptic Curve Algorithm Integration in the
- Secure Shell Transport Layer";
+ Elliptic Curve Algorithm Integration in the Secure Shell
+ Transport Layer";
}
identity ecdsa-sha2-1.3.132.0.38 {
base public-key-alg-base;
description
- "ECDSA-SHA2-1.3.132.0.38 (nistt571, sect571k1)";
+ "Identity for the 'ecdsa-sha2-1.3.132.0.38' algorithm.";
reference
"RFC 5656:
- Elliptic Curve Algorithm Integration in the
- Secure Shell Transport Layer";
+ Elliptic Curve Algorithm Integration in the Secure Shell
+ Transport Layer";
}
identity x509v3-ssh-dss {
base public-key-alg-base;
description
- "X509V3-SSH-DSS";
+ "Identity for the 'x509v3-ssh-dss' algorithm.";
reference
"RFC 6187:
X.509v3 Certificates for Secure Shell Authentication";
identity x509v3-ssh-rsa {
base public-key-alg-base;
description
- "X509V3-SSH-RSA";
+ "Identity for the 'x509v3-ssh-rsa' algorithm.";
reference
"RFC 6187:
X.509v3 Certificates for Secure Shell Authentication";
identity x509v3-rsa2048-sha256 {
base public-key-alg-base;
- status deprecated;
description
- "X509V3-RSA2048-SHA256";
+ "Identity for the 'x509v3-rsa2048-sha256' algorithm.";
reference
"RFC 6187:
X.509v3 Certificates for Secure Shell Authentication";
identity x509v3-ecdsa-sha2-nistp256 {
base public-key-alg-base;
description
- "X509V3-ECDSA-SHA2-NISTP256 (secp256r1)";
+ "Identity for the 'x509v3-ecdsa-sha2-nistp256' algorithm.";
reference
"RFC 6187:
X.509v3 Certificates for Secure Shell Authentication";
identity x509v3-ecdsa-sha2-nistp384 {
base public-key-alg-base;
description
- "X509V3-ECDSA-SHA2-NISTP384 (secp384r1)";
+ "Identity for the 'x509v3-ecdsa-sha2-nistp384' algorithm.";
reference
"RFC 6187:
X.509v3 Certificates for Secure Shell Authentication";
identity x509v3-ecdsa-sha2-nistp521 {
base public-key-alg-base;
description
- "X509V3-ECDSA-SHA2-NISTP521 (secp521r1)";
+ "Identity for the 'x509v3-ecdsa-sha2-nistp521' algorithm.";
reference
"RFC 6187:
X.509v3 Certificates for Secure Shell Authentication";
identity x509v3-ecdsa-sha2-1.3.132.0.1 {
base public-key-alg-base;
description
- "X509V3-ECDSA-SHA2-1.3.132.0.1 (nistk163, sect163k1)";
+ "Identity for the 'x509v3-ecdsa-sha2-1.3.132.0.1' algorithm.";
reference
"RFC 6187:
X.509v3 Certificates for Secure Shell Authentication";
identity x509v3-ecdsa-sha2-1.2.840.10045.3.1.1 {
base public-key-alg-base;
description
- "X509V3-ECDSA-SHA2-1.2.840.10045.3.1.1 (nistp192, secp192r1)";
+ "Identity for the 'x509v3-ecdsa-sha2-1.2.840.10045.3.1.1'
+ algorithm.";
reference
"RFC 6187:
X.509v3 Certificates for Secure Shell Authentication";
identity x509v3-ecdsa-sha2-1.3.132.0.33 {
base public-key-alg-base;
description
- "X509V3-ECDSA-SHA2-1.3.132.0.33 (nistp224, secp224r1)";
+ "Identity for the 'x509v3-ecdsa-sha2-1.3.132.0.33' algorithm.";
reference
"RFC 6187:
X.509v3 Certificates for Secure Shell Authentication";
identity x509v3-ecdsa-sha2-1.3.132.0.26 {
base public-key-alg-base;
description
- "X509V3-ECDSA-SHA2-1.3.132.0.26 (nistk233, sect233k1)";
+ "Identity for the 'x509v3-ecdsa-sha2-1.3.132.0.26' algorithm.";
reference
"RFC 6187:
X.509v3 Certificates for Secure Shell Authentication";
identity x509v3-ecdsa-sha2-1.3.132.0.27 {
base public-key-alg-base;
description
- "X509V3-ECDSA-SHA2-1.3.132.0.27 (nistb233, sect233r1)";
+ "Identity for the 'x509v3-ecdsa-sha2-1.3.132.0.27' algorithm.";
reference
"RFC 6187:
X.509v3 Certificates for Secure Shell Authentication";
identity x509v3-ecdsa-sha2-1.3.132.0.16 {
base public-key-alg-base;
description
- "X509V3-ECDSA-SHA2-1.3.132.0.16 (nistk283, sect283k1)";
+ "Identity for the 'x509v3-ecdsa-sha2-1.3.132.0.16' algorithm.";
reference
"RFC 6187:
X.509v3 Certificates for Secure Shell Authentication";
identity x509v3-ecdsa-sha2-1.3.132.0.36 {
base public-key-alg-base;
description
- "X509V3-ECDSA-SHA2-1.3.132.0.36 (nistk409, sect409k1)";
+ "Identity for the 'x509v3-ecdsa-sha2-1.3.132.0.36' algorithm.";
reference
"RFC 6187:
X.509v3 Certificates for Secure Shell Authentication";
identity x509v3-ecdsa-sha2-1.3.132.0.37 {
base public-key-alg-base;
description
- "X509V3-ECDSA-SHA2-1.3.132.0.37 (nistb409, sect409r1)";
+ "Identity for the 'x509v3-ecdsa-sha2-1.3.132.0.37' algorithm.";
reference
"RFC 6187:
X.509v3 Certificates for Secure Shell Authentication";
identity x509v3-ecdsa-sha2-1.3.132.0.38 {
base public-key-alg-base;
description
- "X509V3-ECDSA-SHA2-1.3.132.0.38 (nistt571, sect571k1)";
+ "Identity for the 'x509v3-ecdsa-sha2-1.3.132.0.38' algorithm.";
reference
"RFC 6187:
X.509v3 Certificates for Secure Shell Authentication";
identity ssh-ed25519 {
base public-key-alg-base;
description
- "SSH-ED25519";
+ "Identity for the 'ssh-ed25519' algorithm.";
reference
"RFC 8709:
- Ed25519 and Ed448 Public Key Algorithms for the
- Secure Shell (SSH) Protocol";
+ Ed25519 and Ed448 Public Key Algorithms for the Secure Shell
+ (SSH) Protocol";
}
identity ssh-ed448 {
base public-key-alg-base;
description
- "SSH-ED448";
+ "Identity for the 'ssh-ed448' algorithm.";
reference
"RFC 8709:
- Ed25519 and Ed448 Public Key Algorithms for the
- Secure Shell (SSH) Protocol";
- }
-
- // Protocol-accessible Nodes
-
- container supported-algorithms {
- config false;
- description
- "A container for a list of public key algorithms
- supported by the server.";
- leaf-list supported-algorithm {
- type public-key-algorithm-ref;
- description
- "A public key algorithm supported by the server.";
- }
+ Ed25519 and Ed448 Public Key Algorithms for the Secure Shell
+ (SSH) Protocol";
}
}
"This module defines a reusable grouping for SSH clients that
can be used as a basis for specific SSH client instances.
- Copyright (c) 2023 IETF Trust and the persons identified
+ Copyright (c) 2024 IETF Trust and the persons identified
as authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with
(RFC 8174) when, and only when, they appear in all
capitals, as shown here.";
- revision 2023-12-28 {
+ revision 2024-02-08 {
description
"Initial version";
reference
"This module defines a common features and groupings for
Secure Shell (SSH).
- Copyright (c) 2023 IETF Trust and the persons identified
+ Copyright (c) 2024 IETF Trust and the persons identified
as authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with
(RFC 8174) when, and only when, they appear in all
capitals, as shown here.";
- revision 2023-12-28 {
+ revision 2024-02-08 {
description
"Initial version";
reference
"SSH transport layer parameters are configurable.";
}
- feature public-key-generation {
+ feature asymmetric-key-pair-generation {
description
"Indicates that the server implements the
- 'generate-public-key' RPC.";
+ 'generate-asymmetric-key-pair' RPC.";
}
+ feature algorithm-discovery {
+ description
+ "Indicates that the server implements the
+ 'supported-algorithms' container.";
+ }
+
+
// Groupings
grouping transport-params-grouping {
// Protocol-accessible Nodes
- rpc generate-public-key {
- if-feature "public-key-generation";
+ container supported-algorithms {
+ if-feature "algorithm-discovery";
+ config false;
+ description
+ "Identifies all of the supported algorithms.";
+ container public-key-algorithms {
+ description
+ "A container for a list of public key algorithms
+ supported by the server.";
+ leaf-list supported-algorithm {
+ type sshpka:public-key-algorithm-ref;
+ description
+ "A public key algorithm supported by the server.";
+ }
+ }
+ container encryption-algorithms {
+ description
+ "A container for a list of encryption algorithms
+ supported by the server.";
+ leaf-list supported-algorithm {
+ type sshea:encryption-algorithm-ref;
+ description
+ "An encryption algorithm supported by the server.";
+ }
+ }
+ container key-exchange-algorithms {
+ config false;
+ description
+ "A container for a list of key exchange algorithms
+ supported by the server.";
+ leaf-list supported-algorithm {
+ type sshkea:key-exchange-algorithm-ref;
+ description
+ "A key exchange algorithm supported by the server.";
+ }
+ }
+ container mac-algorithms {
+ config false;
+ description
+ "A container for a list of MAC algorithms
+ supported by the server.";
+ leaf-list supported-algorithm {
+ type sshma:mac-algorithm-ref;
+ description
+ "A MAC algorithm supported by the server.";
+ }
+ }
+ }
+
+ rpc generate-asymmetric-key-pair {
+ if-feature "asymmetric-key-pair-generation";
description
"Requests the device to generate an public key using
the specified key algorithm.";
output {
uses ct:asymmetric-key-pair-grouping;
}
- } // end generate-public-key
+ } // end generate-asymmetric-key-pair
}
namespace "urn:ietf:params:xml:ns:yang:ietf-ssh-server";
prefix sshs;
+ import ietf-yang-types {
+ prefix yang;
+ reference
+ "RFC 6991: Common YANG Data Types";
+ }
+
import iana-crypt-hash {
prefix ianach;
reference
"This module defines a reusable grouping for SSH servers that
can be used as a basis for specific SSH server instances.
- Copyright (c) 2023 IETF Trust and the persons identified
+ Copyright (c) 2024 IETF Trust and the persons identified
as authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with
(RFC 8174) when, and only when, they appear in all
capitals, as shown here.";
- revision 2023-12-28 {
+ revision 2024-02-08 {
description
"Initial version";
reference
}
}
}
- leaf password {
- if-feature "local-user-auth-password";
- type ianach:crypt-hash;
+ container password {
description
- "The password for this user.";
+ "A password the SSH server may use to authenticate
+ this user. A user is authenticated if the hash
+ of the supplied password matches this value.";
+ leaf hashed-password {
+ if-feature "local-user-auth-password";
+ type ianach:crypt-hash;
+ description
+ "The password for this user.";
+ }
+ leaf last-modified {
+ type yang:date-and-time;
+ config false;
+ description
+ "Identifies when the password was last set.";
+ }
}
container hostbased {
if-feature "local-user-auth-hostbased";
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Host;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.IetfInetUtil;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.PortNumber;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev231228.SshClientGrouping;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev231228.ssh.client.grouping.ClientIdentity;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev231228.ssh.client.grouping.ClientIdentityBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev231228.ssh.client.grouping.ServerAuthentication;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev231228.SshServerGrouping;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev231228.ssh.server.grouping.ClientAuthentication;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev231228.ssh.server.grouping.ServerIdentity;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.client.rev231228.TcpClientGrouping;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.server.rev231228.TcpServerGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev240208.SshClientGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev240208.ssh.client.grouping.ClientIdentity;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev240208.ssh.client.grouping.ClientIdentityBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev240208.ssh.client.grouping.ServerAuthentication;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208.SshServerGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208.ssh.server.grouping.ClientAuthentication;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208.ssh.server.grouping.ServerIdentity;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.client.rev240208.TcpClientGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.server.rev240208.TcpServerGrouping;
import org.opendaylight.yangtools.yang.common.Uint16;
@ExtendWith(MockitoExtension.class)
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.crypt.hash.rev140806.CryptHash;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev231228.EcPrivateKeyFormat;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev231228.EndEntityCertCms;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev231228.PrivateKeyFormat;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev231228.RsaPrivateKeyFormat;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev231228.SshPublicKeyFormat;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev231228.SubjectPublicKeyInfoFormat;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev231228.TrustAnchorCertCms;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev231228._private.key.grouping._private.key.type.CleartextPrivateKeyBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev231228.password.grouping.password.type.CleartextPasswordBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev231228.ssh.client.grouping.ClientIdentity;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev231228.ssh.client.grouping.ClientIdentityBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev231228.ssh.client.grouping.ServerAuthentication;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev231228.ssh.client.grouping.ServerAuthenticationBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev231228.ssh.client.grouping.server.authentication.CaCertsBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev231228.ssh.client.grouping.server.authentication.SshHostKeysBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev231228.ssh.server.grouping.ClientAuthentication;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev231228.ssh.server.grouping.ClientAuthenticationBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev231228.ssh.server.grouping.ServerIdentity;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev231228.ssh.server.grouping.ServerIdentityBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev231228.ssh.server.grouping.client.authentication.UsersBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev231228.ssh.server.grouping.client.authentication.users.User;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev231228.ssh.server.grouping.client.authentication.users.UserBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev231228.ssh.server.grouping.client.authentication.users.user.PublicKeysBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.truststore.rev231228.inline.or.truststore.certs.grouping.inline.or.truststore.inline.inline.definition.CertificateBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev240208.EcPrivateKeyFormat;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev240208.EndEntityCertCms;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev240208.PrivateKeyFormat;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev240208.RsaPrivateKeyFormat;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev240208.SshPublicKeyFormat;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev240208.SubjectPublicKeyInfoFormat;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev240208.TrustAnchorCertCms;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev240208._private.key.grouping._private.key.type.CleartextPrivateKeyBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev240208.password.grouping.password.type.CleartextPasswordBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev240208.ssh.client.grouping.ClientIdentity;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev240208.ssh.client.grouping.ClientIdentityBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev240208.ssh.client.grouping.ServerAuthentication;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev240208.ssh.client.grouping.ServerAuthenticationBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev240208.ssh.client.grouping.server.authentication.CaCertsBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev240208.ssh.client.grouping.server.authentication.SshHostKeysBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208.ssh.server.grouping.ClientAuthentication;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208.ssh.server.grouping.ClientAuthenticationBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208.ssh.server.grouping.ServerIdentity;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208.ssh.server.grouping.ServerIdentityBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208.ssh.server.grouping.client.authentication.UsersBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208.ssh.server.grouping.client.authentication.users.User;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208.ssh.server.grouping.client.authentication.users.UserBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208.ssh.server.grouping.client.authentication.users.user.PasswordBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208.ssh.server.grouping.client.authentication.users.user.PublicKeysBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.truststore.rev240208.inline.or.truststore.certs.grouping.inline.or.truststore.inline.inline.definition.CertificateBuilder;
import org.opendaylight.yangtools.yang.binding.util.BindingMap;
public final class TestUtils {
return new ServerIdentityBuilder().setHostKey(List.of(buildServerHostKeyWithCertificate(keyData))).build();
}
- private static org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev231228
+ private static org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208
.ssh.server.grouping.server.identity.HostKey buildServerHostKeyWithKeyPair(final KeyData keyData) {
- return new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev231228
+ return new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208
.ssh.server.grouping.server.identity.HostKeyBuilder()
.setName(HOST_KEY_NAME)
- .setHostKeyType(new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev231228
+ .setHostKeyType(new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208
.ssh.server.grouping.server.identity.host.key.host.key.type.PublicKeyBuilder()
- .setPublicKey(new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev231228
+ .setPublicKey(new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208
.ssh.server.grouping.server.identity.host.key.host.key.type._public.key.PublicKeyBuilder()
.setInlineOrKeystore(buildAsymmetricKeyLocal(keyData))
.build())
.build();
}
- private static org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev231228
+ private static org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208
.ssh.server.grouping.server.identity.HostKey buildServerHostKeyWithCertificate(final KeyData keyData) {
- return new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev231228
+ return new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208
.ssh.server.grouping.server.identity.HostKeyBuilder()
.setName(HOST_KEY_NAME)
- .setHostKeyType(new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev231228
+ .setHostKeyType(new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208
.ssh.server.grouping.server.identity.host.key.host.key.type.CertificateBuilder()
- .setCertificate(new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev231228
+ .setCertificate(new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208
.ssh.server.grouping.server.identity.host.key.host.key.type.certificate.CertificateBuilder()
.setInlineOrKeystore(buildEndEntityCertWithKeyLocal(keyData))
.build())
.build();
}
- private static org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.truststore.rev231228
+ private static org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.truststore.rev240208
.inline.or.truststore._public.keys.grouping.inline.or.truststore.Inline buildTruststorePublicKeyLocal(
final KeyData keyData) {
- return new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.truststore.rev231228
+ return new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.truststore.rev240208
.inline.or.truststore._public.keys.grouping.inline.or.truststore.InlineBuilder()
- .setInlineDefinition(new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.truststore.rev231228
+ .setInlineDefinition(new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.truststore.rev240208
.inline.or.truststore._public.keys.grouping.inline.or.truststore.inline.InlineDefinitionBuilder()
.setPublicKey(BindingMap.of(new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.truststore
- .rev231228.inline.or.truststore._public.keys.grouping.inline.or.truststore.inline.inline.definition
+ .rev240208.inline.or.truststore._public.keys.grouping.inline.or.truststore.inline.inline.definition
.PublicKeyBuilder()
.setName(PUBLIC_KEY_NAME)
.setPublicKeyFormat(SshPublicKeyFormat.VALUE)
.build();
}
- private static org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.truststore.rev231228
+ private static org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.truststore.rev240208
.inline.or.truststore.certs.grouping.inline.or.truststore.Inline buildTruststoreCertificatesLocal(
final byte[] certificateBytes) {
- return new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.truststore.rev231228
+ return new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.truststore.rev240208
.inline.or.truststore.certs.grouping.inline.or.truststore.InlineBuilder()
- .setInlineDefinition(new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.truststore.rev231228
+ .setInlineDefinition(new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.truststore.rev240208
.inline.or.truststore.certs.grouping.inline.or.truststore.inline.InlineDefinitionBuilder()
.setCertificate(BindingMap.of(new CertificateBuilder()
.setName(CERTIFICATE_NAME)
.build();
}
- private static org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore.rev231228
+ private static org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore.rev240208
.inline.or.keystore.asymmetric.key.grouping.InlineOrKeystore buildAsymmetricKeyLocal(final KeyData data) {
return buildAsymmetricKeyLocal(data.algorithm(), data.publicKeyBytes(), data.privateKeyBytes());
}
- private static org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore.rev231228
+ private static org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore.rev240208
.inline.or.keystore.asymmetric.key.grouping.InlineOrKeystore buildAsymmetricKeyLocal(final String algorithm,
final byte[] publicKeyBytes, final byte[] privateKeyBytes) {
- return new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore.rev231228
+ return new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore.rev240208
.inline.or.keystore.asymmetric.key.grouping.inline.or.keystore.InlineBuilder()
- .setInlineDefinition(new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore.rev231228
+ .setInlineDefinition(new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore.rev240208
.inline.or.keystore.asymmetric.key.grouping.inline.or.keystore.inline.InlineDefinitionBuilder()
.setPublicKeyFormat(SubjectPublicKeyInfoFormat.VALUE)
.setPublicKey(publicKeyBytes)
.build();
}
- public static org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore.rev231228
+ public static org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore.rev240208
.inline.or.keystore.end.entity.cert.with.key.grouping.InlineOrKeystore buildEndEntityCertWithKeyLocal(
final KeyData keyData) {
- return new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore.rev231228
+ return new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore.rev240208
.inline.or.keystore.end.entity.cert.with.key.grouping.inline.or.keystore.InlineBuilder()
- .setInlineDefinition(new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore.rev231228
+ .setInlineDefinition(new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore.rev240208
.inline.or.keystore.end.entity.cert.with.key.grouping.inline.or.keystore.inline
.InlineDefinitionBuilder()
.setPublicKeyFormat(SubjectPublicKeyInfoFormat.VALUE)
private static User buildServerUserHostBased(final String userName, final byte[] publicKeyBytes) {
return new UserBuilder()
.setName(userName)
- .setHostbased(new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev231228
+ .setHostbased(new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208
.ssh.server.grouping.client.authentication.users.user.HostbasedBuilder()
.setInlineOrTruststore(buildPublicKeyLocal(publicKeyBytes))
.build())
.build();
}
- private static org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.truststore.rev231228
+ private static org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.truststore.rev240208
.inline.or.truststore._public.keys.grouping.inline.or.truststore.Inline buildPublicKeyLocal(
final byte[] publicKeyBytes) {
- return new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.truststore.rev231228
+ return new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.truststore.rev240208
.inline.or.truststore._public.keys.grouping.inline.or.truststore.InlineBuilder()
- .setInlineDefinition(new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.truststore.rev231228
+ .setInlineDefinition(new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.truststore.rev240208
.inline.or.truststore._public.keys.grouping.inline.or.truststore.inline.InlineDefinitionBuilder()
.setPublicKey(BindingMap.of(new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf
- .truststore.rev231228.inline.or.truststore._public.keys.grouping.inline.or.truststore.inline.inline
+ .truststore.rev240208.inline.or.truststore._public.keys.grouping.inline.or.truststore.inline.inline
.definition.PublicKeyBuilder()
.setPublicKeyFormat(SshPublicKeyFormat.VALUE)
.setName(PUBLIC_KEY_NAME)
}
private static User buildServerUserWithPassword(final String userName, final String cryptHash) {
- return new UserBuilder().setName(userName).setPassword(new CryptHash(cryptHash)).build();
+ return new UserBuilder()
+ .setName(userName)
+ .setPassword(new PasswordBuilder()
+ .setHashedPassword(new CryptHash(cryptHash))
+ .build())
+ .build();
}
public static ClientIdentity buildClientIdentityWithPassword(final String username, final String password) {
return new ClientIdentityBuilder()
.setUsername(username)
- .setPassword(new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev231228
+ .setPassword(new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev240208
.ssh.client.grouping.client.identity.PasswordBuilder()
.setPasswordType(new CleartextPasswordBuilder().setCleartextPassword(password).build()).build())
.build();
public static ClientIdentity buildClientIdentityHostBased(final String username, final KeyData data) {
return new ClientIdentityBuilder()
.setUsername(username)
- .setHostbased(new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev231228
+ .setHostbased(new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev240208
.ssh.client.grouping.client.identity.HostbasedBuilder()
.setInlineOrKeystore(buildAsymmetricKeyLocal(data))
.build())
public static ClientIdentity buildClientIdentityWithPublicKey(final String username, final KeyData data) {
return new ClientIdentityBuilder()
.setUsername(username)
- .setPublicKey(new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev231228
+ .setPublicKey(new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev240208
.ssh.client.grouping.client.identity.PublicKeyBuilder()
.setInlineOrKeystore(buildAsymmetricKeyLocal(data))
.build())
import io.netty.channel.socket.SocketChannel;
import java.util.concurrent.ThreadFactory;
import org.eclipse.jdt.annotation.NonNullByDefault;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.common.rev231228.tcp.common.grouping.Keepalives;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.common.rev240208.tcp.common.grouping.Keepalives;
/**
* Wrapper around a particular Netty transport implementation.
import io.netty.channel.epoll.EpollSocketChannel;
import java.util.concurrent.ThreadFactory;
import org.eclipse.jdt.annotation.NonNullByDefault;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.common.rev231228.tcp.common.grouping.Keepalives;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.common.rev240208.tcp.common.grouping.Keepalives;
@NonNullByDefault
final class EpollNettyImpl extends AbstractNettyImpl {
import java.util.Set;
import org.eclipse.jdt.annotation.NonNullByDefault;
import org.kohsuke.MetaInfServices;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.client.rev231228.IetfTcpClientData;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.client.rev231228.LocalBindingSupported;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.client.rev231228.TcpClientKeepalives;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.client.rev240208.IetfTcpClientData;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.client.rev240208.LocalBindingSupported;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.client.rev240208.TcpClientKeepalives;
import org.opendaylight.yangtools.yang.binding.YangFeature;
import org.opendaylight.yangtools.yang.binding.YangFeatureProvider;
import java.util.Set;
import org.eclipse.jdt.annotation.NonNullByDefault;
import org.kohsuke.MetaInfServices;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.common.rev231228.IetfTcpCommonData;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.common.rev231228.KeepalivesSupported;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.common.rev240208.IetfTcpCommonData;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.common.rev240208.KeepalivesSupported;
import org.opendaylight.yangtools.yang.binding.YangFeature;
import org.opendaylight.yangtools.yang.binding.YangFeatureProvider;
import java.util.Set;
import org.eclipse.jdt.annotation.NonNullByDefault;
import org.kohsuke.MetaInfServices;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.server.rev231228.IetfTcpServerData;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.server.rev231228.TcpServerKeepalives;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.server.rev240208.IetfTcpServerData;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.server.rev240208.TcpServerKeepalives;
import org.opendaylight.yangtools.yang.binding.YangFeature;
import org.opendaylight.yangtools.yang.binding.YangFeatureProvider;
import org.eclipse.jdt.annotation.NonNullByDefault;
import org.eclipse.jdt.annotation.Nullable;
import org.opendaylight.netconf.transport.api.UnsupportedConfigurationException;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.common.rev231228.tcp.common.grouping.Keepalives;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.common.rev240208.tcp.common.grouping.Keepalives;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import java.util.concurrent.ThreadFactory;
import jdk.net.ExtendedSocketOptions;
import org.eclipse.jdt.annotation.NonNullByDefault;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.common.rev231228.tcp.common.grouping.Keepalives;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.common.rev240208.tcp.common.grouping.Keepalives;
import org.slf4j.LoggerFactory;
@NonNullByDefault
import org.eclipse.jdt.annotation.NonNull;
import org.opendaylight.netconf.transport.api.TransportChannelListener;
import org.opendaylight.netconf.transport.api.UnsupportedConfigurationException;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.client.rev231228.TcpClientGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.client.rev240208.TcpClientGrouping;
import org.opendaylight.yangtools.yang.common.Empty;
/**
import org.eclipse.jdt.annotation.NonNull;
import org.opendaylight.netconf.transport.api.TransportChannelListener;
import org.opendaylight.netconf.transport.api.UnsupportedConfigurationException;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.server.rev231228.TcpServerGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.server.rev240208.TcpServerGrouping;
import org.opendaylight.yangtools.yang.common.Empty;
/**
"This module defines reusable groupings for TCP clients that
can be used as a basis for specific TCP client instances.
- Copyright (c) 2023 IETF Trust and the persons identified
+ Copyright (c) 2024 IETF Trust and the persons identified
as authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with
(RFC 8174) when, and only when, they appear in all
capitals, as shown here.";
- revision 2023-12-28 {
+ revision 2024-02-08 {
description
"Initial version";
reference
refine "keepalives" {
if-feature "tcp-client-keepalives";
description
- "Add an if-feature statement so that implementations
+ "An if-feature statement so that implementations
can choose to support TCP client keepalives.";
}
}
(RFC 8174) when, and only when, they appear in all
capitals, as shown here.";
- revision 2023-12-28 {
+ revision 2024-02-08 {
description
"Initial version";
reference
whole.";
container keepalives {
if-feature "keepalives-supported";
+ presence
+ "Indicates that keepalives are enabled, aligning to
+ the requirement in Section 3.8.4 RFC 9293 that
+ keepalives are off by default.";
description
"Configures the keep-alive policy, to proactively test the
aliveness of the TCP peer. An unresponsive TCP peer is
probe-interval) seconds. Further guidance can be found
in Section 2.1.5 of RFC DDDD.";
reference
- "RFC 9293:
- Transmission Control Protocol (TCP), Section 3.8.4..";
+ "RFC 9293: Transmission Control Protocol (TCP)";
leaf idle-time {
type uint16 {
range "1..max";
"Sets the amount of time after which if no data has been
received from the TCP peer, a TCP-level probe message
will be sent to test the aliveness of the TCP peer.
- Two hours (7200 seconds) is safe value, per RFC 1122.";
+ Two hours (7200 seconds) is safe value, per RFC 9293
+ Section 3.8.4.";
reference
- "RFC 1122:
- Requirements for Internet Hosts -- Communication Layers";
+ "RFC 9293: Transmission Control Protocol (TCP)";
+
}
leaf max-probes {
type uint16 {
"This module defines reusable groupings for TCP servers that
can be used as a basis for specific TCP server instances.
- Copyright (c) 2023 IETF Trust and the persons identified
+ Copyright (c) 2024 IETF Trust and the persons identified
as authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with
(RFC 8174) when, and only when, they appear in all
capitals, as shown here.";
- revision 2023-12-28 {
+ revision 2024-02-08 {
description
"Initial version";
reference
refine "keepalives" {
if-feature "tcp-server-keepalives";
description
- "Add an if-feature statement so that implementations
+ "An if-feature statement so that implementations
can choose to support TCP server keepalives.";
}
}
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Host;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.IetfInetUtil;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.PortNumber;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.client.rev231228.TcpClientGrouping;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.server.rev231228.TcpServerGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.client.rev240208.TcpClientGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.server.rev240208.TcpServerGrouping;
import org.opendaylight.yangtools.yang.common.Uint16;
@ExtendWith(MockitoExtension.class)
import org.eclipse.jdt.annotation.NonNull;
import org.eclipse.jdt.annotation.Nullable;
import org.opendaylight.netconf.transport.api.UnsupportedConfigurationException;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev231228.AsymmetricKeyPairGrouping;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev231228.EcPrivateKeyFormat;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev231228.RsaPrivateKeyFormat;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev231228.SshPublicKeyFormat;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev231228.SubjectPublicKeyInfoFormat;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev231228._private.key.grouping._private.key.type.CleartextPrivateKey;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore.rev231228.InlineOrKeystoreAsymmetricKeyGrouping;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore.rev231228.InlineOrKeystoreEndEntityCertWithKeyGrouping;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.truststore.rev231228.InlineOrTruststoreCertsGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev240208.AsymmetricKeyPairGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev240208.EcPrivateKeyFormat;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev240208.RsaPrivateKeyFormat;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev240208.SshPublicKeyFormat;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev240208.SubjectPublicKeyInfoFormat;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev240208._private.key.grouping._private.key.type.CleartextPrivateKey;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore.rev240208.InlineOrKeystoreAsymmetricKeyGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore.rev240208.InlineOrKeystoreEndEntityCertWithKeyGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.truststore.rev240208.InlineOrTruststoreCertsGrouping;
final class ConfigUtils {
return Map.of();
}
final var inline = ofType(org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.truststore
- .rev231228.inline.or.truststore.certs.grouping.inline.or.truststore.Inline.class,
+ .rev240208.inline.or.truststore.certs.grouping.inline.or.truststore.Inline.class,
certs.getInlineOrTruststore());
final var inlineDef = inline.getInlineDefinition();
if (inlineDef == null) {
final @NonNull InlineOrKeystoreAsymmetricKeyGrouping input)
throws UnsupportedConfigurationException {
- final var inline = ofType(org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore.rev231228
+ final var inline = ofType(org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore.rev240208
.inline.or.keystore.asymmetric.key.grouping.inline.or.keystore.Inline.class,
input.getInlineOrKeystore());
final var inlineDef = inline.getInlineDefinition();
static void setEndEntityCertificateWithKey(final @NonNull KeyStore keyStore,
final @NonNull InlineOrKeystoreEndEntityCertWithKeyGrouping input)
throws UnsupportedConfigurationException {
- final var inline = ofType(org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore.rev231228
+ final var inline = ofType(org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore.rev240208
.inline.or.keystore.end.entity.cert.with.key.grouping.inline.or.keystore.Inline.class,
input.getInlineOrKeystore());
final var inlineDef = inline.getInlineDefinition();
import io.netty.handler.ssl.SslContext;
import java.net.SocketAddress;
import org.opendaylight.netconf.transport.api.UnsupportedConfigurationException;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.client.rev231228.TlsClientGrouping;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.server.rev231228.TlsServerGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.client.rev240208.TlsClientGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.server.rev240208.TlsServerGrouping;
public final class FixedSslHandlerFactory extends SslHandlerFactory {
private final SslContext sslContext;
import java.util.Set;
import org.eclipse.jdt.annotation.NonNullByDefault;
import org.kohsuke.MetaInfServices;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.client.rev231228.ClientIdentX509Cert;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.client.rev231228.IetfTlsClientData;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.client.rev231228.ServerAuthX509Cert;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.client.rev240208.ClientIdentX509Cert;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.client.rev240208.IetfTlsClientData;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.client.rev240208.ServerAuthX509Cert;
import org.opendaylight.yangtools.yang.binding.YangFeature;
import org.opendaylight.yangtools.yang.binding.YangFeatureProvider;
import org.eclipse.jdt.annotation.NonNullByDefault;
import org.eclipse.jdt.annotation.Nullable;
import org.kohsuke.MetaInfServices;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.common.rev231228.HelloParams;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.common.rev231228.IetfTlsCommonData;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.common.rev231228.Tls12$F;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.common.rev231228.Tls12$I;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.common.rev231228.Tls13$F;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.common.rev231228.Tls13$I;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.common.rev231228.TlsVersionBase;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.common.rev240208.HelloParams;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.common.rev240208.IetfTlsCommonData;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.common.rev240208.Tls12$F;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.common.rev240208.Tls12$I;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.common.rev240208.Tls13$F;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.common.rev240208.Tls13$I;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.common.rev240208.TlsVersionBase;
import org.opendaylight.yangtools.yang.binding.YangFeature;
import org.opendaylight.yangtools.yang.binding.YangFeatureProvider;
import java.util.Set;
import org.eclipse.jdt.annotation.NonNullByDefault;
import org.kohsuke.MetaInfServices;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.server.rev231228.ClientAuthSupported;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.server.rev231228.ClientAuthX509Cert;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.server.rev231228.IetfTlsServerData;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.server.rev231228.ServerIdentX509Cert;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.server.rev240208.ClientAuthSupported;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.server.rev240208.ClientAuthX509Cert;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.server.rev240208.IetfTlsServerData;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.server.rev240208.ServerIdentX509Cert;
import org.opendaylight.yangtools.yang.binding.YangFeature;
import org.opendaylight.yangtools.yang.binding.YangFeatureProvider;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
import org.opendaylight.netconf.transport.api.UnsupportedConfigurationException;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.common.rev231228.HelloParamsGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.common.rev240208.HelloParamsGrouping;
/**
* A pre-configured factory for creating {@link SslHandler}s.
import org.eclipse.jdt.annotation.NonNull;
import org.eclipse.jdt.annotation.Nullable;
import org.opendaylight.netconf.transport.api.UnsupportedConfigurationException;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.tls.cipher.suite.algs.rev220616.CipherSuiteAlgBase;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.tls.cipher.suite.algs.rev220616.TlsAes128CcmSha256;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.tls.cipher.suite.algs.rev220616.TlsAes128GcmSha256;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.tls.cipher.suite.algs.rev220616.TlsAes256GcmSha384;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.tls.cipher.suite.algs.rev220616.TlsChacha20Poly1305Sha256;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.tls.cipher.suite.algs.rev220616.TlsDhePskWithAes128Ccm;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.tls.cipher.suite.algs.rev220616.TlsDhePskWithAes128GcmSha256;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.tls.cipher.suite.algs.rev220616.TlsDhePskWithAes256Ccm;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.tls.cipher.suite.algs.rev220616.TlsDhePskWithAes256GcmSha384;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.tls.cipher.suite.algs.rev220616.TlsDhePskWithChacha20Poly1305Sha256;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.tls.cipher.suite.algs.rev220616.TlsDheRsaWithAes128Ccm;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.tls.cipher.suite.algs.rev220616.TlsDheRsaWithAes128GcmSha256;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.tls.cipher.suite.algs.rev220616.TlsDheRsaWithAes256Ccm;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.tls.cipher.suite.algs.rev220616.TlsDheRsaWithAes256GcmSha384;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.tls.cipher.suite.algs.rev220616.TlsDheRsaWithChacha20Poly1305Sha256;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.tls.cipher.suite.algs.rev220616.TlsEcdheEcdsaWithAes128GcmSha256;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.tls.cipher.suite.algs.rev220616.TlsEcdheEcdsaWithAes256GcmSha384;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.tls.cipher.suite.algs.rev220616.TlsEcdheEcdsaWithChacha20Poly1305Sha256;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.tls.cipher.suite.algs.rev220616.TlsEcdhePskWithAes128CcmSha256;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.tls.cipher.suite.algs.rev220616.TlsEcdhePskWithAes128GcmSha256;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.tls.cipher.suite.algs.rev220616.TlsEcdhePskWithAes256GcmSha384;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.tls.cipher.suite.algs.rev220616.TlsEcdhePskWithChacha20Poly1305Sha256;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.tls.cipher.suite.algs.rev220616.TlsEcdheRsaWithAes128GcmSha256;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.tls.cipher.suite.algs.rev220616.TlsEcdheRsaWithAes256GcmSha384;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.tls.cipher.suite.algs.rev220616.TlsEcdheRsaWithChacha20Poly1305Sha256;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore.rev231228.InlineOrKeystoreAsymmetricKeyGrouping;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore.rev231228.InlineOrKeystoreEndEntityCertWithKeyGrouping;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.client.rev231228.TlsClientGrouping;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.client.rev231228.tls.client.grouping.client.identity.auth.type.Certificate;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.client.rev231228.tls.client.grouping.client.identity.auth.type.RawPublicKey;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.common.rev231228.HelloParamsGrouping;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.common.rev231228.TlsVersionBase;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.server.rev231228.TlsServerGrouping;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.server.rev231228.tls.server.grouping.server.identity.auth.type.RawPrivateKey;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.truststore.rev231228.InlineOrTruststoreCertsGrouping;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.truststore.rev231228.InlineOrTruststorePublicKeysGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.tls.cipher.suite.algs.rev240208.CipherSuiteAlgBase;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.tls.cipher.suite.algs.rev240208.TLSAES128CCMSHA256;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.tls.cipher.suite.algs.rev240208.TLSAES128GCMSHA256;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.tls.cipher.suite.algs.rev240208.TLSAES256GCMSHA384;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.tls.cipher.suite.algs.rev240208.TLSCHACHA20POLY1305SHA256;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.tls.cipher.suite.algs.rev240208.TLSDHEPSKWITHAES128CCM;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.tls.cipher.suite.algs.rev240208.TLSDHEPSKWITHAES128GCMSHA256;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.tls.cipher.suite.algs.rev240208.TLSDHEPSKWITHAES256CCM;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.tls.cipher.suite.algs.rev240208.TLSDHEPSKWITHAES256GCMSHA384;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.tls.cipher.suite.algs.rev240208.TLSDHEPSKWITHCHACHA20POLY1305SHA256;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.tls.cipher.suite.algs.rev240208.TLSDHERSAWITHAES128CCM;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.tls.cipher.suite.algs.rev240208.TLSDHERSAWITHAES128GCMSHA256;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.tls.cipher.suite.algs.rev240208.TLSDHERSAWITHAES256CCM;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.tls.cipher.suite.algs.rev240208.TLSDHERSAWITHAES256GCMSHA384;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.tls.cipher.suite.algs.rev240208.TLSDHERSAWITHCHACHA20POLY1305SHA256;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.tls.cipher.suite.algs.rev240208.TLSECDHEECDSAWITHAES128GCMSHA256;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.tls.cipher.suite.algs.rev240208.TLSECDHEECDSAWITHAES256GCMSHA384;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.tls.cipher.suite.algs.rev240208.TLSECDHEECDSAWITHCHACHA20POLY1305SHA256;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.tls.cipher.suite.algs.rev240208.TLSECDHEPSKWITHAES128CCMSHA256;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.tls.cipher.suite.algs.rev240208.TLSECDHEPSKWITHAES128GCMSHA256;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.tls.cipher.suite.algs.rev240208.TLSECDHEPSKWITHAES256GCMSHA384;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.tls.cipher.suite.algs.rev240208.TLSECDHEPSKWITHCHACHA20POLY1305SHA256;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.tls.cipher.suite.algs.rev240208.TLSECDHERSAWITHAES128GCMSHA256;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.tls.cipher.suite.algs.rev240208.TLSECDHERSAWITHAES256GCMSHA384;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.tls.cipher.suite.algs.rev240208.TLSECDHERSAWITHCHACHA20POLY1305SHA256;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore.rev240208.InlineOrKeystoreAsymmetricKeyGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore.rev240208.InlineOrKeystoreEndEntityCertWithKeyGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.client.rev240208.TlsClientGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.client.rev240208.tls.client.grouping.client.identity.auth.type.Certificate;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.client.rev240208.tls.client.grouping.client.identity.auth.type.RawPublicKey;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.common.rev240208.HelloParamsGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.common.rev240208.TlsVersionBase;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.server.rev240208.TlsServerGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.server.rev240208.tls.server.grouping.server.identity.auth.type.RawPrivateKey;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.truststore.rev240208.InlineOrTruststoreCertsGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.truststore.rev240208.InlineOrTruststorePublicKeysGrouping;
/**
* Extension interface for external service integration with TLS transport. Used to build {@link TLSClient} and
public abstract class SslHandlerFactory {
private static final ImmutableMap<CipherSuiteAlgBase, String> CIPHER_SUITES =
ImmutableMap.<CipherSuiteAlgBase, String>builder()
- .put(TlsAes128CcmSha256.VALUE, "TLS_AES_128_CCM_SHA256")
- .put(TlsAes128GcmSha256.VALUE, "TLS_AES_128_GCM_SHA256")
- .put(TlsAes256GcmSha384.VALUE, "TLS_AES_256_GCM_SHA384")
- .put(TlsChacha20Poly1305Sha256.VALUE, "TLS_CHACHA20_POLY1305_SHA256")
- .put(TlsDhePskWithAes128Ccm.VALUE, "TLS_DHE_PSK_WITH_AES_128_CCM")
- .put(TlsDhePskWithAes128GcmSha256.VALUE, "TLS_DHE_PSK_WITH_AES_128_GCM_SHA256")
- .put(TlsDhePskWithAes256Ccm.VALUE, "TLS_DHE_PSK_WITH_AES_256_CCM")
- .put(TlsDhePskWithAes256GcmSha384.VALUE, "TLS_DHE_PSK_WITH_AES_256_GCM_SHA384")
- .put(TlsDhePskWithChacha20Poly1305Sha256.VALUE, "TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256")
- .put(TlsDheRsaWithAes128Ccm.VALUE, "TLS_DHE_RSA_WITH_AES_128_CCM")
- .put(TlsDheRsaWithAes128GcmSha256.VALUE, "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256")
- .put(TlsDheRsaWithAes256Ccm.VALUE, "TLS_DHE_RSA_WITH_AES_256_CCM")
- .put(TlsDheRsaWithAes256GcmSha384.VALUE, "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384")
- .put(TlsDheRsaWithChacha20Poly1305Sha256.VALUE, "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256")
- .put(TlsEcdheEcdsaWithAes128GcmSha256.VALUE, "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256")
- .put(TlsEcdheEcdsaWithAes256GcmSha384.VALUE, "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384")
- .put(TlsEcdheEcdsaWithChacha20Poly1305Sha256.VALUE, "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256")
- .put(TlsEcdhePskWithAes128CcmSha256.VALUE, "TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256")
- .put(TlsEcdhePskWithAes128GcmSha256.VALUE, "TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256")
- .put(TlsEcdhePskWithAes256GcmSha384.VALUE, "TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384")
- .put(TlsEcdhePskWithChacha20Poly1305Sha256.VALUE, "TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256")
- .put(TlsEcdheRsaWithAes128GcmSha256.VALUE, "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256")
- .put(TlsEcdheRsaWithAes256GcmSha384.VALUE, "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384")
- .put(TlsEcdheRsaWithChacha20Poly1305Sha256.VALUE, "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256")
+ .put(TLSAES128CCMSHA256.VALUE, "TLS_AES_128_CCM_SHA256")
+ .put(TLSAES128GCMSHA256.VALUE, "TLS_AES_128_GCM_SHA256")
+ .put(TLSAES256GCMSHA384.VALUE, "TLS_AES_256_GCM_SHA384")
+ .put(TLSCHACHA20POLY1305SHA256.VALUE, "TLS_CHACHA20_POLY1305_SHA256")
+ .put(TLSDHEPSKWITHAES128CCM.VALUE, "TLS_DHE_PSK_WITH_AES_128_CCM")
+ .put(TLSDHEPSKWITHAES128GCMSHA256.VALUE, "TLS_DHE_PSK_WITH_AES_128_GCM_SHA256")
+ .put(TLSDHEPSKWITHAES256CCM.VALUE, "TLS_DHE_PSK_WITH_AES_256_CCM")
+ .put(TLSDHEPSKWITHAES256GCMSHA384.VALUE, "TLS_DHE_PSK_WITH_AES_256_GCM_SHA384")
+ .put(TLSDHEPSKWITHCHACHA20POLY1305SHA256.VALUE, "TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256")
+ .put(TLSDHERSAWITHAES128CCM.VALUE, "TLS_DHE_RSA_WITH_AES_128_CCM")
+ .put(TLSDHERSAWITHAES128GCMSHA256.VALUE, "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256")
+ .put(TLSDHERSAWITHAES256CCM.VALUE, "TLS_DHE_RSA_WITH_AES_256_CCM")
+ .put(TLSDHERSAWITHAES256GCMSHA384.VALUE, "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384")
+ .put(TLSDHERSAWITHCHACHA20POLY1305SHA256.VALUE, "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256")
+ .put(TLSECDHEECDSAWITHAES128GCMSHA256.VALUE, "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256")
+ .put(TLSECDHEECDSAWITHAES256GCMSHA384.VALUE, "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384")
+ .put(TLSECDHEECDSAWITHCHACHA20POLY1305SHA256.VALUE, "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256")
+ .put(TLSECDHEPSKWITHAES128CCMSHA256.VALUE, "TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256")
+ .put(TLSECDHEPSKWITHAES128GCMSHA256.VALUE, "TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256")
+ .put(TLSECDHEPSKWITHAES256GCMSHA384.VALUE, "TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384")
+ .put(TLSECDHEPSKWITHCHACHA20POLY1305SHA256.VALUE, "TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256")
+ .put(TLSECDHERSAWITHAES128GCMSHA256.VALUE, "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256")
+ .put(TLSECDHERSAWITHAES256GCMSHA384.VALUE, "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384")
+ .put(TLSECDHERSAWITHCHACHA20POLY1305SHA256.VALUE, "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256")
.build();
/**
final SslContextBuilder builder;
final var authType = serverIdentity.getAuthType();
if (authType
- instanceof org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.server.rev231228
+ instanceof org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.server.rev240208
.tls.server.grouping.server.identity.auth.type.Certificate cert) {
// if-feature "server-ident-x509-cert"
final var certificate = cert.getCertificate();
import org.opendaylight.netconf.transport.api.UnsupportedConfigurationException;
import org.opendaylight.netconf.transport.tcp.TCPClient;
import org.opendaylight.netconf.transport.tcp.TCPServer;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.client.rev231228.TcpClientGrouping;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.server.rev231228.TcpServerGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.client.rev240208.TcpClientGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.server.rev240208.TcpServerGrouping;
/**
* A {@link TransportStack} acting as a TLS client.
import org.opendaylight.netconf.transport.api.UnsupportedConfigurationException;
import org.opendaylight.netconf.transport.tcp.TCPClient;
import org.opendaylight.netconf.transport.tcp.TCPServer;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.client.rev231228.TcpClientGrouping;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.server.rev231228.TcpServerGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.client.rev240208.TcpClientGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.server.rev240208.TcpServerGrouping;
/**
* A {@link TransportStack} acting as a TLS server.
+++ /dev/null
-module iana-tls-cipher-suite-algs {
- yang-version 1.1;
- namespace "urn:ietf:params:xml:ns:yang:iana-tls-cipher-suite-algs";
- prefix tlscsa;
-
- organization
- "Internet Assigned Numbers Authority (IANA)";
-
- contact
- "Postal: ICANN
- 12025 Waterfront Drive, Suite 300
- Los Angeles, CA 90094-2536
- United States of America
- Tel: +1 310 301 5800
- Email: iana@iana.org";
-
- description
- "This module defines identities for the Cipher Suite
- algorithms defined in the 'TLS Cipher Suites' sub-registry
- of the 'Transport Layer Security (TLS) Parameters' registry
- maintained by IANA.
-
- Copyright (c) 2022 IETF Trust and the persons identified as
- authors of the code. All rights reserved.
-
- Redistribution and use in source and binary forms, with
- or without modification, is permitted pursuant to, and
- subject to the license terms contained in, the Revised
- BSD License set forth in Section 4.c of the IETF Trust's
- Legal Provisions Relating to IETF Documents
- (https://trustee.ietf.org/license-info).
-
- The initial version of this YANG module is part of RFC FFFF
- (https://www.rfc-editor.org/info/rfcFFFF); see the RFC
- itself for full legal notices.";
-
- revision 2022-06-16 {
- description
- "Reflect contents of the public key algorithms registry
- on June 16, 2022.";
- reference
- "RFC FFFF: YANG Groupings for TLS Clients and TLS Servers";
- }
-
- // Typedefs
-
- typedef cipher-suite-algorithm-ref {
- type identityref {
- base "cipher-suite-alg-base";
- }
- description
- "A reference to a TLS cipher suite algorithm identifier.";
- }
-
-
- // Identities
-
- identity cipher-suite-alg-base {
- description
- "Base identity used to identify TLS cipher suites.";
- }
-
- identity tls-null-with-null-null {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-NULL-WITH-NULL-NULL";
- reference
- "RFC 5246:
- The Transport Layer Security (TLS) Protocol Version 1.2";
- }
-
- identity tls-rsa-with-null-md5 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-RSA-WITH-NULL-MD5";
- reference
- "RFC 5246:
- The Transport Layer Security (TLS) Protocol Version 1.2";
- }
-
- identity tls-rsa-with-null-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-RSA-WITH-NULL-SHA";
- reference
- "RFC 5246:
- The Transport Layer Security (TLS) Protocol Version 1.2";
- }
-
- identity tls-rsa-export-with-rc4-40-md5 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-RSA-EXPORT-WITH-RC4-40-MD5";
- reference
- "RFC 4346:
- The TLS Protocol Version 1.1
- RFC 6347:
- Datagram Transport Layer Security version 1.2";
- }
-
- identity tls-rsa-with-rc4-128-md5 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-RSA-WITH-RC4-128-MD5";
- reference
- "RFC 5246:
- The Transport Layer Security (TLS) Protocol Version 1.2
- RFC 6347:
- Datagram Transport Layer Security version 1.2";
- }
-
- identity tls-rsa-with-rc4-128-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-RSA-WITH-RC4-128-SHA";
- reference
- "RFC 5246:
- The Transport Layer Security (TLS) Protocol Version 1.2
- RFC 6347:
- Datagram Transport Layer Security version 1.2";
- }
-
- identity tls-rsa-export-with-rc2-cbc-40-md5 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-RSA-EXPORT-WITH-RC2-CBC-40-MD5";
- reference
- "RFC 4346:
- The TLS Protocol Version 1.1";
- }
-
- identity tls-rsa-with-idea-cbc-sha {
- base cipher-suite-alg-base;
- status obsolete;
- description
- "TLS-RSA-WITH-IDEA-CBC-SHA";
- reference
- "RFC 5469:
- DES and IDEA Cipher Suites for
- Transport Layer Security (TLS)
- RFC 5469:
- DES and IDEA Cipher Suites for
- Transport Layer Security (TLS)";
- }
-
- identity tls-rsa-export-with-des40-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-RSA-EXPORT-WITH-DES40-CBC-SHA";
- reference
- "RFC 4346:
- The TLS Protocol Version 1.1";
- }
-
- identity tls-rsa-with-des-cbc-sha {
- base cipher-suite-alg-base;
- status obsolete;
- description
- "TLS-RSA-WITH-DES-CBC-SHA";
- reference
- "RFC 5469:
- DES and IDEA Cipher Suites for
- Transport Layer Security (TLS)
- RFC 5469:
- DES and IDEA Cipher Suites for
- Transport Layer Security (TLS)";
- }
-
- identity tls-rsa-with-3des-ede-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-RSA-WITH-3DES-EDE-CBC-SHA";
- reference
- "RFC 5246:
- The Transport Layer Security (TLS) Protocol Version 1.2";
- }
-
- identity tls-dh-dss-export-with-des40-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-DSS-EXPORT-WITH-DES40-CBC-SHA";
- reference
- "RFC 4346:
- The TLS Protocol Version 1.1";
- }
-
- identity tls-dh-dss-with-des-cbc-sha {
- base cipher-suite-alg-base;
- status obsolete;
- description
- "TLS-DH-DSS-WITH-DES-CBC-SHA";
- reference
- "RFC 5469:
- DES and IDEA Cipher Suites for
- Transport Layer Security (TLS)
- RFC 5469:
- DES and IDEA Cipher Suites for
- Transport Layer Security (TLS)";
- }
-
- identity tls-dh-dss-with-3des-ede-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-DSS-WITH-3DES-EDE-CBC-SHA";
- reference
- "RFC 5246:
- The Transport Layer Security (TLS) Protocol Version 1.2";
- }
-
- identity tls-dh-rsa-export-with-des40-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-RSA-EXPORT-WITH-DES40-CBC-SHA";
- reference
- "RFC 4346:
- The TLS Protocol Version 1.1";
- }
-
- identity tls-dh-rsa-with-des-cbc-sha {
- base cipher-suite-alg-base;
- status obsolete;
- description
- "TLS-DH-RSA-WITH-DES-CBC-SHA";
- reference
- "RFC 5469:
- DES and IDEA Cipher Suites for
- Transport Layer Security (TLS)
- RFC 5469:
- DES and IDEA Cipher Suites for
- Transport Layer Security (TLS)";
- }
-
- identity tls-dh-rsa-with-3des-ede-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-RSA-WITH-3DES-EDE-CBC-SHA";
- reference
- "RFC 5246:
- The Transport Layer Security (TLS) Protocol Version 1.2";
- }
-
- identity tls-dhe-dss-export-with-des40-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-DSS-EXPORT-WITH-DES40-CBC-SHA";
- reference
- "RFC 4346:
- The TLS Protocol Version 1.1";
- }
-
- identity tls-dhe-dss-with-des-cbc-sha {
- base cipher-suite-alg-base;
- status obsolete;
- description
- "TLS-DHE-DSS-WITH-DES-CBC-SHA";
- reference
- "RFC 5469:
- DES and IDEA Cipher Suites for
- Transport Layer Security (TLS)
- RFC 5469:
- DES and IDEA Cipher Suites for
- Transport Layer Security (TLS)";
- }
-
- identity tls-dhe-dss-with-3des-ede-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-DSS-WITH-3DES-EDE-CBC-SHA";
- reference
- "RFC 5246:
- The Transport Layer Security (TLS) Protocol Version 1.2";
- }
-
- identity tls-dhe-rsa-export-with-des40-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-RSA-EXPORT-WITH-DES40-CBC-SHA";
- reference
- "RFC 4346:
- The TLS Protocol Version 1.1";
- }
-
- identity tls-dhe-rsa-with-des-cbc-sha {
- base cipher-suite-alg-base;
- status obsolete;
- description
- "TLS-DHE-RSA-WITH-DES-CBC-SHA";
- reference
- "RFC 5469:
- DES and IDEA Cipher Suites for
- Transport Layer Security (TLS)
- RFC 5469:
- DES and IDEA Cipher Suites for
- Transport Layer Security (TLS)";
- }
-
- identity tls-dhe-rsa-with-3des-ede-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA";
- reference
- "RFC 5246:
- The Transport Layer Security (TLS) Protocol Version 1.2";
- }
-
- identity tls-dh-anon-export-with-rc4-40-md5 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-ANON-EXPORT-WITH-RC4-40-MD5";
- reference
- "RFC 4346:
- The TLS Protocol Version 1.1
- RFC 6347:
- Datagram Transport Layer Security version 1.2";
- }
-
- identity tls-dh-anon-with-rc4-128-md5 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-ANON-WITH-RC4-128-MD5";
- reference
- "RFC 5246:
- The Transport Layer Security (TLS) Protocol Version 1.2
- RFC 6347:
- Datagram Transport Layer Security version 1.2";
- }
-
- identity tls-dh-anon-export-with-des40-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-ANON-EXPORT-WITH-DES40-CBC-SHA";
- reference
- "RFC 4346:
- The TLS Protocol Version 1.1";
- }
-
- identity tls-dh-anon-with-des-cbc-sha {
- base cipher-suite-alg-base;
- status obsolete;
- description
- "TLS-DH-ANON-WITH-DES-CBC-SHA";
- reference
- "RFC 5469:
- DES and IDEA Cipher Suites for
- Transport Layer Security (TLS)
- RFC 5469:
- DES and IDEA Cipher Suites for
- Transport Layer Security (TLS)";
- }
-
- identity tls-dh-anon-with-3des-ede-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-ANON-WITH-3DES-EDE-CBC-SHA";
- reference
- "RFC 5246:
- The Transport Layer Security (TLS) Protocol Version 1.2";
- }
-
- identity tls-krb5-with-des-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-KRB5-WITH-DES-CBC-SHA";
- reference
- "RFC 2712:
- Addition of Kerberos Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-krb5-with-3des-ede-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-KRB5-WITH-3DES-EDE-CBC-SHA";
- reference
- "RFC 2712:
- Addition of Kerberos Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-krb5-with-rc4-128-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-KRB5-WITH-RC4-128-SHA";
- reference
- "RFC 2712:
- Addition of Kerberos Cipher Suites to
- Transport Layer Security (TLS)
- RFC 6347:
- Datagram Transport Layer Security version 1.2";
- }
-
- identity tls-krb5-with-idea-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-KRB5-WITH-IDEA-CBC-SHA";
- reference
- "RFC 2712:
- Addition of Kerberos Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-krb5-with-des-cbc-md5 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-KRB5-WITH-DES-CBC-MD5";
- reference
- "RFC 2712:
- Addition of Kerberos Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-krb5-with-3des-ede-cbc-md5 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-KRB5-WITH-3DES-EDE-CBC-MD5";
- reference
- "RFC 2712:
- Addition of Kerberos Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-krb5-with-rc4-128-md5 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-KRB5-WITH-RC4-128-MD5";
- reference
- "RFC 2712:
- Addition of Kerberos Cipher Suites to
- Transport Layer Security (TLS)
- RFC 6347:
- Datagram Transport Layer Security version 1.2";
- }
-
- identity tls-krb5-with-idea-cbc-md5 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-KRB5-WITH-IDEA-CBC-MD5";
- reference
- "RFC 2712:
- Addition of Kerberos Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-krb5-export-with-des-cbc-40-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-KRB5-EXPORT-WITH-DES-CBC-40-SHA";
- reference
- "RFC 2712:
- Addition of Kerberos Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-krb5-export-with-rc2-cbc-40-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-KRB5-EXPORT-WITH-RC2-CBC-40-SHA";
- reference
- "RFC 2712:
- Addition of Kerberos Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-krb5-export-with-rc4-40-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-KRB5-EXPORT-WITH-RC4-40-SHA";
- reference
- "RFC 2712:
- Addition of Kerberos Cipher Suites to
- Transport Layer Security (TLS)
- RFC 6347:
- Datagram Transport Layer Security version 1.2";
- }
-
- identity tls-krb5-export-with-des-cbc-40-md5 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-KRB5-EXPORT-WITH-DES-CBC-40-MD5";
- reference
- "RFC 2712:
- Addition of Kerberos Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-krb5-export-with-rc2-cbc-40-md5 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-KRB5-EXPORT-WITH-RC2-CBC-40-MD5";
- reference
- "RFC 2712:
- Addition of Kerberos Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-krb5-export-with-rc4-40-md5 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-KRB5-EXPORT-WITH-RC4-40-MD5";
- reference
- "RFC 2712:
- Addition of Kerberos Cipher Suites to
- Transport Layer Security (TLS)
- RFC 6347:
- Datagram Transport Layer Security version 1.2";
- }
-
- identity tls-psk-with-null-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-PSK-WITH-NULL-SHA";
- reference
- "RFC 4785:
- Pre-Shared Key Cipher Suites with NULL Encryption for
- Transport Layer Security (TLS)";
- }
-
- identity tls-dhe-psk-with-null-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-PSK-WITH-NULL-SHA";
- reference
- "RFC 4785:
- Pre-Shared Key Cipher Suites with NULL Encryption for
- Transport Layer Security (TLS)";
- }
-
- identity tls-rsa-psk-with-null-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-RSA-PSK-WITH-NULL-SHA";
- reference
- "RFC 4785:
- Pre-Shared Key Cipher Suites with NULL Encryption for
- Transport Layer Security (TLS)";
- }
-
- identity tls-rsa-with-aes-128-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-RSA-WITH-AES-128-CBC-SHA";
- reference
- "RFC 5246:
- The Transport Layer Security (TLS) Protocol Version 1.2";
- }
-
- identity tls-dh-dss-with-aes-128-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-DSS-WITH-AES-128-CBC-SHA";
- reference
- "RFC 5246:
- The Transport Layer Security (TLS) Protocol Version 1.2";
- }
-
- identity tls-dh-rsa-with-aes-128-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-RSA-WITH-AES-128-CBC-SHA";
- reference
- "RFC 5246:
- The Transport Layer Security (TLS) Protocol Version 1.2";
- }
-
- identity tls-dhe-dss-with-aes-128-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-DSS-WITH-AES-128-CBC-SHA";
- reference
- "RFC 5246:
- The Transport Layer Security (TLS) Protocol Version 1.2";
- }
-
- identity tls-dhe-rsa-with-aes-128-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-RSA-WITH-AES-128-CBC-SHA";
- reference
- "RFC 5246:
- The Transport Layer Security (TLS) Protocol Version 1.2";
- }
-
- identity tls-dh-anon-with-aes-128-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-ANON-WITH-AES-128-CBC-SHA";
- reference
- "RFC 5246:
- The Transport Layer Security (TLS) Protocol Version 1.2";
- }
-
- identity tls-rsa-with-aes-256-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-RSA-WITH-AES-256-CBC-SHA";
- reference
- "RFC 5246:
- The Transport Layer Security (TLS) Protocol Version 1.2";
- }
-
- identity tls-dh-dss-with-aes-256-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-DSS-WITH-AES-256-CBC-SHA";
- reference
- "RFC 5246:
- The Transport Layer Security (TLS) Protocol Version 1.2";
- }
-
- identity tls-dh-rsa-with-aes-256-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-RSA-WITH-AES-256-CBC-SHA";
- reference
- "RFC 5246:
- The Transport Layer Security (TLS) Protocol Version 1.2";
- }
-
- identity tls-dhe-dss-with-aes-256-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-DSS-WITH-AES-256-CBC-SHA";
- reference
- "RFC 5246:
- The Transport Layer Security (TLS) Protocol Version 1.2";
- }
-
- identity tls-dhe-rsa-with-aes-256-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-RSA-WITH-AES-256-CBC-SHA";
- reference
- "RFC 5246:
- The Transport Layer Security (TLS) Protocol Version 1.2";
- }
-
- identity tls-dh-anon-with-aes-256-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-ANON-WITH-AES-256-CBC-SHA";
- reference
- "RFC 5246:
- The Transport Layer Security (TLS) Protocol Version 1.2";
- }
-
- identity tls-rsa-with-null-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-RSA-WITH-NULL-SHA256";
- reference
- "RFC 5246:
- The Transport Layer Security (TLS) Protocol Version 1.2";
- }
-
- identity tls-rsa-with-aes-128-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-RSA-WITH-AES-128-CBC-SHA256";
- reference
- "RFC 5246:
- The Transport Layer Security (TLS) Protocol Version 1.2";
- }
-
- identity tls-rsa-with-aes-256-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-RSA-WITH-AES-256-CBC-SHA256";
- reference
- "RFC 5246:
- The Transport Layer Security (TLS) Protocol Version 1.2";
- }
-
- identity tls-dh-dss-with-aes-128-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-DSS-WITH-AES-128-CBC-SHA256";
- reference
- "RFC 5246:
- The Transport Layer Security (TLS) Protocol Version 1.2";
- }
-
- identity tls-dh-rsa-with-aes-128-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-RSA-WITH-AES-128-CBC-SHA256";
- reference
- "RFC 5246:
- The Transport Layer Security (TLS) Protocol Version 1.2";
- }
-
- identity tls-dhe-dss-with-aes-128-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-DSS-WITH-AES-128-CBC-SHA256";
- reference
- "RFC 5246:
- The Transport Layer Security (TLS) Protocol Version 1.2";
- }
-
- identity tls-rsa-with-camellia-128-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA";
- reference
- "RFC 5932:
- Camellia Cipher Suites for TLS";
- }
-
- identity tls-dh-dss-with-camellia-128-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-DSS-WITH-CAMELLIA-128-CBC-SHA";
- reference
- "RFC 5932:
- Camellia Cipher Suites for TLS";
- }
-
- identity tls-dh-rsa-with-camellia-128-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-RSA-WITH-CAMELLIA-128-CBC-SHA";
- reference
- "RFC 5932:
- Camellia Cipher Suites for TLS";
- }
-
- identity tls-dhe-dss-with-camellia-128-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA";
- reference
- "RFC 5932:
- Camellia Cipher Suites for TLS";
- }
-
- identity tls-dhe-rsa-with-camellia-128-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA";
- reference
- "RFC 5932:
- Camellia Cipher Suites for TLS";
- }
-
- identity tls-dh-anon-with-camellia-128-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-ANON-WITH-CAMELLIA-128-CBC-SHA";
- reference
- "RFC 5932:
- Camellia Cipher Suites for TLS";
- }
-
- identity tls-dhe-rsa-with-aes-128-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256";
- reference
- "RFC 5246:
- The Transport Layer Security (TLS) Protocol Version 1.2";
- }
-
- identity tls-dh-dss-with-aes-256-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-DSS-WITH-AES-256-CBC-SHA256";
- reference
- "RFC 5246:
- The Transport Layer Security (TLS) Protocol Version 1.2";
- }
-
- identity tls-dh-rsa-with-aes-256-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-RSA-WITH-AES-256-CBC-SHA256";
- reference
- "RFC 5246:
- The Transport Layer Security (TLS) Protocol Version 1.2";
- }
-
- identity tls-dhe-dss-with-aes-256-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-DSS-WITH-AES-256-CBC-SHA256";
- reference
- "RFC 5246:
- The Transport Layer Security (TLS) Protocol Version 1.2";
- }
-
- identity tls-dhe-rsa-with-aes-256-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-RSA-WITH-AES-256-CBC-SHA256";
- reference
- "RFC 5246:
- The Transport Layer Security (TLS) Protocol Version 1.2";
- }
-
- identity tls-dh-anon-with-aes-128-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-ANON-WITH-AES-128-CBC-SHA256";
- reference
- "RFC 5246:
- The Transport Layer Security (TLS) Protocol Version 1.2";
- }
-
- identity tls-dh-anon-with-aes-256-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-ANON-WITH-AES-256-CBC-SHA256";
- reference
- "RFC 5246:
- The Transport Layer Security (TLS) Protocol Version 1.2";
- }
-
- identity tls-rsa-with-camellia-256-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA";
- reference
- "RFC 5932:
- Camellia Cipher Suites for TLS";
- }
-
- identity tls-dh-dss-with-camellia-256-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-DSS-WITH-CAMELLIA-256-CBC-SHA";
- reference
- "RFC 5932:
- Camellia Cipher Suites for TLS";
- }
-
- identity tls-dh-rsa-with-camellia-256-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-RSA-WITH-CAMELLIA-256-CBC-SHA";
- reference
- "RFC 5932:
- Camellia Cipher Suites for TLS";
- }
-
- identity tls-dhe-dss-with-camellia-256-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA";
- reference
- "RFC 5932:
- Camellia Cipher Suites for TLS";
- }
-
- identity tls-dhe-rsa-with-camellia-256-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA";
- reference
- "RFC 5932:
- Camellia Cipher Suites for TLS";
- }
-
- identity tls-dh-anon-with-camellia-256-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-ANON-WITH-CAMELLIA-256-CBC-SHA";
- reference
- "RFC 5932:
- Camellia Cipher Suites for TLS";
- }
-
- identity tls-psk-with-rc4-128-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-PSK-WITH-RC4-128-SHA";
- reference
- "RFC 4279:
- Pre-Shared Key Ciphersuites for
- Transport Layer Security (TLS)
- RFC 6347:
- Datagram Transport Layer Security version 1.2";
- }
-
- identity tls-psk-with-3des-ede-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-PSK-WITH-3DES-EDE-CBC-SHA";
- reference
- "RFC 4279:
- Pre-Shared Key Ciphersuites for
- Transport Layer Security (TLS)";
- }
-
- identity tls-psk-with-aes-128-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-PSK-WITH-AES-128-CBC-SHA";
- reference
- "RFC 4279:
- Pre-Shared Key Ciphersuites for
- Transport Layer Security (TLS)";
- }
-
- identity tls-psk-with-aes-256-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-PSK-WITH-AES-256-CBC-SHA";
- reference
- "RFC 4279:
- Pre-Shared Key Ciphersuites for
- Transport Layer Security (TLS)";
- }
-
- identity tls-dhe-psk-with-rc4-128-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-PSK-WITH-RC4-128-SHA";
- reference
- "RFC 4279:
- Pre-Shared Key Ciphersuites for
- Transport Layer Security (TLS)
- RFC 6347:
- Datagram Transport Layer Security version 1.2";
- }
-
- identity tls-dhe-psk-with-3des-ede-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA";
- reference
- "RFC 4279:
- Pre-Shared Key Ciphersuites for
- Transport Layer Security (TLS)";
- }
-
- identity tls-dhe-psk-with-aes-128-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-PSK-WITH-AES-128-CBC-SHA";
- reference
- "RFC 4279:
- Pre-Shared Key Ciphersuites for
- Transport Layer Security (TLS)";
- }
-
- identity tls-dhe-psk-with-aes-256-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-PSK-WITH-AES-256-CBC-SHA";
- reference
- "RFC 4279:
- Pre-Shared Key Ciphersuites for
- Transport Layer Security (TLS)";
- }
-
- identity tls-rsa-psk-with-rc4-128-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-RSA-PSK-WITH-RC4-128-SHA";
- reference
- "RFC 4279:
- Pre-Shared Key Ciphersuites for
- Transport Layer Security (TLS)
- RFC 6347:
- Datagram Transport Layer Security version 1.2";
- }
-
- identity tls-rsa-psk-with-3des-ede-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA";
- reference
- "RFC 4279:
- Pre-Shared Key Ciphersuites for
- Transport Layer Security (TLS)";
- }
-
- identity tls-rsa-psk-with-aes-128-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-RSA-PSK-WITH-AES-128-CBC-SHA";
- reference
- "RFC 4279:
- Pre-Shared Key Ciphersuites for
- Transport Layer Security (TLS)";
- }
-
- identity tls-rsa-psk-with-aes-256-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-RSA-PSK-WITH-AES-256-CBC-SHA";
- reference
- "RFC 4279:
- Pre-Shared Key Ciphersuites for
- Transport Layer Security (TLS)";
- }
-
- identity tls-rsa-with-seed-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-RSA-WITH-SEED-CBC-SHA";
- reference
- "RFC 4162:
- Addition of SEED Ciphersuites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-dh-dss-with-seed-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-DSS-WITH-SEED-CBC-SHA";
- reference
- "RFC 4162:
- Addition of SEED Ciphersuites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-dh-rsa-with-seed-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-RSA-WITH-SEED-CBC-SHA";
- reference
- "RFC 4162:
- Addition of SEED Ciphersuites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-dhe-dss-with-seed-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-DSS-WITH-SEED-CBC-SHA";
- reference
- "RFC 4162:
- Addition of SEED Ciphersuites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-dhe-rsa-with-seed-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-RSA-WITH-SEED-CBC-SHA";
- reference
- "RFC 4162:
- Addition of SEED Ciphersuites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-dh-anon-with-seed-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-ANON-WITH-SEED-CBC-SHA";
- reference
- "RFC 4162:
- Addition of SEED Ciphersuites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-rsa-with-aes-128-gcm-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-RSA-WITH-AES-128-GCM-SHA256";
- reference
- "RFC 5288:
- AES-GCM Cipher Suites for TLS";
- }
-
- identity tls-rsa-with-aes-256-gcm-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-RSA-WITH-AES-256-GCM-SHA384";
- reference
- "RFC 5288:
- AES-GCM Cipher Suites for TLS";
- }
-
- identity tls-dhe-rsa-with-aes-128-gcm-sha256 {
- base cipher-suite-alg-base;
- description
- "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256";
- reference
- "RFC 5288:
- AES-GCM Cipher Suites for TLS";
- }
-
- identity tls-dhe-rsa-with-aes-256-gcm-sha384 {
- base cipher-suite-alg-base;
- description
- "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384";
- reference
- "RFC 5288:
- AES-GCM Cipher Suites for TLS";
- }
-
- identity tls-dh-rsa-with-aes-128-gcm-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-RSA-WITH-AES-128-GCM-SHA256";
- reference
- "RFC 5288:
- AES-GCM Cipher Suites for TLS";
- }
-
- identity tls-dh-rsa-with-aes-256-gcm-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-RSA-WITH-AES-256-GCM-SHA384";
- reference
- "RFC 5288:
- AES-GCM Cipher Suites for TLS";
- }
-
- identity tls-dhe-dss-with-aes-128-gcm-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-DSS-WITH-AES-128-GCM-SHA256";
- reference
- "RFC 5288:
- AES-GCM Cipher Suites for TLS";
- }
-
- identity tls-dhe-dss-with-aes-256-gcm-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-DSS-WITH-AES-256-GCM-SHA384";
- reference
- "RFC 5288:
- AES-GCM Cipher Suites for TLS";
- }
-
- identity tls-dh-dss-with-aes-128-gcm-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-DSS-WITH-AES-128-GCM-SHA256";
- reference
- "RFC 5288:
- AES-GCM Cipher Suites for TLS";
- }
-
- identity tls-dh-dss-with-aes-256-gcm-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-DSS-WITH-AES-256-GCM-SHA384";
- reference
- "RFC 5288:
- AES-GCM Cipher Suites for TLS";
- }
-
- identity tls-dh-anon-with-aes-128-gcm-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-ANON-WITH-AES-128-GCM-SHA256";
- reference
- "RFC 5288:
- AES-GCM Cipher Suites for TLS";
- }
-
- identity tls-dh-anon-with-aes-256-gcm-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-ANON-WITH-AES-256-GCM-SHA384";
- reference
- "RFC 5288:
- AES-GCM Cipher Suites for TLS";
- }
-
- identity tls-psk-with-aes-128-gcm-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-PSK-WITH-AES-128-GCM-SHA256";
- reference
- "RFC 5487:
- Pre-Shared Key Cipher Suites for Transport Layer Security
- (TLS) with SHA-256/384 and AES Galois Counter Mode";
- }
-
- identity tls-psk-with-aes-256-gcm-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-PSK-WITH-AES-256-GCM-SHA384";
- reference
- "RFC 5487:
- Pre-Shared Key Cipher Suites for Transport Layer Security
- (TLS) with SHA-256/384 and AES Galois Counter Mode";
- }
-
- identity tls-dhe-psk-with-aes-128-gcm-sha256 {
- base cipher-suite-alg-base;
- description
- "TLS-DHE-PSK-WITH-AES-128-GCM-SHA256";
- reference
- "RFC 5487:
- Pre-Shared Key Cipher Suites for Transport Layer Security
- (TLS) with SHA-256/384 and AES Galois Counter Mode";
- }
-
- identity tls-dhe-psk-with-aes-256-gcm-sha384 {
- base cipher-suite-alg-base;
- description
- "TLS-DHE-PSK-WITH-AES-256-GCM-SHA384";
- reference
- "RFC 5487:
- Pre-Shared Key Cipher Suites for Transport Layer Security
- (TLS) with SHA-256/384 and AES Galois Counter Mode";
- }
-
- identity tls-rsa-psk-with-aes-128-gcm-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-RSA-PSK-WITH-AES-128-GCM-SHA256";
- reference
- "RFC 5487:
- Pre-Shared Key Cipher Suites for Transport Layer Security
- (TLS) with SHA-256/384 and AES Galois Counter Mode";
- }
-
- identity tls-rsa-psk-with-aes-256-gcm-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-RSA-PSK-WITH-AES-256-GCM-SHA384";
- reference
- "RFC 5487:
- Pre-Shared Key Cipher Suites for Transport Layer Security
- (TLS) with SHA-256/384 and AES Galois Counter Mode";
- }
-
- identity tls-psk-with-aes-128-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-PSK-WITH-AES-128-CBC-SHA256";
- reference
- "RFC 5487:
- Pre-Shared Key Cipher Suites for Transport Layer Security
- (TLS) with SHA-256/384 and AES Galois Counter Mode";
- }
-
- identity tls-psk-with-aes-256-cbc-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-PSK-WITH-AES-256-CBC-SHA384";
- reference
- "RFC 5487:
- Pre-Shared Key Cipher Suites for Transport Layer Security
- (TLS) with SHA-256/384 and AES Galois Counter Mode";
- }
-
- identity tls-psk-with-null-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-PSK-WITH-NULL-SHA256";
- reference
- "RFC 5487:
- Pre-Shared Key Cipher Suites for Transport Layer Security
- (TLS) with SHA-256/384 and AES Galois Counter Mode";
- }
-
- identity tls-psk-with-null-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-PSK-WITH-NULL-SHA384";
- reference
- "RFC 5487:
- Pre-Shared Key Cipher Suites for Transport Layer Security
- (TLS) with SHA-256/384 and AES Galois Counter Mode";
- }
-
- identity tls-dhe-psk-with-aes-128-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-PSK-WITH-AES-128-CBC-SHA256";
- reference
- "RFC 5487:
- Pre-Shared Key Cipher Suites for Transport Layer Security
- (TLS) with SHA-256/384 and AES Galois Counter Mode";
- }
-
- identity tls-dhe-psk-with-aes-256-cbc-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-PSK-WITH-AES-256-CBC-SHA384";
- reference
- "RFC 5487:
- Pre-Shared Key Cipher Suites for Transport Layer Security
- (TLS) with SHA-256/384 and AES Galois Counter Mode";
- }
-
- identity tls-dhe-psk-with-null-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-PSK-WITH-NULL-SHA256";
- reference
- "RFC 5487:
- Pre-Shared Key Cipher Suites for Transport Layer Security
- (TLS) with SHA-256/384 and AES Galois Counter Mode";
- }
-
- identity tls-dhe-psk-with-null-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-PSK-WITH-NULL-SHA384";
- reference
- "RFC 5487:
- Pre-Shared Key Cipher Suites for Transport Layer Security
- (TLS) with SHA-256/384 and AES Galois Counter Mode";
- }
-
- identity tls-rsa-psk-with-aes-128-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-RSA-PSK-WITH-AES-128-CBC-SHA256";
- reference
- "RFC 5487:
- Pre-Shared Key Cipher Suites for Transport Layer Security
- (TLS) with SHA-256/384 and AES Galois Counter Mode";
- }
-
- identity tls-rsa-psk-with-aes-256-cbc-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-RSA-PSK-WITH-AES-256-CBC-SHA384";
- reference
- "RFC 5487:
- Pre-Shared Key Cipher Suites for Transport Layer Security
- (TLS) with SHA-256/384 and AES Galois Counter Mode";
- }
-
- identity tls-rsa-psk-with-null-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-RSA-PSK-WITH-NULL-SHA256";
- reference
- "RFC 5487:
- Pre-Shared Key Cipher Suites for Transport Layer Security
- (TLS) with SHA-256/384 and AES Galois Counter Mode";
- }
-
- identity tls-rsa-psk-with-null-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-RSA-PSK-WITH-NULL-SHA384";
- reference
- "RFC 5487:
- Pre-Shared Key Cipher Suites for Transport Layer Security
- (TLS) with SHA-256/384 and AES Galois Counter Mode";
- }
-
- identity tls-rsa-with-camellia-128-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256";
- reference
- "RFC 5932:
- Camellia Cipher Suites for TLS";
- }
-
- identity tls-dh-dss-with-camellia-128-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-DSS-WITH-CAMELLIA-128-CBC-SHA256";
- reference
- "RFC 5932:
- Camellia Cipher Suites for TLS";
- }
-
- identity tls-dh-rsa-with-camellia-128-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-RSA-WITH-CAMELLIA-128-CBC-SHA256";
- reference
- "RFC 5932:
- Camellia Cipher Suites for TLS";
- }
-
- identity tls-dhe-dss-with-camellia-128-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA256";
- reference
- "RFC 5932:
- Camellia Cipher Suites for TLS";
- }
-
- identity tls-dhe-rsa-with-camellia-128-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256";
- reference
- "RFC 5932:
- Camellia Cipher Suites for TLS";
- }
-
- identity tls-dh-anon-with-camellia-128-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-ANON-WITH-CAMELLIA-128-CBC-SHA256";
- reference
- "RFC 5932:
- Camellia Cipher Suites for TLS";
- }
-
- identity tls-rsa-with-camellia-256-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256";
- reference
- "RFC 5932:
- Camellia Cipher Suites for TLS";
- }
-
- identity tls-dh-dss-with-camellia-256-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-DSS-WITH-CAMELLIA-256-CBC-SHA256";
- reference
- "RFC 5932:
- Camellia Cipher Suites for TLS";
- }
-
- identity tls-dh-rsa-with-camellia-256-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-RSA-WITH-CAMELLIA-256-CBC-SHA256";
- reference
- "RFC 5932:
- Camellia Cipher Suites for TLS";
- }
-
- identity tls-dhe-dss-with-camellia-256-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA256";
- reference
- "RFC 5932:
- Camellia Cipher Suites for TLS";
- }
-
- identity tls-dhe-rsa-with-camellia-256-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256";
- reference
- "RFC 5932:
- Camellia Cipher Suites for TLS";
- }
-
- identity tls-dh-anon-with-camellia-256-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-ANON-WITH-CAMELLIA-256-CBC-SHA256";
- reference
- "RFC 5932:
- Camellia Cipher Suites for TLS";
- }
-
- identity tls-sm4-gcm-sm3 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-SM4-GCM-SM3";
- reference
- "RFC 8998:
- ShangMi (SM) Cipher Suites for Transport Layer Security
- (TLS) Protocol Version 1.3";
- }
-
- identity tls-sm4-ccm-sm3 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-SM4-CCM-SM3";
- reference
- "RFC 8998:
- ShangMi (SM) Cipher Suites for Transport Layer Security
- (TLS) Protocol Version 1.3";
- }
-
- identity tls-empty-renegotiation-info-scsv {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-EMPTY-RENEGOTIATION-INFO-SCSV";
- reference
- "RFC 5746:
- Transport Layer Security (TLS)
- Renegotiation Indication Extension";
- }
-
- identity tls-aes-128-gcm-sha256 {
- base cipher-suite-alg-base;
- description
- "TLS-AES-128-GCM-SHA256";
- reference
- "RFC 8446:
- The Transport Layer Security (TLS) Protocol Version 1.3";
- }
-
- identity tls-aes-256-gcm-sha384 {
- base cipher-suite-alg-base;
- description
- "TLS-AES-256-GCM-SHA384";
- reference
- "RFC 8446:
- The Transport Layer Security (TLS) Protocol Version 1.3";
- }
-
- identity tls-chacha20-poly1305-sha256 {
- base cipher-suite-alg-base;
- description
- "TLS-CHACHA20-POLY1305-SHA256";
- reference
- "RFC 8446:
- The Transport Layer Security (TLS) Protocol Version 1.3";
- }
-
- identity tls-aes-128-ccm-sha256 {
- base cipher-suite-alg-base;
- description
- "TLS-AES-128-CCM-SHA256";
- reference
- "RFC 8446:
- The Transport Layer Security (TLS) Protocol Version 1.3";
- }
-
- identity tls-aes-128-ccm-8-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-AES-128-CCM-8-SHA256";
- reference
- "RFC 8446:
- The Transport Layer Security (TLS) Protocol Version 1.3";
- }
-
- identity tls-fallback-scsv {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-FALLBACK-SCSV";
- reference
- "RFC 7507:
- TLS Fallback Signaling Cipher Suite Value (SCSV)
- for Preventing Protocol Downgrade Attacks";
- }
-
- identity tls-ecdh-ecdsa-with-null-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDH-ECDSA-WITH-NULL-SHA";
- reference
- "RFC 8422:
- Elliptic Curve Cryptography (ECC) Cipher Suites for
- Transport Layer Security (TLS) Versions 1.2 and Earlier";
- }
-
- identity tls-ecdh-ecdsa-with-rc4-128-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDH-ECDSA-WITH-RC4-128-SHA";
- reference
- "RFC 8422:
- Elliptic Curve Cryptography (ECC) Cipher Suites for
- Transport Layer Security (TLS) Versions 1.2 and Earlier
- RFC 6347:
- Datagram Transport Layer Security version 1.2";
- }
-
- identity tls-ecdh-ecdsa-with-3des-ede-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDH-ECDSA-WITH-3DES-EDE-CBC-SHA";
- reference
- "RFC 8422:
- Elliptic Curve Cryptography (ECC) Cipher Suites for
- Transport Layer Security (TLS) Versions 1.2 and Earlier";
- }
-
- identity tls-ecdh-ecdsa-with-aes-128-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA";
- reference
- "RFC 8422:
- Elliptic Curve Cryptography (ECC) Cipher Suites for
- Transport Layer Security (TLS) Versions 1.2 and Earlier";
- }
-
- identity tls-ecdh-ecdsa-with-aes-256-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA";
- reference
- "RFC 8422:
- Elliptic Curve Cryptography (ECC) Cipher Suites for
- Transport Layer Security (TLS) Versions 1.2 and Earlier";
- }
-
- identity tls-ecdhe-ecdsa-with-null-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDHE-ECDSA-WITH-NULL-SHA";
- reference
- "RFC 8422:
- Elliptic Curve Cryptography (ECC) Cipher Suites for
- Transport Layer Security (TLS) Versions 1.2 and Earlier";
- }
-
- identity tls-ecdhe-ecdsa-with-rc4-128-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDHE-ECDSA-WITH-RC4-128-SHA";
- reference
- "RFC 8422:
- Elliptic Curve Cryptography (ECC) Cipher Suites for
- Transport Layer Security (TLS) Versions 1.2 and Earlier
- RFC 6347:
- Datagram Transport Layer Security version 1.2";
- }
-
- identity tls-ecdhe-ecdsa-with-3des-ede-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA";
- reference
- "RFC 8422:
- Elliptic Curve Cryptography (ECC) Cipher Suites for
- Transport Layer Security (TLS) Versions 1.2 and Earlier";
- }
-
- identity tls-ecdhe-ecdsa-with-aes-128-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA";
- reference
- "RFC 8422:
- Elliptic Curve Cryptography (ECC) Cipher Suites for
- Transport Layer Security (TLS) Versions 1.2 and Earlier";
- }
-
- identity tls-ecdhe-ecdsa-with-aes-256-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA";
- reference
- "RFC 8422:
- Elliptic Curve Cryptography (ECC) Cipher Suites for
- Transport Layer Security (TLS) Versions 1.2 and Earlier";
- }
-
- identity tls-ecdh-rsa-with-null-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDH-RSA-WITH-NULL-SHA";
- reference
- "RFC 8422:
- Elliptic Curve Cryptography (ECC) Cipher Suites for
- Transport Layer Security (TLS) Versions 1.2 and Earlier";
- }
-
- identity tls-ecdh-rsa-with-rc4-128-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDH-RSA-WITH-RC4-128-SHA";
- reference
- "RFC 8422:
- Elliptic Curve Cryptography (ECC) Cipher Suites for
- Transport Layer Security (TLS) Versions 1.2 and Earlier
- RFC 6347:
- Datagram Transport Layer Security version 1.2";
- }
-
- identity tls-ecdh-rsa-with-3des-ede-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDH-RSA-WITH-3DES-EDE-CBC-SHA";
- reference
- "RFC 8422:
- Elliptic Curve Cryptography (ECC) Cipher Suites for
- Transport Layer Security (TLS) Versions 1.2 and Earlier";
- }
-
- identity tls-ecdh-rsa-with-aes-128-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA";
- reference
- "RFC 8422:
- Elliptic Curve Cryptography (ECC) Cipher Suites for
- Transport Layer Security (TLS) Versions 1.2 and Earlier";
- }
-
- identity tls-ecdh-rsa-with-aes-256-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA";
- reference
- "RFC 8422:
- Elliptic Curve Cryptography (ECC) Cipher Suites for
- Transport Layer Security (TLS) Versions 1.2 and Earlier";
- }
-
- identity tls-ecdhe-rsa-with-null-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDHE-RSA-WITH-NULL-SHA";
- reference
- "RFC 8422:
- Elliptic Curve Cryptography (ECC) Cipher Suites for
- Transport Layer Security (TLS) Versions 1.2 and Earlier";
- }
-
- identity tls-ecdhe-rsa-with-rc4-128-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDHE-RSA-WITH-RC4-128-SHA";
- reference
- "RFC 8422:
- Elliptic Curve Cryptography (ECC) Cipher Suites for
- Transport Layer Security (TLS) Versions 1.2 and Earlier
- RFC 6347:
- Datagram Transport Layer Security version 1.2";
- }
-
- identity tls-ecdhe-rsa-with-3des-ede-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA";
- reference
- "RFC 8422:
- Elliptic Curve Cryptography (ECC) Cipher Suites for
- Transport Layer Security (TLS) Versions 1.2 and Earlier";
- }
-
- identity tls-ecdhe-rsa-with-aes-128-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA";
- reference
- "RFC 8422:
- Elliptic Curve Cryptography (ECC) Cipher Suites for
- Transport Layer Security (TLS) Versions 1.2 and Earlier";
- }
-
- identity tls-ecdhe-rsa-with-aes-256-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA";
- reference
- "RFC 8422:
- Elliptic Curve Cryptography (ECC) Cipher Suites for
- Transport Layer Security (TLS) Versions 1.2 and Earlier";
- }
-
- identity tls-ecdh-anon-with-null-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDH-ANON-WITH-NULL-SHA";
- reference
- "RFC 8422:
- Elliptic Curve Cryptography (ECC) Cipher Suites for
- Transport Layer Security (TLS) Versions 1.2 and Earlier";
- }
-
- identity tls-ecdh-anon-with-rc4-128-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDH-ANON-WITH-RC4-128-SHA";
- reference
- "RFC 8422:
- Elliptic Curve Cryptography (ECC) Cipher Suites for
- Transport Layer Security (TLS) Versions 1.2 and Earlier
- RFC 6347:
- Datagram Transport Layer Security version 1.2";
- }
-
- identity tls-ecdh-anon-with-3des-ede-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDH-ANON-WITH-3DES-EDE-CBC-SHA";
- reference
- "RFC 8422:
- Elliptic Curve Cryptography (ECC) Cipher Suites for
- Transport Layer Security (TLS) Versions 1.2 and Earlier";
- }
-
- identity tls-ecdh-anon-with-aes-128-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDH-ANON-WITH-AES-128-CBC-SHA";
- reference
- "RFC 8422:
- Elliptic Curve Cryptography (ECC) Cipher Suites for
- Transport Layer Security (TLS) Versions 1.2 and Earlier";
- }
-
- identity tls-ecdh-anon-with-aes-256-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDH-ANON-WITH-AES-256-CBC-SHA";
- reference
- "RFC 8422:
- Elliptic Curve Cryptography (ECC) Cipher Suites for
- Transport Layer Security (TLS) Versions 1.2 and Earlier";
- }
-
- identity tls-srp-sha-with-3des-ede-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-SRP-SHA-WITH-3DES-EDE-CBC-SHA";
- reference
- "RFC 5054:
- Using SRP for TLS Authentication";
- }
-
- identity tls-srp-sha-rsa-with-3des-ede-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-SRP-SHA-RSA-WITH-3DES-EDE-CBC-SHA";
- reference
- "RFC 5054:
- Using SRP for TLS Authentication";
- }
-
- identity tls-srp-sha-dss-with-3des-ede-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-SRP-SHA-DSS-WITH-3DES-EDE-CBC-SHA";
- reference
- "RFC 5054:
- Using SRP for TLS Authentication";
- }
-
- identity tls-srp-sha-with-aes-128-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-SRP-SHA-WITH-AES-128-CBC-SHA";
- reference
- "RFC 5054:
- Using SRP for TLS Authentication";
- }
-
- identity tls-srp-sha-rsa-with-aes-128-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-SRP-SHA-RSA-WITH-AES-128-CBC-SHA";
- reference
- "RFC 5054:
- Using SRP for TLS Authentication";
- }
-
- identity tls-srp-sha-dss-with-aes-128-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-SRP-SHA-DSS-WITH-AES-128-CBC-SHA";
- reference
- "RFC 5054:
- Using SRP for TLS Authentication";
- }
-
- identity tls-srp-sha-with-aes-256-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-SRP-SHA-WITH-AES-256-CBC-SHA";
- reference
- "RFC 5054:
- Using SRP for TLS Authentication";
- }
-
- identity tls-srp-sha-rsa-with-aes-256-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-SRP-SHA-RSA-WITH-AES-256-CBC-SHA";
- reference
- "RFC 5054:
- Using SRP for TLS Authentication";
- }
-
- identity tls-srp-sha-dss-with-aes-256-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-SRP-SHA-DSS-WITH-AES-256-CBC-SHA";
- reference
- "RFC 5054:
- Using SRP for TLS Authentication";
- }
-
- identity tls-ecdhe-ecdsa-with-aes-128-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256";
- reference
- "RFC 5289:
- TLS Elliptic Curve Cipher Suites with SHA-256/384
- and AES Galois Counter Mode";
- }
-
- identity tls-ecdhe-ecdsa-with-aes-256-cbc-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384";
- reference
- "RFC 5289:
- TLS Elliptic Curve Cipher Suites with SHA-256/384
- and AES Galois Counter Mode";
- }
-
- identity tls-ecdh-ecdsa-with-aes-128-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256";
- reference
- "RFC 5289:
- TLS Elliptic Curve Cipher Suites with SHA-256/384
- and AES Galois Counter Mode";
- }
-
- identity tls-ecdh-ecdsa-with-aes-256-cbc-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384";
- reference
- "RFC 5289:
- TLS Elliptic Curve Cipher Suites with SHA-256/384
- and AES Galois Counter Mode";
- }
-
- identity tls-ecdhe-rsa-with-aes-128-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256";
- reference
- "RFC 5289:
- TLS Elliptic Curve Cipher Suites with SHA-256/384
- and AES Galois Counter Mode";
- }
-
- identity tls-ecdhe-rsa-with-aes-256-cbc-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384";
- reference
- "RFC 5289:
- TLS Elliptic Curve Cipher Suites with SHA-256/384
- and AES Galois Counter Mode";
- }
-
- identity tls-ecdh-rsa-with-aes-128-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA256";
- reference
- "RFC 5289:
- TLS Elliptic Curve Cipher Suites with SHA-256/384
- and AES Galois Counter Mode";
- }
-
- identity tls-ecdh-rsa-with-aes-256-cbc-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384";
- reference
- "RFC 5289:
- TLS Elliptic Curve Cipher Suites with SHA-256/384
- and AES Galois Counter Mode";
- }
-
- identity tls-ecdhe-ecdsa-with-aes-128-gcm-sha256 {
- base cipher-suite-alg-base;
- description
- "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256";
- reference
- "RFC 5289:
- TLS Elliptic Curve Cipher Suites with SHA-256/384
- and AES Galois Counter Mode";
- }
-
- identity tls-ecdhe-ecdsa-with-aes-256-gcm-sha384 {
- base cipher-suite-alg-base;
- description
- "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384";
- reference
- "RFC 5289:
- TLS Elliptic Curve Cipher Suites with SHA-256/384
- and AES Galois Counter Mode";
- }
-
- identity tls-ecdh-ecdsa-with-aes-128-gcm-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256";
- reference
- "RFC 5289:
- TLS Elliptic Curve Cipher Suites with SHA-256/384
- and AES Galois Counter Mode";
- }
-
- identity tls-ecdh-ecdsa-with-aes-256-gcm-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384";
- reference
- "RFC 5289:
- TLS Elliptic Curve Cipher Suites with SHA-256/384
- and AES Galois Counter Mode";
- }
-
- identity tls-ecdhe-rsa-with-aes-128-gcm-sha256 {
- base cipher-suite-alg-base;
- description
- "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256";
- reference
- "RFC 5289:
- TLS Elliptic Curve Cipher Suites with SHA-256/384
- and AES Galois Counter Mode";
- }
-
- identity tls-ecdhe-rsa-with-aes-256-gcm-sha384 {
- base cipher-suite-alg-base;
- description
- "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384";
- reference
- "RFC 5289:
- TLS Elliptic Curve Cipher Suites with SHA-256/384
- and AES Galois Counter Mode";
- }
-
- identity tls-ecdh-rsa-with-aes-128-gcm-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256";
- reference
- "RFC 5289:
- TLS Elliptic Curve Cipher Suites with SHA-256/384
- and AES Galois Counter Mode";
- }
-
- identity tls-ecdh-rsa-with-aes-256-gcm-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384";
- reference
- "RFC 5289:
- TLS Elliptic Curve Cipher Suites with SHA-256/384
- and AES Galois Counter Mode";
- }
-
- identity tls-ecdhe-psk-with-rc4-128-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDHE-PSK-WITH-RC4-128-SHA";
- reference
- "RFC 5489:
- ECDHE_PSK Ciphersuites for Transport Layer Security (TLS)
- RFC 6347:
- Datagram Transport Layer Security version 1.2";
- }
-
- identity tls-ecdhe-psk-with-3des-ede-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA";
- reference
- "RFC 5489:
- ECDHE_PSK Ciphersuites for Transport Layer Security (TLS)";
- }
-
- identity tls-ecdhe-psk-with-aes-128-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA";
- reference
- "RFC 5489:
- ECDHE_PSK Ciphersuites for Transport Layer Security (TLS)";
- }
-
- identity tls-ecdhe-psk-with-aes-256-cbc-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA";
- reference
- "RFC 5489:
- ECDHE_PSK Ciphersuites for Transport Layer Security (TLS)";
- }
-
- identity tls-ecdhe-psk-with-aes-128-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256";
- reference
- "RFC 5489:
- ECDHE_PSK Ciphersuites for Transport Layer Security (TLS)";
- }
-
- identity tls-ecdhe-psk-with-aes-256-cbc-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384";
- reference
- "RFC 5489:
- ECDHE_PSK Ciphersuites for Transport Layer Security (TLS)";
- }
-
- identity tls-ecdhe-psk-with-null-sha {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDHE-PSK-WITH-NULL-SHA";
- reference
- "RFC 5489:
- ECDHE_PSK Ciphersuites for Transport Layer Security (TLS)";
- }
-
- identity tls-ecdhe-psk-with-null-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDHE-PSK-WITH-NULL-SHA256";
- reference
- "RFC 5489:
- ECDHE_PSK Ciphersuites for Transport Layer Security (TLS)";
- }
-
- identity tls-ecdhe-psk-with-null-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDHE-PSK-WITH-NULL-SHA384";
- reference
- "RFC 5489:
- ECDHE_PSK Ciphersuites for Transport Layer Security (TLS)";
- }
-
- identity tls-rsa-with-aria-128-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-RSA-WITH-ARIA-128-CBC-SHA256";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-rsa-with-aria-256-cbc-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-RSA-WITH-ARIA-256-CBC-SHA384";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-dh-dss-with-aria-128-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-DSS-WITH-ARIA-128-CBC-SHA256";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-dh-dss-with-aria-256-cbc-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-DSS-WITH-ARIA-256-CBC-SHA384";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-dh-rsa-with-aria-128-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-RSA-WITH-ARIA-128-CBC-SHA256";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-dh-rsa-with-aria-256-cbc-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-RSA-WITH-ARIA-256-CBC-SHA384";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-dhe-dss-with-aria-128-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-DSS-WITH-ARIA-128-CBC-SHA256";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-dhe-dss-with-aria-256-cbc-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-DSS-WITH-ARIA-256-CBC-SHA384";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-dhe-rsa-with-aria-128-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-dhe-rsa-with-aria-256-cbc-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-dh-anon-with-aria-128-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-ANON-WITH-ARIA-128-CBC-SHA256";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-dh-anon-with-aria-256-cbc-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-ANON-WITH-ARIA-256-CBC-SHA384";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-ecdhe-ecdsa-with-aria-128-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-ecdhe-ecdsa-with-aria-256-cbc-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-ecdh-ecdsa-with-aria-128-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDH-ECDSA-WITH-ARIA-128-CBC-SHA256";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-ecdh-ecdsa-with-aria-256-cbc-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDH-ECDSA-WITH-ARIA-256-CBC-SHA384";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-ecdhe-rsa-with-aria-128-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-ecdhe-rsa-with-aria-256-cbc-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-ecdh-rsa-with-aria-128-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDH-RSA-WITH-ARIA-128-CBC-SHA256";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-ecdh-rsa-with-aria-256-cbc-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDH-RSA-WITH-ARIA-256-CBC-SHA384";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-rsa-with-aria-128-gcm-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-RSA-WITH-ARIA-128-GCM-SHA256";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-rsa-with-aria-256-gcm-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-RSA-WITH-ARIA-256-GCM-SHA384";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-dhe-rsa-with-aria-128-gcm-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-RSA-WITH-ARIA-128-GCM-SHA256";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-dhe-rsa-with-aria-256-gcm-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-RSA-WITH-ARIA-256-GCM-SHA384";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-dh-rsa-with-aria-128-gcm-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-RSA-WITH-ARIA-128-GCM-SHA256";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-dh-rsa-with-aria-256-gcm-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-RSA-WITH-ARIA-256-GCM-SHA384";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-dhe-dss-with-aria-128-gcm-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-DSS-WITH-ARIA-128-GCM-SHA256";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-dhe-dss-with-aria-256-gcm-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-DSS-WITH-ARIA-256-GCM-SHA384";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-dh-dss-with-aria-128-gcm-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-DSS-WITH-ARIA-128-GCM-SHA256";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-dh-dss-with-aria-256-gcm-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-DSS-WITH-ARIA-256-GCM-SHA384";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-dh-anon-with-aria-128-gcm-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-ANON-WITH-ARIA-128-GCM-SHA256";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-dh-anon-with-aria-256-gcm-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-ANON-WITH-ARIA-256-GCM-SHA384";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-ecdhe-ecdsa-with-aria-128-gcm-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDHE-ECDSA-WITH-ARIA-128-GCM-SHA256";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-ecdhe-ecdsa-with-aria-256-gcm-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDHE-ECDSA-WITH-ARIA-256-GCM-SHA384";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-ecdh-ecdsa-with-aria-128-gcm-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDH-ECDSA-WITH-ARIA-128-GCM-SHA256";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-ecdh-ecdsa-with-aria-256-gcm-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDH-ECDSA-WITH-ARIA-256-GCM-SHA384";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-ecdhe-rsa-with-aria-128-gcm-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDHE-RSA-WITH-ARIA-128-GCM-SHA256";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-ecdhe-rsa-with-aria-256-gcm-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDHE-RSA-WITH-ARIA-256-GCM-SHA384";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-ecdh-rsa-with-aria-128-gcm-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDH-RSA-WITH-ARIA-128-GCM-SHA256";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-ecdh-rsa-with-aria-256-gcm-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDH-RSA-WITH-ARIA-256-GCM-SHA384";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-psk-with-aria-128-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-PSK-WITH-ARIA-128-CBC-SHA256";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-psk-with-aria-256-cbc-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-PSK-WITH-ARIA-256-CBC-SHA384";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-dhe-psk-with-aria-128-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-PSK-WITH-ARIA-128-CBC-SHA256";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-dhe-psk-with-aria-256-cbc-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-PSK-WITH-ARIA-256-CBC-SHA384";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-rsa-psk-with-aria-128-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-RSA-PSK-WITH-ARIA-128-CBC-SHA256";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-rsa-psk-with-aria-256-cbc-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-RSA-PSK-WITH-ARIA-256-CBC-SHA384";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-psk-with-aria-128-gcm-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-PSK-WITH-ARIA-128-GCM-SHA256";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-psk-with-aria-256-gcm-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-PSK-WITH-ARIA-256-GCM-SHA384";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-dhe-psk-with-aria-128-gcm-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-PSK-WITH-ARIA-128-GCM-SHA256";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-dhe-psk-with-aria-256-gcm-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-PSK-WITH-ARIA-256-GCM-SHA384";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-rsa-psk-with-aria-128-gcm-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-RSA-PSK-WITH-ARIA-128-GCM-SHA256";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-rsa-psk-with-aria-256-gcm-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-RSA-PSK-WITH-ARIA-256-GCM-SHA384";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-ecdhe-psk-with-aria-128-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDHE-PSK-WITH-ARIA-128-CBC-SHA256";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-ecdhe-psk-with-aria-256-cbc-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDHE-PSK-WITH-ARIA-256-CBC-SHA384";
- reference
- "RFC 6209:
- Addition of the ARIA Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-ecdhe-ecdsa-with-camellia-128-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256";
- reference
- "RFC 6367:
- Addition of the Camellia Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-ecdhe-ecdsa-with-camellia-256-cbc-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384";
- reference
- "RFC 6367:
- Addition of the Camellia Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-ecdh-ecdsa-with-camellia-128-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256";
- reference
- "RFC 6367:
- Addition of the Camellia Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-ecdh-ecdsa-with-camellia-256-cbc-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384";
- reference
- "RFC 6367:
- Addition of the Camellia Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-ecdhe-rsa-with-camellia-128-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256";
- reference
- "RFC 6367:
- Addition of the Camellia Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-ecdhe-rsa-with-camellia-256-cbc-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384";
- reference
- "RFC 6367:
- Addition of the Camellia Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-ecdh-rsa-with-camellia-128-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256";
- reference
- "RFC 6367:
- Addition of the Camellia Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-ecdh-rsa-with-camellia-256-cbc-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384";
- reference
- "RFC 6367:
- Addition of the Camellia Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-rsa-with-camellia-128-gcm-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256";
- reference
- "RFC 6367:
- Addition of the Camellia Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-rsa-with-camellia-256-gcm-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384";
- reference
- "RFC 6367:
- Addition of the Camellia Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-dhe-rsa-with-camellia-128-gcm-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256";
- reference
- "RFC 6367:
- Addition of the Camellia Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-dhe-rsa-with-camellia-256-gcm-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384";
- reference
- "RFC 6367:
- Addition of the Camellia Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-dh-rsa-with-camellia-128-gcm-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-RSA-WITH-CAMELLIA-128-GCM-SHA256";
- reference
- "RFC 6367:
- Addition of the Camellia Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-dh-rsa-with-camellia-256-gcm-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-RSA-WITH-CAMELLIA-256-GCM-SHA384";
- reference
- "RFC 6367:
- Addition of the Camellia Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-dhe-dss-with-camellia-128-gcm-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-DSS-WITH-CAMELLIA-128-GCM-SHA256";
- reference
- "RFC 6367:
- Addition of the Camellia Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-dhe-dss-with-camellia-256-gcm-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-DSS-WITH-CAMELLIA-256-GCM-SHA384";
- reference
- "RFC 6367:
- Addition of the Camellia Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-dh-dss-with-camellia-128-gcm-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-DSS-WITH-CAMELLIA-128-GCM-SHA256";
- reference
- "RFC 6367:
- Addition of the Camellia Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-dh-dss-with-camellia-256-gcm-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-DSS-WITH-CAMELLIA-256-GCM-SHA384";
- reference
- "RFC 6367:
- Addition of the Camellia Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-dh-anon-with-camellia-128-gcm-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-ANON-WITH-CAMELLIA-128-GCM-SHA256";
- reference
- "RFC 6367:
- Addition of the Camellia Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-dh-anon-with-camellia-256-gcm-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DH-ANON-WITH-CAMELLIA-256-GCM-SHA384";
- reference
- "RFC 6367:
- Addition of the Camellia Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-ecdhe-ecdsa-with-camellia-128-gcm-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256";
- reference
- "RFC 6367:
- Addition of the Camellia Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-ecdhe-ecdsa-with-camellia-256-gcm-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384";
- reference
- "RFC 6367:
- Addition of the Camellia Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-ecdh-ecdsa-with-camellia-128-gcm-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256";
- reference
- "RFC 6367:
- Addition of the Camellia Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-ecdh-ecdsa-with-camellia-256-gcm-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384";
- reference
- "RFC 6367:
- Addition of the Camellia Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-ecdhe-rsa-with-camellia-128-gcm-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256";
- reference
- "RFC 6367:
- Addition of the Camellia Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-ecdhe-rsa-with-camellia-256-gcm-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384";
- reference
- "RFC 6367:
- Addition of the Camellia Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-ecdh-rsa-with-camellia-128-gcm-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256";
- reference
- "RFC 6367:
- Addition of the Camellia Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-ecdh-rsa-with-camellia-256-gcm-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDH-RSA-WITH-CAMELLIA-256-GCM-SHA384";
- reference
- "RFC 6367:
- Addition of the Camellia Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-psk-with-camellia-128-gcm-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256";
- reference
- "RFC 6367:
- Addition of the Camellia Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-psk-with-camellia-256-gcm-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384";
- reference
- "RFC 6367:
- Addition of the Camellia Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-dhe-psk-with-camellia-128-gcm-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256";
- reference
- "RFC 6367:
- Addition of the Camellia Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-dhe-psk-with-camellia-256-gcm-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384";
- reference
- "RFC 6367:
- Addition of the Camellia Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-rsa-psk-with-camellia-128-gcm-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256";
- reference
- "RFC 6367:
- Addition of the Camellia Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-rsa-psk-with-camellia-256-gcm-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384";
- reference
- "RFC 6367:
- Addition of the Camellia Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-psk-with-camellia-128-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256";
- reference
- "RFC 6367:
- Addition of the Camellia Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-psk-with-camellia-256-cbc-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384";
- reference
- "RFC 6367:
- Addition of the Camellia Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-dhe-psk-with-camellia-128-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256";
- reference
- "RFC 6367:
- Addition of the Camellia Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-dhe-psk-with-camellia-256-cbc-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384";
- reference
- "RFC 6367:
- Addition of the Camellia Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-rsa-psk-with-camellia-128-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256";
- reference
- "RFC 6367:
- Addition of the Camellia Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-rsa-psk-with-camellia-256-cbc-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384";
- reference
- "RFC 6367:
- Addition of the Camellia Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-ecdhe-psk-with-camellia-128-cbc-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256";
- reference
- "RFC 6367:
- Addition of the Camellia Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-ecdhe-psk-with-camellia-256-cbc-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384";
- reference
- "RFC 6367:
- Addition of the Camellia Cipher Suites to
- Transport Layer Security (TLS)";
- }
-
- identity tls-rsa-with-aes-128-ccm {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-RSA-WITH-AES-128-CCM";
- reference
- "RFC 6655:
- AES-CCM Cipher Suites for TLS";
- }
-
- identity tls-rsa-with-aes-256-ccm {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-RSA-WITH-AES-256-CCM";
- reference
- "RFC 6655:
- AES-CCM Cipher Suites for TLS";
- }
-
- identity tls-dhe-rsa-with-aes-128-ccm {
- base cipher-suite-alg-base;
- description
- "TLS-DHE-RSA-WITH-AES-128-CCM";
- reference
- "RFC 6655:
- AES-CCM Cipher Suites for TLS";
- }
-
- identity tls-dhe-rsa-with-aes-256-ccm {
- base cipher-suite-alg-base;
- description
- "TLS-DHE-RSA-WITH-AES-256-CCM";
- reference
- "RFC 6655:
- AES-CCM Cipher Suites for TLS";
- }
-
- identity tls-rsa-with-aes-128-ccm-8 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-RSA-WITH-AES-128-CCM-8";
- reference
- "RFC 6655:
- AES-CCM Cipher Suites for TLS";
- }
-
- identity tls-rsa-with-aes-256-ccm-8 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-RSA-WITH-AES-256-CCM-8";
- reference
- "RFC 6655:
- AES-CCM Cipher Suites for TLS";
- }
-
- identity tls-dhe-rsa-with-aes-128-ccm-8 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-RSA-WITH-AES-128-CCM-8";
- reference
- "RFC 6655:
- AES-CCM Cipher Suites for TLS";
- }
-
- identity tls-dhe-rsa-with-aes-256-ccm-8 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-DHE-RSA-WITH-AES-256-CCM-8";
- reference
- "RFC 6655:
- AES-CCM Cipher Suites for TLS";
- }
-
- identity tls-psk-with-aes-128-ccm {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-PSK-WITH-AES-128-CCM";
- reference
- "RFC 6655:
- AES-CCM Cipher Suites for TLS";
- }
-
- identity tls-psk-with-aes-256-ccm {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-PSK-WITH-AES-256-CCM";
- reference
- "RFC 6655:
- AES-CCM Cipher Suites for TLS";
- }
-
- identity tls-dhe-psk-with-aes-128-ccm {
- base cipher-suite-alg-base;
- description
- "TLS-DHE-PSK-WITH-AES-128-CCM";
- reference
- "RFC 6655:
- AES-CCM Cipher Suites for TLS";
- }
-
- identity tls-dhe-psk-with-aes-256-ccm {
- base cipher-suite-alg-base;
- description
- "TLS-DHE-PSK-WITH-AES-256-CCM";
- reference
- "RFC 6655:
- AES-CCM Cipher Suites for TLS";
- }
-
- identity tls-psk-with-aes-128-ccm-8 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-PSK-WITH-AES-128-CCM-8";
- reference
- "RFC 6655:
- AES-CCM Cipher Suites for TLS";
- }
-
- identity tls-psk-with-aes-256-ccm-8 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-PSK-WITH-AES-256-CCM-8";
- reference
- "RFC 6655:
- AES-CCM Cipher Suites for TLS";
- }
-
- identity tls-psk-dhe-with-aes-128-ccm-8 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-PSK-DHE-WITH-AES-128-CCM-8";
- reference
- "RFC 6655:
- AES-CCM Cipher Suites for TLS";
- }
-
- identity tls-psk-dhe-with-aes-256-ccm-8 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-PSK-DHE-WITH-AES-256-CCM-8";
- reference
- "RFC 6655:
- AES-CCM Cipher Suites for TLS";
- }
-
- identity tls-ecdhe-ecdsa-with-aes-128-ccm {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDHE-ECDSA-WITH-AES-128-CCM";
- reference
- "RFC 7251:
- AES-CCM ECC Cipher Suites for TLS";
- }
-
- identity tls-ecdhe-ecdsa-with-aes-256-ccm {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDHE-ECDSA-WITH-AES-256-CCM";
- reference
- "RFC 7251:
- AES-CCM ECC Cipher Suites for TLS";
- }
-
- identity tls-ecdhe-ecdsa-with-aes-128-ccm-8 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8";
- reference
- "RFC 7251:
- AES-CCM ECC Cipher Suites for TLS";
- }
-
- identity tls-ecdhe-ecdsa-with-aes-256-ccm-8 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8";
- reference
- "RFC 7251:
- AES-CCM ECC Cipher Suites for TLS";
- }
-
- identity tls-eccpwd-with-aes-128-gcm-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECCPWD-WITH-AES-128-GCM-SHA256";
- reference
- "RFC 8492:
- Secure Password Ciphersuites for
- Transport Layer Security (TLS)";
- }
-
- identity tls-eccpwd-with-aes-256-gcm-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECCPWD-WITH-AES-256-GCM-SHA384";
- reference
- "RFC 8492:
- Secure Password Ciphersuites for
- Transport Layer Security (TLS)";
- }
-
- identity tls-eccpwd-with-aes-128-ccm-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECCPWD-WITH-AES-128-CCM-SHA256";
- reference
- "RFC 8492:
- Secure Password Ciphersuites for
- Transport Layer Security (TLS)";
- }
-
- identity tls-eccpwd-with-aes-256-ccm-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECCPWD-WITH-AES-256-CCM-SHA384";
- reference
- "RFC 8492:
- Secure Password Ciphersuites for
- Transport Layer Security (TLS)";
- }
-
- identity tls-sha256-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-SHA256-SHA256";
- reference
- "RFC 9150:
- TLS 1.3 Authentication and Integrity-Only Cipher Suites";
- }
-
- identity tls-sha384-sha384 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-SHA384-SHA384";
- reference
- "RFC 9150:
- TLS 1.3 Authentication and Integrity-Only Cipher Suites";
- }
-
- identity tls-gostr341112-256-with-kuznyechik-ctr-omac {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-GOSTR341112-256-WITH-KUZNYECHIK-CTR-OMAC";
- reference
- "RFC 9189:
- GOST Cipher Suites for Transport Layer Security (TLS)
- Protocol Version 1.2";
- }
-
- identity tls-gostr341112-256-with-magma-ctr-omac {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-GOSTR341112-256-WITH-MAGMA-CTR-OMAC";
- reference
- "RFC 9189:
- GOST Cipher Suites for Transport Layer Security (TLS)
- Protocol Version 1.2";
- }
-
- identity tls-gostr341112-256-with-28147-cnt-imit {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-GOSTR341112-256-WITH-28147-CNT-IMIT";
- reference
- "RFC 9189:
- GOST Cipher Suites for Transport Layer Security (TLS)
- Protocol Version 1.2";
- }
-
- identity tls-ecdhe-rsa-with-chacha20-poly1305-sha256 {
- base cipher-suite-alg-base;
- description
- "TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256";
- reference
- "RFC 7905:
- ChaCha20-Poly1305 Cipher Suites for
- Transport Layer Security (TLS)";
- }
-
- identity tls-ecdhe-ecdsa-with-chacha20-poly1305-sha256 {
- base cipher-suite-alg-base;
- description
- "TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256";
- reference
- "RFC 7905:
- ChaCha20-Poly1305 Cipher Suites for
- Transport Layer Security (TLS)";
- }
-
- identity tls-dhe-rsa-with-chacha20-poly1305-sha256 {
- base cipher-suite-alg-base;
- description
- "TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256";
- reference
- "RFC 7905:
- ChaCha20-Poly1305 Cipher Suites for
- Transport Layer Security (TLS)";
- }
-
- identity tls-psk-with-chacha20-poly1305-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-PSK-WITH-CHACHA20-POLY1305-SHA256";
- reference
- "RFC 7905:
- ChaCha20-Poly1305 Cipher Suites for
- Transport Layer Security (TLS)";
- }
-
- identity tls-ecdhe-psk-with-chacha20-poly1305-sha256 {
- base cipher-suite-alg-base;
- description
- "TLS-ECDHE-PSK-WITH-CHACHA20-POLY1305-SHA256";
- reference
- "RFC 7905:
- ChaCha20-Poly1305 Cipher Suites for
- Transport Layer Security (TLS)";
- }
-
- identity tls-dhe-psk-with-chacha20-poly1305-sha256 {
- base cipher-suite-alg-base;
- description
- "TLS-DHE-PSK-WITH-CHACHA20-POLY1305-SHA256";
- reference
- "RFC 7905:
- ChaCha20-Poly1305 Cipher Suites for
- Transport Layer Security (TLS)";
- }
-
- identity tls-rsa-psk-with-chacha20-poly1305-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-RSA-PSK-WITH-CHACHA20-POLY1305-SHA256";
- reference
- "RFC 7905:
- ChaCha20-Poly1305 Cipher Suites for
- Transport Layer Security (TLS)";
- }
-
- identity tls-ecdhe-psk-with-aes-128-gcm-sha256 {
- base cipher-suite-alg-base;
- description
- "TLS-ECDHE-PSK-WITH-AES-128-GCM-SHA256";
- reference
- "RFC 8442:
- ECDHE_PSK with AES-GCM and AES-CCM Cipher Suites";
- }
-
- identity tls-ecdhe-psk-with-aes-256-gcm-sha384 {
- base cipher-suite-alg-base;
- description
- "TLS-ECDHE-PSK-WITH-AES-256-GCM-SHA384";
- reference
- "RFC 8442:
- ECDHE_PSK with AES-GCM and AES-CCM Cipher Suites";
- }
-
- identity tls-ecdhe-psk-with-aes-128-ccm-8-sha256 {
- base cipher-suite-alg-base;
- status deprecated;
- description
- "TLS-ECDHE-PSK-WITH-AES-128-CCM-8-SHA256";
- reference
- "RFC 8442:
- ECDHE_PSK with AES-GCM and AES-CCM Cipher Suites";
- }
-
- identity tls-ecdhe-psk-with-aes-128-ccm-sha256 {
- base cipher-suite-alg-base;
- description
- "TLS-ECDHE-PSK-WITH-AES-128-CCM-SHA256";
- reference
- "RFC 8442:
- ECDHE_PSK with AES-GCM and AES-CCM Cipher Suites";
- }
-
-
- // Protocol-accessible Nodes
-
- container supported-algorithms {
- config false;
- description
- "A container for a list of cipher suite algorithms supported
- by the server.";
- leaf-list supported-algorithm {
- type cipher-suite-algorithm-ref;
- description
- "A cipher suite algorithm supported by the server.";
- }
- }
-
-}
--- /dev/null
+module iana-tls-cipher-suite-algs {
+ yang-version 1.1;
+ namespace "urn:ietf:params:xml:ns:yang:iana-tls-cipher-suite-algs";
+ prefix tlscsa;
+
+ organization
+ "Internet Assigned Numbers Authority (IANA)";
+
+ contact
+ "Postal: ICANN
+ 12025 Waterfront Drive, Suite 300
+ Los Angeles, CA 90094-2536
+ United States of America
+ Tel: +1 310 301 5800
+ Email: iana@iana.org";
+
+ description
+ "This module defines identities for the Cipher Suite
+ algorithms defined in the 'TLS Cipher Suites' sub-registry
+ of the 'Transport Layer Security (TLS) Parameters' registry
+ maintained by IANA.
+
+ Copyright (c) 2024 IETF Trust and the persons identified as
+ authors of the code. All rights reserved.
+
+ Redistribution and use in source and binary forms, with
+ or without modification, is permitted pursuant to, and
+ subject to the license terms contained in, the Revised
+ BSD License set forth in Section 4.c of the IETF Trust's
+ Legal Provisions Relating to IETF Documents
+ (https://trustee.ietf.org/license-info).
+
+ The initial version of this YANG module is part of RFC FFFF
+ (https://www.rfc-editor.org/info/rfcFFFF); see the RFC
+ itself for full legal notices.";
+
+ revision 2024-02-08 {
+ description
+ "Reflects contents of the cipher-suite algorithms registry.";
+ reference
+ "RFC FFFF: YANG Groupings for TLS Clients and TLS Servers";
+ }
+
+ // Typedefs
+
+ typedef cipher-suite-algorithm-ref {
+ type identityref {
+ base "cipher-suite-alg-base";
+ }
+ description
+ "A reference to a TLS cipher-suite algorithm identifier.";
+ }
+
+
+ // Identities
+
+ identity cipher-suite-alg-base {
+ description
+ "Base identity for TLS cipher-suite algorithms.";
+ }
+
+ identity TLS_NULL_WITH_NULL_NULL {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_NULL_WITH_NULL_NULL' algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version 1.2";
+ }
+
+ identity TLS_RSA_WITH_NULL_MD5 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_RSA_WITH_NULL_MD5' algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version 1.2";
+ }
+
+ identity TLS_RSA_WITH_NULL_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_RSA_WITH_NULL_SHA' algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version 1.2";
+ }
+
+ identity TLS_RSA_EXPORT_WITH_RC4_40_MD5 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_RSA_EXPORT_WITH_RC4_40_MD5' algorithm.";
+ reference
+ "RFC 4346:
+ The Transport Layer Security (TLS) Protocol Version 1.1
+ RFC 6347:
+ Datagram Transport Layer Security Version 1.2";
+ }
+
+ identity TLS_RSA_WITH_RC4_128_MD5 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_RSA_WITH_RC4_128_MD5' algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version 1.2
+ RFC 6347:
+ Datagram Transport Layer Security Version 1.2";
+ }
+
+ identity TLS_RSA_WITH_RC4_128_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_RSA_WITH_RC4_128_SHA' algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version 1.2
+ RFC 6347:
+ Datagram Transport Layer Security Version 1.2";
+ }
+
+ identity TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5'
+ algorithm.";
+ reference
+ "RFC 4346:
+ The Transport Layer Security (TLS) Protocol Version 1.1";
+ }
+
+ identity TLS_RSA_WITH_IDEA_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_RSA_WITH_IDEA_CBC_SHA' algorithm.";
+ reference
+ "RFC 8996:
+ Deprecating TLS 1.0 and TLS 1.1";
+ }
+
+ identity TLS_RSA_EXPORT_WITH_DES40_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_RSA_EXPORT_WITH_DES40_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 4346:
+ The Transport Layer Security (TLS) Protocol Version 1.1";
+ }
+
+ identity TLS_RSA_WITH_DES_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_RSA_WITH_DES_CBC_SHA' algorithm.";
+ reference
+ "RFC 8996:
+ Deprecating TLS 1.0 and TLS 1.1";
+ }
+
+ identity TLS_RSA_WITH_3DES_EDE_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_RSA_WITH_3DES_EDE_CBC_SHA' algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version 1.2";
+ }
+
+ identity TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 4346:
+ The Transport Layer Security (TLS) Protocol Version 1.1";
+ }
+
+ identity TLS_DH_DSS_WITH_DES_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_DSS_WITH_DES_CBC_SHA' algorithm.";
+ reference
+ "RFC 8996:
+ Deprecating TLS 1.0 and TLS 1.1";
+ }
+
+ identity TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version 1.2";
+ }
+
+ identity TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 4346:
+ The Transport Layer Security (TLS) Protocol Version 1.1";
+ }
+
+ identity TLS_DH_RSA_WITH_DES_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_RSA_WITH_DES_CBC_SHA' algorithm.";
+ reference
+ "RFC 8996:
+ Deprecating TLS 1.0 and TLS 1.1";
+ }
+
+ identity TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version 1.2";
+ }
+
+ identity TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 4346:
+ The Transport Layer Security (TLS) Protocol Version 1.1";
+ }
+
+ identity TLS_DHE_DSS_WITH_DES_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_DSS_WITH_DES_CBC_SHA' algorithm.";
+ reference
+ "RFC 8996:
+ Deprecating TLS 1.0 and TLS 1.1";
+ }
+
+ identity TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version 1.2";
+ }
+
+ identity TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 4346:
+ The Transport Layer Security (TLS) Protocol Version 1.1";
+ }
+
+ identity TLS_DHE_RSA_WITH_DES_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_RSA_WITH_DES_CBC_SHA' algorithm.";
+ reference
+ "RFC 8996:
+ Deprecating TLS 1.0 and TLS 1.1";
+ }
+
+ identity TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version 1.2";
+ }
+
+ identity TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_anon_EXPORT_WITH_RC4_40_MD5'
+ algorithm.";
+ reference
+ "RFC 4346:
+ The Transport Layer Security (TLS) Protocol Version 1.1
+ RFC 6347:
+ Datagram Transport Layer Security Version 1.2";
+ }
+
+ identity TLS_DH_anon_WITH_RC4_128_MD5 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_anon_WITH_RC4_128_MD5' algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version 1.2
+ RFC 6347:
+ Datagram Transport Layer Security Version 1.2";
+ }
+
+ identity TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 4346:
+ The Transport Layer Security (TLS) Protocol Version 1.1";
+ }
+
+ identity TLS_DH_anon_WITH_DES_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_anon_WITH_DES_CBC_SHA' algorithm.";
+ reference
+ "RFC 8996:
+ Deprecating TLS 1.0 and TLS 1.1";
+ }
+
+ identity TLS_DH_anon_WITH_3DES_EDE_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_anon_WITH_3DES_EDE_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version 1.2";
+ }
+
+ identity TLS_KRB5_WITH_DES_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_KRB5_WITH_DES_CBC_SHA' algorithm.";
+ reference
+ "RFC 2712:
+ Addition of Kerberos Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_KRB5_WITH_3DES_EDE_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_KRB5_WITH_3DES_EDE_CBC_SHA' algorithm.";
+ reference
+ "RFC 2712:
+ Addition of Kerberos Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_KRB5_WITH_RC4_128_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_KRB5_WITH_RC4_128_SHA' algorithm.";
+ reference
+ "RFC 2712:
+ Addition of Kerberos Cipher Suites to Transport Layer
+ Security (TLS)
+ RFC 6347:
+ Datagram Transport Layer Security Version 1.2";
+ }
+
+ identity TLS_KRB5_WITH_IDEA_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_KRB5_WITH_IDEA_CBC_SHA' algorithm.";
+ reference
+ "RFC 2712:
+ Addition of Kerberos Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_KRB5_WITH_DES_CBC_MD5 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_KRB5_WITH_DES_CBC_MD5' algorithm.";
+ reference
+ "RFC 2712:
+ Addition of Kerberos Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_KRB5_WITH_3DES_EDE_CBC_MD5 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_KRB5_WITH_3DES_EDE_CBC_MD5' algorithm.";
+ reference
+ "RFC 2712:
+ Addition of Kerberos Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_KRB5_WITH_RC4_128_MD5 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_KRB5_WITH_RC4_128_MD5' algorithm.";
+ reference
+ "RFC 2712:
+ Addition of Kerberos Cipher Suites to Transport Layer
+ Security (TLS)
+ RFC 6347:
+ Datagram Transport Layer Security Version 1.2";
+ }
+
+ identity TLS_KRB5_WITH_IDEA_CBC_MD5 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_KRB5_WITH_IDEA_CBC_MD5' algorithm.";
+ reference
+ "RFC 2712:
+ Addition of Kerberos Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA'
+ algorithm.";
+ reference
+ "RFC 2712:
+ Addition of Kerberos Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA'
+ algorithm.";
+ reference
+ "RFC 2712:
+ Addition of Kerberos Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_KRB5_EXPORT_WITH_RC4_40_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_KRB5_EXPORT_WITH_RC4_40_SHA'
+ algorithm.";
+ reference
+ "RFC 2712:
+ Addition of Kerberos Cipher Suites to Transport Layer
+ Security (TLS)
+ RFC 6347:
+ Datagram Transport Layer Security Version 1.2";
+ }
+
+ identity TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5'
+ algorithm.";
+ reference
+ "RFC 2712:
+ Addition of Kerberos Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5'
+ algorithm.";
+ reference
+ "RFC 2712:
+ Addition of Kerberos Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_KRB5_EXPORT_WITH_RC4_40_MD5 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_KRB5_EXPORT_WITH_RC4_40_MD5'
+ algorithm.";
+ reference
+ "RFC 2712:
+ Addition of Kerberos Cipher Suites to Transport Layer
+ Security (TLS)
+ RFC 6347:
+ Datagram Transport Layer Security Version 1.2";
+ }
+
+ identity TLS_PSK_WITH_NULL_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_PSK_WITH_NULL_SHA' algorithm.";
+ reference
+ "RFC 4785:
+ Pre-Shared Key (PSK) Ciphersuites with NULL Encryption for
+ Transport Layer Security (TLS)";
+ }
+
+ identity TLS_DHE_PSK_WITH_NULL_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_PSK_WITH_NULL_SHA' algorithm.";
+ reference
+ "RFC 4785:
+ Pre-Shared Key (PSK) Ciphersuites with NULL Encryption for
+ Transport Layer Security (TLS)";
+ }
+
+ identity TLS_RSA_PSK_WITH_NULL_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_RSA_PSK_WITH_NULL_SHA' algorithm.";
+ reference
+ "RFC 4785:
+ Pre-Shared Key (PSK) Ciphersuites with NULL Encryption for
+ Transport Layer Security (TLS)";
+ }
+
+ identity TLS_RSA_WITH_AES_128_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_RSA_WITH_AES_128_CBC_SHA' algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version 1.2";
+ }
+
+ identity TLS_DH_DSS_WITH_AES_128_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_DSS_WITH_AES_128_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version 1.2";
+ }
+
+ identity TLS_DH_RSA_WITH_AES_128_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_RSA_WITH_AES_128_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version 1.2";
+ }
+
+ identity TLS_DHE_DSS_WITH_AES_128_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_DSS_WITH_AES_128_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version 1.2";
+ }
+
+ identity TLS_DHE_RSA_WITH_AES_128_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_RSA_WITH_AES_128_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version 1.2";
+ }
+
+ identity TLS_DH_anon_WITH_AES_128_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_anon_WITH_AES_128_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version 1.2";
+ }
+
+ identity TLS_RSA_WITH_AES_256_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_RSA_WITH_AES_256_CBC_SHA' algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version 1.2";
+ }
+
+ identity TLS_DH_DSS_WITH_AES_256_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_DSS_WITH_AES_256_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version 1.2";
+ }
+
+ identity TLS_DH_RSA_WITH_AES_256_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_RSA_WITH_AES_256_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version 1.2";
+ }
+
+ identity TLS_DHE_DSS_WITH_AES_256_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_DSS_WITH_AES_256_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version 1.2";
+ }
+
+ identity TLS_DHE_RSA_WITH_AES_256_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_RSA_WITH_AES_256_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version 1.2";
+ }
+
+ identity TLS_DH_anon_WITH_AES_256_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_anon_WITH_AES_256_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version 1.2";
+ }
+
+ identity TLS_RSA_WITH_NULL_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_RSA_WITH_NULL_SHA256' algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version 1.2";
+ }
+
+ identity TLS_RSA_WITH_AES_128_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_RSA_WITH_AES_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version 1.2";
+ }
+
+ identity TLS_RSA_WITH_AES_256_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_RSA_WITH_AES_256_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version 1.2";
+ }
+
+ identity TLS_DH_DSS_WITH_AES_128_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_DSS_WITH_AES_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version 1.2";
+ }
+
+ identity TLS_DH_RSA_WITH_AES_128_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_RSA_WITH_AES_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version 1.2";
+ }
+
+ identity TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_DSS_WITH_AES_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version 1.2";
+ }
+
+ identity TLS_RSA_WITH_CAMELLIA_128_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_RSA_WITH_CAMELLIA_128_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5932:
+ Camellia Cipher Suites for TLS";
+ }
+
+ identity TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5932:
+ Camellia Cipher Suites for TLS";
+ }
+
+ identity TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5932:
+ Camellia Cipher Suites for TLS";
+ }
+
+ identity TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5932:
+ Camellia Cipher Suites for TLS";
+ }
+
+ identity TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5932:
+ Camellia Cipher Suites for TLS";
+ }
+
+ identity TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5932:
+ Camellia Cipher Suites for TLS";
+ }
+
+ identity TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_RSA_WITH_AES_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version 1.2";
+ }
+
+ identity TLS_DH_DSS_WITH_AES_256_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_DSS_WITH_AES_256_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version 1.2";
+ }
+
+ identity TLS_DH_RSA_WITH_AES_256_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_RSA_WITH_AES_256_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version 1.2";
+ }
+
+ identity TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_DSS_WITH_AES_256_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version 1.2";
+ }
+
+ identity TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_RSA_WITH_AES_256_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version 1.2";
+ }
+
+ identity TLS_DH_anon_WITH_AES_128_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_anon_WITH_AES_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version 1.2";
+ }
+
+ identity TLS_DH_anon_WITH_AES_256_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_anon_WITH_AES_256_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version 1.2";
+ }
+
+ identity TLS_RSA_WITH_CAMELLIA_256_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_RSA_WITH_CAMELLIA_256_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5932:
+ Camellia Cipher Suites for TLS";
+ }
+
+ identity TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5932:
+ Camellia Cipher Suites for TLS";
+ }
+
+ identity TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5932:
+ Camellia Cipher Suites for TLS";
+ }
+
+ identity TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5932:
+ Camellia Cipher Suites for TLS";
+ }
+
+ identity TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5932:
+ Camellia Cipher Suites for TLS";
+ }
+
+ identity TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5932:
+ Camellia Cipher Suites for TLS";
+ }
+
+ identity TLS_PSK_WITH_RC4_128_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_PSK_WITH_RC4_128_SHA' algorithm.";
+ reference
+ "RFC 4279:
+ Pre-Shared Key Ciphersuites for Transport Layer Security
+ (TLS)
+ RFC 6347:
+ Datagram Transport Layer Security Version 1.2";
+ }
+
+ identity TLS_PSK_WITH_3DES_EDE_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_PSK_WITH_3DES_EDE_CBC_SHA' algorithm.";
+ reference
+ "RFC 4279:
+ Pre-Shared Key Ciphersuites for Transport Layer Security
+ (TLS)";
+ }
+
+ identity TLS_PSK_WITH_AES_128_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_PSK_WITH_AES_128_CBC_SHA' algorithm.";
+ reference
+ "RFC 4279:
+ Pre-Shared Key Ciphersuites for Transport Layer Security
+ (TLS)";
+ }
+
+ identity TLS_PSK_WITH_AES_256_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_PSK_WITH_AES_256_CBC_SHA' algorithm.";
+ reference
+ "RFC 4279:
+ Pre-Shared Key Ciphersuites for Transport Layer Security
+ (TLS)";
+ }
+
+ identity TLS_DHE_PSK_WITH_RC4_128_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_PSK_WITH_RC4_128_SHA' algorithm.";
+ reference
+ "RFC 4279:
+ Pre-Shared Key Ciphersuites for Transport Layer Security
+ (TLS)
+ RFC 6347:
+ Datagram Transport Layer Security Version 1.2";
+ }
+
+ identity TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 4279:
+ Pre-Shared Key Ciphersuites for Transport Layer Security
+ (TLS)";
+ }
+
+ identity TLS_DHE_PSK_WITH_AES_128_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_PSK_WITH_AES_128_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 4279:
+ Pre-Shared Key Ciphersuites for Transport Layer Security
+ (TLS)";
+ }
+
+ identity TLS_DHE_PSK_WITH_AES_256_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_PSK_WITH_AES_256_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 4279:
+ Pre-Shared Key Ciphersuites for Transport Layer Security
+ (TLS)";
+ }
+
+ identity TLS_RSA_PSK_WITH_RC4_128_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_RSA_PSK_WITH_RC4_128_SHA' algorithm.";
+ reference
+ "RFC 4279:
+ Pre-Shared Key Ciphersuites for Transport Layer Security
+ (TLS)
+ RFC 6347:
+ Datagram Transport Layer Security Version 1.2";
+ }
+
+ identity TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 4279:
+ Pre-Shared Key Ciphersuites for Transport Layer Security
+ (TLS)";
+ }
+
+ identity TLS_RSA_PSK_WITH_AES_128_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_RSA_PSK_WITH_AES_128_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 4279:
+ Pre-Shared Key Ciphersuites for Transport Layer Security
+ (TLS)";
+ }
+
+ identity TLS_RSA_PSK_WITH_AES_256_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_RSA_PSK_WITH_AES_256_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 4279:
+ Pre-Shared Key Ciphersuites for Transport Layer Security
+ (TLS)";
+ }
+
+ identity TLS_RSA_WITH_SEED_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_RSA_WITH_SEED_CBC_SHA' algorithm.";
+ reference
+ "RFC 4162:
+ Addition of SEED Cipher Suites to Transport Layer Security
+ (TLS)";
+ }
+
+ identity TLS_DH_DSS_WITH_SEED_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_DSS_WITH_SEED_CBC_SHA' algorithm.";
+ reference
+ "RFC 4162:
+ Addition of SEED Cipher Suites to Transport Layer Security
+ (TLS)";
+ }
+
+ identity TLS_DH_RSA_WITH_SEED_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_RSA_WITH_SEED_CBC_SHA' algorithm.";
+ reference
+ "RFC 4162:
+ Addition of SEED Cipher Suites to Transport Layer Security
+ (TLS)";
+ }
+
+ identity TLS_DHE_DSS_WITH_SEED_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_DSS_WITH_SEED_CBC_SHA' algorithm.";
+ reference
+ "RFC 4162:
+ Addition of SEED Cipher Suites to Transport Layer Security
+ (TLS)";
+ }
+
+ identity TLS_DHE_RSA_WITH_SEED_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_RSA_WITH_SEED_CBC_SHA' algorithm.";
+ reference
+ "RFC 4162:
+ Addition of SEED Cipher Suites to Transport Layer Security
+ (TLS)";
+ }
+
+ identity TLS_DH_anon_WITH_SEED_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_anon_WITH_SEED_CBC_SHA' algorithm.";
+ reference
+ "RFC 4162:
+ Addition of SEED Cipher Suites to Transport Layer Security
+ (TLS)";
+ }
+
+ identity TLS_RSA_WITH_AES_128_GCM_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_RSA_WITH_AES_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 5288:
+ AES Galois Counter Mode (GCM) Cipher Suites for TLS";
+ }
+
+ identity TLS_RSA_WITH_AES_256_GCM_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_RSA_WITH_AES_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 5288:
+ AES Galois Counter Mode (GCM) Cipher Suites for TLS";
+ }
+
+ identity TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 {
+ base cipher-suite-alg-base;
+ description
+ "Identity for the 'TLS_DHE_RSA_WITH_AES_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 5288:
+ AES Galois Counter Mode (GCM) Cipher Suites for TLS";
+ }
+
+ identity TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 {
+ base cipher-suite-alg-base;
+ description
+ "Identity for the 'TLS_DHE_RSA_WITH_AES_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 5288:
+ AES Galois Counter Mode (GCM) Cipher Suites for TLS";
+ }
+
+ identity TLS_DH_RSA_WITH_AES_128_GCM_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_RSA_WITH_AES_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 5288:
+ AES Galois Counter Mode (GCM) Cipher Suites for TLS";
+ }
+
+ identity TLS_DH_RSA_WITH_AES_256_GCM_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_RSA_WITH_AES_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 5288:
+ AES Galois Counter Mode (GCM) Cipher Suites for TLS";
+ }
+
+ identity TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_DSS_WITH_AES_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 5288:
+ AES Galois Counter Mode (GCM) Cipher Suites for TLS";
+ }
+
+ identity TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_DSS_WITH_AES_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 5288:
+ AES Galois Counter Mode (GCM) Cipher Suites for TLS";
+ }
+
+ identity TLS_DH_DSS_WITH_AES_128_GCM_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_DSS_WITH_AES_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 5288:
+ AES Galois Counter Mode (GCM) Cipher Suites for TLS";
+ }
+
+ identity TLS_DH_DSS_WITH_AES_256_GCM_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_DSS_WITH_AES_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 5288:
+ AES Galois Counter Mode (GCM) Cipher Suites for TLS";
+ }
+
+ identity TLS_DH_anon_WITH_AES_128_GCM_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_anon_WITH_AES_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 5288:
+ AES Galois Counter Mode (GCM) Cipher Suites for TLS";
+ }
+
+ identity TLS_DH_anon_WITH_AES_256_GCM_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_anon_WITH_AES_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 5288:
+ AES Galois Counter Mode (GCM) Cipher Suites for TLS";
+ }
+
+ identity TLS_PSK_WITH_AES_128_GCM_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_PSK_WITH_AES_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 5487:
+ Pre-Shared Key Cipher Suites for TLS with SHA-256/384 and
+ AES Galois Counter Mode";
+ }
+
+ identity TLS_PSK_WITH_AES_256_GCM_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_PSK_WITH_AES_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 5487:
+ Pre-Shared Key Cipher Suites for TLS with SHA-256/384 and
+ AES Galois Counter Mode";
+ }
+
+ identity TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 {
+ base cipher-suite-alg-base;
+ description
+ "Identity for the 'TLS_DHE_PSK_WITH_AES_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 5487:
+ Pre-Shared Key Cipher Suites for TLS with SHA-256/384 and
+ AES Galois Counter Mode";
+ }
+
+ identity TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 {
+ base cipher-suite-alg-base;
+ description
+ "Identity for the 'TLS_DHE_PSK_WITH_AES_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 5487:
+ Pre-Shared Key Cipher Suites for TLS with SHA-256/384 and
+ AES Galois Counter Mode";
+ }
+
+ identity TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_RSA_PSK_WITH_AES_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 5487:
+ Pre-Shared Key Cipher Suites for TLS with SHA-256/384 and
+ AES Galois Counter Mode";
+ }
+
+ identity TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_RSA_PSK_WITH_AES_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 5487:
+ Pre-Shared Key Cipher Suites for TLS with SHA-256/384 and
+ AES Galois Counter Mode";
+ }
+
+ identity TLS_PSK_WITH_AES_128_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_PSK_WITH_AES_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 5487:
+ Pre-Shared Key Cipher Suites for TLS with SHA-256/384 and
+ AES Galois Counter Mode";
+ }
+
+ identity TLS_PSK_WITH_AES_256_CBC_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_PSK_WITH_AES_256_CBC_SHA384'
+ algorithm.";
+ reference
+ "RFC 5487:
+ Pre-Shared Key Cipher Suites for TLS with SHA-256/384 and
+ AES Galois Counter Mode";
+ }
+
+ identity TLS_PSK_WITH_NULL_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_PSK_WITH_NULL_SHA256' algorithm.";
+ reference
+ "RFC 5487:
+ Pre-Shared Key Cipher Suites for TLS with SHA-256/384 and
+ AES Galois Counter Mode";
+ }
+
+ identity TLS_PSK_WITH_NULL_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_PSK_WITH_NULL_SHA384' algorithm.";
+ reference
+ "RFC 5487:
+ Pre-Shared Key Cipher Suites for TLS with SHA-256/384 and
+ AES Galois Counter Mode";
+ }
+
+ identity TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_PSK_WITH_AES_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 5487:
+ Pre-Shared Key Cipher Suites for TLS with SHA-256/384 and
+ AES Galois Counter Mode";
+ }
+
+ identity TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_PSK_WITH_AES_256_CBC_SHA384'
+ algorithm.";
+ reference
+ "RFC 5487:
+ Pre-Shared Key Cipher Suites for TLS with SHA-256/384 and
+ AES Galois Counter Mode";
+ }
+
+ identity TLS_DHE_PSK_WITH_NULL_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_PSK_WITH_NULL_SHA256' algorithm.";
+ reference
+ "RFC 5487:
+ Pre-Shared Key Cipher Suites for TLS with SHA-256/384 and
+ AES Galois Counter Mode";
+ }
+
+ identity TLS_DHE_PSK_WITH_NULL_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_PSK_WITH_NULL_SHA384' algorithm.";
+ reference
+ "RFC 5487:
+ Pre-Shared Key Cipher Suites for TLS with SHA-256/384 and
+ AES Galois Counter Mode";
+ }
+
+ identity TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_RSA_PSK_WITH_AES_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 5487:
+ Pre-Shared Key Cipher Suites for TLS with SHA-256/384 and
+ AES Galois Counter Mode";
+ }
+
+ identity TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_RSA_PSK_WITH_AES_256_CBC_SHA384'
+ algorithm.";
+ reference
+ "RFC 5487:
+ Pre-Shared Key Cipher Suites for TLS with SHA-256/384 and
+ AES Galois Counter Mode";
+ }
+
+ identity TLS_RSA_PSK_WITH_NULL_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_RSA_PSK_WITH_NULL_SHA256' algorithm.";
+ reference
+ "RFC 5487:
+ Pre-Shared Key Cipher Suites for TLS with SHA-256/384 and
+ AES Galois Counter Mode";
+ }
+
+ identity TLS_RSA_PSK_WITH_NULL_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_RSA_PSK_WITH_NULL_SHA384' algorithm.";
+ reference
+ "RFC 5487:
+ Pre-Shared Key Cipher Suites for TLS with SHA-256/384 and
+ AES Galois Counter Mode";
+ }
+
+ identity TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 5932:
+ Camellia Cipher Suites for TLS";
+ }
+
+ identity TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 5932:
+ Camellia Cipher Suites for TLS";
+ }
+
+ identity TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 5932:
+ Camellia Cipher Suites for TLS";
+ }
+
+ identity TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 5932:
+ Camellia Cipher Suites for TLS";
+ }
+
+ identity TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 5932:
+ Camellia Cipher Suites for TLS";
+ }
+
+ identity TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 5932:
+ Camellia Cipher Suites for TLS";
+ }
+
+ identity TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 5932:
+ Camellia Cipher Suites for TLS";
+ }
+
+ identity TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 5932:
+ Camellia Cipher Suites for TLS";
+ }
+
+ identity TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 5932:
+ Camellia Cipher Suites for TLS";
+ }
+
+ identity TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 5932:
+ Camellia Cipher Suites for TLS";
+ }
+
+ identity TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 5932:
+ Camellia Cipher Suites for TLS";
+ }
+
+ identity TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 5932:
+ Camellia Cipher Suites for TLS";
+ }
+
+ identity TLS_SM4_GCM_SM3 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_SM4_GCM_SM3' algorithm.";
+ reference
+ "RFC 8998:
+ ShangMi (SM) Cipher Suites for TLS 1.3";
+ }
+
+ identity TLS_SM4_CCM_SM3 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_SM4_CCM_SM3' algorithm.";
+ reference
+ "RFC 8998:
+ ShangMi (SM) Cipher Suites for TLS 1.3";
+ }
+
+ identity TLS_EMPTY_RENEGOTIATION_INFO_SCSV {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_EMPTY_RENEGOTIATION_INFO_SCSV'
+ algorithm.";
+ reference
+ "RFC 5746:
+ Transport Layer Security (TLS) Renegotiation Indication
+ Extension";
+ }
+
+ identity TLS_AES_128_GCM_SHA256 {
+ base cipher-suite-alg-base;
+ description
+ "Identity for the 'TLS_AES_128_GCM_SHA256' algorithm.";
+ reference
+ "RFC 8446:
+ The Transport Layer Security (TLS) Protocol Version 1.3";
+ }
+
+ identity TLS_AES_256_GCM_SHA384 {
+ base cipher-suite-alg-base;
+ description
+ "Identity for the 'TLS_AES_256_GCM_SHA384' algorithm.";
+ reference
+ "RFC 8446:
+ The Transport Layer Security (TLS) Protocol Version 1.3";
+ }
+
+ identity TLS_CHACHA20_POLY1305_SHA256 {
+ base cipher-suite-alg-base;
+ description
+ "Identity for the 'TLS_CHACHA20_POLY1305_SHA256' algorithm.";
+ reference
+ "RFC 8446:
+ The Transport Layer Security (TLS) Protocol Version 1.3";
+ }
+
+ identity TLS_AES_128_CCM_SHA256 {
+ base cipher-suite-alg-base;
+ description
+ "Identity for the 'TLS_AES_128_CCM_SHA256' algorithm.";
+ reference
+ "RFC 8446:
+ The Transport Layer Security (TLS) Protocol Version 1.3";
+ }
+
+ identity TLS_AES_128_CCM_8_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_AES_128_CCM_8_SHA256' algorithm.";
+ reference
+ "RFC 8446:
+ The Transport Layer Security (TLS) Protocol Version 1.3
+ IESG Action:
+ IESG Action 2018-08-16";
+ }
+
+ identity TLS_AEGIS_256_SHA512 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_AEGIS_256_SHA512' algorithm.";
+ reference
+ "draft-irtf-cfrg-aegis-aead-08:
+ The AEGIS Family of Authenticated Encryption Algorithms";
+ }
+
+ identity TLS_AEGIS_128L_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_AEGIS_128L_SHA256' algorithm.";
+ reference
+ "draft-irtf-cfrg-aegis-aead-08:
+ The AEGIS Family of Authenticated Encryption Algorithms";
+ }
+
+ identity TLS_FALLBACK_SCSV {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_FALLBACK_SCSV' algorithm.";
+ reference
+ "RFC 7507:
+ TLS Fallback Signaling Cipher Suite Value (SCSV) for
+ Preventing Protocol Downgrade Attacks";
+ }
+
+ identity TLS_ECDH_ECDSA_WITH_NULL_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDH_ECDSA_WITH_NULL_SHA' algorithm.";
+ reference
+ "RFC 8422:
+ Elliptic Curve Cryptography (ECC) Cipher Suites for
+ Transport Layer Security (TLS) Versions 1.2 and Earlier";
+ }
+
+ identity TLS_ECDH_ECDSA_WITH_RC4_128_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDH_ECDSA_WITH_RC4_128_SHA'
+ algorithm.";
+ reference
+ "RFC 8422:
+ Elliptic Curve Cryptography (ECC) Cipher Suites for
+ Transport Layer Security (TLS) Versions 1.2 and Earlier
+ RFC 6347:
+ Datagram Transport Layer Security Version 1.2";
+ }
+
+ identity TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 8422:
+ Elliptic Curve Cryptography (ECC) Cipher Suites for
+ Transport Layer Security (TLS) Versions 1.2 and Earlier";
+ }
+
+ identity TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 8422:
+ Elliptic Curve Cryptography (ECC) Cipher Suites for
+ Transport Layer Security (TLS) Versions 1.2 and Earlier";
+ }
+
+ identity TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 8422:
+ Elliptic Curve Cryptography (ECC) Cipher Suites for
+ Transport Layer Security (TLS) Versions 1.2 and Earlier";
+ }
+
+ identity TLS_ECDHE_ECDSA_WITH_NULL_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDHE_ECDSA_WITH_NULL_SHA' algorithm.";
+ reference
+ "RFC 8422:
+ Elliptic Curve Cryptography (ECC) Cipher Suites for
+ Transport Layer Security (TLS) Versions 1.2 and Earlier";
+ }
+
+ identity TLS_ECDHE_ECDSA_WITH_RC4_128_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDHE_ECDSA_WITH_RC4_128_SHA'
+ algorithm.";
+ reference
+ "RFC 8422:
+ Elliptic Curve Cryptography (ECC) Cipher Suites for
+ Transport Layer Security (TLS) Versions 1.2 and Earlier
+ RFC 6347:
+ Datagram Transport Layer Security Version 1.2";
+ }
+
+ identity TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 8422:
+ Elliptic Curve Cryptography (ECC) Cipher Suites for
+ Transport Layer Security (TLS) Versions 1.2 and Earlier";
+ }
+
+ identity TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 8422:
+ Elliptic Curve Cryptography (ECC) Cipher Suites for
+ Transport Layer Security (TLS) Versions 1.2 and Earlier";
+ }
+
+ identity TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 8422:
+ Elliptic Curve Cryptography (ECC) Cipher Suites for
+ Transport Layer Security (TLS) Versions 1.2 and Earlier";
+ }
+
+ identity TLS_ECDH_RSA_WITH_NULL_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDH_RSA_WITH_NULL_SHA' algorithm.";
+ reference
+ "RFC 8422:
+ Elliptic Curve Cryptography (ECC) Cipher Suites for
+ Transport Layer Security (TLS) Versions 1.2 and Earlier";
+ }
+
+ identity TLS_ECDH_RSA_WITH_RC4_128_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDH_RSA_WITH_RC4_128_SHA' algorithm.";
+ reference
+ "RFC 8422:
+ Elliptic Curve Cryptography (ECC) Cipher Suites for
+ Transport Layer Security (TLS) Versions 1.2 and Earlier
+ RFC 6347:
+ Datagram Transport Layer Security Version 1.2";
+ }
+
+ identity TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 8422:
+ Elliptic Curve Cryptography (ECC) Cipher Suites for
+ Transport Layer Security (TLS) Versions 1.2 and Earlier";
+ }
+
+ identity TLS_ECDH_RSA_WITH_AES_128_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDH_RSA_WITH_AES_128_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 8422:
+ Elliptic Curve Cryptography (ECC) Cipher Suites for
+ Transport Layer Security (TLS) Versions 1.2 and Earlier";
+ }
+
+ identity TLS_ECDH_RSA_WITH_AES_256_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDH_RSA_WITH_AES_256_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 8422:
+ Elliptic Curve Cryptography (ECC) Cipher Suites for
+ Transport Layer Security (TLS) Versions 1.2 and Earlier";
+ }
+
+ identity TLS_ECDHE_RSA_WITH_NULL_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDHE_RSA_WITH_NULL_SHA' algorithm.";
+ reference
+ "RFC 8422:
+ Elliptic Curve Cryptography (ECC) Cipher Suites for
+ Transport Layer Security (TLS) Versions 1.2 and Earlier";
+ }
+
+ identity TLS_ECDHE_RSA_WITH_RC4_128_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDHE_RSA_WITH_RC4_128_SHA' algorithm.";
+ reference
+ "RFC 8422:
+ Elliptic Curve Cryptography (ECC) Cipher Suites for
+ Transport Layer Security (TLS) Versions 1.2 and Earlier
+ RFC 6347:
+ Datagram Transport Layer Security Version 1.2";
+ }
+
+ identity TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 8422:
+ Elliptic Curve Cryptography (ECC) Cipher Suites for
+ Transport Layer Security (TLS) Versions 1.2 and Earlier";
+ }
+
+ identity TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 8422:
+ Elliptic Curve Cryptography (ECC) Cipher Suites for
+ Transport Layer Security (TLS) Versions 1.2 and Earlier";
+ }
+
+ identity TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 8422:
+ Elliptic Curve Cryptography (ECC) Cipher Suites for
+ Transport Layer Security (TLS) Versions 1.2 and Earlier";
+ }
+
+ identity TLS_ECDH_anon_WITH_NULL_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDH_anon_WITH_NULL_SHA' algorithm.";
+ reference
+ "RFC 8422:
+ Elliptic Curve Cryptography (ECC) Cipher Suites for
+ Transport Layer Security (TLS) Versions 1.2 and Earlier";
+ }
+
+ identity TLS_ECDH_anon_WITH_RC4_128_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDH_anon_WITH_RC4_128_SHA' algorithm.";
+ reference
+ "RFC 8422:
+ Elliptic Curve Cryptography (ECC) Cipher Suites for
+ Transport Layer Security (TLS) Versions 1.2 and Earlier
+ RFC 6347:
+ Datagram Transport Layer Security Version 1.2";
+ }
+
+ identity TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 8422:
+ Elliptic Curve Cryptography (ECC) Cipher Suites for
+ Transport Layer Security (TLS) Versions 1.2 and Earlier";
+ }
+
+ identity TLS_ECDH_anon_WITH_AES_128_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDH_anon_WITH_AES_128_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 8422:
+ Elliptic Curve Cryptography (ECC) Cipher Suites for
+ Transport Layer Security (TLS) Versions 1.2 and Earlier";
+ }
+
+ identity TLS_ECDH_anon_WITH_AES_256_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDH_anon_WITH_AES_256_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 8422:
+ Elliptic Curve Cryptography (ECC) Cipher Suites for
+ Transport Layer Security (TLS) Versions 1.2 and Earlier";
+ }
+
+ identity TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5054:
+ Using the Secure Remote Password (SRP) Protocol for TLS
+ Authentication";
+ }
+
+ identity TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5054:
+ Using the Secure Remote Password (SRP) Protocol for TLS
+ Authentication";
+ }
+
+ identity TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5054:
+ Using the Secure Remote Password (SRP) Protocol for TLS
+ Authentication";
+ }
+
+ identity TLS_SRP_SHA_WITH_AES_128_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_SRP_SHA_WITH_AES_128_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5054:
+ Using the Secure Remote Password (SRP) Protocol for TLS
+ Authentication";
+ }
+
+ identity TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5054:
+ Using the Secure Remote Password (SRP) Protocol for TLS
+ Authentication";
+ }
+
+ identity TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5054:
+ Using the Secure Remote Password (SRP) Protocol for TLS
+ Authentication";
+ }
+
+ identity TLS_SRP_SHA_WITH_AES_256_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_SRP_SHA_WITH_AES_256_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5054:
+ Using the Secure Remote Password (SRP) Protocol for TLS
+ Authentication";
+ }
+
+ identity TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5054:
+ Using the Secure Remote Password (SRP) Protocol for TLS
+ Authentication";
+ }
+
+ identity TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5054:
+ Using the Secure Remote Password (SRP) Protocol for TLS
+ Authentication";
+ }
+
+ identity TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 5289:
+ TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES
+ Galois Counter Mode (GCM)";
+ }
+
+ identity TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384'
+ algorithm.";
+ reference
+ "RFC 5289:
+ TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES
+ Galois Counter Mode (GCM)";
+ }
+
+ identity TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 5289:
+ TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES
+ Galois Counter Mode (GCM)";
+ }
+
+ identity TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384'
+ algorithm.";
+ reference
+ "RFC 5289:
+ TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES
+ Galois Counter Mode (GCM)";
+ }
+
+ identity TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 5289:
+ TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES
+ Galois Counter Mode (GCM)";
+ }
+
+ identity TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384'
+ algorithm.";
+ reference
+ "RFC 5289:
+ TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES
+ Galois Counter Mode (GCM)";
+ }
+
+ identity TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 5289:
+ TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES
+ Galois Counter Mode (GCM)";
+ }
+
+ identity TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384'
+ algorithm.";
+ reference
+ "RFC 5289:
+ TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES
+ Galois Counter Mode (GCM)";
+ }
+
+ identity TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 {
+ base cipher-suite-alg-base;
+ description
+ "Identity for the 'TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 5289:
+ TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES
+ Galois Counter Mode (GCM)";
+ }
+
+ identity TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 {
+ base cipher-suite-alg-base;
+ description
+ "Identity for the 'TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 5289:
+ TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES
+ Galois Counter Mode (GCM)";
+ }
+
+ identity TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 5289:
+ TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES
+ Galois Counter Mode (GCM)";
+ }
+
+ identity TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 5289:
+ TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES
+ Galois Counter Mode (GCM)";
+ }
+
+ identity TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 {
+ base cipher-suite-alg-base;
+ description
+ "Identity for the 'TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 5289:
+ TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES
+ Galois Counter Mode (GCM)";
+ }
+
+ identity TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 {
+ base cipher-suite-alg-base;
+ description
+ "Identity for the 'TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 5289:
+ TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES
+ Galois Counter Mode (GCM)";
+ }
+
+ identity TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 5289:
+ TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES
+ Galois Counter Mode (GCM)";
+ }
+
+ identity TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 5289:
+ TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES
+ Galois Counter Mode (GCM)";
+ }
+
+ identity TLS_ECDHE_PSK_WITH_RC4_128_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDHE_PSK_WITH_RC4_128_SHA' algorithm.";
+ reference
+ "RFC 5489:
+ ECDHE_PSK Cipher Suites for Transport Layer Security (TLS)
+ RFC 6347:
+ Datagram Transport Layer Security Version 1.2";
+ }
+
+ identity TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5489:
+ ECDHE_PSK Cipher Suites for Transport Layer Security (TLS)";
+ }
+
+ identity TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5489:
+ ECDHE_PSK Cipher Suites for Transport Layer Security (TLS)";
+ }
+
+ identity TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5489:
+ ECDHE_PSK Cipher Suites for Transport Layer Security (TLS)";
+ }
+
+ identity TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 5489:
+ ECDHE_PSK Cipher Suites for Transport Layer Security (TLS)";
+ }
+
+ identity TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384'
+ algorithm.";
+ reference
+ "RFC 5489:
+ ECDHE_PSK Cipher Suites for Transport Layer Security (TLS)";
+ }
+
+ identity TLS_ECDHE_PSK_WITH_NULL_SHA {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDHE_PSK_WITH_NULL_SHA' algorithm.";
+ reference
+ "RFC 5489:
+ ECDHE_PSK Cipher Suites for Transport Layer Security (TLS)";
+ }
+
+ identity TLS_ECDHE_PSK_WITH_NULL_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDHE_PSK_WITH_NULL_SHA256' algorithm.";
+ reference
+ "RFC 5489:
+ ECDHE_PSK Cipher Suites for Transport Layer Security (TLS)";
+ }
+
+ identity TLS_ECDHE_PSK_WITH_NULL_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDHE_PSK_WITH_NULL_SHA384' algorithm.";
+ reference
+ "RFC 5489:
+ ECDHE_PSK Cipher Suites for Transport Layer Security (TLS)";
+ }
+
+ identity TLS_RSA_WITH_ARIA_128_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_RSA_WITH_ARIA_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_RSA_WITH_ARIA_256_CBC_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_RSA_WITH_ARIA_256_CBC_SHA384'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_DH_anon_WITH_ARIA_128_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_anon_WITH_ARIA_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_DH_anon_WITH_ARIA_256_CBC_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_anon_WITH_ARIA_256_CBC_SHA384'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_RSA_WITH_ARIA_128_GCM_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_RSA_WITH_ARIA_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_RSA_WITH_ARIA_256_GCM_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_RSA_WITH_ARIA_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_DH_anon_WITH_ARIA_128_GCM_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_anon_WITH_ARIA_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_DH_anon_WITH_ARIA_256_GCM_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_anon_WITH_ARIA_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_PSK_WITH_ARIA_128_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_PSK_WITH_ARIA_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_PSK_WITH_ARIA_256_CBC_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_PSK_WITH_ARIA_256_CBC_SHA384'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_PSK_WITH_ARIA_128_GCM_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_PSK_WITH_ARIA_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_PSK_WITH_ARIA_256_GCM_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_PSK_WITH_ARIA_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the
+ 'TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256' algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the
+ 'TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384' algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384'
+ algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384'
+ algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384'
+ algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the
+ 'TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256' algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the
+ 'TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384' algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384'
+ algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384'
+ algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384'
+ algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384'
+ algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+
+ identity TLS_RSA_WITH_AES_128_CCM {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_RSA_WITH_AES_128_CCM' algorithm.";
+ reference
+ "RFC 6655:
+ AES-CCM Cipher Suites for Transport Layer Security (TLS)";
+ }
+
+ identity TLS_RSA_WITH_AES_256_CCM {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_RSA_WITH_AES_256_CCM' algorithm.";
+ reference
+ "RFC 6655:
+ AES-CCM Cipher Suites for Transport Layer Security (TLS)";
+ }
+
+ identity TLS_DHE_RSA_WITH_AES_128_CCM {
+ base cipher-suite-alg-base;
+ description
+ "Identity for the 'TLS_DHE_RSA_WITH_AES_128_CCM' algorithm.";
+ reference
+ "RFC 6655:
+ AES-CCM Cipher Suites for Transport Layer Security (TLS)";
+ }
+
+ identity TLS_DHE_RSA_WITH_AES_256_CCM {
+ base cipher-suite-alg-base;
+ description
+ "Identity for the 'TLS_DHE_RSA_WITH_AES_256_CCM' algorithm.";
+ reference
+ "RFC 6655:
+ AES-CCM Cipher Suites for Transport Layer Security (TLS)";
+ }
+
+ identity TLS_RSA_WITH_AES_128_CCM_8 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_RSA_WITH_AES_128_CCM_8' algorithm.";
+ reference
+ "RFC 6655:
+ AES-CCM Cipher Suites for Transport Layer Security (TLS)";
+ }
+
+ identity TLS_RSA_WITH_AES_256_CCM_8 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_RSA_WITH_AES_256_CCM_8' algorithm.";
+ reference
+ "RFC 6655:
+ AES-CCM Cipher Suites for Transport Layer Security (TLS)";
+ }
+
+ identity TLS_DHE_RSA_WITH_AES_128_CCM_8 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_RSA_WITH_AES_128_CCM_8' algorithm.";
+ reference
+ "RFC 6655:
+ AES-CCM Cipher Suites for Transport Layer Security (TLS)";
+ }
+
+ identity TLS_DHE_RSA_WITH_AES_256_CCM_8 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_DHE_RSA_WITH_AES_256_CCM_8' algorithm.";
+ reference
+ "RFC 6655:
+ AES-CCM Cipher Suites for Transport Layer Security (TLS)";
+ }
+
+ identity TLS_PSK_WITH_AES_128_CCM {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_PSK_WITH_AES_128_CCM' algorithm.";
+ reference
+ "RFC 6655:
+ AES-CCM Cipher Suites for Transport Layer Security (TLS)";
+ }
+
+ identity TLS_PSK_WITH_AES_256_CCM {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_PSK_WITH_AES_256_CCM' algorithm.";
+ reference
+ "RFC 6655:
+ AES-CCM Cipher Suites for Transport Layer Security (TLS)";
+ }
+
+ identity TLS_DHE_PSK_WITH_AES_128_CCM {
+ base cipher-suite-alg-base;
+ description
+ "Identity for the 'TLS_DHE_PSK_WITH_AES_128_CCM' algorithm.";
+ reference
+ "RFC 6655:
+ AES-CCM Cipher Suites for Transport Layer Security (TLS)";
+ }
+
+ identity TLS_DHE_PSK_WITH_AES_256_CCM {
+ base cipher-suite-alg-base;
+ description
+ "Identity for the 'TLS_DHE_PSK_WITH_AES_256_CCM' algorithm.";
+ reference
+ "RFC 6655:
+ AES-CCM Cipher Suites for Transport Layer Security (TLS)";
+ }
+
+ identity TLS_PSK_WITH_AES_128_CCM_8 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_PSK_WITH_AES_128_CCM_8' algorithm.";
+ reference
+ "RFC 6655:
+ AES-CCM Cipher Suites for Transport Layer Security (TLS)";
+ }
+
+ identity TLS_PSK_WITH_AES_256_CCM_8 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_PSK_WITH_AES_256_CCM_8' algorithm.";
+ reference
+ "RFC 6655:
+ AES-CCM Cipher Suites for Transport Layer Security (TLS)";
+ }
+
+ identity TLS_PSK_DHE_WITH_AES_128_CCM_8 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_PSK_DHE_WITH_AES_128_CCM_8' algorithm.";
+ reference
+ "RFC 6655:
+ AES-CCM Cipher Suites for Transport Layer Security (TLS)";
+ }
+
+ identity TLS_PSK_DHE_WITH_AES_256_CCM_8 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_PSK_DHE_WITH_AES_256_CCM_8' algorithm.";
+ reference
+ "RFC 6655:
+ AES-CCM Cipher Suites for Transport Layer Security (TLS)";
+ }
+
+ identity TLS_ECDHE_ECDSA_WITH_AES_128_CCM {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDHE_ECDSA_WITH_AES_128_CCM'
+ algorithm.";
+ reference
+ "RFC 7251:
+ AES-CCM Elliptic Curve Cryptography (ECC) Cipher Suites for
+ TLS";
+ }
+
+ identity TLS_ECDHE_ECDSA_WITH_AES_256_CCM {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDHE_ECDSA_WITH_AES_256_CCM'
+ algorithm.";
+ reference
+ "RFC 7251:
+ AES-CCM Elliptic Curve Cryptography (ECC) Cipher Suites for
+ TLS";
+ }
+
+ identity TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8'
+ algorithm.";
+ reference
+ "RFC 7251:
+ AES-CCM Elliptic Curve Cryptography (ECC) Cipher Suites for
+ TLS";
+ }
+
+ identity TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8'
+ algorithm.";
+ reference
+ "RFC 7251:
+ AES-CCM Elliptic Curve Cryptography (ECC) Cipher Suites for
+ TLS";
+ }
+
+ identity TLS_ECCPWD_WITH_AES_128_GCM_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECCPWD_WITH_AES_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 8492:
+ Secure Password Ciphersuites for Transport Layer Security
+ (TLS)";
+ }
+
+ identity TLS_ECCPWD_WITH_AES_256_GCM_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECCPWD_WITH_AES_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 8492:
+ Secure Password Ciphersuites for Transport Layer Security
+ (TLS)";
+ }
+
+ identity TLS_ECCPWD_WITH_AES_128_CCM_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECCPWD_WITH_AES_128_CCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 8492:
+ Secure Password Ciphersuites for Transport Layer Security
+ (TLS)";
+ }
+
+ identity TLS_ECCPWD_WITH_AES_256_CCM_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECCPWD_WITH_AES_256_CCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 8492:
+ Secure Password Ciphersuites for Transport Layer Security
+ (TLS)";
+ }
+
+ identity TLS_SHA256_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_SHA256_SHA256' algorithm.";
+ reference
+ "RFC 9150:
+ TLS 1.3 Authentication and Integrity-Only Cipher Suites";
+ }
+
+ identity TLS_SHA384_SHA384 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_SHA384_SHA384' algorithm.";
+ reference
+ "RFC 9150:
+ TLS 1.3 Authentication and Integrity-Only Cipher Suites";
+ }
+
+ identity TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the
+ 'TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC' algorithm.";
+ reference
+ "RFC 9189:
+ GOST Cipher Suites for Transport Layer Security (TLS)
+ Protocol Version 1.2";
+ }
+
+ identity TLS_GOSTR341112_256_WITH_MAGMA_CTR_OMAC {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_GOSTR341112_256_WITH_MAGMA_CTR_OMAC'
+ algorithm.";
+ reference
+ "RFC 9189:
+ GOST Cipher Suites for Transport Layer Security (TLS)
+ Protocol Version 1.2";
+ }
+
+ identity TLS_GOSTR341112_256_WITH_28147_CNT_IMIT {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_GOSTR341112_256_WITH_28147_CNT_IMIT'
+ algorithm.";
+ reference
+ "RFC 9189:
+ GOST Cipher Suites for Transport Layer Security (TLS)
+ Protocol Version 1.2";
+ }
+
+ identity TLS_GOSTR341112_256_WITH_KUZNYECHIK_MGM_L {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_GOSTR341112_256_WITH_KUZNYECHIK_MGM_L'
+ algorithm.";
+ reference
+ "RFC 9367:
+ GOST Cipher Suites for Transport Layer Security (TLS)
+ Protocol Version 1.3";
+ }
+
+ identity TLS_GOSTR341112_256_WITH_MAGMA_MGM_L {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_GOSTR341112_256_WITH_MAGMA_MGM_L'
+ algorithm.";
+ reference
+ "RFC 9367:
+ GOST Cipher Suites for Transport Layer Security (TLS)
+ Protocol Version 1.3";
+ }
+
+ identity TLS_GOSTR341112_256_WITH_KUZNYECHIK_MGM_S {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_GOSTR341112_256_WITH_KUZNYECHIK_MGM_S'
+ algorithm.";
+ reference
+ "RFC 9367:
+ GOST Cipher Suites for Transport Layer Security (TLS)
+ Protocol Version 1.3";
+ }
+
+ identity TLS_GOSTR341112_256_WITH_MAGMA_MGM_S {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_GOSTR341112_256_WITH_MAGMA_MGM_S'
+ algorithm.";
+ reference
+ "RFC 9367:
+ GOST Cipher Suites for Transport Layer Security (TLS)
+ Protocol Version 1.3";
+ }
+
+ identity TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 {
+ base cipher-suite-alg-base;
+ description
+ "Identity for the 'TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256'
+ algorithm.";
+ reference
+ "RFC 7905:
+ ChaCha20-Poly1305 Cipher Suites for Transport Layer Security
+ (TLS)";
+ }
+
+ identity TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 {
+ base cipher-suite-alg-base;
+ description
+ "Identity for the
+ 'TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256' algorithm.";
+ reference
+ "RFC 7905:
+ ChaCha20-Poly1305 Cipher Suites for Transport Layer Security
+ (TLS)";
+ }
+
+ identity TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 {
+ base cipher-suite-alg-base;
+ description
+ "Identity for the 'TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256'
+ algorithm.";
+ reference
+ "RFC 7905:
+ ChaCha20-Poly1305 Cipher Suites for Transport Layer Security
+ (TLS)";
+ }
+
+ identity TLS_PSK_WITH_CHACHA20_POLY1305_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_PSK_WITH_CHACHA20_POLY1305_SHA256'
+ algorithm.";
+ reference
+ "RFC 7905:
+ ChaCha20-Poly1305 Cipher Suites for Transport Layer Security
+ (TLS)";
+ }
+
+ identity TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 {
+ base cipher-suite-alg-base;
+ description
+ "Identity for the 'TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256'
+ algorithm.";
+ reference
+ "RFC 7905:
+ ChaCha20-Poly1305 Cipher Suites for Transport Layer Security
+ (TLS)";
+ }
+
+ identity TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256 {
+ base cipher-suite-alg-base;
+ description
+ "Identity for the 'TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256'
+ algorithm.";
+ reference
+ "RFC 7905:
+ ChaCha20-Poly1305 Cipher Suites for Transport Layer Security
+ (TLS)";
+ }
+
+ identity TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256'
+ algorithm.";
+ reference
+ "RFC 7905:
+ ChaCha20-Poly1305 Cipher Suites for Transport Layer Security
+ (TLS)";
+ }
+
+ identity TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256 {
+ base cipher-suite-alg-base;
+ description
+ "Identity for the 'TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 8442:
+ ECDHE_PSK with AES-GCM and AES-CCM Cipher Suites for TLS 1.2
+ and DTLS 1.2";
+ }
+
+ identity TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384 {
+ base cipher-suite-alg-base;
+ description
+ "Identity for the 'TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 8442:
+ ECDHE_PSK with AES-GCM and AES-CCM Cipher Suites for TLS 1.2
+ and DTLS 1.2";
+ }
+
+ identity TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256 {
+ base cipher-suite-alg-base;
+ status deprecated;
+ description
+ "Identity for the 'TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256'
+ algorithm.";
+ reference
+ "RFC 8442:
+ ECDHE_PSK with AES-GCM and AES-CCM Cipher Suites for TLS 1.2
+ and DTLS 1.2";
+ }
+
+ identity TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256 {
+ base cipher-suite-alg-base;
+ description
+ "Identity for the 'TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 8442:
+ ECDHE_PSK with AES-GCM and AES-CCM Cipher Suites for TLS 1.2
+ and DTLS 1.2";
+ }
+
+}
"WG List: NETCONF WG list <mailto:netconf@ietf.org>
WG Web: https://datatracker.ietf.org/wg/netconf
Author: Kent Watsen <mailto:kent+ietf@watsen.net>
- Author: Jeff Hartley <mailto:jeff.hartley@commscope.com>";
+ Author: Jeff Hartley <mailto:intensifysecurity@gmail.com>";
description
"This module defines reusable groupings for TLS clients that
can be used as a basis for specific TLS client instances.
- Copyright (c) 2023 IETF Trust and the persons identified
+ Copyright (c) 2024 IETF Trust and the persons identified
as authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with
(RFC 8174) when, and only when, they appear in all
capitals, as shown here.";
- revision 2023-12-28 {
+ revision 2024-02-08 {
description
"Initial version";
reference
"WG List: NETCONF WG list <mailto:netconf@ietf.org>
WG Web: https://datatracker.ietf.org/wg/netconf
Author: Kent Watsen <mailto:kent+ietf@watsen.net>
- Author: Jeff Hartley <mailto:jeff.hartley@commscope.com>
+ Author: Jeff Hartley <mailto:intensifysecurity@gmail.com>
Author: Gary Wu <mailto:garywu@cisco.com>";
description
"This module defines a common features and groupings for
Transport Layer Security (TLS).
- Copyright (c) 2023 IETF Trust and the persons identified
+ Copyright (c) 2024 IETF Trust and the persons identified
as authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with
(RFC 8174) when, and only when, they appear in all
capitals, as shown here.";
- revision 2023-12-28 {
+ revision 2024-02-08 {
description
"Initial version";
reference
// Features
- feature tls10 {
- status "obsolete";
- description
- "TLS Protocol Version 1.0 is supported. TLS 1.0 is obsolete
- and thus it is NOT RECOMMENDED to enable this feature.";
- reference
- "RFC 2246: The TLS Protocol Version 1.0";
- }
-
- feature tls11 {
- status "obsolete";
- description
- "TLS Protocol Version 1.1 is supported. TLS 1.1 is obsolete
- and thus it is NOT RECOMMENDED to enable this feature.";
- reference
- "RFC 4346: The Transport Layer Security (TLS) Protocol
- Version 1.1";
- }
-
feature tls12 {
status "deprecated";
description
"TLS hello message parameters are configurable.";
}
- feature public-key-generation {
+ feature algorithm-discovery {
description
"Indicates that the server implements the
- 'generate-public-key' RPC.";
+ 'supported-algorithms' container.";
}
- // Identities
-
- identity tls-version-base {
+ feature asymmetric-key-pair-generation {
description
- "Base identity used to identify TLS protocol versions.";
+ "Indicates that the server implements the
+ 'generate-asymmetric-key-pair' RPC.";
}
- identity tls10 {
- if-feature "tls10";
- base tls-version-base;
- status "obsolete";
- description
- "TLS Protocol Version 1.0.";
- reference
- "RFC 2246: The TLS Protocol Version 1.0";
- }
+ // Identities
- identity tls11 {
- if-feature "tls11";
- base tls-version-base;
- status "obsolete";
+ identity tls-version-base {
description
- "TLS Protocol Version 1.1.";
- reference
- "RFC 4346: The Transport Layer Security (TLS) Protocol
- Version 1.1";
+ "Base identity used to identify TLS protocol versions.";
}
identity tls12 {
}
} // hello-params-grouping
- rpc generate-public-key {
- if-feature "public-key-generation";
+
+ // Protocol-accessible Nodes
+
+ container supported-algorithms {
+ if-feature "algorithm-discovery";
+ config false;
+ description
+ "A container for a list of cipher suite algorithms supported
+ by the server.";
+ leaf-list supported-algorithm {
+ type tlscsa:cipher-suite-algorithm-ref;
+ description
+ "A cipher suite algorithm supported by the server.";
+ }
+ }
+
+ rpc generate-asymmetric-key-pair {
+ if-feature "asymmetric-key-pair-generation";
description
- "Requests the device to generate an public key using
- the specified key algorithm.";
+ "Requests the device to generate an asymmetric-key-pair
+ key using the specified key algorithm.";
input {
leaf algorithm {
type tlscsa:cipher-suite-algorithm-ref;
output {
uses ct:asymmetric-key-pair-grouping;
}
- } // end generate-public-key
+ } // end generate-asymmetric-key-pair
}
"WG List: NETCONF WG list <mailto:netconf@ietf.org>
WG Web: https://datatracker.ietf.org/wg/netconf
Author: Kent Watsen <mailto:kent+ietf@watsen.net>
- Author: Jeff Hartley <mailto:jeff.hartley@commscope.com>";
+ Author: Jeff Hartley <mailto:intensifysecurity@gmail.com>";
description
"This module defines reusable groupings for TLS servers that
can be used as a basis for specific TLS server instances.
- Copyright (c) 2023 IETF Trust and the persons identified
+ Copyright (c) 2024 IETF Trust and the persons identified
as authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with
(RFC 8174) when, and only when, they appear in all
capitals, as shown here.";
- revision 2023-12-28 {
+ revision 2024-02-08 {
description
"Initial version";
reference
import org.junit.jupiter.params.ParameterizedTest;
import org.junit.jupiter.params.provider.Arguments;
import org.junit.jupiter.params.provider.MethodSource;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev231228.EcPrivateKeyFormat;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev231228.PrivateKeyFormat;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev231228.PublicKeyFormat;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev231228.RsaPrivateKeyFormat;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev231228.SshPublicKeyFormat;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev231228.SubjectPublicKeyInfoFormat;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.client.rev231228.tls.client.grouping.server.authentication.CaCertsBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.client.rev231228.tls.client.grouping.server.authentication.EeCertsBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev240208.EcPrivateKeyFormat;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev240208.PrivateKeyFormat;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev240208.PublicKeyFormat;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev240208.RsaPrivateKeyFormat;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev240208.SshPublicKeyFormat;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev240208.SubjectPublicKeyInfoFormat;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.client.rev240208.tls.client.grouping.server.authentication.CaCertsBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.client.rev240208.tls.client.grouping.server.authentication.EeCertsBuilder;
class ConfigUtilsTest {
import org.bouncycastle.crypto.util.PublicKeyFactory;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev231228.EndEntityCertCms;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev231228.PrivateKeyFormat;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev231228.PublicKeyFormat;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev231228.TrustAnchorCertCms;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev231228._private.key.grouping._private.key.type.CleartextPrivateKeyBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore.rev231228.InlineOrKeystoreAsymmetricKeyGrouping;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore.rev231228.InlineOrKeystoreEndEntityCertWithKeyGrouping;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.server.rev231228.tls.server.grouping.server.identity.auth.type.raw._private.key.RawPrivateKeyBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.truststore.rev231228.inline.or.truststore.certs.grouping.InlineOrTruststore;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.truststore.rev231228.inline.or.truststore.certs.grouping.inline.or.truststore.inline.inline.definition.CertificateBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev240208.EndEntityCertCms;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev240208.PrivateKeyFormat;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev240208.PublicKeyFormat;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev240208.TrustAnchorCertCms;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev240208._private.key.grouping._private.key.type.CleartextPrivateKeyBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore.rev240208.InlineOrKeystoreAsymmetricKeyGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore.rev240208.InlineOrKeystoreEndEntityCertWithKeyGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.server.rev240208.tls.server.grouping.server.identity.auth.type.raw._private.key.RawPrivateKeyBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.truststore.rev240208.inline.or.truststore.certs.grouping.InlineOrTruststore;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.truststore.rev240208.inline.or.truststore.certs.grouping.inline.or.truststore.inline.inline.definition.CertificateBuilder;
import org.opendaylight.yangtools.yang.binding.util.BindingMap;
public final class TestUtils {
}
public static InlineOrTruststore buildInlineOrTruststore(final Map<String, byte[]> certNameToBytesMap) {
- return new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.truststore.rev231228
+ return new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.truststore.rev240208
.inline.or.truststore.certs.grouping.inline.or.truststore.InlineBuilder()
- .setInlineDefinition(new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.truststore.rev231228
+ .setInlineDefinition(new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.truststore.rev240208
.inline.or.truststore.certs.grouping.inline.or.truststore.inline.InlineDefinitionBuilder()
.setCertificate(certNameToBytesMap.entrySet().stream()
.map(entry -> new CertificateBuilder()
final PublicKeyFormat publicKeyFormat, final byte[] publicKeyBytes,
final PrivateKeyFormat privateKeyFormat, final byte[] privateKeyBytes) {
return new RawPrivateKeyBuilder()
- .setInlineOrKeystore(new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore.rev231228
+ .setInlineOrKeystore(new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore.rev240208
.inline.or.keystore.asymmetric.key.grouping.inline.or.keystore.InlineBuilder()
.setInlineDefinition(new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore
- .rev231228.inline.or.keystore.asymmetric.key.grouping.inline.or.keystore.inline
+ .rev240208.inline.or.keystore.asymmetric.key.grouping.inline.or.keystore.inline
.InlineDefinitionBuilder()
.setPublicKeyFormat(publicKeyFormat)
.setPublicKey(publicKeyBytes)
public static InlineOrKeystoreEndEntityCertWithKeyGrouping buildEndEntityCertWithKeyGrouping(
final PublicKeyFormat publicKeyFormat, final byte[] publicKeyBytes,
final PrivateKeyFormat privateKeyFormat, final byte[] privateKeyBytes, final byte[] certificateBytes) {
- return new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.server.rev231228
+ return new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.server.rev240208
.tls.server.grouping.server.identity.auth.type.certificate.CertificateBuilder()
- .setInlineOrKeystore(new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore.rev231228
+ .setInlineOrKeystore(new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore.rev240208
.inline.or.keystore.end.entity.cert.with.key.grouping.inline.or.keystore.InlineBuilder()
.setInlineDefinition(new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.keystore
- .rev231228.inline.or.keystore.end.entity.cert.with.key.grouping.inline.or.keystore.inline
+ .rev240208.inline.or.keystore.end.entity.cert.with.key.grouping.inline.or.keystore.inline
.InlineDefinitionBuilder()
.setPublicKeyFormat(publicKeyFormat)
.setPublicKey(publicKeyBytes)
import org.opendaylight.netconf.transport.api.TransportChannelListener;
import org.opendaylight.netconf.transport.api.UnsupportedConfigurationException;
import org.opendaylight.netconf.transport.tcp.NettyTransportSupport;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev231228.EcPrivateKeyFormat;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev231228.RsaPrivateKeyFormat;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev231228.SubjectPublicKeyInfoFormat;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev240208.EcPrivateKeyFormat;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev240208.RsaPrivateKeyFormat;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev240208.SubjectPublicKeyInfoFormat;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.Host;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.IetfInetUtil;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.PortNumber;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.client.rev231228.TcpClientGrouping;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.server.rev231228.TcpServerGrouping;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.client.rev231228.TlsClientGrouping;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.client.rev231228.tls.client.grouping.ClientIdentityBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.client.rev231228.tls.client.grouping.ServerAuthenticationBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.server.rev231228.TlsServerGrouping;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.server.rev231228.tls.server.grouping.ClientAuthenticationBuilder;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.server.rev231228.tls.server.grouping.ServerIdentityBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.client.rev240208.TcpClientGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.server.rev240208.TcpServerGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.client.rev240208.TlsClientGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.client.rev240208.tls.client.grouping.ClientIdentityBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.client.rev240208.tls.client.grouping.ServerAuthenticationBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.server.rev240208.TlsServerGrouping;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.server.rev240208.tls.server.grouping.ClientAuthenticationBuilder;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.server.rev240208.tls.server.grouping.ServerIdentityBuilder;
import org.opendaylight.yangtools.yang.common.Uint16;
@ExtendWith(MockitoExtension.class)
// client config
final var clientIdentity = new ClientIdentityBuilder()
- .setAuthType(new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.client.rev231228
+ .setAuthType(new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.client.rev240208
.tls.client.grouping.client.identity.auth.type.CertificateBuilder()
- .setCertificate(new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.client.rev231228
+ .setCertificate(new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.client.rev240208
.tls.client.grouping.client.identity.auth.type.certificate.CertificateBuilder()
.setInlineOrKeystore(inlineOrKeystore)
.build())
.build())
.build();
final var serverAuth = new ServerAuthenticationBuilder()
- .setCaCerts(new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.client.rev231228
+ .setCaCerts(new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.client.rev240208
.tls.client.grouping.server.authentication.CaCertsBuilder()
.setInlineOrTruststore(inlineOrTrustStore)
.build())
// server config
final var serverIdentity = new ServerIdentityBuilder()
- .setAuthType(new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.server.rev231228
+ .setAuthType(new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.server.rev240208
.tls.server.grouping.server.identity.auth.type.CertificateBuilder()
- .setCertificate(new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.server.rev231228
+ .setCertificate(new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.server.rev240208
.tls.server.grouping.server.identity.auth.type.certificate.CertificateBuilder()
.setInlineOrKeystore(inlineOrKeystore)
.build())
.build())
.build();
final var clientAuth = new ClientAuthenticationBuilder()
- .setCaCerts(new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.server.rev231228
+ .setCaCerts(new org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tls.server.rev240208
.tls.server.grouping.client.authentication.CaCertsBuilder()
.setInlineOrTruststore(inlineOrTrustStore)
.build())
"This module defines a 'truststore' to centralize management
of trust anchors including certificates and public keys.
- Copyright (c) 2023 IETF Trust and the persons identified
+ Copyright (c) 2024 IETF Trust and the persons identified
as authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with
(RFC 8174) when, and only when, they appear in all
capitals, as shown here.";
- revision 2023-12-28 {
+ revision 2024-02-08 {
description
"Initial version";
reference
/* Typedefs */
/****************/
- typedef certificate-bag-ref {
+ typedef central-certificate-bag-ref {
type leafref {
path "/ts:truststore/ts:certificate-bags/"
+ "ts:certificate-bag/ts:name";
in the central truststore.";
}
- typedef certificate-ref {
+ typedef central-certificate-ref {
type leafref {
path "/ts:truststore/ts:certificate-bags/ts:certificate-bag"
+ "[ts:name = current()/../certificate-bag]/"
in a certificate bag in the central truststore. This typedef
requires that there exist a sibling 'leaf' node called
'certificate-bag' that SHOULD have the typedef
- 'certificate-bag-ref'.";
+ 'central-certificate-bag-ref'.";
}
- typedef public-key-bag-ref {
+ typedef central-public-key-bag-ref {
type leafref {
path "/ts:truststore/ts:public-key-bags/"
+ "ts:public-key-bag/ts:name";
in the central truststore.";
}
- typedef public-key-ref {
+ typedef central-public-key-ref {
type leafref {
path "/ts:truststore/ts:public-key-bags/ts:public-key-bag"
+ "[ts:name = current()/../public-key-bag]/"
in a public key bag in the truststore. This typedef
requires that there exist a sibling 'leaf' node called
'public-key-bag' that SHOULD have the typedef
- 'public-key-bag-ref'.";
+ 'central-public-key-bag-ref'.";
}
/*****************/
// *-ref groupings
- grouping certificate-ref-grouping {
+ grouping central-certificate-ref-grouping {
description
"Grouping for the reference to a certificate in a
certificate-bag in the central truststore.";
nacm:default-deny-write;
if-feature "central-truststore-supported";
if-feature "certificates";
- type ts:certificate-bag-ref;
+ type ts:central-certificate-bag-ref;
must "../certificate";
description
"Reference to a certificate-bag in the truststore.";
}
leaf certificate {
nacm:default-deny-write;
-
- // FIXME: these two lines are missing in the published model
if-feature "central-truststore-supported";
if-feature "certificates";
-
- type ts:certificate-ref;
+ type ts:central-certificate-ref;
must "../certificate-bag";
description
"Reference to a specific certificate in the
}
}
- grouping public-key-ref-grouping {
+ grouping central-public-key-ref-grouping {
description
"Grouping for the reference to a public key in a
public-key-bag in the central truststore.";
nacm:default-deny-write;
if-feature "central-truststore-supported";
if-feature "public-keys";
- type ts:public-key-bag-ref;
+ type ts:central-public-key-bag-ref;
description
- "Reference of a public key bag in the truststore inlucding
+ "Reference of a public key bag in the truststore including
the certificate to authenticate the TLS client.";
}
leaf public-key {
nacm:default-deny-write;
-
- // FIXME: these two lines are missing in the published model
if-feature "central-truststore-supported";
if-feature "public-keys";
-
- type ts:public-key-ref;
+ type ts:central-public-key-ref;
description
"Reference to a specific public key in the
referenced public-key-bag.";
The list of certificate may be defined inline or as a
reference to a certificate bag in the central truststore.
- Servers that do not define the 'central-truststore-supported'
- feature SHOULD augment in custom 'case' statements enabling
- references to alternate truststore locations.";
+ Servers that wish to define alternate truststore locations
+ MUST augment in custom 'case' statements enabling
+ references to those alternate truststore locations.";
choice inline-or-truststore {
nacm:default-deny-write;
mandatory true;
key "name";
min-elements 1;
description
- "A trust anchor certificate.";
+ "A trust anchor certificate or chain of certificates.";
leaf name {
type string;
description
if-feature "central-truststore-supported";
if-feature "certificates";
leaf central-truststore-reference {
- type ts:certificate-bag-ref;
+ type ts:central-certificate-bag-ref;
description
"A reference to a certificate bag that exists in the
central truststore.";
configured locally, within the using data model, or be a
reference to a public key bag stored in the truststore.
- Servers that do not define the 'central-truststore-supported'
- feature SHOULD augment in custom 'case' statements enabling
- references to alternate truststore locations.";
+ Servers that wish to define alternate truststore locations
+ SHOULD augment in custom 'case' statements enabling
+ references to those alternate truststore locations.";
choice inline-or-truststore {
nacm:default-deny-write;
mandatory true;
if-feature "central-truststore-supported";
if-feature "public-keys";
leaf central-truststore-reference {
- type ts:public-key-bag-ref;
+ type ts:central-public-key-bag-ref;
description
"A reference to a bag of public keys that exists
in the central truststore.";
list certificate-bag {
key "name";
description
- "A bag of certificates. Each bag of certificates SHOULD
+ "A bag of certificates. Each bag of certificates should
be for a specific purpose. For instance, one bag could
be used to authenticate a specific set of servers, while
another could be used to authenticate a specific set of
list certificate {
key "name";
description
- "A trust anchor certificate.";
+ "A trust anchor certificate or chain of certificates.";
leaf name {
type string;
description
type string;
description
"A description for this bag public keys. The
- intended purpose for the bag SHOULD be described.";
+ intended purpose for the bag MUST be described.";
}
list public-key {
key "name";
import java.util.Set;
import org.eclipse.jdt.annotation.NonNullByDefault;
import org.kohsuke.MetaInfServices;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.truststore.rev231228.IetfTruststoreData;
-import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.truststore.rev231228.InlineDefinitionsSupported;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.truststore.rev240208.IetfTruststoreData;
+import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.truststore.rev240208.InlineDefinitionsSupported;
import org.opendaylight.yangtools.yang.binding.YangFeature;
import org.opendaylight.yangtools.yang.binding.YangFeatureProvider;