idnits 2.17.1 draft-ietf-netconf-crypto-types-02.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 125 has weird spacing: '...gorithm asy...' == Line 142 has weird spacing: '...gorithm asy...' == Line 154 has weird spacing: '...on-date yan...' == Line 160 has weird spacing: '...request bin...' == Line 164 has weird spacing: '...on-date yan...' == (2 more instances...) == Using lowercase 'not' together with uppercase 'MUST', 'SHALL', 'SHOULD', or 'RECOMMENDED' is not an accepted usage according to RFC 2119. Please use uppercase 'NOT' together with RFC 2119 keywords (if that is what you mean). Found 'MUST not' in this paragraph: o Clarified in asymmetric-key-pair-with-certs-grouping, in certificates/certificate/name/description, that if the name MUST not match the name of a certificate that exists independently in , enabling certs installed by the manufacturer (e.g., an IDevID). -- The document date (October 22, 2018) is 2012 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Possible downref: Non-RFC (?) normative reference: ref. 'ITU.X690.2015' ** Downref: Normative reference to an Informational RFC: RFC 2986 ** Downref: Normative reference to an Informational RFC: RFC 3174 ** Downref: Normative reference to an Informational RFC: RFC 4493 ** Downref: Normative reference to an Informational RFC: RFC 5915 ** Downref: Normative reference to an Informational RFC: RFC 6234 ** Downref: Normative reference to an Historic RFC: RFC 6239 ** Downref: Normative reference to an Informational RFC: RFC 6507 ** Obsolete normative reference: RFC 7539 (Obsoleted by RFC 8439) ** Downref: Normative reference to an Informational RFC: RFC 8017 ** Downref: Normative reference to an Informational RFC: RFC 8032 -- Obsolete informational reference (is this intentional?): RFC 6125 (Obsoleted by RFC 9525) Summary: 10 errors (**), 0 flaws (~~), 8 warnings (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 NETCONF Working Group K. Watsen 3 Internet-Draft Juniper Networks 4 Intended status: Standards Track H. Wang 5 Expires: April 25, 2019 Huawei 6 October 22, 2018 8 Common YANG Data Types for Cryptography 9 draft-ietf-netconf-crypto-types-02 11 Abstract 13 This document defines YANG identities, typedefs, the groupings useful 14 for cryptographic applications. 16 Editorial Note (To be removed by RFC Editor) 18 This draft contains many placeholder values that need to be replaced 19 with finalized values at the time of publication. This note 20 summarizes all of the substitutions that are needed. No other RFC 21 Editor instructions are specified elsewhere in this document. 23 Artwork in this document contains shorthand references to drafts in 24 progress. Please apply the following replacements: 26 o "XXXX" --> the assigned RFC value for this draft 28 Artwork in this document contains placeholder values for the date of 29 publication of this draft. Please apply the following replacement: 31 o "2018-10-22" --> the publication date of this draft 33 The following Appendix section is to be removed prior to publication: 35 o Appendix B. Change Log 37 Status of This Memo 39 This Internet-Draft is submitted in full conformance with the 40 provisions of BCP 78 and BCP 79. 42 Internet-Drafts are working documents of the Internet Engineering 43 Task Force (IETF). Note that other groups may also distribute 44 working documents as Internet-Drafts. The list of current Internet- 45 Drafts is at https://datatracker.ietf.org/drafts/current/. 47 Internet-Drafts are draft documents valid for a maximum of six months 48 and may be updated, replaced, or obsoleted by other documents at any 49 time. It is inappropriate to use Internet-Drafts as reference 50 material or to cite them other than as "work in progress." 52 This Internet-Draft will expire on April 25, 2019. 54 Copyright Notice 56 Copyright (c) 2018 IETF Trust and the persons identified as the 57 document authors. All rights reserved. 59 This document is subject to BCP 78 and the IETF Trust's Legal 60 Provisions Relating to IETF Documents 61 (https://trustee.ietf.org/license-info) in effect on the date of 62 publication of this document. Please review these documents 63 carefully, as they describe your rights and restrictions with respect 64 to this document. Code Components extracted from this document must 65 include Simplified BSD License text as described in Section 4.e of 66 the Trust Legal Provisions and are provided without warranty as 67 described in the Simplified BSD License. 69 Table of Contents 71 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 72 2. The Crypto Types Module . . . . . . . . . . . . . . . . . . . 3 73 2.1. Tree Diagram . . . . . . . . . . . . . . . . . . . . . . 3 74 2.2. YANG Module . . . . . . . . . . . . . . . . . . . . . . . 4 75 3. Security Considerations . . . . . . . . . . . . . . . . . . . 39 76 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 40 77 4.1. The IETF XML Registry . . . . . . . . . . . . . . . . . . 40 78 4.2. The YANG Module Names Registry . . . . . . . . . . . . . 40 79 5. References . . . . . . . . . . . . . . . . . . . . . . . . . 40 80 5.1. Normative References . . . . . . . . . . . . . . . . . . 40 81 5.2. Informative References . . . . . . . . . . . . . . . . . 44 82 Appendix A. Examples . . . . . . . . . . . . . . . . . . . . . . 45 83 A.1. The "asymmetric-key-pair-with-certs-grouping" Grouping . 45 84 A.2. The "generate-hidden-key" Action . . . . . . . . . . . . 47 85 A.3. The "install-hidden-key" Action . . . . . . . . . . . . . 48 86 A.4. The "generate-certificate-signing-request" Action . . . . 49 87 A.5. The "certificate-expiration" Notification . . . . . . . . 50 88 Appendix B. Change Log . . . . . . . . . . . . . . . . . . . . . 51 89 B.1. I-D to 00 . . . . . . . . . . . . . . . . . . . . . . . . 51 90 B.2. 00 to 01 . . . . . . . . . . . . . . . . . . . . . . . . 51 91 B.3. 01 to 02 . . . . . . . . . . . . . . . . . . . . . . . . 51 92 Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 52 93 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 52 95 1. Introduction 97 This document defines a YANG 1.1 [RFC7950] module specifying 98 identities, typedefs, and groupings useful for cryptography. 100 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 101 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 102 "OPTIONAL" in this document are to be interpreted as described in BCP 103 14 [RFC2119] [RFC8174] when, and only when, they appear in all 104 capitals, as shown here. 106 2. The Crypto Types Module 108 2.1. Tree Diagram 110 This section provides a tree diagram [RFC8340] for the "ietf-crypto- 111 types" module. Only the groupings as represented, as tree diagrams 112 have no means to represent identities or typedefs. 114 [Note: '\' line wrapping for formatting only] 116 module: ietf-crypto-types 118 grouping asymmetric-key-pair-grouping 119 +-- algorithm? asymmetric-key-encryption-algorithm-r\ 120 ef 121 +-- public-key? binary 122 +-- private-key? union 123 +---x generate-hidden-key 124 | +---w input 125 | +---w algorithm asymmetric-key-encryption-algorithm-ref 126 +---x install-hidden-key 127 +---w input 128 +---w algorithm asymmetric-key-encryption-algorithm-r\ 129 ef 130 +---w public-key? binary 131 +---w private-key? binary 132 grouping public-key-grouping 133 +-- algorithm? asymmetric-key-encryption-algorithm-ref 134 +-- public-key? binary 135 grouping asymmetric-key-pair-with-certs-grouping 136 +-- algorithm? 137 | asymmetric-key-encryption-algorithm-ref 138 +-- public-key? binary 139 +-- private-key? union 140 +---x generate-hidden-key 141 | +---w input 142 | +---w algorithm asymmetric-key-encryption-algorithm-ref 143 +---x install-hidden-key 144 | +---w input 145 | +---w algorithm asymmetric-key-encryption-algorithm-r\ 146 ef 147 | +---w public-key? binary 148 | +---w private-key? binary 149 +-- certificates 150 | +-- certificate* [name] 151 | +-- name? string 152 | +-- cert? end-entity-cert-cms 153 | +---n certificate-expiration 154 | +-- expiration-date yang:date-and-time 155 +---x generate-certificate-signing-request 156 +---w input 157 | +---w subject binary 158 | +---w attributes? binary 159 +--ro output 160 +--ro certificate-signing-request binary 161 grouping end-entity-cert-grouping 162 +-- cert? end-entity-cert-cms 163 +---n certificate-expiration 164 +-- expiration-date yang:date-and-time 165 grouping trust-anchor-cert-grouping 166 +-- cert? trust-anchor-cert-cms 167 +---n certificate-expiration 168 +-- expiration-date yang:date-and-time 170 2.2. YANG Module 172 This module has normative references to [RFC2404], [RFC2986], 173 [RFC3174], [RFC3565], [RFC3686], [RFC4106], [RFC4253], [RFC4279], 174 [RFC4309], [RFC4493], [RFC4494], [RFC4543], [RFC4868], [RFC5280], 175 [RFC5652], [RFC5656], [RFC5915], [RFC6187], [RFC6234], [RFC6239], 176 [RFC6507], [RFC6991], [RFC7539], [RFC7919], [RFC8017], [RFC8032], 177 [RFC8268], [RFC8332], [RFC8341], [RFC8422], [RFC8446], and 178 [ITU.X690.2015]. 180 This module has an informational reference to [RFC6125]. 182 file "ietf-crypto-types@2018-10-22.yang" 183 module ietf-crypto-types { 184 yang-version 1.1; 186 namespace "urn:ietf:params:xml:ns:yang:ietf-crypto-types"; 187 prefix "ct"; 189 import ietf-yang-types { 190 prefix yang; 191 reference 192 "RFC 6991: Common YANG Data Types"; 193 } 195 import ietf-netconf-acm { 196 prefix nacm; 197 reference 198 "RFC 8341: Network Configuration Access Control Model"; 199 } 201 organization 202 "IETF NETCONF (Network Configuration) Working Group"; 204 contact 205 "WG Web: 206 WG List: 208 Author: Kent Watsen 209 211 Author: Wang Haiguang 212 "; 214 description 215 "This module defines common YANG types for cryptographic 216 applications. 218 Copyright (c) 2018 IETF Trust and the persons identified 219 as authors of the code. All rights reserved. 221 Redistribution and use in source and binary forms, with 222 or without modification, is permitted pursuant to, and 223 subject to the license terms contained in, the Simplified 224 BSD License set forth in Section 4.c of the IETF Trust's 225 Legal Provisions Relating to IETF Documents 226 (http://trustee.ietf.org/license-info). 228 This version of this YANG module is part of RFC XXXX; see 229 the RFC itself for full legal notices."; 231 revision "2018-10-22" { 232 description 233 "Initial version"; 234 reference 235 "RFC XXXX: Common YANG Data Types for Cryptography"; 236 } 237 /**************************************/ 238 /* Identities for Hash Algorithms */ 239 /**************************************/ 241 identity hash-algorithm { 242 description 243 "A base identity for hash algorithm verification."; 244 } 246 identity sha-224 { 247 base "hash-algorithm"; 248 description "The SHA-224 algorithm."; 249 reference "RFC 6234: US Secure Hash Algorithms."; 250 } 252 identity sha-256 { 253 base "hash-algorithm"; 254 description "The SHA-256 algorithm."; 255 reference "RFC 6234: US Secure Hash Algorithms."; 256 } 258 identity sha-384 { 259 base "hash-algorithm"; 260 description "The SHA-384 algorithm."; 261 reference "RFC 6234: US Secure Hash Algorithms."; 262 } 264 identity sha-512 { 265 base "hash-algorithm"; 266 description "The SHA-512 algorithm."; 267 reference "RFC 6234: US Secure Hash Algorithms."; 268 } 270 /********************************************************/ 271 /* Identities for Asymmetric Key Encyption Algorithms */ 272 /********************************************************/ 274 identity asymmetric-key-encryption-algorithm { 275 description 276 "Base identity from which all asymmetric key 277 encryption Algorithm."; 278 } 280 identity rsa1024 { 281 base asymmetric-key-encryption-algorithm; 282 description 283 "The RSA algorithm using a 1024-bit key."; 284 reference 285 "RFC 8017: 286 PKCS #1: RSA Cryptography Specifications Version 2.2."; 287 } 289 identity rsa2048 { 290 base asymmetric-key-encryption-algorithm; 291 description 292 "The RSA algorithm using a 2048-bit key."; 293 reference 294 "RFC 8017: 295 PKCS #1: RSA Cryptography Specifications Version 2.2."; 296 } 298 identity rsa3072 { 299 base asymmetric-key-encryption-algorithm; 300 description 301 "The RSA algorithm using a 3072-bit key."; 302 reference 303 "RFC 8017: 304 PKCS #1: RSA Cryptography Specifications Version 2.2."; 305 } 307 identity rsa4096 { 308 base asymmetric-key-encryption-algorithm; 309 description 310 "The RSA algorithm using a 4096-bit key."; 311 reference 312 "RFC 8017: 313 PKCS #1: RSA Cryptography Specifications Version 2.2."; 314 } 316 identity rsa7680 { 317 base asymmetric-key-encryption-algorithm; 318 description 319 "The RSA algorithm using a 7680-bit key."; 320 reference 321 "RFC 8017: 322 PKCS #1: RSA Cryptography Specifications Version 2.2."; 323 } 325 identity rsa15360 { 326 base asymmetric-key-encryption-algorithm; 327 description 328 "The RSA algorithm using a 15360-bit key."; 329 reference 330 "RFC 8017: 331 PKCS #1: RSA Cryptography Specifications Version 2.2."; 332 } 333 /*************************************/ 334 /* Identities for MAC Algorithms */ 335 /*************************************/ 337 identity mac-algorithm { 338 description 339 "A base identity for mac generation."; 340 } 342 identity hmac-sha1 { 343 base "mac-algorithm"; 344 description "Generating MAC using SHA1 hash function"; 345 reference "RFC 3174: US Secure Hash Algorithm 1 (SHA1)"; 346 } 348 identity hmac-sha1-96 { 349 base "mac-algorithm"; 350 description "Generating MAC using SHA1 hash function"; 351 reference "RFC 2404: The Use of HMAC-SHA-1-96 within ESP and AH"; 352 } 354 identity hmac-sha2-224 { 355 base "mac-algorithm"; 356 description 357 "Generating MAC using SHA2 hash function"; 358 reference 359 "RFC 6234: 360 US Secure Hash Algorithms (SHA and SHA-based HMAC and HKDF)"; 361 } 363 identity hmac-sha2-256 { 364 base "mac-algorithm"; 365 description 366 "Generating MAC using SHA2 hash function"; 367 reference 368 "RFC 6234: 369 US Secure Hash Algorithms (SHA and SHA-based HMAC and HKDF)"; 370 } 372 identity hmac-sha2-256-128 { 373 base "mac-algorithm"; 374 description 375 "Generating a 256 bits MAC using SHA2 hash function and truncate 376 it to 128 bits"; 377 reference 378 "RFC 4868: 379 Using HMAC-SHA-256, HMAC-SHA-384, and HMAC-SHA-512 with 380 IPsec"; 382 } 384 identity hmac-sha2-384 { 385 base "mac-algorithm"; 386 description 387 "Generating MAC using SHA2 hash function"; 388 reference 389 "RFC 6234: 390 US Secure Hash Algorithms (SHA and SHA-based HMAC and HKDF)"; 391 } 393 identity hmac-sha2-384-192 { 394 base "mac-algorithm"; 395 description 396 "Generating a 384 bits MAC using SHA2 hash function and truncate 397 it to 192 bits"; 398 reference 399 "RFC 4868: 400 Using HMAC-SHA-256, HMAC-SHA-384, and HMAC-SHA-512 with 401 IPsec"; 402 } 404 identity hmac-sha2-512 { 405 base "mac-algorithm"; 406 description "Generating MAC using SHA2 hash function"; 407 reference 408 "RFC 6234: 409 US Secure Hash Algorithms (SHA and SHA-based HMAC and HKDF)"; 410 } 412 identity hmac-sha2-512-256 { 413 base "mac-algorithm"; 414 description 415 "Generating a 512 bits MAC using SHA2 hash function and 416 truncating it to 256 bits"; 417 reference 418 "RFC 4868: 419 Using HMAC-SHA-256, HMAC-SHA-384, and HMAC-SHA-512 with 420 IPsec"; 421 } 423 identity aes-128-gmac { 424 base "mac-algorithm"; 425 description 426 "Generating MAC using the Advanced Encryption Standard (AES) 427 Galois Message Authentication Code (GMAC) as a mechanism to 428 provide data origin authentication"; 429 reference 430 "RFC 4543: 431 The Use of Galois Message Authentication Code (GMAC) in 432 IPsec ESP and AH"; 433 } 435 identity aes-192-gmac { 436 base "mac-algorithm"; 437 description 438 "Generating MAC using the Advanced Encryption Standard (AES) 439 Galois Message Authentication Code (GMAC) as a mechanism to 440 provide data origin authentication"; 441 reference 442 "RFC 4543: 443 The Use of Galois Message Authentication Code (GMAC) in 444 IPsec ESP and AH"; 446 } 448 identity aes-256-gmac { 449 base "mac-algorithm"; 450 description 451 "Generating MAC using the Advanced Encryption Standard (AES) 452 Galois Message Authentication Code (GMAC) as a mechanism to 453 provide data origin authentication"; 454 reference 455 "RFC 4543: 456 The Use of Galois Message Authentication Code (GMAC) in 457 IPsec ESP and AH"; 458 } 460 identity aes-cmac-96 { 461 base "mac-algorithm"; 462 description 463 "Generating MAC using Advanced Encryption Standard (AES) 464 Cipher-based Message Authentication Code (CMAC)"; 465 reference 466 "RFC 4494: The AES-CMAC-96 Algorithm and its Use with IPsec"; 467 } 469 identity aes-cmac-128 { 470 base "mac-algorithm"; 471 description 472 "Generating MAC using Advanced Encryption Standard (AES) 473 Cipher-based Message Authentication Code (CMAC)"; 474 reference 475 "RFC 4493: The AES-CMAC Algorithm"; 476 } 477 identity mac-aes-128-ccm { 478 base "mac-algorithm"; 479 description 480 "Generating MAC using Advanced Encryption Standard (AES) in 481 CCM (Counter with CBC-MAC) mode (AES CCM)"; 482 reference 483 "RFC 4309: 484 Using Advanced Encryption Standard (AES) CCM Mode with 485 IPsec Encapsulating Security Payload (ESP)"; 486 } 488 identity mac-aes-192-ccm { 489 base "mac-algorithm"; 490 description 491 "Generating MAC using Advanced Encryption Standard (AES) in 492 CCM (Counter with CBC-MAC) mode (AES CCM)"; 493 reference 494 "RFC 4309: 495 Using Advanced Encryption Standard (AES) CCM Mode with 496 IPsec Encapsulating Security Payload (ESP)"; 497 } 499 identity mac-aes-256-ccm { 500 base "mac-algorithm"; 501 description 502 "Generating MAC using Advanced Encryption Standard (AES) in 503 CCM (Counter with CBC-MAC) mode (AES CCM)"; 504 reference 505 "RFC 4309: 506 Using Advanced Encryption Standard (AES) CCM Mode with 507 IPsec Encapsulating Security Payload (ESP)"; 508 } 510 identity mac-aes-128-gcm { 511 base "mac-algorithm"; 512 description 513 "Generating MAC when using Advanced Encryption Standard (AES) 514 GCM mode for encryption"; 515 reference 516 "RFC 4106: 517 The Use of Galois/Counter Mode (GCM) in IPsec Encapsulating 518 Security Payload (ESP)"; 519 } 521 identity mac-aes-192-gcm { 522 base "mac-algorithm"; 523 description 524 "Generating MAC when using Advanced Encryption Standard (AES) 525 GCM mode for encryption"; 526 reference 527 "RFC 4106: 528 The Use of Galois/Counter Mode (GCM) in IPsec Encapsulating 529 Security Payload (ESP)"; 530 } 532 identity mac-aes-256-gcm { 533 base "mac-algorithm"; 534 description 535 "Generating MAC when using Advanced Encryption Standard (AES) 536 GCM mode for encryption"; 537 reference 538 "RFC 4106: 539 The Use of Galois/Counter Mode (GCM) in IPsec Encapsulating 540 Security Payload (ESP)"; 541 } 543 identity mac-chacha20-poly1305 { 544 base "mac-algorithm"; 545 description 546 "Generating MAC using poly1305 algorithm"; 547 reference 548 "RFC 7539: ChaCha20 and Poly1305 for IETF Protocols"; 549 } 551 /*******************************************************/ 552 /* Identities for Symmetric Key Encryption Algorithms*/ 553 /*******************************************************/ 555 identity symmetric-key-encryption-algorithm { 556 description 557 "A base identity for encryption algorithm."; 558 } 560 identity aes-128-cbc { 561 base "symmetric-key-encryption-algorithm"; 562 description 563 "Encrypt message with AES algorithm in CBC mode with a key 564 length of 128 bits"; 565 reference 566 "RFC 3565: 567 Use of the Advanced Encryption Standard (AES) Encryption 568 Algorithm in Cryptographic Message Syntax (CMS)"; 569 } 571 identity aes-192-cbc { 572 base "symmetric-key-encryption-algorithm"; 573 description 574 "Encrypt message with AES algorithm in CBC mode with a key 575 length of 192 bits"; 576 reference 577 "RFC 3565: 578 Use of the Advanced Encryption Standard (AES) Encryption 579 Algorithm in Cryptographic Message Syntax (CMS)"; 580 } 582 identity aes-256-cbc { 583 base "symmetric-key-encryption-algorithm"; 584 description 585 "Encrypt message with AES algorithm in CBC mode with a key 586 length of 256 bits"; 587 reference 588 "RFC 3565: 589 Use of the Advanced Encryption Standard (AES) Encryption 590 Algorithm in Cryptographic Message Syntax (CMS)"; 591 } 593 identity aes-128-ctr { 594 base "symmetric-key-encryption-algorithm"; 595 description 596 "Encrypt message with AES algorithm in CTR mode with a key 597 length of 128 bits"; 598 reference 599 "RFC 3686: 600 Using Advanced Encryption Standard (AES) Counter Mode with 601 IPsec Encapsulating Security Payload (ESP)"; 602 } 604 identity aes-192-ctr { 605 base "symmetric-key-encryption-algorithm"; 606 description 607 "Encrypt message with AES algorithm in CTR mode with a key 608 length of 192 bits"; 609 reference 610 "RFC 3686: 611 Using Advanced Encryption Standard (AES) Counter Mode with 612 IPsec Encapsulating Security Payload (ESP)"; 613 } 615 identity aes-256-ctr { 616 base "symmetric-key-encryption-algorithm"; 617 description 618 "Encrypt message with AES algorithm in CTR mode with a key 619 length of 256 bits"; 621 reference 622 "RFC 3686: 623 Using Advanced Encryption Standard (AES) Counter Mode with 624 IPsec Encapsulating Security Payload (ESP)"; 625 } 627 identity enc-aes-128-ccm { 628 base "symmetric-key-encryption-algorithm"; 629 description 630 "Encrypt message with AES algorithm in CCM mode with a key 631 length of 128 bits"; 632 reference 633 "RFC 4309: 634 Using Advanced Encryption Standard (AES) CCM Mode with IPsec 635 Encapsulating Security Payload (ESP)"; 636 } 638 identity enc-aes-192-ccm { 639 base "symmetric-key-encryption-algorithm"; 640 description 641 "Encrypt message with AES algorithm in CCM mode with a key 642 length of 192 bits"; 643 reference 644 "RFC 4309: 645 Using Advanced Encryption Standard (AES) CCM Mode with IPsec 646 Encapsulating Security Payload (ESP)"; 647 } 649 identity enc-aes-256-ccm { 650 base "symmetric-key-encryption-algorithm"; 651 description 652 "Encrypt message with AES algorithm in CCM mode with a key 653 length of 256 bits"; 654 reference 655 "RFC 4309: 656 Using Advanced Encryption Standard (AES) CCM Mode with IPsec 657 Encapsulating Security Payload (ESP)"; 658 } 660 identity enc-aes-128-gcm { 661 base "symmetric-key-encryption-algorithm"; 662 description 663 "Encrypt message with AES algorithm in GCM mode with a key 664 length of 128 bits"; 665 reference 666 "RFC 4106: 667 The Use of Galois/Counter Mode (GCM) in IPsec Encapsulating 668 Security Payload (ESP)"; 670 } 672 identity enc-aes-192-gcm { 673 base "symmetric-key-encryption-algorithm"; 674 description 675 "Encrypt message with AES algorithm in GCM mode with a key 676 length of 192 bits"; 677 reference 678 "RFC 4106: 679 The Use of Galois/Counter Mode (GCM) in IPsec Encapsulating 680 Security Payload (ESP)"; 681 } 683 identity enc-aes-256-gcm { 684 base "symmetric-key-encryption-algorithm"; 685 description 686 "Encrypt message with AES algorithm in GCM mode with a key 687 length of 256 bits"; 688 reference 689 "RFC 4106: 690 The Use of Galois/Counter Mode (GCM) in IPsec Encapsulating 691 Security Payload (ESP)"; 692 } 694 identity enc-chacha20-poly1305 { 695 base "symmetric-key-encryption-algorithm"; 696 description 697 "Encrypt message with chacha20 algorithm and generate MAC with 698 POLY1305"; 699 reference 700 "RFC 7539: ChaCha20 and Poly1305 for IETF Protocols"; 701 } 703 /******************************************/ 704 /* Identities for signature algorithm */ 705 /******************************************/ 707 identity signature-algorithm { 708 description 709 "A base identity for asymmetric key encryption algorithm."; 710 } 712 identity dsa-sha1 { 713 base "signature-algorithm"; 714 description 715 "The signature algorithm using DSA algorithm with SHA1 hash 716 algorithm"; 717 reference 718 "RFC 4253: The Secure Shell (SSH) Transport Layer Protocol"; 719 } 721 identity rsa-pkcs1-sha1 { 722 base "signature-algorithm"; 723 description 724 "The signature algorithm using RSASSA-PKCS1-v1_5 with the SHA1 725 hash algorithm."; 726 reference 727 "RFC 4253: The Secure Shell (SSH) Transport Layer Protocol"; 728 } 730 identity rsa-pkcs1-sha256 { 731 base "signature-algorithm"; 732 description 733 "The signature algorithm using RSASSA-PKCS1-v1_5 with the 734 SHA256 hash algorithm."; 735 reference 736 "RFC 8332: 737 Use of RSA Keys with SHA-256 and SHA-512 in the Secure Shell 738 (SSH) Protocol 739 RFC 8446: 740 The Transport Layer Security (TLS) Protocol Version 1.3"; 741 } 743 identity rsa-pkcs1-sha384 { 744 base "signature-algorithm"; 745 description 746 "The signature algorithm using RSASSA-PKCS1-v1_5 with the 747 SHA384 hash algorithm."; 748 reference 749 "RFC 8446: 750 The Transport Layer Security (TLS) Protocol Version 1.3"; 751 } 753 identity rsa-pkcs1-sha512 { 754 base "signature-algorithm"; 755 description 756 "The signature algorithm using RSASSA-PKCS1-v1_5 with the 757 SHA512 hash algorithm."; 758 reference 759 "RFC 8332: 760 Use of RSA Keys with SHA-256 and SHA-512 in the Secure Shell 761 (SSH) Protocol 762 RFC 8446: 763 The Transport Layer Security (TLS) Protocol Version 1.3"; 764 } 765 identity rsa-pss-rsae-sha256 { 766 base "signature-algorithm"; 767 description 768 "The signature algorithm using RSASSA-PSS with mask generation 769 function 1 and SHA256 hash algorithm. If the public key is 770 carried in an X.509 certificate, it MUST use the rsaEncryption 771 OID"; 772 reference 773 "RFC 8446: 774 The Transport Layer Security (TLS) Protocol Version 1.3"; 775 } 777 identity rsa-pss-rsae-sha384 { 778 base "signature-algorithm"; 779 description 780 "The signature algorithm using RSASSA-PSS with mask generation 781 function 1 and SHA384 hash algorithm. If the public key is 782 carried in an X.509 certificate, it MUST use the rsaEncryption 783 OID"; 784 reference 785 "RFC 8446: 786 The Transport Layer Security (TLS) Protocol Version 1.3"; 787 } 789 identity rsa-pss-rsae-sha512 { 790 base "signature-algorithm"; 791 description 792 "The signature algorithm using RSASSA-PSS with mask generation 793 function 1 and SHA512 hash algorithm. If the public key is 794 carried in an X.509 certificate, it MUST use the rsaEncryption 795 OID"; 796 reference 797 "RFC 8446: 798 The Transport Layer Security (TLS) Protocol Version 1.3"; 799 } 801 identity rsa-pss-pss-sha256 { 802 base "signature-algorithm"; 803 description 804 "The signature algorithm using RSASSA-PSS with mask generation 805 function 1 and SHA256 hash algorithm. If the public key is 806 carried in an X.509 certificate, it MUST use the RSASSA-PSS 807 OID"; 808 reference 809 "RFC 8446: 810 The Transport Layer Security (TLS) Protocol Version 1.3"; 811 } 812 identity rsa-pss-pss-sha384 { 813 base "signature-algorithm"; 814 description 815 "The signature algorithm using RSASSA-PSS with mask generation 816 function 1 and SHA256 hash algorithm. If the public key is 817 carried in an X.509 certificate, it MUST use the RSASSA-PSS 818 OID"; 819 reference 820 "RFC 8446: 821 The Transport Layer Security (TLS) Protocol Version 1.3"; 822 } 824 identity rsa-pss-pss-sha512 { 825 base "signature-algorithm"; 826 description 827 "The signature algorithm using RSASSA-PSS with mask generation 828 function 1 and SHA256 hash algorithm. If the public key is 829 carried in an X.509 certificate, it MUST use the RSASSA-PSS 830 OID"; 831 reference 832 "RFC 8446: 833 The Transport Layer Security (TLS) Protocol Version 1.3"; 834 } 836 identity ecdsa-secp256r1-sha256 { 837 base "signature-algorithm"; 838 description 839 "The signature algorithm using ECDSA wtih curve name secp256r1 840 and SHA256 hash algorithm."; 841 reference 842 "RFC 5656: Elliptic Curve Algorithm Integration in the 843 Secure Shell Transport Layer 844 RFC 8446: 845 The Transport Layer Security (TLS) Protocol Version 1.3"; 846 } 848 identity ecdsa-secp384r1-sha384 { 849 base "signature-algorithm"; 850 description 851 "The signature algorithm using ECDSA wtih curve name secp384r1 852 and SHA384 hash algorithm."; 853 reference 854 "RFC 5656: Elliptic Curve Algorithm Integration in the 855 Secure Shell Transport Layer 856 RFC 8446: 857 The Transport Layer Security (TLS) Protocol Version 1.3"; 858 } 859 identity ecdsa-secp521r1-sha512 { 860 base "signature-algorithm"; 861 description 862 "The signature algorithm using ECDSA wtih curve name secp521r1 863 and SHA512 hash algorithm."; 864 reference 865 "RFC 5656: Elliptic Curve Algorithm Integration in the 866 Secure Shell Transport Layer 867 RFC 8446: 868 The Transport Layer Security (TLS) Protocol Version 1.3"; 869 } 871 identity x509v3-rsa-pkcs1-sha1 { 872 base "signature-algorithm"; 873 description 874 "The signature algorithm using x509v3-ssh-rsa key format and 875 RSASSA-PKCS1-v1_5 with the SHA1 hash algorithm."; 876 reference 877 "RFC 6187: 878 X.509v3 Certificates for Secure Shell Authentication"; 879 } 881 identity x509v3-rsa2048-pkcs1-sha256 { 882 base "signature-algorithm"; 883 description 884 "The signature algorithm using x509v3-rsa2048-sha256 885 key format and RSASSA-PKCS1-v1_5 with the SHA-256 886 hash algorithm."; 887 reference 888 "RFC 6187: 889 X.509v3 Certificates for Secure Shell Authentication"; 890 } 892 identity x509v3-ecdsa-secp256r1-sha256 { 893 base "signature-algorithm"; 894 description 895 "The signature algorithm using x509v3-ecdsa-sha2-secp256r1 key 896 format and ECDSA algorithm with the SHA-256 hash algorithm."; 897 reference 898 "RFC 6187: 899 X.509v3 Certificates for Secure Shell Authentication"; 900 } 902 identity x509v3-ecdsa-secp384r1-sha384 { 903 base "signature-algorithm"; 904 description 905 "The signature algorithm using x509v3-ecdsa-sha2-secp384r1 key 906 format and ECDSA algorithm with the SHA-384 hash algorithm."; 908 reference 909 "RFC 6187: 910 X.509v3 Certificates for Secure Shell Authentication"; 911 } 913 identity x509v3-ecdsa-secp521r1-sha512 { 914 base "signature-algorithm"; 915 description 916 "The signature algorithm using x509v3-ecdsa-sha2-secp521r1 key 917 format and ECDSA algorithm with the SHA-512 hash algorithm."; 918 reference 919 "RFC 6187: 920 X.509v3 Certificates for Secure Shell Authentication"; 921 } 923 identity ed25519 { 924 base "signature-algorithm"; 925 description 926 "The signature algorithm using EdDSA as defined in RFC 8032 or 927 its successors."; 928 reference 929 "RFC 8032: Edwards-Curve Digital Signature Algorithm (EdDSA)"; 930 } 932 identity ed448 { 933 base "signature-algorithm"; 934 description 935 "The signature algorithm using EdDSA as defined in RFC 8032 or 936 its successors."; 937 reference 938 "RFC 8032: Edwards-Curve Digital Signature Algorithm (EdDSA)"; 939 } 941 identity eccsi { 942 base "signature-algorithm"; 943 description 944 "The signature algorithm using ECCSI signature as defined in 945 RFC 6507."; 946 reference 947 "RFC 6507: 948 Elliptic Curve-Based Certificateless Signatures for 949 Identity-based Encryption (ECCSI)"; 950 } 952 /**********************************************/ 953 /* Identities for key exchange algorithms */ 954 /**********************************************/ 955 identity key-exchange-algorithm { 956 description 957 "A base identity for Diffe-Hellman based key exchange 958 algorithm."; 959 } 961 identity psk-only { 962 base "key-exchange-algorithm"; 963 description 964 "Using Pre-shared key for authentication and key exhange"; 965 reference 966 "RFC 4279: 967 Pre-Shared Key Ciphersuites for Transport Layer Security 968 (TLS)"; 969 } 971 identity dhe-ffdhe2048 { 972 base "key-exchange-algorithm"; 973 description 974 "Ephemeral Diffie Hellman key exhange with 2048 bit 975 finite field"; 976 reference 977 "RFC 7919: 978 Negotiated Finite Field Diffie-Hellman Ephemeral Parameters 979 for Transport Layer Security (TLS)"; 980 } 982 identity dhe-ffdhe3072 { 983 base "key-exchange-algorithm"; 984 description 985 "Ephemeral Diffie Hellman key exhange with 3072 bit finite 986 field"; 987 reference 988 "RFC 7919: 989 Negotiated Finite Field Diffie-Hellman Ephemeral Parameters 990 for Transport Layer Security (TLS)"; 991 } 993 identity dhe-ffdhe4096 { 994 base "key-exchange-algorithm"; 995 description 996 "Ephemeral Diffie Hellman key exhange with 4096 bit 997 finite field"; 998 reference 999 "RFC 7919: 1000 Negotiated Finite Field Diffie-Hellman Ephemeral Parameters 1001 for Transport Layer Security (TLS)"; 1002 } 1003 identity dhe-ffdhe6144 { 1004 base "key-exchange-algorithm"; 1005 description 1006 "Ephemeral Diffie Hellman key exhange with 6144 bit 1007 finite field"; 1008 reference 1009 "RFC 7919: 1010 Negotiated Finite Field Diffie-Hellman Ephemeral Parameters 1011 for Transport Layer Security (TLS)"; 1012 } 1014 identity dhe-ffdhe8192 { 1015 base "key-exchange-algorithm"; 1016 description 1017 "Ephemeral Diffie Hellman key exhange with 8192 bit 1018 finite field"; 1019 reference 1020 "RFC 7919: 1021 Negotiated Finite Field Diffie-Hellman Ephemeral Parameters 1022 for Transport Layer Security (TLS)"; 1023 } 1025 identity psk-dhe-ffdhe2048 { 1026 base "key-exchange-algorithm"; 1027 description 1028 "Key exchange using pre-shared key with Diffie-Hellman key 1029 generation mechansim, where the DH group is FFDHE2048"; 1030 reference 1031 "RFC 8446: 1032 The Transport Layer Security (TLS) Protocol Version 1.3"; 1033 } 1035 identity psk-dhe-ffdhe3072 { 1036 base "key-exchange-algorithm"; 1037 description 1038 "Key exchange using pre-shared key with Diffie-Hellman key 1039 generation mechansim, where the DH group is FFDHE3072"; 1040 reference 1041 "RFC 8446: 1042 The Transport Layer Security (TLS) Protocol Version 1.3"; 1043 } 1045 identity psk-dhe-ffdhe4096 { 1046 base "key-exchange-algorithm"; 1047 description 1048 "Key exchange using pre-shared key with Diffie-Hellman key 1049 generation mechansim, where the DH group is FFDHE4096"; 1050 reference 1051 "RFC 8446: 1052 The Transport Layer Security (TLS) Protocol Version 1.3"; 1053 } 1055 identity psk-dhe-ffdhe6144 { 1056 base "key-exchange-algorithm"; 1057 description 1058 "Key exchange using pre-shared key with Diffie-Hellman key 1059 generation mechansim, where the DH group is FFDHE6144"; 1060 reference 1061 "RFC 8446: 1062 The Transport Layer Security (TLS) Protocol Version 1.3"; 1063 } 1065 identity psk-dhe-ffdhe8192 { 1066 base "key-exchange-algorithm"; 1067 description 1068 "Key exchange using pre-shared key with Diffie-Hellman key 1069 generation mechansim, where the DH group is FFDHE8192"; 1070 reference 1071 "RFC 8446: 1072 The Transport Layer Security (TLS) Protocol Version 1.3"; 1073 } 1075 identity ecdhe-secp256r1 { 1076 base "key-exchange-algorithm"; 1077 description 1078 "Ephemeral Diffie Hellman key exhange with elliptic group 1079 over curve secp256r1"; 1080 reference 1081 "RFC 8422: 1082 Elliptic Curve Cryptography (ECC) Cipher Suites for 1083 Transport Layer Security (TLS) Versions 1.2 and Earlier"; 1084 } 1086 identity ecdhe-secp384r1 { 1087 base "key-exchange-algorithm"; 1088 description 1089 "Ephemeral Diffie Hellman key exhange with elliptic group 1090 over curve secp384r1"; 1091 reference 1092 "RFC 8422: 1093 Elliptic Curve Cryptography (ECC) Cipher Suites for 1094 Transport Layer Security (TLS) Versions 1.2 and Earlier"; 1095 } 1097 identity ecdhe-secp521r1 { 1098 base "key-exchange-algorithm"; 1099 description 1100 "Ephemeral Diffie Hellman key exhange with elliptic group 1101 over curve secp521r1"; 1102 reference 1103 "RFC 8422: 1104 Elliptic Curve Cryptography (ECC) Cipher Suites for 1105 Transport Layer Security (TLS) Versions 1.2 and Earlier"; 1106 } 1108 identity ecdhe-x25519 { 1109 base "key-exchange-algorithm"; 1110 description 1111 "Ephemeral Diffie Hellman key exhange with elliptic group 1112 over curve x25519"; 1113 reference 1114 "RFC 8422: 1115 Elliptic Curve Cryptography (ECC) Cipher Suites for 1116 Transport Layer Security (TLS) Versions 1.2 and Earlier"; 1117 } 1119 identity ecdhe-x448 { 1120 base "key-exchange-algorithm"; 1121 description 1122 "Ephemeral Diffie Hellman key exhange with elliptic group 1123 over curve x448"; 1124 reference 1125 "RFC 8422: 1126 Elliptic Curve Cryptography (ECC) Cipher Suites for 1127 Transport Layer Security (TLS) Versions 1.2 and Earlier"; 1128 } 1130 identity psk-ecdhe-secp256r1 { 1131 base "key-exchange-algorithm"; 1132 description 1133 "Key exchange using pre-shared key with elliptic group-based 1134 Ephemeral Diffie Hellman key exhange over curve secp256r1"; 1135 reference 1136 "RFC 8446: 1137 The Transport Layer Security (TLS) Protocol Version 1.3"; 1138 } 1140 identity psk-ecdhe-secp384r1 { 1141 base "key-exchange-algorithm"; 1142 description 1143 "Key exchange using pre-shared key with elliptic group-based 1144 Ephemeral Diffie Hellman key exhange over curve secp384r1"; 1145 reference 1146 "RFC 8446: 1148 The Transport Layer Security (TLS) Protocol Version 1.3"; 1149 } 1151 identity psk-ecdhe-secp521r1 { 1152 base "key-exchange-algorithm"; 1153 description 1154 "Key exchange using pre-shared key with elliptic group-based 1155 Ephemeral Diffie Hellman key exhange over curve secp521r1"; 1156 reference 1157 "RFC 8446: 1158 The Transport Layer Security (TLS) Protocol Version 1.3"; 1159 } 1161 identity psk-ecdhe-x25519 { 1162 base "key-exchange-algorithm"; 1163 description 1164 "Key exchange using pre-shared key with elliptic group-based 1165 Ephemeral Diffie Hellman key exhange over curve x25519"; 1166 reference 1167 "RFC 8446: 1168 The Transport Layer Security (TLS) Protocol Version 1.3"; 1169 } 1171 identity psk-ecdhe-x448 { 1172 base "key-exchange-algorithm"; 1173 description 1174 "Key exchange using pre-shared key with elliptic group-based 1175 Ephemeral Diffie Hellman key exhange over curve x448"; 1176 reference 1177 "RFC 8446: 1178 The Transport Layer Security (TLS) Protocol Version 1.3"; 1179 } 1181 identity diffie-hellman-group14-sha1 { 1182 base "key-exchange-algorithm"; 1183 description 1184 "Using DH group14 and SHA1 for key exchange"; 1185 reference 1186 "RFC 4253: The Secure Shell (SSH) Transport Layer Protocol"; 1187 } 1189 identity diffie-hellman-group14-sha256 { 1190 base "key-exchange-algorithm"; 1191 description 1192 "Using DH group14 and SHA256 for key exchange"; 1193 reference 1194 "RFC 8268: 1195 More Modular Exponentiation (MODP) Diffie-Hellman (DH) 1196 Key Exchange (KEX) Groups for Secure Shell (SSH)"; 1197 } 1199 identity diffie-hellman-group15-sha512 { 1200 base "key-exchange-algorithm"; 1201 description 1202 "Using DH group15 and SHA512 for key exchange"; 1203 reference 1204 "RFC 8268: 1205 More Modular Exponentiation (MODP) Diffie-Hellman (DH) 1206 Key Exchange (KEX) Groups for Secure Shell (SSH)"; 1207 } 1209 identity diffie-hellman-group16-sha512 { 1210 base "key-exchange-algorithm"; 1211 description 1212 "Using DH group16 and SHA512 for key exchange"; 1213 reference 1214 "RFC 8268: 1215 More Modular Exponentiation (MODP) Diffie-Hellman (DH) 1216 Key Exchange (KEX) Groups for Secure Shell (SSH)"; 1217 } 1219 identity diffie-hellman-group17-sha512 { 1220 base "key-exchange-algorithm"; 1221 description 1222 "Using DH group17 and SHA512 for key exchange"; 1223 reference 1224 "RFC 8268: 1225 More Modular Exponentiation (MODP) Diffie-Hellman (DH) 1226 Key Exchange (KEX) Groups for Secure Shell (SSH)"; 1227 } 1229 identity diffie-hellman-group18-sha512 { 1230 base "key-exchange-algorithm"; 1231 description 1232 "Using DH group18 and SHA512 for key exchange"; 1233 reference 1234 "RFC 8268: 1235 More Modular Exponentiation (MODP) Diffie-Hellman (DH) 1236 Key Exchange (KEX) Groups for Secure Shell (SSH)"; 1237 } 1239 identity ecdh-sha2-secp256r1 { 1240 base "key-exchange-algorithm"; 1241 description 1242 "Elliptic curve-based Diffie Hellman key exhange over curve 1243 secp256r1 and using SHA2 for MAC generation"; 1245 reference 1246 "RFC 6239: Suite B Cryptographic Suites for Secure Shell (SSH)"; 1247 } 1249 identity ecdh-sha2-secp384r1 { 1250 base "key-exchange-algorithm"; 1251 description 1252 "Elliptic curve-based Diffie Hellman key exhange over curve 1253 secp384r1 and using SHA2 for MAC generation"; 1254 reference 1255 "RFC 6239: Suite B Cryptographic Suites for Secure Shell (SSH)"; 1256 } 1258 /*********************************************************/ 1259 /* Typedefs for identityrefs to above base identites */ 1260 /*********************************************************/ 1262 typedef hash-algorithm-ref { 1263 type identityref { 1264 base "hash-algorithm"; 1265 } 1266 description 1267 "This typedef enables importing modules to easily define an 1268 identityref to the 'hash-algorithm' base identity."; 1269 } 1271 typedef signature-algorithm-ref { 1272 type identityref { 1273 base "signature-algorithm"; 1274 } 1275 description 1276 "This typedef enables importing modules to easily define an 1277 identityref to the 'signature-algorithm' base identity."; 1278 } 1280 typedef mac-algorithm-ref { 1281 type identityref { 1282 base "mac-algorithm"; 1283 } 1284 description 1285 "This typedef enables importing modules to easily define an 1286 identityref to the 'mac-algorithm' base identity."; 1287 } 1289 typedef symmetric-key-encryption-algorithm-ref { 1290 type identityref { 1291 base "symmetric-key-encryption-algorithm"; 1292 } 1293 description 1294 "This typedef enables importing modules to easily define an 1295 identityref to the 'symmetric-key-encryption-algorithm' 1296 base identity."; 1297 } 1299 typedef asymmetric-key-encryption-algorithm-ref { 1300 type identityref { 1301 base "asymmetric-key-encryption-algorithm"; 1302 } 1303 description 1304 "This typedef enables importing modules to easily define an 1305 identityref to the 'asymmetric-key-encryption-algorithm' 1306 base identity."; 1307 } 1309 typedef key-exchange-algorithm-ref { 1310 type identityref { 1311 base "key-exchange-algorithm"; 1312 } 1313 description 1314 "This typedef enables importing modules to easily define an 1315 identityref to the 'key-exchange-algorithm' base identity."; 1316 } 1318 /***************************************************/ 1319 /* Typedefs for ASN.1 structures from RFC 5280 */ 1320 /***************************************************/ 1322 typedef x509 { 1323 type binary; 1324 description 1325 "A Certificate structure, as specified in RFC 5280, 1326 encoded using ASN.1 distinguished encoding rules (DER), 1327 as specified in ITU-T X.690."; 1328 reference 1329 "RFC 5280: 1330 Internet X.509 Public Key Infrastructure Certificate 1331 and Certificate Revocation List (CRL) Profile 1332 ITU-T X.690: 1333 Information technology - ASN.1 encoding rules: 1334 Specification of Basic Encoding Rules (BER), 1335 Canonical Encoding Rules (CER) and Distinguished 1336 Encoding Rules (DER)."; 1337 } 1339 typedef crl { 1340 type binary; 1341 description 1342 "A CertificateList structure, as specified in RFC 5280, 1343 encoded using ASN.1 distinguished encoding rules (DER), 1344 as specified in ITU-T X.690."; 1345 reference 1346 "RFC 5280: 1347 Internet X.509 Public Key Infrastructure Certificate 1348 and Certificate Revocation List (CRL) Profile 1349 ITU-T X.690: 1350 Information technology - ASN.1 encoding rules: 1351 Specification of Basic Encoding Rules (BER), 1352 Canonical Encoding Rules (CER) and Distinguished 1353 Encoding Rules (DER)."; 1354 } 1356 /***********************************************/ 1357 /* Typedefs for ASN.1 structures from 5652 */ 1358 /***********************************************/ 1360 typedef cms { 1361 type binary; 1362 description 1363 "A ContentInfo structure, as specified in RFC 5652, 1364 encoded using ASN.1 distinguished encoding rules (DER), 1365 as specified in ITU-T X.690."; 1366 reference 1367 "RFC 5652: 1368 Cryptographic Message Syntax (CMS) 1369 ITU-T X.690: 1370 Information technology - ASN.1 encoding rules: 1371 Specification of Basic Encoding Rules (BER), 1372 Canonical Encoding Rules (CER) and Distinguished 1373 Encoding Rules (DER)."; 1374 } 1376 typedef data-content-cms { 1377 type cms; 1378 description 1379 "A CMS structure whose top-most content type MUST be the 1380 data content type, as described by Section 4 in RFC 5652."; 1381 reference 1382 "RFC 5652: Cryptographic Message Syntax (CMS)"; 1383 } 1385 typedef signed-data-cms { 1386 type cms; 1387 description 1388 "A CMS structure whose top-most content type MUST be the 1389 signed-data content type, as described by Section 5 in 1390 RFC 5652."; 1391 reference 1392 "RFC 5652: Cryptographic Message Syntax (CMS)"; 1393 } 1395 typedef enveloped-data-cms { 1396 type cms; 1397 description 1398 "A CMS structure whose top-most content type MUST be the 1399 enveloped-data content type, as described by Section 6 1400 in RFC 5652."; 1401 reference 1402 "RFC 5652: Cryptographic Message Syntax (CMS)"; 1403 } 1405 typedef digested-data-cms { 1406 type cms; 1407 description 1408 "A CMS structure whose top-most content type MUST be the 1409 digested-data content type, as described by Section 7 1410 in RFC 5652."; 1411 reference 1412 "RFC 5652: Cryptographic Message Syntax (CMS)"; 1413 } 1415 typedef encrypted-data-cms { 1416 type cms; 1417 description 1418 "A CMS structure whose top-most content type MUST be the 1419 encrypted-data content type, as described by Section 8 1420 in RFC 5652."; 1421 reference 1422 "RFC 5652: Cryptographic Message Syntax (CMS)"; 1423 } 1425 typedef authenticated-data-cms { 1426 type cms; 1427 description 1428 "A CMS structure whose top-most content type MUST be the 1429 authenticated-data content type, as described by Section 9 1430 in RFC 5652."; 1431 reference 1432 "RFC 5652: Cryptographic Message Syntax (CMS)"; 1433 } 1435 /***************************************************/ 1436 /* Typedefs for structures related to RFC 4253 */ 1437 /***************************************************/ 1439 typedef ssh-host-key { 1440 type binary; 1441 description 1442 "The binary public key data for this SSH key, as 1443 specified by RFC 4253, Section 6.6, i.e.: 1445 string certificate or public key format 1446 identifier 1447 byte[n] key/certificate data."; 1448 reference 1449 "RFC 4253: The Secure Shell (SSH) Transport Layer 1450 Protocol"; 1451 } 1453 /*********************************************************/ 1454 /* Typedefs for ASN.1 structures related to RFC 5280 */ 1455 /*********************************************************/ 1457 typedef trust-anchor-cert-x509 { 1458 type x509; 1459 description 1460 "A Certificate structure that MUST encode a self-signed 1461 root certificate."; 1462 } 1464 typedef end-entity-cert-x509 { 1465 type x509; 1466 description 1467 "A Certificate structure that MUST encode a certificate 1468 that is neither self-signed nor having Basic constraint 1469 CA true."; 1470 } 1472 /*********************************************************/ 1473 /* Typedefs for ASN.1 structures related to RFC 5652 */ 1474 /*********************************************************/ 1476 typedef trust-anchor-cert-cms { 1477 type signed-data-cms; 1478 description 1479 "A CMS SignedData structure that MUST contain the chain of 1480 X.509 certificates needed to authenticate the certificate 1481 presented by a client or end-entity. 1483 The CMS MUST contain only a single chain of certificates. 1484 The client or end-entity certificate MUST only authenticate 1485 to last intermediate CA certificate listed in the chain. 1487 In all cases, the chain MUST include a self-signed root 1488 certificate. In the case where the root certificate is 1489 itself the issuer of the client or end-entity certificate, 1490 only one certificate is present. 1492 This CMS structure MAY (as applicable where this type is 1493 used) also contain suitably fresh (as defined by local 1494 policy) revocation objects with which the device can 1495 verify the revocation status of the certificates. 1497 This CMS encodes the degenerate form of the SignedData 1498 structure that is commonly used to disseminate X.509 1499 certificates and revocation objects (RFC 5280)."; 1500 reference 1501 "RFC 5280: 1502 Internet X.509 Public Key Infrastructure Certificate 1503 and Certificate Revocation List (CRL) Profile."; 1504 } 1506 typedef end-entity-cert-cms { 1507 type signed-data-cms; 1508 description 1509 "A CMS SignedData structure that MUST contain the end 1510 entity certificate itself, and MAY contain any number 1511 of intermediate certificates leading up to a trust 1512 anchor certificate. The trust anchor certificate 1513 MAY be included as well. 1515 The CMS MUST contain a single end entity certificate. 1516 The CMS MUST NOT contain any spurious certificates. 1518 This CMS structure MAY (as applicable where this type is 1519 used) also contain suitably fresh (as defined by local 1520 policy) revocation objects with which the device can 1521 verify the revocation status of the certificates. 1523 This CMS encodes the degenerate form of the SignedData 1524 structure that is commonly used to disseminate X.509 1525 certificates and revocation objects (RFC 5280)."; 1526 reference 1527 "RFC 5280: 1528 Internet X.509 Public Key Infrastructure Certificate 1529 and Certificate Revocation List (CRL) Profile."; 1530 } 1531 /**********************************************/ 1532 /* Groupings for keys and/or certificates */ 1533 /**********************************************/ 1535 grouping public-key-grouping { 1536 description 1537 "A public key."; 1538 leaf algorithm { 1539 type asymmetric-key-encryption-algorithm-ref; 1540 description 1541 "Identifies the key's algorithm. More specifically, 1542 this leaf specifies how the 'public-key' binary leaf 1543 is encoded."; 1544 reference 1545 "RFC CCCC: Common YANG Data Types for Cryptography"; 1546 } 1547 leaf public-key { 1548 type binary; 1549 description 1550 "A binary that contains the value of the public key. The 1551 interpretation of the content is defined by the key 1552 algorithm. For example, a DSA key is an integer, an RSA 1553 key is represented as RSAPublicKey as defined in 1554 RFC 8017, and an Elliptic Curve Cryptography (ECC) key 1555 is represented using the 'publicKey' described in 1556 RFC 5915."; 1557 reference 1558 "RFC 8017: Public-Key Cryptography Standards (PKCS) #1: 1559 RSA Cryptography Specifications Version 2.2. 1560 RFC 5915: Elliptic Curve Private Key Structure."; 1561 } 1562 } // end public-key-grouping 1564 grouping asymmetric-key-pair-grouping { 1565 description 1566 "A private/public key pair."; 1567 uses public-key-grouping; 1568 leaf private-key { 1569 nacm:default-deny-all; 1570 type union { 1571 type binary; 1572 type enumeration { 1573 enum "permanently-hidden" { 1574 description 1575 "The private key is inaccessible due to being 1576 protected by the system (e.g., a cryptographic 1577 hardware module). It is not possible to 1578 configure a permanently hidden key, as a real 1579 private key value must be set. Permanently 1580 hidden keys cannot be archived or backed up."; 1581 } 1582 } 1583 } 1584 description 1585 "A binary that contains the value of the private key. The 1586 interpretation of the content is defined by the key 1587 algorithm. For example, a DSA key is an integer, an RSA 1588 key is represented as RSAPrivateKey as defined in 1589 RFC 8017, and an Elliptic Curve Cryptography (ECC) key 1590 is represented as ECPrivateKey as defined in RFC 5915."; 1591 reference 1592 "RFC 8017: Public-Key Cryptography Standards (PKCS) #1: 1593 RSA Cryptography Specifications Version 2.2. 1594 RFC 5915: Elliptic Curve Private Key Structure."; 1595 } // end private-key 1597 action generate-hidden-key { 1598 description 1599 "Requests the device to generate a hidden key using the 1600 specified asymmetric key algorithm. This action is 1601 used to request the system to generate a key that 1602 is 'permanently-hidden', perhaps protected by a 1603 cryptographic hardware module. The resulting 1604 asymmetric key values are considered operational 1605 state and hence present only in ."; 1606 input { 1607 leaf algorithm { 1608 type asymmetric-key-encryption-algorithm-ref; 1609 mandatory true; 1610 description 1611 "The algorithm to be used when generating the 1612 asymmetric key."; 1613 reference 1614 "RFC CCCC: Common YANG Data Types for Cryptography"; 1615 } 1616 } 1617 } // end generate-hidden-key 1619 action install-hidden-key { 1620 description 1621 "Requests the device to load the specified values into 1622 a hidden key. The resulting asymmetric key values are 1623 considered operational state and hence present only in 1624 ."; 1625 input { 1626 leaf algorithm { 1627 type asymmetric-key-encryption-algorithm-ref; 1628 mandatory true; 1629 description 1630 "The algorithm to be used when generating the 1631 asymmetric key."; 1632 reference 1633 "RFC CCCC: Common YANG Data Types for Cryptography"; 1634 } 1635 leaf public-key { 1636 type binary; 1637 description 1638 "A binary that contains the value of the public key. 1639 The interpretation of the content is defined by the key 1640 algorithm. For example, a DSA key is an integer, an 1641 RSA key is represented as RSAPublicKey as defined in 1642 RFC 8017, and an Elliptic Curve Cryptography (ECC) key 1643 is represented using the 'publicKey' described in 1644 RFC 5915."; 1645 reference 1646 "RFC 8017: Public-Key Cryptography Standards (PKCS) #1: 1647 RSA Cryptography Specifications Version 2.2. 1648 RFC 5915: Elliptic Curve Private Key Structure."; 1649 } 1650 leaf private-key { 1651 type binary; 1652 description 1653 "A binary that contains the value of the private key. 1654 The interpretation of the content is defined by the key 1655 algorithm. For example, a DSA key is an integer, an RSA 1656 key is represented as RSAPrivateKey as defined in 1657 RFC 8017, and an Elliptic Curve Cryptography (ECC) key 1658 is represented as ECPrivateKey as defined in RFC 5915."; 1659 reference 1660 "RFC 8017: Public-Key Cryptography Standards (PKCS) #1: 1661 RSA Cryptography Specifications Version 2.2. 1662 RFC 5915: Elliptic Curve Private Key Structure."; 1663 } 1664 } 1665 } // end install-hidden-key 1666 } // end asymmetric-key-pair-grouping 1668 grouping trust-anchor-cert-grouping { 1669 description 1670 "A certificate, and a notification for when it might expire."; 1671 leaf cert { 1672 type trust-anchor-cert-cms; 1673 description 1674 "The binary certificate data for this certificate."; 1675 reference 1676 "RFC YYYY: Common YANG Data Types for Cryptography"; 1677 } 1678 notification certificate-expiration { 1679 description 1680 "A notification indicating that the configured certificate 1681 is either about to expire or has already expired. When to 1682 send notifications is an implementation specific decision, 1683 but it is RECOMMENDED that a notification be sent once a 1684 month for 3 months, then once a week for four weeks, and 1685 then once a day thereafter until the issue is resolved."; 1686 leaf expiration-date { 1687 type yang:date-and-time; 1688 mandatory true; 1689 description 1690 "Identifies the expiration date on the certificate."; 1691 } 1692 } 1693 } // end trust-anchor-cert-grouping 1695 grouping end-entity-cert-grouping { 1696 description 1697 "A certificate, and a notification for when it might expire."; 1698 leaf cert { 1699 type end-entity-cert-cms; 1700 description 1701 "The binary certificate data for this certificate."; 1702 reference 1703 "RFC YYYY: Common YANG Data Types for Cryptography"; 1704 } 1705 notification certificate-expiration { 1706 description 1707 "A notification indicating that the configured certificate 1708 is either about to expire or has already expired. When to 1709 send notifications is an implementation specific decision, 1710 but it is RECOMMENDED that a notification be sent once a 1711 month for 3 months, then once a week for four weeks, and 1712 then once a day thereafter until the issue is resolved."; 1713 leaf expiration-date { 1714 type yang:date-and-time; 1715 mandatory true; 1716 description 1717 "Identifies the expiration date on the certificate."; 1718 } 1719 } 1721 } // end end-entity-cert-grouping 1723 grouping asymmetric-key-pair-with-certs-grouping { 1724 description 1725 "A private/public key pair and associated certificates."; 1726 uses asymmetric-key-pair-grouping; 1727 container certificates { 1728 description 1729 "Certificates associated with this asymmetric key. 1730 More than one certificate supports, for instance, 1731 a TPM-protected asymmetric key that has both IDevID 1732 and LDevID certificates associated."; 1733 list certificate { 1734 key name; 1735 description 1736 "A certificate for this asymmetric key."; 1737 leaf name { 1738 type string; 1739 description 1740 "An arbitrary name for the certificate. If the name 1741 matches the name of a certificate that exists 1742 independently in (i.e., an IDevID), 1743 then the 'cert' node MUST NOT be configured."; 1745 } 1746 uses end-entity-cert-grouping; 1747 } // end certificate 1748 } // end certificates 1750 action generate-certificate-signing-request { 1751 description 1752 "Generates a certificate signing request structure for 1753 the associated asymmetric key using the passed subject 1754 and attribute values. The specified assertions need 1755 to be appropriate for the certificate's use. For 1756 example, an entity certificate for a TLS server 1757 SHOULD have values that enable clients to satisfy 1758 RFC 6125 processing."; 1759 input { 1760 leaf subject { 1761 type binary; 1762 mandatory true; 1763 description 1764 "The 'subject' field per the CertificationRequestInfo 1765 structure as specified by RFC 2986, Section 4.1 1766 encoded using the ASN.1 distinguished encoding 1767 rules (DER), as specified in ITU-T X.690."; 1769 reference 1770 "RFC 2986: 1771 PKCS #10: Certification Request Syntax 1772 Specification Version 1.7. 1773 ITU-T X.690: 1774 Information technology - ASN.1 encoding rules: 1775 Specification of Basic Encoding Rules (BER), 1776 Canonical Encoding Rules (CER) and Distinguished 1777 Encoding Rules (DER)."; 1778 } 1779 leaf attributes { 1780 type binary; 1781 description 1782 "The 'attributes' field from the structure 1783 CertificationRequestInfo as specified by RFC 2986, 1784 Section 4.1 encoded using the ASN.1 distinguished 1785 encoding rules (DER), as specified in ITU-T X.690."; 1786 reference 1787 "RFC 2986: 1788 PKCS #10: Certification Request Syntax 1789 Specification Version 1.7. 1790 ITU-T X.690: 1791 Information technology - ASN.1 encoding rules: 1792 Specification of Basic Encoding Rules (BER), 1793 Canonical Encoding Rules (CER) and Distinguished 1794 Encoding Rules (DER)."; 1795 } 1796 } 1797 output { 1798 leaf certificate-signing-request { 1799 type binary; 1800 mandatory true; 1801 description 1802 "A CertificationRequest structure as specified by 1803 RFC 2986, Section 4.2 encoded using the ASN.1 1804 distinguished encoding rules (DER), as specified 1805 in ITU-T X.690."; 1806 reference 1807 "RFC 2986: 1808 PKCS #10: Certification Request Syntax 1809 Specification Version 1.7. 1810 ITU-T X.690: 1811 Information technology - ASN.1 encoding rules: 1812 Specification of Basic Encoding Rules (BER), 1813 Canonical Encoding Rules (CER) and Distinguished 1814 Encoding Rules (DER)."; 1816 } 1818 } 1819 } // end generate-certificate-signing-request 1820 } // end asymmetric-key-pair-with-certs-grouping 1822 } 1823 1825 3. Security Considerations 1827 In order to use YANG identities for algorithm identifiers, only the 1828 most commonly used RSA key lengths are supported for the RSA 1829 algorithm. Additional key lengths can be defined in another module 1830 or added into a future version of this document. 1832 This document limits the number of elliptical curves supported. This 1833 was done to match industry trends and IETF best practice (e.g., 1834 matching work being done in TLS 1.3). If additional algorithms are 1835 needed, they can be defined by another module or added into a future 1836 version of this document. 1838 Some of the operations in this YANG module may be considered 1839 sensitive or vulnerable in some network environments. It is thus 1840 important to control access to these operations. These are the 1841 operations and their sensitivity/vulnerability: 1843 generate-certificate-signing-request: For this action, it is 1844 RECOMMENDED that implementations assert channel binding 1845 [RFC5056], so as to ensure that the application layer that sent 1846 the request is the same as the device authenticated when the 1847 secure transport layer was established. 1849 This document uses PKCS #10 [RFC2986] for the "generate-certificate- 1850 signing-request" action. The use of Certificate Request Message 1851 Format (CRMF) [RFC4211] was considered, but is was unclear if there 1852 was market demand for it. If it is desired to support CRMF in the 1853 future, placing a "choice" statement in both the input and output 1854 statements, along with an "if-feature" statement on the CRMF option, 1855 would enable a backwards compatible solution. 1857 NACM:default-deny-all is set on asymmetric-key-pair-grouping's 1858 "private-key" node, as private keys should never be revealed without 1859 explicit permission. 1861 4. IANA Considerations 1863 4.1. The IETF XML Registry 1865 This document registers one URI in the "ns" subregistry of the IETF 1866 XML Registry [RFC3688]. Following the format in [RFC3688], the 1867 following registration is requested: 1869 URI: urn:ietf:params:xml:ns:yang:ietf-crypto-types 1870 Registrant Contact: The NETCONF WG of the IETF. 1871 XML: N/A, the requested URI is an XML namespace. 1873 4.2. The YANG Module Names Registry 1875 This document registers one YANG module in the YANG Module Names 1876 registry [RFC6020]. Following the format in [RFC6020], the the 1877 following registration is requested: 1879 name: ietf-crypto-types 1880 namespace: urn:ietf:params:xml:ns:yang:ietf-crypto-types 1881 prefix: ct 1882 reference: RFC XXXX 1884 5. References 1886 5.1. Normative References 1888 [ITU.X690.2015] 1889 International Telecommunication Union, "Information 1890 Technology - ASN.1 encoding rules: Specification of Basic 1891 Encoding Rules (BER), Canonical Encoding Rules (CER) and 1892 Distinguished Encoding Rules (DER)", ITU-T Recommendation 1893 X.690, ISO/IEC 8825-1, August 2015, 1894 . 1896 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1897 Requirement Levels", BCP 14, RFC 2119, 1898 DOI 10.17487/RFC2119, March 1997, 1899 . 1901 [RFC2404] Madson, C. and R. Glenn, "The Use of HMAC-SHA-1-96 within 1902 ESP and AH", RFC 2404, DOI 10.17487/RFC2404, November 1903 1998, . 1905 [RFC2986] Nystrom, M. and B. Kaliski, "PKCS #10: Certification 1906 Request Syntax Specification Version 1.7", RFC 2986, 1907 DOI 10.17487/RFC2986, November 2000, 1908 . 1910 [RFC3174] Eastlake 3rd, D. and P. Jones, "US Secure Hash Algorithm 1 1911 (SHA1)", RFC 3174, DOI 10.17487/RFC3174, September 2001, 1912 . 1914 [RFC3565] Schaad, J., "Use of the Advanced Encryption Standard (AES) 1915 Encryption Algorithm in Cryptographic Message Syntax 1916 (CMS)", RFC 3565, DOI 10.17487/RFC3565, July 2003, 1917 . 1919 [RFC3686] Housley, R., "Using Advanced Encryption Standard (AES) 1920 Counter Mode With IPsec Encapsulating Security Payload 1921 (ESP)", RFC 3686, DOI 10.17487/RFC3686, January 2004, 1922 . 1924 [RFC4106] Viega, J. and D. McGrew, "The Use of Galois/Counter Mode 1925 (GCM) in IPsec Encapsulating Security Payload (ESP)", 1926 RFC 4106, DOI 10.17487/RFC4106, June 2005, 1927 . 1929 [RFC4253] Ylonen, T. and C. Lonvick, Ed., "The Secure Shell (SSH) 1930 Transport Layer Protocol", RFC 4253, DOI 10.17487/RFC4253, 1931 January 2006, . 1933 [RFC4279] Eronen, P., Ed. and H. Tschofenig, Ed., "Pre-Shared Key 1934 Ciphersuites for Transport Layer Security (TLS)", 1935 RFC 4279, DOI 10.17487/RFC4279, December 2005, 1936 . 1938 [RFC4309] Housley, R., "Using Advanced Encryption Standard (AES) CCM 1939 Mode with IPsec Encapsulating Security Payload (ESP)", 1940 RFC 4309, DOI 10.17487/RFC4309, December 2005, 1941 . 1943 [RFC4493] Song, JH., Poovendran, R., Lee, J., and T. Iwata, "The 1944 AES-CMAC Algorithm", RFC 4493, DOI 10.17487/RFC4493, June 1945 2006, . 1947 [RFC4494] Song, JH., Poovendran, R., and J. Lee, "The AES-CMAC-96 1948 Algorithm and Its Use with IPsec", RFC 4494, 1949 DOI 10.17487/RFC4494, June 2006, 1950 . 1952 [RFC4543] McGrew, D. and J. Viega, "The Use of Galois Message 1953 Authentication Code (GMAC) in IPsec ESP and AH", RFC 4543, 1954 DOI 10.17487/RFC4543, May 2006, 1955 . 1957 [RFC4868] Kelly, S. and S. Frankel, "Using HMAC-SHA-256, HMAC-SHA- 1958 384, and HMAC-SHA-512 with IPsec", RFC 4868, 1959 DOI 10.17487/RFC4868, May 2007, 1960 . 1962 [RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., 1963 Housley, R., and W. Polk, "Internet X.509 Public Key 1964 Infrastructure Certificate and Certificate Revocation List 1965 (CRL) Profile", RFC 5280, DOI 10.17487/RFC5280, May 2008, 1966 . 1968 [RFC5652] Housley, R., "Cryptographic Message Syntax (CMS)", STD 70, 1969 RFC 5652, DOI 10.17487/RFC5652, September 2009, 1970 . 1972 [RFC5656] Stebila, D. and J. Green, "Elliptic Curve Algorithm 1973 Integration in the Secure Shell Transport Layer", 1974 RFC 5656, DOI 10.17487/RFC5656, December 2009, 1975 . 1977 [RFC5915] Turner, S. and D. Brown, "Elliptic Curve Private Key 1978 Structure", RFC 5915, DOI 10.17487/RFC5915, June 2010, 1979 . 1981 [RFC6187] Igoe, K. and D. Stebila, "X.509v3 Certificates for Secure 1982 Shell Authentication", RFC 6187, DOI 10.17487/RFC6187, 1983 March 2011, . 1985 [RFC6234] Eastlake 3rd, D. and T. Hansen, "US Secure Hash Algorithms 1986 (SHA and SHA-based HMAC and HKDF)", RFC 6234, 1987 DOI 10.17487/RFC6234, May 2011, 1988 . 1990 [RFC6239] Igoe, K., "Suite B Cryptographic Suites for Secure Shell 1991 (SSH)", RFC 6239, DOI 10.17487/RFC6239, May 2011, 1992 . 1994 [RFC6507] Groves, M., "Elliptic Curve-Based Certificateless 1995 Signatures for Identity-Based Encryption (ECCSI)", 1996 RFC 6507, DOI 10.17487/RFC6507, February 2012, 1997 . 1999 [RFC6991] Schoenwaelder, J., Ed., "Common YANG Data Types", 2000 RFC 6991, DOI 10.17487/RFC6991, July 2013, 2001 . 2003 [RFC7539] Nir, Y. and A. Langley, "ChaCha20 and Poly1305 for IETF 2004 Protocols", RFC 7539, DOI 10.17487/RFC7539, May 2015, 2005 . 2007 [RFC7919] Gillmor, D., "Negotiated Finite Field Diffie-Hellman 2008 Ephemeral Parameters for Transport Layer Security (TLS)", 2009 RFC 7919, DOI 10.17487/RFC7919, August 2016, 2010 . 2012 [RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language", 2013 RFC 7950, DOI 10.17487/RFC7950, August 2016, 2014 . 2016 [RFC8017] Moriarty, K., Ed., Kaliski, B., Jonsson, J., and A. Rusch, 2017 "PKCS #1: RSA Cryptography Specifications Version 2.2", 2018 RFC 8017, DOI 10.17487/RFC8017, November 2016, 2019 . 2021 [RFC8032] Josefsson, S. and I. Liusvaara, "Edwards-Curve Digital 2022 Signature Algorithm (EdDSA)", RFC 8032, 2023 DOI 10.17487/RFC8032, January 2017, 2024 . 2026 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2027 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 2028 May 2017, . 2030 [RFC8268] Baushke, M., "More Modular Exponentiation (MODP) Diffie- 2031 Hellman (DH) Key Exchange (KEX) Groups for Secure Shell 2032 (SSH)", RFC 8268, DOI 10.17487/RFC8268, December 2017, 2033 . 2035 [RFC8332] Bider, D., "Use of RSA Keys with SHA-256 and SHA-512 in 2036 the Secure Shell (SSH) Protocol", RFC 8332, 2037 DOI 10.17487/RFC8332, March 2018, 2038 . 2040 [RFC8341] Bierman, A. and M. Bjorklund, "Network Configuration 2041 Access Control Model", STD 91, RFC 8341, 2042 DOI 10.17487/RFC8341, March 2018, 2043 . 2045 [RFC8422] Nir, Y., Josefsson, S., and M. Pegourie-Gonnard, "Elliptic 2046 Curve Cryptography (ECC) Cipher Suites for Transport Layer 2047 Security (TLS) Versions 1.2 and Earlier", RFC 8422, 2048 DOI 10.17487/RFC8422, August 2018, 2049 . 2051 [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol 2052 Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, 2053 . 2055 5.2. Informative References 2057 [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, 2058 DOI 10.17487/RFC3688, January 2004, 2059 . 2061 [RFC4211] Schaad, J., "Internet X.509 Public Key Infrastructure 2062 Certificate Request Message Format (CRMF)", RFC 4211, 2063 DOI 10.17487/RFC4211, September 2005, 2064 . 2066 [RFC5056] Williams, N., "On the Use of Channel Bindings to Secure 2067 Channels", RFC 5056, DOI 10.17487/RFC5056, November 2007, 2068 . 2070 [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for 2071 the Network Configuration Protocol (NETCONF)", RFC 6020, 2072 DOI 10.17487/RFC6020, October 2010, 2073 . 2075 [RFC6125] Saint-Andre, P. and J. Hodges, "Representation and 2076 Verification of Domain-Based Application Service Identity 2077 within Internet Public Key Infrastructure Using X.509 2078 (PKIX) Certificates in the Context of Transport Layer 2079 Security (TLS)", RFC 6125, DOI 10.17487/RFC6125, March 2080 2011, . 2082 [RFC8340] Bjorklund, M. and L. Berger, Ed., "YANG Tree Diagrams", 2083 BCP 215, RFC 8340, DOI 10.17487/RFC8340, March 2018, 2084 . 2086 Appendix A. Examples 2088 A.1. The "asymmetric-key-pair-with-certs-grouping" Grouping 2090 The following example module has been constructed to illustrate use 2091 of the "asymmetric-key-pair-with-certs-grouping" grouping defined in 2092 the "ietf-crypto-types" module. 2094 Note that the "asymmetric-key-pair-with-certs-grouping" grouping uses 2095 both the "asymmetric-key-pair-grouping" and "end-entity-cert- 2096 grouping" groupings, and that the "asymmetric-key-pair-grouping" 2097 grouping uses the "public-key-grouping" grouping. Thus, a total of 2098 four of the five groupings defined in the "ietf-crypto-types" module 2099 are illustrated through the use of this one grouping. The only 2100 grouping not represented is the "trust-anchor-cert-grouping" 2101 grouping. 2103 module ex-crypto-types-usage { 2104 yang-version 1.1; 2106 namespace "http://example.com/ns/example-crypto-types-usage"; 2107 prefix "ectu"; 2109 import ietf-crypto-types { 2110 prefix ct; 2111 reference 2112 "RFC XXXX: Common YANG Data Types for Cryptography"; 2113 } 2115 organization 2116 "Example Corporation"; 2118 contact 2119 "Author: YANG Designer "; 2121 description 2122 "This module illustrates the grouping 2123 defined in the crypto-types draft called 2124 'asymmetric-key-pair-with-certs-grouping'."; 2126 revision "1001-01-01" { 2127 description 2128 "Initial version"; 2129 reference 2130 "RFC ????: Usage Example for RFC XXXX"; 2131 } 2133 container keys { 2134 description 2135 "A container of keys."; 2136 list key { 2137 key name; 2138 leaf name { 2139 type string; 2140 description 2141 "An arbitrary name for this key."; 2142 } 2143 uses ct:asymmetric-key-pair-with-certs-grouping; 2144 description 2145 "An asymmetric key pair with associated certificates."; 2146 } 2147 } 2148 } 2149 Given the above example usage module, the following example 2150 illustrates some configured keys. 2152 2153 2154 ex-key 2155 2157 ct:rsa2048 2158 2159 base64encodedvalue== 2160 base64encodedvalue== 2161 2162 2163 ex-cert 2164 base64encodedvalue== 2165 2166 2167 2168 2170 A.2. The "generate-hidden-key" Action 2172 The following example illustrates the "generate-hidden-key" action in 2173 use with the NETCONF protocol. 2175 REQUEST 2176 ------- 2177 2179 2180 2181 2182 empty-key 2183 2184 2186 ct:rsa2048 2187 2188 2189 2190 2191 2192 2194 RESPONSE 2195 -------- 2196 2198 2199 2201 A.3. The "install-hidden-key" Action 2203 The following example illustrates the "install-hidden-key" action in 2204 use with the NETCONF protocol. 2206 REQUEST 2207 ------- 2208 2210 2211 2212 2213 empty-key 2214 2215 2217 ct:rsa2048 2218 2219 base64encodedvalue== 2220 base64encodedvalue== 2221 2222 2223 2224 2225 2227 RESPONSE 2228 -------- 2229 2231 2232 2234 A.4. The "generate-certificate-signing-request" Action 2236 The following example illustrates the "generate-certificate-signing- 2237 request" action in use with the NETCONF protocol. 2239 REQUEST 2240 ------- 2241 2243 2244 2245 2246 ex-key-sect571r1 2247 2248 base64encodedvalue== 2249 base64encodedvalue== 2250 2251 2252 2253 2254 2256 RESPONSE 2257 -------- 2258 2260 2262 base64encodedvalue== 2263 2264 2266 A.5. The "certificate-expiration" Notification 2268 The following example illustrates the "certificate-expiration" 2269 notification in use with the NETCONF protocol. 2271 2273 2018-05-25T00:01:00Z 2274 2275 2276 locally-defined key 2277 2278 2279 my-cert 2280 2281 2282 2018-08-05T14:18:53-05:00 2283 2284 2285 2286 2287 2288 2289 2291 Appendix B. Change Log 2293 B.1. I-D to 00 2295 o Removed groupings and notifications. 2297 o Added typedefs for identityrefs. 2299 o Added typedefs for other RFC 5280 structures. 2301 o Added typedefs for other RFC 5652 structures. 2303 o Added convenience typedefs for RFC 4253, RFC 5280, and RFC 5652. 2305 B.2. 00 to 01 2307 o Moved groupings from the draft-ietf-netconf-keystore here. 2309 B.3. 01 to 02 2311 o Removed unwanted "mandatory" and "must" statements. 2313 o Added many new crypto algorithms (thanks Haiguang!) 2315 o Clarified in asymmetric-key-pair-with-certs-grouping, in 2316 certificates/certificate/name/description, that if the name MUST 2317 not match the name of a certificate that exists independently in 2318 , enabling certs installed by the manufacturer (e.g., 2319 an IDevID). 2321 Acknowledgements 2323 The authors would like to thank for following for lively discussions 2324 on list and in the halls (ordered by last name): Martin Bjorklund, 2325 Balazs Kovacs, Eric Voit, and Liang Xia. 2327 Authors' Addresses 2329 Kent Watsen 2330 Juniper Networks 2332 EMail: kwatsen@juniper.net 2334 Wang Haiguang 2335 Huawei 2337 EMail: wang.haiguang.shieldlab@huawei.com