Gitiles
Code Review Sign In
gerrit.onosproject.org / onos / 0ad0c55c06be93bc7a0b6bdb20e247f5b8b3bec9 / . / models / common / src / main / yang / ietf-snmp-usm@2014-12-10.yang
blob: 17024a3839845bdf6bfb628a0345f1ca0151445b [file] [log] [blame]
Gaurav Agrawal28920d82017-10-06 17:39:42 +0530[diff] [blame]1submodule ietf-snmp-usm {
2
3 belongs-to ietf-snmp {
4 prefix snmp;
5 }
6
7 import ietf-yang-types {
8 prefix yang;
9 }
10 import ietf-netconf-acm {
11 prefix nacm;
12 }
13
14 include ietf-snmp-common;
15 include ietf-snmp-target;
16 include ietf-snmp-proxy;
17
18 organization
19 "IETF NETMOD (NETCONF Data Modeling Language) Working Group";
20
21 contact
22 "WG Web: <http://tools.ietf.org/wg/netmod/>
23 WG List: <mailto:netmod@ietf.org>
24
25 WG Chair: Thomas Nadeau
26 <mailto:tnadeau@lucidvision.com>
27
28 WG Chair: Juergen Schoenwaelder
29 <mailto:j.schoenwaelder@jacobs-university.de>
30
31 Editor: Martin Bjorklund
32 <mailto:mbj@tail-f.com>
33
34 Editor: Juergen Schoenwaelder
35 <mailto:j.schoenwaelder@jacobs-university.de>";
36
37 description
38 "This submodule contains a collection of YANG definitions for
39 configuring the User-based Security Model (USM) of SNMP.
40
41 Copyright (c) 2014 IETF Trust and the persons identified as
42 authors of the code. All rights reserved.
43
44 Redistribution and use in source and binary forms, with or
45 without modification, is permitted pursuant to, and subject
46 to the license terms contained in, the Simplified BSD License
47 set forth in Section 4.c of the IETF Trust's Legal Provisions
48 Relating to IETF Documents
49 (http://trustee.ietf.org/license-info).
50
51 This version of this YANG module is part of RFC 7407; see
52 the RFC itself for full legal notices.";
53
54 reference
55 "RFC 3414: User-based Security Model (USM) for version 3 of the
56 Simple Network Management Protocol (SNMPv3)";
57
58 revision 2014-12-10 {
59 description
60 "Initial revision.";
61 reference
62 "RFC 7407: A YANG Data Model for SNMP Configuration";
63 }
64
65 grouping key {
66 leaf key {
67 type yang:hex-string;
68 mandatory true;
69 nacm:default-deny-all;
70 description
71 "Localized key specified as a list of colon-specified
72 hexadecimal octets.";
73 }
74 }
75
76 grouping user-list {
77 list user {
78 key "name";
79
80 reference
81 "RFC 3414: User-based Security Model (USM) for version 3
82 of the Simple Network Management Protocol (SNMPv3).
83 SNMP-USER-BASED-SM-MIB.usmUserTable";
84
85 leaf name {
86 type snmp:identifier;
87 reference
88 "RFC 3414: User-based Security Model (USM) for version 3
89 of the Simple Network Management Protocol (SNMPv3).
90 SNMP-USER-BASED-SM-MIB.usmUserName";
91 }
92 container auth {
93 presence "enables authentication";
94 description
95 "Enables authentication of the user.";
96 choice protocol {
97 mandatory true;
98 reference
99 "RFC 3414: User-based Security Model (USM) for version 3
100 of the Simple Network Management Protocol (SNMPv3).
101 SNMP-USER-BASED-SM-MIB.usmUserAuthProtocol";
102 container md5 {
103 uses key;
104 reference
105 "RFC 3414: User-based Security Model (USM) for
106 version 3 of the Simple Network Management Protocol
107 (SNMPv3).
108 SNMP-USER-BASED-SM-MIB.usmHMACMD5AuthProtocol";
109 }
110 container sha {
111 uses key;
112 reference
113 "RFC 3414: User-based Security Model (USM) for
114 version 3 of the Simple Network Management Protocol
115 (SNMPv3).
116 SNMP-USER-BASED-SM-MIB.usmHMACSHAAuthProtocol";
117 }
118 }
119 }
120 container priv {
121 must "../auth" {
122 error-message
123 "when privacy (confidentiality) is used, "
124 + "authentication must also be used";
125 }
126 presence "enables encryption";
127 description
128 "Enables encryption of SNMP messages.";
129
130 choice protocol {
131 mandatory true;
132 reference
133 "RFC 3414: User-based Security Model (USM) for version 3
134 of the Simple Network Management Protocol (SNMPv3).
135 SNMP-USER-BASED-SM-MIB.usmUserPrivProtocol";
136 container des {
137 uses key;
138 reference
139 "RFC 3414: User-based Security Model (USM) for
140 version 3 of the Simple Network Management Protocol
141 (SNMPv3).
142 SNMP-USER-BASED-SM-MIB.usmDESPrivProtocol";
143 }
144 container aes {
145 uses key;
146
147 reference
148 "RFC 3826: The Advanced Encryption Standard (AES)
149 Cipher Algorithm in the SNMP User-based Security
150 Model.
151 SNMP-USM-AES-MIB.usmAesCfb128Protocol";
152 }
153 }
154 }
155 }
156 }
157
158 augment /snmp:snmp {
159
160 container usm {
161 description
162 "Configuration of the User-based Security Model.";
163 container local {
164 uses user-list;
165 }
166
167 list remote {
168 key "engine-id";
169
170 leaf engine-id {
171 type snmp:engine-id;
172 reference
173 "RFC 3414: User-based Security Model (USM) for version 3
174 of the Simple Network Management Protocol (SNMPv3).
175 SNMP-USER-BASED-SM-MIB.usmUserEngineID";
176 }
177
178 uses user-list;
179 }
180 }
181 }
182
183 grouping usm-target-params {
184 container usm {
185 description
186 "User-based SNMPv3 parameters type.
187
188 Represents snmpTargetParamsMPModel '3' and
189 snmpTargetParamsSecurityModel '3'.";
190 leaf user-name {
191 type snmp:security-name;
192 mandatory true;
193
194 reference
195 "RFC 3413: Simple Network Management Protocol (SNMP).
196 Applications.
197 SNMP-TARGET-MIB.snmpTargetParamsSecurityName";
198 }
199 leaf security-level {
200 type snmp:security-level;
201 mandatory true;
202 reference
203 "RFC 3413: Simple Network Management Protocol (SNMP).
204 Applications.
205 SNMP-TARGET-MIB.snmpTargetParamsSecurityLevel";
206 }
207 }
208 }
209
210 augment /snmp:snmp/snmp:target-params/snmp:params {
211 case usm {
212 uses usm-target-params;
213 }
214 }
215
216}