idnits 2.17.1 draft-ietf-netconf-crypto-types-10.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 134 has weird spacing: '...lic-key bin...' == Line 146 has weird spacing: '...on-date yan...' == Line 150 has weird spacing: '...on-date yan...' == Line 154 has weird spacing: '...on-date yan...' == Line 158 has weird spacing: '...on-date yan...' == (5 more instances...) -- The document date (July 2, 2019) is 1732 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Possible downref: Non-RFC (?) normative reference: ref. 'ITU.X690.2015' -- Obsolete informational reference (is this intentional?): RFC 6125 (Obsoleted by RFC 9525) Summary: 0 errors (**), 0 flaws (~~), 7 warnings (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 NETCONF Working Group K. Watsen 3 Internet-Draft Watsen Networks 4 Intended status: Standards Track H. Wang 5 Expires: January 3, 2020 Huawei 6 July 2, 2019 8 Common YANG Data Types for Cryptography 9 draft-ietf-netconf-crypto-types-10 11 Abstract 13 This document defines YANG identities, typedefs, the groupings useful 14 for cryptographic applications. 16 Editorial Note (To be removed by RFC Editor) 18 This draft contains many placeholder values that need to be replaced 19 with finalized values at the time of publication. This note 20 summarizes all of the substitutions that are needed. No other RFC 21 Editor instructions are specified elsewhere in this document. 23 Artwork in this document contains shorthand references to drafts in 24 progress. Please apply the following replacements: 26 o "XXXX" --> the assigned RFC value for this draft 28 Artwork in this document contains placeholder values for the date of 29 publication of this draft. Please apply the following replacement: 31 o "2019-07-02" --> the publication date of this draft 33 The following Appendix section is to be removed prior to publication: 35 o Appendix B. Change Log 37 Status of This Memo 39 This Internet-Draft is submitted in full conformance with the 40 provisions of BCP 78 and BCP 79. 42 Internet-Drafts are working documents of the Internet Engineering 43 Task Force (IETF). Note that other groups may also distribute 44 working documents as Internet-Drafts. The list of current Internet- 45 Drafts is at https://datatracker.ietf.org/drafts/current/. 47 Internet-Drafts are draft documents valid for a maximum of six months 48 and may be updated, replaced, or obsoleted by other documents at any 49 time. It is inappropriate to use Internet-Drafts as reference 50 material or to cite them other than as "work in progress." 52 This Internet-Draft will expire on January 3, 2020. 54 Copyright Notice 56 Copyright (c) 2019 IETF Trust and the persons identified as the 57 document authors. All rights reserved. 59 This document is subject to BCP 78 and the IETF Trust's Legal 60 Provisions Relating to IETF Documents 61 (https://trustee.ietf.org/license-info) in effect on the date of 62 publication of this document. Please review these documents 63 carefully, as they describe your rights and restrictions with respect 64 to this document. Code Components extracted from this document must 65 include Simplified BSD License text as described in Section 4.e of 66 the Trust Legal Provisions and are provided without warranty as 67 described in the Simplified BSD License. 69 Table of Contents 71 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 72 2. The Crypto Types Module . . . . . . . . . . . . . . . . . . . 3 73 2.1. Tree Diagram . . . . . . . . . . . . . . . . . . . . . . 3 74 2.2. YANG Module . . . . . . . . . . . . . . . . . . . . . . . 5 75 3. Security Considerations . . . . . . . . . . . . . . . . . . . 48 76 3.1. Support for Algorithms . . . . . . . . . . . . . . . . . 48 77 3.2. No Support for CRMF . . . . . . . . . . . . . . . . . . . 48 78 3.3. Access to Data Nodes . . . . . . . . . . . . . . . . . . 48 79 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 50 80 4.1. The IETF XML Registry . . . . . . . . . . . . . . . . . . 50 81 4.2. The YANG Module Names Registry . . . . . . . . . . . . . 50 82 5. References . . . . . . . . . . . . . . . . . . . . . . . . . 50 83 5.1. Normative References . . . . . . . . . . . . . . . . . . 50 84 5.2. Informative References . . . . . . . . . . . . . . . . . 53 85 Appendix A. Examples . . . . . . . . . . . . . . . . . . . . . . 56 86 A.1. The "asymmetric-key-pair-with-certs-grouping" Grouping . 56 87 A.2. The "generate-certificate-signing-request" Action . . . . 58 88 A.3. The "certificate-expiration" Notification . . . . . . . . 59 89 Appendix B. Change Log . . . . . . . . . . . . . . . . . . . . . 60 90 B.1. I-D to 00 . . . . . . . . . . . . . . . . . . . . . . . . 60 91 B.2. 00 to 01 . . . . . . . . . . . . . . . . . . . . . . . . 60 92 B.3. 01 to 02 . . . . . . . . . . . . . . . . . . . . . . . . 60 93 B.4. 02 to 03 . . . . . . . . . . . . . . . . . . . . . . . . 61 94 B.5. 03 to 04 . . . . . . . . . . . . . . . . . . . . . . . . 61 95 B.6. 04 to 05 . . . . . . . . . . . . . . . . . . . . . . . . 62 96 B.7. 05 to 06 . . . . . . . . . . . . . . . . . . . . . . . . 62 97 B.8. 06 to 07 . . . . . . . . . . . . . . . . . . . . . . . . 62 98 B.9. 07 to 08 . . . . . . . . . . . . . . . . . . . . . . . . 63 99 B.10. 08 to 09 . . . . . . . . . . . . . . . . . . . . . . . . 63 100 B.11. 09 to 10 . . . . . . . . . . . . . . . . . . . . . . . . 63 101 Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 63 102 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 64 104 1. Introduction 106 This document defines a YANG 1.1 [RFC7950] module specifying 107 identities, typedefs, and groupings useful for cryptography. 109 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 110 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 111 "OPTIONAL" in this document are to be interpreted as described in BCP 112 14 [RFC2119] [RFC8174] when, and only when, they appear in all 113 capitals, as shown here. 115 2. The Crypto Types Module 117 2.1. Tree Diagram 119 This section provides a tree diagram [RFC8340] for the "ietf-crypto- 120 types" module. Only the groupings as represented, as tree diagrams 121 have no means to represent identities or typedefs. 123 module: ietf-crypto-types 125 grouping symmetric-key-grouping 126 +-- algorithm encryption-algorithm-t 127 +-- (key-type) 128 +--:(key) 129 | +-- key? binary 130 +--:(hidden-key) 131 +-- hidden-key? empty 132 grouping public-key-grouping 133 +-- algorithm asymmetric-key-algorithm-t 134 +-- public-key binary 135 grouping asymmetric-key-pair-grouping 136 +-- algorithm asymmetric-key-algorithm-t 137 +-- public-key binary 138 +-- (private-key-type) 139 +--:(private-key) 140 | +-- private-key? binary 141 +--:(hidden-private-key) 142 +-- hidden-private-key? empty 143 grouping trust-anchor-cert-grouping 144 +-- cert? trust-anchor-cert-cms 145 +---n certificate-expiration 146 +-- expiration-date yang:date-and-time 147 grouping trust-anchor-certs-grouping 148 +-- cert* trust-anchor-cert-cms 149 +---n certificate-expiration 150 +-- expiration-date yang:date-and-time 151 grouping end-entity-cert-grouping 152 +-- cert? end-entity-cert-cms 153 +---n certificate-expiration 154 +-- expiration-date yang:date-and-time 155 grouping end-entity-certs-grouping 156 +-- cert* end-entity-cert-cms 157 +---n certificate-expiration 158 +-- expiration-date yang:date-and-time 159 grouping asymmetric-key-pair-with-cert-grouping 160 +-- algorithm 161 | asymmetric-key-algorithm-t 162 +-- public-key binary 163 +-- (private-key-type) 164 | +--:(private-key) 165 | | +-- private-key? binary 166 | +--:(hidden-private-key) 167 | +-- hidden-private-key? empty 168 +-- cert? end-entity-cert-cms 169 +---n certificate-expiration 170 | +-- expiration-date yang:date-and-time 171 +---x generate-certificate-signing-request 172 +---w input 173 | +---w subject binary 174 | +---w attributes? binary 175 +--ro output 176 +--ro certificate-signing-request binary 177 grouping asymmetric-key-pair-with-certs-grouping 178 +-- algorithm 179 | asymmetric-key-algorithm-t 180 +-- public-key binary 181 +-- (private-key-type) 182 | +--:(private-key) 183 | | +-- private-key? binary 184 | +--:(hidden-private-key) 185 | +-- hidden-private-key? empty 186 +-- certificates 187 | +-- certificate* [name] 188 | +-- name? string 189 | +-- cert? end-entity-cert-cms 190 | +---n certificate-expiration 191 | +-- expiration-date yang:date-and-time 192 +---x generate-certificate-signing-request 193 +---w input 194 | +---w subject binary 195 | +---w attributes? binary 196 +--ro output 197 +--ro certificate-signing-request binary 199 2.2. YANG Module 201 This module has normative references to [RFC2404], [RFC3565], 202 [RFC3686], [RFC4106], [RFC4253], [RFC4279], [RFC4309], [RFC4494], 203 [RFC4543], [RFC4868], [RFC5280], [RFC5652], [RFC5656], [RFC6187], 204 [RFC6991], [RFC7919], [RFC8268], [RFC8332], [RFC8341], [RFC8422], 205 [RFC8446], and [ITU.X690.2015]. 207 This module has an informational reference to [RFC2986], [RFC3174], 208 [RFC4493], [RFC5915], [RFC6125], [RFC6234], [RFC6239], [RFC6507], 209 [RFC8017], [RFC8032], [RFC8439]. 211 file "ietf-crypto-types@2019-07-02.yang" 213 module ietf-crypto-types { 214 yang-version 1.1; 215 namespace "urn:ietf:params:xml:ns:yang:ietf-crypto-types"; 216 prefix ct; 218 import ietf-yang-types { 219 prefix yang; 220 reference 221 "RFC 6991: Common YANG Data Types"; 222 } 224 import ietf-netconf-acm { 225 prefix nacm; 226 reference 227 "RFC 8341: Network Configuration Access Control Model"; 228 } 230 organization 231 "IETF NETCONF (Network Configuration) Working Group"; 233 contact 234 "WG Web: 235 WG List: 236 Author: Kent Watsen 237 Author: Wang Haiguang "; 239 description 240 "This module defines common YANG types for cryptographic 241 applications. 243 Copyright (c) 2019 IETF Trust and the persons identified 244 as authors of the code. All rights reserved. 246 Redistribution and use in source and binary forms, with 247 or without modification, is permitted pursuant to, and 248 subject to the license terms contained in, the Simplified 249 BSD License set forth in Section 4.c of the IETF Trust's 250 Legal Provisions Relating to IETF Documents 251 (https://trustee.ietf.org/license-info). 253 This version of this YANG module is part of RFC XXXX 254 (https://www.rfc-editor.org/info/rfcXXXX); see the RFC 255 itself for full legal notices.; 257 The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 258 'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 259 'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this document 260 are to be interpreted as described in BCP 14 (RFC 2119) 261 (RFC 8174) when, and only when, they appear in all 262 capitals, as shown here."; 264 revision 2019-07-02 { 265 description 266 "Initial version"; 267 reference 268 "RFC XXXX: Common YANG Data Types for Cryptography"; 269 } 271 /**************************************/ 272 /* Identities for Hash Algorithms */ 273 /**************************************/ 275 typedef hash-algorithm-t { 276 type union { 277 type uint16; 278 type enumeration { 279 enum NONE { 280 value 0; 281 description 282 "Hash algorithm is NULL."; 283 } 284 enum sha1 { 285 value 1; 286 status obsolete; 287 description 288 "The SHA1 algorithm."; 290 reference 291 "RFC 3174: US Secure Hash Algorithms 1 (SHA1)."; 292 } 293 enum sha-224 { 294 value 2; 295 description 296 "The SHA-224 algorithm."; 297 reference 298 "RFC 6234: US Secure Hash Algorithms."; 299 } 300 enum sha-256 { 301 value 3; 302 description 303 "The SHA-256 algorithm."; 304 reference 305 "RFC 6234: US Secure Hash Algorithms."; 306 } 307 enum sha-384 { 308 value 4; 309 description 310 "The SHA-384 algorithm."; 311 reference 312 "RFC 6234: US Secure Hash Algorithms."; 313 } 314 enum sha-512 { 315 value 5; 316 description 317 "The SHA-512 algorithm."; 318 reference 319 "RFC 6234: US Secure Hash Algorithms."; 320 } 321 enum shake-128 { 322 value 6; 323 description 324 "The SHA3 algorithm with 128-bits output."; 325 reference 326 "National Institute of Standards and Technology, 327 SHA-3 Standard: Permutation-Based Hash and 328 Extendable-Output Functions, FIPS PUB 202, DOI 329 10.6028/NIST.FIPS.202, August 2015."; 330 } 331 enum shake-224 { 332 value 7; 333 description 334 "The SHA3 algorithm with 224-bits output."; 335 reference 336 "National Institute of Standards and Technology, 337 SHA-3 Standard: Permutation-Based Hash and 338 Extendable-Output Functions, FIPS PUB 202, DOI 339 10.6028/NIST.FIPS.202, August 2015."; 340 } 341 enum shake-256 { 342 value 8; 343 description 344 "The SHA3 algorithm with 256-bits output."; 345 reference 346 "National Institute of Standards and Technology, 347 SHA-3 Standard: Permutation-Based Hash and 348 Extendable-Output Functions, FIPS PUB 202, DOI 349 10.6028/NIST.FIPS.202, August 2015."; 350 } 351 enum shake-384 { 352 value 9; 353 description 354 "The SHA3 algorithm with 384-bits output."; 355 reference 356 "National Institute of Standards and Technology, 357 SHA-3 Standard: Permutation-Based Hash and 358 Extendable-Output Functions, FIPS PUB 202, DOI 359 10.6028/NIST.FIPS.202, August 2015."; 360 } 361 enum shake-512 { 362 value 10; 363 description 364 "The SHA3 algorithm with 384-bits output."; 365 reference 366 "National Institute of Standards and Technology, 367 SHA-3 Standard: Permutation-Based Hash and 368 Extendable-Output Functions, FIPS PUB 202, DOI 369 10.6028/NIST.FIPS.202, August 2015."; 370 } 371 } 372 } 373 default "0"; 374 description 375 "The uint16 filed shall be set by individual protocol families 376 according to the hash algorithm value assigned by IANA. The 377 setting is optional and by default is 0. The enumeration 378 filed is set to the selected hash algorithm."; 379 } 381 /***********************************************/ 382 /* Identities for Asymmetric Key Algorithms */ 383 /***********************************************/ 385 typedef asymmetric-key-algorithm-t { 386 type union { 387 type uint16; 388 type enumeration { 389 enum NONE { 390 value 0; 391 description 392 "Asymetric key algorithm is NULL."; 393 } 394 enum rsa1024 { 395 value 1; 396 description 397 "The RSA algorithm using a 1024-bit key."; 398 reference 399 "RFC 8017: PKCS #1: RSA Cryptography 400 Specifications Version 2.2."; 401 } 402 enum rsa2048 { 403 value 2; 404 description 405 "The RSA algorithm using a 2048-bit key."; 406 reference 407 "RFC 8017: 408 PKCS #1: RSA Cryptography Specifications Version 2.2."; 409 } 410 enum rsa3072 { 411 value 3; 412 description 413 "The RSA algorithm using a 3072-bit key."; 414 reference 415 "RFC 8017: 416 PKCS #1: RSA Cryptography Specifications Version 2.2."; 417 } 418 enum rsa4096 { 419 value 4; 420 description 421 "The RSA algorithm using a 4096-bit key."; 422 reference 423 "RFC 8017: 424 PKCS #1: RSA Cryptography Specifications Version 2.2."; 425 } 426 enum rsa7680 { 427 value 5; 428 description 429 "The RSA algorithm using a 7680-bit key."; 430 reference 431 "RFC 8017: 432 PKCS #1: RSA Cryptography Specifications Version 2.2."; 433 } 434 enum rsa15360 { 435 value 6; 436 description 437 "The RSA algorithm using a 15360-bit key."; 438 reference 439 "RFC 8017: 440 PKCS #1: RSA Cryptography Specifications Version 2.2."; 441 } 442 enum secp192r1 { 443 value 7; 444 description 445 "The asymmetric algorithm using a NIST P192 Curve."; 446 reference 447 "RFC 6090: 448 Fundamental Elliptic Curve Cryptography Algorithms. 449 RFC 5480: 450 Elliptic Curve Cryptography Subject Public Key 451 Information."; 452 } 453 enum secp224r1 { 454 value 8; 455 description 456 "The asymmetric algorithm using a NIST P224 Curve."; 457 reference 458 "RFC 6090: 459 Fundamental Elliptic Curve Cryptography Algorithms. 460 RFC 5480: 461 Elliptic Curve Cryptography Subject Public Key 462 Information."; 463 } 464 enum secp256r1 { 465 value 9; 466 description 467 "The asymmetric algorithm using a NIST P256 Curve."; 468 reference 469 "RFC 6090: 470 Fundamental Elliptic Curve Cryptography Algorithms. 471 RFC 5480: 472 Elliptic Curve Cryptography Subject Public Key 473 Information."; 474 } 475 enum secp384r1 { 476 value 10; 477 description 478 "The asymmetric algorithm using a NIST P384 Curve."; 479 reference 480 "RFC 6090: 481 Fundamental Elliptic Curve Cryptography Algorithms. 483 RFC 5480: 484 Elliptic Curve Cryptography Subject Public Key 485 Information."; 486 } 487 enum secp521r1 { 488 value 11; 489 description 490 "The asymmetric algorithm using a NIST P521 Curve."; 491 reference 492 "RFC 6090: 493 Fundamental Elliptic Curve Cryptography Algorithms. 494 RFC 5480: 495 Elliptic Curve Cryptography Subject Public Key 496 Information."; 497 } 498 enum x25519 { 499 value 12; 500 description 501 "The asymmetric algorithm using a x.25519 Curve."; 502 reference 503 "RFC 7748: 504 Elliptic Curves for Security."; 505 } 506 enum x448 { 507 value 13; 508 description 509 "The asymmetric algorithm using a x.448 Curve."; 510 reference 511 "RFC 7748: 512 Elliptic Curves for Security."; 513 } 514 } 515 } 516 default "0"; 517 description 518 "The uint16 filed shall be set by individual protocol 519 families according to the asymmetric key algorithm value 520 assigned by IANA. The setting is optional and by default 521 is 0. The enumeration filed is set to the selected 522 asymmetric key algorithm."; 523 } 525 /*************************************/ 526 /* Identities for MAC Algorithms */ 527 /*************************************/ 529 typedef mac-algorithm-t { 530 type union { 531 type uint16; 532 type enumeration { 533 enum NONE { 534 value 0; 535 description 536 "mac algorithm is NULL."; 537 } 538 enum hmac-sha1 { 539 value 1; 540 description 541 "Generating MAC using SHA1 hash function"; 542 reference 543 "RFC 3174: US Secure Hash Algorithm 1 (SHA1)"; 544 } 545 enum hmac-sha1-96 { 546 value 2; 547 description 548 "Generating MAC using SHA1 hash function"; 549 reference 550 "RFC 2404: The Use of HMAC-SHA-1-96 within ESP and AH"; 551 } 552 enum hmac-sha2-224 { 553 value 3; 554 description 555 "Generating MAC using SHA2 hash function"; 556 reference 557 "RFC 6234: US Secure Hash Algorithms 558 (SHA and SHA-based HMAC and HKDF)"; 559 } 560 enum hmac-sha2-256 { 561 value 4; 562 description 563 "Generating MAC using SHA2 hash function"; 564 reference 565 "RFC 6234: US Secure Hash Algorithms 566 (SHA and SHA-based HMAC and HKDF)"; 567 } 568 enum hmac-sha2-256-128 { 569 value 5; 570 description 571 "Generating a 256 bits MAC using SHA2 hash function and 572 truncate it to 128 bits"; 573 reference 574 "RFC 4868: Using HMAC-SHA-256, HMAC-SHA-384, 575 and HMAC-SHA-512 with IPsec"; 576 } 577 enum hmac-sha2-384 { 578 value 6; 579 description 580 "Generating a 384 bits MAC using SHA2 hash function"; 581 reference 582 "RFC 6234: US Secure Hash Algorithms 583 (SHA and SHA-based HMAC and HKDF)"; 584 } 585 enum hmac-sha2-384-192 { 586 value 7; 587 description 588 "Generating a 384 bits MAC using SHA2 hash function and 589 truncate it to 192 bits"; 590 reference 591 "RFC 4868: Using HMAC-SHA-256, HMAC-SHA-384, 592 and HMAC-SHA-512 with IPsec"; 593 } 594 enum hmac-sha2-512 { 595 value 8; 596 description 597 "Generating a 512 bits MAC using SHA2 hash function"; 598 reference 599 "RFC 6234: US Secure Hash Algorithms 600 (SHA and SHA-based HMAC and HKDF)"; 601 } 602 enum hmac-sha2-512-256 { 603 value 9; 604 description 605 "Generating a 512 bits MAC using SHA2 hash function and 606 truncate it to 256 bits"; 607 reference 608 "RFC 4868: Using HMAC-SHA-256, HMAC-SHA-384, 609 and HMAC-SHA-512 with IPsec"; 610 } 611 enum aes-128-gmac { 612 value 10; 613 description 614 "Generating 128-bit MAC using the Advanced Encryption 615 Standard (AES) Galois Message Authentication Code 616 (GMAC) as a mechanism to provide data origin 617 authentication."; 618 reference 619 "RFC 4543: 620 The Use of Galois Message Authentication Code (GMAC) 621 in IPsec ESP and AH"; 622 } 623 enum aes-192-gmac { 624 value 11; 625 description 626 "Generating 192-bit MAC using the Advanced Encryption 627 Standard (AES) Galois Message Authentication Code 628 (GMAC) as a mechanism to provide data origin 629 authentication."; 630 reference 631 "RFC 4543: 632 The Use of Galois Message Authentication Code (GMAC) 633 in IPsec ESP and AH"; 634 } 635 enum aes-256-gmac { 636 value 12; 637 description 638 "Generating 256-bit MAC using the Advanced Encryption 639 Standard (AES) Galois Message Authentication Code 640 (GMAC) as a mechanism to provide data origin 641 authentication."; 642 reference 643 "RFC 4543: 644 The Use of Galois Message Authentication Code (GMAC) 645 in IPsec ESP and AH"; 646 } 647 enum aes-cmac-96 { 648 value 13; 649 description 650 "Generating 96-bit MAC using Advanced Encryption 651 Standard (AES) Cipher-based Message Authentication 652 Code (CMAC)"; 653 reference 654 "RFC 4494: 655 The AES-CMAC Algorithm and its Use with IPsec"; 656 } 657 enum aes-cmac-128 { 658 value 14; 659 description 660 "Generating 128-bit MAC using Advanced Encryption 661 Standard (AES) Cipher-based Message Authentication 662 Code (CMAC)"; 663 reference 664 "RFC 4494: 665 The AES-CMAC Algorithm and its Use with IPsec"; 666 } 667 enum sha1-des3-kd { 668 value 15; 669 description 670 "Generating MAC using triple DES encryption function"; 671 reference 672 "RFC 3961: 673 Encryption and Checksum Specifications for Kerberos 674 5"; 676 } 677 } 678 } 679 default "0"; 680 description 681 "The uint16 filed shall be set by individual protocol 682 families according to the mac algorithm value assigned by 683 IANA. The setting is optional and by default is 0. The 684 enumeration filed is set to the selected mac algorithm."; 685 } 687 /********************************************/ 688 /* Identities for Encryption Algorithms */ 689 /********************************************/ 691 typedef encryption-algorithm-t { 692 type union { 693 type uint16; 694 type enumeration { 695 enum NONE { 696 value 0; 697 description 698 "Encryption algorithm is NULL."; 699 } 700 enum aes-128-cbc { 701 value 1; 702 description 703 "Encrypt message with AES algorithm in CBC mode with 704 a key length of 128 bits."; 705 reference 706 "RFC 3565: Use of the Advanced Encryption Standard (AES) 707 Encryption Algorithm in Cryptographic Message Syntax 708 (CMS)"; 709 } 710 enum aes-192-cbc { 711 value 2; 712 description 713 "Encrypt message with AES algorithm in CBC mode with 714 a key length of 192 bits"; 715 reference 716 "RFC 3565: Use of the Advanced Encryption Standard (AES) 717 Encryption Algorithm in Cryptographic Message Syntax 718 (CMS)"; 719 } 720 enum aes-256-cbc { 721 value 3; 722 description 723 "Encrypt message with AES algorithm in CBC mode with 724 a key length of 256 bits"; 725 reference 726 "RFC 3565: Use of the Advanced Encryption Standard (AES) 727 Encryption Algorithm in Cryptographic Message Syntax 728 (CMS)"; 729 } 730 enum aes-128-ctr { 731 value 4; 732 description 733 "Encrypt message with AES algorithm in CTR mode with 734 a key length of 128 bits"; 735 reference 736 "RFC 3686: 737 Using Advanced Encryption Standard (AES) Counter 738 Mode with IPsec Encapsulating Security Payload 739 (ESP)"; 740 } 741 enum aes-192-ctr { 742 value 5; 743 description 744 "Encrypt message with AES algorithm in CTR mode with 745 a key length of 192 bits"; 746 reference 747 "RFC 3686: 748 Using Advanced Encryption Standard (AES) Counter 749 Mode with IPsec Encapsulating Security Payload 750 (ESP)"; 751 } 752 enum aes-256-ctr { 753 value 6; 754 description 755 "Encrypt message with AES algorithm in CTR mode with 756 a key length of 256 bits"; 757 reference 758 "RFC 3686: 759 Using Advanced Encryption Standard (AES) Counter 760 Mode with IPsec Encapsulating Security Payload 761 (ESP)"; 762 } 763 enum des3-cbc-sha1-kd { 764 value 7; 765 description 766 "Encrypt message with 3DES algorithm in CBC mode 767 with sha1 function for key derivation"; 768 reference 769 "RFC 3961: 770 Encryption and Checksum Specifications for 771 Kerberos 5"; 773 } 774 enum rc4-hmac { 775 value 8; 776 description 777 "Encrypt message with rc4 algorithm"; 778 reference 779 "RFC 4757: 780 The RC4-HMAC Kerberos Encryption Types Used by 781 Microsoft Windows"; 782 } 783 enum rc4-hmac-exp { 784 value 9; 785 description 786 "Encrypt message with rc4 algorithm that is exportable"; 787 reference 788 "RFC 4757: 789 The RC4-HMAC Kerberos Encryption Types Used by 790 Microsoft Windows"; 791 } 792 } 793 } 794 default "0"; 795 description 796 "The uint16 filed shall be set by individual protocol 797 families according to the encryption algorithm value 798 assigned by IANA. The setting is optional and by default 799 is 0. The enumeration filed is set to the selected 800 encryption algorithm."; 801 } 803 /****************************************************/ 804 /* Identities for Encryption and MAC Algorithms */ 805 /****************************************************/ 807 typedef encryption-and-mac-algorithm-t { 808 type union { 809 type uint16; 810 type enumeration { 811 enum NONE { 812 value 0; 813 description 814 "Encryption and MAC algorithm is NULL."; 815 reference 816 "None"; 817 } 818 enum aes-128-ccm { 819 value 1; 820 description 821 "Encrypt message with AES algorithm in CCM 822 mode with a key length of 128 bits; it can 823 also be used for generating MAC"; 824 reference 825 "RFC 4309: Using Advanced Encryption Standard 826 (AES) CCM Mode with IPsec Encapsulating Security 827 Payload (ESP)"; 828 } 829 enum aes-192-ccm { 830 value 2; 831 description 832 "Encrypt message with AES algorithm in CCM 833 mode with a key length of 192 bits; it can 834 also be used for generating MAC"; 835 reference 836 "RFC 4309: Using Advanced Encryption Standard 837 (AES) CCM Mode with IPsec Encapsulating Security 838 Payload (ESP)"; 839 } 840 enum aes-256-ccm { 841 value 3; 842 description 843 "Encrypt message with AES algorithm in CCM 844 mode with a key length of 256 bits; it can 845 also be used for generating MAC"; 846 reference 847 "RFC 4309: Using Advanced Encryption Standard 848 (AES) CCM Mode with IPsec Encapsulating Security 849 Payload (ESP)"; 850 } 851 enum aes-128-gcm { 852 value 4; 853 description 854 "Encrypt message with AES algorithm in GCM 855 mode with a key length of 128 bits; it can 856 also be used for generating MAC"; 857 reference 858 "RFC 4106: The Use of Galois/Counter Mode (GCM) 859 in IPsec Encapsulating Security Payload (ESP)"; 860 } 861 enum aes-192-gcm { 862 value 5; 863 description 864 "Encrypt message with AES algorithm in GCM 865 mode with a key length of 192 bits; it can 866 also be used for generating MAC"; 867 reference 868 "RFC 4106: The Use of Galois/Counter Mode (GCM) 869 in IPsec Encapsulating Security Payload (ESP)"; 870 } 871 enum aes-256-gcm { 872 value 6; 873 description 874 "Encrypt message with AES algorithm in GCM 875 mode with a key length of 256 bits; it can 876 also be used for generating MAC"; 877 reference 878 "RFC 4106: The Use of Galois/Counter Mode (GCM) 879 in IPsec Encapsulating Security Payload (ESP)"; 880 } 881 enum chacha20-poly1305 { 882 value 7; 883 description 884 "Encrypt message with chacha20 algorithm and generate 885 MAC with POLY1305; it can also be used for generating 886 MAC"; 887 reference 888 "RFC 8439: ChaCha20 and Poly1305 for IETF Protocols"; 889 } 890 } 891 } 892 default "0"; 893 description 894 "The uint16 filed shall be set by individual protocol 895 families according to the encryption and mac algorithm value 896 assigned by IANA. The setting is optional and by default is 897 0. The enumeration filed is set to the selected encryption 898 and mac algorithm."; 899 } 901 /******************************************/ 902 /* Identities for signature algorithm */ 903 /******************************************/ 905 typedef signature-algorithm-t { 906 type union { 907 type uint16; 908 type enumeration { 909 enum NONE { 910 value 0; 911 description 912 "Signature algorithm is NULL"; 913 } 914 enum dsa-sha1 { 915 value 1; 916 description 917 "The signature algorithm using DSA algorithm with SHA1 918 hash algorithm"; 919 reference 920 "RFC 4253: 921 The Secure Shell (SSH) Transport Layer Protocol"; 922 } 923 enum rsassa-pkcs1-sha1 { 924 value 2; 925 description 926 "The signature algorithm using RSASSA-PKCS1-v1_5 with 927 the SHA1 hash algorithm."; 928 reference 929 "RFC 4253: 930 The Secure Shell (SSH) Transport Layer Protocol"; 931 } 932 enum rsassa-pkcs1-sha256 { 933 value 3; 934 description 935 "The signature algorithm using RSASSA-PKCS1-v1_5 with 936 the SHA256 hash algorithm."; 937 reference 938 "RFC 8332: 939 Use of RSA Keys with SHA-256 and SHA-512 in the 940 Secure Shell (SSH) Protocol 941 RFC 8446: 942 The Transport Layer Security (TLS) Protocol 943 Version 1.3"; 944 } 945 enum rsassa-pkcs1-sha384 { 946 value 4; 947 description 948 "The signature algorithm using RSASSA-PKCS1-v1_5 with 949 the SHA384 hash algorithm."; 950 reference 951 "RFC 8446: 952 The Transport Layer Security (TLS) Protocol 953 Version 1.3"; 954 } 955 enum rsassa-pkcs1-sha512 { 956 value 5; 957 description 958 "The signature algorithm using RSASSA-PKCS1-v1_5 with 959 the SHA512 hash algorithm."; 960 reference 961 "RFC 8332: 962 Use of RSA Keys with SHA-256 and SHA-512 in the 963 Secure Shell (SSH) Protocol 964 RFC 8446: 966 The Transport Layer Security (TLS) Protocol 967 Version 1.3"; 968 } 969 enum rsassa-pss-rsae-sha256 { 970 value 6; 971 description 972 "The signature algorithm using RSASSA-PSS with mask 973 generation function 1 and SHA256 hash algorithm. If 974 the public key is carried in an X.509 certificate, 975 it MUST use the rsaEncryption OID"; 976 reference 977 "RFC 8446: 978 The Transport Layer Security (TLS) Protocol 979 Version 1.3"; 980 } 981 enum rsassa-pss-rsae-sha384 { 982 value 7; 983 description 984 "The signature algorithm using RSASSA-PSS with mask 985 generation function 1 and SHA384 hash algorithm. If 986 the public key is carried in an X.509 certificate, 987 it MUST use the rsaEncryption OID"; 988 reference 989 "RFC 8446: 990 The Transport Layer Security (TLS) Protocol 991 Version 1.3"; 992 } 993 enum rsassa-pss-rsae-sha512 { 994 value 8; 995 description 996 "The signature algorithm using RSASSA-PSS with mask 997 generation function 1 and SHA512 hash algorithm. If 998 the public key is carried in an X.509 certificate, 999 it MUST use the rsaEncryption OID"; 1000 reference 1001 "RFC 8446: 1002 The Transport Layer Security (TLS) Protocol 1003 Version 1.3"; 1004 } 1005 enum rsassa-pss-pss-sha256 { 1006 value 9; 1007 description 1008 "The signature algorithm using RSASSA-PSS with mask 1009 generation function 1 and SHA256 hash algorithm. If 1010 the public key is carried in an X.509 certificate, 1011 it MUST use the rsaEncryption OID"; 1012 reference 1013 "RFC 8446: 1015 The Transport Layer Security (TLS) Protocol 1016 Version 1.3"; 1017 } 1018 enum rsassa-pss-pss-sha384 { 1019 value 10; 1020 description 1021 "The signature algorithm using RSASSA-PSS with mask 1022 generation function 1 and SHA384 hash algorithm. If 1023 the public key is carried in an X.509 certificate, 1024 it MUST use the rsaEncryption OID"; 1025 reference 1026 "RFC 8446: 1027 The Transport Layer Security (TLS) Protocol 1028 Version 1.3"; 1029 } 1030 enum rsassa-pss-pss-sha512 { 1031 value 11; 1032 description 1033 "The signature algorithm using RSASSA-PSS with mask 1034 generation function 1 and SHA512 hash algorithm. If 1035 the public key is carried in an X.509 certificate, 1036 it MUST use the rsaEncryption OID"; 1037 reference 1038 "RFC 8446: 1039 The Transport Layer Security (TLS) Protocol 1040 Version 1.3"; 1041 } 1042 enum ecdsa-secp256r1-sha256 { 1043 value 12; 1044 description 1045 "The signature algorithm using ECDSA with curve name 1046 secp256r1 and SHA256 hash algorithm."; 1047 reference 1048 "RFC 5656: 1049 Elliptic Curve Algorithm Integration in the Secure 1050 Shell Transport Layer 1051 RFC 8446: 1052 The Transport Layer Security (TLS) Protocol 1053 Version 1.3"; 1054 } 1055 enum ecdsa-secp384r1-sha384 { 1056 value 13; 1057 description 1058 "The signature algorithm using ECDSA with curve name 1059 secp384r1 and SHA384 hash algorithm."; 1060 reference 1061 "RFC 5656: 1062 Elliptic Curve Algorithm Integration in the Secure 1063 Shell Transport Layer 1064 RFC 8446: 1065 The Transport Layer Security (TLS) Protocol 1066 Version 1.3"; 1067 } 1068 enum ecdsa-secp521r1-sha512 { 1069 value 14; 1070 description 1071 "The signature algorithm using ECDSA with curve name 1072 secp521r1 and SHA512 hash algorithm."; 1073 reference 1074 "RFC 5656: 1075 Elliptic Curve Algorithm Integration in the Secure 1076 Shell Transport Layer 1077 RFC 8446: 1078 The Transport Layer Security (TLS) Protocol 1079 Version 1.3"; 1080 } 1081 enum ed25519 { 1082 value 15; 1083 description 1084 "The signature algorithm using EdDSA with curve x25519"; 1085 reference 1086 "RFC 8032: 1087 Edwards-Curve Digital Signature Algorithm (EdDSA)"; 1088 } 1089 enum ed25519-cts { 1090 value 16; 1091 description 1092 "The signature algorithm using EdDSA with curve x25519 1093 with phflag = 0"; 1094 reference 1095 "RFC 8032: 1096 Edwards-Curve Digital Signature Algorithm (EdDSA)"; 1097 } 1098 enum ed25519-ph { 1099 value 17; 1100 description 1101 "The signature algorithm using EdDSA with curve x25519 1102 with phflag = 1"; 1103 reference 1104 "RFC 8032: 1105 Edwards-Curve Digital Signature Algorithm (EdDSA)"; 1106 } 1107 enum ed25519-sha512 { 1108 value 18; 1109 description 1110 "The signature algorithm using EdDSA with curve x25519 1111 and SHA-512 function"; 1112 reference 1113 "RFC 8419: 1114 Use of Edwards-Curve Digital Signature Algorithm 1115 (EdDSA) Signatures in the Cryptographic Message 1116 Syntax (CMS)"; 1117 } 1118 enum ed448 { 1119 value 19; 1120 description 1121 "The signature algorithm using EdDSA with curve x448"; 1122 reference 1123 "RFC 8032: 1124 Edwards-Curve Digital Signature Algorithm (EdDSA)"; 1125 } 1126 enum ed448-ph { 1127 value 20; 1128 description 1129 "The signature algorithm using EdDSA with curve x448 1130 and with PH being SHAKE256(x, 64) and phflag being 1"; 1131 reference 1132 "RFC 8032: 1133 Edwards-Curve Digital Signature Algorithm (EdDSA)"; 1134 } 1135 enum ed448-shake256 { 1136 value 21; 1137 description 1138 "The signature algorithm using EdDSA with curve x448 1139 and SHAKE-256 function"; 1140 reference 1141 "RFC 8419: 1142 Use of Edwards-Curve Digital Signature Algorithm 1143 (EdDSA) Signatures in the Cryptographic Message 1144 Syntax (CMS)"; 1145 } 1146 enum ed448-shake256-len { 1147 value 22; 1148 description 1149 "The signature algorithm using EdDSA with curve x448 1150 and SHAKE-256 function and a customized hash output"; 1151 reference 1152 "RFC 8419: 1153 Use of Edwards-Curve Digital Signature Algorithm 1154 (EdDSA) Signatures in the Cryptographic Message 1155 Syntax (CMS)"; 1156 } 1157 enum rsa-sha2-256 { 1158 value 23; 1159 description 1160 "The signature algorithm using RSA with SHA2 function 1161 for SSH protocol"; 1162 reference 1163 "RFC 8332: 1164 Use of RSA Keys with SHA-256 and SHA-512 1165 in the Secure Shell (SSH) Protocol"; 1166 } 1167 enum rsa-sha2-512 { 1168 value 24; 1169 description 1170 "The signature algorithm using RSA with SHA2 function 1171 for SSH protocol"; 1172 reference 1173 "RFC 8332: 1174 Use of RSA Keys with SHA-256 and SHA-512 1175 in the Secure Shell (SSH) Protocol"; 1176 } 1177 enum eccsi { 1178 value 25; 1179 description 1180 "The signature algorithm using ECCSI signature as 1181 defined in RFC 6507."; 1182 reference 1183 "RFC 6507: 1184 Elliptic Curve-Based Certificateless Signatures 1185 for Identity-based Encryption (ECCSI)"; 1186 } 1187 } 1188 } 1189 default "0"; 1190 description 1191 "The uint16 filed shall be set by individual protocol 1192 families according to the signature algorithm value 1193 assigned by IANA. The setting is optional and by default 1194 is 0. The enumeration filed is set to the selected 1195 signature algorithm."; 1196 } 1198 /**********************************************/ 1199 /* Identities for key exchange algorithms */ 1200 /**********************************************/ 1202 typedef key-exchange-algorithm-t { 1203 type union { 1204 type uint16; 1205 type enumeration { 1206 enum NONE { 1207 value 0; 1208 description 1209 "Key exchange algorithm is NULL."; 1210 } 1211 enum psk-only { 1212 value 1; 1213 description 1214 "Using Pre-shared key for authentication and key 1215 exchange"; 1216 reference 1217 "RFC 4279: 1218 Pre-Shared Key cipher suites for Transport Layer 1219 Security (TLS)"; 1220 } 1221 enum dhe-ffdhe2048 { 1222 value 2; 1223 description 1224 "Ephemeral Diffie Hellman key exchange with 2048 bit 1225 finite field"; 1226 reference 1227 "RFC 7919: 1228 Negotiated Finite Field Diffie-Hellman Ephemeral 1229 Parameters for Transport Layer Security (TLS)"; 1230 } 1231 enum dhe-ffdhe3072 { 1232 value 3; 1233 description 1234 "Ephemeral Diffie Hellman key exchange with 3072 bit 1235 finite field"; 1236 reference 1237 "RFC 7919: 1238 Negotiated Finite Field Diffie-Hellman Ephemeral 1239 Parameters for Transport Layer Security (TLS)"; 1240 } 1241 enum dhe-ffdhe4096 { 1242 value 4; 1243 description 1244 "Ephemeral Diffie Hellman key exchange with 4096 bit 1245 finite field"; 1246 reference 1247 "RFC 7919: 1248 Negotiated Finite Field Diffie-Hellman Ephemeral 1249 Parameters for Transport Layer Security (TLS)"; 1250 } 1251 enum dhe-ffdhe6144 { 1252 value 5; 1253 description 1254 "Ephemeral Diffie Hellman key exchange with 6144 bit 1255 finite field"; 1256 reference 1257 "RFC 7919: 1258 Negotiated Finite Field Diffie-Hellman Ephemeral 1259 Parameters for Transport Layer Security (TLS)"; 1260 } 1261 enum dhe-ffdhe8192 { 1262 value 6; 1263 description 1264 "Ephemeral Diffie Hellman key exchange with 8192 bit 1265 finite field"; 1266 reference 1267 "RFC 7919: 1268 Negotiated Finite Field Diffie-Hellman Ephemeral 1269 Parameters for Transport Layer Security (TLS)"; 1270 } 1271 enum psk-dhe-ffdhe2048 { 1272 value 7; 1273 description 1274 "Key exchange using pre-shared key with Diffie-Hellman 1275 key generation mechanism, where the DH group is 1276 FFDHE2048"; 1277 reference 1278 "RFC 8446: 1279 The Transport Layer Security (TLS) Protocol 1280 Version 1.3"; 1281 } 1282 enum psk-dhe-ffdhe3072 { 1283 value 8; 1284 description 1285 "Key exchange using pre-shared key with Diffie-Hellman 1286 key generation mechanism, where the DH group is 1287 FFDHE3072"; 1288 reference 1289 "RFC 8446: 1290 The Transport Layer Security (TLS) Protocol 1291 Version 1.3"; 1292 } 1293 enum psk-dhe-ffdhe4096 { 1294 value 9; 1295 description 1296 "Key exchange using pre-shared key with Diffie-Hellman 1297 key generation mechanism, where the DH group is 1298 FFDHE4096"; 1299 reference 1300 "RFC 8446: 1301 The Transport Layer Security (TLS) Protocol 1302 Version 1.3"; 1304 } 1305 enum psk-dhe-ffdhe6144 { 1306 value 10; 1307 description 1308 "Key exchange using pre-shared key with Diffie-Hellman 1309 key generation mechanism, where the DH group is 1310 FFDHE6144"; 1311 reference 1312 "RFC 8446: 1313 The Transport Layer Security (TLS) Protocol 1314 Version 1.3"; 1315 } 1316 enum psk-dhe-ffdhe8192 { 1317 value 11; 1318 description 1319 "Key exchange using pre-shared key with Diffie-Hellman 1320 key generation mechanism, where the DH group is 1321 FFDHE8192"; 1322 reference 1323 "RFC 8446: 1324 The Transport Layer Security (TLS) Protocol 1325 Version 1.3"; 1326 } 1327 enum ecdhe-secp256r1 { 1328 value 12; 1329 description 1330 "Ephemeral Diffie Hellman key exchange with elliptic 1331 group over curve secp256r1"; 1332 reference 1333 "RFC 8422: 1334 Elliptic Curve Cryptography (ECC) Cipher Suites 1335 for Transport Layer Security (TLS) Versions 1.2 1336 and Earlier"; 1337 } 1338 enum ecdhe-secp384r1 { 1339 value 13; 1340 description 1341 "Ephemeral Diffie Hellman key exchange with elliptic 1342 group over curve secp384r1"; 1343 reference 1344 "RFC 8422: 1345 Elliptic Curve Cryptography (ECC) Cipher Suites 1346 for Transport Layer Security (TLS) Versions 1.2 1347 and Earlier"; 1348 } 1349 enum ecdhe-secp521r1 { 1350 value 14; 1351 description 1352 "Ephemeral Diffie Hellman key exchange with elliptic 1353 group over curve secp521r1"; 1354 reference 1355 "RFC 8422: 1356 Elliptic Curve Cryptography (ECC) Cipher Suites 1357 for Transport Layer Security (TLS) Versions 1.2 1358 and Earlier"; 1359 } 1360 enum ecdhe-x25519 { 1361 value 15; 1362 description 1363 "Ephemeral Diffie Hellman key exchange with elliptic 1364 group over curve x25519"; 1365 reference 1366 "RFC 8422: 1367 Elliptic Curve Cryptography (ECC) Cipher Suites 1368 for Transport Layer Security (TLS) Versions 1.2 1369 and Earlier"; 1370 } 1371 enum ecdhe-x448 { 1372 value 16; 1373 description 1374 "Ephemeral Diffie Hellman key exchange with elliptic 1375 group over curve x448"; 1376 reference 1377 "RFC 8422: 1378 Elliptic Curve Cryptography (ECC) Cipher Suites 1379 for Transport Layer Security (TLS) Versions 1.2 1380 and Earlier"; 1381 } 1382 enum psk-ecdhe-secp256r1 { 1383 value 17; 1384 description 1385 "Key exchange using pre-shared key with elliptic 1386 group-based Ephemeral Diffie Hellman key exchange 1387 over curve secp256r1"; 1388 reference 1389 "RFC 8446: 1390 The Transport Layer Security (TLS) Protocol 1391 Version 1.3"; 1392 } 1393 enum psk-ecdhe-secp384r1 { 1394 value 18; 1395 description 1396 "Key exchange using pre-shared key with elliptic 1397 group-based Ephemeral Diffie Hellman key exchange 1398 over curve secp384r1"; 1399 reference 1400 "RFC 8446: 1401 The Transport Layer Security (TLS) Protocol 1402 Version 1.3"; 1403 } 1404 enum psk-ecdhe-secp521r1 { 1405 value 19; 1406 description 1407 "Key exchange using pre-shared key with elliptic 1408 group-based Ephemeral Diffie Hellman key exchange 1409 over curve secp521r1"; 1410 reference 1411 "RFC 8446: 1412 The Transport Layer Security (TLS) Protocol 1413 Version 1.3"; 1414 } 1415 enum psk-ecdhe-x25519 { 1416 value 20; 1417 description 1418 "Key exchange using pre-shared key with elliptic 1419 group-based Ephemeral Diffie Hellman key exchange 1420 over curve x25519"; 1421 reference 1422 "RFC 8446: 1423 The Transport Layer Security (TLS) Protocol 1424 Version 1.3"; 1425 } 1426 enum psk-ecdhe-x448 { 1427 value 21; 1428 description 1429 "Key exchange using pre-shared key with elliptic 1430 group-based Ephemeral Diffie Hellman key exchange 1431 over curve x448"; 1432 reference 1433 "RFC 8446: 1434 The Transport Layer Security (TLS) Protocol 1435 Version 1.3"; 1436 } 1437 enum diffie-hellman-group14-sha1 { 1438 value 22; 1439 description 1440 "Using DH group14 and SHA1 for key exchange"; 1441 reference 1442 "RFC 4253: 1443 The Secure Shell (SSH) Transport Layer Protocol"; 1444 } 1445 enum diffie-hellman-group14-sha256 { 1446 value 23; 1447 description 1448 "Using DH group14 and SHA-256 for key exchange"; 1449 reference 1450 "RFC 8268: 1451 More Modular Exponentiation (MODP) Diffie-Hellman (DH) 1452 Key Exchange (KEX) Groups for Secure Shell (SSH)"; 1453 } 1454 enum diffie-hellman-group15-sha512 { 1455 value 24; 1456 description 1457 "Using DH group15 and SHA-512 for key exchange"; 1458 reference 1459 "RFC 8268: 1460 More Modular Exponentiation (MODP) Diffie-Hellman (DH) 1461 Key Exchange (KEX) Groups for Secure Shell (SSH)"; 1462 } 1463 enum diffie-hellman-group16-sha512 { 1464 value 25; 1465 description 1466 "Using DH group16 and SHA-512 for key exchange"; 1467 reference 1468 "RFC 8268: 1469 More Modular Exponentiation (MODP) Diffie-Hellman (DH) 1470 Key Exchange (KEX) Groups for Secure Shell (SSH)"; 1471 } 1472 enum diffie-hellman-group17-sha512 { 1473 value 26; 1474 description 1475 "Using DH group17 and SHA-512 for key exchange"; 1476 reference 1477 "RFC 8268: 1478 More Modular Exponentiation (MODP) Diffie-Hellman (DH) 1479 Key Exchange (KEX) Groups for Secure Shell (SSH)"; 1480 } 1481 enum diffie-hellman-group18-sha512 { 1482 value 27; 1483 description 1484 "Using DH group18 and SHA-512 for key exchange"; 1485 reference 1486 "RFC 8268: 1487 More Modular Exponentiation (MODP) Diffie-Hellman (DH) 1488 Key Exchange (KEX) Groups for Secure Shell (SSH)"; 1489 } 1490 enum ecdh-sha2-secp256r1 { 1491 value 28; 1492 description 1493 "Elliptic curve-based Diffie Hellman key exchange over 1494 curve ecp256r1 and using SHA2 for MAC generation"; 1495 reference 1496 "RFC 6239: 1497 Suite B Cryptographic Suites for Secure Shell (SSH)"; 1498 } 1499 enum ecdh-sha2-secp384r1 { 1500 value 29; 1501 description 1502 "Elliptic curve-based Diffie Hellman key exchange over 1503 curve ecp384r1 and using SHA2 for MAC generation"; 1504 reference 1505 "RFC 6239: 1506 Suite B Cryptographic Suites for Secure Shell (SSH)"; 1507 } 1508 enum ecdh-x25519-x9.63-sha256 { 1509 value 30; 1510 description 1511 "Elliptic curve-based Diffie Hellman key exchange over 1512 curve x.25519 and using ANSI x9.63 with SHA256 as KDF"; 1513 reference 1514 "RFC 8418: 1515 Use of the Elliptic Curve Diffie-Hellman Key Agreement 1516 Algorithm with X25519 and X448 in the Cryptographic 1517 Message Syntax (CMS)"; 1518 } 1519 enum ecdh-x25519-x9.63-sha384 { 1520 value 31; 1521 description 1522 "Elliptic curve-based Diffie Hellman key exchange over 1523 curve x.25519 and using ANSI x9.63 with SHA384 as KDF"; 1524 reference 1525 "RFC 8418: 1526 Use of the Elliptic Curve Diffie-Hellman Key Agreement 1527 Algorithm with X25519 and X448 in the Cryptographic 1528 Message Syntax (CMS)"; 1529 } 1530 enum ecdh-x25519-x9.63-sha512 { 1531 value 32; 1532 description 1533 "Elliptic curve-based Diffie Hellman key exchange over 1534 curve x.25519 and using ANSI x9.63 with SHA512 as KDF"; 1535 reference 1536 "RFC 8418: 1537 Use of the Elliptic Curve Diffie-Hellman Key Agreement 1538 Algorithm with X25519 and X448 in the Cryptographic 1539 Message Syntax (CMS)"; 1540 } 1541 enum ecdh-x25519-hkdf-sha256 { 1542 value 33; 1543 description 1544 "Elliptic curve-based Diffie Hellman key exchange over 1545 curve x.25519 and using HKDF with SHA256 as KDF"; 1546 reference 1547 "RFC 8418: 1548 Use of the Elliptic Curve Diffie-Hellman Key Agreement 1549 Algorithm with X25519 and X448 in the Cryptographic 1550 Message Syntax (CMS)"; 1551 } 1552 enum ecdh-x25519-hkdf-sha384 { 1553 value 34; 1554 description 1555 "Elliptic curve-based Diffie Hellman key exchange over 1556 curve x.25519 and using HKDF with SHA384 as KDF"; 1557 reference 1558 "RFC 8418: 1559 Use of the Elliptic Curve Diffie-Hellman Key Agreement 1560 Algorithm with X25519 and X448 in the Cryptographic 1561 Message Syntax (CMS)"; 1562 } 1563 enum ecdh-x25519-hkdf-sha512 { 1564 value 35; 1565 description 1566 "Elliptic curve-based Diffie Hellman key exchange over 1567 curve x.25519 and using HKDF with SHA512 as KDF"; 1568 reference 1569 "RFC 8418: 1570 Use of the Elliptic Curve Diffie-Hellman Key Agreement 1571 Algorithm with X25519 and X448 in the Cryptographic 1572 Message Syntax (CMS)"; 1573 } 1574 enum ecdh-x448-x9.63-sha256 { 1575 value 36; 1576 description 1577 "Elliptic curve-based Diffie Hellman key exchange over 1578 curve x.448 and using ANSI x9.63 with SHA256 as KDF"; 1579 reference 1580 "RFC 8418: 1581 Use of the Elliptic Curve Diffie-Hellman Key Agreement 1582 Algorithm with X25519 and X448 in the Cryptographic 1583 Message Syntax (CMS)"; 1584 } 1585 enum ecdh-x448-x9.63-sha384 { 1586 value 37; 1587 description 1588 "Elliptic curve-based Diffie Hellman key exchange over 1589 curve x.448 and using ANSI x9.63 with SHA384 as KDF"; 1590 reference 1591 "RFC 8418: 1593 Use of the Elliptic Curve Diffie-Hellman Key Agreement 1594 Algorithm with X25519 and X448 in the Cryptographic 1595 Message Syntax (CMS)"; 1596 } 1597 enum ecdh-x448-x9.63-sha512 { 1598 value 38; 1599 description 1600 "Elliptic curve-based Diffie Hellman key exchange over 1601 curve x.448 and using ANSI x9.63 with SHA512 as KDF"; 1602 reference 1603 "RFC 8418: 1604 Use of the Elliptic Curve Diffie-Hellman Key Agreement 1605 Algorithm with X25519 and X448 in the Cryptographic 1606 Message Syntax (CMS)"; 1607 } 1608 enum ecdh-x448-hkdf-sha256 { 1609 value 39; 1610 description 1611 "Elliptic curve-based Diffie Hellman key exchange over 1612 curve x.448 and using HKDF with SHA256 as KDF"; 1613 reference 1614 "RFC 8418: 1615 Use of the Elliptic Curve Diffie-Hellman Key Agreement 1616 Algorithm with X25519 and X448 in the Cryptographic 1617 Message Syntax (CMS)"; 1618 } 1619 enum ecdh-x448-hkdf-sha384 { 1620 value 40; 1621 description 1622 "Elliptic curve-based Diffie Hellman key exchange over 1623 curve x.448 and using HKDF with SHA384 as KDF"; 1624 reference 1625 "RFC 8418: 1626 Use of the Elliptic Curve Diffie-Hellman Key Agreement 1627 Algorithm with X25519 and X448 in the Cryptographic 1628 Message Syntax (CMS)"; 1629 } 1630 enum ecdh-x448-hkdf-sha512 { 1631 value 41; 1632 description 1633 "Elliptic curve-based Diffie Hellman key exchange over 1634 curve x.448 and using HKDF with SHA512 as KDF"; 1635 reference 1636 "RFC 8418: 1637 Use of the Elliptic Curve Diffie-Hellman Key Agreement 1638 Algorithm with X25519 and X448 in the Cryptographic 1639 Message Syntax (CMS)"; 1640 } 1641 enum rsaes-oaep { 1642 value 42; 1643 description 1644 "RSAES-OAEP combines the RSAEP and RSADP primitives with 1645 the EME-OAEP encoding method"; 1646 reference 1647 "RFC 8017: 1648 PKCS #1: 1649 RSA Cryptography Specifications Version 2.2."; 1650 } 1651 enum rsaes-pkcs1-v1_5 { 1652 value 43; 1653 description 1654 "RSAES-PKCS1-v1_5 combines the RSAEP and RSADP 1655 primitives with the EME-PKCS1-v1_5 encoding method"; 1656 reference 1657 "RFC 8017: 1658 PKCS #1: 1659 RSA Cryptography Specifications Version 2.2."; 1660 } 1661 } 1662 } 1663 default "0"; 1664 description 1665 "The uint16 filed shall be set by individual protocol 1666 families according to the key exchange algorithm value 1667 assigned by IANA. The setting is optional and by default 1668 is 0. The enumeration filed is set to the selected key 1669 exchange algorithm."; 1670 } 1672 /***************************************************/ 1673 /* Typedefs for ASN.1 structures from RFC 5280 */ 1674 /***************************************************/ 1676 typedef x509 { 1677 type binary; 1678 description 1679 "A Certificate structure, as specified in RFC 5280, 1680 encoded using ASN.1 distinguished encoding rules (DER), 1681 as specified in ITU-T X.690."; 1682 reference 1683 "RFC 5280: 1684 Internet X.509 Public Key Infrastructure Certificate 1685 and Certificate Revocation List (CRL) Profile 1686 ITU-T X.690: 1687 Information technology - ASN.1 encoding rules: 1688 Specification of Basic Encoding Rules (BER), 1689 Canonical Encoding Rules (CER) and Distinguished 1690 Encoding Rules (DER)."; 1691 } 1693 typedef crl { 1694 type binary; 1695 description 1696 "A CertificateList structure, as specified in RFC 5280, 1697 encoded using ASN.1 distinguished encoding rules (DER), 1698 as specified in ITU-T X.690."; 1699 reference 1700 "RFC 5280: 1701 Internet X.509 Public Key Infrastructure Certificate 1702 and Certificate Revocation List (CRL) Profile 1703 ITU-T X.690: 1704 Information technology - ASN.1 encoding rules: 1705 Specification of Basic Encoding Rules (BER), 1706 Canonical Encoding Rules (CER) and Distinguished 1707 Encoding Rules (DER)."; 1708 } 1710 /***********************************************/ 1711 /* Typedefs for ASN.1 structures from 5652 */ 1712 /***********************************************/ 1714 typedef cms { 1715 type binary; 1716 description 1717 "A ContentInfo structure, as specified in RFC 5652, 1718 encoded using ASN.1 distinguished encoding rules (DER), 1719 as specified in ITU-T X.690."; 1720 reference 1721 "RFC 5652: 1722 Cryptographic Message Syntax (CMS) 1723 ITU-T X.690: 1724 Information technology - ASN.1 encoding rules: 1725 Specification of Basic Encoding Rules (BER), 1726 Canonical Encoding Rules (CER) and Distinguished 1727 Encoding Rules (DER)."; 1728 } 1730 typedef data-content-cms { 1731 type cms; 1732 description 1733 "A CMS structure whose top-most content type MUST be the 1734 data content type, as described by Section 4 in RFC 5652."; 1735 reference 1736 "RFC 5652: Cryptographic Message Syntax (CMS)"; 1738 } 1740 typedef signed-data-cms { 1741 type cms; 1742 description 1743 "A CMS structure whose top-most content type MUST be the 1744 signed-data content type, as described by Section 5 in 1745 RFC 5652."; 1746 reference 1747 "RFC 5652: Cryptographic Message Syntax (CMS)"; 1748 } 1750 typedef enveloped-data-cms { 1751 type cms; 1752 description 1753 "A CMS structure whose top-most content type MUST be the 1754 enveloped-data content type, as described by Section 6 1755 in RFC 5652."; 1756 reference 1757 "RFC 5652: Cryptographic Message Syntax (CMS)"; 1758 } 1760 typedef digested-data-cms { 1761 type cms; 1762 description 1763 "A CMS structure whose top-most content type MUST be the 1764 digested-data content type, as described by Section 7 1765 in RFC 5652."; 1766 reference 1767 "RFC 5652: Cryptographic Message Syntax (CMS)"; 1768 } 1770 typedef encrypted-data-cms { 1771 type cms; 1772 description 1773 "A CMS structure whose top-most content type MUST be the 1774 encrypted-data content type, as described by Section 8 1775 in RFC 5652."; 1776 reference 1777 "RFC 5652: Cryptographic Message Syntax (CMS)"; 1778 } 1780 typedef authenticated-data-cms { 1781 type cms; 1782 description 1783 "A CMS structure whose top-most content type MUST be the 1784 authenticated-data content type, as described by Section 9 1785 in RFC 5652."; 1787 reference 1788 "RFC 5652: Cryptographic Message Syntax (CMS)"; 1789 } 1791 /***************************************************/ 1792 /* Typedefs for structures related to RFC 4253 */ 1793 /***************************************************/ 1795 typedef ssh-host-key { 1796 type binary; 1797 description 1798 "The binary public key data for this SSH key, as 1799 specified by RFC 4253, Section 6.6, i.e.: 1801 string certificate or public key format 1802 identifier 1803 byte[n] key/certificate data."; 1804 reference 1805 "RFC 4253: The Secure Shell (SSH) Transport Layer 1806 Protocol"; 1807 } 1809 /*********************************************************/ 1810 /* Typedefs for ASN.1 structures related to RFC 5280 */ 1811 /*********************************************************/ 1813 typedef trust-anchor-cert-x509 { 1814 type x509; 1815 description 1816 "A Certificate structure that MUST encode a self-signed 1817 root certificate."; 1818 } 1820 typedef end-entity-cert-x509 { 1821 type x509; 1822 description 1823 "A Certificate structure that MUST encode a certificate 1824 that is neither self-signed nor having Basic constraint 1825 CA true."; 1826 } 1828 /*********************************************************/ 1829 /* Typedefs for ASN.1 structures related to RFC 5652 */ 1830 /*********************************************************/ 1832 typedef trust-anchor-cert-cms { 1833 type signed-data-cms; 1834 description 1835 "A CMS SignedData structure that MUST contain the chain of 1836 X.509 certificates needed to authenticate the certificate 1837 presented by a client or end-entity. 1839 The CMS MUST contain only a single chain of certificates. 1840 The client or end-entity certificate MUST only authenticate 1841 to last intermediate CA certificate listed in the chain. 1843 In all cases, the chain MUST include a self-signed root 1844 certificate. In the case where the root certificate is 1845 itself the issuer of the client or end-entity certificate, 1846 only one certificate is present. 1848 This CMS structure MAY (as applicable where this type is 1849 used) also contain suitably fresh (as defined by local 1850 policy) revocation objects with which the device can 1851 verify the revocation status of the certificates. 1853 This CMS encodes the degenerate form of the SignedData 1854 structure that is commonly used to disseminate X.509 1855 certificates and revocation objects (RFC 5280)."; 1856 reference 1857 "RFC 5280: 1858 Internet X.509 Public Key Infrastructure Certificate 1859 and Certificate Revocation List (CRL) Profile."; 1860 } 1862 typedef end-entity-cert-cms { 1863 type signed-data-cms; 1864 description 1865 "A CMS SignedData structure that MUST contain the end 1866 entity certificate itself, and MAY contain any number 1867 of intermediate certificates leading up to a trust 1868 anchor certificate. The trust anchor certificate 1869 MAY be included as well. 1871 The CMS MUST contain a single end entity certificate. 1872 The CMS MUST NOT contain any spurious certificates. 1874 This CMS structure MAY (as applicable where this type is 1875 used) also contain suitably fresh (as defined by local 1876 policy) revocation objects with which the device can 1877 verify the revocation status of the certificates. 1879 This CMS encodes the degenerate form of the SignedData 1880 structure that is commonly used to disseminate X.509 1881 certificates and revocation objects (RFC 5280)."; 1882 reference 1883 "RFC 5280: 1884 Internet X.509 Public Key Infrastructure Certificate 1885 and Certificate Revocation List (CRL) Profile."; 1886 } 1888 /**********************************************/ 1889 /* Groupings for keys and/or certificates */ 1890 /**********************************************/ 1892 grouping symmetric-key-grouping { 1893 description 1894 "A symmetric key and algorithm."; 1895 leaf algorithm { 1896 type encryption-algorithm-t; 1897 mandatory true; 1898 description 1899 "The algorithm to be used when generating the key."; 1900 reference 1901 "RFC CCCC: Common YANG Data Types for Cryptography"; 1902 } 1903 choice key-type { 1904 mandatory true; 1905 description 1906 "Choice between key types."; 1907 leaf key { 1908 nacm:default-deny-all; 1909 type binary; 1910 description 1911 "The binary value of the key. The interpretation of 1912 the value is defined by 'algorithm'. For example, 1913 FIXME."; 1914 reference 1915 "RFC XXXX: FIXME"; 1916 } 1917 leaf hidden-key { 1918 nacm:default-deny-write; 1919 type empty; 1920 description 1921 "A permanently hidden key. How such keys are created 1922 is outside the scope of this module."; 1923 } 1924 } 1925 } 1927 grouping public-key-grouping { 1928 description 1929 "A public key and its associated algorithm."; 1930 leaf algorithm { 1931 nacm:default-deny-write; 1932 type asymmetric-key-algorithm-t; 1933 mandatory true; 1934 description 1935 "Identifies the key's algorithm."; 1936 reference 1937 "RFC CCCC: Common YANG Data Types for Cryptography"; 1938 } 1939 leaf public-key { 1940 nacm:default-deny-write; 1941 type binary; 1942 mandatory true; 1943 description 1944 "The binary value of the public key. The interpretation 1945 of the value is defined by 'algorithm'. For example, 1946 a DSA key is an integer, an RSA key is represented as 1947 RSAPublicKey per RFC 8017, and an ECC key is represented 1948 using the 'publicKey' described in RFC 5915."; 1949 reference 1950 "RFC 8017: Public-Key Cryptography Standards (PKCS) #1: 1951 RSA Cryptography Specifications Version 2.2. 1952 RFC 5915: Elliptic Curve Private Key Structure."; 1953 } 1954 } 1956 grouping asymmetric-key-pair-grouping { 1957 description 1958 "A private key and its associated public key and algorithm."; 1959 uses public-key-grouping; 1960 choice private-key-type { 1961 mandatory true; 1962 description 1963 "Choice between key types."; 1964 leaf private-key { 1965 nacm:default-deny-all; 1966 type binary; 1967 description 1968 "The value of the binary key. The key's value is 1969 interpreted by the 'algorithm'. For example, a DSA key 1970 is an integer, an RSA key is represented as RSAPrivateKey 1971 as defined in RFC 8017, and an ECC key is represented as 1972 ECPrivateKey as defined in RFC 5915."; 1973 reference 1974 "RFC 8017: Public-Key Cryptography Standards (PKCS) #1: 1975 RSA Cryptography Specifications Version 2.2. 1976 RFC 5915: Elliptic Curve Private Key Structure."; 1977 } 1978 leaf hidden-private-key { 1979 nacm:default-deny-write; 1980 type empty; 1981 description 1982 "A permanently hidden key. How such keys are created 1983 is outside the scope of this module."; 1984 } 1985 } 1986 } 1988 grouping trust-anchor-cert-grouping { 1989 description 1990 "A trust anchor certificate, and a notification for when 1991 it is about to (or already has) expire."; 1992 leaf cert { 1993 nacm:default-deny-write; 1994 type trust-anchor-cert-cms; 1995 description 1996 "The binary certificate data for this certificate."; 1997 reference 1998 "RFC YYYY: Common YANG Data Types for Cryptography"; 1999 } 2000 notification certificate-expiration { 2001 description 2002 "A notification indicating that the configured certificate 2003 is either about to expire or has already expired. When to 2004 send notifications is an implementation specific decision, 2005 but it is RECOMMENDED that a notification be sent once a 2006 month for 3 months, then once a week for four weeks, and 2007 then once a day thereafter until the issue is resolved."; 2008 leaf expiration-date { 2009 type yang:date-and-time; 2010 mandatory true; 2011 description 2012 "Identifies the expiration date on the certificate."; 2013 } 2014 } 2015 } 2017 grouping trust-anchor-certs-grouping { 2018 description 2019 "A list of trust anchor certificates, and a notification 2020 for when one is about to (or already has) expire."; 2021 leaf-list cert { 2022 nacm:default-deny-write; 2023 type trust-anchor-cert-cms; 2024 description 2025 "The binary certificate data for this certificate."; 2026 reference 2027 "RFC YYYY: Common YANG Data Types for Cryptography"; 2028 } 2029 notification certificate-expiration { 2030 description 2031 "A notification indicating that the configured certificate 2032 is either about to expire or has already expired. When to 2033 send notifications is an implementation specific decision, 2034 but it is RECOMMENDED that a notification be sent once a 2035 month for 3 months, then once a week for four weeks, and 2036 then once a day thereafter until the issue is resolved."; 2037 leaf expiration-date { 2038 type yang:date-and-time; 2039 mandatory true; 2040 description 2041 "Identifies the expiration date on the certificate."; 2042 } 2043 } 2044 } 2046 grouping end-entity-cert-grouping { 2047 description 2048 "An end entity certificate, and a notification for when 2049 it is about to (or already has) expire. Implementations 2050 SHOULD assert that, where used, the end entity certificate 2051 contains the expected public key."; 2052 leaf cert { 2053 nacm:default-deny-write; 2054 type end-entity-cert-cms; 2055 description 2056 "The binary certificate data for this certificate."; 2057 reference 2058 "RFC YYYY: Common YANG Data Types for Cryptography"; 2059 } 2060 notification certificate-expiration { 2061 description 2062 "A notification indicating that the configured certificate 2063 is either about to expire or has already expired. When to 2064 send notifications is an implementation specific decision, 2065 but it is RECOMMENDED that a notification be sent once a 2066 month for 3 months, then once a week for four weeks, and 2067 then once a day thereafter until the issue is resolved."; 2068 leaf expiration-date { 2069 type yang:date-and-time; 2070 mandatory true; 2071 description 2072 "Identifies the expiration date on the certificate."; 2073 } 2074 } 2076 } 2078 grouping end-entity-certs-grouping { 2079 description 2080 "A list of end entity certificates, and a notification for 2081 when one is about to (or already has) expire."; 2082 leaf-list cert { 2083 nacm:default-deny-write; 2084 type end-entity-cert-cms; 2085 description 2086 "The binary certificate data for this certificate."; 2087 reference 2088 "RFC YYYY: Common YANG Data Types for Cryptography"; 2089 } 2090 notification certificate-expiration { 2091 description 2092 "A notification indicating that the configured certificate 2093 is either about to expire or has already expired. When to 2094 send notifications is an implementation specific decision, 2095 but it is RECOMMENDED that a notification be sent once a 2096 month for 3 months, then once a week for four weeks, and 2097 then once a day thereafter until the issue is resolved."; 2098 leaf expiration-date { 2099 type yang:date-and-time; 2100 mandatory true; 2101 description 2102 "Identifies the expiration date on the certificate."; 2103 } 2104 } 2105 } 2107 grouping asymmetric-key-pair-with-cert-grouping { 2108 description 2109 "A private/public key pair and an associated certificate. 2110 Implementations SHOULD assert that certificates contain 2111 the matching public key."; 2112 uses asymmetric-key-pair-grouping; 2113 uses end-entity-cert-grouping; 2114 action generate-certificate-signing-request { 2115 nacm:default-deny-all; 2116 description 2117 "Generates a certificate signing request structure for 2118 the associated asymmetric key using the passed subject 2119 and attribute values. The specified assertions need 2120 to be appropriate for the certificate's use. For 2121 example, an entity certificate for a TLS server 2122 SHOULD have values that enable clients to satisfy 2123 RFC 6125 processing."; 2125 input { 2126 leaf subject { 2127 type binary; 2128 mandatory true; 2129 description 2130 "The 'subject' field per the CertificationRequestInfo 2131 structure as specified by RFC 2986, Section 4.1 2132 encoded using the ASN.1 distinguished encoding 2133 rules (DER), as specified in ITU-T X.690."; 2134 reference 2135 "RFC 2986: 2136 PKCS #10: Certification Request Syntax 2137 Specification Version 1.7. 2138 ITU-T X.690: 2139 Information technology - ASN.1 encoding rules: 2140 Specification of Basic Encoding Rules (BER), 2141 Canonical Encoding Rules (CER) and Distinguished 2142 Encoding Rules (DER)."; 2143 } 2144 leaf attributes { 2145 type binary; // FIXME: does this need to be mandatory? 2146 description 2147 "The 'attributes' field from the structure 2148 CertificationRequestInfo as specified by RFC 2986, 2149 Section 4.1 encoded using the ASN.1 distinguished 2150 encoding rules (DER), as specified in ITU-T X.690."; 2151 reference 2152 "RFC 2986: 2153 PKCS #10: Certification Request Syntax 2154 Specification Version 1.7. 2155 ITU-T X.690: 2156 Information technology - ASN.1 encoding rules: 2157 Specification of Basic Encoding Rules (BER), 2158 Canonical Encoding Rules (CER) and Distinguished 2159 Encoding Rules (DER)."; 2160 } 2161 } 2162 output { 2163 leaf certificate-signing-request { 2164 type binary; 2165 mandatory true; 2166 description 2167 "A CertificationRequest structure as specified by 2168 RFC 2986, Section 4.2 encoded using the ASN.1 2169 distinguished encoding rules (DER), as specified 2170 in ITU-T X.690."; 2171 reference 2172 "RFC 2986: 2174 PKCS #10: Certification Request Syntax 2175 Specification Version 1.7. 2176 ITU-T X.690: 2177 Information technology - ASN.1 encoding rules: 2178 Specification of Basic Encoding Rules (BER), 2179 Canonical Encoding Rules (CER) and Distinguished 2180 Encoding Rules (DER)."; 2181 } 2182 } 2183 } // generate-certificate-signing-request 2184 } // asymmetric-key-pair-with-cert-grouping 2186 grouping asymmetric-key-pair-with-certs-grouping { 2187 description 2188 "A private/public key pair and associated certificates. 2189 Implementations SHOULD assert that certificates contain 2190 the matching public key."; 2191 uses asymmetric-key-pair-grouping; 2192 container certificates { 2193 nacm:default-deny-write; 2194 description 2195 "Certificates associated with this asymmetric key. 2196 More than one certificate supports, for instance, 2197 a TPM-protected asymmetric key that has both IDevID 2198 and LDevID certificates associated."; 2199 list certificate { 2200 key "name"; 2201 description 2202 "A certificate for this asymmetric key."; 2203 leaf name { 2204 type string; 2205 description 2206 "An arbitrary name for the certificate. If the name 2207 matches the name of a certificate that exists 2208 independently in (i.e., an IDevID), 2209 then the 'cert' node MUST NOT be configured."; 2210 } 2211 uses end-entity-cert-grouping; 2212 } 2213 } // certificates 2214 action generate-certificate-signing-request { 2215 nacm:default-deny-all; 2216 description 2217 "Generates a certificate signing request structure for 2218 the associated asymmetric key using the passed subject 2219 and attribute values. The specified assertions need 2220 to be appropriate for the certificate's use. For 2221 example, an entity certificate for a TLS server 2222 SHOULD have values that enable clients to satisfy 2223 RFC 6125 processing."; 2224 input { 2225 leaf subject { 2226 type binary; 2227 mandatory true; 2228 description 2229 "The 'subject' field per the CertificationRequestInfo 2230 structure as specified by RFC 2986, Section 4.1 2231 encoded using the ASN.1 distinguished encoding 2232 rules (DER), as specified in ITU-T X.690."; 2233 reference 2234 "RFC 2986: 2235 PKCS #10: Certification Request Syntax 2236 Specification Version 1.7. 2237 ITU-T X.690: 2238 Information technology - ASN.1 encoding rules: 2239 Specification of Basic Encoding Rules (BER), 2240 Canonical Encoding Rules (CER) and Distinguished 2241 Encoding Rules (DER)."; 2242 } 2243 leaf attributes { 2244 type binary; // FIXME: does this need to be mandatory? 2245 description 2246 "The 'attributes' field from the structure 2247 CertificationRequestInfo as specified by RFC 2986, 2248 Section 4.1 encoded using the ASN.1 distinguished 2249 encoding rules (DER), as specified in ITU-T X.690."; 2250 reference 2251 "RFC 2986: 2252 PKCS #10: Certification Request Syntax 2253 Specification Version 1.7. 2254 ITU-T X.690: 2255 Information technology - ASN.1 encoding rules: 2256 Specification of Basic Encoding Rules (BER), 2257 Canonical Encoding Rules (CER) and Distinguished 2258 Encoding Rules (DER)."; 2259 } 2260 } 2261 output { 2262 leaf certificate-signing-request { 2263 type binary; 2264 mandatory true; 2265 description 2266 "A CertificationRequest structure as specified by 2267 RFC 2986, Section 4.2 encoded using the ASN.1 2268 distinguished encoding rules (DER), as specified 2269 in ITU-T X.690."; 2271 reference 2272 "RFC 2986: 2273 PKCS #10: Certification Request Syntax 2274 Specification Version 1.7. 2275 ITU-T X.690: 2276 Information technology - ASN.1 encoding rules: 2277 Specification of Basic Encoding Rules (BER), 2278 Canonical Encoding Rules (CER) and Distinguished 2279 Encoding Rules (DER)."; 2280 } 2281 } 2282 } // generate-certificate-signing-request 2283 } // asymmetric-key-pair-with-certs-grouping 2284 } 2286 2288 3. Security Considerations 2290 3.1. Support for Algorithms 2292 In order to use YANG identities for algorithm identifiers, only the 2293 most commonly used RSA key lengths are supported for the RSA 2294 algorithm. Additional key lengths can be defined in another module 2295 or added into a future version of this document. 2297 This document limits the number of elliptical curves supported. This 2298 was done to match industry trends and IETF best practice (e.g., 2299 matching work being done in TLS 1.3). If additional algorithms are 2300 needed, they can be defined by another module or added into a future 2301 version of this document. 2303 3.2. No Support for CRMF 2305 This document uses PKCS #10 [RFC2986] for the "generate-certificate- 2306 signing-request" action. The use of Certificate Request Message 2307 Format (CRMF) [RFC4211] was considered, but is was unclear if there 2308 was market demand for it. If it is desired to support CRMF in the 2309 future, a backwards compatible solution can be defined at that time. 2311 3.3. Access to Data Nodes 2313 The YANG module in this document defines "grouping" statements that 2314 are designed to be accessed via YANG based management protocols, such 2315 as NETCONF [RFC6241] and RESTCONF [RFC8040]. Both of these protocols 2316 have mandatory-to-implement secure transport layers (e.g., SSH, TLS) 2317 with mutual authentication. 2319 The NETCONF access control model (NACM) [RFC8341] provides the means 2320 to restrict access for particular users to a pre-configured subset of 2321 all available protocol operations and content. 2323 Since the module in this document only define groupings, these 2324 considerations are primarily for the designers of other modules that 2325 use these groupings. 2327 There are a number of data nodes defined by the grouping statements 2328 that are writable/creatable/deletable (i.e., config true, which is 2329 the default). Some of these data nodes may be considered sensitive 2330 or vulnerable in some network environments. Write operations (e.g., 2331 edit-config) to these data nodes without proper protection can have a 2332 negative effect on network operations. These are the subtrees and 2333 data nodes and their sensitivity/vulnerability: 2335 *: All of the data nodes defined by all the groupings are 2336 considered sensitive to write operations. For instance, the 2337 modification of a public key or a certificate can dramatically 2338 alter the implemented security policy. For this reason, the 2339 NACM extension "default-deny-write" has been applied to all the 2340 data nodes defined by all the groupings. 2342 Some of the readable data nodes in the YANG module may be considered 2343 sensitive or vulnerable in some network environments. It is thus 2344 important to control read access (e.g., via get, get-config, or 2345 notification) to these data nodes. These are the subtrees and data 2346 nodes and their sensitivity/vulnerability: 2348 /private-key: The "private-key" node defined in the "asymmetric- 2349 key-pair-grouping" grouping is additionally sensitive to read 2350 operations such that, in normal use cases, it should never be 2351 returned to a client. For this reason, the NACM extension 2352 "default-deny-all" has been applied to it here. 2354 Some of the operations in this YANG module may be considered 2355 sensitive or vulnerable in some network environments. It is thus 2356 important to control access to these operations. These are the 2357 operations and their sensitivity/vulnerability: 2359 *: All of the "action" statements defined by groupings SHOULD only 2360 be executed by authorized users. For this reason, the NACM 2361 extension "default-deny-all" has been applied to all of them. 2362 Note that NACM uses "default-deny-all" to protect "RPC" and 2363 "action" statements; it does not define, e.g., an extension 2364 called "default-deny-execute". 2366 generate-certificate-signing-request: For this action, it is 2367 RECOMMENDED that implementations assert channel binding 2368 [RFC5056], so as to ensure that the application layer that sent 2369 the request is the same as the device authenticated when the 2370 secure transport layer was established. 2372 4. IANA Considerations 2374 4.1. The IETF XML Registry 2376 This document registers one URI in the "ns" subregistry of the IETF 2377 XML Registry [RFC3688]. Following the format in [RFC3688], the 2378 following registration is requested: 2380 URI: urn:ietf:params:xml:ns:yang:ietf-crypto-types 2381 Registrant Contact: The NETCONF WG of the IETF. 2382 XML: N/A, the requested URI is an XML namespace. 2384 4.2. The YANG Module Names Registry 2386 This document registers one YANG module in the YANG Module Names 2387 registry [RFC6020]. Following the format in [RFC6020], the the 2388 following registration is requested: 2390 name: ietf-crypto-types 2391 namespace: urn:ietf:params:xml:ns:yang:ietf-crypto-types 2392 prefix: ct 2393 reference: RFC XXXX 2395 5. References 2397 5.1. Normative References 2399 [ITU.X690.2015] 2400 International Telecommunication Union, "Information 2401 Technology - ASN.1 encoding rules: Specification of Basic 2402 Encoding Rules (BER), Canonical Encoding Rules (CER) and 2403 Distinguished Encoding Rules (DER)", ITU-T Recommendation 2404 X.690, ISO/IEC 8825-1, August 2015, 2405 . 2407 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 2408 Requirement Levels", BCP 14, RFC 2119, 2409 DOI 10.17487/RFC2119, March 1997, 2410 . 2412 [RFC2404] Madson, C. and R. Glenn, "The Use of HMAC-SHA-1-96 within 2413 ESP and AH", RFC 2404, DOI 10.17487/RFC2404, November 2414 1998, . 2416 [RFC3565] Schaad, J., "Use of the Advanced Encryption Standard (AES) 2417 Encryption Algorithm in Cryptographic Message Syntax 2418 (CMS)", RFC 3565, DOI 10.17487/RFC3565, July 2003, 2419 . 2421 [RFC3686] Housley, R., "Using Advanced Encryption Standard (AES) 2422 Counter Mode With IPsec Encapsulating Security Payload 2423 (ESP)", RFC 3686, DOI 10.17487/RFC3686, January 2004, 2424 . 2426 [RFC4106] Viega, J. and D. McGrew, "The Use of Galois/Counter Mode 2427 (GCM) in IPsec Encapsulating Security Payload (ESP)", 2428 RFC 4106, DOI 10.17487/RFC4106, June 2005, 2429 . 2431 [RFC4253] Ylonen, T. and C. Lonvick, Ed., "The Secure Shell (SSH) 2432 Transport Layer Protocol", RFC 4253, DOI 10.17487/RFC4253, 2433 January 2006, . 2435 [RFC4279] Eronen, P., Ed. and H. Tschofenig, Ed., "Pre-Shared Key 2436 Ciphersuites for Transport Layer Security (TLS)", 2437 RFC 4279, DOI 10.17487/RFC4279, December 2005, 2438 . 2440 [RFC4309] Housley, R., "Using Advanced Encryption Standard (AES) CCM 2441 Mode with IPsec Encapsulating Security Payload (ESP)", 2442 RFC 4309, DOI 10.17487/RFC4309, December 2005, 2443 . 2445 [RFC4494] Song, JH., Poovendran, R., and J. Lee, "The AES-CMAC-96 2446 Algorithm and Its Use with IPsec", RFC 4494, 2447 DOI 10.17487/RFC4494, June 2006, 2448 . 2450 [RFC4543] McGrew, D. and J. Viega, "The Use of Galois Message 2451 Authentication Code (GMAC) in IPsec ESP and AH", RFC 4543, 2452 DOI 10.17487/RFC4543, May 2006, 2453 . 2455 [RFC4868] Kelly, S. and S. Frankel, "Using HMAC-SHA-256, HMAC-SHA- 2456 384, and HMAC-SHA-512 with IPsec", RFC 4868, 2457 DOI 10.17487/RFC4868, May 2007, 2458 . 2460 [RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., 2461 Housley, R., and W. Polk, "Internet X.509 Public Key 2462 Infrastructure Certificate and Certificate Revocation List 2463 (CRL) Profile", RFC 5280, DOI 10.17487/RFC5280, May 2008, 2464 . 2466 [RFC5652] Housley, R., "Cryptographic Message Syntax (CMS)", STD 70, 2467 RFC 5652, DOI 10.17487/RFC5652, September 2009, 2468 . 2470 [RFC5656] Stebila, D. and J. Green, "Elliptic Curve Algorithm 2471 Integration in the Secure Shell Transport Layer", 2472 RFC 5656, DOI 10.17487/RFC5656, December 2009, 2473 . 2475 [RFC6187] Igoe, K. and D. Stebila, "X.509v3 Certificates for Secure 2476 Shell Authentication", RFC 6187, DOI 10.17487/RFC6187, 2477 March 2011, . 2479 [RFC6991] Schoenwaelder, J., Ed., "Common YANG Data Types", 2480 RFC 6991, DOI 10.17487/RFC6991, July 2013, 2481 . 2483 [RFC7919] Gillmor, D., "Negotiated Finite Field Diffie-Hellman 2484 Ephemeral Parameters for Transport Layer Security (TLS)", 2485 RFC 7919, DOI 10.17487/RFC7919, August 2016, 2486 . 2488 [RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language", 2489 RFC 7950, DOI 10.17487/RFC7950, August 2016, 2490 . 2492 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2493 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 2494 May 2017, . 2496 [RFC8268] Baushke, M., "More Modular Exponentiation (MODP) Diffie- 2497 Hellman (DH) Key Exchange (KEX) Groups for Secure Shell 2498 (SSH)", RFC 8268, DOI 10.17487/RFC8268, December 2017, 2499 . 2501 [RFC8332] Bider, D., "Use of RSA Keys with SHA-256 and SHA-512 in 2502 the Secure Shell (SSH) Protocol", RFC 8332, 2503 DOI 10.17487/RFC8332, March 2018, 2504 . 2506 [RFC8341] Bierman, A. and M. Bjorklund, "Network Configuration 2507 Access Control Model", STD 91, RFC 8341, 2508 DOI 10.17487/RFC8341, March 2018, 2509 . 2511 [RFC8422] Nir, Y., Josefsson, S., and M. Pegourie-Gonnard, "Elliptic 2512 Curve Cryptography (ECC) Cipher Suites for Transport Layer 2513 Security (TLS) Versions 1.2 and Earlier", RFC 8422, 2514 DOI 10.17487/RFC8422, August 2018, 2515 . 2517 [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol 2518 Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, 2519 . 2521 5.2. Informative References 2523 [RFC2986] Nystrom, M. and B. Kaliski, "PKCS #10: Certification 2524 Request Syntax Specification Version 1.7", RFC 2986, 2525 DOI 10.17487/RFC2986, November 2000, 2526 . 2528 [RFC3174] Eastlake 3rd, D. and P. Jones, "US Secure Hash Algorithm 1 2529 (SHA1)", RFC 3174, DOI 10.17487/RFC3174, September 2001, 2530 . 2532 [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, 2533 DOI 10.17487/RFC3688, January 2004, 2534 . 2536 [RFC4211] Schaad, J., "Internet X.509 Public Key Infrastructure 2537 Certificate Request Message Format (CRMF)", RFC 4211, 2538 DOI 10.17487/RFC4211, September 2005, 2539 . 2541 [RFC4493] Song, JH., Poovendran, R., Lee, J., and T. Iwata, "The 2542 AES-CMAC Algorithm", RFC 4493, DOI 10.17487/RFC4493, June 2543 2006, . 2545 [RFC5056] Williams, N., "On the Use of Channel Bindings to Secure 2546 Channels", RFC 5056, DOI 10.17487/RFC5056, November 2007, 2547 . 2549 [RFC5915] Turner, S. and D. Brown, "Elliptic Curve Private Key 2550 Structure", RFC 5915, DOI 10.17487/RFC5915, June 2010, 2551 . 2553 [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for 2554 the Network Configuration Protocol (NETCONF)", RFC 6020, 2555 DOI 10.17487/RFC6020, October 2010, 2556 . 2558 [RFC6125] Saint-Andre, P. and J. Hodges, "Representation and 2559 Verification of Domain-Based Application Service Identity 2560 within Internet Public Key Infrastructure Using X.509 2561 (PKIX) Certificates in the Context of Transport Layer 2562 Security (TLS)", RFC 6125, DOI 10.17487/RFC6125, March 2563 2011, . 2565 [RFC6234] Eastlake 3rd, D. and T. Hansen, "US Secure Hash Algorithms 2566 (SHA and SHA-based HMAC and HKDF)", RFC 6234, 2567 DOI 10.17487/RFC6234, May 2011, 2568 . 2570 [RFC6239] Igoe, K., "Suite B Cryptographic Suites for Secure Shell 2571 (SSH)", RFC 6239, DOI 10.17487/RFC6239, May 2011, 2572 . 2574 [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., 2575 and A. Bierman, Ed., "Network Configuration Protocol 2576 (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, 2577 . 2579 [RFC6507] Groves, M., "Elliptic Curve-Based Certificateless 2580 Signatures for Identity-Based Encryption (ECCSI)", 2581 RFC 6507, DOI 10.17487/RFC6507, February 2012, 2582 . 2584 [RFC8017] Moriarty, K., Ed., Kaliski, B., Jonsson, J., and A. Rusch, 2585 "PKCS #1: RSA Cryptography Specifications Version 2.2", 2586 RFC 8017, DOI 10.17487/RFC8017, November 2016, 2587 . 2589 [RFC8032] Josefsson, S. and I. Liusvaara, "Edwards-Curve Digital 2590 Signature Algorithm (EdDSA)", RFC 8032, 2591 DOI 10.17487/RFC8032, January 2017, 2592 . 2594 [RFC8040] Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF 2595 Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017, 2596 . 2598 [RFC8340] Bjorklund, M. and L. Berger, Ed., "YANG Tree Diagrams", 2599 BCP 215, RFC 8340, DOI 10.17487/RFC8340, March 2018, 2600 . 2602 [RFC8439] Nir, Y. and A. Langley, "ChaCha20 and Poly1305 for IETF 2603 Protocols", RFC 8439, DOI 10.17487/RFC8439, June 2018, 2604 . 2606 Appendix A. Examples 2608 A.1. The "asymmetric-key-pair-with-certs-grouping" Grouping 2610 The following example module has been constructed to illustrate use 2611 of the "asymmetric-key-pair-with-certs-grouping" grouping defined in 2612 the "ietf-crypto-types" module. 2614 Note that the "asymmetric-key-pair-with-certs-grouping" grouping uses 2615 both the "asymmetric-key-pair-grouping" and "end-entity-cert- 2616 grouping" groupings, and that the "asymmetric-key-pair-grouping" 2617 grouping uses the "public-key-grouping" grouping. Thus, a total of 2618 four of the five groupings defined in the "ietf-crypto-types" module 2619 are illustrated through the use of this one grouping. The only 2620 grouping not represented is the "trust-anchor-cert-grouping" 2621 grouping. 2623 module ex-crypto-types-usage { 2624 yang-version 1.1; 2626 namespace "http://example.com/ns/example-crypto-types-usage"; 2627 prefix "ectu"; 2629 import ietf-crypto-types { 2630 prefix ct; 2631 reference 2632 "RFC XXXX: Common YANG Data Types for Cryptography"; 2633 } 2635 organization 2636 "Example Corporation"; 2638 contact 2639 "Author: YANG Designer "; 2641 description 2642 "This module illustrates the grouping 2643 defined in the crypto-types draft called 2644 'asymmetric-key-pair-with-certs-grouping'."; 2646 revision "1001-01-01" { 2647 description 2648 "Initial version"; 2649 reference 2650 "RFC ????: Usage Example for RFC XXXX"; 2651 } 2653 container keys { 2654 description 2655 "A container of keys."; 2656 list key { 2657 key name; 2658 leaf name { 2659 type string; 2660 description 2661 "An arbitrary name for this key."; 2662 } 2663 uses ct:asymmetric-key-pair-with-certs-grouping; 2664 description 2665 "An asymmetric key pair with associated certificates."; 2666 } 2667 } 2668 } 2669 Given the above example usage module, the following example 2670 illustrates some configured keys. 2672 2673 2674 ex-key 2675 rsa2048 2676 base64encodedvalue== 2677 base64encodedvalue== 2678 2679 2680 ex-cert 2681 base64encodedvalue== 2682 2683 2684 2685 2686 ex-hidden-key 2687 rsa2048 2688 base64encodedvalue== 2689 2690 2691 2692 ex-hidden-key-cert 2693 base64encodedvalue== 2694 2695 2696 2697 2699 A.2. The "generate-certificate-signing-request" Action 2701 The following example illustrates the "generate-certificate-signing- 2702 request" action in use with the NETCONF protocol. 2704 REQUEST 2706 2708 2709 2710 2711 ex-key-sect571r1 2712 2713 base64encodedvalue== 2714 base64encodedvalue== 2715 2716 2717 2718 2719 2721 RESPONSE 2723 2725 2727 base64encodedvalue== 2728 2729 2731 A.3. The "certificate-expiration" Notification 2733 The following example illustrates the "certificate-expiration" 2734 notification in use with the NETCONF protocol. 2736 2738 2018-05-25T00:01:00Z 2739 2740 2741 locally-defined key 2742 2743 2744 my-cert 2745 2746 2747 2018-08-05T14:18:53-05:00 2748 2749 2750 2751 2752 2753 2754 2756 Appendix B. Change Log 2758 B.1. I-D to 00 2760 o Removed groupings and notifications. 2762 o Added typedefs for identityrefs. 2764 o Added typedefs for other RFC 5280 structures. 2766 o Added typedefs for other RFC 5652 structures. 2768 o Added convenience typedefs for RFC 4253, RFC 5280, and RFC 5652. 2770 B.2. 00 to 01 2772 o Moved groupings from the draft-ietf-netconf-keystore here. 2774 B.3. 01 to 02 2776 o Removed unwanted "mandatory" and "must" statements. 2778 o Added many new crypto algorithms (thanks Haiguang!) 2780 o Clarified in asymmetric-key-pair-with-certs-grouping, in 2781 certificates/certificate/name/description, that if the name MUST 2782 NOT match the name of a certificate that exists independently in 2783 , enabling certs installed by the manufacturer (e.g., 2784 an IDevID). 2786 B.4. 02 to 03 2788 o renamed base identity 'asymmetric-key-encryption-algorithm' to 2789 'asymmetric-key-algorithm'. 2791 o added new 'asymmetric-key-algorithm' identities for secp192r1, 2792 secp224r1, secp256r1, secp384r1, and secp521r1. 2794 o removed 'mac-algorithm' identities for mac-aes-128-ccm, mac-aes- 2795 192-ccm, mac-aes-256-ccm, mac-aes-128-gcm, mac-aes-192-gcm, mac- 2796 aes-256-gcm, and mac-chacha20-poly1305. 2798 o for all -cbc and -ctr identities, renamed base identity 2799 'symmetric-key-encryption-algorithm' to 'encryption-algorithm'. 2801 o for all -ccm and -gcm identities, renamed base identity 2802 'symmetric-key-encryption-algorithm' to 'encryption-and-mac- 2803 algorithm' and renamed the identity to remove the "enc-" prefix. 2805 o for all the 'signature-algorithm' based identities, renamed from 2806 'rsa-*' to 'rsassa-*'. 2808 o removed all of the "x509v3-" prefixed 'signature-algorithm' based 2809 identities. 2811 o added 'key-exchange-algorithm' based identities for 'rsaes-oaep' 2812 and 'rsaes-pkcs1-v1_5'. 2814 o renamed typedef 'symmetric-key-encryption-algorithm-ref' to 2815 'symmetric-key-algorithm-ref'. 2817 o renamed typedef 'asymmetric-key-encryption-algorithm-ref' to 2818 'asymmetric-key-algorithm-ref'. 2820 o added typedef 'encryption-and-mac-algorithm-ref'. 2822 o Updated copyright date, boilerplate template, affiliation, and 2823 folding algorithm. 2825 B.5. 03 to 04 2827 o ran YANG module through formatter. 2829 B.6. 04 to 05 2831 o fixed broken symlink causing reformatted YANG module to not show. 2833 B.7. 05 to 06 2835 o Added NACM annotations. 2837 o Updated Security Considerations section. 2839 o Added 'asymmetric-key-pair-with-cert-grouping' grouping. 2841 o Removed text from 'permanently-hidden' enum regarding such keys 2842 not being backed up or restored. 2844 o Updated the boilerplate text in module-level "description" 2845 statement to match copyeditor convention. 2847 o Added an explanation to the 'public-key-grouping' and 'asymmetric- 2848 key-pair-grouping' statements as for why the nodes are not 2849 mandatory (e.g., because they may exist only in . 2851 o Added 'must' expressions to the 'public-key-grouping' and 2852 'asymmetric-key-pair-grouping' statements ensuring sibling nodes 2853 are either all exist or do not all exist. 2855 o Added an explanation to the 'permanently-hidden' that the value 2856 cannot be configured directly by clients and servers MUST fail any 2857 attempt to do so. 2859 o Added 'trust-anchor-certs-grouping' and 'end-entity-certs- 2860 grouping' (the plural form of existing groupings). 2862 o Now states that keys created in by the *-hidden-key 2863 actions are bound to the lifetime of the parent 'config true' 2864 node, and that subsequent invocations of either action results in 2865 a failure. 2867 B.8. 06 to 07 2869 o Added clarifications that implementations SHOULD assert that 2870 configured certificates contain the matching public key. 2872 o Replaced the 'generate-hidden-key' and 'install-hidden-key' 2873 actions with special 'crypt-hash' -like input/output values. 2875 B.9. 07 to 08 2877 o Removed the 'generate-key and 'hidden-key' features. 2879 o Added grouping symmetric-key-grouping 2881 o Modified 'asymmetric-key-pair-grouping' to have a 'choice' 2882 statement for the keystone module to augment into, as well as 2883 replacing the 'union' with leafs (having different NACM settings. 2885 B.10. 08 to 09 2887 o Converting algorithm from identities to enumerations. 2889 B.11. 09 to 10 2891 o All of the below changes are to the algorithm enumerations defined 2892 in ietf-crypto-types. 2894 o Add in support for key exchange over x.25519 and x.448 based on 2895 RFC 8418. 2897 o Add in SHAKE-128, SHAKE-224, SHAKE-256, SHAKE-384 and SHAKE 512 2899 o Revise/add in enum of signature algorithm for x25519 and x448 2901 o Add in des3-cbc-sha1 for IPSec 2903 o Add in sha1-des3-kd for IPSec 2905 o Add in definit for rc4-hmac and rc4-hmac-exp. These two 2906 algorithms have been deprecated in RFC 8429. But some existing 2907 draft in i2nsf may still want to use them. 2909 o Add x25519 and x448 curve for asymmetric algorithms 2911 o Add signature algorithms ed25519, ed25519-cts, ed25519ph 2913 o add signature algorithms ed448, ed448ph 2915 o Add in rsa-sha2-256 and rsa-sha2-512 for SSH protocols (rfc8332) 2917 Acknowledgements 2919 The authors would like to thank for following for lively discussions 2920 on list and in the halls (ordered by last name): Martin Bjorklund, 2921 Nick Hancock, Balazs Kovacs, Juergen Schoenwaelder, Eric Voit, and 2922 Liang Xia. 2924 Authors' Addresses 2926 Kent Watsen 2927 Watsen Networks 2929 EMail: kent+ietf@watsen.net 2931 Wang Haiguang 2932 Huawei 2934 EMail: wang.haiguang.shieldlab@huawei.com