This module defines procedure to apply the Authenticated variables to add/update the certificates of a network platform''s sec...
Version: 2020-07-10
module Cisco-IOS-XR-authenticated-variable-act { yang-version 1; namespace "http://cisco.com/ns/yang/Cisco-IOS-XR-authenticated-variable-act"; prefix sb-av; import cisco-semver { prefix semver; } organization "Cisco Systems, Inc."; contact "Cisco Systems, Inc. Customer Service Postal: 170 West Tasman Drive San Jose, CA 95134 Tel: +1 800 553-NETS E-mail: cs-yang@cisco.com"; description "This module defines procedure to apply the Authenticated variables to add/update the certificates of a network platform''s secure storage. Copyright (c) 2017 IETF Trust and the persons identified as authors of the code. All rights reserved. Redistribution and use in source and binary forms, with or without modification, is permitted pursuant to, and subject to the license terms contained in, the Simplified BSD License set forth in Section 4.c of the IETF Trust''s Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info). This version of this YANG module is part of RFC VVVV; see the RFC itself for full legal notices."; revision "2020-07-10" { description "Added xr-task so that Limited access user should not configure router using this model"; } revision "2019-10-01" { description "Made changes to be RFC6087 compliant"; } revision "2019-04-05" { description "Establish semantic version baseline."; } revision "2018-07-11" { description "Initial revision."; } semver:module-version "1.1.0"; semver:module-version "1.1.0"; semver:module-version "1.0.0"; typedef EFI_VARIABLE { type enumeration { enum "EFI_VAR_PK_CISCO" { value 4; description "EFI VAR PK CISCO"; } enum "EFI_VAR_KEK_CISCO" { value 5; description "EFI VAR KEK CISCO"; } enum "EFI_VAR_DB_CISCO" { value 6; description "EFI VAR DB CISCO"; } enum "EFI_VAR_DBX_CISCO" { value 7; description "EFI VAR DBX CISCO"; } enum "EFI_VAR_ALL" { value 8; description "EFI VAR ALL"; } } description "EFI variable"; } grouping LDWM-data { description "Signature data for LDWM key"; leaf sig-list-num { type uint32; description "Signature list Identifier"; } leaf guid { type string; description "Signature owner Identifier"; } leaf extension-type { type string; description "Type of the signature"; } leaf cert-list-num { type uint32; description "Signature entry number"; } leaf owner-guid { type string; description "Signature owner guid"; } leaf size { type uint32; description "size of the signature"; } leaf key-type { type string; description "type of the key"; } leaf key-index { type uint32; description "Index of the Key"; } leaf key-length { type uint32; description "Length of the Key"; } leaf key-data { type binary; description "Key Data determined by Key-Length"; } } // grouping LDWM-data grouping X509-data { description "Signature data for X509 certificate"; leaf sig-list-num { type uint32; description "Signature list Identifier"; } leaf guid { type string; description "Signature owner Identifier"; } leaf extension-type { type string; description "Type of the signature"; } leaf cert-list-num { type uint32; description "Signature entry number"; } leaf owner-guid { type string; description "Signature owner guid"; } leaf size { type uint32; description "size of the signature"; } leaf x509-data { type binary; description "x509 Cert data"; } } // grouping X509-data grouping SHA256-data { description "Signature data for SHA256 hash"; leaf sig-list-num { type uint32; description "Signature list Identifier"; } leaf guid { type string; description "Signature owner Identifier"; } leaf extension-type { type string; description "Type of the signature"; } leaf cert-list-num { type uint32; description "Signature entry number"; } leaf owner-guid { type string; description "Signature owner guid"; } leaf size { type uint32; description "size of the signature"; } leaf sha256-hash { type binary; description "SHA256 Hash data"; } } // grouping SHA256-data rpc apply-av { description "Append or update certificates in the Aikido. Returns whether operation is succeeded or failed. When in error condition, error code will be populated."; input { leaf location { type string; mandatory true; description "In a distributed system get the data from a specific node identified by the location. Either specified node location or all is valid"; } leaf av-operation { type enumeration { enum "APPEND" { value 1; description "Append"; } enum "UPDATE" { value 2; description "Update"; } } mandatory true; description "Append/Update operation"; } leaf efi-var { type EFI_VARIABLE; mandatory true; description "Contains value for EFI partition"; } leaf av-content-file { type binary; mandatory true; description "av content file"; } leaf on-bmc { type boolean; description "on bmc"; } } output { container apply-av-response { description "apply av result data"; list node-data { key "node-location"; description "apply av result list of the nodes in a distributed system identified by the location"; leaf node-location { type string; description "Location of the node in the distributed system"; } leaf result-string { type string; description "result string"; } } // list node-data } // container apply-av-response } } // rpc apply-av rpc dump-efi-var { description "Fetches the certificates from the EFI variable provided, dumps into a file and returns the file."; input { leaf efi-var { type EFI_VARIABLE; mandatory true; description "EFI variable"; } leaf location { type string; mandatory true; description "In a distributed system get the data from a specific node identified by the location. Either specified node location or all is valid"; } leaf on-bmc { type boolean; description "on bmc"; } } output { container dump-efi-var-response { description "dumping efi variables data"; list node-data { key "node-location"; description "Dumping EFI Variables list of the nodes in a distributed system identified by the location"; leaf node-location { type string; description "Location of the node in the distributed system"; } leaf result-string { type string; description "Result string of the show efi variables on the node"; } list efi-var-data { key "efi-var-name"; description "EFI Variable Name"; leaf efi-var-name { type string; description "EFI Variable Name"; } leaf efi-content-file { type binary; description "EFI Variables binary content"; } } // list efi-var-data } // list node-data } // container dump-efi-var-response } } // rpc dump-efi-var rpc show-efi-var { description "Returns the certificates from the EFI variable provided."; input { leaf efi-var { type EFI_VARIABLE; mandatory true; description "EFI variable"; } leaf location { type string; mandatory true; description "In a distributed system get the data from a specific node identified by the location. Either specified node location or all is valid"; } leaf on-bmc { type boolean; description "on bmc"; } } output { container show-efi-var-response { description "show efi var response"; list node-data { key "node-location"; description "Signatures list of a node in a distributed system identified by the location"; leaf node-location { type string; description "Location of the node in the distributed system"; } leaf result-string { type string; description "Result string of the show efi variables on the node"; } list efi-var-data { key "efi-var-name"; description "EFI Variable name"; leaf efi-var-name { type string; description "EFI Variable name"; } list signature-list { description "signature list"; list ldwm-list { description "List of LDWM Keys"; uses LDWM-data; } // list ldwm-list list x509-list { description "List of x509 certs"; uses X509-data; } // list x509-list list sha256-list { description "List of sha256 Hashes"; uses SHA256-data; } // list sha256-list } // list signature-list } // list efi-var-data } // list node-data } // container show-efi-var-response } } // rpc show-efi-var } // module Cisco-IOS-XR-authenticated-variable-act
© 2023 YumaWorks, Inc. All rights reserved.