Cisco-IOS-XE-boot-integrity-oper

This module contains a collection of YANG definitions for Cisco IOS XE boot integrity visibility. Copyright (c) 2017-2020 by Cis...

  • Version: 2021-03-01

    Cisco-IOS-XE-boot-integrity-oper@2021-03-01


    
  module Cisco-IOS-XE-boot-integrity-oper {

    yang-version 1;

    namespace
      "http://cisco.com/ns/yang/Cisco-IOS-XE-boot-integrity-oper";

    prefix boot-integrity-ios-xe-oper;

    import cisco-semver {
      prefix cisco-semver;
    }

    organization "Cisco Systems, Inc.";

    contact
      "Cisco Systems, Inc.
     Customer Service

     Postal: 170 W Tasman Drive
     San Jose, CA 95134

     Tel: +1 1800 553-NETS

     E-mail: cs-yang@cisco.com";

    description
      "This module contains a collection of YANG definitions
     for Cisco IOS XE boot integrity visibility.
     Copyright (c) 2017-2020 by Cisco Systems, Inc.
     All rights reserved.";

    revision "2021-03-01" {
      description
        "Restructured system integrity sub tree.";
      reference
        "2.0.0";

    }

    revision "2019-05-01" {
      description "Added semantic version";
      reference
        "1.2.0";

    }

    revision "2018-10-29" {
      description
        "Cleaned up spelling errors in descriptions.";
      reference
        "1.1.0";

    }

    revision "2018-01-31" {
      description "Initial revision";
      reference
        "1.0.0";

    }

    cisco-semver:module-version "2.0.0";
    cisco-semver:module-version "1.2.0";
    cisco-semver:module-version "1.1.0";
    cisco-semver:module-version "1.0.0";

    container boot-integrity-oper-data {
      config false;
      description
        "Enclosing container for the boot integrity
       measurements of the system.";
      container system-integrity {
        presence "system-integrity";
        description
          "List of system integrity measurements for Boot,
         Boot Loader, and package signatures as well as
         Platform Configuration Registers (PCR) content.
         These measurements are captured utilizing Trust
         Anchor Module (TAM) services communicating with
         Anti-Counterfeit Technology implemented in
         a secure hardware device.";
        leaf platform {
          type string;
          description "Product Identifier";
        }

        leaf boot-ver {
          type string;
          description "Boot 0 Version";
        }

        leaf boot-hash {
          type string;
          description "Boot 0 Hash";
        }

        leaf boot-loader-ver {
          type string;
          description "Boot Loader Version";
        }

        leaf boot-loader-hash {
          type string;
          description "Boot Loader Hash";
        }

        leaf os-version {
          type string;
          description
            "Operating System Version";
        }

        list package-integrity {
          key "index";
          description
            "List of package integrity group describing
system-calculated hashes for each package artifact
currently installed or patched to the system.  A package
artifact in this context may consist of at least one super
package followed by a sequence of sub-packages and optionally
where applicable may contain additional entries for software
maintenance update packages.";
          leaf index {
            type uint8;
            description
              "Unique index assigned to each package integrity
group entry. Assigned for uniqueness.";
          }

          leaf name {
            type string;
            description "Package Name";
          }

          leaf hash {
            type string;
            description "Package Hash";
          }
        }  // list package-integrity

        list register {
          key "index";
          description
            "List for maintaining the Platform Content
Register (PCR) indices and content.  Currently
only two entries are expected: index 0 and
index 8";
          leaf index {
            type uint8;
            description
              "References PCR Register Index";
          }

          leaf pcr-content {
            type string;
            description
              "References PCR Register Content";
          }
        }  // list register
      }  // container system-integrity

      container sudi-certificate {
        presence "sudi-certificate";
        description
          "List of system  certificate measurements for Cisco
         Root CA (CRCA), Cisco Manufacturing CA (CMCA), and
         ACT2 RSA Secure Unique Device Identity (SUDI) CA
         PEM certificates and SUDI generated signatures.
         These measurements are captured utilizing Trusted
         Anchor Module (TAM) services communicating with
         system Anti-Counterfeit Technology implemented in
         a secure hardware device.";
        leaf crca-pem {
          type string;
          description
            "Cisco Root CA PEM Certificate";
        }

        leaf cmca-pem {
          type string;
          description
            "Cisco Manufacturing CA PEM Certificate";
        }

        leaf sudi-pem {
          type string;
          description
            "ACT2 RSA SUDI CA PEM Certificate";
        }

        leaf sudi-signature {
          type string;
          description
            "ACT2 RSA SUDI Certificate Generated Signature";
        }
      }  // container sudi-certificate
    }  // container boot-integrity-oper-data
  }  // module Cisco-IOS-XE-boot-integrity-oper

© 2023 YumaWorks, Inc. All rights reserved.