modules/iana-ssh-mac-algs@2022-06-16.yang

module iana-ssh-mac-algs {
  yang-version 1.1;
  namespace "urn:ietf:params:xml:ns:yang:iana-ssh-mac-algs";
  prefix sshma;

  organization
    "Internet Assigned Numbers Authority (IANA)";

  contact
    "Postal: ICANN
             12025 Waterfront Drive, Suite 300
             Los Angeles, CA  90094-2536
             United States of America
     Tel:    +1 310 301 5800
     Email:  iana@iana.org";

  description
    "This module defines identities for the MAC algorithms
     defined in the 'MAC Algorithm Names' sub-registry of the
     'Secure Shell (SSH) Protocol Parameters' registry maintained
     by IANA.

     Copyright (c) 2022 IETF Trust and the persons identified as
     authors of the code. All rights reserved.

     Redistribution and use in source and binary forms, with
     or without modification, is permitted pursuant to, and
     subject to the license terms contained in, the Revised
     BSD License set forth in Section 4.c of the IETF Trust's
     Legal Provisions Relating to IETF Documents
     (https://trustee.ietf.org/license-info).

     The initial version of this YANG module is part of RFC EEEE
     (https://www.rfc-editor.org/info/rfcEEEE); see the RFC
     itself for full legal notices.";

  revision 2022-06-16 {
    description
      "Reflects contents of the MAC algorithms registry on
       June 16, 2022.";
    reference
      "RFC EEEE: YANG Groupings for SSH Clients and SSH Servers";
  }

  // Typedefs

  typedef mac-algorithm-ref {
    type identityref {
      base "mac-alg-base";
    }
    description
      "A reference to a SSH mac algorithm identifier.";
  }

  // Identities

  identity mac-alg-base {
    description
      "Base identity used to identify message authentication
       code (MAC) algorithms.";
  }

  identity hmac-sha1 {
    base mac-alg-base;
    description
      "HMAC-SHA1";
    reference
      "RFC 4253:
         The Secure Shell (SSH) Transport Layer Protocol";
  }

  identity hmac-sha1-96 {
    base mac-alg-base;
    description
      "HMAC-SHA1-96";
    reference
      "RFC 4253:
         The Secure Shell (SSH) Transport Layer Protocol";
  }

  identity hmac-md5 {
    base mac-alg-base;
    description
      "HMAC-MD5";
    reference
      "RFC 4253:
         The Secure Shell (SSH) Transport Layer Protocol";
  }

  identity hmac-md5-96 {
    base mac-alg-base;
    description
      "HMAC-MD5-96";
    reference
      "RFC 4253:
         The Secure Shell (SSH) Transport Layer Protocol";
  }

  identity none {
    base mac-alg-base;
    description
      "NONE";
    reference
      "RFC 4253:
         The Secure Shell (SSH) Transport Layer Protocol";
  }

  identity aead-aes-128-gcm {
    base mac-alg-base;
    description
      "AEAD_AES_128_GCM";
    reference
      "RFC 5647:
         AES Galois Counter Mode for the
         Secure Shell Transport Layer Protocol";
  }

  identity aead-aes-256-gcm {
    base mac-alg-base;
    description
      "AEAD_AES_256_GCM";
    reference
      "RFC 5647:
         AES Galois Counter Mode for the
         Secure Shell Transport Layer Protocol";
  }

  identity hmac-sha2-256 {
    base mac-alg-base;
    description
      "HMAC-SHA2-256";
    reference
      "RFC 6668:
         SHA-2 Data Integrity Verification for the
         Secure Shell (SSH) Transport Layer Protocol";
  }

  identity hmac-sha2-512 {
    base mac-alg-base;
    description
      "HMAC-SHA2-512";
    reference
      "RFC 6668:
         SHA-2 Data Integrity Verification for the
         Secure Shell (SSH) Transport Layer Protocol";
  }

  // Protocol-accessible Nodes

  container supported-algorithms {
    config false;
    description
      "A container for a list of MAC algorithms
       supported by the server.";
    leaf-list supported-algorithm {
      type mac-algorithm-ref;
      description
        "A MAC algorithm supported by the server.";
    }
  }

}