Gitiles
Code Review Sign In
gerrit.cesnet.cz / github / CESNET / libnetconf2 / e29764c771705ef7bf8facc410fee60365ff5b09 / . / modules / iana-ssh-public-key-algs@2022-06-16.yang
blob: ae25bbc0269a805a54d1f99656ea33ec704ad793 [file] [log] [blame]
romanc1d2b092023-02-02 08:58:27 +0100[diff] [blame]1module iana-ssh-public-key-algs {
2 yang-version 1.1;
3 namespace "urn:ietf:params:xml:ns:yang:iana-ssh-public-key-algs";
4 prefix sshpka;
5
6 organization
7 "Internet Assigned Numbers Authority (IANA)";
romanc1d2b092023-02-02 08:58:27 +0100[diff] [blame]8 contact
9 "Postal: ICANN
10 12025 Waterfront Drive, Suite 300
11 Los Angeles, CA 90094-2536
12 United States of America
13 Tel: +1 310 301 5800
14 Email: iana@iana.org";
15
16 description
17 "This module defines identities for the public key algorithms
18 defined in the 'Public Key Algorithm Names' sub-registry of the
19 'Secure Shell (SSH) Protocol Parameters' registry maintained
20 by IANA.
21
22 Copyright (c) 2022 IETF Trust and the persons identified as
23 authors of the code. All rights reserved.
24
25 Redistribution and use in source and binary forms, with
26 or without modification, is permitted pursuant to, and
27 subject to the license terms contained in, the Revised
28 BSD License set forth in Section 4.c of the IETF Trust's
29 Legal Provisions Relating to IETF Documents
30 (https://trustee.ietf.org/license-info).
31
32 The initial version of this YANG module is part of RFC EEEE
33 (https://www.rfc-editor.org/info/rfcEEEE); see the RFC
34 itself for full legal notices.";
35
36 revision 2022-06-16 {
37 description
roman7fdc84d2023-06-06 13:14:53 +0200[diff] [blame]38 "Reflects contents of the public key algorithms registry
39 on June 16, 2022.";
romanc1d2b092023-02-02 08:58:27 +0100[diff] [blame]40 reference
41 "RFC EEEE: YANG Groupings for SSH Clients and SSH Servers";
42 }
43
44 // Typedefs
45
46 typedef public-key-algorithm-ref {
47 type identityref {
48 base "public-key-alg-base";
49 }
50 description
51 "A reference to a SSH public key algorithm identifier.";
52 }
53
54 // Identities
romanc1d2b092023-02-02 08:58:27 +0100[diff] [blame]55 identity public-key-alg-base {
56 description
57 "Base identity used to identify public key algorithms.";
58 }
59
60 identity ssh-dss {
61 base public-key-alg-base;
62 description
63 "SSH-DSS";
64 reference
65 "RFC 4253:
66 The Secure Shell (SSH) Transport Layer Protocol";
67 }
68
69 identity ssh-rsa {
70 base public-key-alg-base;
71 description
72 "SSH-RSA";
73 reference
74 "RFC 4253:
75 The Secure Shell (SSH) Transport Layer Protocol";
76 }
77
78 identity rsa-sha2-256 {
79 base public-key-alg-base;
80 description
81 "RSA-SHA2-256";
82 reference
83 "RFC 8332:
84 Use of RSA Keys with SHA-256 and SHA-512
85 in the Secure Shell (SSH) Protocol";
86 }
87
88 identity rsa-sha2-512 {
89 base public-key-alg-base;
90 description
91 "RSA-SHA2-512";
92 reference
93 "RFC 8332:
94 Use of RSA Keys with SHA-256 and SHA-512
95 in the Secure Shell (SSH) Protocol";
96 }
97
98 identity spki-sign-rsa {
99 base public-key-alg-base;
100 description
101 "SPKI-SIGN-RSA";
102 reference
103 "RFC 4253:
104 The Secure Shell (SSH) Transport Layer Protocol";
105 }
106
107 identity spki-sign-dss {
108 base public-key-alg-base;
109 description
110 "SPKI-SIGN-DSS";
111 reference
112 "RFC 4253:
113 The Secure Shell (SSH) Transport Layer Protocol";
114 }
115
116 identity pgp-sign-rsa {
117 base public-key-alg-base;
118 description
119 "PGP-SIGN-RSA";
120 reference
121 "RFC 4253:
122 The Secure Shell (SSH) Transport Layer Protocol";
123 }
124
125 identity pgp-sign-dss {
126 base public-key-alg-base;
127 description
128 "PGP-SIGN-DSS";
129 reference
130 "RFC 4253:
131 The Secure Shell (SSH) Transport Layer Protocol";
132 }
133
134 identity null {
135 base public-key-alg-base;
136 description
137 "NULL";
138 reference
139 "RFC 4462:
140 Generic Security Service Application Program Interface
141 (GSS-API) Authentication and Key Exchange for the
142 Secure Shell (SSH) Protocol";
143 }
144
145 identity ecdsa-sha2-nistp256 {
146 base public-key-alg-base;
roman7fdc84d2023-06-06 13:14:53 +0200[diff] [blame]147 status deprecated;
romanc1d2b092023-02-02 08:58:27 +0100[diff] [blame]148 description
149 "ECDSA-SHA2-NISTP256 (secp256r1)";
150 reference
151 "RFC 5656:
152 Elliptic Curve Algorithm Integration in the
153 Secure Shell Transport Layer";
154 }
155
156 identity ecdsa-sha2-nistp384 {
157 base public-key-alg-base;
158 description
159 "ECDSA-SHA2-NISTP384 (secp384r1)";
160 reference
161 "RFC 5656:
162 Elliptic Curve Algorithm Integration in the
163 Secure Shell Transport Layer";
164 }
165
166 identity ecdsa-sha2-nistp521 {
167 base public-key-alg-base;
168 description
169 "ECDSA-SHA2-NISTP521 (secp521r1)";
170 reference
171 "RFC 5656:
172 Elliptic Curve Algorithm Integration in the
173 Secure Shell Transport Layer";
174 }
175
176 identity ecdsa-sha2-1.3.132.0.1 {
177 base public-key-alg-base;
178 description
179 "ECDSA-SHA2-1.3.132.0.1 (nistk163, sect163k1)";
180 reference
181 "RFC 5656:
182 Elliptic Curve Algorithm Integration in the
183 Secure Shell Transport Layer";
184 }
185
186 identity ecdsa-sha2-1.2.840.10045.3.1.1 {
187 base public-key-alg-base;
188 description
189 "ECDSA-SHA2-1.2.840.10045.3.1.1 (nistp192, secp192r1)";
190 reference
191 "RFC 5656:
192 Elliptic Curve Algorithm Integration in the
193 Secure Shell Transport Layer";
194 }
195
196 identity ecdsa-sha2-1.3.132.0.33 {
197 base public-key-alg-base;
198 description
199 "ECDSA-SHA2-1.3.132.0.33 (nistp224, secp224r1)";
200 reference
201 "RFC 5656:
202 Elliptic Curve Algorithm Integration in the
203 Secure Shell Transport Layer";
204 }
205
206 identity ecdsa-sha2-1.3.132.0.26 {
207 base public-key-alg-base;
208 description
209 "ECDSA-SHA2-1.3.132.0.26 (nistk233, sect233k1)";
210 reference
211 "RFC 5656:
212 Elliptic Curve Algorithm Integration in the
213 Secure Shell Transport Layer";
214 }
215
216 identity ecdsa-sha2-1.3.132.0.27 {
217 base public-key-alg-base;
218 description
219 "ECDSA-SHA2-1.3.132.0.27 (nistb233, sect233r1)";
220 reference
221 "RFC 5656:
222 Elliptic Curve Algorithm Integration in the
223 Secure Shell Transport Layer";
224 }
225
226 identity ecdsa-sha2-1.3.132.0.16 {
227 base public-key-alg-base;
228 description
229 "ECDSA-SHA2-1.3.132.0.16 (nistk283, sect283k1)";
230 reference
231 "RFC 5656:
232 Elliptic Curve Algorithm Integration in the
233 Secure Shell Transport Layer";
234 }
235
236 identity ecdsa-sha2-1.3.132.0.36 {
237 base public-key-alg-base;
238 description
239 "ECDSA-SHA2-1.3.132.0.36 (nistk409, sect409k1)";
240 reference
241 "RFC 5656:
242 Elliptic Curve Algorithm Integration in the
243 Secure Shell Transport Layer";
244 }
245
246 identity ecdsa-sha2-1.3.132.0.37 {
247 base public-key-alg-base;
248 description
249 "ECDSA-SHA2-1.3.132.0.37 (nistb409, sect409r1)";
250 reference
251 "RFC 5656:
252 Elliptic Curve Algorithm Integration in the
253 Secure Shell Transport Layer";
254 }
255
256 identity ecdsa-sha2-1.3.132.0.38 {
257 base public-key-alg-base;
258 description
259 "ECDSA-SHA2-1.3.132.0.38 (nistt571, sect571k1)";
260 reference
261 "RFC 5656:
262 Elliptic Curve Algorithm Integration in the
263 Secure Shell Transport Layer";
264 }
265
266 identity x509v3-ssh-dss {
267 base public-key-alg-base;
268 description
269 "X509V3-SSH-DSS";
270 reference
271 "RFC 6187:
272 X.509v3 Certificates for Secure Shell Authentication";
273 }
274
275 identity x509v3-ssh-rsa {
276 base public-key-alg-base;
277 description
278 "X509V3-SSH-RSA";
279 reference
280 "RFC 6187:
281 X.509v3 Certificates for Secure Shell Authentication";
282 }
283
284 identity x509v3-rsa2048-sha256 {
285 base public-key-alg-base;
roman7fdc84d2023-06-06 13:14:53 +0200[diff] [blame]286 status deprecated;
romanc1d2b092023-02-02 08:58:27 +0100[diff] [blame]287 description
288 "X509V3-RSA2048-SHA256";
289 reference
290 "RFC 6187:
291 X.509v3 Certificates for Secure Shell Authentication";
292 }
293
294 identity x509v3-ecdsa-sha2-nistp256 {
295 base public-key-alg-base;
296 description
297 "X509V3-ECDSA-SHA2-NISTP256 (secp256r1)";
298 reference
299 "RFC 6187:
300 X.509v3 Certificates for Secure Shell Authentication";
301 }
302
303 identity x509v3-ecdsa-sha2-nistp384 {
304 base public-key-alg-base;
305 description
306 "X509V3-ECDSA-SHA2-NISTP384 (secp384r1)";
307 reference
308 "RFC 6187:
309 X.509v3 Certificates for Secure Shell Authentication";
310 }
311
312 identity x509v3-ecdsa-sha2-nistp521 {
313 base public-key-alg-base;
314 description
315 "X509V3-ECDSA-SHA2-NISTP521 (secp521r1)";
316 reference
317 "RFC 6187:
318 X.509v3 Certificates for Secure Shell Authentication";
319 }
320
321 identity x509v3-ecdsa-sha2-1.3.132.0.1 {
322 base public-key-alg-base;
323 description
324 "X509V3-ECDSA-SHA2-1.3.132.0.1 (nistk163, sect163k1)";
325 reference
326 "RFC 6187:
327 X.509v3 Certificates for Secure Shell Authentication";
328 }
329
330 identity x509v3-ecdsa-sha2-1.2.840.10045.3.1.1 {
331 base public-key-alg-base;
332 description
333 "X509V3-ECDSA-SHA2-1.2.840.10045.3.1.1 (nistp192, secp192r1)";
334 reference
335 "RFC 6187:
336 X.509v3 Certificates for Secure Shell Authentication";
337 }
338
339 identity x509v3-ecdsa-sha2-1.3.132.0.33 {
340 base public-key-alg-base;
341 description
342 "X509V3-ECDSA-SHA2-1.3.132.0.33 (nistp224, secp224r1)";
343 reference
344 "RFC 6187:
345 X.509v3 Certificates for Secure Shell Authentication";
346 }
347
348 identity x509v3-ecdsa-sha2-1.3.132.0.26 {
349 base public-key-alg-base;
350 description
351 "X509V3-ECDSA-SHA2-1.3.132.0.26 (nistk233, sect233k1)";
352 reference
353 "RFC 6187:
354 X.509v3 Certificates for Secure Shell Authentication";
355 }
356
357 identity x509v3-ecdsa-sha2-1.3.132.0.27 {
358 base public-key-alg-base;
359 description
360 "X509V3-ECDSA-SHA2-1.3.132.0.27 (nistb233, sect233r1)";
361 reference
362 "RFC 6187:
363 X.509v3 Certificates for Secure Shell Authentication";
364 }
365
366 identity x509v3-ecdsa-sha2-1.3.132.0.16 {
367 base public-key-alg-base;
368 description
369 "X509V3-ECDSA-SHA2-1.3.132.0.16 (nistk283, sect283k1)";
370 reference
371 "RFC 6187:
372 X.509v3 Certificates for Secure Shell Authentication";
373 }
374
375 identity x509v3-ecdsa-sha2-1.3.132.0.36 {
376 base public-key-alg-base;
377 description
378 "X509V3-ECDSA-SHA2-1.3.132.0.36 (nistk409, sect409k1)";
379 reference
380 "RFC 6187:
381 X.509v3 Certificates for Secure Shell Authentication";
382 }
383
384 identity x509v3-ecdsa-sha2-1.3.132.0.37 {
385 base public-key-alg-base;
386 description
387 "X509V3-ECDSA-SHA2-1.3.132.0.37 (nistb409, sect409r1)";
388 reference
389 "RFC 6187:
390 X.509v3 Certificates for Secure Shell Authentication";
391 }
392
393 identity x509v3-ecdsa-sha2-1.3.132.0.38 {
394 base public-key-alg-base;
395 description
396 "X509V3-ECDSA-SHA2-1.3.132.0.38 (nistt571, sect571k1)";
397 reference
398 "RFC 6187:
399 X.509v3 Certificates for Secure Shell Authentication";
400 }
401
402 identity ssh-ed25519 {
403 base public-key-alg-base;
404 description
405 "SSH-ED25519";
406 reference
407 "RFC 8709:
408 Ed25519 and Ed448 Public Key Algorithms for the
409 Secure Shell (SSH) Protocol";
410 }
411
412 identity ssh-ed448 {
413 base public-key-alg-base;
414 description
415 "SSH-ED448";
416 reference
417 "RFC 8709:
418 Ed25519 and Ed448 Public Key Algorithms for the
419 Secure Shell (SSH) Protocol";
420 }
421
422 // Protocol-accessible Nodes
423
424 container supported-algorithms {
425 config false;
426 description
427 "A container for a list of public key algorithms
428 supported by the server.";
429 leaf-list supported-algorithm {
430 type public-key-algorithm-ref;
431 description
432 "A public key algorithm supported by the server.";
433 }
434 }
435
436}