Keychain.
Version: 2021-02-01
module huawei-keychain { yang-version 1; namespace "urn:huawei:yang:huawei-keychain"; prefix keychain; import huawei-pub-type { prefix pub-type; } import huawei-extension { prefix ext; } organization "Huawei Technologies Co., Ltd."; contact "Huawei Industrial Base Bantian, Longgang Shenzhen 518129 People's Republic of China Website: http://www.huawei.com Email: support@huawei.com"; description "Keychain."; revision "2021-02-01" { description "Add AES-128-CMAC algorithm."; reference "Huawei private."; } revision "2020-04-19" { description "Init revision."; reference "Huawei private."; } ext:task-name "key-chain"; typedef keychain-mode { type enumeration { enum "daily" { value 1; description "Daily periodicity mode."; } enum "monthly" { value 2; description "Monthly periodicity mode."; } enum "weekly" { value 3; description "Weekly periodicity mode."; } enum "yearly" { value 4; description "Yearly periodicity mode."; } enum "absolute" { value 5; description "Absolute time mode."; } } description "Timing mode."; } typedef keychain-time-zone { type enumeration { enum "UTC" { value 1; description "UTC time zone."; } enum "LMT" { value 0; description "LMT time zone."; } } description "Time Zone."; } typedef keychain-algorithm-type { type enumeration { enum "md5" { value 1; description "MD5 algorithm."; } enum "sha-1" { value 2; description "SHA-1 algorithm."; } enum "hmac-md5" { value 3; description "HMAC-MD5 algorithm."; } enum "hmac-sha1-12" { value 4; description "HMAC-SHA1-12 algorithm."; } enum "hmac-sha1-20" { value 5; description "HMAC-SHA1-20 algorithm."; } enum "hmac-sha-256" { value 6; description "HMAC-SHA-256 algorithm."; } enum "sha-256" { value 7; description "SHA-256 algorithm."; } enum "sm3" { value 8; description "SM3 algorithm."; } enum "aes-128-cmac" { value 9; description "AES-128-CMAC algorithm."; } } description "Algorithm configuration for that Key-ID."; } typedef keychain-key-id-status { type enumeration { enum "active" { value 0; description "Active."; } enum "inactive" { value 1; description "Inactive."; } } description "Status of key ID."; } typedef keychain-dig-len-16or32 { type enumeration { enum "16" { value 16; description "16 Byte.."; } enum "32" { value 32; description "32 Byte.."; } } description "Digest length 16 or 32 byte."; } typedef keychain-dig-len-16or20 { type enumeration { enum "16" { value 16; description "16 Byte.."; } enum "20" { value 20; description "20 Byte.."; } } description "Digest length 16 or 20 byte."; } typedef keychain-month-type { type bits { bit jan { position 0; description "January."; } bit feb { position 1; description "February."; } bit mar { position 2; description "March."; } bit apr { position 3; description "April."; } bit may { position 4; description "May."; } bit jun { position 5; description "June."; } bit jul { position 6; description "July."; } bit aug { position 7; description "August."; } bit sep { position 8; description "September."; } bit oct { position 9; description "October."; } bit nov { position 10; description "November."; } bit dec { position 11; description "December."; } } description "Months of one year."; } typedef keychain-week-type { type bits { bit mon { position 0; description "Monday."; } bit tue { position 1; description "Tuesday."; } bit wed { position 2; description "Wednesday."; } bit thu { position 3; description "Thursday."; } bit fri { position 4; description "Friday."; } bit sat { position 5; description "Saturday."; } bit sun { position 6; description "Sunday."; } } description "Days of one week."; } typedef keychain-date-type { type bits { bit day-1 { position 0; description "1st."; } bit day-2 { position 1; description "2nd."; } bit day-3 { position 2; description "3rd."; } bit day-4 { position 3; description "4th."; } bit day-5 { position 4; description "5th."; } bit day-6 { position 5; description "6th."; } bit day-7 { position 6; description "7th."; } bit day-8 { position 7; description "8th."; } bit day-9 { position 8; description "9th."; } bit day-10 { position 9; description "10th."; } bit day-11 { position 10; description "11th."; } bit day-12 { position 11; description "12th."; } bit day-13 { position 12; description "13th."; } bit day-14 { position 13; description "14th."; } bit day-15 { position 14; description "15th."; } bit day-16 { position 15; description "16th."; } bit day-17 { position 16; description "17th."; } bit day-18 { position 17; description "18th."; } bit day-19 { position 18; description "19th."; } bit day-20 { position 19; description "20th."; } bit day-21 { position 20; description "21st."; } bit day-22 { position 21; description "22nd."; } bit day-23 { position 22; description "23rd."; } bit day-24 { position 23; description "24th."; } bit day-25 { position 24; description "25th."; } bit day-26 { position 25; description "26th."; } bit day-27 { position 26; description "27th."; } bit day-28 { position 27; description "28th."; } bit day-29 { position 28; description "29th."; } bit day-30 { position 29; description "30th."; } bit day-31 { position 30; description "31st."; } } description "Dates of one month."; } container keychain { description "Keychain."; container keychains { description "List of keychain instances."; list keychain { key "name"; max-elements 5000; description "Configure keychain instance."; leaf name { ext:case-sensitivity "lower-only"; type string { length "1..47"; pattern '[^A-Z]+'; } description "The name of keychain instance."; } leaf kc-mode { ext:support-filter "true"; type keychain-mode; mandatory true; description "The time mode of keychain instance."; } leaf time-zone { ext:support-filter "true"; type keychain-time-zone; default "LMT"; description "The time zone of keychain instance."; } leaf digest-len-sha256 { ext:support-filter "true"; type keychain-dig-len-16or32; default "32"; description "The digest length of SHA-256 algorithm."; } leaf digest-len-hmac-sha256 { ext:support-filter "true"; type keychain-dig-len-16or32; default "32"; description "The digest length of HMAC-SHA-256 algorithm."; } leaf digest-len-hmac-sha120 { ext:support-filter "true"; type keychain-dig-len-16or20; default "20"; description "The digest length of HMAC-SHA1-20 algorithm."; } leaf recv-tolerance { ext:support-filter "true"; type uint32 { range "0..14400"; } units "min"; description "The receive tolerance value in minutes for a keychain, 0 means that time is infinite."; } container kc-tcp { description "Configure the parameter for TCP enhanced authentication option. The corresponding keychain must have been created."; leaf tcp-kind { ext:support-filter "true"; type uint32 { range "28..255"; } default "254"; description "The value of TCP kind."; } leaf tcp-md5-alg-id { ext:support-filter "true"; type uint32 { range "1..63"; } default "3"; description "TCP algorithm Id of MD5."; } leaf tcp-sha1-alg-id { ext:support-filter "true"; type uint32 { range "1..63"; } default "4"; description "TCP algorithm Id of SHA-1."; } leaf tcp-hmac-md5-alg-id { ext:support-filter "true"; type uint32 { range "1..63"; } default "5"; description "TCP algorithm Id of HMAC-MD5."; } leaf tcp-hmac-sha112-id { ext:support-filter "true"; type uint32 { range "1..63"; } default "2"; description "TCP algorithm Id of HMAC-SHA1-12."; } leaf tcp-hmac-sha120-id { ext:support-filter "true"; type uint32 { range "1..63"; } default "6"; description "TCP algorithm Id of HMAC-SHA1-20."; } leaf tcp-hmac-sha256-id { ext:support-filter "true"; type uint32 { range "1..63"; } default "7"; description "TCP algorithm Id of HMAC-SHA-256."; } leaf tcp-sha256-alg-id { ext:support-filter "true"; type uint32 { range "1..63"; } default "8"; description "TCP algorithm Id of SHA-256."; } leaf tcp-sm3-alg-id { ext:support-filter "true"; type uint32 { range "1..63"; } default "9"; description "TCP algorithm Id of SM3."; } leaf tcp-aes128-cmac-alg-id { ext:support-filter "true"; type uint32 { range "1..63"; } default "10"; description "TCP algorithm Id of AES-128-CMAC."; } } // container kc-tcp container abs-key-ids { when "../kc-mode='absolute'"; description "List of absolute time mode key-id."; list abs-key-id { key "key-id"; max-elements 64; description "Configure absolute time mode key-id instance. The corresponding keychain must have been created."; leaf key-id { type uint32 { range "0..63"; } description "ID of key-id."; } leaf algorithm { ext:support-filter "true"; type keychain-algorithm-type; description "The algorithm that should be associated to the key-id."; } leaf cipher-string { type pub-type:password-extend { length "1..432"; } description "Authentication password of key-id."; } leaf default-send-key-id { ext:support-filter "true"; type boolean; default "false"; description "Enable/disable the default send key-id of keychain instance. A keychain instance can have only one key-id as the default send key-id."; } leaf abs-send-start-date { ext:support-filter "true"; type pub-type:date; must "../abs-send-start-time and (../send-duration or (../abs-send-end-date and ../abs-send-end-time))"; description "Date for the key-id start to be send activity, the combination of abs-send-start-date and abs-send-start-time must be earlier than that of abs-send-end-date and abs-send-end-time."; } leaf abs-send-start-time { ext:support-filter "true"; type pub-type:time-hhmm; must "../abs-send-start-date and (../send-duration or (../abs-send-end-date and ../abs-send-end-time))"; description "Time for the key-id start to be send activity, the combination of abs-send-start-date and abs-send-start-time must be earlier than that of abs-send-end-date and abs-send-end-time."; } leaf abs-recv-start-date { ext:support-filter "true"; type pub-type:date; must "../abs-recv-start-time and (../recv-duration or (../abs-recv-end-date and ../abs-recv-end-time))"; description "Date for the key-id start to be receive activity, the combination of abs-recv-start-date and abs-recv-start-time must be earlier than that of abs-recv-end-date and abs-recv-end-time."; } leaf abs-recv-start-time { ext:support-filter "true"; type pub-type:time-hhmm; must "../abs-recv-start-date and (../recv-duration or (../abs-recv-end-date and ../abs-recv-end-time))"; description "Time for the key-id start to be receive activity, the combination of abs-recv-start-date and abs-recv-start-time must be earlier than that of abs-recv-end-date and abs-recv-end-time."; } choice send-end-mode { description "The end mode keychain instance."; case end-by-duration { description "End the keychain instance by duration."; leaf send-duration { ext:support-filter "true"; type uint32 { range "0..26280000"; } units "min"; must "../abs-send-start-date and ../abs-send-start-time"; description "Duration of the key-id keep send active, 0 means that time is infinite."; } } // case end-by-duration case end-by-specified-time { description "End the keychain instance by specified-time."; leaf abs-send-end-date { ext:support-filter "true"; type pub-type:date; must "../abs-send-start-date and ../abs-send-start-time and ../abs-send-end-time"; description "Date for the key-id stop to be send activity, the combination of abs-send-start-date and abs-send-start-time must be earlier than that of abs-send-end-date and abs-send-end-time."; } leaf abs-send-end-time { ext:support-filter "true"; type pub-type:time-hhmm; must "../abs-send-start-date and ../abs-send-start-time and ../abs-send-end-date"; description "Time for the key-id stop to be send activity, the combination of abs-send-start-date and abs-send-start-time must be earlier than that of abs-send-end-date and abs-send-end-time."; } } // case end-by-specified-time } // choice send-end-mode choice receive-end-mode { description "The end mode keychain instance."; case end-by-duration { description "End the keychain instance by duration."; leaf recv-duration { ext:support-filter "true"; type uint32 { range "0..26280000"; } units "min"; must "../abs-recv-start-date and ../abs-recv-start-time"; description "Duration of the key-id keep receive active, 0 means that time is infinite."; } } // case end-by-duration case end-by-specified-time { description "End the keychain instance by specified-time."; leaf abs-recv-end-date { ext:support-filter "true"; type pub-type:date; must "../abs-recv-start-date and ../abs-recv-start-time and ../abs-recv-end-time"; description "Date for the key-id stop to be receive activity, the combination of abs-recv-start-date and abs-recv-start-time must be earlier than that of abs-recv-end-date and abs-recv-end-time."; } leaf abs-recv-end-time { ext:support-filter "true"; type pub-type:time-hhmm; must "../abs-recv-start-date and ../abs-recv-start-time and ../abs-recv-end-date"; description "Time for the key-id stop to be receive activity, the combination of abs-recv-start-date and abs-recv-start-time must be earlier than that of abs-recv-end-date and abs-recv-end-time."; } } // case end-by-specified-time } // choice receive-end-mode leaf send-status { type keychain-key-id-status; config false; description "Send status of key-id."; } leaf recv-status { type keychain-key-id-status; config false; description "Receive status of key-id."; } } // list abs-key-id } // container abs-key-ids container year-key-ids { when "../kc-mode='yearly'"; must "count(year-key-id[default-send-key-id='true'])<=1"; must "count(year-key-id[contains(year-send-dates,'jan')])<=1 and count(year-key-id[contains(year-send-dates,'feb')])<=1"; must "count(year-key-id[contains(year-send-dates,'mar')])<=1 and count(year-key-id[contains(year-send-dates,'apr')])<=1"; must "count(year-key-id[contains(year-send-dates,'may')])<=1 and count(year-key-id[contains(year-send-dates,'jun')])<=1"; must "count(year-key-id[contains(year-send-dates,'jul')])<=1 and count(year-key-id[contains(year-send-dates,'aug')])<=1"; must "count(year-key-id[contains(year-send-dates,'sep')])<=1 and count(year-key-id[contains(year-send-dates,'oct')])<=1"; must "count(year-key-id[contains(year-send-dates,'nov')])<=1 and count(year-key-id[contains(year-send-dates,'dec')])<=1"; description "List of yearly periodicity key-id."; list year-key-id { key "key-id"; max-elements 64; description "Configure the yearly periodicity key-id instance. The corresponding keychain must have been created."; leaf key-id { type uint32 { range "0..63"; } description "ID of key-id."; } leaf algorithm { ext:support-filter "true"; type keychain-algorithm-type; description "The algorithm that should be associated to the key-id."; } leaf cipher-string { type pub-type:password-extend; description "Authentication password of key-id."; } leaf default-send-key-id { ext:support-filter "true"; type boolean; default "false"; description "Enable/disable the default send key-id of keychain instance. A keychain instance can have only one key-id as the default send key-id."; } leaf year-send-dates { type keychain-month-type; description "Months of one year that the send key-id to be active."; } leaf year-recv-dates { type keychain-month-type; description "Months of one year that the receive key-id to be active."; } leaf send-status { type keychain-key-id-status; config false; description "Send status of key-id."; } leaf recv-status { type keychain-key-id-status; config false; description "Receive status of key-id."; } } // list year-key-id } // container year-key-ids container month-key-ids { when "../kc-mode='monthly'"; must "count(month-key-id[default-send-key-id='true'])<=1"; must "count(month-key-id[contains(month-send-dates,'day-1')])<=1 and count(month-key-id[contains(month-send-dates,'day-2')])<=1"; must "count(month-key-id[contains(month-send-dates,'day-3')])<=1 and count(month-key-id[contains(month-send-dates,'day-4')])<=1"; must "count(month-key-id[contains(month-send-dates,'day-5')])<=1 and count(month-key-id[contains(month-send-dates,'day-6')])<=1"; must "count(month-key-id[contains(month-send-dates,'day-7')])<=1 and count(month-key-id[contains(month-send-dates,'day-8')])<=1"; must "count(month-key-id[contains(month-send-dates,'day-9')])<=1 and count(month-key-id[contains(month-send-dates,'day-10')])<=1"; must "count(month-key-id[contains(month-send-dates,'day-11')])<=1 and count(month-key-id[contains(month-send-dates,'day-12')])<=1"; must "count(month-key-id[contains(month-send-dates,'day-13')])<=1 and count(month-key-id[contains(month-send-dates,'day-14')])<=1"; must "count(month-key-id[contains(month-send-dates,'day-15')])<=1 and count(month-key-id[contains(month-send-dates,'day-16')])<=1"; must "count(month-key-id[contains(month-send-dates,'day-17')])<=1 and count(month-key-id[contains(month-send-dates,'day-18')])<=1"; must "count(month-key-id[contains(month-send-dates,'day-19')])<=1 and count(month-key-id[contains(month-send-dates,'day-20')])<=1"; must "count(month-key-id[contains(month-send-dates,'day-21')])<=1 and count(month-key-id[contains(month-send-dates,'day-22')])<=1"; must "count(month-key-id[contains(month-send-dates,'day-23')])<=1 and count(month-key-id[contains(month-send-dates,'day-24')])<=1"; must "count(month-key-id[contains(month-send-dates,'day-25')])<=1 and count(month-key-id[contains(month-send-dates,'day-26')])<=1"; must "count(month-key-id[contains(month-send-dates,'day-27')])<=1 and count(month-key-id[contains(month-send-dates,'day-28')])<=1"; must "count(month-key-id[contains(month-send-dates,'day-29')])<=1 and count(month-key-id[contains(month-send-dates,'day-30')])<=1"; must "count(month-key-id[contains(month-send-dates,'day-31')])<=1"; description "List of monthly periodicity key-id."; list month-key-id { key "key-id"; max-elements 64; description "Configure the monthly periodicity key-id instance. The corresponding keychain must have been created."; leaf key-id { type uint32 { range "0..63"; } description "ID of key-id."; } leaf algorithm { ext:support-filter "true"; type keychain-algorithm-type; description "The algorithm that should be associated to the key-id."; } leaf cipher-string { type pub-type:password-extend; description "Authentication password of key-id."; } leaf default-send-key-id { ext:support-filter "true"; type boolean; default "false"; description "Enable/disable the default send key-id of keychain instance. A keychain instance can have only one key-id as the default send key-id."; } leaf month-send-dates { type keychain-date-type; description "Days of one month that the send key-id to be active."; } leaf month-recv-dates { type keychain-date-type; description "Days of one month that the receive key-id to be active."; } leaf send-status { type keychain-key-id-status; config false; description "Send status of key-id."; } leaf recv-status { type keychain-key-id-status; config false; description "Receive status of key-id."; } } // list month-key-id } // container month-key-ids container week-key-ids { when "../kc-mode='weekly'"; must "count(week-key-id[default-send-key-id='true'])<=1"; must "count(week-key-id[contains(week-send-dates,'mon')])<=1 and count(week-key-id[contains(week-send-dates,'tue')])<=1"; must "count(week-key-id[contains(week-send-dates,'wed')])<=1 and count(week-key-id[contains(week-send-dates,'thu')])<=1"; must "count(week-key-id[contains(week-send-dates,'fri')])<=1 and count(week-key-id[contains(week-send-dates,'sat')])<=1"; must "count(week-key-id[contains(week-send-dates,'sun')])<=1"; description "List of weekly periodicity key-id."; list week-key-id { key "key-id"; max-elements 64; description "Configure the weekly periodicity key-id instance. The corresponding keychain must have been created."; leaf key-id { type uint32 { range "0..63"; } description "ID of key-id."; } leaf algorithm { ext:support-filter "true"; type keychain-algorithm-type; description "The algorithm that should be associated to the key-id."; } leaf cipher-string { type pub-type:password-extend; description "Authentication password of key-id."; } leaf default-send-key-id { ext:support-filter "true"; type boolean; default "false"; description "Enable/disable default send key-id of keychain instance. A keychain instance can have only one key-id as the default send key-id."; } leaf week-send-dates { type keychain-week-type; description "Days for one week that the send key-id to be active."; } leaf week-recv-dates { type keychain-week-type; description "Days for one week that the receive key-id to be active."; } leaf send-status { type keychain-key-id-status; config false; description "Send status of key-id."; } leaf recv-status { type keychain-key-id-status; config false; description "Receive status of key-id."; } } // list week-key-id } // container week-key-ids container day-key-ids { when "../kc-mode='daily'"; must "count(day-key-id[default-send-key-id='true'])<=1"; description "List of daily periodicity key-id."; list day-key-id { key "key-id"; max-elements 64; description "Configure the daily periodicity key-id Instance. The corresponding keychain must have been created."; leaf key-id { type uint32 { range "0..63"; } description "ID of key-id."; } leaf algorithm { ext:support-filter "true"; type keychain-algorithm-type; description "The algorithm that should be associated to the key-id."; } leaf cipher-string { type pub-type:password-extend; description "Authentication password of key-id."; } leaf default-send-key-id { ext:support-filter "true"; type boolean; default "false"; description "Enable/disable the default send key-id of keychain instance. A keychain instance can have only one key-id as the default send key-id."; } leaf daily-send-start-time { ext:support-filter "true"; type pub-type:time-hhmm; must "../daily-send-end-time"; description "Time of one day that the key-id start to be send activity, the daily-send-start-time must be earlier than daily-send-end-time."; } leaf daily-send-end-time { ext:support-filter "true"; type pub-type:time-hhmm; must "../daily-send-start-time"; description "Time of one day that the key-id stop to be send activity, the daily-send-start-time must be earlier than daily-send-end-time."; } leaf daily-recv-start-time { ext:support-filter "true"; type pub-type:time-hhmm; must "../daily-recv-end-time"; description "Time of one day that the key-id start to be receive activity, the daily-recv-start-time must be earlier than daily-recv-end-time."; } leaf daily-recv-end-time { ext:support-filter "true"; type pub-type:time-hhmm; must "../daily-recv-start-time"; description "Time of one day that the key-id stop to be receive activity, the daily-recv-start-time must be earlier than daily-recv-end-time."; } leaf send-status { type keychain-key-id-status; config false; description "Send status of key-id."; } leaf recv-status { type keychain-key-id-status; config false; description "Receive status of key-id."; } } // list day-key-id } // container day-key-ids } // list keychain } // container keychains } // container keychain } // module huawei-keychain
© 2023 YumaWorks, Inc. All rights reserved.