diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml
index a6f9163e..a3064031 100644
--- a/.github/workflows/maven.yml
+++ b/.github/workflows/maven.yml
@@ -21,10 +21,10 @@ jobs:
steps:
- uses: actions/checkout@v3
- - name: Set up JDK 8
+ - name: Set up JDK 11
uses: actions/setup-java@v3
with:
- java-version: '8'
+ java-version: '11'
distribution: 'temurin'
cache: maven
- name: Build with Maven
diff --git a/pom.xml b/pom.xml
index 3af54464..31a0be9c 100644
--- a/pom.xml
+++ b/pom.xml
@@ -62,7 +62,7 @@
2.12.2
5.9.3
2.4.0
- 4.9.3
+ 4.11.1
2.10.1
33.5.0-jre
3.25.1
diff --git a/yangkit-data-json-codec/src/test/java/org/yangcentral/yangkit/data/codec/json/test/source/JsonCodecDataTestGetSource.java b/yangkit-data-json-codec/src/test/java/org/yangcentral/yangkit/data/codec/json/test/source/JsonCodecDataTestGetSource.java
index f776a6cb..8cd51d54 100644
--- a/yangkit-data-json-codec/src/test/java/org/yangcentral/yangkit/data/codec/json/test/source/JsonCodecDataTestGetSource.java
+++ b/yangkit-data-json-codec/src/test/java/org/yangcentral/yangkit/data/codec/json/test/source/JsonCodecDataTestGetSource.java
@@ -11,7 +11,7 @@
import org.yangcentral.yangkit.model.api.schema.YangSchemaContext;
import org.yangcentral.yangkit.parser.YangParserException;
import org.yangcentral.yangkit.parser.YangYinParser;
-
+import java.util.Arrays;
import java.io.BufferedReader;
import java.io.FileReader;
import java.io.IOException;
@@ -150,9 +150,12 @@ public void getMultipleYangModules() throws DocumentException, IOException, Yang
YangDataDocument yangDataDocument = new YangDataDocumentJsonParser(schemaContext).parse(jsonNode,validatorResultBuilder);
String[] result = yangDataDocument.getModulesStrings();
- assertEquals(result.length, 2);
- assertArrayEquals(result, new String[]{readFile(yangComplexFile), readFile(yangSimpleFile)});
+ String[] expected = new String[]{readFile(yangSimpleFile), readFile(yangComplexFile)};
+ Arrays.sort(result);
+ Arrays.sort(expected);
+ assertEquals(result.length, 2);
+ assertArrayEquals(result, expected);
}
public String readFile(String path){
diff --git a/yangkit-examples/src/main/java/org/yangcentral/yangkit/examples/App3.java b/yangkit-examples/src/main/java/org/yangcentral/yangkit/examples/App3.java
index 755eabe7..c7b5ae6b 100644
--- a/yangkit-examples/src/main/java/org/yangcentral/yangkit/examples/App3.java
+++ b/yangkit-examples/src/main/java/org/yangcentral/yangkit/examples/App3.java
@@ -34,7 +34,7 @@
*/
public class App3 {
public static void main(String[] args) throws IOException, YangParserException, DocumentException {
- InputStream inputStream = App3.class.getClassLoader().getResourceAsStream("insa-test.yang");
+ InputStream inputStream = App3.class.getClassLoader().getResourceAsStream("App3/yang/insa-test.yang");
// Parsing module
YangSchemaContext schemaContext = YangYinParser.parse(inputStream, "insa-custom", null);
@@ -49,7 +49,7 @@ public static void main(String[] args) throws IOException, YangParserException,
// Parsing from file with a yang module dependence
System.out.println("-------------------");
- URL dependentYang = App3.class.getClassLoader().getResource("insa-test-dependence.yang");
+ URL dependentYang = App3.class.getClassLoader().getResource("App3/yang/insa-test-dependence.yang");
schemaContext = YangYinParser.parse(dependentYang.getFile(), schemaContext);
ValidatorResult result2 = schemaContext.validate();
System.out.println("Second yang is valid ? " + result2.isOk());
diff --git a/yangkit-examples/src/main/java/org/yangcentral/yangkit/examples/App5.java b/yangkit-examples/src/main/java/org/yangcentral/yangkit/examples/App5.java
new file mode 100644
index 00000000..9aa9d3e3
--- /dev/null
+++ b/yangkit-examples/src/main/java/org/yangcentral/yangkit/examples/App5.java
@@ -0,0 +1,89 @@
+/*
+ * Copyright 2023 INSA Lyon.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.yangcentral.yangkit.examples;
+
+import com.fasterxml.jackson.databind.JsonNode;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import org.dom4j.DocumentException;
+import org.yangcentral.yangkit.common.api.validate.ValidatorRecord;
+import org.yangcentral.yangkit.common.api.validate.ValidatorResult;
+import org.yangcentral.yangkit.common.api.validate.ValidatorResultBuilder;
+import org.yangcentral.yangkit.data.api.model.YangDataDocument;
+import org.yangcentral.yangkit.data.codec.json.YangDataDocumentJsonParser;
+import org.yangcentral.yangkit.model.api.schema.YangSchemaContext;
+import org.yangcentral.yangkit.model.api.stmt.Module;
+import org.yangcentral.yangkit.parser.YangParserException;
+import org.yangcentral.yangkit.parser.YangYinParser;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.URL;
+
+/**
+ * Usecase on how to use yang to validate YANG-push notification
+ *
+ */
+public class App5 {
+ public static void main(String[] args) throws IOException, YangParserException, DocumentException {
+
+ URL yangUrl = App5.class.getClassLoader().getResource("App5/interfaces");
+ String yangDir = yangUrl.getFile();
+
+ // Parsing module
+ YangSchemaContext schemaContext = YangYinParser.parse(yangDir);
+ ValidatorResult result = schemaContext.validate();
+ System.out.println("Valid? " + result.isOk());
+ System.out.println("Size modules = " + schemaContext.getModules().size());
+
+ int count = 0;
+ for (Module module : schemaContext.getModules()) {
+ System.out.println(count + "->Module["+ module.getModuleId().getModuleName()+"] prefix[" + module.getSelfPrefix()+"] | revision[" + module.getCurRevision().get() + "] ; root? [" + module.isSchemaTreeRoot() + "]");
+ count++;
+ }
+
+ if (!result.isOk()) {
+ for (ValidatorRecord, ?> record : result.getRecords()) {
+ System.out.println("Error: "+ record.getBadElement() + ':' + record.getErrorMsg().getMessage());
+ }
+ } else {
+ System.out.println("YANGs valid");
+ for (ValidatorRecord, ?> record : result.getRecords()) {
+ System.out.println("valid: "+ record.getBadElement() + ':' + record.getErrorMsg().getMessage() + "; Severity:" + record.getSeverity().getFieldName());
+ }
+ }
+ System.out.println("------------ Validating valid message ------------");
+ InputStream jsonInputStream = App5.class.getClassLoader().getResourceAsStream("App5/json/interface.json");
+ JsonNode jsonElement = null;
+ ObjectMapper objectMapper = new ObjectMapper();
+ jsonElement = objectMapper.readTree(jsonInputStream);
+
+ System.out.println("Valid Message: " + jsonElement);
+
+ // Validating
+ ValidatorResultBuilder validatorResultBuilder = new ValidatorResultBuilder();
+ YangDataDocument doc = new YangDataDocumentJsonParser(schemaContext).parse(jsonElement, validatorResultBuilder);
+ doc.update();
+ ValidatorResult validatorResult = validatorResultBuilder.build();
+
+ System.out.println("Is deserialization ok (should be true)? " + validatorResult.isOk());
+
+ ValidatorResult validationResult = doc.validate();
+ System.out.println("second validation: " + validationResult.isOk());
+ if (!validationResult.isOk()) System.out.println(validationResult);
+
+ }
+}
diff --git a/yangkit-examples/src/main/java/org/yangcentral/yangkit/examples/App6.java b/yangkit-examples/src/main/java/org/yangcentral/yangkit/examples/App6.java
new file mode 100644
index 00000000..a4e5874a
--- /dev/null
+++ b/yangkit-examples/src/main/java/org/yangcentral/yangkit/examples/App6.java
@@ -0,0 +1,89 @@
+/*
+ * Copyright 2023 INSA Lyon.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.yangcentral.yangkit.examples;
+
+import com.fasterxml.jackson.databind.JsonNode;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import org.dom4j.DocumentException;
+import org.yangcentral.yangkit.common.api.validate.ValidatorRecord;
+import org.yangcentral.yangkit.common.api.validate.ValidatorResult;
+import org.yangcentral.yangkit.common.api.validate.ValidatorResultBuilder;
+import org.yangcentral.yangkit.data.api.model.YangDataDocument;
+import org.yangcentral.yangkit.data.codec.json.YangDataDocumentJsonParser;
+import org.yangcentral.yangkit.model.api.schema.YangSchemaContext;
+import org.yangcentral.yangkit.model.api.stmt.Module;
+import org.yangcentral.yangkit.parser.YangParserException;
+import org.yangcentral.yangkit.parser.YangYinParser;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.URL;
+
+/**
+ * Usecase on how to use yang to validate YANG-push notification
+ *
+ */
+public class App6 {
+ public static void main(String[] args) throws IOException, YangParserException, DocumentException {
+
+ URL yangUrl = App6.class.getClassLoader().getResource("App6/yangs");
+ String yangDir = yangUrl.getFile();
+
+ // Parsing module
+ YangSchemaContext schemaContext = YangYinParser.parse(yangDir);
+ ValidatorResult result = schemaContext.validate();
+ System.out.println("Valid? " + result.isOk());
+ System.out.println("Size modules = " + schemaContext.getModules().size());
+
+ int count = 0;
+ for (Module module : schemaContext.getModules()) {
+ System.out.println(count + "->Module["+ module.getModuleId().getModuleName()+"] prefix[" + module.getSelfPrefix()+"] | revision[" + module.getCurRevision().get() + "] ; root? [" + module.isSchemaTreeRoot() + "]");
+ count++;
+ }
+
+ if (!result.isOk()) {
+ for (ValidatorRecord, ?> record : result.getRecords()) {
+ System.out.println("Error: "+ record.getBadElement() + ':' + record.getErrorMsg().getMessage());
+ }
+ } else {
+ System.out.println("YANGs valid");
+ for (ValidatorRecord, ?> record : result.getRecords()) {
+ System.out.println("valid: "+ record.getBadElement() + ':' + record.getErrorMsg().getMessage() + "; Severity:" + record.getSeverity().getFieldName());
+ }
+ }
+ System.out.println("------------ Validating valid message ------------");
+ InputStream jsonInputStream = App6.class.getClassLoader().getResourceAsStream("App6/json/telemetry-msg.json");
+ JsonNode jsonElement = null;
+ ObjectMapper objectMapper = new ObjectMapper();
+ jsonElement = objectMapper.readTree(jsonInputStream);
+
+ System.out.println("Valid Message: " + jsonElement);
+
+ // Validating
+ ValidatorResultBuilder validatorResultBuilder = new ValidatorResultBuilder();
+ YangDataDocument doc = new YangDataDocumentJsonParser(schemaContext).parse(jsonElement, validatorResultBuilder);
+ doc.update();
+ ValidatorResult validatorResult = validatorResultBuilder.build();
+
+ System.out.println("Is deserialization ok (should be true)? " + validatorResult.isOk());
+
+ ValidatorResult validationResult = doc.validate();
+ System.out.println("second validation: " + validationResult.isOk());
+ if (!validationResult.isOk()) System.out.println(validationResult);
+
+ }
+}
diff --git a/yangkit-examples/src/main/resources/json/insa-test.json b/yangkit-examples/src/main/resources/App3/json/insa-test.json
similarity index 100%
rename from yangkit-examples/src/main/resources/json/insa-test.json
rename to yangkit-examples/src/main/resources/App3/json/insa-test.json
diff --git a/yangkit-examples/src/main/resources/insa-test-dependence.yang b/yangkit-examples/src/main/resources/App3/yang/insa-test-dependence.yang
similarity index 100%
rename from yangkit-examples/src/main/resources/insa-test-dependence.yang
rename to yangkit-examples/src/main/resources/App3/yang/insa-test-dependence.yang
diff --git a/yangkit-examples/src/main/resources/insa-test.yang b/yangkit-examples/src/main/resources/App3/yang/insa-test.yang
similarity index 100%
rename from yangkit-examples/src/main/resources/insa-test.yang
rename to yangkit-examples/src/main/resources/App3/yang/insa-test.yang
diff --git a/yangkit-examples/src/main/resources/App5/interfaces/iana-if-type@2023-01-26.yang b/yangkit-examples/src/main/resources/App5/interfaces/iana-if-type@2023-01-26.yang
new file mode 100644
index 00000000..2ab3097f
--- /dev/null
+++ b/yangkit-examples/src/main/resources/App5/interfaces/iana-if-type@2023-01-26.yang
@@ -0,0 +1,1851 @@
+module iana-if-type {
+ namespace "urn:ietf:params:xml:ns:yang:iana-if-type";
+ prefix ianaift;
+
+ import ietf-interfaces {
+ prefix if;
+ }
+
+ organization "IANA";
+ contact
+ " Internet Assigned Numbers Authority
+
+ Postal: ICANN
+ 12025 Waterfront Drive, Suite 300
+ Los Angeles, CA 90094-2536
+ United States
+
+ Tel: +1 310 301 5800
+ ";
+ description
+ "This YANG module defines YANG identities for IANA-registered
+ interface types.
+
+ This YANG module is maintained by IANA and reflects the
+ 'ifType definitions' registry.
+
+ The latest revision of this YANG module can be obtained from
+ the IANA web site.
+
+ Requests for new values should be made to IANA via
+ email (iana@iana.org).
+
+ Copyright (c) 2014 IETF Trust and the persons identified as
+ authors of the code. All rights reserved.
+
+ Redistribution and use in source and binary forms, with or
+ without modification, is permitted pursuant to, and subject
+ to the license terms contained in, the Simplified BSD License
+ set forth in Section 4.c of the IETF Trust's Legal Provisions
+ Relating to IETF Documents
+ (http://trustee.ietf.org/license-info).
+
+ The initial version of this YANG module is part of RFC 7224;
+ see the RFC itself for full legal notices.";
+ reference
+ "IANA 'ifType definitions' registry.
+ ";
+
+ revision 2023-01-26 {
+ description
+ "Fix incorrect quotation for previous 3 revision statements.";
+ }
+
+ revision 2022-08-24 {
+ description
+ "Updated reference for ifType 303.";
+ }
+
+ revision 2022-08-17 {
+ description
+ "Changed gpon description to refer to G.984.";
+ }
+
+ revision 2022-03-07 {
+ description
+ "Coalesced revision history entries for 2018-06-28.";
+ }
+
+ revision 2021-06-21 {
+ description
+ "Corrected reference for ifType 303.";
+ }
+
+ revision 2021-05-17 {
+ description
+ "Registered ifType 303.";
+ }
+
+ revision 2021-04-22 {
+ description
+ "Registered ifType 302.";
+ }
+
+ revision 2021-04-01 {
+ description
+ "Updated reference for 301.";
+ }
+
+ revision 2021-02-18 {
+ description
+ "Registered ifType 301.";
+ }
+
+ revision 2020-08-27 {
+ description
+ "Added missing references.";
+ }
+
+ revision 2020-07-13 {
+ description
+ "Added identity cpri.";
+ }
+
+ revision 2020-07-10 {
+ description
+ "Registered ifType 300.";
+ }
+
+ revision 2020-01-10 {
+ description
+ "Registered ifType 299.";
+ }
+
+ revision 2019-10-16 {
+ description
+ "Registered ifType 298.";
+ }
+ revision 2019-07-16 {
+ description
+ "Registered ifType 297.";
+ }
+ revision 2019-06-21 {
+ description
+ "Updated reference associated with ifTypes 295-296.";
+ }
+
+ revision 2019-02-08 {
+ description
+ "Corrected formatting issue.";
+ }
+
+ revision 2019-01-31 {
+ description
+ "Registered ifTypes 295-296.";
+ }
+
+ revision 2018-07-03 {
+ description
+ "Corrected revision date.";
+ }
+
+ revision 2018-06-29 {
+ description
+ "Corrected formatting issue.";
+ }
+
+ revision 2018-06-28 {
+ description
+ "Registered ifTypes 293 and 294.";
+ }
+
+ revision 2018-06-22 {
+ description
+ "Registered ifType 292.";
+ }
+
+ revision 2018-06-21 {
+ description
+ "Registered ifType 291.";
+ }
+
+ revision 2017-03-30 {
+ description
+ "Registered ifType 290.";
+ }
+
+ revision 2017-01-19 {
+ description
+ "Registered ifType 289.";
+ }
+
+ revision 2016-11-23 {
+ description
+ "Registered ifTypes 283-288.";
+ }
+
+ revision 2016-06-09 {
+ description
+ "Registered ifType 282.";
+ }
+ revision 2016-05-03 {
+ description
+ "Registered ifType 281.";
+ }
+ revision 2015-06-12 {
+ description
+ "Corrected formatting issue.";
+ }
+ revision 2014-09-24 {
+ description
+ "Registered ifType 280.";
+ }
+ revision 2014-09-19 {
+ description
+ "Registered ifType 279.";
+ }
+ revision 2014-07-03 {
+ description
+ "Registered ifTypes 277-278.";
+ }
+ revision 2014-05-19 {
+ description
+ "Updated the contact address.";
+ }
+ revision 2014-05-08 {
+ description
+ "Initial revision.";
+ reference
+ "RFC 7224: IANA Interface Type YANG Module";
+ }
+
+ identity iana-interface-type {
+ base if:interface-type;
+ description
+ "This identity is used as a base for all interface types
+ defined in the 'ifType definitions' registry.";
+ }
+
+ identity other {
+ base iana-interface-type;
+ }
+ identity regular1822 {
+ base iana-interface-type;
+ }
+ identity hdh1822 {
+ base iana-interface-type;
+ }
+ identity ddnX25 {
+ base iana-interface-type;
+ }
+ identity rfc877x25 {
+ base iana-interface-type;
+ reference
+ "RFC 1382 - SNMP MIB Extension for the X.25 Packet Layer";
+ }
+ identity ethernetCsmacd {
+ base iana-interface-type;
+ description
+ "For all Ethernet-like interfaces, regardless of speed,
+ as per RFC 3635.";
+ reference
+ "RFC 3635 - Definitions of Managed Objects for the
+ Ethernet-like Interface Types";
+ }
+ identity iso88023Csmacd {
+ base iana-interface-type;
+ status deprecated;
+ description
+ "Deprecated via RFC 3635.
+ Use ethernetCsmacd(6) instead.";
+ reference
+ "RFC 3635 - Definitions of Managed Objects for the
+ Ethernet-like Interface Types";
+ }
+ identity iso88024TokenBus {
+ base iana-interface-type;
+ }
+ identity iso88025TokenRing {
+ base iana-interface-type;
+ }
+ identity iso88026Man {
+ base iana-interface-type;
+ }
+ identity starLan {
+ base iana-interface-type;
+ status deprecated;
+ description
+ "Deprecated via RFC 3635.
+ Use ethernetCsmacd(6) instead.";
+ reference
+ "RFC 3635 - Definitions of Managed Objects for the
+ Ethernet-like Interface Types";
+ }
+ identity proteon10Mbit {
+ base iana-interface-type;
+ }
+ identity proteon80Mbit {
+ base iana-interface-type;
+ }
+ identity hyperchannel {
+ base iana-interface-type;
+ }
+ identity fddi {
+ base iana-interface-type;
+ reference
+ "RFC 1512 - FDDI Management Information Base";
+ }
+ identity lapb {
+ base iana-interface-type;
+ reference
+ "RFC 1381 - SNMP MIB Extension for X.25 LAPB";
+ }
+ identity sdlc {
+ base iana-interface-type;
+ }
+ identity ds1 {
+ base iana-interface-type;
+ description
+ "DS1-MIB.";
+ reference
+ "RFC 4805 - Definitions of Managed Objects for the
+ DS1, J1, E1, DS2, and E2 Interface Types";
+ }
+ identity e1 {
+ base iana-interface-type;
+ status obsolete;
+ description
+ "Obsolete; see DS1-MIB.";
+ reference
+ "RFC 4805 - Definitions of Managed Objects for the
+ DS1, J1, E1, DS2, and E2 Interface Types";
+ }
+ identity basicISDN {
+ base iana-interface-type;
+ description
+ "No longer used. See also RFC 2127.";
+ }
+ identity primaryISDN {
+ base iana-interface-type;
+ description
+ "No longer used. See also RFC 2127.";
+ }
+ identity propPointToPointSerial {
+ base iana-interface-type;
+ description
+ "Proprietary serial.";
+ }
+ identity ppp {
+ base iana-interface-type;
+ }
+ identity softwareLoopback {
+ base iana-interface-type;
+ }
+ identity eon {
+ base iana-interface-type;
+ description
+ "CLNP over IP.";
+ }
+ identity ethernet3Mbit {
+ base iana-interface-type;
+ }
+ identity nsip {
+ base iana-interface-type;
+ description
+ "XNS over IP.";
+ }
+ identity slip {
+ base iana-interface-type;
+ description
+ "Generic SLIP.";
+ }
+ identity ultra {
+ base iana-interface-type;
+ description
+ "Ultra Technologies.";
+ }
+ identity ds3 {
+ base iana-interface-type;
+ description
+ "DS3-MIB.";
+ reference
+ "RFC 3896 - Definitions of Managed Objects for the
+ DS3/E3 Interface Type";
+ }
+ identity sip {
+ base iana-interface-type;
+ description
+ "SMDS, coffee.";
+ reference
+ "RFC 1694 - Definitions of Managed Objects for SMDS
+ Interfaces using SMIv2";
+ }
+ identity frameRelay {
+ base iana-interface-type;
+ description
+ "DTE only.";
+ reference
+ "RFC 2115 - Management Information Base for Frame Relay
+ DTEs Using SMIv2";
+ }
+ identity rs232 {
+ base iana-interface-type;
+ reference
+ "RFC 1659 - Definitions of Managed Objects for RS-232-like
+ Hardware Devices using SMIv2";
+ }
+ identity para {
+ base iana-interface-type;
+ description
+ "Parallel-port.";
+ reference
+ "RFC 1660 - Definitions of Managed Objects for
+ Parallel-printer-like Hardware Devices using
+ SMIv2";
+ }
+ identity arcnet {
+ base iana-interface-type;
+ description
+ "ARCnet.";
+ }
+ identity arcnetPlus {
+ base iana-interface-type;
+ description
+ "ARCnet Plus.";
+ }
+ identity atm {
+ base iana-interface-type;
+ description
+ "ATM cells.";
+ }
+ identity miox25 {
+ base iana-interface-type;
+ reference
+ "RFC 1461 - SNMP MIB extension for Multiprotocol
+ Interconnect over X.25";
+ }
+ identity sonet {
+ base iana-interface-type;
+ description
+ "SONET or SDH.";
+ }
+ identity x25ple {
+ base iana-interface-type;
+ reference
+ "RFC 2127 - ISDN Management Information Base using SMIv2";
+ }
+ identity iso88022llc {
+ base iana-interface-type;
+ }
+ identity localTalk {
+ base iana-interface-type;
+ }
+ identity smdsDxi {
+ base iana-interface-type;
+ }
+ identity frameRelayService {
+ base iana-interface-type;
+ description
+ "FRNETSERV-MIB.";
+ reference
+ "RFC 2954 - Definitions of Managed Objects for Frame
+ Relay Service";
+ }
+ identity v35 {
+ base iana-interface-type;
+ }
+ identity hssi {
+ base iana-interface-type;
+ }
+ identity hippi {
+ base iana-interface-type;
+ }
+ identity modem {
+ base iana-interface-type;
+ description
+ "Generic modem.";
+ }
+ identity aal5 {
+ base iana-interface-type;
+ description
+ "AAL5 over ATM.";
+ }
+ identity sonetPath {
+ base iana-interface-type;
+ }
+ identity sonetVT {
+ base iana-interface-type;
+ }
+ identity smdsIcip {
+ base iana-interface-type;
+ description
+ "SMDS InterCarrier Interface.";
+ }
+ identity propVirtual {
+ base iana-interface-type;
+ description
+ "Proprietary virtual/internal.";
+ reference
+ "RFC 2863 - The Interfaces Group MIB";
+ }
+ identity propMultiplexor {
+ base iana-interface-type;
+ description
+ "Proprietary multiplexing.";
+ reference
+ "RFC 2863 - The Interfaces Group MIB";
+ }
+ identity ieee80212 {
+ base iana-interface-type;
+ description
+ "100BaseVG.";
+ }
+ identity fibreChannel {
+ base iana-interface-type;
+ description
+ "Fibre Channel.";
+ }
+ identity hippiInterface {
+ base iana-interface-type;
+ description
+ "HIPPI interfaces.";
+ }
+ identity frameRelayInterconnect {
+ base iana-interface-type;
+ status obsolete;
+ description
+ "Obsolete; use either
+ frameRelay(32) or frameRelayService(44).";
+ }
+ identity aflane8023 {
+ base iana-interface-type;
+ description
+ "ATM Emulated LAN for 802.3.";
+ }
+ identity aflane8025 {
+ base iana-interface-type;
+ description
+ "ATM Emulated LAN for 802.5.";
+ }
+ identity cctEmul {
+ base iana-interface-type;
+ description
+ "ATM Emulated circuit.";
+ }
+ identity fastEther {
+ base iana-interface-type;
+ status deprecated;
+ description
+ "Obsoleted via RFC 3635.
+ ethernetCsmacd(6) should be used instead.";
+ reference
+ "RFC 3635 - Definitions of Managed Objects for the
+ Ethernet-like Interface Types";
+ }
+ identity isdn {
+ base iana-interface-type;
+ description
+ "ISDN and X.25.";
+ reference
+ "RFC 1356 - Multiprotocol Interconnect on X.25 and ISDN
+ in the Packet Mode";
+ }
+ identity v11 {
+ base iana-interface-type;
+ description
+ "CCITT V.11/X.21.";
+ }
+ identity v36 {
+ base iana-interface-type;
+ description
+ "CCITT V.36.";
+ }
+ identity g703at64k {
+ base iana-interface-type;
+ description
+ "CCITT G703 at 64Kbps.";
+ }
+ identity g703at2mb {
+ base iana-interface-type;
+ status obsolete;
+ description
+ "Obsolete; see DS1-MIB.";
+ }
+ identity qllc {
+ base iana-interface-type;
+ description
+ "SNA QLLC.";
+ }
+ identity fastEtherFX {
+ base iana-interface-type;
+ status deprecated;
+ description
+ "Obsoleted via RFC 3635.
+ ethernetCsmacd(6) should be used instead.";
+ reference
+ "RFC 3635 - Definitions of Managed Objects for the
+ Ethernet-like Interface Types";
+ }
+ identity channel {
+ base iana-interface-type;
+ description
+ "Channel.";
+ }
+ identity ieee80211 {
+ base iana-interface-type;
+ description
+ "Radio spread spectrum.";
+ }
+ identity ibm370parChan {
+ base iana-interface-type;
+ description
+ "IBM System 360/370 OEMI Channel.";
+ }
+ identity escon {
+ base iana-interface-type;
+ description
+ "IBM Enterprise Systems Connection.";
+ }
+ identity dlsw {
+ base iana-interface-type;
+ description
+ "Data Link Switching.";
+ }
+ identity isdns {
+ base iana-interface-type;
+ description
+ "ISDN S/T interface.";
+ }
+ identity isdnu {
+ base iana-interface-type;
+ description
+ "ISDN U interface.";
+ }
+ identity lapd {
+ base iana-interface-type;
+ description
+ "Link Access Protocol D.";
+ }
+ identity ipSwitch {
+ base iana-interface-type;
+ description
+ "IP Switching Objects.";
+ }
+ identity rsrb {
+ base iana-interface-type;
+ description
+ "Remote Source Route Bridging.";
+ }
+ identity atmLogical {
+ base iana-interface-type;
+ description
+ "ATM Logical Port.";
+ reference
+ "RFC 3606 - Definitions of Supplemental Managed Objects
+ for ATM Interface";
+ }
+ identity ds0 {
+ base iana-interface-type;
+ description
+ "Digital Signal Level 0.";
+ reference
+ "RFC 2494 - Definitions of Managed Objects for the DS0
+ and DS0 Bundle Interface Type";
+ }
+ identity ds0Bundle {
+ base iana-interface-type;
+ description
+ "Group of ds0s on the same ds1.";
+ reference
+ "RFC 2494 - Definitions of Managed Objects for the DS0
+ and DS0 Bundle Interface Type";
+ }
+ identity bsc {
+ base iana-interface-type;
+ description
+ "Bisynchronous Protocol.";
+ }
+ identity async {
+ base iana-interface-type;
+ description
+ "Asynchronous Protocol.";
+ }
+ identity cnr {
+ base iana-interface-type;
+ description
+ "Combat Net Radio.";
+ }
+ identity iso88025Dtr {
+ base iana-interface-type;
+ description
+ "ISO 802.5r DTR.";
+ }
+ identity eplrs {
+ base iana-interface-type;
+ description
+ "Ext Pos Loc Report Sys.";
+ }
+ identity arap {
+ base iana-interface-type;
+ description
+ "Appletalk Remote Access Protocol.";
+ }
+ identity propCnls {
+ base iana-interface-type;
+ description
+ "Proprietary Connectionless Protocol.";
+ }
+ identity hostPad {
+ base iana-interface-type;
+ description
+ "CCITT-ITU X.29 PAD Protocol.";
+ }
+ identity termPad {
+ base iana-interface-type;
+ description
+ "CCITT-ITU X.3 PAD Facility.";
+ }
+ identity frameRelayMPI {
+ base iana-interface-type;
+ description
+ "Multiproto Interconnect over FR.";
+ }
+ identity x213 {
+ base iana-interface-type;
+ description
+ "CCITT-ITU X213.";
+ }
+ identity adsl {
+ base iana-interface-type;
+ description
+ "Asymmetric Digital Subscriber Loop.";
+ }
+ identity radsl {
+ base iana-interface-type;
+ description
+ "Rate-Adapt. Digital Subscriber Loop.";
+ }
+ identity sdsl {
+ base iana-interface-type;
+ description
+ "Symmetric Digital Subscriber Loop.";
+ }
+ identity vdsl {
+ base iana-interface-type;
+ description
+ "Very H-Speed Digital Subscrib. Loop.";
+ }
+ identity iso88025CRFPInt {
+ base iana-interface-type;
+ description
+ "ISO 802.5 CRFP.";
+ }
+ identity myrinet {
+ base iana-interface-type;
+ description
+ "Myricom Myrinet.";
+ }
+ identity voiceEM {
+ base iana-interface-type;
+ description
+ "Voice recEive and transMit.";
+ }
+ identity voiceFXO {
+ base iana-interface-type;
+ description
+ "Voice Foreign Exchange Office.";
+ }
+ identity voiceFXS {
+ base iana-interface-type;
+ description
+ "Voice Foreign Exchange Station.";
+ }
+ identity voiceEncap {
+ base iana-interface-type;
+ description
+ "Voice encapsulation.";
+ }
+ identity voiceOverIp {
+ base iana-interface-type;
+ description
+ "Voice over IP encapsulation.";
+ }
+ identity atmDxi {
+ base iana-interface-type;
+ description
+ "ATM DXI.";
+ }
+ identity atmFuni {
+ base iana-interface-type;
+ description
+ "ATM FUNI.";
+ }
+ identity atmIma {
+ base iana-interface-type;
+ description
+ "ATM IMA.";
+ }
+ identity pppMultilinkBundle {
+ base iana-interface-type;
+ description
+ "PPP Multilink Bundle.";
+ }
+ identity ipOverCdlc {
+ base iana-interface-type;
+ description
+ "IBM ipOverCdlc.";
+ }
+ identity ipOverClaw {
+ base iana-interface-type;
+ description
+ "IBM Common Link Access to Workstn.";
+ }
+ identity stackToStack {
+ base iana-interface-type;
+ description
+ "IBM stackToStack.";
+ }
+ identity virtualIpAddress {
+ base iana-interface-type;
+ description
+ "IBM VIPA.";
+ }
+ identity mpc {
+ base iana-interface-type;
+ description
+ "IBM multi-protocol channel support.";
+ }
+ identity ipOverAtm {
+ base iana-interface-type;
+ description
+ "IBM ipOverAtm.";
+ reference
+ "RFC 2320 - Definitions of Managed Objects for Classical IP
+ and ARP Over ATM Using SMIv2 (IPOA-MIB)";
+ }
+ identity iso88025Fiber {
+ base iana-interface-type;
+ description
+ "ISO 802.5j Fiber Token Ring.";
+ }
+ identity tdlc {
+ base iana-interface-type;
+ description
+ "IBM twinaxial data link control.";
+ }
+ identity gigabitEthernet {
+ base iana-interface-type;
+ status deprecated;
+ description
+ "Obsoleted via RFC 3635.
+ ethernetCsmacd(6) should be used instead.";
+ reference
+ "RFC 3635 - Definitions of Managed Objects for the
+ Ethernet-like Interface Types";
+ }
+ identity hdlc {
+ base iana-interface-type;
+ description
+ "HDLC.";
+ }
+ identity lapf {
+ base iana-interface-type;
+ description
+ "LAP F.";
+ }
+ identity v37 {
+ base iana-interface-type;
+ description
+ "V.37.";
+ }
+ identity x25mlp {
+ base iana-interface-type;
+ description
+ "Multi-Link Protocol.";
+ }
+ identity x25huntGroup {
+ base iana-interface-type;
+ description
+ "X25 Hunt Group.";
+ }
+ identity transpHdlc {
+ base iana-interface-type;
+ description
+ "Transp HDLC.";
+ }
+ identity interleave {
+ base iana-interface-type;
+ description
+ "Interleave channel.";
+ }
+ identity fast {
+ base iana-interface-type;
+ description
+ "Fast channel.";
+ }
+ identity ip {
+ base iana-interface-type;
+ description
+ "IP (for APPN HPR in IP networks).";
+ }
+ identity docsCableMaclayer {
+ base iana-interface-type;
+ description
+ "CATV Mac Layer.";
+ }
+ identity docsCableDownstream {
+ base iana-interface-type;
+ description
+ "CATV Downstream interface.";
+ }
+ identity docsCableUpstream {
+ base iana-interface-type;
+ description
+ "CATV Upstream interface.";
+ }
+ identity a12MppSwitch {
+ base iana-interface-type;
+ description
+ "Avalon Parallel Processor.";
+ }
+ identity tunnel {
+ base iana-interface-type;
+ description
+ "Encapsulation interface.";
+ }
+ identity coffee {
+ base iana-interface-type;
+ description
+ "Coffee pot.";
+ reference
+ "RFC 2325 - Coffee MIB";
+ }
+ identity ces {
+ base iana-interface-type;
+ description
+ "Circuit Emulation Service.";
+ }
+ identity atmSubInterface {
+ base iana-interface-type;
+ description
+ "ATM Sub Interface.";
+ }
+ identity l2vlan {
+ base iana-interface-type;
+ description
+ "Layer 2 Virtual LAN using 802.1Q.";
+ }
+ identity l3ipvlan {
+ base iana-interface-type;
+ description
+ "Layer 3 Virtual LAN using IP.";
+ }
+ identity l3ipxvlan {
+ base iana-interface-type;
+ description
+ "Layer 3 Virtual LAN using IPX.";
+ }
+ identity digitalPowerline {
+ base iana-interface-type;
+ description
+ "IP over Power Lines.";
+ }
+ identity mediaMailOverIp {
+ base iana-interface-type;
+ description
+ "Multimedia Mail over IP.";
+ }
+ identity dtm {
+ base iana-interface-type;
+ description
+ "Dynamic synchronous Transfer Mode.";
+ }
+ identity dcn {
+ base iana-interface-type;
+ description
+ "Data Communications Network.";
+ }
+ identity ipForward {
+ base iana-interface-type;
+ description
+ "IP Forwarding Interface.";
+ }
+ identity msdsl {
+ base iana-interface-type;
+ description
+ "Multi-rate Symmetric DSL.";
+ }
+ identity ieee1394 {
+ base iana-interface-type;
+
+ description
+ "IEEE1394 High Performance Serial Bus.";
+ }
+ identity if-gsn {
+ base iana-interface-type;
+ description
+ "HIPPI-6400.";
+ }
+ identity dvbRccMacLayer {
+ base iana-interface-type;
+ description
+ "DVB-RCC MAC Layer.";
+ }
+ identity dvbRccDownstream {
+ base iana-interface-type;
+ description
+ "DVB-RCC Downstream Channel.";
+ }
+ identity dvbRccUpstream {
+ base iana-interface-type;
+ description
+ "DVB-RCC Upstream Channel.";
+ }
+ identity atmVirtual {
+ base iana-interface-type;
+ description
+ "ATM Virtual Interface.";
+ }
+ identity mplsTunnel {
+ base iana-interface-type;
+ description
+ "MPLS Tunnel Virtual Interface.";
+ }
+ identity srp {
+ base iana-interface-type;
+ description
+ "Spatial Reuse Protocol.";
+ }
+ identity voiceOverAtm {
+ base iana-interface-type;
+ description
+ "Voice over ATM.";
+ }
+ identity voiceOverFrameRelay {
+ base iana-interface-type;
+ description
+ "Voice Over Frame Relay.";
+ }
+ identity idsl {
+ base iana-interface-type;
+ description
+ "Digital Subscriber Loop over ISDN.";
+ }
+ identity compositeLink {
+ base iana-interface-type;
+ description
+ "Avici Composite Link Interface.";
+ }
+ identity ss7SigLink {
+ base iana-interface-type;
+ description
+ "SS7 Signaling Link.";
+ }
+ identity propWirelessP2P {
+ base iana-interface-type;
+ description
+ "Prop. P2P wireless interface.";
+ }
+ identity frForward {
+ base iana-interface-type;
+ description
+ "Frame Forward Interface.";
+ }
+ identity rfc1483 {
+ base iana-interface-type;
+ description
+ "Multiprotocol over ATM AAL5.";
+ reference
+ "RFC 1483 - Multiprotocol Encapsulation over ATM
+ Adaptation Layer 5";
+ }
+ identity usb {
+ base iana-interface-type;
+ description
+ "USB Interface.";
+ }
+ identity ieee8023adLag {
+ base iana-interface-type;
+ description
+ "IEEE 802.3ad Link Aggregate.";
+ }
+ identity bgppolicyaccounting {
+ base iana-interface-type;
+ description
+ "BGP Policy Accounting.";
+ }
+ identity frf16MfrBundle {
+ base iana-interface-type;
+ description
+ "FRF.16 Multilink Frame Relay.";
+ }
+ identity h323Gatekeeper {
+ base iana-interface-type;
+ description
+ "H323 Gatekeeper.";
+ }
+ identity h323Proxy {
+ base iana-interface-type;
+ description
+ "H323 Voice and Video Proxy.";
+ }
+ identity mpls {
+ base iana-interface-type;
+ description
+ "MPLS.";
+ }
+ identity mfSigLink {
+ base iana-interface-type;
+ description
+ "Multi-frequency signaling link.";
+ }
+ identity hdsl2 {
+ base iana-interface-type;
+ description
+ "High Bit-Rate DSL - 2nd generation.";
+ }
+ identity shdsl {
+ base iana-interface-type;
+ description
+ "Multirate HDSL2.";
+ }
+ identity ds1FDL {
+ base iana-interface-type;
+ description
+ "Facility Data Link (4Kbps) on a DS1.";
+ }
+ identity pos {
+ base iana-interface-type;
+ description
+ "Packet over SONET/SDH Interface.";
+ }
+ identity dvbAsiIn {
+ base iana-interface-type;
+ description
+ "DVB-ASI Input.";
+ }
+ identity dvbAsiOut {
+ base iana-interface-type;
+ description
+ "DVB-ASI Output.";
+ }
+ identity plc {
+ base iana-interface-type;
+ description
+ "Power Line Communications.";
+ }
+ identity nfas {
+ base iana-interface-type;
+ description
+ "Non-Facility Associated Signaling.";
+ }
+ identity tr008 {
+ base iana-interface-type;
+ description
+ "TR008.";
+ }
+ identity gr303RDT {
+ base iana-interface-type;
+ description
+ "Remote Digital Terminal.";
+ }
+ identity gr303IDT {
+ base iana-interface-type;
+ description
+ "Integrated Digital Terminal.";
+ }
+ identity isup {
+ base iana-interface-type;
+ description
+ "ISUP.";
+ }
+ identity propDocsWirelessMaclayer {
+ base iana-interface-type;
+ description
+ "Cisco proprietary Maclayer.";
+ }
+ identity propDocsWirelessDownstream {
+ base iana-interface-type;
+ description
+ "Cisco proprietary Downstream.";
+ }
+ identity propDocsWirelessUpstream {
+ base iana-interface-type;
+ description
+ "Cisco proprietary Upstream.";
+ }
+ identity hiperlan2 {
+ base iana-interface-type;
+ description
+ "HIPERLAN Type 2 Radio Interface.";
+ }
+ identity propBWAp2Mp {
+ base iana-interface-type;
+ description
+ "PropBroadbandWirelessAccesspt2Multipt (use of this value
+ for IEEE 802.16 WMAN interfaces as per IEEE Std 802.16f
+ is deprecated, and ieee80216WMAN(237) should be used
+ instead).";
+ }
+ identity sonetOverheadChannel {
+ base iana-interface-type;
+ description
+ "SONET Overhead Channel.";
+ }
+ identity digitalWrapperOverheadChannel {
+ base iana-interface-type;
+ description
+ "Digital Wrapper.";
+ }
+ identity aal2 {
+ base iana-interface-type;
+ description
+ "ATM adaptation layer 2.";
+ }
+ identity radioMAC {
+ base iana-interface-type;
+ description
+ "MAC layer over radio links.";
+ }
+ identity atmRadio {
+ base iana-interface-type;
+ description
+ "ATM over radio links.";
+ }
+ identity imt {
+ base iana-interface-type;
+ description
+ "Inter-Machine Trunks.";
+ }
+ identity mvl {
+ base iana-interface-type;
+ description
+ "Multiple Virtual Lines DSL.";
+ }
+ identity reachDSL {
+ base iana-interface-type;
+ description
+ "Long Reach DSL.";
+ }
+ identity frDlciEndPt {
+ base iana-interface-type;
+ description
+ "Frame Relay DLCI End Point.";
+ }
+ identity atmVciEndPt {
+ base iana-interface-type;
+ description
+ "ATM VCI End Point.";
+ }
+ identity opticalChannel {
+ base iana-interface-type;
+ description
+ "Optical Channel.";
+ }
+ identity opticalTransport {
+ base iana-interface-type;
+ description
+ "Optical Transport.";
+ }
+ identity propAtm {
+ base iana-interface-type;
+ description
+ "Proprietary ATM.";
+ }
+ identity voiceOverCable {
+ base iana-interface-type;
+ description
+ "Voice Over Cable Interface.";
+ }
+ identity infiniband {
+ base iana-interface-type;
+ description
+ "Infiniband.";
+ }
+ identity teLink {
+ base iana-interface-type;
+ description
+ "TE Link.";
+ }
+ identity q2931 {
+ base iana-interface-type;
+ description
+ "Q.2931.";
+ }
+ identity virtualTg {
+ base iana-interface-type;
+ description
+ "Virtual Trunk Group.";
+ }
+ identity sipTg {
+ base iana-interface-type;
+ description
+ "SIP Trunk Group.";
+ }
+ identity sipSig {
+ base iana-interface-type;
+ description
+ "SIP Signaling.";
+ }
+ identity docsCableUpstreamChannel {
+ base iana-interface-type;
+ description
+ "CATV Upstream Channel.";
+ }
+ identity econet {
+ base iana-interface-type;
+ description
+ "Acorn Econet.";
+ }
+ identity pon155 {
+ base iana-interface-type;
+ description
+ "FSAN 155Mb Symetrical PON interface.";
+ }
+ identity pon622 {
+ base iana-interface-type;
+ description
+ "FSAN 622Mb Symetrical PON interface.";
+ }
+ identity bridge {
+ base iana-interface-type;
+ description
+ "Transparent bridge interface.";
+ }
+ identity linegroup {
+ base iana-interface-type;
+ description
+ "Interface common to multiple lines.";
+ }
+ identity voiceEMFGD {
+ base iana-interface-type;
+ description
+ "Voice E&M Feature Group D.";
+ }
+ identity voiceFGDEANA {
+ base iana-interface-type;
+ description
+ "Voice FGD Exchange Access North American.";
+ }
+ identity voiceDID {
+ base iana-interface-type;
+ description
+ "Voice Direct Inward Dialing.";
+ }
+ identity mpegTransport {
+ base iana-interface-type;
+ description
+ "MPEG transport interface.";
+ }
+ identity sixToFour {
+ base iana-interface-type;
+ status deprecated;
+ description
+ "6to4 interface (DEPRECATED).";
+ reference
+ "RFC 4087 - IP Tunnel MIB";
+ }
+ identity gtp {
+ base iana-interface-type;
+ description
+ "GTP (GPRS Tunneling Protocol).";
+ }
+ identity pdnEtherLoop1 {
+ base iana-interface-type;
+ description
+ "Paradyne EtherLoop 1.";
+ }
+ identity pdnEtherLoop2 {
+ base iana-interface-type;
+ description
+ "Paradyne EtherLoop 2.";
+ }
+ identity opticalChannelGroup {
+ base iana-interface-type;
+ description
+ "Optical Channel Group.";
+ }
+ identity homepna {
+ base iana-interface-type;
+ description
+ "HomePNA ITU-T G.989.";
+ }
+ identity gfp {
+ base iana-interface-type;
+ description
+ "Generic Framing Procedure (GFP).";
+ }
+ identity ciscoISLvlan {
+ base iana-interface-type;
+ description
+ "Layer 2 Virtual LAN using Cisco ISL.";
+ }
+ identity actelisMetaLOOP {
+ base iana-interface-type;
+ description
+ "Acteleis proprietary MetaLOOP High Speed Link.";
+ }
+ identity fcipLink {
+ base iana-interface-type;
+ description
+ "FCIP Link.";
+ }
+ identity rpr {
+ base iana-interface-type;
+ description
+ "Resilient Packet Ring Interface Type.";
+ }
+ identity qam {
+ base iana-interface-type;
+ description
+ "RF Qam Interface.";
+ }
+ identity lmp {
+ base iana-interface-type;
+ description
+ "Link Management Protocol.";
+ reference
+ "RFC 4327 - Link Management Protocol (LMP) Management
+ Information Base (MIB)";
+ }
+ identity cblVectaStar {
+ base iana-interface-type;
+ description
+ "Cambridge Broadband Networks Limited VectaStar.";
+ }
+ identity docsCableMCmtsDownstream {
+ base iana-interface-type;
+ description
+ "CATV Modular CMTS Downstream Interface.";
+ }
+ identity adsl2 {
+ base iana-interface-type;
+ status deprecated;
+ description
+ "Asymmetric Digital Subscriber Loop Version 2
+ (DEPRECATED/OBSOLETED - please use adsl2plus(238)
+ instead).";
+ reference
+ "RFC 4706 - Definitions of Managed Objects for Asymmetric
+ Digital Subscriber Line 2 (ADSL2)";
+ }
+ identity macSecControlledIF {
+ base iana-interface-type;
+ description
+ "MACSecControlled.";
+ }
+ identity macSecUncontrolledIF {
+ base iana-interface-type;
+ description
+ "MACSecUncontrolled.";
+ }
+ identity aviciOpticalEther {
+ base iana-interface-type;
+ description
+ "Avici Optical Ethernet Aggregate.";
+ }
+ identity atmbond {
+ base iana-interface-type;
+ description
+ "atmbond.";
+ }
+ identity voiceFGDOS {
+ base iana-interface-type;
+ description
+ "Voice FGD Operator Services.";
+ }
+ identity mocaVersion1 {
+ base iana-interface-type;
+ description
+ "MultiMedia over Coax Alliance (MoCA) Interface
+ as documented in information provided privately to IANA.";
+ }
+ identity ieee80216WMAN {
+ base iana-interface-type;
+ description
+ "IEEE 802.16 WMAN interface.";
+ }
+ identity adsl2plus {
+ base iana-interface-type;
+ description
+ "Asymmetric Digital Subscriber Loop Version 2 -
+ Version 2 Plus and all variants.";
+ }
+ identity dvbRcsMacLayer {
+ base iana-interface-type;
+ description
+ "DVB-RCS MAC Layer.";
+ reference
+ "RFC 5728 - The SatLabs Group DVB-RCS MIB";
+ }
+ identity dvbTdm {
+ base iana-interface-type;
+ description
+ "DVB Satellite TDM.";
+ reference
+ "RFC 5728 - The SatLabs Group DVB-RCS MIB";
+ }
+ identity dvbRcsTdma {
+ base iana-interface-type;
+ description
+ "DVB-RCS TDMA.";
+ reference
+ "RFC 5728 - The SatLabs Group DVB-RCS MIB";
+ }
+ identity x86Laps {
+ base iana-interface-type;
+ description
+ "LAPS based on ITU-T X.86/Y.1323.";
+ }
+ identity wwanPP {
+ base iana-interface-type;
+ description
+ "3GPP WWAN.";
+ }
+ identity wwanPP2 {
+ base iana-interface-type;
+ description
+ "3GPP2 WWAN.";
+ }
+ identity voiceEBS {
+ base iana-interface-type;
+ description
+ "Voice P-phone EBS physical interface.";
+ }
+ identity ifPwType {
+ base iana-interface-type;
+ description
+ "Pseudowire interface type.";
+ reference
+ "RFC 5601 - Pseudowire (PW) Management Information Base (MIB)";
+ }
+ identity ilan {
+ base iana-interface-type;
+ description
+ "Internal LAN on a bridge per IEEE 802.1ap.";
+ }
+ identity pip {
+ base iana-interface-type;
+ description
+ "Provider Instance Port on a bridge per IEEE 802.1ah PBB.";
+ }
+ identity aluELP {
+ base iana-interface-type;
+ description
+ "Alcatel-Lucent Ethernet Link Protection.";
+ }
+ identity gpon {
+ base iana-interface-type;
+ description
+ "Gigabit-capable passive optical networks (G-PON) as per
+ ITU-T G.984.";
+ }
+ identity vdsl2 {
+ base iana-interface-type;
+ description
+ "Very high speed digital subscriber line Version 2
+ (as per ITU-T Recommendation G.993.2).";
+ reference
+ "RFC 5650 - Definitions of Managed Objects for Very High
+ Speed Digital Subscriber Line 2 (VDSL2)";
+ }
+ identity capwapDot11Profile {
+ base iana-interface-type;
+ description
+ "WLAN Profile Interface.";
+ reference
+ "RFC 5834 - Control and Provisioning of Wireless Access
+ Points (CAPWAP) Protocol Binding MIB for
+ IEEE 802.11";
+ }
+ identity capwapDot11Bss {
+ base iana-interface-type;
+ description
+ "WLAN BSS Interface.";
+ reference
+ "RFC 5834 - Control and Provisioning of Wireless Access
+ Points (CAPWAP) Protocol Binding MIB for
+ IEEE 802.11";
+ }
+ identity capwapWtpVirtualRadio {
+ base iana-interface-type;
+ description
+ "WTP Virtual Radio Interface.";
+ reference
+ "RFC 5833 - Control and Provisioning of Wireless Access
+ Points (CAPWAP) Protocol Base MIB";
+ }
+ identity bits {
+ base iana-interface-type;
+ description
+ "bitsport.";
+ }
+ identity docsCableUpstreamRfPort {
+ base iana-interface-type;
+ description
+ "DOCSIS CATV Upstream RF Port.";
+ }
+ identity cableDownstreamRfPort {
+ base iana-interface-type;
+ description
+ "CATV downstream RF Port.";
+ }
+ identity vmwareVirtualNic {
+ base iana-interface-type;
+ description
+ "VMware Virtual Network Interface.";
+ }
+ identity ieee802154 {
+ base iana-interface-type;
+ description
+ "IEEE 802.15.4 WPAN interface.";
+ reference
+ "IEEE 802.15.4-2006";
+ }
+ identity otnOdu {
+ base iana-interface-type;
+ description
+ "OTN Optical Data Unit.";
+ }
+ identity otnOtu {
+ base iana-interface-type;
+ description
+ "OTN Optical channel Transport Unit.";
+ }
+ identity ifVfiType {
+ base iana-interface-type;
+ description
+ "VPLS Forwarding Instance Interface Type.";
+ }
+ identity g9981 {
+ base iana-interface-type;
+ description
+ "G.998.1 bonded interface.";
+ }
+ identity g9982 {
+ base iana-interface-type;
+ description
+ "G.998.2 bonded interface.";
+ }
+ identity g9983 {
+ base iana-interface-type;
+ description
+ "G.998.3 bonded interface.";
+ }
+
+ identity aluEpon {
+ base iana-interface-type;
+ description
+ "Ethernet Passive Optical Networks (E-PON).";
+ }
+ identity aluEponOnu {
+ base iana-interface-type;
+ description
+ "EPON Optical Network Unit.";
+ }
+ identity aluEponPhysicalUni {
+ base iana-interface-type;
+ description
+ "EPON physical User to Network interface.";
+ }
+ identity aluEponLogicalLink {
+ base iana-interface-type;
+ description
+ "The emulation of a point-to-point link over the EPON
+ layer.";
+ }
+ identity aluGponOnu {
+ base iana-interface-type;
+ description
+ "GPON Optical Network Unit.";
+ reference
+ "ITU-T G.984.2";
+ }
+ identity aluGponPhysicalUni {
+ base iana-interface-type;
+ description
+ "GPON physical User to Network interface.";
+ reference
+ "ITU-T G.984.2";
+ }
+ identity vmwareNicTeam {
+ base iana-interface-type;
+ description
+ "VMware NIC Team.";
+ }
+ identity docsOfdmDownstream {
+ base iana-interface-type;
+ description
+ "CATV Downstream OFDM interface.";
+ reference
+ "Cable Modem Operations Support System Interface
+ Specification";
+ }
+ identity docsOfdmaUpstream {
+ base iana-interface-type;
+ description
+ "CATV Upstream OFDMA interface.";
+ reference
+ "Cable Modem Operations Support System Interface
+ Specification";
+ }
+ identity gfast {
+ base iana-interface-type;
+ description
+ "G.fast port.";
+ reference
+ "ITU-T G.9701";
+ }
+ identity sdci {
+ base iana-interface-type;
+ description
+ "SDCI (IO-Link).";
+ reference
+ "IEC 61131-9 Edition 1.0 2013-09";
+ }
+ identity xboxWireless {
+ base iana-interface-type;
+ description
+ "Xbox wireless.";
+ }
+ identity fastdsl {
+ base iana-interface-type;
+ description
+ "FastDSL.";
+ reference
+ "BBF TR-355";
+ }
+ identity docsCableScte55d1FwdOob {
+ base iana-interface-type;
+ description
+ "Cable SCTE 55-1 OOB Forward Channel.";
+ reference
+ "ANSI/SCTE 55-1 2009";
+ }
+ identity docsCableScte55d1RetOob {
+ base iana-interface-type;
+ description
+ "Cable SCTE 55-1 OOB Return Channel.";
+ reference
+ "ANSI/SCTE 55-1 2009";
+ }
+ identity docsCableScte55d2DsOob {
+ base iana-interface-type;
+ description
+ "Cable SCTE 55-2 OOB Downstream Channel.";
+ reference
+ "ANSI/SCTE 55-2 2008";
+ }
+ identity docsCableScte55d2UsOob {
+ base iana-interface-type;
+ description
+ "Cable SCTE 55-2 OOB Upstream Channel.";
+ reference
+ "ANSI/SCTE 55-2 2008";
+ }
+ identity docsCableNdf {
+ base iana-interface-type;
+ description
+ "Cable Narrowband Digital Forward.";
+ }
+ identity docsCableNdr {
+ base iana-interface-type;
+ description
+ "Cable Narrowband Digital Return.";
+ }
+ identity ptm {
+ base iana-interface-type;
+ description
+ "Packet Transfer Mode.";
+ reference
+ "IEEE G.993.1, Annex H; IEEE G.993.2; IEEE G.9701";
+ }
+ identity ghn {
+ base iana-interface-type;
+ description
+ "G.hn port.";
+ reference
+ "IEEE G.9961";
+ }
+ identity otnOtsi {
+ base iana-interface-type;
+ description
+ "Optical Tributary Signal.";
+ reference
+ "ITU-T G.959.1";
+ }
+ identity otnOtuc {
+ base iana-interface-type;
+ description
+ "OTN OTUCn.";
+ reference
+ "ITU-T G.709/Y.1331";
+ }
+ identity otnOduc {
+ base iana-interface-type;
+ description
+ "OTN ODUC.";
+ reference
+ "ITU-T G.709";
+ }
+ identity otnOtsig {
+ base iana-interface-type;
+ description
+ "OTN OTUC Signal.";
+ reference
+ "ITU-T G.709";
+ }
+ identity microwaveCarrierTermination {
+ base iana-interface-type;
+ description
+ "air interface of a single microwave carrier.";
+ reference
+ "RFC 8561 - A YANG Data Model for Microwave Radio Link";
+ }
+ identity microwaveRadioLinkTerminal {
+ base iana-interface-type;
+ description
+ "radio link interface for one or several aggregated microwave carriers.";
+ reference
+ "RFC 8561 - A YANG Data Model for Microwave Radio Link";
+ }
+ identity ieee8021axDrni {
+ base iana-interface-type;
+ description
+ "IEEE 802.1AX Distributed Resilient Network Interface.";
+ reference
+ "IEEE 802.1AX-Rev-d2-0";
+ }
+ identity ax25 {
+ base iana-interface-type;
+ description
+ "AX.25 network interfaces.";
+ reference
+ "AX.25 Link Access Protocol for Amateur Packet Radio version 2.2";
+ }
+ identity ieee19061nanocom {
+ base iana-interface-type;
+ description
+ "Nanoscale and Molecular Communication.";
+ reference
+ "IEEE 1906.1-2015";
+ }
+ identity cpri {
+ base iana-interface-type;
+ description
+ "Common Public Radio Interface.";
+ reference
+ "CPRI v7.0";
+ }
+ identity omni {
+ base iana-interface-type;
+ description
+ "Overlay Multilink Network Interface (OMNI).";
+ reference
+ "draft-templin-6man-omni-00";
+ }
+ identity roe {
+ base iana-interface-type;
+ description
+ "Radio over Ethernet Interface.";
+ reference
+ "1914.3-2018 - IEEE Standard for Radio over Ethernet Encapsulations and Mappings";
+ }
+ identity p2pOverLan {
+ base iana-interface-type;
+ description
+ "Point to Point over LAN interface.";
+ reference
+ "RFC 9296 - ifStackTable for the Point-to-Point (P2P) Interface over a LAN Type: Definition and Examples";
+ }
+}
diff --git a/yangkit-examples/src/main/resources/App5/interfaces/ietf-interfaces@2018-02-20.yang b/yangkit-examples/src/main/resources/App5/interfaces/ietf-interfaces@2018-02-20.yang
new file mode 100644
index 00000000..f66c205c
--- /dev/null
+++ b/yangkit-examples/src/main/resources/App5/interfaces/ietf-interfaces@2018-02-20.yang
@@ -0,0 +1,1123 @@
+module ietf-interfaces {
+ yang-version 1.1;
+ namespace "urn:ietf:params:xml:ns:yang:ietf-interfaces";
+ prefix if;
+
+ import ietf-yang-types {
+ prefix yang;
+ }
+
+ organization
+ "IETF NETMOD (Network Modeling) Working Group";
+
+ contact
+ "WG Web:
+ WG List:
+
+ Editor: Martin Bjorklund
+ ";
+
+ description
+ "This module contains a collection of YANG definitions for
+ managing network interfaces.
+
+ Copyright (c) 2018 IETF Trust and the persons identified as
+ authors of the code. All rights reserved.
+
+ Redistribution and use in source and binary forms, with or
+ without modification, is permitted pursuant to, and subject
+ to the license terms contained in, the Simplified BSD License
+ set forth in Section 4.c of the IETF Trust's Legal Provisions
+ Relating to IETF Documents
+ (https://trustee.ietf.org/license-info).
+
+ This version of this YANG module is part of RFC 8343; see
+ the RFC itself for full legal notices.";
+
+ revision 2018-02-20 {
+ description
+ "Updated to support NMDA.";
+ reference
+ "RFC 8343: A YANG Data Model for Interface Management";
+ }
+
+ revision 2014-05-08 {
+ description
+ "Initial revision.";
+ reference
+ "RFC 7223: A YANG Data Model for Interface Management";
+ }
+
+ /*
+ * Typedefs
+ */
+
+ typedef interface-ref {
+ type leafref {
+ path "/if:interfaces/if:interface/if:name";
+ }
+ description
+ "This type is used by data models that need to reference
+ interfaces.";
+ }
+
+ /*
+ * Identities
+ */
+
+ identity interface-type {
+ description
+ "Base identity from which specific interface types are
+ derived.";
+ }
+
+ /*
+ * Features
+ */
+
+ feature arbitrary-names {
+ description
+ "This feature indicates that the device allows user-controlled
+ interfaces to be named arbitrarily.";
+ }
+ feature pre-provisioning {
+ description
+ "This feature indicates that the device supports
+ pre-provisioning of interface configuration, i.e., it is
+ possible to configure an interface whose physical interface
+ hardware is not present on the device.";
+ }
+ feature if-mib {
+ description
+ "This feature indicates that the device implements
+ the IF-MIB.";
+ reference
+ "RFC 2863: The Interfaces Group MIB";
+ }
+
+ /*
+ * Data nodes
+ */
+
+ container interfaces {
+ description
+ "Interface parameters.";
+
+ list interface {
+ key "name";
+
+ description
+ "The list of interfaces on the device.
+
+ The status of an interface is available in this list in the
+ operational state. If the configuration of a
+ system-controlled interface cannot be used by the system
+ (e.g., the interface hardware present does not match the
+ interface type), then the configuration is not applied to
+ the system-controlled interface shown in the operational
+ state. If the configuration of a user-controlled interface
+ cannot be used by the system, the configured interface is
+ not instantiated in the operational state.
+
+ System-controlled interfaces created by the system are
+ always present in this list in the operational state,
+ whether or not they are configured.";
+
+ leaf name {
+ type string;
+ description
+ "The name of the interface.
+
+ A device MAY restrict the allowed values for this leaf,
+ possibly depending on the type of the interface.
+ For system-controlled interfaces, this leaf is the
+ device-specific name of the interface.
+
+ If a client tries to create configuration for a
+ system-controlled interface that is not present in the
+ operational state, the server MAY reject the request if
+ the implementation does not support pre-provisioning of
+ interfaces or if the name refers to an interface that can
+ never exist in the system. A Network Configuration
+ Protocol (NETCONF) server MUST reply with an rpc-error
+ with the error-tag 'invalid-value' in this case.
+
+ If the device supports pre-provisioning of interface
+ configuration, the 'pre-provisioning' feature is
+ advertised.
+
+ If the device allows arbitrarily named user-controlled
+ interfaces, the 'arbitrary-names' feature is advertised.
+
+ When a configured user-controlled interface is created by
+ the system, it is instantiated with the same name in the
+ operational state.
+
+ A server implementation MAY map this leaf to the ifName
+ MIB object. Such an implementation needs to use some
+ mechanism to handle the differences in size and characters
+ allowed between this leaf and ifName. The definition of
+ such a mechanism is outside the scope of this document.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifName";
+ }
+
+ leaf description {
+ type string;
+ description
+ "A textual description of the interface.
+
+ A server implementation MAY map this leaf to the ifAlias
+ MIB object. Such an implementation needs to use some
+ mechanism to handle the differences in size and characters
+ allowed between this leaf and ifAlias. The definition of
+ such a mechanism is outside the scope of this document.
+
+ Since ifAlias is defined to be stored in non-volatile
+ storage, the MIB implementation MUST map ifAlias to the
+ value of 'description' in the persistently stored
+ configuration.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifAlias";
+ }
+
+ leaf type {
+ type identityref {
+ base interface-type;
+ }
+ mandatory true;
+ description
+ "The type of the interface.
+
+ When an interface entry is created, a server MAY
+ initialize the type leaf with a valid value, e.g., if it
+ is possible to derive the type from the name of the
+ interface.
+
+ If a client tries to set the type of an interface to a
+ value that can never be used by the system, e.g., if the
+ type is not supported or if the type does not match the
+ name of the interface, the server MUST reject the request.
+ A NETCONF server MUST reply with an rpc-error with the
+ error-tag 'invalid-value' in this case.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifType";
+ }
+
+ leaf enabled {
+ type boolean;
+ default "true";
+ description
+ "This leaf contains the configured, desired state of the
+ interface.
+
+ Systems that implement the IF-MIB use the value of this
+ leaf in the intended configuration to set
+ IF-MIB.ifAdminStatus to 'up' or 'down' after an ifEntry
+ has been initialized, as described in RFC 2863.
+
+ Changes in this leaf in the intended configuration are
+ reflected in ifAdminStatus.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifAdminStatus";
+ }
+
+ leaf link-up-down-trap-enable {
+ if-feature if-mib;
+ type enumeration {
+ enum enabled {
+ value 1;
+ description
+ "The device will generate linkUp/linkDown SNMP
+ notifications for this interface.";
+ }
+ enum disabled {
+ value 2;
+ description
+ "The device will not generate linkUp/linkDown SNMP
+ notifications for this interface.";
+ }
+ }
+ description
+ "Controls whether linkUp/linkDown SNMP notifications
+ should be generated for this interface.
+
+ If this node is not configured, the value 'enabled' is
+ operationally used by the server for interfaces that do
+ not operate on top of any other interface (i.e., there are
+ no 'lower-layer-if' entries), and 'disabled' otherwise.";
+ reference
+ "RFC 2863: The Interfaces Group MIB -
+ ifLinkUpDownTrapEnable";
+ }
+
+ leaf admin-status {
+ if-feature if-mib;
+ type enumeration {
+ enum up {
+ value 1;
+ description
+ "Ready to pass packets.";
+ }
+ enum down {
+ value 2;
+ description
+ "Not ready to pass packets and not in some test mode.";
+ }
+ enum testing {
+ value 3;
+ description
+ "In some test mode.";
+ }
+ }
+ config false;
+ mandatory true;
+ description
+ "The desired state of the interface.
+
+ This leaf has the same read semantics as ifAdminStatus.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifAdminStatus";
+ }
+
+ leaf oper-status {
+ type enumeration {
+ enum up {
+ value 1;
+ description
+ "Ready to pass packets.";
+ }
+ enum down {
+ value 2;
+
+ description
+ "The interface does not pass any packets.";
+ }
+ enum testing {
+ value 3;
+ description
+ "In some test mode. No operational packets can
+ be passed.";
+ }
+ enum unknown {
+ value 4;
+ description
+ "Status cannot be determined for some reason.";
+ }
+ enum dormant {
+ value 5;
+ description
+ "Waiting for some external event.";
+ }
+ enum not-present {
+ value 6;
+ description
+ "Some component (typically hardware) is missing.";
+ }
+ enum lower-layer-down {
+ value 7;
+ description
+ "Down due to state of lower-layer interface(s).";
+ }
+ }
+ config false;
+ mandatory true;
+ description
+ "The current operational state of the interface.
+
+ This leaf has the same semantics as ifOperStatus.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifOperStatus";
+ }
+
+ leaf last-change {
+ type yang:date-and-time;
+ config false;
+ description
+ "The time the interface entered its current operational
+ state. If the current state was entered prior to the
+ last re-initialization of the local network management
+ subsystem, then this node is not present.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifLastChange";
+ }
+
+ leaf if-index {
+ if-feature if-mib;
+ type int32 {
+ range "1..2147483647";
+ }
+ config false;
+ mandatory true;
+ description
+ "The ifIndex value for the ifEntry represented by this
+ interface.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifIndex";
+ }
+
+ leaf phys-address {
+ type yang:phys-address;
+ config false;
+ description
+ "The interface's address at its protocol sub-layer. For
+ example, for an 802.x interface, this object normally
+ contains a Media Access Control (MAC) address. The
+ interface's media-specific modules must define the bit
+ and byte ordering and the format of the value of this
+ object. For interfaces that do not have such an address
+ (e.g., a serial line), this node is not present.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifPhysAddress";
+ }
+
+ leaf-list higher-layer-if {
+ type interface-ref;
+ config false;
+ description
+ "A list of references to interfaces layered on top of this
+ interface.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifStackTable";
+ }
+
+ leaf-list lower-layer-if {
+ type interface-ref;
+ config false;
+
+ description
+ "A list of references to interfaces layered underneath this
+ interface.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifStackTable";
+ }
+
+ leaf speed {
+ type yang:gauge64;
+ units "bits/second";
+ config false;
+ description
+ "An estimate of the interface's current bandwidth in bits
+ per second. For interfaces that do not vary in
+ bandwidth or for those where no accurate estimation can
+ be made, this node should contain the nominal bandwidth.
+ For interfaces that have no concept of bandwidth, this
+ node is not present.";
+ reference
+ "RFC 2863: The Interfaces Group MIB -
+ ifSpeed, ifHighSpeed";
+ }
+
+ container statistics {
+ config false;
+ description
+ "A collection of interface-related statistics objects.";
+
+ leaf discontinuity-time {
+ type yang:date-and-time;
+ mandatory true;
+ description
+ "The time on the most recent occasion at which any one or
+ more of this interface's counters suffered a
+ discontinuity. If no such discontinuities have occurred
+ since the last re-initialization of the local management
+ subsystem, then this node contains the time the local
+ management subsystem re-initialized itself.";
+ }
+
+ leaf in-octets {
+ type yang:counter64;
+ description
+ "The total number of octets received on the interface,
+ including framing characters.
+
+ Discontinuities in the value of this counter can occur
+ at re-initialization of the management system and at
+ other times as indicated by the value of
+ 'discontinuity-time'.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifHCInOctets";
+ }
+
+ leaf in-unicast-pkts {
+ type yang:counter64;
+ description
+ "The number of packets, delivered by this sub-layer to a
+ higher (sub-)layer, that were not addressed to a
+ multicast or broadcast address at this sub-layer.
+
+ Discontinuities in the value of this counter can occur
+ at re-initialization of the management system and at
+ other times as indicated by the value of
+ 'discontinuity-time'.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifHCInUcastPkts";
+ }
+
+ leaf in-broadcast-pkts {
+ type yang:counter64;
+ description
+ "The number of packets, delivered by this sub-layer to a
+ higher (sub-)layer, that were addressed to a broadcast
+ address at this sub-layer.
+
+ Discontinuities in the value of this counter can occur
+ at re-initialization of the management system and at
+ other times as indicated by the value of
+ 'discontinuity-time'.";
+ reference
+ "RFC 2863: The Interfaces Group MIB -
+ ifHCInBroadcastPkts";
+ }
+
+ leaf in-multicast-pkts {
+ type yang:counter64;
+ description
+ "The number of packets, delivered by this sub-layer to a
+ higher (sub-)layer, that were addressed to a multicast
+ address at this sub-layer. For a MAC-layer protocol,
+ this includes both Group and Functional addresses.
+
+ Discontinuities in the value of this counter can occur
+ at re-initialization of the management system and at
+ other times as indicated by the value of
+ 'discontinuity-time'.";
+ reference
+ "RFC 2863: The Interfaces Group MIB -
+ ifHCInMulticastPkts";
+ }
+
+ leaf in-discards {
+ type yang:counter32;
+ description
+ "The number of inbound packets that were chosen to be
+ discarded even though no errors had been detected to
+ prevent their being deliverable to a higher-layer
+ protocol. One possible reason for discarding such a
+ packet could be to free up buffer space.
+
+ Discontinuities in the value of this counter can occur
+ at re-initialization of the management system and at
+ other times as indicated by the value of
+ 'discontinuity-time'.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifInDiscards";
+ }
+
+ leaf in-errors {
+ type yang:counter32;
+ description
+ "For packet-oriented interfaces, the number of inbound
+ packets that contained errors preventing them from being
+ deliverable to a higher-layer protocol. For character-
+ oriented or fixed-length interfaces, the number of
+ inbound transmission units that contained errors
+ preventing them from being deliverable to a higher-layer
+ protocol.
+
+ Discontinuities in the value of this counter can occur
+ at re-initialization of the management system and at
+ other times as indicated by the value of
+ 'discontinuity-time'.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifInErrors";
+ }
+
+ leaf in-unknown-protos {
+ type yang:counter32;
+
+ description
+ "For packet-oriented interfaces, the number of packets
+ received via the interface that were discarded because
+ of an unknown or unsupported protocol. For
+ character-oriented or fixed-length interfaces that
+ support protocol multiplexing, the number of
+ transmission units received via the interface that were
+ discarded because of an unknown or unsupported protocol.
+ For any interface that does not support protocol
+ multiplexing, this counter is not present.
+
+ Discontinuities in the value of this counter can occur
+ at re-initialization of the management system and at
+ other times as indicated by the value of
+ 'discontinuity-time'.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifInUnknownProtos";
+ }
+
+ leaf out-octets {
+ type yang:counter64;
+ description
+ "The total number of octets transmitted out of the
+ interface, including framing characters.
+
+ Discontinuities in the value of this counter can occur
+ at re-initialization of the management system and at
+ other times as indicated by the value of
+ 'discontinuity-time'.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifHCOutOctets";
+ }
+
+ leaf out-unicast-pkts {
+ type yang:counter64;
+ description
+ "The total number of packets that higher-level protocols
+ requested be transmitted and that were not addressed
+ to a multicast or broadcast address at this sub-layer,
+ including those that were discarded or not sent.
+
+ Discontinuities in the value of this counter can occur
+ at re-initialization of the management system and at
+ other times as indicated by the value of
+ 'discontinuity-time'.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifHCOutUcastPkts";
+ }
+
+ leaf out-broadcast-pkts {
+ type yang:counter64;
+ description
+ "The total number of packets that higher-level protocols
+ requested be transmitted and that were addressed to a
+ broadcast address at this sub-layer, including those
+ that were discarded or not sent.
+
+ Discontinuities in the value of this counter can occur
+ at re-initialization of the management system and at
+ other times as indicated by the value of
+ 'discontinuity-time'.";
+ reference
+ "RFC 2863: The Interfaces Group MIB -
+ ifHCOutBroadcastPkts";
+ }
+
+ leaf out-multicast-pkts {
+ type yang:counter64;
+ description
+ "The total number of packets that higher-level protocols
+ requested be transmitted and that were addressed to a
+ multicast address at this sub-layer, including those
+ that were discarded or not sent. For a MAC-layer
+ protocol, this includes both Group and Functional
+ addresses.
+
+ Discontinuities in the value of this counter can occur
+ at re-initialization of the management system and at
+ other times as indicated by the value of
+ 'discontinuity-time'.";
+ reference
+ "RFC 2863: The Interfaces Group MIB -
+ ifHCOutMulticastPkts";
+ }
+
+ leaf out-discards {
+ type yang:counter32;
+ description
+ "The number of outbound packets that were chosen to be
+ discarded even though no errors had been detected to
+ prevent their being transmitted. One possible reason
+ for discarding such a packet could be to free up buffer
+ space.
+
+ Discontinuities in the value of this counter can occur
+ at re-initialization of the management system and at
+ other times as indicated by the value of
+ 'discontinuity-time'.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifOutDiscards";
+ }
+
+ leaf out-errors {
+ type yang:counter32;
+ description
+ "For packet-oriented interfaces, the number of outbound
+ packets that could not be transmitted because of errors.
+ For character-oriented or fixed-length interfaces, the
+ number of outbound transmission units that could not be
+ transmitted because of errors.
+
+ Discontinuities in the value of this counter can occur
+ at re-initialization of the management system and at
+ other times as indicated by the value of
+ 'discontinuity-time'.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifOutErrors";
+ }
+ }
+
+ }
+ }
+
+ /*
+ * Legacy typedefs
+ */
+
+ typedef interface-state-ref {
+ type leafref {
+ path "/if:interfaces-state/if:interface/if:name";
+ }
+ status deprecated;
+ description
+ "This type is used by data models that need to reference
+ the operationally present interfaces.";
+ }
+
+ /*
+ * Legacy operational state data nodes
+ */
+
+ container interfaces-state {
+ config false;
+ status deprecated;
+ description
+ "Data nodes for the operational state of interfaces.";
+
+ list interface {
+ key "name";
+ status deprecated;
+
+ description
+ "The list of interfaces on the device.
+
+ System-controlled interfaces created by the system are
+ always present in this list, whether or not they are
+ configured.";
+
+ leaf name {
+ type string;
+ status deprecated;
+ description
+ "The name of the interface.
+
+ A server implementation MAY map this leaf to the ifName
+ MIB object. Such an implementation needs to use some
+ mechanism to handle the differences in size and characters
+ allowed between this leaf and ifName. The definition of
+ such a mechanism is outside the scope of this document.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifName";
+ }
+
+ leaf type {
+ type identityref {
+ base interface-type;
+ }
+ mandatory true;
+ status deprecated;
+ description
+ "The type of the interface.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifType";
+ }
+
+ leaf admin-status {
+ if-feature if-mib;
+ type enumeration {
+ enum up {
+ value 1;
+ description
+ "Ready to pass packets.";
+ }
+ enum down {
+ value 2;
+ description
+ "Not ready to pass packets and not in some test mode.";
+ }
+ enum testing {
+ value 3;
+ description
+ "In some test mode.";
+ }
+ }
+ mandatory true;
+ status deprecated;
+ description
+ "The desired state of the interface.
+
+ This leaf has the same read semantics as ifAdminStatus.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifAdminStatus";
+ }
+
+ leaf oper-status {
+ type enumeration {
+ enum up {
+ value 1;
+ description
+ "Ready to pass packets.";
+ }
+ enum down {
+ value 2;
+ description
+ "The interface does not pass any packets.";
+ }
+ enum testing {
+ value 3;
+ description
+ "In some test mode. No operational packets can
+ be passed.";
+ }
+ enum unknown {
+ value 4;
+ description
+ "Status cannot be determined for some reason.";
+ }
+ enum dormant {
+ value 5;
+ description
+ "Waiting for some external event.";
+ }
+ enum not-present {
+ value 6;
+ description
+ "Some component (typically hardware) is missing.";
+ }
+ enum lower-layer-down {
+ value 7;
+ description
+ "Down due to state of lower-layer interface(s).";
+ }
+ }
+ mandatory true;
+ status deprecated;
+ description
+ "The current operational state of the interface.
+
+ This leaf has the same semantics as ifOperStatus.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifOperStatus";
+ }
+
+ leaf last-change {
+ type yang:date-and-time;
+ status deprecated;
+ description
+ "The time the interface entered its current operational
+ state. If the current state was entered prior to the
+ last re-initialization of the local network management
+ subsystem, then this node is not present.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifLastChange";
+ }
+
+ leaf if-index {
+ if-feature if-mib;
+ type int32 {
+ range "1..2147483647";
+ }
+ mandatory true;
+ status deprecated;
+ description
+ "The ifIndex value for the ifEntry represented by this
+ interface.";
+
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifIndex";
+ }
+
+ leaf phys-address {
+ type yang:phys-address;
+ status deprecated;
+ description
+ "The interface's address at its protocol sub-layer. For
+ example, for an 802.x interface, this object normally
+ contains a Media Access Control (MAC) address. The
+ interface's media-specific modules must define the bit
+ and byte ordering and the format of the value of this
+ object. For interfaces that do not have such an address
+ (e.g., a serial line), this node is not present.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifPhysAddress";
+ }
+
+ leaf-list higher-layer-if {
+ type interface-state-ref;
+ status deprecated;
+ description
+ "A list of references to interfaces layered on top of this
+ interface.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifStackTable";
+ }
+
+ leaf-list lower-layer-if {
+ type interface-state-ref;
+ status deprecated;
+ description
+ "A list of references to interfaces layered underneath this
+ interface.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifStackTable";
+ }
+
+ leaf speed {
+ type yang:gauge64;
+ units "bits/second";
+ status deprecated;
+ description
+ "An estimate of the interface's current bandwidth in bits
+ per second. For interfaces that do not vary in
+ bandwidth or for those where no accurate estimation can
+
+ be made, this node should contain the nominal bandwidth.
+ For interfaces that have no concept of bandwidth, this
+ node is not present.";
+ reference
+ "RFC 2863: The Interfaces Group MIB -
+ ifSpeed, ifHighSpeed";
+ }
+
+ container statistics {
+ status deprecated;
+ description
+ "A collection of interface-related statistics objects.";
+
+ leaf discontinuity-time {
+ type yang:date-and-time;
+ mandatory true;
+ status deprecated;
+ description
+ "The time on the most recent occasion at which any one or
+ more of this interface's counters suffered a
+ discontinuity. If no such discontinuities have occurred
+ since the last re-initialization of the local management
+ subsystem, then this node contains the time the local
+ management subsystem re-initialized itself.";
+ }
+
+ leaf in-octets {
+ type yang:counter64;
+ status deprecated;
+ description
+ "The total number of octets received on the interface,
+ including framing characters.
+
+ Discontinuities in the value of this counter can occur
+ at re-initialization of the management system and at
+ other times as indicated by the value of
+ 'discontinuity-time'.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifHCInOctets";
+ }
+
+ leaf in-unicast-pkts {
+ type yang:counter64;
+ status deprecated;
+ description
+ "The number of packets, delivered by this sub-layer to a
+ higher (sub-)layer, that were not addressed to a
+ multicast or broadcast address at this sub-layer.
+ Discontinuities in the value of this counter can occur
+ at re-initialization of the management system and at
+ other times as indicated by the value of
+ 'discontinuity-time'.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifHCInUcastPkts";
+ }
+
+ leaf in-broadcast-pkts {
+ type yang:counter64;
+ status deprecated;
+ description
+ "The number of packets, delivered by this sub-layer to a
+ higher (sub-)layer, that were addressed to a broadcast
+ address at this sub-layer.
+
+ Discontinuities in the value of this counter can occur
+ at re-initialization of the management system and at
+ other times as indicated by the value of
+ 'discontinuity-time'.";
+ reference
+ "RFC 2863: The Interfaces Group MIB -
+ ifHCInBroadcastPkts";
+ }
+
+ leaf in-multicast-pkts {
+ type yang:counter64;
+ status deprecated;
+ description
+ "The number of packets, delivered by this sub-layer to a
+ higher (sub-)layer, that were addressed to a multicast
+ address at this sub-layer. For a MAC-layer protocol,
+ this includes both Group and Functional addresses.
+
+ Discontinuities in the value of this counter can occur
+ at re-initialization of the management system and at
+ other times as indicated by the value of
+ 'discontinuity-time'.";
+ reference
+ "RFC 2863: The Interfaces Group MIB -
+ ifHCInMulticastPkts";
+ }
+
+ leaf in-discards {
+ type yang:counter32;
+ status deprecated;
+
+ description
+ "The number of inbound packets that were chosen to be
+ discarded even though no errors had been detected to
+ prevent their being deliverable to a higher-layer
+ protocol. One possible reason for discarding such a
+ packet could be to free up buffer space.
+
+ Discontinuities in the value of this counter can occur
+ at re-initialization of the management system and at
+ other times as indicated by the value of
+ 'discontinuity-time'.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifInDiscards";
+ }
+
+ leaf in-errors {
+ type yang:counter32;
+ status deprecated;
+ description
+ "For packet-oriented interfaces, the number of inbound
+ packets that contained errors preventing them from being
+ deliverable to a higher-layer protocol. For character-
+ oriented or fixed-length interfaces, the number of
+ inbound transmission units that contained errors
+ preventing them from being deliverable to a higher-layer
+ protocol.
+
+ Discontinuities in the value of this counter can occur
+ at re-initialization of the management system and at
+ other times as indicated by the value of
+ 'discontinuity-time'.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifInErrors";
+ }
+
+ leaf in-unknown-protos {
+ type yang:counter32;
+ status deprecated;
+ description
+ "For packet-oriented interfaces, the number of packets
+ received via the interface that were discarded because
+ of an unknown or unsupported protocol. For
+ character-oriented or fixed-length interfaces that
+ support protocol multiplexing, the number of
+ transmission units received via the interface that were
+ discarded because of an unknown or unsupported protocol.
+ For any interface that does not support protocol
+ multiplexing, this counter is not present.
+ Discontinuities in the value of this counter can occur
+ at re-initialization of the management system and at
+ other times as indicated by the value of
+ 'discontinuity-time'.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifInUnknownProtos";
+ }
+
+ leaf out-octets {
+ type yang:counter64;
+ status deprecated;
+ description
+ "The total number of octets transmitted out of the
+ interface, including framing characters.
+
+ Discontinuities in the value of this counter can occur
+ at re-initialization of the management system and at
+ other times as indicated by the value of
+ 'discontinuity-time'.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifHCOutOctets";
+ }
+
+ leaf out-unicast-pkts {
+ type yang:counter64;
+ status deprecated;
+ description
+ "The total number of packets that higher-level protocols
+ requested be transmitted and that were not addressed
+ to a multicast or broadcast address at this sub-layer,
+ including those that were discarded or not sent.
+
+ Discontinuities in the value of this counter can occur
+ at re-initialization of the management system and at
+ other times as indicated by the value of
+ 'discontinuity-time'.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifHCOutUcastPkts";
+ }
+
+ leaf out-broadcast-pkts {
+ type yang:counter64;
+ status deprecated;
+
+ description
+ "The total number of packets that higher-level protocols
+ requested be transmitted and that were addressed to a
+ broadcast address at this sub-layer, including those
+ that were discarded or not sent.
+
+ Discontinuities in the value of this counter can occur
+ at re-initialization of the management system and at
+ other times as indicated by the value of
+ 'discontinuity-time'.";
+ reference
+ "RFC 2863: The Interfaces Group MIB -
+ ifHCOutBroadcastPkts";
+ }
+
+ leaf out-multicast-pkts {
+ type yang:counter64;
+ status deprecated;
+ description
+ "The total number of packets that higher-level protocols
+ requested be transmitted and that were addressed to a
+ multicast address at this sub-layer, including those
+ that were discarded or not sent. For a MAC-layer
+ protocol, this includes both Group and Functional
+ addresses.
+
+ Discontinuities in the value of this counter can occur
+ at re-initialization of the management system and at
+ other times as indicated by the value of
+ 'discontinuity-time'.";
+ reference
+ "RFC 2863: The Interfaces Group MIB -
+ ifHCOutMulticastPkts";
+ }
+
+ leaf out-discards {
+ type yang:counter32;
+ status deprecated;
+ description
+ "The number of outbound packets that were chosen to be
+ discarded even though no errors had been detected to
+ prevent their being transmitted. One possible reason
+ for discarding such a packet could be to free up buffer
+ space.
+
+ Discontinuities in the value of this counter can occur
+ at re-initialization of the management system and at
+ other times as indicated by the value of
+ 'discontinuity-time'.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifOutDiscards";
+ }
+
+ leaf out-errors {
+ type yang:counter32;
+ status deprecated;
+ description
+ "For packet-oriented interfaces, the number of outbound
+ packets that could not be transmitted because of errors.
+ For character-oriented or fixed-length interfaces, the
+ number of outbound transmission units that could not be
+ transmitted because of errors.
+
+ Discontinuities in the value of this counter can occur
+ at re-initialization of the management system and at
+ other times as indicated by the value of
+ 'discontinuity-time'.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifOutErrors";
+ }
+ }
+ }
+ }
+}
diff --git a/yangkit-examples/src/main/resources/App5/interfaces/ietf-yang-types@2013-07-15.yang b/yangkit-examples/src/main/resources/App5/interfaces/ietf-yang-types@2013-07-15.yang
new file mode 100644
index 00000000..ee58fa3a
--- /dev/null
+++ b/yangkit-examples/src/main/resources/App5/interfaces/ietf-yang-types@2013-07-15.yang
@@ -0,0 +1,474 @@
+module ietf-yang-types {
+
+ namespace "urn:ietf:params:xml:ns:yang:ietf-yang-types";
+ prefix "yang";
+
+ organization
+ "IETF NETMOD (NETCONF Data Modeling Language) Working Group";
+
+ contact
+ "WG Web:
+ WG List:
+
+ WG Chair: David Kessens
+
+
+ WG Chair: Juergen Schoenwaelder
+
+
+ Editor: Juergen Schoenwaelder
+ ";
+
+ description
+ "This module contains a collection of generally useful derived
+ YANG data types.
+
+ Copyright (c) 2013 IETF Trust and the persons identified as
+ authors of the code. All rights reserved.
+
+ Redistribution and use in source and binary forms, with or
+ without modification, is permitted pursuant to, and subject
+ to the license terms contained in, the Simplified BSD License
+ set forth in Section 4.c of the IETF Trust's Legal Provisions
+ Relating to IETF Documents
+ (http://trustee.ietf.org/license-info).
+
+ This version of this YANG module is part of RFC 6991; see
+ the RFC itself for full legal notices.";
+
+ revision 2013-07-15 {
+ description
+ "This revision adds the following new data types:
+ - yang-identifier
+ - hex-string
+ - uuid
+ - dotted-quad";
+ reference
+ "RFC 6991: Common YANG Data Types";
+ }
+
+ revision 2010-09-24 {
+ description
+ "Initial revision.";
+ reference
+ "RFC 6021: Common YANG Data Types";
+ }
+
+ /*** collection of counter and gauge types ***/
+
+ typedef counter32 {
+ type uint32;
+ description
+ "The counter32 type represents a non-negative integer
+ that monotonically increases until it reaches a
+ maximum value of 2^32-1 (4294967295 decimal), when it
+ wraps around and starts increasing again from zero.
+
+ Counters have no defined 'initial' value, and thus, a
+ single value of a counter has (in general) no information
+ content. Discontinuities in the monotonically increasing
+ value normally occur at re-initialization of the
+ management system, and at other times as specified in the
+ description of a schema node using this type. If such
+ other times can occur, for example, the creation of
+ a schema node of type counter32 at times other than
+ re-initialization, then a corresponding schema node
+ should be defined, with an appropriate type, to indicate
+ the last discontinuity.
+
+ The counter32 type should not be used for configuration
+ schema nodes. A default statement SHOULD NOT be used in
+ combination with the type counter32.
+
+ In the value set and its semantics, this type is equivalent
+ to the Counter32 type of the SMIv2.";
+ reference
+ "RFC 2578: Structure of Management Information Version 2
+ (SMIv2)";
+ }
+
+ typedef zero-based-counter32 {
+ type yang:counter32;
+ default "0";
+ description
+ "The zero-based-counter32 type represents a counter32
+ that has the defined 'initial' value zero.
+
+ A schema node of this type will be set to zero (0) on creation
+ and will thereafter increase monotonically until it reaches
+ a maximum value of 2^32-1 (4294967295 decimal), when it
+ wraps around and starts increasing again from zero.
+
+ Provided that an application discovers a new schema node
+ of this type within the minimum time to wrap, it can use the
+ 'initial' value as a delta. It is important for a management
+ station to be aware of this minimum time and the actual time
+ between polls, and to discard data if the actual time is too
+ long or there is no defined minimum time.
+
+ In the value set and its semantics, this type is equivalent
+ to the ZeroBasedCounter32 textual convention of the SMIv2.";
+ reference
+ "RFC 4502: Remote Network Monitoring Management Information
+ Base Version 2";
+ }
+
+ typedef counter64 {
+ type uint64;
+ description
+ "The counter64 type represents a non-negative integer
+ that monotonically increases until it reaches a
+ maximum value of 2^64-1 (18446744073709551615 decimal),
+ when it wraps around and starts increasing again from zero.
+
+ Counters have no defined 'initial' value, and thus, a
+ single value of a counter has (in general) no information
+ content. Discontinuities in the monotonically increasing
+ value normally occur at re-initialization of the
+ management system, and at other times as specified in the
+ description of a schema node using this type. If such
+ other times can occur, for example, the creation of
+ a schema node of type counter64 at times other than
+ re-initialization, then a corresponding schema node
+ should be defined, with an appropriate type, to indicate
+ the last discontinuity.
+
+ The counter64 type should not be used for configuration
+ schema nodes. A default statement SHOULD NOT be used in
+ combination with the type counter64.
+
+ In the value set and its semantics, this type is equivalent
+ to the Counter64 type of the SMIv2.";
+ reference
+ "RFC 2578: Structure of Management Information Version 2
+ (SMIv2)";
+ }
+
+ typedef zero-based-counter64 {
+ type yang:counter64;
+ default "0";
+ description
+ "The zero-based-counter64 type represents a counter64 that
+ has the defined 'initial' value zero.
+
+ A schema node of this type will be set to zero (0) on creation
+ and will thereafter increase monotonically until it reaches
+ a maximum value of 2^64-1 (18446744073709551615 decimal),
+ when it wraps around and starts increasing again from zero.
+
+ Provided that an application discovers a new schema node
+ of this type within the minimum time to wrap, it can use the
+ 'initial' value as a delta. It is important for a management
+ station to be aware of this minimum time and the actual time
+ between polls, and to discard data if the actual time is too
+ long or there is no defined minimum time.
+
+ In the value set and its semantics, this type is equivalent
+ to the ZeroBasedCounter64 textual convention of the SMIv2.";
+ reference
+ "RFC 2856: Textual Conventions for Additional High Capacity
+ Data Types";
+ }
+
+ typedef gauge32 {
+ type uint32;
+ description
+ "The gauge32 type represents a non-negative integer, which
+ may increase or decrease, but shall never exceed a maximum
+ value, nor fall below a minimum value. The maximum value
+ cannot be greater than 2^32-1 (4294967295 decimal), and
+ the minimum value cannot be smaller than 0. The value of
+ a gauge32 has its maximum value whenever the information
+ being modeled is greater than or equal to its maximum
+ value, and has its minimum value whenever the information
+ being modeled is smaller than or equal to its minimum value.
+ If the information being modeled subsequently decreases
+ below (increases above) the maximum (minimum) value, the
+ gauge32 also decreases (increases).
+
+ In the value set and its semantics, this type is equivalent
+ to the Gauge32 type of the SMIv2.";
+ reference
+ "RFC 2578: Structure of Management Information Version 2
+ (SMIv2)";
+ }
+
+ typedef gauge64 {
+ type uint64;
+ description
+ "The gauge64 type represents a non-negative integer, which
+ may increase or decrease, but shall never exceed a maximum
+ value, nor fall below a minimum value. The maximum value
+ cannot be greater than 2^64-1 (18446744073709551615), and
+ the minimum value cannot be smaller than 0. The value of
+ a gauge64 has its maximum value whenever the information
+ being modeled is greater than or equal to its maximum
+ value, and has its minimum value whenever the information
+ being modeled is smaller than or equal to its minimum value.
+ If the information being modeled subsequently decreases
+ below (increases above) the maximum (minimum) value, the
+ gauge64 also decreases (increases).
+
+ In the value set and its semantics, this type is equivalent
+ to the CounterBasedGauge64 SMIv2 textual convention defined
+ in RFC 2856";
+ reference
+ "RFC 2856: Textual Conventions for Additional High Capacity
+ Data Types";
+ }
+
+ /*** collection of identifier-related types ***/
+
+ typedef object-identifier {
+ type string {
+ pattern '(([0-1](\.[1-3]?[0-9]))|(2\.(0|([1-9]\d*))))'
+ + '(\.(0|([1-9]\d*)))*';
+ }
+ description
+ "The object-identifier type represents administratively
+ assigned names in a registration-hierarchical-name tree.
+
+ Values of this type are denoted as a sequence of numerical
+ non-negative sub-identifier values. Each sub-identifier
+ value MUST NOT exceed 2^32-1 (4294967295). Sub-identifiers
+ are separated by single dots and without any intermediate
+ whitespace.
+
+ The ASN.1 standard restricts the value space of the first
+ sub-identifier to 0, 1, or 2. Furthermore, the value space
+ of the second sub-identifier is restricted to the range
+ 0 to 39 if the first sub-identifier is 0 or 1. Finally,
+ the ASN.1 standard requires that an object identifier
+ has always at least two sub-identifiers. The pattern
+ captures these restrictions.
+
+ Although the number of sub-identifiers is not limited,
+ module designers should realize that there may be
+ implementations that stick with the SMIv2 limit of 128
+ sub-identifiers.
+
+ This type is a superset of the SMIv2 OBJECT IDENTIFIER type
+ since it is not restricted to 128 sub-identifiers. Hence,
+ this type SHOULD NOT be used to represent the SMIv2 OBJECT
+ IDENTIFIER type; the object-identifier-128 type SHOULD be
+ used instead.";
+ reference
+ "ISO9834-1: Information technology -- Open Systems
+ Interconnection -- Procedures for the operation of OSI
+ Registration Authorities: General procedures and top
+ arcs of the ASN.1 Object Identifier tree";
+ }
+
+ typedef object-identifier-128 {
+ type object-identifier {
+ pattern '\d*(\.\d*){1,127}';
+ }
+ description
+ "This type represents object-identifiers restricted to 128
+ sub-identifiers.
+
+ In the value set and its semantics, this type is equivalent
+ to the OBJECT IDENTIFIER type of the SMIv2.";
+ reference
+ "RFC 2578: Structure of Management Information Version 2
+ (SMIv2)";
+ }
+
+ typedef yang-identifier {
+ type string {
+ length "1..max";
+ pattern '[a-zA-Z_][a-zA-Z0-9\-_.]*';
+ pattern '.|..|[^xX].*|.[^mM].*|..[^lL].*';
+ }
+ description
+ "A YANG identifier string as defined by the 'identifier'
+ rule in Section 12 of RFC 6020. An identifier must
+ start with an alphabetic character or an underscore
+ followed by an arbitrary sequence of alphabetic or
+ numeric characters, underscores, hyphens, or dots.
+
+ A YANG identifier MUST NOT start with any possible
+ combination of the lowercase or uppercase character
+ sequence 'xml'.";
+ reference
+ "RFC 6020: YANG - A Data Modeling Language for the Network
+ Configuration Protocol (NETCONF)";
+ }
+
+ /*** collection of types related to date and time***/
+
+ typedef date-and-time {
+ type string {
+ pattern '\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}(\.\d+)?'
+ + '(Z|[\+\-]\d{2}:\d{2})';
+ }
+ description
+ "The date-and-time type is a profile of the ISO 8601
+ standard for representation of dates and times using the
+ Gregorian calendar. The profile is defined by the
+ date-time production in Section 5.6 of RFC 3339.
+
+ The date-and-time type is compatible with the dateTime XML
+ schema type with the following notable exceptions:
+
+ (a) The date-and-time type does not allow negative years.
+
+ (b) The date-and-time time-offset -00:00 indicates an unknown
+ time zone (see RFC 3339) while -00:00 and +00:00 and Z
+ all represent the same time zone in dateTime.
+
+ (c) The canonical format (see below) of data-and-time values
+ differs from the canonical format used by the dateTime XML
+ schema type, which requires all times to be in UTC using
+ the time-offset 'Z'.
+
+ This type is not equivalent to the DateAndTime textual
+ convention of the SMIv2 since RFC 3339 uses a different
+ separator between full-date and full-time and provides
+ higher resolution of time-secfrac.
+
+ The canonical format for date-and-time values with a known time
+ zone uses a numeric time zone offset that is calculated using
+ the device's configured known offset to UTC time. A change of
+ the device's offset to UTC time will cause date-and-time values
+ to change accordingly. Such changes might happen periodically
+ in case a server follows automatically daylight saving time
+ (DST) time zone offset changes. The canonical format for
+ date-and-time values with an unknown time zone (usually
+ referring to the notion of local time) uses the time-offset
+ -00:00.";
+ reference
+ "RFC 3339: Date and Time on the Internet: Timestamps
+ RFC 2579: Textual Conventions for SMIv2
+ XSD-TYPES: XML Schema Part 2: Datatypes Second Edition";
+ }
+
+ typedef timeticks {
+ type uint32;
+ description
+ "The timeticks type represents a non-negative integer that
+ represents the time, modulo 2^32 (4294967296 decimal), in
+ hundredths of a second between two epochs. When a schema
+ node is defined that uses this type, the description of
+ the schema node identifies both of the reference epochs.
+
+ In the value set and its semantics, this type is equivalent
+ to the TimeTicks type of the SMIv2.";
+ reference
+ "RFC 2578: Structure of Management Information Version 2
+ (SMIv2)";
+ }
+
+ typedef timestamp {
+ type yang:timeticks;
+ description
+ "The timestamp type represents the value of an associated
+ timeticks schema node at which a specific occurrence
+ happened. The specific occurrence must be defined in the
+ description of any schema node defined using this type. When
+ the specific occurrence occurred prior to the last time the
+ associated timeticks attribute was zero, then the timestamp
+ value is zero. Note that this requires all timestamp values
+ to be reset to zero when the value of the associated timeticks
+ attribute reaches 497+ days and wraps around to zero.
+
+ The associated timeticks schema node must be specified
+ in the description of any schema node using this type.
+
+ In the value set and its semantics, this type is equivalent
+ to the TimeStamp textual convention of the SMIv2.";
+ reference
+ "RFC 2579: Textual Conventions for SMIv2";
+ }
+
+ /*** collection of generic address types ***/
+
+ typedef phys-address {
+ type string {
+ pattern '([0-9a-fA-F]{2}(:[0-9a-fA-F]{2})*)?';
+ }
+
+ description
+ "Represents media- or physical-level addresses represented
+ as a sequence octets, each octet represented by two hexadecimal
+ numbers. Octets are separated by colons. The canonical
+ representation uses lowercase characters.
+
+ In the value set and its semantics, this type is equivalent
+ to the PhysAddress textual convention of the SMIv2.";
+ reference
+ "RFC 2579: Textual Conventions for SMIv2";
+ }
+
+ typedef mac-address {
+ type string {
+ pattern '[0-9a-fA-F]{2}(:[0-9a-fA-F]{2}){5}';
+ }
+ description
+ "The mac-address type represents an IEEE 802 MAC address.
+ The canonical representation uses lowercase characters.
+
+ In the value set and its semantics, this type is equivalent
+ to the MacAddress textual convention of the SMIv2.";
+ reference
+ "IEEE 802: IEEE Standard for Local and Metropolitan Area
+ Networks: Overview and Architecture
+ RFC 2579: Textual Conventions for SMIv2";
+ }
+
+ /*** collection of XML-specific types ***/
+
+ typedef xpath1.0 {
+ type string;
+ description
+ "This type represents an XPATH 1.0 expression.
+
+ When a schema node is defined that uses this type, the
+ description of the schema node MUST specify the XPath
+ context in which the XPath expression is evaluated.";
+ reference
+ "XPATH: XML Path Language (XPath) Version 1.0";
+ }
+
+ /*** collection of string types ***/
+
+ typedef hex-string {
+ type string {
+ pattern '([0-9a-fA-F]{2}(:[0-9a-fA-F]{2})*)?';
+ }
+ description
+ "A hexadecimal string with octets represented as hex digits
+ separated by colons. The canonical representation uses
+ lowercase characters.";
+ }
+
+ typedef uuid {
+ type string {
+ pattern '[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-'
+ + '[0-9a-fA-F]{4}-[0-9a-fA-F]{12}';
+ }
+ description
+ "A Universally Unique IDentifier in the string representation
+ defined in RFC 4122. The canonical representation uses
+ lowercase characters.
+
+ The following is an example of a UUID in string representation:
+ f81d4fae-7dec-11d0-a765-00a0c91e6bf6
+ ";
+ reference
+ "RFC 4122: A Universally Unique IDentifier (UUID) URN
+ Namespace";
+ }
+
+ typedef dotted-quad {
+ type string {
+ pattern
+ '(([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}'
+ + '([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])';
+ }
+ description
+ "An unsigned 32-bit number expressed in the dotted-quad
+ notation, i.e., four octets written as decimal numbers
+ and separated with the '.' (full stop) character.";
+ }
+}
diff --git a/yangkit-examples/src/main/resources/App5/json/interface.json b/yangkit-examples/src/main/resources/App5/json/interface.json
new file mode 100644
index 00000000..89d7e9ad
--- /dev/null
+++ b/yangkit-examples/src/main/resources/App5/json/interface.json
@@ -0,0 +1,16 @@
+{
+ "data": {
+ "ietf-interfaces:interfaces": {
+ "interface": [{
+ "name": "eth0",
+ "type": "iana-if-type:ethernetCsmacd",
+ "if-index": 1,
+ "admin-status": "up",
+ "oper-status": "up",
+ "statistics": {
+ "discontinuity-time": "2014-07-29T13:43:12Z"
+ }
+ }]
+ }
+ }
+}
diff --git a/yangkit-examples/src/main/resources/App6/json/telemetry-msg.json b/yangkit-examples/src/main/resources/App6/json/telemetry-msg.json
new file mode 100644
index 00000000..4c2edc83
--- /dev/null
+++ b/yangkit-examples/src/main/resources/App6/json/telemetry-msg.json
@@ -0,0 +1,61 @@
+{
+ "ietf-telemetry-message:message": {
+ "timestamp": "2024-02-14T12:10:10.12+01:00",
+ "session-protocol": "yp-push",
+ "network-node-manifest": {
+ "name": "pe1",
+ "vendor": "open source",
+ "software-version": "1.1.2"
+ },
+ "data-collection-manifest": {
+ "name": "collector-1",
+ "vendor": "open source",
+ "software-version": "2.1.0"
+ },
+ "telemetry-message-metadata": {
+ "event-time": "2024-02-14T12:10:10.10+01:00",
+ "ietf-yang-push-telemetry-message:yang-push-subscription": {
+ "id": 89,
+ "xpath-filter": "/ietf-interfaces:interfaces",
+ "datastore": "ietf-datastores:operational",
+ "transport": "ietf-udp-notif-transport:udp-notif",
+ "encoding": "ietf-subscribed-notifications:encode-json",
+ "module-version": [
+ {
+ "module-name": "ietf-interfaces",
+ "revision": "2018-02-20",
+ "revision-label": "2.0.0"
+ }
+ ],
+ "yang-library-content-id": "abc"
+ }
+ },
+ "data-collection-metadata": {
+ "remote-address": "192.168.1.100",
+ "remote-port": 123,
+ "local-address": "192.168.1.1",
+ "local-port": 9991,
+ "labels": [
+ {
+ "name": "platform-name",
+ "string-value": "name"
+ }
+ ]
+ },
+ "payload": {
+ "ietf-yang-push:push-update": {
+ "id": 89,
+ "datastore-contents": {
+ "ietf-interfaces:interfaces": {
+ "interface": [
+ {
+ "name": "eth0",
+ "oper-status": "down"
+ }
+ ]
+ }
+ }
+ }
+ }
+ }
+}
\ No newline at end of file
diff --git a/yangkit-examples/src/main/resources/App6/yangs/iana-tls-cipher-suite-algs@2024-10-16.yang b/yangkit-examples/src/main/resources/App6/yangs/iana-tls-cipher-suite-algs@2024-10-16.yang
new file mode 100644
index 00000000..31145128
--- /dev/null
+++ b/yangkit-examples/src/main/resources/App6/yangs/iana-tls-cipher-suite-algs@2024-10-16.yang
@@ -0,0 +1,3551 @@
+module iana-tls-cipher-suite-algs {
+ yang-version 1.1;
+ namespace "urn:ietf:params:xml:ns:yang:iana-tls-cipher-suite-algs";
+ prefix tlscsa;
+
+ organization
+ "Internet Assigned Numbers Authority (IANA)";
+
+ contact
+ "Postal: ICANN
+ 12025 Waterfront Drive, Suite 300
+ Los Angeles, CA 90094-2536
+ United States of America
+ Tel: +1 310 301 5800
+ Email: ";
+
+ description
+ "This module defines enumerations for the cipher suite
+ algorithms defined in the 'TLS Cipher Suites' registry
+ under the 'Transport Layer Security (TLS) Parameters'
+ registry group maintained by IANA.
+
+ Copyright (c) 2024 IETF Trust and the persons identified as
+ authors of the code. All rights reserved.
+
+ Redistribution and use in source and binary forms, with
+ or without modification, is permitted pursuant to, and
+ subject to the license terms contained in, the Revised
+ BSD License set forth in Section 4.c of the IETF Trust's
+ Legal Provisions Relating to IETF Documents
+ (https://trustee.ietf.org/license-info).
+
+ The initial version of this YANG module is part of RFC 9645
+ (https://www.rfc-editor.org/info/rfc9645); see the RFC
+ itself for full legal notices.
+
+ All versions of this module are published by IANA
+ (https://www.iana.org/assignments/yang-parameters).";
+
+ revision 2024-10-16 {
+ description
+ "This initial version of the module was created using
+ the script defined in RFC 9645 to reflect the contents
+ of the cipher-suite algorithms registry maintained by IANA.";
+ reference
+ "RFC 9645: YANG Groupings for TLS Clients and TLS Servers";
+ }
+
+ typedef tls-cipher-suite-algorithm {
+ type enumeration {
+ enum TLS_NULL_WITH_NULL_NULL {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_NULL_WITH_NULL_NULL' algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version
+ 1.2";
+ }
+ enum TLS_RSA_WITH_NULL_MD5 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_RSA_WITH_NULL_MD5' algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version
+ 1.2";
+ }
+ enum TLS_RSA_WITH_NULL_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_RSA_WITH_NULL_SHA' algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version
+ 1.2";
+ }
+ enum TLS_RSA_EXPORT_WITH_RC4_40_MD5 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_RSA_EXPORT_WITH_RC4_40_MD5'
+ algorithm.";
+ reference
+ "RFC 4346:
+ The Transport Layer Security (TLS) Protocol Version 1.1
+ RFC 6347:
+ Datagram Transport Layer Security Version 1.2";
+ }
+ enum TLS_RSA_WITH_RC4_128_MD5 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_RSA_WITH_RC4_128_MD5'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version 1.2
+ RFC 6347:
+ Datagram Transport Layer Security Version 1.2";
+ }
+ enum TLS_RSA_WITH_RC4_128_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_RSA_WITH_RC4_128_SHA'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version 1.2
+ RFC 6347:
+ Datagram Transport Layer Security Version 1.2";
+ }
+ enum TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5'
+ algorithm.";
+ reference
+ "RFC 4346:
+ The Transport Layer Security (TLS) Protocol Version
+ 1.1";
+ }
+ enum TLS_RSA_WITH_IDEA_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_RSA_WITH_IDEA_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 8996:
+ Deprecating TLS 1.0 and TLS 1.1";
+ }
+ enum TLS_RSA_EXPORT_WITH_DES40_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_RSA_EXPORT_WITH_DES40_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 4346:
+ The Transport Layer Security (TLS) Protocol Version
+ 1.1";
+ }
+ enum TLS_RSA_WITH_DES_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_RSA_WITH_DES_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 8996:
+ Deprecating TLS 1.0 and TLS 1.1";
+ }
+ enum TLS_RSA_WITH_3DES_EDE_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_RSA_WITH_3DES_EDE_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version
+ 1.2";
+ }
+ enum TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 4346:
+ The Transport Layer Security (TLS) Protocol Version
+ 1.1";
+ }
+ enum TLS_DH_DSS_WITH_DES_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DH_DSS_WITH_DES_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 8996:
+ Deprecating TLS 1.0 and TLS 1.1";
+ }
+ enum TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version
+ 1.2";
+ }
+ enum TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 4346:
+ The Transport Layer Security (TLS) Protocol Version
+ 1.1";
+ }
+ enum TLS_DH_RSA_WITH_DES_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DH_RSA_WITH_DES_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 8996:
+ Deprecating TLS 1.0 and TLS 1.1";
+ }
+ enum TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version
+ 1.2";
+ }
+ enum TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA' algorithm.";
+ reference
+ "RFC 4346:
+ The Transport Layer Security (TLS) Protocol Version
+ 1.1";
+ }
+ enum TLS_DHE_DSS_WITH_DES_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DHE_DSS_WITH_DES_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 8996:
+ Deprecating TLS 1.0 and TLS 1.1";
+ }
+ enum TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version
+ 1.2";
+ }
+ enum TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA' algorithm.";
+ reference
+ "RFC 4346:
+ The Transport Layer Security (TLS) Protocol Version
+ 1.1";
+ }
+ enum TLS_DHE_RSA_WITH_DES_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DHE_RSA_WITH_DES_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 8996:
+ Deprecating TLS 1.0 and TLS 1.1";
+ }
+ enum TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version
+ 1.2";
+ }
+ enum TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DH_anon_EXPORT_WITH_RC4_40_MD5'
+ algorithm.";
+ reference
+ "RFC 4346:
+ The Transport Layer Security (TLS) Protocol Version 1.1
+ RFC 6347:
+ Datagram Transport Layer Security Version 1.2";
+ }
+ enum TLS_DH_anon_WITH_RC4_128_MD5 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DH_anon_WITH_RC4_128_MD5'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version 1.2
+ RFC 6347:
+ Datagram Transport Layer Security Version 1.2";
+ }
+ enum TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA' algorithm.";
+ reference
+ "RFC 4346:
+ The Transport Layer Security (TLS) Protocol Version
+ 1.1";
+ }
+ enum TLS_DH_anon_WITH_DES_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DH_anon_WITH_DES_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 8996:
+ Deprecating TLS 1.0 and TLS 1.1";
+ }
+ enum TLS_DH_anon_WITH_3DES_EDE_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DH_anon_WITH_3DES_EDE_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version
+ 1.2";
+ }
+ enum TLS_KRB5_WITH_DES_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_KRB5_WITH_DES_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 2712:
+ Addition of Kerberos Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_KRB5_WITH_3DES_EDE_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_KRB5_WITH_3DES_EDE_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 2712:
+ Addition of Kerberos Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_KRB5_WITH_RC4_128_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_KRB5_WITH_RC4_128_SHA'
+ algorithm.";
+ reference
+ "RFC 2712:
+ Addition of Kerberos Cipher Suites to Transport Layer
+ Security (TLS)
+ RFC 6347:
+ Datagram Transport Layer Security Version 1.2";
+ }
+ enum TLS_KRB5_WITH_IDEA_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_KRB5_WITH_IDEA_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 2712:
+ Addition of Kerberos Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_KRB5_WITH_DES_CBC_MD5 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_KRB5_WITH_DES_CBC_MD5'
+ algorithm.";
+ reference
+ "RFC 2712:
+ Addition of Kerberos Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_KRB5_WITH_3DES_EDE_CBC_MD5 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_KRB5_WITH_3DES_EDE_CBC_MD5'
+ algorithm.";
+ reference
+ "RFC 2712:
+ Addition of Kerberos Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_KRB5_WITH_RC4_128_MD5 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_KRB5_WITH_RC4_128_MD5'
+ algorithm.";
+ reference
+ "RFC 2712:
+ Addition of Kerberos Cipher Suites to Transport Layer
+ Security (TLS)
+ RFC 6347:
+ Datagram Transport Layer Security Version 1.2";
+ }
+ enum TLS_KRB5_WITH_IDEA_CBC_MD5 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_KRB5_WITH_IDEA_CBC_MD5'
+ algorithm.";
+ reference
+ "RFC 2712:
+ Addition of Kerberos Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA'
+ algorithm.";
+ reference
+ "RFC 2712:
+ Addition of Kerberos Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA'
+ algorithm.";
+ reference
+ "RFC 2712:
+ Addition of Kerberos Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_KRB5_EXPORT_WITH_RC4_40_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_KRB5_EXPORT_WITH_RC4_40_SHA'
+ algorithm.";
+ reference
+ "RFC 2712:
+ Addition of Kerberos Cipher Suites to Transport Layer
+ Security (TLS)
+ RFC 6347:
+ Datagram Transport Layer Security Version 1.2";
+ }
+ enum TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5'
+ algorithm.";
+ reference
+ "RFC 2712:
+ Addition of Kerberos Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5'
+ algorithm.";
+ reference
+ "RFC 2712:
+ Addition of Kerberos Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_KRB5_EXPORT_WITH_RC4_40_MD5 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_KRB5_EXPORT_WITH_RC4_40_MD5'
+ algorithm.";
+ reference
+ "RFC 2712:
+ Addition of Kerberos Cipher Suites to Transport Layer
+ Security (TLS)
+ RFC 6347:
+ Datagram Transport Layer Security Version 1.2";
+ }
+ enum TLS_PSK_WITH_NULL_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_PSK_WITH_NULL_SHA' algorithm.";
+ reference
+ "RFC 4785:
+ Pre-Shared Key (PSK) Ciphersuites with NULL Encryption
+ for Transport Layer Security (TLS)";
+ }
+ enum TLS_DHE_PSK_WITH_NULL_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DHE_PSK_WITH_NULL_SHA'
+ algorithm.";
+ reference
+ "RFC 4785:
+ Pre-Shared Key (PSK) Ciphersuites with NULL Encryption
+ for Transport Layer Security (TLS)";
+ }
+ enum TLS_RSA_PSK_WITH_NULL_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_RSA_PSK_WITH_NULL_SHA'
+ algorithm.";
+ reference
+ "RFC 4785:
+ Pre-Shared Key (PSK) Ciphersuites with NULL Encryption
+ for Transport Layer Security (TLS)";
+ }
+ enum TLS_RSA_WITH_AES_128_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_RSA_WITH_AES_128_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version
+ 1.2";
+ }
+ enum TLS_DH_DSS_WITH_AES_128_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DH_DSS_WITH_AES_128_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version
+ 1.2";
+ }
+ enum TLS_DH_RSA_WITH_AES_128_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DH_RSA_WITH_AES_128_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version
+ 1.2";
+ }
+ enum TLS_DHE_DSS_WITH_AES_128_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DHE_DSS_WITH_AES_128_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version
+ 1.2";
+ }
+ enum TLS_DHE_RSA_WITH_AES_128_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DHE_RSA_WITH_AES_128_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version
+ 1.2";
+ }
+ enum TLS_DH_anon_WITH_AES_128_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DH_anon_WITH_AES_128_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version
+ 1.2";
+ }
+ enum TLS_RSA_WITH_AES_256_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_RSA_WITH_AES_256_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version
+ 1.2";
+ }
+ enum TLS_DH_DSS_WITH_AES_256_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DH_DSS_WITH_AES_256_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version
+ 1.2";
+ }
+ enum TLS_DH_RSA_WITH_AES_256_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DH_RSA_WITH_AES_256_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version
+ 1.2";
+ }
+ enum TLS_DHE_DSS_WITH_AES_256_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DHE_DSS_WITH_AES_256_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version
+ 1.2";
+ }
+ enum TLS_DHE_RSA_WITH_AES_256_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DHE_RSA_WITH_AES_256_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version
+ 1.2";
+ }
+ enum TLS_DH_anon_WITH_AES_256_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DH_anon_WITH_AES_256_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version
+ 1.2";
+ }
+ enum TLS_RSA_WITH_NULL_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_RSA_WITH_NULL_SHA256'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version
+ 1.2";
+ }
+ enum TLS_RSA_WITH_AES_128_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_RSA_WITH_AES_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version
+ 1.2";
+ }
+ enum TLS_RSA_WITH_AES_256_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_RSA_WITH_AES_256_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version
+ 1.2";
+ }
+ enum TLS_DH_DSS_WITH_AES_128_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DH_DSS_WITH_AES_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version
+ 1.2";
+ }
+ enum TLS_DH_RSA_WITH_AES_128_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DH_RSA_WITH_AES_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version
+ 1.2";
+ }
+ enum TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DHE_DSS_WITH_AES_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version
+ 1.2";
+ }
+ enum TLS_RSA_WITH_CAMELLIA_128_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_RSA_WITH_CAMELLIA_128_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5932:
+ Camellia Cipher Suites for TLS";
+ }
+ enum TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5932:
+ Camellia Cipher Suites for TLS";
+ }
+ enum TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5932:
+ Camellia Cipher Suites for TLS";
+ }
+ enum TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA' algorithm.";
+ reference
+ "RFC 5932:
+ Camellia Cipher Suites for TLS";
+ }
+ enum TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA' algorithm.";
+ reference
+ "RFC 5932:
+ Camellia Cipher Suites for TLS";
+ }
+ enum TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA' algorithm.";
+ reference
+ "RFC 5932:
+ Camellia Cipher Suites for TLS";
+ }
+ enum TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DHE_RSA_WITH_AES_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version
+ 1.2";
+ }
+ enum TLS_DH_DSS_WITH_AES_256_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DH_DSS_WITH_AES_256_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version
+ 1.2";
+ }
+ enum TLS_DH_RSA_WITH_AES_256_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DH_RSA_WITH_AES_256_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version
+ 1.2";
+ }
+ enum TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DHE_DSS_WITH_AES_256_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version
+ 1.2";
+ }
+ enum TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DHE_RSA_WITH_AES_256_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version
+ 1.2";
+ }
+ enum TLS_DH_anon_WITH_AES_128_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DH_anon_WITH_AES_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version
+ 1.2";
+ }
+ enum TLS_DH_anon_WITH_AES_256_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DH_anon_WITH_AES_256_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 5246:
+ The Transport Layer Security (TLS) Protocol Version
+ 1.2";
+ }
+ enum TLS_RSA_WITH_CAMELLIA_256_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_RSA_WITH_CAMELLIA_256_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5932:
+ Camellia Cipher Suites for TLS";
+ }
+ enum TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5932:
+ Camellia Cipher Suites for TLS";
+ }
+ enum TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5932:
+ Camellia Cipher Suites for TLS";
+ }
+ enum TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA' algorithm.";
+ reference
+ "RFC 5932:
+ Camellia Cipher Suites for TLS";
+ }
+ enum TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA' algorithm.";
+ reference
+ "RFC 5932:
+ Camellia Cipher Suites for TLS";
+ }
+ enum TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA' algorithm.";
+ reference
+ "RFC 5932:
+ Camellia Cipher Suites for TLS";
+ }
+ enum TLS_PSK_WITH_RC4_128_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_PSK_WITH_RC4_128_SHA'
+ algorithm.";
+ reference
+ "RFC 4279:
+ Pre-Shared Key Ciphersuites for Transport Layer Security
+ (TLS)
+ RFC 6347:
+ Datagram Transport Layer Security Version 1.2";
+ }
+ enum TLS_PSK_WITH_3DES_EDE_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_PSK_WITH_3DES_EDE_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 4279:
+ Pre-Shared Key Ciphersuites for Transport Layer Security
+ (TLS)";
+ }
+ enum TLS_PSK_WITH_AES_128_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_PSK_WITH_AES_128_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 4279:
+ Pre-Shared Key Ciphersuites for Transport Layer Security
+ (TLS)";
+ }
+ enum TLS_PSK_WITH_AES_256_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_PSK_WITH_AES_256_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 4279:
+ Pre-Shared Key Ciphersuites for Transport Layer Security
+ (TLS)";
+ }
+ enum TLS_DHE_PSK_WITH_RC4_128_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DHE_PSK_WITH_RC4_128_SHA'
+ algorithm.";
+ reference
+ "RFC 4279:
+ Pre-Shared Key Ciphersuites for Transport Layer Security
+ (TLS)
+ RFC 6347:
+ Datagram Transport Layer Security Version 1.2";
+ }
+ enum TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 4279:
+ Pre-Shared Key Ciphersuites for Transport Layer Security
+ (TLS)";
+ }
+ enum TLS_DHE_PSK_WITH_AES_128_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DHE_PSK_WITH_AES_128_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 4279:
+ Pre-Shared Key Ciphersuites for Transport Layer Security
+ (TLS)";
+ }
+ enum TLS_DHE_PSK_WITH_AES_256_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DHE_PSK_WITH_AES_256_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 4279:
+ Pre-Shared Key Ciphersuites for Transport Layer Security
+ (TLS)";
+ }
+ enum TLS_RSA_PSK_WITH_RC4_128_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_RSA_PSK_WITH_RC4_128_SHA'
+ algorithm.";
+ reference
+ "RFC 4279:
+ Pre-Shared Key Ciphersuites for Transport Layer Security
+ (TLS)
+ RFC 6347:
+ Datagram Transport Layer Security Version 1.2";
+ }
+ enum TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 4279:
+ Pre-Shared Key Ciphersuites for Transport Layer Security
+ (TLS)";
+ }
+ enum TLS_RSA_PSK_WITH_AES_128_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_RSA_PSK_WITH_AES_128_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 4279:
+ Pre-Shared Key Ciphersuites for Transport Layer Security
+ (TLS)";
+ }
+ enum TLS_RSA_PSK_WITH_AES_256_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_RSA_PSK_WITH_AES_256_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 4279:
+ Pre-Shared Key Ciphersuites for Transport Layer Security
+ (TLS)";
+ }
+ enum TLS_RSA_WITH_SEED_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_RSA_WITH_SEED_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 4162:
+ Addition of SEED Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_DH_DSS_WITH_SEED_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DH_DSS_WITH_SEED_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 4162:
+ Addition of SEED Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_DH_RSA_WITH_SEED_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DH_RSA_WITH_SEED_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 4162:
+ Addition of SEED Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_DHE_DSS_WITH_SEED_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DHE_DSS_WITH_SEED_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 4162:
+ Addition of SEED Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_DHE_RSA_WITH_SEED_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DHE_RSA_WITH_SEED_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 4162:
+ Addition of SEED Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_DH_anon_WITH_SEED_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DH_anon_WITH_SEED_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 4162:
+ Addition of SEED Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_RSA_WITH_AES_128_GCM_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_RSA_WITH_AES_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 5288:
+ AES Galois Counter Mode (GCM) Cipher Suites for TLS";
+ }
+ enum TLS_RSA_WITH_AES_256_GCM_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_RSA_WITH_AES_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 5288:
+ AES Galois Counter Mode (GCM) Cipher Suites for TLS";
+ }
+ enum TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 {
+ description
+ "Enumeration for the 'TLS_DHE_RSA_WITH_AES_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 5288:
+ AES Galois Counter Mode (GCM) Cipher Suites for TLS";
+ }
+ enum TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 {
+ description
+ "Enumeration for the 'TLS_DHE_RSA_WITH_AES_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 5288:
+ AES Galois Counter Mode (GCM) Cipher Suites for TLS";
+ }
+ enum TLS_DH_RSA_WITH_AES_128_GCM_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DH_RSA_WITH_AES_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 5288:
+ AES Galois Counter Mode (GCM) Cipher Suites for TLS";
+ }
+ enum TLS_DH_RSA_WITH_AES_256_GCM_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DH_RSA_WITH_AES_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 5288:
+ AES Galois Counter Mode (GCM) Cipher Suites for TLS";
+ }
+ enum TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DHE_DSS_WITH_AES_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 5288:
+ AES Galois Counter Mode (GCM) Cipher Suites for TLS";
+ }
+ enum TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DHE_DSS_WITH_AES_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 5288:
+ AES Galois Counter Mode (GCM) Cipher Suites for TLS";
+ }
+ enum TLS_DH_DSS_WITH_AES_128_GCM_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DH_DSS_WITH_AES_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 5288:
+ AES Galois Counter Mode (GCM) Cipher Suites for TLS";
+ }
+ enum TLS_DH_DSS_WITH_AES_256_GCM_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DH_DSS_WITH_AES_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 5288:
+ AES Galois Counter Mode (GCM) Cipher Suites for TLS";
+ }
+ enum TLS_DH_anon_WITH_AES_128_GCM_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DH_anon_WITH_AES_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 5288:
+ AES Galois Counter Mode (GCM) Cipher Suites for TLS";
+ }
+ enum TLS_DH_anon_WITH_AES_256_GCM_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DH_anon_WITH_AES_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 5288:
+ AES Galois Counter Mode (GCM) Cipher Suites for TLS";
+ }
+ enum TLS_PSK_WITH_AES_128_GCM_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_PSK_WITH_AES_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 5487:
+ Pre-Shared Key Cipher Suites for TLS with SHA-256/384
+ and AES Galois Counter Mode";
+ }
+ enum TLS_PSK_WITH_AES_256_GCM_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_PSK_WITH_AES_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 5487:
+ Pre-Shared Key Cipher Suites for TLS with SHA-256/384
+ and AES Galois Counter Mode";
+ }
+ enum TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 {
+ description
+ "Enumeration for the 'TLS_DHE_PSK_WITH_AES_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 5487:
+ Pre-Shared Key Cipher Suites for TLS with SHA-256/384
+ and AES Galois Counter Mode";
+ }
+ enum TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 {
+ description
+ "Enumeration for the 'TLS_DHE_PSK_WITH_AES_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 5487:
+ Pre-Shared Key Cipher Suites for TLS with SHA-256/384
+ and AES Galois Counter Mode";
+ }
+ enum TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_RSA_PSK_WITH_AES_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 5487:
+ Pre-Shared Key Cipher Suites for TLS with SHA-256/384
+ and AES Galois Counter Mode";
+ }
+ enum TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_RSA_PSK_WITH_AES_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 5487:
+ Pre-Shared Key Cipher Suites for TLS with SHA-256/384
+ and AES Galois Counter Mode";
+ }
+ enum TLS_PSK_WITH_AES_128_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_PSK_WITH_AES_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 5487:
+ Pre-Shared Key Cipher Suites for TLS with SHA-256/384
+ and AES Galois Counter Mode";
+ }
+ enum TLS_PSK_WITH_AES_256_CBC_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_PSK_WITH_AES_256_CBC_SHA384'
+ algorithm.";
+ reference
+ "RFC 5487:
+ Pre-Shared Key Cipher Suites for TLS with SHA-256/384
+ and AES Galois Counter Mode";
+ }
+ enum TLS_PSK_WITH_NULL_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_PSK_WITH_NULL_SHA256'
+ algorithm.";
+ reference
+ "RFC 5487:
+ Pre-Shared Key Cipher Suites for TLS with SHA-256/384
+ and AES Galois Counter Mode";
+ }
+ enum TLS_PSK_WITH_NULL_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_PSK_WITH_NULL_SHA384'
+ algorithm.";
+ reference
+ "RFC 5487:
+ Pre-Shared Key Cipher Suites for TLS with SHA-256/384
+ and AES Galois Counter Mode";
+ }
+ enum TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DHE_PSK_WITH_AES_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 5487:
+ Pre-Shared Key Cipher Suites for TLS with SHA-256/384
+ and AES Galois Counter Mode";
+ }
+ enum TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DHE_PSK_WITH_AES_256_CBC_SHA384'
+ algorithm.";
+ reference
+ "RFC 5487:
+ Pre-Shared Key Cipher Suites for TLS with SHA-256/384
+ and AES Galois Counter Mode";
+ }
+ enum TLS_DHE_PSK_WITH_NULL_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DHE_PSK_WITH_NULL_SHA256'
+ algorithm.";
+ reference
+ "RFC 5487:
+ Pre-Shared Key Cipher Suites for TLS with SHA-256/384
+ and AES Galois Counter Mode";
+ }
+ enum TLS_DHE_PSK_WITH_NULL_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DHE_PSK_WITH_NULL_SHA384'
+ algorithm.";
+ reference
+ "RFC 5487:
+ Pre-Shared Key Cipher Suites for TLS with SHA-256/384
+ and AES Galois Counter Mode";
+ }
+ enum TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_RSA_PSK_WITH_AES_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 5487:
+ Pre-Shared Key Cipher Suites for TLS with SHA-256/384
+ and AES Galois Counter Mode";
+ }
+ enum TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_RSA_PSK_WITH_AES_256_CBC_SHA384'
+ algorithm.";
+ reference
+ "RFC 5487:
+ Pre-Shared Key Cipher Suites for TLS with SHA-256/384
+ and AES Galois Counter Mode";
+ }
+ enum TLS_RSA_PSK_WITH_NULL_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_RSA_PSK_WITH_NULL_SHA256'
+ algorithm.";
+ reference
+ "RFC 5487:
+ Pre-Shared Key Cipher Suites for TLS with SHA-256/384
+ and AES Galois Counter Mode";
+ }
+ enum TLS_RSA_PSK_WITH_NULL_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_RSA_PSK_WITH_NULL_SHA384'
+ algorithm.";
+ reference
+ "RFC 5487:
+ Pre-Shared Key Cipher Suites for TLS with SHA-256/384
+ and AES Galois Counter Mode";
+ }
+ enum TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 5932:
+ Camellia Cipher Suites for TLS";
+ }
+ enum TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256' algorithm.";
+ reference
+ "RFC 5932:
+ Camellia Cipher Suites for TLS";
+ }
+ enum TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256' algorithm.";
+ reference
+ "RFC 5932:
+ Camellia Cipher Suites for TLS";
+ }
+ enum TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256' algorithm.";
+ reference
+ "RFC 5932:
+ Camellia Cipher Suites for TLS";
+ }
+ enum TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256' algorithm.";
+ reference
+ "RFC 5932:
+ Camellia Cipher Suites for TLS";
+ }
+ enum TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256' algorithm.";
+ reference
+ "RFC 5932:
+ Camellia Cipher Suites for TLS";
+ }
+ enum TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 5932:
+ Camellia Cipher Suites for TLS";
+ }
+ enum TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256' algorithm.";
+ reference
+ "RFC 5932:
+ Camellia Cipher Suites for TLS";
+ }
+ enum TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256' algorithm.";
+ reference
+ "RFC 5932:
+ Camellia Cipher Suites for TLS";
+ }
+ enum TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256' algorithm.";
+ reference
+ "RFC 5932:
+ Camellia Cipher Suites for TLS";
+ }
+ enum TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256' algorithm.";
+ reference
+ "RFC 5932:
+ Camellia Cipher Suites for TLS";
+ }
+ enum TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256' algorithm.";
+ reference
+ "RFC 5932:
+ Camellia Cipher Suites for TLS";
+ }
+ enum TLS_SM4_GCM_SM3 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_SM4_GCM_SM3' algorithm.";
+ reference
+ "RFC 8998:
+ ShangMi (SM) Cipher Suites for TLS 1.3";
+ }
+ enum TLS_SM4_CCM_SM3 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_SM4_CCM_SM3' algorithm.";
+ reference
+ "RFC 8998:
+ ShangMi (SM) Cipher Suites for TLS 1.3";
+ }
+ enum TLS_EMPTY_RENEGOTIATION_INFO_SCSV {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_EMPTY_RENEGOTIATION_INFO_SCSV'
+ algorithm.";
+ reference
+ "RFC 5746:
+ Transport Layer Security (TLS) Renegotiation Indication
+ Extension";
+ }
+ enum TLS_AES_128_GCM_SHA256 {
+ description
+ "Enumeration for the 'TLS_AES_128_GCM_SHA256' algorithm.";
+ reference
+ "RFC 8446:
+ The Transport Layer Security (TLS) Protocol Version
+ 1.3";
+ }
+ enum TLS_AES_256_GCM_SHA384 {
+ description
+ "Enumeration for the 'TLS_AES_256_GCM_SHA384' algorithm.";
+ reference
+ "RFC 8446:
+ The Transport Layer Security (TLS) Protocol Version
+ 1.3";
+ }
+ enum TLS_CHACHA20_POLY1305_SHA256 {
+ description
+ "Enumeration for the 'TLS_CHACHA20_POLY1305_SHA256'
+ algorithm.";
+ reference
+ "RFC 8446:
+ The Transport Layer Security (TLS) Protocol Version
+ 1.3";
+ }
+ enum TLS_AES_128_CCM_SHA256 {
+ description
+ "Enumeration for the 'TLS_AES_128_CCM_SHA256' algorithm.";
+ reference
+ "RFC 8446:
+ The Transport Layer Security (TLS) Protocol Version
+ 1.3";
+ }
+ enum TLS_AES_128_CCM_8_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_AES_128_CCM_8_SHA256'
+ algorithm.";
+ reference
+ "RFC 8446:
+ The Transport Layer Security (TLS) Protocol Version 1.3
+ IESG Action:
+ IESG Action 2018-08-16";
+ }
+ enum TLS_AEGIS_256_SHA512 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_AEGIS_256_SHA512' algorithm.";
+ reference
+ "draft-irtf-cfrg-aegis-aead-08:
+ The AEGIS Family of Authenticated Encryption
+ Algorithms";
+ }
+ enum TLS_AEGIS_128L_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_AEGIS_128L_SHA256' algorithm.";
+ reference
+ "draft-irtf-cfrg-aegis-aead-08:
+ The AEGIS Family of Authenticated Encryption
+ Algorithms";
+ }
+ enum TLS_FALLBACK_SCSV {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_FALLBACK_SCSV' algorithm.";
+ reference
+ "RFC 7507:
+ TLS Fallback Signaling Cipher Suite Value (SCSV) for
+ Preventing Protocol Downgrade Attacks";
+ }
+ enum TLS_ECDH_ECDSA_WITH_NULL_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_ECDH_ECDSA_WITH_NULL_SHA'
+ algorithm.";
+ reference
+ "RFC 8422:
+ Elliptic Curve Cryptography (ECC) Cipher Suites for
+ Transport Layer Security (TLS) Versions 1.2 and
+ Earlier";
+ }
+ enum TLS_ECDH_ECDSA_WITH_RC4_128_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_ECDH_ECDSA_WITH_RC4_128_SHA'
+ algorithm.";
+ reference
+ "RFC 8422:
+ Elliptic Curve Cryptography (ECC) Cipher Suites for
+ Transport Layer Security (TLS) Versions 1.2 and Earlier
+ RFC 6347:
+ Datagram Transport Layer Security Version 1.2";
+ }
+ enum TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 8422:
+ Elliptic Curve Cryptography (ECC) Cipher Suites for
+ Transport Layer Security (TLS) Versions 1.2 and
+ Earlier";
+ }
+ enum TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 8422:
+ Elliptic Curve Cryptography (ECC) Cipher Suites for
+ Transport Layer Security (TLS) Versions 1.2 and
+ Earlier";
+ }
+ enum TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 8422:
+ Elliptic Curve Cryptography (ECC) Cipher Suites for
+ Transport Layer Security (TLS) Versions 1.2 and
+ Earlier";
+ }
+ enum TLS_ECDHE_ECDSA_WITH_NULL_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_ECDHE_ECDSA_WITH_NULL_SHA'
+ algorithm.";
+ reference
+ "RFC 8422:
+ Elliptic Curve Cryptography (ECC) Cipher Suites for
+ Transport Layer Security (TLS) Versions 1.2 and
+ Earlier";
+ }
+ enum TLS_ECDHE_ECDSA_WITH_RC4_128_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_ECDHE_ECDSA_WITH_RC4_128_SHA'
+ algorithm.";
+ reference
+ "RFC 8422:
+ Elliptic Curve Cryptography (ECC) Cipher Suites for
+ Transport Layer Security (TLS) Versions 1.2 and Earlier
+ RFC 6347:
+ Datagram Transport Layer Security Version 1.2";
+ }
+ enum TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA' algorithm.";
+ reference
+ "RFC 8422:
+ Elliptic Curve Cryptography (ECC) Cipher Suites for
+ Transport Layer Security (TLS) Versions 1.2 and
+ Earlier";
+ }
+ enum TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 8422:
+ Elliptic Curve Cryptography (ECC) Cipher Suites for
+ Transport Layer Security (TLS) Versions 1.2 and
+ Earlier";
+ }
+ enum TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 8422:
+ Elliptic Curve Cryptography (ECC) Cipher Suites for
+ Transport Layer Security (TLS) Versions 1.2 and
+ Earlier";
+ }
+ enum TLS_ECDH_RSA_WITH_NULL_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_ECDH_RSA_WITH_NULL_SHA'
+ algorithm.";
+ reference
+ "RFC 8422:
+ Elliptic Curve Cryptography (ECC) Cipher Suites for
+ Transport Layer Security (TLS) Versions 1.2 and
+ Earlier";
+ }
+ enum TLS_ECDH_RSA_WITH_RC4_128_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_ECDH_RSA_WITH_RC4_128_SHA'
+ algorithm.";
+ reference
+ "RFC 8422:
+ Elliptic Curve Cryptography (ECC) Cipher Suites for
+ Transport Layer Security (TLS) Versions 1.2 and Earlier
+ RFC 6347:
+ Datagram Transport Layer Security Version 1.2";
+ }
+ enum TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 8422:
+ Elliptic Curve Cryptography (ECC) Cipher Suites for
+ Transport Layer Security (TLS) Versions 1.2 and
+ Earlier";
+ }
+ enum TLS_ECDH_RSA_WITH_AES_128_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_ECDH_RSA_WITH_AES_128_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 8422:
+ Elliptic Curve Cryptography (ECC) Cipher Suites for
+ Transport Layer Security (TLS) Versions 1.2 and
+ Earlier";
+ }
+ enum TLS_ECDH_RSA_WITH_AES_256_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_ECDH_RSA_WITH_AES_256_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 8422:
+ Elliptic Curve Cryptography (ECC) Cipher Suites for
+ Transport Layer Security (TLS) Versions 1.2 and
+ Earlier";
+ }
+ enum TLS_ECDHE_RSA_WITH_NULL_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_ECDHE_RSA_WITH_NULL_SHA'
+ algorithm.";
+ reference
+ "RFC 8422:
+ Elliptic Curve Cryptography (ECC) Cipher Suites for
+ Transport Layer Security (TLS) Versions 1.2 and
+ Earlier";
+ }
+ enum TLS_ECDHE_RSA_WITH_RC4_128_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_ECDHE_RSA_WITH_RC4_128_SHA'
+ algorithm.";
+ reference
+ "RFC 8422:
+ Elliptic Curve Cryptography (ECC) Cipher Suites for
+ Transport Layer Security (TLS) Versions 1.2 and Earlier
+ RFC 6347:
+ Datagram Transport Layer Security Version 1.2";
+ }
+ enum TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 8422:
+ Elliptic Curve Cryptography (ECC) Cipher Suites for
+ Transport Layer Security (TLS) Versions 1.2 and
+ Earlier";
+ }
+ enum TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 8422:
+ Elliptic Curve Cryptography (ECC) Cipher Suites for
+ Transport Layer Security (TLS) Versions 1.2 and
+ Earlier";
+ }
+ enum TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 8422:
+ Elliptic Curve Cryptography (ECC) Cipher Suites for
+ Transport Layer Security (TLS) Versions 1.2 and
+ Earlier";
+ }
+ enum TLS_ECDH_anon_WITH_NULL_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_ECDH_anon_WITH_NULL_SHA'
+ algorithm.";
+ reference
+ "RFC 8422:
+ Elliptic Curve Cryptography (ECC) Cipher Suites for
+ Transport Layer Security (TLS) Versions 1.2 and
+ Earlier";
+ }
+ enum TLS_ECDH_anon_WITH_RC4_128_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_ECDH_anon_WITH_RC4_128_SHA'
+ algorithm.";
+ reference
+ "RFC 8422:
+ Elliptic Curve Cryptography (ECC) Cipher Suites for
+ Transport Layer Security (TLS) Versions 1.2 and Earlier
+ RFC 6347:
+ Datagram Transport Layer Security Version 1.2";
+ }
+ enum TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 8422:
+ Elliptic Curve Cryptography (ECC) Cipher Suites for
+ Transport Layer Security (TLS) Versions 1.2 and
+ Earlier";
+ }
+ enum TLS_ECDH_anon_WITH_AES_128_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_ECDH_anon_WITH_AES_128_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 8422:
+ Elliptic Curve Cryptography (ECC) Cipher Suites for
+ Transport Layer Security (TLS) Versions 1.2 and
+ Earlier";
+ }
+ enum TLS_ECDH_anon_WITH_AES_256_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_ECDH_anon_WITH_AES_256_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 8422:
+ Elliptic Curve Cryptography (ECC) Cipher Suites for
+ Transport Layer Security (TLS) Versions 1.2 and
+ Earlier";
+ }
+ enum TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5054:
+ Using the Secure Remote Password (SRP) Protocol for TLS
+ Authentication";
+ }
+ enum TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA' algorithm.";
+ reference
+ "RFC 5054:
+ Using the Secure Remote Password (SRP) Protocol for TLS
+ Authentication";
+ }
+ enum TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA' algorithm.";
+ reference
+ "RFC 5054:
+ Using the Secure Remote Password (SRP) Protocol for TLS
+ Authentication";
+ }
+ enum TLS_SRP_SHA_WITH_AES_128_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_SRP_SHA_WITH_AES_128_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5054:
+ Using the Secure Remote Password (SRP) Protocol for TLS
+ Authentication";
+ }
+ enum TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5054:
+ Using the Secure Remote Password (SRP) Protocol for TLS
+ Authentication";
+ }
+ enum TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5054:
+ Using the Secure Remote Password (SRP) Protocol for TLS
+ Authentication";
+ }
+ enum TLS_SRP_SHA_WITH_AES_256_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_SRP_SHA_WITH_AES_256_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5054:
+ Using the Secure Remote Password (SRP) Protocol for TLS
+ Authentication";
+ }
+ enum TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5054:
+ Using the Secure Remote Password (SRP) Protocol for TLS
+ Authentication";
+ }
+ enum TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5054:
+ Using the Secure Remote Password (SRP) Protocol for TLS
+ Authentication";
+ }
+ enum TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256' algorithm.";
+ reference
+ "RFC 5289:
+ TLS Elliptic Curve Cipher Suites with SHA-256/384 and
+ AES Galois Counter Mode (GCM)";
+ }
+ enum TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384' algorithm.";
+ reference
+ "RFC 5289:
+ TLS Elliptic Curve Cipher Suites with SHA-256/384 and
+ AES Galois Counter Mode (GCM)";
+ }
+ enum TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256' algorithm.";
+ reference
+ "RFC 5289:
+ TLS Elliptic Curve Cipher Suites with SHA-256/384 and
+ AES Galois Counter Mode (GCM)";
+ }
+ enum TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384' algorithm.";
+ reference
+ "RFC 5289:
+ TLS Elliptic Curve Cipher Suites with SHA-256/384 and
+ AES Galois Counter Mode (GCM)";
+ }
+ enum TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256' algorithm.";
+ reference
+ "RFC 5289:
+ TLS Elliptic Curve Cipher Suites with SHA-256/384 and
+ AES Galois Counter Mode (GCM)";
+ }
+ enum TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384' algorithm.";
+ reference
+ "RFC 5289:
+ TLS Elliptic Curve Cipher Suites with SHA-256/384 and
+ AES Galois Counter Mode (GCM)";
+ }
+ enum TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 5289:
+ TLS Elliptic Curve Cipher Suites with SHA-256/384 and
+ AES Galois Counter Mode (GCM)";
+ }
+ enum TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384'
+ algorithm.";
+ reference
+ "RFC 5289:
+ TLS Elliptic Curve Cipher Suites with SHA-256/384 and
+ AES Galois Counter Mode (GCM)";
+ }
+ enum TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 {
+ description
+ "Enumeration for the
+ 'TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256' algorithm.";
+ reference
+ "RFC 5289:
+ TLS Elliptic Curve Cipher Suites with SHA-256/384 and
+ AES Galois Counter Mode (GCM)";
+ }
+ enum TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 {
+ description
+ "Enumeration for the
+ 'TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384' algorithm.";
+ reference
+ "RFC 5289:
+ TLS Elliptic Curve Cipher Suites with SHA-256/384 and
+ AES Galois Counter Mode (GCM)";
+ }
+ enum TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256' algorithm.";
+ reference
+ "RFC 5289:
+ TLS Elliptic Curve Cipher Suites with SHA-256/384 and
+ AES Galois Counter Mode (GCM)";
+ }
+ enum TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384' algorithm.";
+ reference
+ "RFC 5289:
+ TLS Elliptic Curve Cipher Suites with SHA-256/384 and
+ AES Galois Counter Mode (GCM)";
+ }
+ enum TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 {
+ description
+ "Enumeration for the
+ 'TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256' algorithm.";
+ reference
+ "RFC 5289:
+ TLS Elliptic Curve Cipher Suites with SHA-256/384 and
+ AES Galois Counter Mode (GCM)";
+ }
+ enum TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 {
+ description
+ "Enumeration for the
+ 'TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384' algorithm.";
+ reference
+ "RFC 5289:
+ TLS Elliptic Curve Cipher Suites with SHA-256/384 and
+ AES Galois Counter Mode (GCM)";
+ }
+ enum TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 5289:
+ TLS Elliptic Curve Cipher Suites with SHA-256/384 and
+ AES Galois Counter Mode (GCM)";
+ }
+ enum TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 5289:
+ TLS Elliptic Curve Cipher Suites with SHA-256/384 and
+ AES Galois Counter Mode (GCM)";
+ }
+ enum TLS_ECDHE_PSK_WITH_RC4_128_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_ECDHE_PSK_WITH_RC4_128_SHA'
+ algorithm.";
+ reference
+ "RFC 5489:
+ ECDHE_PSK Cipher Suites for Transport Layer Security
+ (TLS)
+ RFC 6347:
+ Datagram Transport Layer Security Version 1.2";
+ }
+ enum TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5489:
+ ECDHE_PSK Cipher Suites for Transport Layer Security
+ (TLS)";
+ }
+ enum TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5489:
+ ECDHE_PSK Cipher Suites for Transport Layer Security
+ (TLS)";
+ }
+ enum TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA'
+ algorithm.";
+ reference
+ "RFC 5489:
+ ECDHE_PSK Cipher Suites for Transport Layer Security
+ (TLS)";
+ }
+ enum TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256' algorithm.";
+ reference
+ "RFC 5489:
+ ECDHE_PSK Cipher Suites for Transport Layer Security
+ (TLS)";
+ }
+ enum TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384' algorithm.";
+ reference
+ "RFC 5489:
+ ECDHE_PSK Cipher Suites for Transport Layer Security
+ (TLS)";
+ }
+ enum TLS_ECDHE_PSK_WITH_NULL_SHA {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_ECDHE_PSK_WITH_NULL_SHA'
+ algorithm.";
+ reference
+ "RFC 5489:
+ ECDHE_PSK Cipher Suites for Transport Layer Security
+ (TLS)";
+ }
+ enum TLS_ECDHE_PSK_WITH_NULL_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_ECDHE_PSK_WITH_NULL_SHA256'
+ algorithm.";
+ reference
+ "RFC 5489:
+ ECDHE_PSK Cipher Suites for Transport Layer Security
+ (TLS)";
+ }
+ enum TLS_ECDHE_PSK_WITH_NULL_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_ECDHE_PSK_WITH_NULL_SHA384'
+ algorithm.";
+ reference
+ "RFC 5489:
+ ECDHE_PSK Cipher Suites for Transport Layer Security
+ (TLS)";
+ }
+ enum TLS_RSA_WITH_ARIA_128_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_RSA_WITH_ARIA_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_RSA_WITH_ARIA_256_CBC_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_RSA_WITH_ARIA_256_CBC_SHA384'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_DH_anon_WITH_ARIA_128_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DH_anon_WITH_ARIA_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_DH_anon_WITH_ARIA_256_CBC_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DH_anon_WITH_ARIA_256_CBC_SHA384'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256' algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384' algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256' algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384' algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256' algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384' algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256' algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384' algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_RSA_WITH_ARIA_128_GCM_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_RSA_WITH_ARIA_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_RSA_WITH_ARIA_256_GCM_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_RSA_WITH_ARIA_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_DH_anon_WITH_ARIA_128_GCM_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DH_anon_WITH_ARIA_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_DH_anon_WITH_ARIA_256_GCM_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DH_anon_WITH_ARIA_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256' algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384' algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256' algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384' algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256' algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384' algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256' algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384' algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_PSK_WITH_ARIA_128_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_PSK_WITH_ARIA_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_PSK_WITH_ARIA_256_CBC_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_PSK_WITH_ARIA_256_CBC_SHA384'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_PSK_WITH_ARIA_128_GCM_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_PSK_WITH_ARIA_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_PSK_WITH_ARIA_256_GCM_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_PSK_WITH_ARIA_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256' algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384' algorithm.";
+ reference
+ "RFC 6209:
+ Addition of the ARIA Cipher Suites to Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport
+ Layer Security (TLS)";
+ }
+ enum TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384'
+ algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport
+ Layer Security (TLS)";
+ }
+ enum TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256' algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport
+ Layer Security (TLS)";
+ }
+ enum TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384' algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport
+ Layer Security (TLS)";
+ }
+ enum TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256' algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport
+ Layer Security (TLS)";
+ }
+ enum TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384' algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport
+ Layer Security (TLS)";
+ }
+ enum TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256' algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport
+ Layer Security (TLS)";
+ }
+ enum TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384' algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport
+ Layer Security (TLS)";
+ }
+ enum TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport
+ Layer Security (TLS)";
+ }
+ enum TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport
+ Layer Security (TLS)";
+ }
+ enum TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256' algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport
+ Layer Security (TLS)";
+ }
+ enum TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384' algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport
+ Layer Security (TLS)";
+ }
+ enum TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256' algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport
+ Layer Security (TLS)";
+ }
+ enum TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384' algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport
+ Layer Security (TLS)";
+ }
+ enum TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256' algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport
+ Layer Security (TLS)";
+ }
+ enum TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384' algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport
+ Layer Security (TLS)";
+ }
+ enum TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256' algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport
+ Layer Security (TLS)";
+ }
+ enum TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384' algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport
+ Layer Security (TLS)";
+ }
+ enum TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256' algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport
+ Layer Security (TLS)";
+ }
+ enum TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384' algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport
+ Layer Security (TLS)";
+ }
+ enum TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport
+ Layer Security (TLS)";
+ }
+ enum TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport
+ Layer Security (TLS)";
+ }
+ enum TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256' algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport
+ Layer Security (TLS)";
+ }
+ enum TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384' algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport
+ Layer Security (TLS)";
+ }
+ enum TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256' algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport
+ Layer Security (TLS)";
+ }
+ enum TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384' algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport
+ Layer Security (TLS)";
+ }
+ enum TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256' algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport
+ Layer Security (TLS)";
+ }
+ enum TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384' algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport
+ Layer Security (TLS)";
+ }
+ enum TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport
+ Layer Security (TLS)";
+ }
+ enum TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport
+ Layer Security (TLS)";
+ }
+ enum TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256' algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport
+ Layer Security (TLS)";
+ }
+ enum TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384' algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport
+ Layer Security (TLS)";
+ }
+ enum TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256' algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport
+ Layer Security (TLS)";
+ }
+ enum TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384' algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport
+ Layer Security (TLS)";
+ }
+ enum TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256'
+ algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport
+ Layer Security (TLS)";
+ }
+ enum TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384'
+ algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport
+ Layer Security (TLS)";
+ }
+ enum TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256' algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport
+ Layer Security (TLS)";
+ }
+ enum TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384' algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport
+ Layer Security (TLS)";
+ }
+ enum TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256' algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport
+ Layer Security (TLS)";
+ }
+ enum TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384' algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport
+ Layer Security (TLS)";
+ }
+ enum TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256' algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport
+ Layer Security (TLS)";
+ }
+ enum TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384' algorithm.";
+ reference
+ "RFC 6367:
+ Addition of the Camellia Cipher Suites to Transport
+ Layer Security (TLS)";
+ }
+ enum TLS_RSA_WITH_AES_128_CCM {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_RSA_WITH_AES_128_CCM'
+ algorithm.";
+ reference
+ "RFC 6655:
+ AES-CCM Cipher Suites for Transport Layer Security
+ (TLS)";
+ }
+ enum TLS_RSA_WITH_AES_256_CCM {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_RSA_WITH_AES_256_CCM'
+ algorithm.";
+ reference
+ "RFC 6655:
+ AES-CCM Cipher Suites for Transport Layer Security
+ (TLS)";
+ }
+ enum TLS_DHE_RSA_WITH_AES_128_CCM {
+ description
+ "Enumeration for the 'TLS_DHE_RSA_WITH_AES_128_CCM'
+ algorithm.";
+ reference
+ "RFC 6655:
+ AES-CCM Cipher Suites for Transport Layer Security
+ (TLS)";
+ }
+ enum TLS_DHE_RSA_WITH_AES_256_CCM {
+ description
+ "Enumeration for the 'TLS_DHE_RSA_WITH_AES_256_CCM'
+ algorithm.";
+ reference
+ "RFC 6655:
+ AES-CCM Cipher Suites for Transport Layer Security
+ (TLS)";
+ }
+ enum TLS_RSA_WITH_AES_128_CCM_8 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_RSA_WITH_AES_128_CCM_8'
+ algorithm.";
+ reference
+ "RFC 6655:
+ AES-CCM Cipher Suites for Transport Layer Security
+ (TLS)";
+ }
+ enum TLS_RSA_WITH_AES_256_CCM_8 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_RSA_WITH_AES_256_CCM_8'
+ algorithm.";
+ reference
+ "RFC 6655:
+ AES-CCM Cipher Suites for Transport Layer Security
+ (TLS)";
+ }
+ enum TLS_DHE_RSA_WITH_AES_128_CCM_8 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DHE_RSA_WITH_AES_128_CCM_8'
+ algorithm.";
+ reference
+ "RFC 6655:
+ AES-CCM Cipher Suites for Transport Layer Security
+ (TLS)";
+ }
+ enum TLS_DHE_RSA_WITH_AES_256_CCM_8 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_DHE_RSA_WITH_AES_256_CCM_8'
+ algorithm.";
+ reference
+ "RFC 6655:
+ AES-CCM Cipher Suites for Transport Layer Security
+ (TLS)";
+ }
+ enum TLS_PSK_WITH_AES_128_CCM {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_PSK_WITH_AES_128_CCM'
+ algorithm.";
+ reference
+ "RFC 6655:
+ AES-CCM Cipher Suites for Transport Layer Security
+ (TLS)";
+ }
+ enum TLS_PSK_WITH_AES_256_CCM {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_PSK_WITH_AES_256_CCM'
+ algorithm.";
+ reference
+ "RFC 6655:
+ AES-CCM Cipher Suites for Transport Layer Security
+ (TLS)";
+ }
+ enum TLS_DHE_PSK_WITH_AES_128_CCM {
+ description
+ "Enumeration for the 'TLS_DHE_PSK_WITH_AES_128_CCM'
+ algorithm.";
+ reference
+ "RFC 6655:
+ AES-CCM Cipher Suites for Transport Layer Security
+ (TLS)";
+ }
+ enum TLS_DHE_PSK_WITH_AES_256_CCM {
+ description
+ "Enumeration for the 'TLS_DHE_PSK_WITH_AES_256_CCM'
+ algorithm.";
+ reference
+ "RFC 6655:
+ AES-CCM Cipher Suites for Transport Layer Security
+ (TLS)";
+ }
+ enum TLS_PSK_WITH_AES_128_CCM_8 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_PSK_WITH_AES_128_CCM_8'
+ algorithm.";
+ reference
+ "RFC 6655:
+ AES-CCM Cipher Suites for Transport Layer Security
+ (TLS)";
+ }
+ enum TLS_PSK_WITH_AES_256_CCM_8 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_PSK_WITH_AES_256_CCM_8'
+ algorithm.";
+ reference
+ "RFC 6655:
+ AES-CCM Cipher Suites for Transport Layer Security
+ (TLS)";
+ }
+ enum TLS_PSK_DHE_WITH_AES_128_CCM_8 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_PSK_DHE_WITH_AES_128_CCM_8'
+ algorithm.";
+ reference
+ "RFC 6655:
+ AES-CCM Cipher Suites for Transport Layer Security
+ (TLS)";
+ }
+ enum TLS_PSK_DHE_WITH_AES_256_CCM_8 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_PSK_DHE_WITH_AES_256_CCM_8'
+ algorithm.";
+ reference
+ "RFC 6655:
+ AES-CCM Cipher Suites for Transport Layer Security
+ (TLS)";
+ }
+ enum TLS_ECDHE_ECDSA_WITH_AES_128_CCM {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_ECDHE_ECDSA_WITH_AES_128_CCM'
+ algorithm.";
+ reference
+ "RFC 7251:
+ AES-CCM Elliptic Curve Cryptography (ECC) Cipher Suites
+ for TLS";
+ }
+ enum TLS_ECDHE_ECDSA_WITH_AES_256_CCM {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_ECDHE_ECDSA_WITH_AES_256_CCM'
+ algorithm.";
+ reference
+ "RFC 7251:
+ AES-CCM Elliptic Curve Cryptography (ECC) Cipher Suites
+ for TLS";
+ }
+ enum TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8'
+ algorithm.";
+ reference
+ "RFC 7251:
+ AES-CCM Elliptic Curve Cryptography (ECC) Cipher Suites
+ for TLS";
+ }
+ enum TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8'
+ algorithm.";
+ reference
+ "RFC 7251:
+ AES-CCM Elliptic Curve Cryptography (ECC) Cipher Suites
+ for TLS";
+ }
+ enum TLS_ECCPWD_WITH_AES_128_GCM_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_ECCPWD_WITH_AES_128_GCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 8492:
+ Secure Password Ciphersuites for Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_ECCPWD_WITH_AES_256_GCM_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_ECCPWD_WITH_AES_256_GCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 8492:
+ Secure Password Ciphersuites for Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_ECCPWD_WITH_AES_128_CCM_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_ECCPWD_WITH_AES_128_CCM_SHA256'
+ algorithm.";
+ reference
+ "RFC 8492:
+ Secure Password Ciphersuites for Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_ECCPWD_WITH_AES_256_CCM_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_ECCPWD_WITH_AES_256_CCM_SHA384'
+ algorithm.";
+ reference
+ "RFC 8492:
+ Secure Password Ciphersuites for Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_SHA256_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_SHA256_SHA256' algorithm.";
+ reference
+ "RFC 9150:
+ TLS 1.3 Authentication and Integrity-Only Cipher
+ Suites";
+ }
+ enum TLS_SHA384_SHA384 {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_SHA384_SHA384' algorithm.";
+ reference
+ "RFC 9150:
+ TLS 1.3 Authentication and Integrity-Only Cipher
+ Suites";
+ }
+ enum TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC'
+ algorithm.";
+ reference
+ "RFC 9189:
+ GOST Cipher Suites for Transport Layer Security (TLS)
+ Protocol Version 1.2";
+ }
+ enum TLS_GOSTR341112_256_WITH_MAGMA_CTR_OMAC {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_GOSTR341112_256_WITH_MAGMA_CTR_OMAC' algorithm.";
+ reference
+ "RFC 9189:
+ GOST Cipher Suites for Transport Layer Security (TLS)
+ Protocol Version 1.2";
+ }
+ enum TLS_GOSTR341112_256_WITH_28147_CNT_IMIT {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_GOSTR341112_256_WITH_28147_CNT_IMIT' algorithm.";
+ reference
+ "RFC 9189:
+ GOST Cipher Suites for Transport Layer Security (TLS)
+ Protocol Version 1.2";
+ }
+ enum TLS_GOSTR341112_256_WITH_KUZNYECHIK_MGM_L {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_GOSTR341112_256_WITH_KUZNYECHIK_MGM_L' algorithm.";
+ reference
+ "RFC 9367:
+ GOST Cipher Suites for Transport Layer Security (TLS)
+ Protocol Version 1.3";
+ }
+ enum TLS_GOSTR341112_256_WITH_MAGMA_MGM_L {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_GOSTR341112_256_WITH_MAGMA_MGM_L'
+ algorithm.";
+ reference
+ "RFC 9367:
+ GOST Cipher Suites for Transport Layer Security (TLS)
+ Protocol Version 1.3";
+ }
+ enum TLS_GOSTR341112_256_WITH_KUZNYECHIK_MGM_S {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_GOSTR341112_256_WITH_KUZNYECHIK_MGM_S' algorithm.";
+ reference
+ "RFC 9367:
+ GOST Cipher Suites for Transport Layer Security (TLS)
+ Protocol Version 1.3";
+ }
+ enum TLS_GOSTR341112_256_WITH_MAGMA_MGM_S {
+ status deprecated;
+ description
+ "Enumeration for the 'TLS_GOSTR341112_256_WITH_MAGMA_MGM_S'
+ algorithm.";
+ reference
+ "RFC 9367:
+ GOST Cipher Suites for Transport Layer Security (TLS)
+ Protocol Version 1.3";
+ }
+ enum TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 {
+ description
+ "Enumeration for the
+ 'TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256' algorithm.";
+ reference
+ "RFC 7905:
+ ChaCha20-Poly1305 Cipher Suites for Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 {
+ description
+ "Enumeration for the
+ 'TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256'
+ algorithm.";
+ reference
+ "RFC 7905:
+ ChaCha20-Poly1305 Cipher Suites for Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 {
+ description
+ "Enumeration for the
+ 'TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256' algorithm.";
+ reference
+ "RFC 7905:
+ ChaCha20-Poly1305 Cipher Suites for Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_PSK_WITH_CHACHA20_POLY1305_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_PSK_WITH_CHACHA20_POLY1305_SHA256' algorithm.";
+ reference
+ "RFC 7905:
+ ChaCha20-Poly1305 Cipher Suites for Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 {
+ description
+ "Enumeration for the
+ 'TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256' algorithm.";
+ reference
+ "RFC 7905:
+ ChaCha20-Poly1305 Cipher Suites for Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256 {
+ description
+ "Enumeration for the
+ 'TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256' algorithm.";
+ reference
+ "RFC 7905:
+ ChaCha20-Poly1305 Cipher Suites for Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256' algorithm.";
+ reference
+ "RFC 7905:
+ ChaCha20-Poly1305 Cipher Suites for Transport Layer
+ Security (TLS)";
+ }
+ enum TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256 {
+ description
+ "Enumeration for the
+ 'TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256' algorithm.";
+ reference
+ "RFC 8442:
+ ECDHE_PSK with AES-GCM and AES-CCM Cipher Suites for TLS
+ 1.2 and DTLS 1.2";
+ }
+ enum TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384 {
+ description
+ "Enumeration for the
+ 'TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384' algorithm.";
+ reference
+ "RFC 8442:
+ ECDHE_PSK with AES-GCM and AES-CCM Cipher Suites for TLS
+ 1.2 and DTLS 1.2";
+ }
+ enum TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256 {
+ status deprecated;
+ description
+ "Enumeration for the
+ 'TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256' algorithm.";
+ reference
+ "RFC 8442:
+ ECDHE_PSK with AES-GCM and AES-CCM Cipher Suites for TLS
+ 1.2 and DTLS 1.2";
+ }
+ enum TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256 {
+ description
+ "Enumeration for the
+ 'TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256' algorithm.";
+ reference
+ "RFC 8442:
+ ECDHE_PSK with AES-GCM and AES-CCM Cipher Suites for TLS
+ 1.2 and DTLS 1.2";
+ }
+ }
+ description
+ "An enumeration for TLS cipher-suite algorithms.";
+ }
+
+}
diff --git a/yangkit-examples/src/main/resources/App6/yangs/ietf-crypto-types@2024-10-10.yang b/yangkit-examples/src/main/resources/App6/yangs/ietf-crypto-types@2024-10-10.yang
new file mode 100644
index 00000000..1b547da2
--- /dev/null
+++ b/yangkit-examples/src/main/resources/App6/yangs/ietf-crypto-types@2024-10-10.yang
@@ -0,0 +1,1109 @@
+module ietf-crypto-types {
+ yang-version 1.1;
+ namespace "urn:ietf:params:xml:ns:yang:ietf-crypto-types";
+ prefix ct;
+
+ import ietf-yang-types {
+ prefix yang;
+ reference
+ "RFC 6991: Common YANG Data Types";
+ }
+
+ import ietf-netconf-acm {
+ prefix nacm;
+ reference
+ "RFC 8341: Network Configuration Access Control Model";
+ }
+
+ organization
+ "IETF NETCONF (Network Configuration) Working Group";
+
+ contact
+ "WG Web: https://datatracker.ietf.org/wg/netconf
+ WG List: NETCONF WG list
+ Author: Kent Watsen ";
+
+ description
+ "This module defines common YANG types for cryptographic
+ applications.
+
+ The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL',
+ 'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED',
+ 'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this document
+ are to be interpreted as described in BCP 14 (RFC 2119)
+ (RFC 8174) when, and only when, they appear in all
+ capitals, as shown here.
+
+ Copyright (c) 2024 IETF Trust and the persons identified
+ as authors of the code. All rights reserved.
+
+ Redistribution and use in source and binary forms, with
+ or without modification, is permitted pursuant to, and
+ subject to the license terms contained in, the Revised
+ BSD License set forth in Section 4.c of the IETF Trust's
+ Legal Provisions Relating to IETF Documents
+ (https://trustee.ietf.org/license-info).
+
+ This version of this YANG module is part of RFC 9640
+ (https://www.rfc-editor.org/info/rfc9640); see the RFC
+ itself for full legal notices.";
+
+ revision 2024-10-10 {
+ description
+ "Initial version.";
+ reference
+ "RFC 9640: YANG Data Types and Groupings for Cryptography";
+ }
+
+ /****************/
+ /* Features */
+ /****************/
+
+ feature one-symmetric-key-format {
+ description
+ "Indicates that the server supports the
+ 'one-symmetric-key-format' identity.";
+ }
+
+ feature one-asymmetric-key-format {
+ description
+ "Indicates that the server supports the
+ 'one-asymmetric-key-format' identity.";
+ }
+
+ feature symmetrically-encrypted-value-format {
+ description
+ "Indicates that the server supports the
+ 'symmetrically-encrypted-value-format' identity.";
+ }
+
+ feature asymmetrically-encrypted-value-format {
+ description
+ "Indicates that the server supports the
+ 'asymmetrically-encrypted-value-format' identity.";
+ }
+
+ feature cms-enveloped-data-format {
+ description
+ "Indicates that the server supports the
+ 'cms-enveloped-data-format' identity.";
+ }
+
+ feature cms-encrypted-data-format {
+ description
+ "Indicates that the server supports the
+ 'cms-encrypted-data-format' identity.";
+ }
+
+ feature p10-csr-format {
+ description
+ "Indicates that the server implements support
+ for generating P10-based CSRs, as defined
+ in RFC 2986.";
+ reference
+ "RFC 2986: PKCS #10: Certification Request Syntax
+ Specification Version 1.7";
+ }
+
+ feature csr-generation {
+ description
+ "Indicates that the server implements the
+ 'generate-csr' action.";
+ }
+
+ feature certificate-expiration-notification {
+ description
+ "Indicates that the server implements the
+ 'certificate-expiration' notification.";
+ }
+
+ feature cleartext-passwords {
+ description
+ "Indicates that the server supports cleartext
+ passwords.";
+ }
+
+ feature encrypted-passwords {
+ description
+ "Indicates that the server supports password
+ encryption.";
+ }
+
+ feature cleartext-symmetric-keys {
+ description
+ "Indicates that the server supports cleartext
+ symmetric keys.";
+ }
+
+ feature hidden-symmetric-keys {
+ description
+ "Indicates that the server supports hidden keys.";
+ }
+
+ feature encrypted-symmetric-keys {
+ description
+ "Indicates that the server supports encryption
+ of symmetric keys.";
+ }
+
+ feature cleartext-private-keys {
+ description
+ "Indicates that the server supports cleartext
+ private keys.";
+ }
+
+ feature hidden-private-keys {
+ description
+ "Indicates that the server supports hidden keys.";
+ }
+
+ feature encrypted-private-keys {
+ description
+ "Indicates that the server supports encryption
+ of private keys.";
+ }
+
+ /*************************************************/
+ /* Base Identities for Key Format Structures */
+ /*************************************************/
+
+ identity symmetric-key-format {
+ description
+ "Base key-format identity for symmetric keys.";
+ }
+
+ identity public-key-format {
+ description
+ "Base key-format identity for public keys.";
+ }
+
+ identity private-key-format {
+ description
+ "Base key-format identity for private keys.";
+ }
+
+ /****************************************************/
+ /* Identities for Private Key Format Structures */
+ /****************************************************/
+
+ identity rsa-private-key-format {
+ base private-key-format;
+ description
+ "Indicates that the private key value is encoded as
+ an RSAPrivateKey (from RFC 8017), encoded using ASN.1
+ distinguished encoding rules (DER), as specified in
+ ITU-T X.690.";
+ reference
+ "RFC 8017:
+ PKCS #1: RSA Cryptography Specifications Version 2.2
+ ITU-T X.690:
+ Information technology - ASN.1 encoding rules:
+ Specification of Basic Encoding Rules (BER),
+ Canonical Encoding Rules (CER) and Distinguished
+ Encoding Rules (DER) 02/2021";
+ }
+
+ identity ec-private-key-format {
+ base private-key-format;
+ description
+ "Indicates that the private key value is encoded as
+ an ECPrivateKey (from RFC 5915), encoded using ASN.1
+ distinguished encoding rules (DER), as specified in
+ ITU-T X.690.";
+ reference
+ "RFC 5915:
+ Elliptic Curve Private Key Structure
+ ITU-T X.690:
+ Information technology - ASN.1 encoding rules:
+ Specification of Basic Encoding Rules (BER),
+ Canonical Encoding Rules (CER) and Distinguished
+ Encoding Rules (DER) 02/2021";
+ }
+
+ identity one-asymmetric-key-format {
+ if-feature "one-asymmetric-key-format";
+ base private-key-format;
+ description
+ "Indicates that the private key value is a
+ Cryptographic Message Syntax (CMS) OneAsymmetricKey
+ structure, as defined in RFC 5958, encoded using
+ ASN.1 distinguished encoding rules (DER), as
+ specified in ITU-T X.690.";
+ reference
+ "RFC 5958:
+ Asymmetric Key Packages
+ ITU-T X.690:
+ Information technology - ASN.1 encoding rules:
+ Specification of Basic Encoding Rules (BER),
+ Canonical Encoding Rules (CER) and Distinguished
+ Encoding Rules (DER) 02/2021";
+ }
+
+ /***************************************************/
+ /* Identities for Public Key Format Structures */
+ /***************************************************/
+
+ identity ssh-public-key-format {
+ base public-key-format;
+ description
+ "Indicates that the public key value is a Secure Shell (SSH)
+ public key, as specified in RFC 4253, Section 6.6, i.e.:
+
+ string certificate or public key format
+ identifier
+ byte[n] key/certificate data.";
+ reference
+ "RFC 4253: The Secure Shell (SSH) Transport Layer Protocol";
+ }
+
+ identity subject-public-key-info-format {
+ base public-key-format;
+ description
+ "Indicates that the public key value is a SubjectPublicKeyInfo
+ structure, as described in RFC 5280, encoded using ASN.1
+ distinguished encoding rules (DER), as specified in
+ ITU-T X.690.";
+ reference
+ "RFC 5280:
+ Internet X.509 Public Key Infrastructure Certificate
+ and Certificate Revocation List (CRL) Profile
+ ITU-T X.690:
+ Information technology - ASN.1 encoding rules:
+ Specification of Basic Encoding Rules (BER),
+ Canonical Encoding Rules (CER) and Distinguished
+ Encoding Rules (DER) 02/2021";
+ }
+
+ /******************************************************/
+ /* Identities for Symmetric Key Format Structures */
+ /******************************************************/
+
+ identity octet-string-key-format {
+ base symmetric-key-format;
+ description
+ "Indicates that the key is encoded as a raw octet string.
+ The length of the octet string MUST be appropriate for
+ the associated algorithm's block size.
+
+ The identity of the associated algorithm is outside the
+ scope of this specification. This is also true when
+ the octet string has been encrypted.";
+ }
+
+ identity one-symmetric-key-format {
+ if-feature "one-symmetric-key-format";
+ base symmetric-key-format;
+ description
+ "Indicates that the private key value is a CMS
+ OneSymmetricKey structure, as defined in RFC 6031,
+ encoded using ASN.1 distinguished encoding rules
+ (DER), as specified in ITU-T X.690.";
+ reference
+ "RFC 6031:
+ Cryptographic Message Syntax (CMS)
+ Symmetric Key Package Content Type
+ ITU-T X.690:
+ Information technology - ASN.1 encoding rules:
+ Specification of Basic Encoding Rules (BER),
+ Canonical Encoding Rules (CER) and Distinguished
+ Encoding Rules (DER) 02/2021";
+ }
+
+ /*************************************************/
+ /* Identities for Encrypted Value Structures */
+ /*************************************************/
+
+ identity encrypted-value-format {
+ description
+ "Base format identity for encrypted values.";
+ }
+
+ identity symmetrically-encrypted-value-format {
+ if-feature "symmetrically-encrypted-value-format";
+ base encrypted-value-format;
+ description
+ "Base format identity for symmetrically encrypted
+ values.";
+ }
+
+ identity asymmetrically-encrypted-value-format {
+ if-feature "asymmetrically-encrypted-value-format";
+ base encrypted-value-format;
+ description
+ "Base format identity for asymmetrically encrypted
+ values.";
+ }
+
+ identity cms-encrypted-data-format {
+ if-feature "cms-encrypted-data-format";
+ base symmetrically-encrypted-value-format;
+ description
+ "Indicates that the encrypted value conforms to
+ the 'encrypted-data-cms' type with the constraint
+ that the 'unprotectedAttrs' value is not set.";
+ reference
+ "RFC 5652:
+ Cryptographic Message Syntax (CMS)
+ ITU-T X.690:
+ Information technology - ASN.1 encoding rules:
+ Specification of Basic Encoding Rules (BER),
+ Canonical Encoding Rules (CER) and Distinguished
+ Encoding Rules (DER) 02/2021";
+ }
+
+ identity cms-enveloped-data-format {
+ if-feature "cms-enveloped-data-format";
+ base asymmetrically-encrypted-value-format;
+ description
+ "Indicates that the encrypted value conforms to the
+ 'enveloped-data-cms' type with the following constraints:
+
+ The EnvelopedData structure MUST have exactly one
+ 'RecipientInfo'.
+
+ If the asymmetric key supports public key cryptography
+ (e.g., RSA), then the 'RecipientInfo' must be a
+ 'KeyTransRecipientInfo' with the 'RecipientIdentifier'
+ using a 'subjectKeyIdentifier' with the value set using
+ 'method 1' in RFC 7093 over the recipient's public key.
+
+ Otherwise, if the asymmetric key supports key agreement
+ (e.g., Elliptic Curve Cryptography (ECC)), then the
+ 'RecipientInfo' must be a 'KeyAgreeRecipientInfo'. The
+ 'OriginatorIdentifierOrKey' value must use the
+ 'OriginatorPublicKey' alternative. The
+ 'UserKeyingMaterial' value must not be present. There
+ must be exactly one 'RecipientEncryptedKeys' value
+ having the 'KeyAgreeRecipientIdentifier' set to 'rKeyId'
+ with the value set using 'method 1' in RFC 7093 over the
+ recipient's public key.";
+ reference
+ "RFC 5652:
+ Cryptographic Message Syntax (CMS)
+ RFC 7093:
+ Additional Methods for Generating Key
+ Identifiers Values
+ ITU-T X.690:
+ Information technology - ASN.1 encoding rules:
+ Specification of Basic Encoding Rules (BER),
+ Canonical Encoding Rules (CER) and Distinguished
+ Encoding Rules (DER) 02/2021";
+ }
+
+ /*********************************************************/
+ /* Identities for Certificate Signing Request Formats */
+ /*********************************************************/
+
+ identity csr-format {
+ description
+ "A base identity for the certificate signing request
+ formats. Additional derived identities MAY be defined
+ by future efforts.";
+ }
+
+ identity p10-csr-format {
+ if-feature "p10-csr-format";
+ base csr-format;
+ description
+ "Indicates the CertificationRequest structure
+ defined in RFC 2986.";
+ reference
+ "RFC 2986: PKCS #10: Certification Request Syntax
+ Specification Version 1.7";
+ }
+
+ /***************************************************/
+ /* Typedefs for ASN.1 structures from RFC 2986 */
+ /***************************************************/
+
+ typedef csr-info {
+ type binary;
+ description
+ "A CertificationRequestInfo structure, as defined in
+ RFC 2986, encoded using ASN.1 distinguished encoding
+ rules (DER), as specified in ITU-T X.690.";
+ reference
+ "RFC 2986:
+ PKCS #10: Certification Request Syntax
+ Specification Version 1.7
+ ITU-T X.690:
+ Information technology - ASN.1 encoding rules:
+ Specification of Basic Encoding Rules (BER),
+ Canonical Encoding Rules (CER) and Distinguished
+ Encoding Rules (DER) 02/2021";
+ }
+
+ typedef p10-csr {
+ type binary;
+ description
+ "A CertificationRequest structure, as specified in
+ RFC 2986, encoded using ASN.1 distinguished encoding
+ rules (DER), as specified in ITU-T X.690.";
+ reference
+ "RFC 2986:
+ PKCS #10: Certification Request Syntax Specification
+ Version 1.7
+ ITU-T X.690:
+ Information technology - ASN.1 encoding rules:
+ Specification of Basic Encoding Rules (BER),
+ Canonical Encoding Rules (CER) and Distinguished
+ Encoding Rules (DER) 02/2021";
+ }
+
+ /***************************************************/
+ /* Typedefs for ASN.1 structures from RFC 5280 */
+ /***************************************************/
+
+ typedef x509 {
+ type binary;
+ description
+ "A Certificate structure, as specified in RFC 5280,
+ encoded using ASN.1 distinguished encoding rules (DER),
+ as specified in ITU-T X.690.";
+ reference
+ "RFC 5280:
+ Internet X.509 Public Key Infrastructure Certificate
+ and Certificate Revocation List (CRL) Profile
+ ITU-T X.690:
+ Information technology - ASN.1 encoding rules:
+ Specification of Basic Encoding Rules (BER),
+ Canonical Encoding Rules (CER) and Distinguished
+ Encoding Rules (DER) 02/2021";
+ }
+
+ typedef crl {
+ type binary;
+ description
+ "A CertificateList structure, as specified in RFC 5280,
+ encoded using ASN.1 distinguished encoding rules (DER),
+ as specified in ITU-T X.690.";
+ reference
+ "RFC 5280:
+ Internet X.509 Public Key Infrastructure Certificate
+ and Certificate Revocation List (CRL) Profile
+ ITU-T X.690:
+ Information technology - ASN.1 encoding rules:
+ Specification of Basic Encoding Rules (BER),
+ Canonical Encoding Rules (CER) and Distinguished
+ Encoding Rules (DER) 02/2021";
+ }
+
+ /***************************************************/
+ /* Typedefs for ASN.1 structures from RFC 6960 */
+ /***************************************************/
+
+ typedef oscp-request {
+ type binary;
+ description
+ "A OCSPRequest structure, as specified in RFC 6960,
+ encoded using ASN.1 distinguished encoding rules
+ (DER), as specified in ITU-T X.690.";
+ reference
+ "RFC 6960:
+ X.509 Internet Public Key Infrastructure Online
+ Certificate Status Protocol - OCSP
+ ITU-T X.690:
+ Information technology - ASN.1 encoding rules:
+ Specification of Basic Encoding Rules (BER),
+ Canonical Encoding Rules (CER) and Distinguished
+ Encoding Rules (DER) 02/2021";
+ }
+
+ typedef oscp-response {
+ type binary;
+ description
+ "A OCSPResponse structure, as specified in RFC 6960,
+ encoded using ASN.1 distinguished encoding rules
+ (DER), as specified in ITU-T X.690.";
+ reference
+ "RFC 6960:
+ X.509 Internet Public Key Infrastructure Online
+ Certificate Status Protocol - OCSP
+ ITU-T X.690:
+ Information technology - ASN.1 encoding rules:
+ Specification of Basic Encoding Rules (BER),
+ Canonical Encoding Rules (CER) and Distinguished
+ Encoding Rules (DER) 02/2021";
+ }
+
+ /***********************************************/
+ /* Typedefs for ASN.1 structures from 5652 */
+ /***********************************************/
+
+ typedef cms {
+ type binary;
+ description
+ "A ContentInfo structure, as specified in RFC 5652,
+ encoded using ASN.1 distinguished encoding rules (DER),
+ as specified in ITU-T X.690.";
+ reference
+ "RFC 5652:
+ Cryptographic Message Syntax (CMS)
+ ITU-T X.690:
+ Information technology - ASN.1 encoding rules:
+ Specification of Basic Encoding Rules (BER),
+ Canonical Encoding Rules (CER) and Distinguished
+ Encoding Rules (DER) 02/2021";
+ }
+
+ typedef data-content-cms {
+ type cms;
+ description
+ "A CMS structure whose top-most content type MUST be the
+ data content type, as described in Section 4 of RFC 5652.";
+ reference
+ "RFC 5652: Cryptographic Message Syntax (CMS)";
+ }
+
+ typedef signed-data-cms {
+ type cms;
+ description
+ "A CMS structure whose top-most content type MUST be the
+ signed-data content type, as described in Section 5 of
+ RFC 5652.";
+ reference
+ "RFC 5652: Cryptographic Message Syntax (CMS)";
+ }
+
+ typedef enveloped-data-cms {
+ type cms;
+ description
+ "A CMS structure whose top-most content type MUST be the
+ enveloped-data content type, as described in Section 6
+ of RFC 5652.";
+ reference
+ "RFC 5652: Cryptographic Message Syntax (CMS)";
+ }
+
+ typedef digested-data-cms {
+ type cms;
+ description
+ "A CMS structure whose top-most content type MUST be the
+ digested-data content type, as described in Section 7
+ of RFC 5652.";
+ reference
+ "RFC 5652: Cryptographic Message Syntax (CMS)";
+ }
+
+ typedef encrypted-data-cms {
+ type cms;
+ description
+ "A CMS structure whose top-most content type MUST be the
+ encrypted-data content type, as described in Section 8
+ of RFC 5652.";
+ reference
+ "RFC 5652: Cryptographic Message Syntax (CMS)";
+ }
+
+ typedef authenticated-data-cms {
+ type cms;
+ description
+ "A CMS structure whose top-most content type MUST be the
+ authenticated-data content type, as described in Section 9
+ of RFC 5652.";
+ reference
+ "RFC 5652: Cryptographic Message Syntax (CMS)";
+ }
+
+ /*********************************************************/
+ /* Typedefs for ASN.1 structures related to RFC 5280 */
+ /*********************************************************/
+
+ typedef trust-anchor-cert-x509 {
+ type x509;
+ description
+ "A Certificate structure that MUST encode a self-signed
+ root certificate.";
+ }
+
+ typedef end-entity-cert-x509 {
+ type x509;
+ description
+ "A Certificate structure that MUST encode a certificate
+ that is neither self-signed nor has Basic constraint
+ CA true.";
+ }
+
+ /*********************************************************/
+ /* Typedefs for ASN.1 structures related to RFC 5652 */
+ /*********************************************************/
+
+ typedef trust-anchor-cert-cms {
+ type signed-data-cms;
+ description
+ "A CMS SignedData structure that MUST contain the chain of
+ X.509 certificates needed to authenticate the certificate
+ presented by a client or end entity.
+
+ The CMS MUST contain only a single chain of certificates.
+ The client or end-entity certificate MUST only authenticate
+ to the last intermediate CA certificate listed in the chain.
+
+ In all cases, the chain MUST include a self-signed root
+ certificate. In the case where the root certificate is
+ itself the issuer of the client or end-entity certificate,
+ only one certificate is present.
+
+ This CMS structure MAY (as applicable where this type is
+ used) also contain suitably fresh (as defined by local
+ policy) revocation objects with which the device can
+ verify the revocation status of the certificates.
+
+ This CMS encodes the degenerate form of the SignedData
+ structure (RFC 5652, Section 5.2) that is commonly used
+ to disseminate X.509 certificates and revocation objects
+ (RFC 5280).";
+ reference
+ "RFC 5280:
+ Internet X.509 Public Key Infrastructure Certificate
+ and Certificate Revocation List (CRL) Profile
+ RFC 5652:
+ Cryptographic Message Syntax (CMS)";
+ }
+
+ typedef end-entity-cert-cms {
+ type signed-data-cms;
+ description
+ "A CMS SignedData structure that MUST contain the end-entity
+ certificate itself and MAY contain any number
+ of intermediate certificates leading up to a trust
+ anchor certificate. The trust anchor certificate
+ MAY be included as well.
+
+ The CMS MUST contain a single end-entity certificate.
+ The CMS MUST NOT contain any spurious certificates.
+
+ This CMS structure MAY (as applicable where this type is
+ used) also contain suitably fresh (as defined by local
+ policy) revocation objects with which the device can
+ verify the revocation status of the certificates.
+
+ This CMS encodes the degenerate form of the SignedData
+ structure (RFC 5652, Section 5.2) that is commonly
+ used to disseminate X.509 certificates and revocation
+ objects (RFC 5280).";
+
+ reference
+ "RFC 5280:
+ Internet X.509 Public Key Infrastructure Certificate
+ and Certificate Revocation List (CRL) Profile
+ RFC 5652:
+ Cryptographic Message Syntax (CMS)";
+ }
+
+ /*****************/
+ /* Groupings */
+ /*****************/
+
+ grouping encrypted-value-grouping {
+ description
+ "A reusable grouping for a value that has been encrypted by
+ a referenced symmetric or asymmetric key.";
+ container encrypted-by {
+ nacm:default-deny-write;
+ description
+ "An empty container enabling a reference to the key that
+ encrypted the value to be augmented in. The referenced
+ key MUST be a symmetric key or an asymmetric key.
+
+ A symmetric key MUST be referenced via a leaf node called
+ 'symmetric-key-ref'. An asymmetric key MUST be referenced
+ via a leaf node called 'asymmetric-key-ref'.
+
+ The leaf nodes MUST be direct descendants in the data tree
+ and MAY be direct descendants in the schema tree (e.g.,
+ 'choice'/'case' statements are allowed but not a
+ container).";
+ }
+ leaf encrypted-value-format {
+ type identityref {
+ base encrypted-value-format;
+ }
+ mandatory true;
+ description
+ "Identifies the format of the 'encrypted-value' leaf.
+
+ If 'encrypted-by' points to a symmetric key, then an
+ identity based on 'symmetrically-encrypted-value-format'
+ MUST be set (e.g., 'cms-encrypted-data-format').
+
+ If 'encrypted-by' points to an asymmetric key, then an
+ identity based on 'asymmetrically-encrypted-value-format'
+ MUST be set (e.g., 'cms-enveloped-data-format').";
+ }
+ leaf encrypted-value {
+ nacm:default-deny-write;
+ type binary;
+ must '../encrypted-by';
+ mandatory true;
+ description
+ "The value, encrypted using the referenced symmetric
+ or asymmetric key. The value MUST be encoded using
+ the format associated with the 'encrypted-value-format'
+ leaf.";
+ }
+ }
+
+ grouping password-grouping {
+ description
+ "A password used for authenticating to a remote system.
+
+ The 'ianach:crypt-hash' typedef from RFC 7317 should be
+ used instead when needing a password to authenticate a
+ local account.";
+ choice password-type {
+ nacm:default-deny-write;
+ mandatory true;
+ description
+ "Choice between password types.";
+ case cleartext-password {
+ if-feature "cleartext-passwords";
+ leaf cleartext-password {
+ nacm:default-deny-all;
+ type string;
+ description
+ "The cleartext value of the password.";
+ }
+ }
+ case encrypted-password {
+ if-feature "encrypted-passwords";
+ container encrypted-password {
+ description
+ "A container for the encrypted password value.";
+ uses encrypted-value-grouping;
+ }
+ }
+ }
+ }
+
+ grouping symmetric-key-grouping {
+ description
+ "A symmetric key.";
+ leaf key-format {
+ nacm:default-deny-write;
+ type identityref {
+ base symmetric-key-format;
+ }
+ description
+ "Identifies the symmetric key's format. Implementations
+ SHOULD ensure that the incoming symmetric key value is
+ encoded in the specified format.
+
+ For encrypted keys, the value is the decrypted key's
+ format (i.e., the 'encrypted-value-format' conveys the
+ encrypted key's format).";
+ }
+ choice key-type {
+ nacm:default-deny-write;
+ mandatory true;
+ description
+ "Choice between key types.";
+ case cleartext-symmetric-key {
+ leaf cleartext-symmetric-key {
+ if-feature "cleartext-symmetric-keys";
+ nacm:default-deny-all;
+ type binary;
+ must '../key-format';
+ description
+ "The binary value of the key. The interpretation of
+ the value is defined by the 'key-format' field.";
+ }
+ }
+ case hidden-symmetric-key {
+ if-feature "hidden-symmetric-keys";
+ leaf hidden-symmetric-key {
+ type empty;
+ must 'not(../key-format)';
+ description
+ "A hidden key is not exportable and not extractable;
+ therefore, it is of type 'empty' as its value is
+ inaccessible via management interfaces. Though hidden
+ to users, such keys are not hidden to the server and
+ may be referenced by configuration to indicate which
+ key a server should use for a cryptographic operation.
+ How such keys are created is outside the scope of this
+ module.";
+ }
+ }
+ case encrypted-symmetric-key {
+ if-feature "encrypted-symmetric-keys";
+ container encrypted-symmetric-key {
+ must '../key-format';
+ description
+ "A container for the encrypted symmetric key value.
+ The interpretation of the 'encrypted-value' node
+ is via the 'key-format' node";
+ uses encrypted-value-grouping;
+ }
+ }
+ }
+ }
+
+ grouping public-key-grouping {
+ description
+ "A public key.";
+ leaf public-key-format {
+ nacm:default-deny-write;
+ type identityref {
+ base public-key-format;
+ }
+ mandatory true;
+ description
+ "Identifies the public key's format. Implementations SHOULD
+ ensure that the incoming public key value is encoded in the
+ specified format.";
+ }
+ leaf public-key {
+ nacm:default-deny-write;
+ type binary;
+ mandatory true;
+ description
+ "The binary value of the public key. The interpretation
+ of the value is defined by the 'public-key-format' field.";
+ }
+ }
+
+ grouping private-key-grouping {
+ description
+ "A private key.";
+ leaf private-key-format {
+ nacm:default-deny-write;
+ type identityref {
+ base private-key-format;
+ }
+ description
+ "Identifies the private key's format. Implementations SHOULD
+ ensure that the incoming private key value is encoded in the
+ specified format.
+
+ For encrypted keys, the value is the decrypted key's
+ format (i.e., the 'encrypted-value-format' conveys the
+ encrypted key's format).";
+ }
+ choice private-key-type {
+ nacm:default-deny-write;
+ mandatory true;
+ description
+ "Choice between key types.";
+ case cleartext-private-key {
+ if-feature "cleartext-private-keys";
+ leaf cleartext-private-key {
+ nacm:default-deny-all;
+ type binary;
+ must '../private-key-format';
+ description
+ "The value of the binary key. The key's value is
+ interpreted by the 'private-key-format' field.";
+ }
+ }
+ case hidden-private-key {
+ if-feature "hidden-private-keys";
+ leaf hidden-private-key {
+ type empty;
+ must 'not(../private-key-format)';
+ description
+ "A hidden key. It is of type 'empty' as its value is
+ inaccessible via management interfaces. Though hidden
+ to users, such keys are not hidden to the server and
+ may be referenced by configuration to indicate which
+ key a server should use for a cryptographic operation.
+ How such keys are created is outside the scope of this
+ module.";
+ }
+ }
+ case encrypted-private-key {
+ if-feature "encrypted-private-keys";
+ container encrypted-private-key {
+ must '../private-key-format';
+ description
+ "A container for the encrypted asymmetric private key
+ value. The interpretation of the 'encrypted-value'
+ node is via the 'private-key-format' node";
+ uses encrypted-value-grouping;
+ }
+ }
+ }
+ }
+
+ grouping asymmetric-key-pair-grouping {
+ description
+ "A private key and, optionally, its associated public key.
+ Implementations MUST ensure that the two keys, when both
+ are specified, are a matching pair.";
+ uses public-key-grouping {
+ refine "public-key-format" {
+ mandatory false;
+ }
+ refine "public-key" {
+ mandatory false;
+ }
+ }
+ uses private-key-grouping;
+ }
+
+ grouping certificate-expiration-grouping {
+ description
+ "A notification for when a certificate is about to expire or
+ has already expired.";
+ notification certificate-expiration {
+ if-feature "certificate-expiration-notification";
+ description
+ "A notification indicating that the configured certificate
+ is either about to expire or has already expired. When to
+ send notifications is an implementation-specific decision,
+ but it is RECOMMENDED that a notification be sent once a
+ month for 3 months, then once a week for four weeks, and
+ then once a day thereafter until the issue is resolved.
+
+ If the certificate's issuer maintains a Certificate
+ Revocation List (CRL), the expiration notification MAY
+ be sent if the CRL is about to expire.";
+ leaf expiration-date {
+ type yang:date-and-time;
+ mandatory true;
+ description
+ "Identifies the expiration date on the certificate.";
+ }
+ }
+ }
+
+ grouping trust-anchor-cert-grouping {
+ description
+ "A trust anchor certificate and a notification for when
+ it is about to expire or has already expired.";
+ leaf cert-data {
+ nacm:default-deny-all;
+ type trust-anchor-cert-cms;
+ description
+ "The binary certificate data for this certificate.";
+ }
+ uses certificate-expiration-grouping;
+ }
+
+ grouping end-entity-cert-grouping {
+ description
+ "An end-entity certificate and a notification for when
+ it is about to expire or has already expired. Implementations
+ SHOULD assert that, where used, the end-entity certificate
+ contains the expected public key.";
+ leaf cert-data {
+ nacm:default-deny-all;
+ type end-entity-cert-cms;
+ description
+ "The binary certificate data for this certificate.";
+ }
+ uses certificate-expiration-grouping;
+ }
+
+ grouping generate-csr-grouping {
+ description
+ "Defines the 'generate-csr' action.";
+ action generate-csr {
+ if-feature "csr-generation";
+ nacm:default-deny-all;
+ description
+ "Generates a certificate signing request structure for
+ the associated asymmetric key using the passed subject
+ and attribute values.
+
+ This 'action' statement is only available when the
+ associated 'public-key-format' node's value is
+ 'subject-public-key-info-format'.";
+ input {
+ leaf csr-format {
+ type identityref {
+ base csr-format;
+ }
+ mandatory true;
+ description
+ "Specifies the format for the returned certificate.";
+ }
+ leaf csr-info {
+ type csr-info;
+ mandatory true;
+ description
+ "A CertificationRequestInfo structure, as defined in
+ RFC 2986.
+
+ Enables the client to provide a fully populated
+ CertificationRequestInfo structure that the server
+ only needs to sign in order to generate the complete
+ CertificationRequest structure to return in the
+ 'output'.
+
+ The 'AlgorithmIdentifier' field contained inside
+ the 'SubjectPublicKeyInfo' field MUST be one known
+ to be supported by the device.";
+ reference
+ "RFC 2986:
+ PKCS #10: Certification Request Syntax Specification
+ RFC 9640:
+ YANG Data Types and Groupings for Cryptography";
+ }
+ }
+ output {
+ choice csr-type {
+ mandatory true;
+ description
+ "A choice amongst certificate signing request formats.
+ Additional formats MAY be augmented into this 'choice'
+ statement by future efforts.";
+ case p10-csr {
+ leaf p10-csr {
+ type p10-csr;
+ description
+ "A CertificationRequest, as defined in RFC 2986.";
+ }
+ description
+ "A CertificationRequest, as defined in RFC 2986.";
+ reference
+ "RFC 2986:
+ PKCS #10: Certification Request Syntax Specification
+ RFC 9640:
+ YANG Data Types and Groupings for Cryptography";
+ }
+ }
+ }
+ }
+ } // generate-csr-grouping
+
+ grouping asymmetric-key-pair-with-cert-grouping {
+ description
+ "A private/public key pair and an associated certificate.
+ Implementations MUST assert that the certificate contains
+ the matching public key.";
+ uses asymmetric-key-pair-grouping;
+ uses end-entity-cert-grouping;
+ uses generate-csr-grouping;
+ } // asymmetric-key-pair-with-cert-grouping
+
+ grouping asymmetric-key-pair-with-certs-grouping {
+ description
+ "A private/public key pair and a list of associated
+ certificates. Implementations MUST assert that
+ certificates contain the matching public key.";
+ uses asymmetric-key-pair-grouping;
+ container certificates {
+ nacm:default-deny-write;
+ description
+ "Certificates associated with this asymmetric key.";
+ list certificate {
+ key "name";
+ description
+ "A certificate for this asymmetric key.";
+ leaf name {
+ type string;
+ description
+ "An arbitrary name for the certificate.";
+ }
+ uses end-entity-cert-grouping {
+ refine "cert-data" {
+ mandatory true;
+ }
+ }
+ }
+ }
+ uses generate-csr-grouping;
+ } // asymmetric-key-pair-with-certs-grouping
+
+}
diff --git a/yangkit-examples/src/main/resources/App6/yangs/ietf-datastores@2018-02-14.yang b/yangkit-examples/src/main/resources/App6/yangs/ietf-datastores@2018-02-14.yang
new file mode 100644
index 00000000..9e875ab6
--- /dev/null
+++ b/yangkit-examples/src/main/resources/App6/yangs/ietf-datastores@2018-02-14.yang
@@ -0,0 +1,117 @@
+module ietf-datastores {
+ yang-version 1.1;
+ namespace "urn:ietf:params:xml:ns:yang:ietf-datastores";
+ prefix ds;
+
+ organization
+ "IETF Network Modeling (NETMOD) Working Group";
+
+ contact
+ "WG Web:
+
+ WG List:
+
+ Author: Martin Bjorklund
+
+
+ Author: Juergen Schoenwaelder
+
+
+ Author: Phil Shafer
+
+
+ Author: Kent Watsen
+
+
+ Author: Rob Wilton
+ ";
+
+ description
+ "This YANG module defines a set of identities for identifying
+ datastores.
+
+ Copyright (c) 2018 IETF Trust and the persons identified as
+ authors of the code. All rights reserved.
+
+ Redistribution and use in source and binary forms, with or
+ without modification, is permitted pursuant to, and subject to
+ the license terms contained in, the Simplified BSD License set
+ forth in Section 4.c of the IETF Trust's Legal Provisions
+ Relating to IETF Documents
+ (https://trustee.ietf.org/license-info).
+
+ This version of this YANG module is part of RFC 8342
+ (https://www.rfc-editor.org/info/rfc8342); see the RFC itself
+ for full legal notices.";
+
+ revision 2018-02-14 {
+ description
+ "Initial revision.";
+ reference
+ "RFC 8342: Network Management Datastore Architecture (NMDA)";
+ }
+
+ /*
+ * Identities
+ */
+
+ identity datastore {
+ description
+ "Abstract base identity for datastore identities.";
+ }
+
+ identity conventional {
+ base datastore;
+ description
+ "Abstract base identity for conventional configuration
+ datastores.";
+ }
+
+ identity running {
+ base conventional;
+ description
+ "The running configuration datastore.";
+ }
+
+ identity candidate {
+ base conventional;
+ description
+ "The candidate configuration datastore.";
+ }
+
+ identity startup {
+ base conventional;
+ description
+ "The startup configuration datastore.";
+ }
+
+ identity intended {
+ base conventional;
+ description
+ "The intended configuration datastore.";
+ }
+
+ identity dynamic {
+ base datastore;
+ description
+ "Abstract base identity for dynamic configuration datastores.";
+ }
+
+ identity operational {
+ base datastore;
+ description
+ "The operational state datastore.";
+ }
+
+ /*
+ * Type definitions
+ */
+
+ typedef datastore-ref {
+ type identityref {
+ base datastore;
+ }
+ description
+ "A datastore identity reference.";
+ }
+}
diff --git a/yangkit-examples/src/main/resources/App6/yangs/ietf-inet-types@2021-02-22.yang b/yangkit-examples/src/main/resources/App6/yangs/ietf-inet-types@2021-02-22.yang
new file mode 100644
index 00000000..a5ef84e5
--- /dev/null
+++ b/yangkit-examples/src/main/resources/App6/yangs/ietf-inet-types@2021-02-22.yang
@@ -0,0 +1,589 @@
+module ietf-inet-types {
+
+ namespace "urn:ietf:params:xml:ns:yang:ietf-inet-types";
+ prefix "inet";
+
+ organization
+ "IETF Network Modeling (NETMOD) Working Group";
+
+ contact
+ "WG Web:
+ WG List:
+
+ Editor: Juergen Schoenwaelder
+ ";
+
+ description
+ "This module contains a collection of generally useful derived
+ YANG data types for Internet addresses and related things.
+
+ The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL
+ NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED',
+ 'MAY', and 'OPTIONAL' in this document are to be interpreted as
+ described in BCP 14 (RFC 2119) (RFC 8174) when, and only when,
+ they appear in all capitals, as shown here.
+
+ Copyright (c) 2021 IETF Trust and the persons identified as
+ authors of the code. All rights reserved.
+
+ Redistribution and use in source and binary forms, with or
+ without modification, is permitted pursuant to, and subject
+ to the license terms contained in, the Simplified BSD License
+ set forth in Section 4.c of the IETF Trust's Legal Provisions
+ Relating to IETF Documents
+ (http://trustee.ietf.org/license-info).
+
+ This version of this YANG module is part of RFC XXXX;
+ see the RFC itself for full legal notices.";
+
+ revision 2021-02-22 {
+ description
+ "This revision adds the following new data types:
+ - inet:ip-address-and-prefix
+ - inet:ipv4-address-and-prefix
+ - inet:ipv6-address-and-prefix
+ - inet:host-name
+ - inet:email-address
+ The inet:host union was changed to use inet:host-name instead
+ of inet:domain-name.";
+ reference
+ "RFC XXXX: Common YANG Data Types";
+ }
+ revision 2013-07-15 {
+ description
+ "This revision adds the following new data types:
+ - inet:ip-address-no-zone
+ - inet:ipv4-address-no-zone
+ - inet:ipv6-address-no-zone";
+ reference
+ "RFC 6991: Common YANG Data Types";
+ }
+
+ revision 2010-09-24 {
+ description
+ "Initial revision.";
+ reference
+ "RFC 6021: Common YANG Data Types";
+ }
+
+ /*** collection of types related to protocol fields ***/
+
+ typedef ip-version {
+ type enumeration {
+ enum unknown {
+ value "0";
+ description
+ "An unknown or unspecified version of the Internet
+ protocol.";
+ }
+ enum ipv4 {
+ value "1";
+ description
+ "The IPv4 protocol as defined in RFC 791.";
+ }
+ enum ipv6 {
+ value "2";
+ description
+ "The IPv6 protocol as defined in RFC 2460.";
+ }
+ }
+ description
+ "This value represents the version of the IP protocol.
+
+ In the value set and its semantics, this type is equivalent
+ to the InetVersion textual convention of the SMIv2.";
+ reference
+ "RFC 791: Internet Protocol
+ RFC 2460: Internet Protocol, Version 6 (IPv6) Specification
+ RFC 4001: Textual Conventions for Internet Network Addresses";
+ }
+ typedef dscp {
+ type uint8 {
+ range "0..63";
+ }
+ description
+ "The dscp type represents a Differentiated Services Code Point
+ that may be used for marking packets in a traffic stream.
+
+ In the value set and its semantics, this type is equivalent
+ to the Dscp textual convention of the SMIv2.";
+ reference
+ "RFC 3289: Management Information Base for the Differentiated
+ Services Architecture
+ RFC 2474: Definition of the Differentiated Services Field
+ (DS Field) in the IPv4 and IPv6 Headers
+ RFC 2780: IANA Allocation Guidelines For Values In
+ the Internet Protocol and Related Headers";
+ }
+
+ typedef ipv6-flow-label {
+ type uint32 {
+ range "0..1048575";
+ }
+ description
+ "The ipv6-flow-label type represents the flow identifier or
+ Flow Label in an IPv6 packet header that may be used to
+ discriminate traffic flows.
+
+ In the value set and its semantics, this type is equivalent
+ to the IPv6FlowLabel textual convention of the SMIv2.";
+ reference
+ "RFC 3595: Textual Conventions for IPv6 Flow Label
+ RFC 2460: Internet Protocol, Version 6 (IPv6) Specification";
+ }
+
+ typedef port-number {
+ type uint16 {
+ range "0..65535";
+ }
+ description
+ "The port-number type represents a 16-bit port number of an
+ Internet transport-layer protocol such as UDP, TCP, DCCP, or
+ SCTP. Port numbers are assigned by IANA. A current list of
+ all assignments is available from .
+
+ Note that the port number value zero is reserved by IANA. In
+ situations where the value zero does not make sense, it can
+ be excluded by subtyping the port-number type.
+ In the value set and its semantics, this type is equivalent
+ to the InetPortNumber textual convention of the SMIv2.";
+ reference
+ "RFC 768: User Datagram Protocol
+ RFC 793: Transmission Control Protocol
+ RFC 4960: Stream Control Transmission Protocol
+ RFC 4340: Datagram Congestion Control Protocol (DCCP)
+ RFC 4001: Textual Conventions for Internet Network Addresses";
+ }
+
+ /*** collection of types related to autonomous systems ***/
+
+ typedef as-number {
+ type uint32;
+ description
+ "The as-number type represents autonomous system numbers
+ which identify an Autonomous System (AS). An AS is a set
+ of routers under a single technical administration, using
+ an interior gateway protocol and common metrics to route
+ packets within the AS, and using an exterior gateway
+ protocol to route packets to other ASes. IANA maintains
+ the AS number space and has delegated large parts to the
+ regional registries.
+
+ Autonomous system numbers were originally limited to 16
+ bits. BGP extensions have enlarged the autonomous system
+ number space to 32 bits. This type therefore uses an uint32
+ base type without a range restriction in order to support
+ a larger autonomous system number space.
+
+ In the value set and its semantics, this type is equivalent
+ to the InetAutonomousSystemNumber textual convention of
+ the SMIv2.";
+ reference
+ "RFC 1930: Guidelines for creation, selection, and registration
+ of an Autonomous System (AS)
+ RFC 4271: A Border Gateway Protocol 4 (BGP-4)
+ RFC 4001: Textual Conventions for Internet Network Addresses
+ RFC 6793: BGP Support for Four-Octet Autonomous System (AS)
+ Number Space";
+ }
+
+ /*** collection of types related to IP addresses and hostnames ***/
+
+ typedef ip-address {
+ type union {
+ type inet:ipv4-address;
+ type inet:ipv6-address;
+ }
+ description
+ "The ip-address type represents an IP address and is IP
+ version neutral. The format of the textual representation
+ implies the IP version. This type supports scoped addresses
+ by allowing zone identifiers in the address format.";
+ reference
+ "RFC 4007: IPv6 Scoped Address Architecture";
+ }
+
+ typedef ipv4-address {
+ type string {
+ pattern
+ '(([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}'
+ + '([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])'
+ + '(%[\p{N}\p{L}]+)?';
+ }
+ description
+ "The ipv4-address type represents an IPv4 address in
+ dotted-quad notation. The IPv4 address may include a zone
+ index, separated by a % sign.
+
+ The zone index is used to disambiguate identical address
+ values. For link-local addresses, the zone index will
+ typically be the interface index number or the name of an
+ interface. If the zone index is not present, the default
+ zone of the device will be used.
+
+ The canonical format for the zone index is the numerical
+ format";
+ }
+
+ typedef ipv6-address {
+ type string {
+ pattern '((:|[0-9a-fA-F]{0,4}):)([0-9a-fA-F]{0,4}:){0,5}'
+ + '((([0-9a-fA-F]{0,4}:)?(:|[0-9a-fA-F]{0,4}))|'
+ + '(((25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])\.){3}'
+ + '(25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])))'
+ + '(%[\p{N}\p{L}]+)?';
+ pattern '(([^:]+:){6}(([^:]+:[^:]+)|(.*\..*)))|'
+ + '((([^:]+:)*[^:]+)?::(([^:]+:)*[^:]+)?)'
+ + '(%.+)?';
+ }
+ description
+ "The ipv6-address type represents an IPv6 address in full,
+ mixed, shortened, and shortened-mixed notation. The IPv6
+ address may include a zone index, separated by a % sign.
+
+ The zone index is used to disambiguate identical address
+ values. For link-local addresses, the zone index will
+ typically be the interface index number or the name of an
+ interface. If the zone index is not present, the default
+ zone of the device will be used.
+
+ The canonical format of IPv6 addresses uses the textual
+ representation defined in Section 4 of RFC 5952. The
+ canonical format for the zone index is the numerical
+ format as described in Section 11.2 of RFC 4007.";
+ reference
+ "RFC 4291: IP Version 6 Addressing Architecture
+ RFC 4007: IPv6 Scoped Address Architecture
+ RFC 5952: A Recommendation for IPv6 Address Text
+ Representation";
+ }
+
+ typedef ip-address-no-zone {
+ type union {
+ type inet:ipv4-address-no-zone;
+ type inet:ipv6-address-no-zone;
+ }
+ description
+ "The ip-address-no-zone type represents an IP address and is
+ IP version neutral. The format of the textual representation
+ implies the IP version. This type does not support scoped
+ addresses since it does not allow zone identifiers in the
+ address format.";
+ reference
+ "RFC 4007: IPv6 Scoped Address Architecture";
+ }
+
+ typedef ipv4-address-no-zone {
+ type inet:ipv4-address {
+ pattern '[0-9\.]*';
+ }
+ description
+ "An IPv4 address without a zone index. This type, derived from
+ ipv4-address, may be used in situations where the zone is known
+ from the context and hence no zone index is needed.";
+ }
+
+ typedef ipv6-address-no-zone {
+ type inet:ipv6-address {
+ pattern '[0-9a-fA-F:\.]*';
+ }
+ description
+ "An IPv6 address without a zone index. This type, derived from
+ ipv6-address, may be used in situations where the zone is known
+ from the context and hence no zone index is needed.";
+ reference
+ "RFC 4291: IP Version 6 Addressing Architecture
+ RFC 4007: IPv6 Scoped Address Architecture
+ RFC 5952: A Recommendation for IPv6 Address Text
+ Representation";
+ }
+
+ typedef ip-prefix {
+ type union {
+ type inet:ipv4-prefix;
+ type inet:ipv6-prefix;
+ }
+ description
+ "The ip-prefix type represents an IP prefix and is IP
+ version neutral. The format of the textual representations
+ implies the IP version.";
+ }
+
+ typedef ipv4-prefix {
+ type string {
+ pattern
+ '(([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}'
+ + '([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])'
+ + '/(([0-9])|([1-2][0-9])|(3[0-2]))';
+ }
+ description
+ "The ipv4-prefix type represents an IPv4 prefix.
+ The prefix length is given by the number following the
+ slash character and must be less than or equal to 32.
+
+ A prefix length value of n corresponds to an IP address
+ mask that has n contiguous 1-bits from the most
+ significant bit (MSB) and all other bits set to 0.
+
+ The canonical format of an IPv4 prefix has all bits of
+ the IPv4 address set to zero that are not part of the
+ IPv4 prefix.
+
+ The definition of ipv4-prefix does not require that bits,
+ which are not part of the prefix, are set to zero. However,
+ implementations have to return values in canonical format,
+ which requires non-prefix bits to be set to zero. This means
+ that 192.0.2.1/24 must be accepted as a valid value but it
+ will be converted into the canonical format 192.0.2.0/24.";
+ }
+
+ typedef ipv6-prefix {
+ type string {
+ pattern '((:|[0-9a-fA-F]{0,4}):)([0-9a-fA-F]{0,4}:){0,5}'
+ + '((([0-9a-fA-F]{0,4}:)?(:|[0-9a-fA-F]{0,4}))|'
+ + '(((25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])\.){3}'
+ + '(25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])))'
+ + '(/(([0-9])|([0-9]{2})|(1[0-1][0-9])|(12[0-8])))';
+ pattern '(([^:]+:){6}(([^:]+:[^:]+)|(.*\..*)))|'
+ + '((([^:]+:)*[^:]+)?::(([^:]+:)*[^:]+)?)'
+ + '(/.+)';
+ }
+ description
+ "The ipv6-prefix type represents an IPv6 prefix.
+ The prefix length is given by the number following the
+ slash character and must be less than or equal to 128.
+
+ A prefix length value of n corresponds to an IP address
+ mask that has n contiguous 1-bits from the most
+ significant bit (MSB) and all other bits set to 0.
+
+ The canonical format of an IPv6 prefix has all bits of
+ the IPv6 address set to zero that are not part of the
+ IPv6 prefix. Furthermore, the IPv6 address is represented
+ as defined in Section 4 of RFC 5952.
+
+ The definition of ipv6-prefix does not require that bits,
+ which are not part of the prefix, are set to zero. However,
+ implementations have to return values in canonical format,
+ which requires non-prefix bits to be set to zero. This means
+ that 2001:db8::1/64 must be accepted as a valid value but it
+ will be converted into the canonical format 2001:db8::/64.";
+ reference
+ "RFC 5952: A Recommendation for IPv6 Address Text
+ Representation";
+ }
+
+ typedef ip-address-and-prefix {
+ type union {
+ type inet:ipv4-address-and-prefix;
+ type inet:ipv6-address-and-prefix;
+ }
+ description
+ "The ip-address-and-prefix type represents an IP address and
+ prefix and is IP version neutral. The format of the textual
+ representations implies the IP version.";
+ }
+
+ typedef ipv4-address-and-prefix {
+ type string {
+ pattern
+ '(([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}'
+ + '([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])'
+ + '/(([0-9])|([1-2][0-9])|(3[0-2]))';
+ }
+ description
+ "The ipv4-address-and-prefix type represents an IPv4
+ address and an associated ipv4 prefix.
+ The prefix length is given by the number following the
+ slash character and must be less than or equal to 32.
+
+ A prefix length value of n corresponds to an IP address
+ mask that has n contiguous 1-bits from the most
+ significant bit (MSB) and all other bits set to 0.";
+ }
+
+ typedef ipv6-address-and-prefix {
+ type string {
+ pattern '((:|[0-9a-fA-F]{0,4}):)([0-9a-fA-F]{0,4}:){0,5}'
+ + '((([0-9a-fA-F]{0,4}:)?(:|[0-9a-fA-F]{0,4}))|'
+ + '(((25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])\.){3}'
+ + '(25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])))'
+ + '(/(([0-9])|([0-9]{2})|(1[0-1][0-9])|(12[0-8])))';
+ pattern '(([^:]+:){6}(([^:]+:[^:]+)|(.*\..*)))|'
+ + '((([^:]+:)*[^:]+)?::(([^:]+:)*[^:]+)?)'
+ + '(/.+)';
+ }
+ description
+ "The ipv6-address-and-prefix type represents an IPv6
+ address and an associated ipv4 prefix.
+ The prefix length is given by the number following the
+ slash character and must be less than or equal to 128.
+
+ A prefix length value of n corresponds to an IP address
+ mask that has n contiguous 1-bits from the most
+ significant bit (MSB) and all other bits set to 0.
+
+ The canonical format requires that the IPv6 address is
+ represented as defined in Section 4 of RFC 5952.";
+ reference
+ "RFC 5952: A Recommendation for IPv6 Address Text
+ Representation";
+ }
+
+ /*** collection of domain name and URI types ***/
+
+ typedef domain-name {
+ type string {
+ length "1..253";
+ pattern
+ '((([a-zA-Z0-9_]([a-zA-Z0-9\-_]){0,61})?[a-zA-Z0-9]\.)*'
+ + '([a-zA-Z0-9_]([a-zA-Z0-9\-_]){0,61})?[a-zA-Z0-9]\.?)'
+ + '|\.';
+ }
+ description
+ "The domain-name type represents a DNS domain name. The
+ name SHOULD be fully qualified whenever possible. This
+ type does not support wildcards (see RFC 4592) or
+ classless in-addr.arpa delegations (see RFC 2317).
+
+ Internet domain names are only loosely specified. Section
+ 3.5 of RFC 1034 recommends a syntax (modified in Section
+ 2.1 of RFC 1123). The pattern above is intended to allow
+ for current practice in domain name use, and some possible
+ future expansion. Note that Internet host names have a
+ stricter syntax (described in RFC 952) than the DNS
+ recommendations in RFCs 1034 and 1123. Schema nodes
+ representing host names should use the host-name type
+ instead of the domain-type.
+
+ The encoding of DNS names in the DNS protocol is limited
+ to 255 characters. Since the encoding consists of labels
+ prefixed by a length bytes and there is a trailing NULL
+ byte, only 253 characters can appear in the textual dotted
+ notation.
+
+ The description clause of schema nodes using the domain-name
+ type MUST describe when and how these names are resolved to
+ IP addresses. Note that the resolution of a domain-name value
+ may require to query multiple DNS records (e.g., A for IPv4
+ and AAAA for IPv6). The order of the resolution process and
+ which DNS record takes precedence can either be defined
+ explicitly or may depend on the configuration of the
+ resolver.
+
+ Domain-name values use the US-ASCII encoding. Their canonical
+ format uses lowercase US-ASCII characters. Internationalized
+ domain names MUST be A-labels as per RFC 5890.";
+ reference
+ "RFC 952: DoD Internet Host Table Specification
+ RFC 1034: Domain Names - Concepts and Facilities
+ RFC 1123: Requirements for Internet Hosts -- Application
+ and Support
+ RFC 2317: Classless IN-ADDR.ARPA delegation
+ RFC 2782: A DNS RR for specifying the location of services
+ (DNS SRV)
+ RFC 4592: The Role of Wildcards in the Domain Name System
+ RFC 5890: Internationalized Domain Names in Applications
+ (IDNA): Definitions and Document Framework";
+ }
+
+ typedef host-name {
+ type domain-name {
+ pattern '[a-zA-Z0-9\-\.]+';
+ length "2..max";
+ }
+ description
+ "The host-name type represents (fully qualified) host names.
+ Host names must be at least two characters long (see RFC 952)
+ and they are restricted to labels consisting of letters, digits
+ and hyphens separated by dots (see RFC1123 and RFC 952).";
+ reference
+ "RFC 952: DoD Internet Host Table Specification
+ RFC 1123: Requirements for Internet Hosts: Application and Support";
+ }
+
+ typedef host {
+ type union {
+ type inet:ip-address;
+ type inet:host-name;
+ }
+ description
+ "The host type represents either an IP address or a (fully
+ qualified) host name.";
+ }
+
+ /*
+ * DISCUSS:
+ * - It was discussed to define int-domain-name and int-host-name
+ * that use U-labels instead of A-labels and to add int-host-name
+ * to the inet:host union, perhaps all gated by an inet:idna-aware
+ * feature.
+ * - It is not clear how inet:idna-aware affects inet:email-address
+ * and inet:uri - do we also need int-uri and int-email-address?
+ */
+
+ typedef uri {
+ type string;
+ description
+ "The uri type represents a Uniform Resource Identifier
+ (URI) as defined by STD 66.
+
+ Objects using the uri type MUST be in US-ASCII encoding,
+ and MUST be normalized as described by RFC 3986 Sections
+ 6.2.1, 6.2.2.1, and 6.2.2.2. All unnecessary
+ percent-encoding is removed, and all case-insensitive
+ characters are set to lowercase except for hexadecimal
+ digits, which are normalized to uppercase as described in
+ Section 6.2.2.1.
+
+ The purpose of this normalization is to help provide
+ unique URIs. Note that this normalization is not
+ sufficient to provide uniqueness. Two URIs that are
+ textually distinct after this normalization may still be
+ equivalent.
+
+ Objects using the uri type may restrict the schemes that
+ they permit. For example, 'data:' and 'urn:' schemes
+ might not be appropriate.
+
+ A zero-length URI is not a valid URI. This can be used to
+ express 'URI absent' where required.
+
+ In the value set and its semantics, this type is equivalent
+ to the Uri SMIv2 textual convention defined in RFC 5017.";
+ reference
+ "RFC 3986: Uniform Resource Identifier (URI): Generic Syntax
+ RFC 3305: Report from the Joint W3C/IETF URI Planning Interest
+ Group: Uniform Resource Identifiers (URIs), URLs,
+ and Uniform Resource Names (URNs): Clarifications
+ and Recommendations
+ RFC 5017: MIB Textual Conventions for Uniform Resource
+ Identifiers (URIs)";
+ }
+
+ typedef email-address {
+ type string {
+ // dot-atom-text "@" ...
+ pattern '[a-zA-Z0-9!#$%&'+"'"+'*+/=?^_`{|}~-]+'
+ + '(\.[a-zA-Z0-9!#$%&'+"'"+'*+/=?^_`{|}~-]+)*'
+ + '@'
+ + '[a-zA-Z0-9!#$%&'+"'"+'*+/=?^_`{|}~-]+'
+ + '(\.[a-zA-Z0-9!#$%&'+"'"+'*+/=?^_`{|}~-]+)*';
+ }
+ description
+ "The email-address type represents an email address as
+ defined as addr-spec in RFC 5322 section 3.4.1.";
+ reference
+ "RFC 5322: Internet Message Format";
+ }
+
+ /*
+ * DISCUSS:
+ * - Need to define a pattern that has a meaningful trade-off
+ * between precision and complexity (there are very tight
+ * pattern that are very long and complex). The current
+ * pattern does not take care of quoted-string, obs-local-part,
+ * domain-literal, obs-domain.
+ */
+
+}
\ No newline at end of file
diff --git a/yangkit-examples/src/main/resources/App6/yangs/ietf-interfaces@2018-02-20.yang b/yangkit-examples/src/main/resources/App6/yangs/ietf-interfaces@2018-02-20.yang
new file mode 100644
index 00000000..f66c205c
--- /dev/null
+++ b/yangkit-examples/src/main/resources/App6/yangs/ietf-interfaces@2018-02-20.yang
@@ -0,0 +1,1123 @@
+module ietf-interfaces {
+ yang-version 1.1;
+ namespace "urn:ietf:params:xml:ns:yang:ietf-interfaces";
+ prefix if;
+
+ import ietf-yang-types {
+ prefix yang;
+ }
+
+ organization
+ "IETF NETMOD (Network Modeling) Working Group";
+
+ contact
+ "WG Web:
+ WG List:
+
+ Editor: Martin Bjorklund
+ ";
+
+ description
+ "This module contains a collection of YANG definitions for
+ managing network interfaces.
+
+ Copyright (c) 2018 IETF Trust and the persons identified as
+ authors of the code. All rights reserved.
+
+ Redistribution and use in source and binary forms, with or
+ without modification, is permitted pursuant to, and subject
+ to the license terms contained in, the Simplified BSD License
+ set forth in Section 4.c of the IETF Trust's Legal Provisions
+ Relating to IETF Documents
+ (https://trustee.ietf.org/license-info).
+
+ This version of this YANG module is part of RFC 8343; see
+ the RFC itself for full legal notices.";
+
+ revision 2018-02-20 {
+ description
+ "Updated to support NMDA.";
+ reference
+ "RFC 8343: A YANG Data Model for Interface Management";
+ }
+
+ revision 2014-05-08 {
+ description
+ "Initial revision.";
+ reference
+ "RFC 7223: A YANG Data Model for Interface Management";
+ }
+
+ /*
+ * Typedefs
+ */
+
+ typedef interface-ref {
+ type leafref {
+ path "/if:interfaces/if:interface/if:name";
+ }
+ description
+ "This type is used by data models that need to reference
+ interfaces.";
+ }
+
+ /*
+ * Identities
+ */
+
+ identity interface-type {
+ description
+ "Base identity from which specific interface types are
+ derived.";
+ }
+
+ /*
+ * Features
+ */
+
+ feature arbitrary-names {
+ description
+ "This feature indicates that the device allows user-controlled
+ interfaces to be named arbitrarily.";
+ }
+ feature pre-provisioning {
+ description
+ "This feature indicates that the device supports
+ pre-provisioning of interface configuration, i.e., it is
+ possible to configure an interface whose physical interface
+ hardware is not present on the device.";
+ }
+ feature if-mib {
+ description
+ "This feature indicates that the device implements
+ the IF-MIB.";
+ reference
+ "RFC 2863: The Interfaces Group MIB";
+ }
+
+ /*
+ * Data nodes
+ */
+
+ container interfaces {
+ description
+ "Interface parameters.";
+
+ list interface {
+ key "name";
+
+ description
+ "The list of interfaces on the device.
+
+ The status of an interface is available in this list in the
+ operational state. If the configuration of a
+ system-controlled interface cannot be used by the system
+ (e.g., the interface hardware present does not match the
+ interface type), then the configuration is not applied to
+ the system-controlled interface shown in the operational
+ state. If the configuration of a user-controlled interface
+ cannot be used by the system, the configured interface is
+ not instantiated in the operational state.
+
+ System-controlled interfaces created by the system are
+ always present in this list in the operational state,
+ whether or not they are configured.";
+
+ leaf name {
+ type string;
+ description
+ "The name of the interface.
+
+ A device MAY restrict the allowed values for this leaf,
+ possibly depending on the type of the interface.
+ For system-controlled interfaces, this leaf is the
+ device-specific name of the interface.
+
+ If a client tries to create configuration for a
+ system-controlled interface that is not present in the
+ operational state, the server MAY reject the request if
+ the implementation does not support pre-provisioning of
+ interfaces or if the name refers to an interface that can
+ never exist in the system. A Network Configuration
+ Protocol (NETCONF) server MUST reply with an rpc-error
+ with the error-tag 'invalid-value' in this case.
+
+ If the device supports pre-provisioning of interface
+ configuration, the 'pre-provisioning' feature is
+ advertised.
+
+ If the device allows arbitrarily named user-controlled
+ interfaces, the 'arbitrary-names' feature is advertised.
+
+ When a configured user-controlled interface is created by
+ the system, it is instantiated with the same name in the
+ operational state.
+
+ A server implementation MAY map this leaf to the ifName
+ MIB object. Such an implementation needs to use some
+ mechanism to handle the differences in size and characters
+ allowed between this leaf and ifName. The definition of
+ such a mechanism is outside the scope of this document.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifName";
+ }
+
+ leaf description {
+ type string;
+ description
+ "A textual description of the interface.
+
+ A server implementation MAY map this leaf to the ifAlias
+ MIB object. Such an implementation needs to use some
+ mechanism to handle the differences in size and characters
+ allowed between this leaf and ifAlias. The definition of
+ such a mechanism is outside the scope of this document.
+
+ Since ifAlias is defined to be stored in non-volatile
+ storage, the MIB implementation MUST map ifAlias to the
+ value of 'description' in the persistently stored
+ configuration.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifAlias";
+ }
+
+ leaf type {
+ type identityref {
+ base interface-type;
+ }
+ mandatory true;
+ description
+ "The type of the interface.
+
+ When an interface entry is created, a server MAY
+ initialize the type leaf with a valid value, e.g., if it
+ is possible to derive the type from the name of the
+ interface.
+
+ If a client tries to set the type of an interface to a
+ value that can never be used by the system, e.g., if the
+ type is not supported or if the type does not match the
+ name of the interface, the server MUST reject the request.
+ A NETCONF server MUST reply with an rpc-error with the
+ error-tag 'invalid-value' in this case.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifType";
+ }
+
+ leaf enabled {
+ type boolean;
+ default "true";
+ description
+ "This leaf contains the configured, desired state of the
+ interface.
+
+ Systems that implement the IF-MIB use the value of this
+ leaf in the intended configuration to set
+ IF-MIB.ifAdminStatus to 'up' or 'down' after an ifEntry
+ has been initialized, as described in RFC 2863.
+
+ Changes in this leaf in the intended configuration are
+ reflected in ifAdminStatus.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifAdminStatus";
+ }
+
+ leaf link-up-down-trap-enable {
+ if-feature if-mib;
+ type enumeration {
+ enum enabled {
+ value 1;
+ description
+ "The device will generate linkUp/linkDown SNMP
+ notifications for this interface.";
+ }
+ enum disabled {
+ value 2;
+ description
+ "The device will not generate linkUp/linkDown SNMP
+ notifications for this interface.";
+ }
+ }
+ description
+ "Controls whether linkUp/linkDown SNMP notifications
+ should be generated for this interface.
+
+ If this node is not configured, the value 'enabled' is
+ operationally used by the server for interfaces that do
+ not operate on top of any other interface (i.e., there are
+ no 'lower-layer-if' entries), and 'disabled' otherwise.";
+ reference
+ "RFC 2863: The Interfaces Group MIB -
+ ifLinkUpDownTrapEnable";
+ }
+
+ leaf admin-status {
+ if-feature if-mib;
+ type enumeration {
+ enum up {
+ value 1;
+ description
+ "Ready to pass packets.";
+ }
+ enum down {
+ value 2;
+ description
+ "Not ready to pass packets and not in some test mode.";
+ }
+ enum testing {
+ value 3;
+ description
+ "In some test mode.";
+ }
+ }
+ config false;
+ mandatory true;
+ description
+ "The desired state of the interface.
+
+ This leaf has the same read semantics as ifAdminStatus.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifAdminStatus";
+ }
+
+ leaf oper-status {
+ type enumeration {
+ enum up {
+ value 1;
+ description
+ "Ready to pass packets.";
+ }
+ enum down {
+ value 2;
+
+ description
+ "The interface does not pass any packets.";
+ }
+ enum testing {
+ value 3;
+ description
+ "In some test mode. No operational packets can
+ be passed.";
+ }
+ enum unknown {
+ value 4;
+ description
+ "Status cannot be determined for some reason.";
+ }
+ enum dormant {
+ value 5;
+ description
+ "Waiting for some external event.";
+ }
+ enum not-present {
+ value 6;
+ description
+ "Some component (typically hardware) is missing.";
+ }
+ enum lower-layer-down {
+ value 7;
+ description
+ "Down due to state of lower-layer interface(s).";
+ }
+ }
+ config false;
+ mandatory true;
+ description
+ "The current operational state of the interface.
+
+ This leaf has the same semantics as ifOperStatus.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifOperStatus";
+ }
+
+ leaf last-change {
+ type yang:date-and-time;
+ config false;
+ description
+ "The time the interface entered its current operational
+ state. If the current state was entered prior to the
+ last re-initialization of the local network management
+ subsystem, then this node is not present.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifLastChange";
+ }
+
+ leaf if-index {
+ if-feature if-mib;
+ type int32 {
+ range "1..2147483647";
+ }
+ config false;
+ mandatory true;
+ description
+ "The ifIndex value for the ifEntry represented by this
+ interface.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifIndex";
+ }
+
+ leaf phys-address {
+ type yang:phys-address;
+ config false;
+ description
+ "The interface's address at its protocol sub-layer. For
+ example, for an 802.x interface, this object normally
+ contains a Media Access Control (MAC) address. The
+ interface's media-specific modules must define the bit
+ and byte ordering and the format of the value of this
+ object. For interfaces that do not have such an address
+ (e.g., a serial line), this node is not present.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifPhysAddress";
+ }
+
+ leaf-list higher-layer-if {
+ type interface-ref;
+ config false;
+ description
+ "A list of references to interfaces layered on top of this
+ interface.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifStackTable";
+ }
+
+ leaf-list lower-layer-if {
+ type interface-ref;
+ config false;
+
+ description
+ "A list of references to interfaces layered underneath this
+ interface.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifStackTable";
+ }
+
+ leaf speed {
+ type yang:gauge64;
+ units "bits/second";
+ config false;
+ description
+ "An estimate of the interface's current bandwidth in bits
+ per second. For interfaces that do not vary in
+ bandwidth or for those where no accurate estimation can
+ be made, this node should contain the nominal bandwidth.
+ For interfaces that have no concept of bandwidth, this
+ node is not present.";
+ reference
+ "RFC 2863: The Interfaces Group MIB -
+ ifSpeed, ifHighSpeed";
+ }
+
+ container statistics {
+ config false;
+ description
+ "A collection of interface-related statistics objects.";
+
+ leaf discontinuity-time {
+ type yang:date-and-time;
+ mandatory true;
+ description
+ "The time on the most recent occasion at which any one or
+ more of this interface's counters suffered a
+ discontinuity. If no such discontinuities have occurred
+ since the last re-initialization of the local management
+ subsystem, then this node contains the time the local
+ management subsystem re-initialized itself.";
+ }
+
+ leaf in-octets {
+ type yang:counter64;
+ description
+ "The total number of octets received on the interface,
+ including framing characters.
+
+ Discontinuities in the value of this counter can occur
+ at re-initialization of the management system and at
+ other times as indicated by the value of
+ 'discontinuity-time'.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifHCInOctets";
+ }
+
+ leaf in-unicast-pkts {
+ type yang:counter64;
+ description
+ "The number of packets, delivered by this sub-layer to a
+ higher (sub-)layer, that were not addressed to a
+ multicast or broadcast address at this sub-layer.
+
+ Discontinuities in the value of this counter can occur
+ at re-initialization of the management system and at
+ other times as indicated by the value of
+ 'discontinuity-time'.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifHCInUcastPkts";
+ }
+
+ leaf in-broadcast-pkts {
+ type yang:counter64;
+ description
+ "The number of packets, delivered by this sub-layer to a
+ higher (sub-)layer, that were addressed to a broadcast
+ address at this sub-layer.
+
+ Discontinuities in the value of this counter can occur
+ at re-initialization of the management system and at
+ other times as indicated by the value of
+ 'discontinuity-time'.";
+ reference
+ "RFC 2863: The Interfaces Group MIB -
+ ifHCInBroadcastPkts";
+ }
+
+ leaf in-multicast-pkts {
+ type yang:counter64;
+ description
+ "The number of packets, delivered by this sub-layer to a
+ higher (sub-)layer, that were addressed to a multicast
+ address at this sub-layer. For a MAC-layer protocol,
+ this includes both Group and Functional addresses.
+
+ Discontinuities in the value of this counter can occur
+ at re-initialization of the management system and at
+ other times as indicated by the value of
+ 'discontinuity-time'.";
+ reference
+ "RFC 2863: The Interfaces Group MIB -
+ ifHCInMulticastPkts";
+ }
+
+ leaf in-discards {
+ type yang:counter32;
+ description
+ "The number of inbound packets that were chosen to be
+ discarded even though no errors had been detected to
+ prevent their being deliverable to a higher-layer
+ protocol. One possible reason for discarding such a
+ packet could be to free up buffer space.
+
+ Discontinuities in the value of this counter can occur
+ at re-initialization of the management system and at
+ other times as indicated by the value of
+ 'discontinuity-time'.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifInDiscards";
+ }
+
+ leaf in-errors {
+ type yang:counter32;
+ description
+ "For packet-oriented interfaces, the number of inbound
+ packets that contained errors preventing them from being
+ deliverable to a higher-layer protocol. For character-
+ oriented or fixed-length interfaces, the number of
+ inbound transmission units that contained errors
+ preventing them from being deliverable to a higher-layer
+ protocol.
+
+ Discontinuities in the value of this counter can occur
+ at re-initialization of the management system and at
+ other times as indicated by the value of
+ 'discontinuity-time'.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifInErrors";
+ }
+
+ leaf in-unknown-protos {
+ type yang:counter32;
+
+ description
+ "For packet-oriented interfaces, the number of packets
+ received via the interface that were discarded because
+ of an unknown or unsupported protocol. For
+ character-oriented or fixed-length interfaces that
+ support protocol multiplexing, the number of
+ transmission units received via the interface that were
+ discarded because of an unknown or unsupported protocol.
+ For any interface that does not support protocol
+ multiplexing, this counter is not present.
+
+ Discontinuities in the value of this counter can occur
+ at re-initialization of the management system and at
+ other times as indicated by the value of
+ 'discontinuity-time'.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifInUnknownProtos";
+ }
+
+ leaf out-octets {
+ type yang:counter64;
+ description
+ "The total number of octets transmitted out of the
+ interface, including framing characters.
+
+ Discontinuities in the value of this counter can occur
+ at re-initialization of the management system and at
+ other times as indicated by the value of
+ 'discontinuity-time'.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifHCOutOctets";
+ }
+
+ leaf out-unicast-pkts {
+ type yang:counter64;
+ description
+ "The total number of packets that higher-level protocols
+ requested be transmitted and that were not addressed
+ to a multicast or broadcast address at this sub-layer,
+ including those that were discarded or not sent.
+
+ Discontinuities in the value of this counter can occur
+ at re-initialization of the management system and at
+ other times as indicated by the value of
+ 'discontinuity-time'.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifHCOutUcastPkts";
+ }
+
+ leaf out-broadcast-pkts {
+ type yang:counter64;
+ description
+ "The total number of packets that higher-level protocols
+ requested be transmitted and that were addressed to a
+ broadcast address at this sub-layer, including those
+ that were discarded or not sent.
+
+ Discontinuities in the value of this counter can occur
+ at re-initialization of the management system and at
+ other times as indicated by the value of
+ 'discontinuity-time'.";
+ reference
+ "RFC 2863: The Interfaces Group MIB -
+ ifHCOutBroadcastPkts";
+ }
+
+ leaf out-multicast-pkts {
+ type yang:counter64;
+ description
+ "The total number of packets that higher-level protocols
+ requested be transmitted and that were addressed to a
+ multicast address at this sub-layer, including those
+ that were discarded or not sent. For a MAC-layer
+ protocol, this includes both Group and Functional
+ addresses.
+
+ Discontinuities in the value of this counter can occur
+ at re-initialization of the management system and at
+ other times as indicated by the value of
+ 'discontinuity-time'.";
+ reference
+ "RFC 2863: The Interfaces Group MIB -
+ ifHCOutMulticastPkts";
+ }
+
+ leaf out-discards {
+ type yang:counter32;
+ description
+ "The number of outbound packets that were chosen to be
+ discarded even though no errors had been detected to
+ prevent their being transmitted. One possible reason
+ for discarding such a packet could be to free up buffer
+ space.
+
+ Discontinuities in the value of this counter can occur
+ at re-initialization of the management system and at
+ other times as indicated by the value of
+ 'discontinuity-time'.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifOutDiscards";
+ }
+
+ leaf out-errors {
+ type yang:counter32;
+ description
+ "For packet-oriented interfaces, the number of outbound
+ packets that could not be transmitted because of errors.
+ For character-oriented or fixed-length interfaces, the
+ number of outbound transmission units that could not be
+ transmitted because of errors.
+
+ Discontinuities in the value of this counter can occur
+ at re-initialization of the management system and at
+ other times as indicated by the value of
+ 'discontinuity-time'.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifOutErrors";
+ }
+ }
+
+ }
+ }
+
+ /*
+ * Legacy typedefs
+ */
+
+ typedef interface-state-ref {
+ type leafref {
+ path "/if:interfaces-state/if:interface/if:name";
+ }
+ status deprecated;
+ description
+ "This type is used by data models that need to reference
+ the operationally present interfaces.";
+ }
+
+ /*
+ * Legacy operational state data nodes
+ */
+
+ container interfaces-state {
+ config false;
+ status deprecated;
+ description
+ "Data nodes for the operational state of interfaces.";
+
+ list interface {
+ key "name";
+ status deprecated;
+
+ description
+ "The list of interfaces on the device.
+
+ System-controlled interfaces created by the system are
+ always present in this list, whether or not they are
+ configured.";
+
+ leaf name {
+ type string;
+ status deprecated;
+ description
+ "The name of the interface.
+
+ A server implementation MAY map this leaf to the ifName
+ MIB object. Such an implementation needs to use some
+ mechanism to handle the differences in size and characters
+ allowed between this leaf and ifName. The definition of
+ such a mechanism is outside the scope of this document.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifName";
+ }
+
+ leaf type {
+ type identityref {
+ base interface-type;
+ }
+ mandatory true;
+ status deprecated;
+ description
+ "The type of the interface.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifType";
+ }
+
+ leaf admin-status {
+ if-feature if-mib;
+ type enumeration {
+ enum up {
+ value 1;
+ description
+ "Ready to pass packets.";
+ }
+ enum down {
+ value 2;
+ description
+ "Not ready to pass packets and not in some test mode.";
+ }
+ enum testing {
+ value 3;
+ description
+ "In some test mode.";
+ }
+ }
+ mandatory true;
+ status deprecated;
+ description
+ "The desired state of the interface.
+
+ This leaf has the same read semantics as ifAdminStatus.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifAdminStatus";
+ }
+
+ leaf oper-status {
+ type enumeration {
+ enum up {
+ value 1;
+ description
+ "Ready to pass packets.";
+ }
+ enum down {
+ value 2;
+ description
+ "The interface does not pass any packets.";
+ }
+ enum testing {
+ value 3;
+ description
+ "In some test mode. No operational packets can
+ be passed.";
+ }
+ enum unknown {
+ value 4;
+ description
+ "Status cannot be determined for some reason.";
+ }
+ enum dormant {
+ value 5;
+ description
+ "Waiting for some external event.";
+ }
+ enum not-present {
+ value 6;
+ description
+ "Some component (typically hardware) is missing.";
+ }
+ enum lower-layer-down {
+ value 7;
+ description
+ "Down due to state of lower-layer interface(s).";
+ }
+ }
+ mandatory true;
+ status deprecated;
+ description
+ "The current operational state of the interface.
+
+ This leaf has the same semantics as ifOperStatus.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifOperStatus";
+ }
+
+ leaf last-change {
+ type yang:date-and-time;
+ status deprecated;
+ description
+ "The time the interface entered its current operational
+ state. If the current state was entered prior to the
+ last re-initialization of the local network management
+ subsystem, then this node is not present.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifLastChange";
+ }
+
+ leaf if-index {
+ if-feature if-mib;
+ type int32 {
+ range "1..2147483647";
+ }
+ mandatory true;
+ status deprecated;
+ description
+ "The ifIndex value for the ifEntry represented by this
+ interface.";
+
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifIndex";
+ }
+
+ leaf phys-address {
+ type yang:phys-address;
+ status deprecated;
+ description
+ "The interface's address at its protocol sub-layer. For
+ example, for an 802.x interface, this object normally
+ contains a Media Access Control (MAC) address. The
+ interface's media-specific modules must define the bit
+ and byte ordering and the format of the value of this
+ object. For interfaces that do not have such an address
+ (e.g., a serial line), this node is not present.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifPhysAddress";
+ }
+
+ leaf-list higher-layer-if {
+ type interface-state-ref;
+ status deprecated;
+ description
+ "A list of references to interfaces layered on top of this
+ interface.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifStackTable";
+ }
+
+ leaf-list lower-layer-if {
+ type interface-state-ref;
+ status deprecated;
+ description
+ "A list of references to interfaces layered underneath this
+ interface.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifStackTable";
+ }
+
+ leaf speed {
+ type yang:gauge64;
+ units "bits/second";
+ status deprecated;
+ description
+ "An estimate of the interface's current bandwidth in bits
+ per second. For interfaces that do not vary in
+ bandwidth or for those where no accurate estimation can
+
+ be made, this node should contain the nominal bandwidth.
+ For interfaces that have no concept of bandwidth, this
+ node is not present.";
+ reference
+ "RFC 2863: The Interfaces Group MIB -
+ ifSpeed, ifHighSpeed";
+ }
+
+ container statistics {
+ status deprecated;
+ description
+ "A collection of interface-related statistics objects.";
+
+ leaf discontinuity-time {
+ type yang:date-and-time;
+ mandatory true;
+ status deprecated;
+ description
+ "The time on the most recent occasion at which any one or
+ more of this interface's counters suffered a
+ discontinuity. If no such discontinuities have occurred
+ since the last re-initialization of the local management
+ subsystem, then this node contains the time the local
+ management subsystem re-initialized itself.";
+ }
+
+ leaf in-octets {
+ type yang:counter64;
+ status deprecated;
+ description
+ "The total number of octets received on the interface,
+ including framing characters.
+
+ Discontinuities in the value of this counter can occur
+ at re-initialization of the management system and at
+ other times as indicated by the value of
+ 'discontinuity-time'.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifHCInOctets";
+ }
+
+ leaf in-unicast-pkts {
+ type yang:counter64;
+ status deprecated;
+ description
+ "The number of packets, delivered by this sub-layer to a
+ higher (sub-)layer, that were not addressed to a
+ multicast or broadcast address at this sub-layer.
+ Discontinuities in the value of this counter can occur
+ at re-initialization of the management system and at
+ other times as indicated by the value of
+ 'discontinuity-time'.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifHCInUcastPkts";
+ }
+
+ leaf in-broadcast-pkts {
+ type yang:counter64;
+ status deprecated;
+ description
+ "The number of packets, delivered by this sub-layer to a
+ higher (sub-)layer, that were addressed to a broadcast
+ address at this sub-layer.
+
+ Discontinuities in the value of this counter can occur
+ at re-initialization of the management system and at
+ other times as indicated by the value of
+ 'discontinuity-time'.";
+ reference
+ "RFC 2863: The Interfaces Group MIB -
+ ifHCInBroadcastPkts";
+ }
+
+ leaf in-multicast-pkts {
+ type yang:counter64;
+ status deprecated;
+ description
+ "The number of packets, delivered by this sub-layer to a
+ higher (sub-)layer, that were addressed to a multicast
+ address at this sub-layer. For a MAC-layer protocol,
+ this includes both Group and Functional addresses.
+
+ Discontinuities in the value of this counter can occur
+ at re-initialization of the management system and at
+ other times as indicated by the value of
+ 'discontinuity-time'.";
+ reference
+ "RFC 2863: The Interfaces Group MIB -
+ ifHCInMulticastPkts";
+ }
+
+ leaf in-discards {
+ type yang:counter32;
+ status deprecated;
+
+ description
+ "The number of inbound packets that were chosen to be
+ discarded even though no errors had been detected to
+ prevent their being deliverable to a higher-layer
+ protocol. One possible reason for discarding such a
+ packet could be to free up buffer space.
+
+ Discontinuities in the value of this counter can occur
+ at re-initialization of the management system and at
+ other times as indicated by the value of
+ 'discontinuity-time'.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifInDiscards";
+ }
+
+ leaf in-errors {
+ type yang:counter32;
+ status deprecated;
+ description
+ "For packet-oriented interfaces, the number of inbound
+ packets that contained errors preventing them from being
+ deliverable to a higher-layer protocol. For character-
+ oriented or fixed-length interfaces, the number of
+ inbound transmission units that contained errors
+ preventing them from being deliverable to a higher-layer
+ protocol.
+
+ Discontinuities in the value of this counter can occur
+ at re-initialization of the management system and at
+ other times as indicated by the value of
+ 'discontinuity-time'.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifInErrors";
+ }
+
+ leaf in-unknown-protos {
+ type yang:counter32;
+ status deprecated;
+ description
+ "For packet-oriented interfaces, the number of packets
+ received via the interface that were discarded because
+ of an unknown or unsupported protocol. For
+ character-oriented or fixed-length interfaces that
+ support protocol multiplexing, the number of
+ transmission units received via the interface that were
+ discarded because of an unknown or unsupported protocol.
+ For any interface that does not support protocol
+ multiplexing, this counter is not present.
+ Discontinuities in the value of this counter can occur
+ at re-initialization of the management system and at
+ other times as indicated by the value of
+ 'discontinuity-time'.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifInUnknownProtos";
+ }
+
+ leaf out-octets {
+ type yang:counter64;
+ status deprecated;
+ description
+ "The total number of octets transmitted out of the
+ interface, including framing characters.
+
+ Discontinuities in the value of this counter can occur
+ at re-initialization of the management system and at
+ other times as indicated by the value of
+ 'discontinuity-time'.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifHCOutOctets";
+ }
+
+ leaf out-unicast-pkts {
+ type yang:counter64;
+ status deprecated;
+ description
+ "The total number of packets that higher-level protocols
+ requested be transmitted and that were not addressed
+ to a multicast or broadcast address at this sub-layer,
+ including those that were discarded or not sent.
+
+ Discontinuities in the value of this counter can occur
+ at re-initialization of the management system and at
+ other times as indicated by the value of
+ 'discontinuity-time'.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifHCOutUcastPkts";
+ }
+
+ leaf out-broadcast-pkts {
+ type yang:counter64;
+ status deprecated;
+
+ description
+ "The total number of packets that higher-level protocols
+ requested be transmitted and that were addressed to a
+ broadcast address at this sub-layer, including those
+ that were discarded or not sent.
+
+ Discontinuities in the value of this counter can occur
+ at re-initialization of the management system and at
+ other times as indicated by the value of
+ 'discontinuity-time'.";
+ reference
+ "RFC 2863: The Interfaces Group MIB -
+ ifHCOutBroadcastPkts";
+ }
+
+ leaf out-multicast-pkts {
+ type yang:counter64;
+ status deprecated;
+ description
+ "The total number of packets that higher-level protocols
+ requested be transmitted and that were addressed to a
+ multicast address at this sub-layer, including those
+ that were discarded or not sent. For a MAC-layer
+ protocol, this includes both Group and Functional
+ addresses.
+
+ Discontinuities in the value of this counter can occur
+ at re-initialization of the management system and at
+ other times as indicated by the value of
+ 'discontinuity-time'.";
+ reference
+ "RFC 2863: The Interfaces Group MIB -
+ ifHCOutMulticastPkts";
+ }
+
+ leaf out-discards {
+ type yang:counter32;
+ status deprecated;
+ description
+ "The number of outbound packets that were chosen to be
+ discarded even though no errors had been detected to
+ prevent their being transmitted. One possible reason
+ for discarding such a packet could be to free up buffer
+ space.
+
+ Discontinuities in the value of this counter can occur
+ at re-initialization of the management system and at
+ other times as indicated by the value of
+ 'discontinuity-time'.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifOutDiscards";
+ }
+
+ leaf out-errors {
+ type yang:counter32;
+ status deprecated;
+ description
+ "For packet-oriented interfaces, the number of outbound
+ packets that could not be transmitted because of errors.
+ For character-oriented or fixed-length interfaces, the
+ number of outbound transmission units that could not be
+ transmitted because of errors.
+
+ Discontinuities in the value of this counter can occur
+ at re-initialization of the management system and at
+ other times as indicated by the value of
+ 'discontinuity-time'.";
+ reference
+ "RFC 2863: The Interfaces Group MIB - ifOutErrors";
+ }
+ }
+ }
+ }
+}
diff --git a/yangkit-examples/src/main/resources/App6/yangs/ietf-ip@2018-02-22.yang b/yangkit-examples/src/main/resources/App6/yangs/ietf-ip@2018-02-22.yang
new file mode 100644
index 00000000..a270f67b
--- /dev/null
+++ b/yangkit-examples/src/main/resources/App6/yangs/ietf-ip@2018-02-22.yang
@@ -0,0 +1,876 @@
+module ietf-ip {
+ yang-version 1.1;
+ namespace "urn:ietf:params:xml:ns:yang:ietf-ip";
+ prefix ip;
+
+ import ietf-interfaces {
+ prefix if;
+ }
+ import ietf-inet-types {
+ prefix inet;
+ }
+ import ietf-yang-types {
+ prefix yang;
+ }
+
+ organization
+ "IETF NETMOD (Network Modeling) Working Group";
+
+ contact
+ "WG Web:
+ WG List:
+
+ Editor: Martin Bjorklund
+ ";
+ description
+ "This module contains a collection of YANG definitions for
+ managing IP implementations.
+
+ Copyright (c) 2018 IETF Trust and the persons identified as
+ authors of the code. All rights reserved.
+
+ Redistribution and use in source and binary forms, with or
+ without modification, is permitted pursuant to, and subject
+ to the license terms contained in, the Simplified BSD License
+ set forth in Section 4.c of the IETF Trust's Legal Provisions
+ Relating to IETF Documents
+ (https://trustee.ietf.org/license-info).
+
+ This version of this YANG module is part of RFC 8344; see
+ the RFC itself for full legal notices.";
+
+ revision 2018-02-22 {
+ description
+ "Updated to support NMDA.";
+ reference
+ "RFC 8344: A YANG Data Model for IP Management";
+ }
+
+ revision 2014-06-16 {
+ description
+ "Initial revision.";
+ reference
+ "RFC 7277: A YANG Data Model for IP Management";
+ }
+
+ /*
+ * Features
+ */
+
+ feature ipv4-non-contiguous-netmasks {
+ description
+ "Indicates support for configuring non-contiguous
+ subnet masks.";
+ }
+
+ feature ipv6-privacy-autoconf {
+ description
+ "Indicates support for privacy extensions for stateless address
+ autoconfiguration in IPv6.";
+ reference
+ "RFC 4941: Privacy Extensions for Stateless Address
+ Autoconfiguration in IPv6";
+ }
+
+ /*
+ * Typedefs
+ */
+
+ typedef ip-address-origin {
+ type enumeration {
+ enum other {
+ description
+ "None of the following.";
+ }
+
+ enum static {
+ description
+ "Indicates that the address has been statically
+ configured -- for example, using the Network Configuration
+ Protocol (NETCONF) or a command line interface.";
+ }
+ enum dhcp {
+ description
+ "Indicates an address that has been assigned to this
+ system by a DHCP server.";
+ }
+ enum link-layer {
+ description
+ "Indicates an address created by IPv6 stateless
+ autoconfiguration that embeds a link-layer address in its
+ interface identifier.";
+ }
+ enum random {
+ description
+ "Indicates an address chosen by the system at
+ random, e.g., an IPv4 address within 169.254/16, a
+ temporary address as described in RFC 4941, or a
+ semantically opaque address as described in RFC 7217.";
+ reference
+ "RFC 4941: Privacy Extensions for Stateless Address
+ Autoconfiguration in IPv6
+ RFC 7217: A Method for Generating Semantically Opaque
+ Interface Identifiers with IPv6 Stateless
+ Address Autoconfiguration (SLAAC)";
+ }
+ }
+ description
+ "The origin of an address.";
+ }
+
+ typedef neighbor-origin {
+ type enumeration {
+ enum other {
+ description
+ "None of the following.";
+ }
+ enum static {
+ description
+ "Indicates that the mapping has been statically
+ configured -- for example, using NETCONF or a command line
+ interface.";
+ }
+
+ enum dynamic {
+ description
+ "Indicates that the mapping has been dynamically resolved
+ using, for example, IPv4 ARP or the IPv6 Neighbor
+ Discovery protocol.";
+ }
+ }
+ description
+ "The origin of a neighbor entry.";
+ }
+
+ /*
+ * Data nodes
+ */
+
+ augment "/if:interfaces/if:interface" {
+ description
+ "IP parameters on interfaces.
+
+ If an interface is not capable of running IP, the server
+ must not allow the client to configure these parameters.";
+
+ container ipv4 {
+ presence
+ "Enables IPv4 unless the 'enabled' leaf
+ (which defaults to 'true') is set to 'false'";
+ description
+ "Parameters for the IPv4 address family.";
+
+ leaf enabled {
+ type boolean;
+ default true;
+ description
+ "Controls whether IPv4 is enabled or disabled on this
+ interface. When IPv4 is enabled, this interface is
+ connected to an IPv4 stack, and the interface can send
+ and receive IPv4 packets.";
+ }
+ leaf forwarding {
+ type boolean;
+ default false;
+ description
+ "Controls IPv4 packet forwarding of datagrams received by,
+ but not addressed to, this interface. IPv4 routers
+ forward datagrams. IPv4 hosts do not (except those
+ source-routed via the host).";
+ }
+
+ leaf mtu {
+ type uint16 {
+ range "68..max";
+ }
+ units "octets";
+ description
+ "The size, in octets, of the largest IPv4 packet that the
+ interface will send and receive.
+
+ The server may restrict the allowed values for this leaf,
+ depending on the interface's type.
+
+ If this leaf is not configured, the operationally used MTU
+ depends on the interface's type.";
+ reference
+ "RFC 791: Internet Protocol";
+ }
+ list address {
+ key "ip";
+ description
+ "The list of IPv4 addresses on the interface.";
+
+ leaf ip {
+ type inet:ipv4-address-no-zone;
+ description
+ "The IPv4 address on the interface.";
+ }
+ choice subnet {
+ mandatory true;
+ description
+ "The subnet can be specified as a prefix length or,
+ if the server supports non-contiguous netmasks, as
+ a netmask.";
+ leaf prefix-length {
+ type uint8 {
+ range "0..32";
+ }
+ description
+ "The length of the subnet prefix.";
+ }
+ leaf netmask {
+ if-feature ipv4-non-contiguous-netmasks;
+ type yang:dotted-quad;
+ description
+ "The subnet specified as a netmask.";
+ }
+ }
+
+ leaf origin {
+ type ip-address-origin;
+ config false;
+ description
+ "The origin of this address.";
+ }
+ }
+ list neighbor {
+ key "ip";
+ description
+ "A list of mappings from IPv4 addresses to
+ link-layer addresses.
+
+ Entries in this list in the intended configuration are
+ used as static entries in the ARP Cache.
+
+ In the operational state, this list represents the ARP
+ Cache.";
+ reference
+ "RFC 826: An Ethernet Address Resolution Protocol";
+
+ leaf ip {
+ type inet:ipv4-address-no-zone;
+ description
+ "The IPv4 address of the neighbor node.";
+ }
+ leaf link-layer-address {
+ type yang:phys-address;
+ mandatory true;
+ description
+ "The link-layer address of the neighbor node.";
+ }
+ leaf origin {
+ type neighbor-origin;
+ config false;
+ description
+ "The origin of this neighbor entry.";
+ }
+ }
+ }
+
+ container ipv6 {
+ presence
+ "Enables IPv6 unless the 'enabled' leaf
+ (which defaults to 'true') is set to 'false'";
+ description
+ "Parameters for the IPv6 address family.";
+
+ leaf enabled {
+ type boolean;
+ default true;
+ description
+ "Controls whether IPv6 is enabled or disabled on this
+ interface. When IPv6 is enabled, this interface is
+ connected to an IPv6 stack, and the interface can send
+ and receive IPv6 packets.";
+ }
+ leaf forwarding {
+ type boolean;
+ default false;
+ description
+ "Controls IPv6 packet forwarding of datagrams received by,
+ but not addressed to, this interface. IPv6 routers
+ forward datagrams. IPv6 hosts do not (except those
+ source-routed via the host).";
+ reference
+ "RFC 4861: Neighbor Discovery for IP version 6 (IPv6)
+ Section 6.2.1, IsRouter";
+ }
+ leaf mtu {
+ type uint32 {
+ range "1280..max";
+ }
+ units "octets";
+ description
+ "The size, in octets, of the largest IPv6 packet that the
+ interface will send and receive.
+
+ The server may restrict the allowed values for this leaf,
+ depending on the interface's type.
+
+ If this leaf is not configured, the operationally used MTU
+ depends on the interface's type.";
+ reference
+ "RFC 8200: Internet Protocol, Version 6 (IPv6)
+ Specification
+ Section 5";
+ }
+
+ list address {
+ key "ip";
+ description
+ "The list of IPv6 addresses on the interface.";
+
+ leaf ip {
+ type inet:ipv6-address-no-zone;
+ description
+ "The IPv6 address on the interface.";
+ }
+ leaf prefix-length {
+ type uint8 {
+ range "0..128";
+ }
+ mandatory true;
+ description
+ "The length of the subnet prefix.";
+ }
+ leaf origin {
+ type ip-address-origin;
+ config false;
+ description
+ "The origin of this address.";
+ }
+ leaf status {
+ type enumeration {
+ enum preferred {
+ description
+ "This is a valid address that can appear as the
+ destination or source address of a packet.";
+ }
+ enum deprecated {
+ description
+ "This is a valid but deprecated address that should
+ no longer be used as a source address in new
+ communications, but packets addressed to such an
+ address are processed as expected.";
+ }
+ enum invalid {
+ description
+ "This isn't a valid address, and it shouldn't appear
+ as the destination or source address of a packet.";
+ }
+
+ enum inaccessible {
+ description
+ "The address is not accessible because the interface
+ to which this address is assigned is not
+ operational.";
+ }
+ enum unknown {
+ description
+ "The status cannot be determined for some reason.";
+ }
+ enum tentative {
+ description
+ "The uniqueness of the address on the link is being
+ verified. Addresses in this state should not be
+ used for general communication and should only be
+ used to determine the uniqueness of the address.";
+ }
+ enum duplicate {
+ description
+ "The address has been determined to be non-unique on
+ the link and so must not be used.";
+ }
+ enum optimistic {
+ description
+ "The address is available for use, subject to
+ restrictions, while its uniqueness on a link is
+ being verified.";
+ }
+ }
+ config false;
+ description
+ "The status of an address. Most of the states correspond
+ to states from the IPv6 Stateless Address
+ Autoconfiguration protocol.";
+ reference
+ "RFC 4293: Management Information Base for the
+ Internet Protocol (IP)
+ - IpAddressStatusTC
+ RFC 4862: IPv6 Stateless Address Autoconfiguration";
+ }
+ }
+
+ list neighbor {
+ key "ip";
+ description
+ "A list of mappings from IPv6 addresses to
+ link-layer addresses.
+
+ Entries in this list in the intended configuration are
+ used as static entries in the Neighbor Cache.
+
+ In the operational state, this list represents the
+ Neighbor Cache.";
+ reference
+ "RFC 4861: Neighbor Discovery for IP version 6 (IPv6)";
+
+ leaf ip {
+ type inet:ipv6-address-no-zone;
+ description
+ "The IPv6 address of the neighbor node.";
+ }
+ leaf link-layer-address {
+ type yang:phys-address;
+ mandatory true;
+ description
+ "The link-layer address of the neighbor node.
+
+ In the operational state, if the neighbor's 'state' leaf
+ is 'incomplete', this leaf is not instantiated.";
+ }
+ leaf origin {
+ type neighbor-origin;
+ config false;
+ description
+ "The origin of this neighbor entry.";
+ }
+ leaf is-router {
+ type empty;
+ config false;
+ description
+ "Indicates that the neighbor node acts as a router.";
+ }
+
+ leaf state {
+ type enumeration {
+ enum incomplete {
+ description
+ "Address resolution is in progress, and the
+ link-layer address of the neighbor has not yet been
+ determined.";
+ }
+ enum reachable {
+ description
+ "Roughly speaking, the neighbor is known to have been
+ reachable recently (within tens of seconds ago).";
+ }
+ enum stale {
+ description
+ "The neighbor is no longer known to be reachable, but
+ until traffic is sent to the neighbor no attempt
+ should be made to verify its reachability.";
+ }
+ enum delay {
+ description
+ "The neighbor is no longer known to be reachable, and
+ traffic has recently been sent to the neighbor.
+ Rather than probe the neighbor immediately, however,
+ delay sending probes for a short while in order to
+ give upper-layer protocols a chance to provide
+ reachability confirmation.";
+ }
+ enum probe {
+ description
+ "The neighbor is no longer known to be reachable, and
+ unicast Neighbor Solicitation probes are being sent
+ to verify reachability.";
+ }
+ }
+ config false;
+ description
+ "The Neighbor Unreachability Detection state of this
+ entry.";
+ reference
+ "RFC 4861: Neighbor Discovery for IP version 6 (IPv6)
+ Section 7.3.2";
+ }
+ }
+
+ leaf dup-addr-detect-transmits {
+ type uint32;
+ default 1;
+ description
+ "The number of consecutive Neighbor Solicitation messages
+ sent while performing Duplicate Address Detection on a
+ tentative address. A value of zero indicates that
+ Duplicate Address Detection is not performed on
+ tentative addresses. A value of one indicates a single
+ transmission with no follow-up retransmissions.";
+ reference
+ "RFC 4862: IPv6 Stateless Address Autoconfiguration";
+ }
+ container autoconf {
+ description
+ "Parameters to control the autoconfiguration of IPv6
+ addresses, as described in RFC 4862.";
+ reference
+ "RFC 4862: IPv6 Stateless Address Autoconfiguration";
+
+ leaf create-global-addresses {
+ type boolean;
+ default true;
+ description
+ "If enabled, the host creates global addresses as
+ described in RFC 4862.";
+ reference
+ "RFC 4862: IPv6 Stateless Address Autoconfiguration
+ Section 5.5";
+ }
+ leaf create-temporary-addresses {
+ if-feature ipv6-privacy-autoconf;
+ type boolean;
+ default false;
+ description
+ "If enabled, the host creates temporary addresses as
+ described in RFC 4941.";
+ reference
+ "RFC 4941: Privacy Extensions for Stateless Address
+ Autoconfiguration in IPv6";
+ }
+
+ leaf temporary-valid-lifetime {
+ if-feature ipv6-privacy-autoconf;
+ type uint32;
+ units "seconds";
+ default 604800;
+ description
+ "The time period during which the temporary address
+ is valid.";
+ reference
+ "RFC 4941: Privacy Extensions for Stateless Address
+ Autoconfiguration in IPv6
+ - TEMP_VALID_LIFETIME";
+ }
+ leaf temporary-preferred-lifetime {
+ if-feature ipv6-privacy-autoconf;
+ type uint32;
+ units "seconds";
+ default 86400;
+ description
+ "The time period during which the temporary address is
+ preferred.";
+ reference
+ "RFC 4941: Privacy Extensions for Stateless Address
+ Autoconfiguration in IPv6
+ - TEMP_PREFERRED_LIFETIME";
+ }
+ }
+ }
+ }
+
+ /*
+ * Legacy operational state data nodes
+ */
+
+ augment "/if:interfaces-state/if:interface" {
+ status deprecated;
+ description
+ "Data nodes for the operational state of IP on interfaces.";
+
+ container ipv4 {
+ presence
+ "Present if IPv4 is enabled on this interface";
+ config false;
+ status deprecated;
+ description
+ "Interface-specific parameters for the IPv4 address family.";
+
+ leaf forwarding {
+ type boolean;
+ status deprecated;
+ description
+ "Indicates whether IPv4 packet forwarding is enabled or
+ disabled on this interface.";
+ }
+ leaf mtu {
+ type uint16 {
+ range "68..max";
+ }
+ units "octets";
+ status deprecated;
+ description
+ "The size, in octets, of the largest IPv4 packet that the
+ interface will send and receive.";
+ reference
+ "RFC 791: Internet Protocol";
+ }
+ list address {
+ key "ip";
+ status deprecated;
+ description
+ "The list of IPv4 addresses on the interface.";
+
+ leaf ip {
+ type inet:ipv4-address-no-zone;
+ status deprecated;
+ description
+ "The IPv4 address on the interface.";
+ }
+ choice subnet {
+ status deprecated;
+ description
+ "The subnet can be specified as a prefix length or,
+ if the server supports non-contiguous netmasks, as
+ a netmask.";
+ leaf prefix-length {
+ type uint8 {
+ range "0..32";
+ }
+ status deprecated;
+ description
+ "The length of the subnet prefix.";
+ }
+ leaf netmask {
+ if-feature ipv4-non-contiguous-netmasks;
+ type yang:dotted-quad;
+ status deprecated;
+ description
+ "The subnet specified as a netmask.";
+ }
+ }
+ leaf origin {
+ type ip-address-origin;
+ status deprecated;
+ description
+ "The origin of this address.";
+ }
+ }
+ list neighbor {
+ key "ip";
+ status deprecated;
+ description
+ "A list of mappings from IPv4 addresses to
+ link-layer addresses.
+
+ This list represents the ARP Cache.";
+ reference
+ "RFC 826: An Ethernet Address Resolution Protocol";
+
+ leaf ip {
+ type inet:ipv4-address-no-zone;
+ status deprecated;
+ description
+ "The IPv4 address of the neighbor node.";
+ }
+
+ leaf link-layer-address {
+ type yang:phys-address;
+ status deprecated;
+ description
+ "The link-layer address of the neighbor node.";
+ }
+ leaf origin {
+ type neighbor-origin;
+ status deprecated;
+ description
+ "The origin of this neighbor entry.";
+ }
+ }
+ }
+
+ container ipv6 {
+ presence
+ "Present if IPv6 is enabled on this interface";
+ config false;
+ status deprecated;
+ description
+ "Parameters for the IPv6 address family.";
+
+ leaf forwarding {
+ type boolean;
+ default false;
+ status deprecated;
+ description
+ "Indicates whether IPv6 packet forwarding is enabled or
+ disabled on this interface.";
+ reference
+ "RFC 4861: Neighbor Discovery for IP version 6 (IPv6)
+ Section 6.2.1, IsRouter";
+ }
+ leaf mtu {
+ type uint32 {
+ range "1280..max";
+ }
+ units "octets";
+ status deprecated;
+ description
+ "The size, in octets, of the largest IPv6 packet that the
+ interface will send and receive.";
+ reference
+ "RFC 8200: Internet Protocol, Version 6 (IPv6)
+ Specification
+ Section 5";
+ }
+ list address {
+ key "ip";
+ status deprecated;
+ description
+ "The list of IPv6 addresses on the interface.";
+
+ leaf ip {
+ type inet:ipv6-address-no-zone;
+ status deprecated;
+ description
+ "The IPv6 address on the interface.";
+ }
+ leaf prefix-length {
+ type uint8 {
+ range "0..128";
+ }
+ mandatory true;
+ status deprecated;
+ description
+ "The length of the subnet prefix.";
+ }
+ leaf origin {
+ type ip-address-origin;
+ status deprecated;
+ description
+ "The origin of this address.";
+ }
+ leaf status {
+ type enumeration {
+ enum preferred {
+ description
+ "This is a valid address that can appear as the
+ destination or source address of a packet.";
+ }
+ enum deprecated {
+ description
+ "This is a valid but deprecated address that should
+ no longer be used as a source address in new
+ communications, but packets addressed to such an
+ address are processed as expected.";
+ }
+ enum invalid {
+ description
+ "This isn't a valid address, and it shouldn't appear
+ as the destination or source address of a packet.";
+ }
+
+ enum inaccessible {
+ description
+ "The address is not accessible because the interface
+ to which this address is assigned is not
+ operational.";
+ }
+ enum unknown {
+ description
+ "The status cannot be determined for some reason.";
+ }
+ enum tentative {
+ description
+ "The uniqueness of the address on the link is being
+ verified. Addresses in this state should not be
+ used for general communication and should only be
+ used to determine the uniqueness of the address.";
+ }
+ enum duplicate {
+ description
+ "The address has been determined to be non-unique on
+ the link and so must not be used.";
+ }
+ enum optimistic {
+ description
+ "The address is available for use, subject to
+ restrictions, while its uniqueness on a link is
+ being verified.";
+ }
+ }
+ status deprecated;
+ description
+ "The status of an address. Most of the states correspond
+ to states from the IPv6 Stateless Address
+ Autoconfiguration protocol.";
+ reference
+ "RFC 4293: Management Information Base for the
+ Internet Protocol (IP)
+ - IpAddressStatusTC
+ RFC 4862: IPv6 Stateless Address Autoconfiguration";
+ }
+ }
+
+ list neighbor {
+ key "ip";
+ status deprecated;
+ description
+ "A list of mappings from IPv6 addresses to
+ link-layer addresses.
+
+ This list represents the Neighbor Cache.";
+ reference
+ "RFC 4861: Neighbor Discovery for IP version 6 (IPv6)";
+
+ leaf ip {
+ type inet:ipv6-address-no-zone;
+ status deprecated;
+ description
+ "The IPv6 address of the neighbor node.";
+ }
+ leaf link-layer-address {
+ type yang:phys-address;
+ status deprecated;
+ description
+ "The link-layer address of the neighbor node.";
+ }
+ leaf origin {
+ type neighbor-origin;
+ status deprecated;
+ description
+ "The origin of this neighbor entry.";
+ }
+ leaf is-router {
+ type empty;
+ status deprecated;
+ description
+ "Indicates that the neighbor node acts as a router.";
+ }
+ leaf state {
+ type enumeration {
+ enum incomplete {
+ description
+ "Address resolution is in progress, and the
+ link-layer address of the neighbor has not yet been
+ determined.";
+ }
+ enum reachable {
+ description
+ "Roughly speaking, the neighbor is known to have been
+ reachable recently (within tens of seconds ago).";
+ }
+ enum stale {
+ description
+ "The neighbor is no longer known to be reachable, but
+ until traffic is sent to the neighbor no attempt
+ should be made to verify its reachability.";
+ }
+ enum delay {
+ description
+ "The neighbor is no longer known to be reachable, and
+ traffic has recently been sent to the neighbor.
+ Rather than probe the neighbor immediately, however,
+ delay sending probes for a short while in order to
+ give upper-layer protocols a chance to provide
+ reachability confirmation.";
+ }
+ enum probe {
+ description
+ "The neighbor is no longer known to be reachable, and
+ unicast Neighbor Solicitation probes are being sent
+ to verify reachability.";
+ }
+ }
+ status deprecated;
+ description
+ "The Neighbor Unreachability Detection state of this
+ entry.";
+ reference
+ "RFC 4861: Neighbor Discovery for IP version 6 (IPv6)
+ Section 7.3.2";
+ }
+ }
+ }
+ }
+}
diff --git a/yangkit-examples/src/main/resources/App6/yangs/ietf-keystore@2024-10-10.yang b/yangkit-examples/src/main/resources/App6/yangs/ietf-keystore@2024-10-10.yang
new file mode 100644
index 00000000..88900e46
--- /dev/null
+++ b/yangkit-examples/src/main/resources/App6/yangs/ietf-keystore@2024-10-10.yang
@@ -0,0 +1,407 @@
+module ietf-keystore {
+ yang-version 1.1;
+ namespace "urn:ietf:params:xml:ns:yang:ietf-keystore";
+ prefix ks;
+
+ import ietf-netconf-acm {
+ prefix nacm;
+ reference
+ "RFC 8341: Network Configuration Access Control Model";
+ }
+
+ import ietf-crypto-types {
+ prefix ct;
+ reference
+ "RFC 9640: YANG Data Types and Groupings for Cryptography";
+ }
+
+ organization
+ "IETF NETCONF (Network Configuration) Working Group";
+
+ contact
+ "WG Web: https://datatracker.ietf.org/wg/netconf
+ WG List: NETCONF WG list
+ Author: Kent Watsen ";
+
+ description
+ "This module defines a 'keystore' to centralize management
+ of security credentials.
+
+ The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL',
+ 'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED',
+ 'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this document
+ are to be interpreted as described in BCP 14 (RFC 2119)
+ (RFC 8174) when, and only when, they appear in all
+ capitals, as shown here.
+
+ Copyright (c) 2024 IETF Trust and the persons identified
+ as authors of the code. All rights reserved.
+
+ Redistribution and use in source and binary forms, with
+ or without modification, is permitted pursuant to, and
+ subject to the license terms contained in, the Revised
+ BSD License set forth in Section 4.c of the IETF Trust's
+ Legal Provisions Relating to IETF Documents
+ (https://trustee.ietf.org/license-info).
+
+ This version of this YANG module is part of RFC 9642
+ (https://www.rfc-editor.org/info/rfc9642); see the RFC
+ itself for full legal notices.";
+
+ revision 2024-10-10 {
+ description
+ "Initial version";
+ reference
+ "RFC 9642: A YANG Data Model for a Keystore";
+ }
+
+ /****************/
+ /* Features */
+ /****************/
+
+ feature central-keystore-supported {
+ description
+ "The 'central-keystore-supported' feature indicates that
+ the server supports the central keystore (i.e., fully
+ implements the 'ietf-keystore' module).";
+ }
+
+ feature inline-definitions-supported {
+ description
+ "The 'inline-definitions-supported' feature indicates that
+ the server supports locally defined keys.";
+ }
+
+ feature asymmetric-keys {
+ description
+ "The 'asymmetric-keys' feature indicates that the server
+ implements the /keystore/asymmetric-keys subtree.";
+
+ }
+
+ feature symmetric-keys {
+ description
+ "The 'symmetric-keys' feature indicates that the server
+ implements the /keystore/symmetric-keys subtree.";
+ }
+
+ /****************/
+ /* Typedefs */
+ /****************/
+
+ typedef central-symmetric-key-ref {
+ type leafref {
+ path "/ks:keystore/ks:symmetric-keys/ks:symmetric-key"
+ + "/ks:name";
+ }
+ description
+ "This typedef enables modules to easily define a reference
+ to a symmetric key stored in the central keystore.";
+ }
+
+ typedef central-asymmetric-key-ref {
+ type leafref {
+ path "/ks:keystore/ks:asymmetric-keys/ks:asymmetric-key"
+ + "/ks:name";
+ }
+ description
+ "This typedef enables modules to easily define a reference
+ to an asymmetric key stored in the central keystore.";
+ }
+
+ /*****************/
+ /* Groupings */
+ /*****************/
+
+ grouping encrypted-by-grouping {
+ description
+ "A grouping that defines a 'choice' statement that can be
+ augmented into the 'encrypted-by' node, present in the
+ 'symmetric-key-grouping' and 'asymmetric-key-pair-grouping'
+ groupings defined in RFC 9640, enabling references to keys
+ in the central keystore.";
+ choice encrypted-by {
+ nacm:default-deny-write;
+ mandatory true;
+ description
+ "A choice amongst other symmetric or asymmetric keys.";
+ case central-symmetric-key-ref {
+ if-feature "central-keystore-supported";
+ if-feature "symmetric-keys";
+ leaf symmetric-key-ref {
+ type ks:central-symmetric-key-ref;
+ description
+ "Identifies the symmetric key used to encrypt the
+ associated key.";
+ }
+ }
+ case central-asymmetric-key-ref {
+ if-feature "central-keystore-supported";
+ if-feature "asymmetric-keys";
+ leaf asymmetric-key-ref {
+ type ks:central-asymmetric-key-ref;
+ description
+ "Identifies the asymmetric key whose public key
+ encrypted the associated key.";
+ }
+ }
+ }
+ }
+
+ // *-ref groupings
+
+ grouping central-asymmetric-key-certificate-ref-grouping {
+ description
+ "A grouping for the reference to a certificate associated
+ with an asymmetric key stored in the central keystore.";
+ leaf asymmetric-key {
+ nacm:default-deny-write;
+ if-feature "central-keystore-supported";
+ if-feature "asymmetric-keys";
+ type ks:central-asymmetric-key-ref;
+ must '../certificate';
+ description
+ "A reference to an asymmetric key in the keystore.";
+ }
+ leaf certificate {
+ nacm:default-deny-write;
+ type leafref {
+ path "/ks:keystore/ks:asymmetric-keys/ks:asymmetric-key"
+ + "[ks:name = current()/../asymmetric-key]/"
+ + "ks:certificates/ks:certificate/ks:name";
+ }
+ must '../asymmetric-key';
+ description
+ "A reference to a specific certificate of the
+ asymmetric key in the keystore.";
+ }
+ }
+
+ // inline-or-keystore-* groupings
+
+ grouping inline-or-keystore-symmetric-key-grouping {
+ description
+ "A grouping for the configuration of a symmetric key. The
+ symmetric key may be defined inline or as a reference to
+ a symmetric key stored in the central keystore.
+
+ Servers that wish to define alternate keystore locations
+ SHOULD augment in custom 'case' statements enabling
+ references to those alternate keystore locations.";
+ choice inline-or-keystore {
+ nacm:default-deny-write;
+ mandatory true;
+ description
+ "A choice between an inlined definition and a definition
+ that exists in the keystore.";
+ case inline {
+ if-feature "inline-definitions-supported";
+ container inline-definition {
+ description
+ "A container to hold the local key definition.";
+ uses ct:symmetric-key-grouping;
+ }
+ }
+ case central-keystore {
+ if-feature "central-keystore-supported";
+ if-feature "symmetric-keys";
+ leaf central-keystore-reference {
+ type ks:central-symmetric-key-ref;
+ description
+ "A reference to a symmetric key that exists in
+ the central keystore.";
+ }
+ }
+ }
+ }
+
+ grouping inline-or-keystore-asymmetric-key-grouping {
+ description
+ "A grouping for the configuration of an asymmetric key. The
+ asymmetric key may be defined inline or as a reference to
+ an asymmetric key stored in the central keystore.
+
+ Servers that wish to define alternate keystore locations
+ SHOULD augment in custom 'case' statements enabling
+ references to those alternate keystore locations.";
+ choice inline-or-keystore {
+ nacm:default-deny-write;
+ mandatory true;
+ description
+ "A choice between an inlined definition and a definition
+ that exists in the keystore.";
+ case inline {
+ if-feature "inline-definitions-supported";
+ container inline-definition {
+ description
+ "A container to hold the local key definition.";
+ uses ct:asymmetric-key-pair-grouping;
+ }
+ }
+ case central-keystore {
+ if-feature "central-keystore-supported";
+ if-feature "asymmetric-keys";
+ leaf central-keystore-reference {
+ type ks:central-asymmetric-key-ref;
+ description
+ "A reference to an asymmetric key that exists in
+ the central keystore. The intent is to reference
+ just the asymmetric key without any regard for
+ any certificates that may be associated with it.";
+ }
+ }
+ }
+ }
+
+ grouping inline-or-keystore-asymmetric-key-with-certs-grouping {
+ description
+ "A grouping for the configuration of an asymmetric key and
+ its associated certificates. The asymmetric key and its
+ associated certificates may be defined inline or as a
+ reference to an asymmetric key (and its associated
+ certificates) in the central keystore.
+
+ Servers that wish to define alternate keystore locations
+ SHOULD augment in custom 'case' statements enabling
+ references to those alternate keystore locations.";
+ choice inline-or-keystore {
+ nacm:default-deny-write;
+ mandatory true;
+ description
+ "A choice between an inlined definition and a definition
+ that exists in the keystore.";
+ case inline {
+ if-feature "inline-definitions-supported";
+ container inline-definition {
+ description
+ "A container to hold the local key definition.";
+ uses ct:asymmetric-key-pair-with-certs-grouping;
+ }
+ }
+ case central-keystore {
+ if-feature "central-keystore-supported";
+ if-feature "asymmetric-keys";
+ leaf central-keystore-reference {
+ type ks:central-asymmetric-key-ref;
+ description
+ "A reference to an asymmetric key (and all of its
+ associated certificates) in the keystore, when
+ this module is implemented.";
+ }
+ }
+ }
+ }
+
+ grouping inline-or-keystore-end-entity-cert-with-key-grouping {
+ description
+ "A grouping for the configuration of an asymmetric key and
+ its associated end-entity certificate. The asymmetric key
+ and its associated end-entity certificate may be defined
+ inline or as a reference to an asymmetric key (and its
+ associated end-entity certificate) in the central keystore.
+
+ Servers that wish to define alternate keystore locations
+ SHOULD augment in custom 'case' statements enabling
+ references to those alternate keystore locations.";
+ choice inline-or-keystore {
+ nacm:default-deny-write;
+ mandatory true;
+ description
+ "A choice between an inlined definition and a definition
+ that exists in the keystore.";
+ case inline {
+ if-feature "inline-definitions-supported";
+ container inline-definition {
+ description
+ "A container to hold the local key definition.";
+ uses ct:asymmetric-key-pair-with-cert-grouping;
+ }
+ }
+ case central-keystore {
+ if-feature "central-keystore-supported";
+ if-feature "asymmetric-keys";
+ container central-keystore-reference {
+ uses central-asymmetric-key-certificate-ref-grouping;
+ description
+ "A reference to a specific certificate associated with
+ an asymmetric key stored in the central keystore.";
+ }
+ }
+ }
+ }
+
+ // the keystore grouping
+
+ grouping keystore-grouping {
+ description
+ "A grouping definition enables use in other contexts. If ever
+ done, implementations MUST augment new 'case' statements
+ into the various inline-or-keystore 'choice' statements to
+ supply leafrefs to the model-specific location(s).";
+ container asymmetric-keys {
+ nacm:default-deny-write;
+ if-feature "asymmetric-keys";
+ description
+ "A list of asymmetric keys.";
+ list asymmetric-key {
+ key "name";
+ description
+ "An asymmetric key.";
+ leaf name {
+ type string;
+ description
+ "An arbitrary name for the asymmetric key.";
+ }
+ uses ct:asymmetric-key-pair-with-certs-grouping;
+ }
+ }
+ container symmetric-keys {
+ nacm:default-deny-write;
+ if-feature "symmetric-keys";
+ description
+ "A list of symmetric keys.";
+ list symmetric-key {
+ key "name";
+ description
+ "A symmetric key.";
+ leaf name {
+ type string;
+ description
+ "An arbitrary name for the symmetric key.";
+ }
+ uses ct:symmetric-key-grouping;
+ }
+ }
+ }
+
+ /*********************************/
+ /* Protocol accessible nodes */
+ /*********************************/
+
+ container keystore {
+ if-feature "central-keystore-supported";
+ description
+ "A central keystore containing a list of symmetric keys and
+ a list of asymmetric keys.";
+ nacm:default-deny-write;
+ uses keystore-grouping {
+ augment "symmetric-keys/symmetric-key/key-type/encrypted-"
+ + "symmetric-key/encrypted-symmetric-key/encrypted-by" {
+ description
+ "Augments in a choice statement enabling the encrypting
+ key to be any other symmetric or asymmetric key in the
+ central keystore.";
+ uses encrypted-by-grouping;
+ }
+ augment "asymmetric-keys/asymmetric-key/private-key-type/"
+ + "encrypted-private-key/encrypted-private-key/"
+ + "encrypted-by" {
+ description
+ "Augments in a choice statement enabling the encrypting
+ key to be any other symmetric or asymmetric key in the
+ central keystore.";
+ uses encrypted-by-grouping;
+ }
+ }
+ }
+}
diff --git a/yangkit-examples/src/main/resources/App6/yangs/ietf-netconf-acm@2018-02-14.yang b/yangkit-examples/src/main/resources/App6/yangs/ietf-netconf-acm@2018-02-14.yang
new file mode 100644
index 00000000..bf4855fa
--- /dev/null
+++ b/yangkit-examples/src/main/resources/App6/yangs/ietf-netconf-acm@2018-02-14.yang
@@ -0,0 +1,464 @@
+module ietf-netconf-acm {
+
+ namespace "urn:ietf:params:xml:ns:yang:ietf-netconf-acm";
+
+ prefix nacm;
+
+ import ietf-yang-types {
+ prefix yang;
+ }
+
+ organization
+ "IETF NETCONF (Network Configuration) Working Group";
+
+ contact
+ "WG Web:
+ WG List:
+
+ Author: Andy Bierman
+
+
+ Author: Martin Bjorklund
+ ";
+
+ description
+ "Network Configuration Access Control Model.
+
+ Copyright (c) 2012 - 2018 IETF Trust and the persons
+ identified as authors of the code. All rights reserved.
+
+ Redistribution and use in source and binary forms, with or
+ without modification, is permitted pursuant to, and subject
+ to the license terms contained in, the Simplified BSD
+ License set forth in Section 4.c of the IETF Trust's
+ Legal Provisions Relating to IETF Documents
+ (https://trustee.ietf.org/license-info).
+
+ This version of this YANG module is part of RFC 8341; see
+ the RFC itself for full legal notices.";
+
+ revision "2018-02-14" {
+ description
+ "Added support for YANG 1.1 actions and notifications tied to
+ data nodes. Clarified how NACM extensions can be used by
+ other data models.";
+ reference
+ "RFC 8341: Network Configuration Access Control Model";
+ }
+
+ revision "2012-02-22" {
+ description
+ "Initial version.";
+ reference
+ "RFC 6536: Network Configuration Protocol (NETCONF)
+ Access Control Model";
+ }
+
+ /*
+ * Extension statements
+ */
+
+ extension default-deny-write {
+ description
+ "Used to indicate that the data model node
+ represents a sensitive security system parameter.
+
+ If present, the NETCONF server will only allow the designated
+ 'recovery session' to have write access to the node. An
+ explicit access control rule is required for all other users.
+
+ If the NACM module is used, then it must be enabled (i.e.,
+ /nacm/enable-nacm object equals 'true'), or this extension
+ is ignored.
+
+ The 'default-deny-write' extension MAY appear within a data
+ definition statement. It is ignored otherwise.";
+ }
+
+ extension default-deny-all {
+ description
+ "Used to indicate that the data model node
+ controls a very sensitive security system parameter.
+
+ If present, the NETCONF server will only allow the designated
+ 'recovery session' to have read, write, or execute access to
+ the node. An explicit access control rule is required for all
+ other users.
+
+ If the NACM module is used, then it must be enabled (i.e.,
+ /nacm/enable-nacm object equals 'true'), or this extension
+ is ignored.
+
+ The 'default-deny-all' extension MAY appear within a data
+ definition statement, 'rpc' statement, or 'notification'
+ statement. It is ignored otherwise.";
+ }
+
+ /*
+ * Derived types
+ */
+
+ typedef user-name-type {
+ type string {
+ length "1..max";
+ }
+ description
+ "General-purpose username string.";
+ }
+
+ typedef matchall-string-type {
+ type string {
+ pattern '\*';
+ }
+ description
+ "The string containing a single asterisk '*' is used
+ to conceptually represent all possible values
+ for the particular leaf using this data type.";
+ }
+
+ typedef access-operations-type {
+ type bits {
+ bit create {
+ description
+ "Any protocol operation that creates a
+ new data node.";
+ }
+ bit read {
+ description
+ "Any protocol operation or notification that
+ returns the value of a data node.";
+ }
+ bit update {
+ description
+ "Any protocol operation that alters an existing
+ data node.";
+ }
+ bit delete {
+ description
+ "Any protocol operation that removes a data node.";
+ }
+ bit exec {
+ description
+ "Execution access to the specified protocol operation.";
+ }
+ }
+ description
+ "Access operation.";
+ }
+
+ typedef group-name-type {
+ type string {
+ length "1..max";
+ pattern '[^\*].*';
+ }
+ description
+ "Name of administrative group to which
+ users can be assigned.";
+ }
+
+ typedef action-type {
+ type enumeration {
+ enum permit {
+ description
+ "Requested action is permitted.";
+ }
+ enum deny {
+ description
+ "Requested action is denied.";
+ }
+ }
+ description
+ "Action taken by the server when a particular
+ rule matches.";
+ }
+
+ typedef node-instance-identifier {
+ type yang:xpath1.0;
+ description
+ "Path expression used to represent a special
+ data node, action, or notification instance-identifier
+ string.
+
+ A node-instance-identifier value is an
+ unrestricted YANG instance-identifier expression.
+ All the same rules as an instance-identifier apply,
+ except that predicates for keys are optional. If a key
+ predicate is missing, then the node-instance-identifier
+ represents all possible server instances for that key.
+
+ This XML Path Language (XPath) expression is evaluated in the
+ following context:
+
+ o The set of namespace declarations are those in scope on
+ the leaf element where this type is used.
+
+ o The set of variable bindings contains one variable,
+ 'USER', which contains the name of the user of the
+ current session.
+
+ o The function library is the core function library, but
+ note that due to the syntax restrictions of an
+ instance-identifier, no functions are allowed.
+
+ o The context node is the root node in the data tree.
+
+ The accessible tree includes actions and notifications tied
+ to data nodes.";
+ }
+
+ /*
+ * Data definition statements
+ */
+
+ container nacm {
+ nacm:default-deny-all;
+
+ description
+ "Parameters for NETCONF access control model.";
+
+ leaf enable-nacm {
+ type boolean;
+ default "true";
+ description
+ "Enables or disables all NETCONF access control
+ enforcement. If 'true', then enforcement
+ is enabled. If 'false', then enforcement
+ is disabled.";
+ }
+
+ leaf read-default {
+ type action-type;
+ default "permit";
+ description
+ "Controls whether read access is granted if
+ no appropriate rule is found for a
+ particular read request.";
+ }
+
+ leaf write-default {
+ type action-type;
+ default "deny";
+ description
+ "Controls whether create, update, or delete access
+ is granted if no appropriate rule is found for a
+ particular write request.";
+ }
+
+ leaf exec-default {
+ type action-type;
+ default "permit";
+ description
+ "Controls whether exec access is granted if no appropriate
+ rule is found for a particular protocol operation request.";
+ }
+
+ leaf enable-external-groups {
+ type boolean;
+ default "true";
+ description
+ "Controls whether the server uses the groups reported by the
+ NETCONF transport layer when it assigns the user to a set of
+ NACM groups. If this leaf has the value 'false', any group
+ names reported by the transport layer are ignored by the
+ server.";
+ }
+
+ leaf denied-operations {
+ type yang:zero-based-counter32;
+ config false;
+ mandatory true;
+ description
+ "Number of times since the server last restarted that a
+ protocol operation request was denied.";
+ }
+
+ leaf denied-data-writes {
+ type yang:zero-based-counter32;
+ config false;
+ mandatory true;
+ description
+ "Number of times since the server last restarted that a
+ protocol operation request to alter
+ a configuration datastore was denied.";
+ }
+
+ leaf denied-notifications {
+ type yang:zero-based-counter32;
+ config false;
+ mandatory true;
+ description
+ "Number of times since the server last restarted that
+ a notification was dropped for a subscription because
+ access to the event type was denied.";
+ }
+
+ container groups {
+ description
+ "NETCONF access control groups.";
+
+ list group {
+ key name;
+
+ description
+ "One NACM group entry. This list will only contain
+ configured entries, not any entries learned from
+ any transport protocols.";
+
+ leaf name {
+ type group-name-type;
+ description
+ "Group name associated with this entry.";
+ }
+
+ leaf-list user-name {
+ type user-name-type;
+ description
+ "Each entry identifies the username of
+ a member of the group associated with
+ this entry.";
+ }
+ }
+ }
+
+ list rule-list {
+ key name;
+ ordered-by user;
+ description
+ "An ordered collection of access control rules.";
+
+ leaf name {
+ type string {
+ length "1..max";
+ }
+ description
+ "Arbitrary name assigned to the rule-list.";
+ }
+ leaf-list group {
+ type union {
+ type matchall-string-type;
+ type group-name-type;
+ }
+ description
+ "List of administrative groups that will be
+ assigned the associated access rights
+ defined by the 'rule' list.
+
+ The string '*' indicates that all groups apply to the
+ entry.";
+ }
+
+ list rule {
+ key name;
+ ordered-by user;
+ description
+ "One access control rule.
+
+ Rules are processed in user-defined order until a match is
+ found. A rule matches if 'module-name', 'rule-type', and
+ 'access-operations' match the request. If a rule
+ matches, the 'action' leaf determines whether or not
+ access is granted.";
+
+ leaf name {
+ type string {
+ length "1..max";
+ }
+ description
+ "Arbitrary name assigned to the rule.";
+ }
+
+ leaf module-name {
+ type union {
+ type matchall-string-type;
+ type string;
+ }
+ default "*";
+ description
+ "Name of the module associated with this rule.
+
+ This leaf matches if it has the value '*' or if the
+ object being accessed is defined in the module with the
+ specified module name.";
+ }
+ choice rule-type {
+ description
+ "This choice matches if all leafs present in the rule
+ match the request. If no leafs are present, the
+ choice matches all requests.";
+ case protocol-operation {
+ leaf rpc-name {
+ type union {
+ type matchall-string-type;
+ type string;
+ }
+ description
+ "This leaf matches if it has the value '*' or if
+ its value equals the requested protocol operation
+ name.";
+ }
+ }
+ case notification {
+ leaf notification-name {
+ type union {
+ type matchall-string-type;
+ type string;
+ }
+ description
+ "This leaf matches if it has the value '*' or if its
+ value equals the requested notification name.";
+ }
+ }
+
+ case data-node {
+ leaf path {
+ type node-instance-identifier;
+ mandatory true;
+ description
+ "Data node instance-identifier associated with the
+ data node, action, or notification controlled by
+ this rule.
+
+ Configuration data or state data
+ instance-identifiers start with a top-level
+ data node. A complete instance-identifier is
+ required for this type of path value.
+
+ The special value '/' refers to all possible
+ datastore contents.";
+ }
+ }
+ }
+
+ leaf access-operations {
+ type union {
+ type matchall-string-type;
+ type access-operations-type;
+ }
+ default "*";
+ description
+ "Access operations associated with this rule.
+
+ This leaf matches if it has the value '*' or if the
+ bit corresponding to the requested operation is set.";
+ }
+
+ leaf action {
+ type action-type;
+ mandatory true;
+ description
+ "The access control action associated with the
+ rule. If a rule has been determined to match a
+ particular request, then this object is used
+ to determine whether to permit or deny the
+ request.";
+ }
+
+ leaf comment {
+ type string;
+ description
+ "A textual description of the access rule.";
+ }
+ }
+ }
+ }
+}
diff --git a/yangkit-examples/src/main/resources/App6/yangs/ietf-network-instance@2019-01-21.yang b/yangkit-examples/src/main/resources/App6/yangs/ietf-network-instance@2019-01-21.yang
new file mode 100644
index 00000000..dfde7fbe
--- /dev/null
+++ b/yangkit-examples/src/main/resources/App6/yangs/ietf-network-instance@2019-01-21.yang
@@ -0,0 +1,282 @@
+module ietf-network-instance {
+ yang-version 1.1;
+ namespace "urn:ietf:params:xml:ns:yang:ietf-network-instance";
+ prefix ni;
+
+ // import some basic types
+
+ import ietf-interfaces {
+ prefix if;
+ reference
+ "RFC 8343: A YANG Data Model for Interface Management";
+ }
+ import ietf-ip {
+ prefix ip;
+ reference
+ "RFC 8344: A YANG Data Model for IP Management";
+ }
+ import ietf-yang-schema-mount {
+ prefix yangmnt;
+ reference
+ "RFC 8528: YANG Schema Mount";
+ }
+
+ organization
+ "IETF Routing Area (rtgwg) Working Group";
+ contact
+ "WG Web:
+ WG List:
+
+ Author: Lou Berger
+
+ Author: Christian Hopps
+
+ Author: Acee Lindem
+
+ Author: Dean Bogdanovic
+ ";
+ description
+ "This module is used to support multiple network instances
+ within a single physical or virtual device. Network
+ instances are commonly known as VRFs (VPN Routing and
+ Forwarding) and VSIs (Virtual Switching Instances).
+ The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL',
+ 'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED',
+ 'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this document
+ are to be interpreted as described in BCP 14 (RFC 2119)
+ (RFC 8174) when, and only when, they appear in all capitals,
+ as shown here.
+
+ Copyright (c) 2019 IETF Trust and the persons identified as
+ authors of the code. All rights reserved.
+
+ Redistribution and use in source and binary forms, with or
+ without modification, is permitted pursuant to, and subject
+ to the license terms contained in, the Simplified BSD
+ License set forth in Section 4.c of the IETF Trust's Legal
+ Provisions Relating to IETF Documents
+ (https://trustee.ietf.org/license-info).
+
+ This version of this YANG module is part of RFC 8529; see
+ the RFC itself for full legal notices.";
+
+ revision 2019-01-21 {
+ description
+ "Initial revision.";
+ reference
+ "RFC 8529";
+ }
+
+ // top-level device definition statements
+
+ container network-instances {
+ description
+ "Network instances, each of which consists of
+ VRFs and/or VSIs.";
+ reference
+ "RFC 8349: A YANG Data Model for Routing Management";
+ list network-instance {
+ key "name";
+ description
+ "List of network instances.";
+ leaf name {
+ type string;
+ mandatory true;
+ description
+ "device-scoped identifier for the network
+ instance.";
+ }
+ leaf enabled {
+ type boolean;
+ default "true";
+ description
+ "Flag indicating whether or not the network
+ instance is enabled.";
+ }
+ leaf description {
+ type string;
+ description
+ "Description of the network instance
+ and its intended purpose.";
+ }
+ choice ni-type {
+ description
+ "This node serves as an anchor point for different types
+ of network instances. Each 'case' is expected to
+ differ in terms of the information needed in the
+ parent/core to support the NI and may differ in their
+ mounted-schema definition. When the mounted schema is
+ not expected to be the same for a specific type of NI,
+ a mount point should be defined.";
+ }
+ choice root-type {
+ mandatory true;
+ description
+ "Well-known mount points.";
+ container vrf-root {
+ description
+ "Container for mount point.";
+ yangmnt:mount-point "vrf-root" {
+ description
+ "Root for L3VPN-type models. This will typically
+ not be an inline-type mount point.";
+ }
+ }
+ container vsi-root {
+ description
+ "Container for mount point.";
+ yangmnt:mount-point "vsi-root" {
+ description
+ "Root for L2VPN-type models. This will typically
+ not be an inline-type mount point.";
+ }
+ }
+ container vv-root {
+ description
+ "Container for mount point.";
+ yangmnt:mount-point "vv-root" {
+ description
+ "Root models that support both L2VPN-type bridging
+ and L3VPN-type routing. This will typically
+ not be an inline-type mount point.";
+ }
+ }
+ }
+ }
+ }
+
+ // augment statements
+
+ augment "/if:interfaces/if:interface" {
+ description
+ "Add a node for the identification of the network
+ instance associated with the information configured
+ on a interface.
+
+ Note that a standard error will be returned if the
+ identified leafref isn't present. If an interface cannot
+ be assigned for any other reason, the operation SHALL fail
+ with an error-tag of 'operation-failed' and an
+ error-app-tag of 'ni-assignment-failed'. A meaningful
+ error-info that indicates the source of the assignment
+ failure SHOULD also be provided.";
+ leaf bind-ni-name {
+ type leafref {
+ path "/network-instances/network-instance/name";
+ }
+ description
+ "Network instance to which an interface is bound.";
+ }
+ }
+ augment "/if:interfaces/if:interface/ip:ipv4" {
+ description
+ "Add a node for the identification of the network
+ instance associated with the information configured
+ on an IPv4 interface.
+
+ Note that a standard error will be returned if the
+ identified leafref isn't present. If an interface cannot
+ be assigned for any other reason, the operation SHALL fail
+ with an error-tag of 'operation-failed' and an
+ error-app-tag of 'ni-assignment-failed'. A meaningful
+ error-info that indicates the source of the assignment
+ failure SHOULD also be provided.";
+ leaf bind-ni-name {
+ type leafref {
+ path "/network-instances/network-instance/name";
+ }
+ description
+ "Network instance to which IPv4 interface is bound.";
+ }
+ }
+ augment "/if:interfaces/if:interface/ip:ipv6" {
+ description
+ "Add a node for the identification of the network
+ instance associated with the information configured
+ on an IPv6 interface.
+
+ Note that a standard error will be returned if the
+ identified leafref isn't present. If an interface cannot
+ be assigned for any other reason, the operation SHALL fail
+ with an error-tag of 'operation-failed' and an
+ error-app-tag of 'ni-assignment-failed'. A meaningful
+ error-info that indicates the source of the assignment
+ failure SHOULD also be provided.";
+ leaf bind-ni-name {
+ type leafref {
+ path "/network-instances/network-instance/name";
+ }
+ description
+ "Network instance to which IPv6 interface is bound.";
+ }
+ }
+
+ // notification statements
+
+ notification bind-ni-name-failed {
+ description
+ "Indicates an error in the association of an interface to an
+ NI. Only generated after success is initially returned when
+ bind-ni-name is set.
+
+ Note: Some errors may need to be reported for multiple
+ associations, e.g., a single error may need to be reported
+ for an IPv4 and an IPv6 bind-ni-name.
+
+ At least one container with a bind-ni-name leaf MUST be
+ included in this notification.";
+ leaf name {
+ type leafref {
+ path "/if:interfaces/if:interface/if:name";
+ }
+ mandatory true;
+ description
+ "Contains the interface name associated with the
+ failure.";
+ }
+ container interface {
+ description
+ "Generic interface type.";
+ leaf bind-ni-name {
+ type leafref {
+ path "/if:interfaces/if:interface"
+ + "/ni:bind-ni-name";
+ }
+ description
+ "Contains the bind-ni-name associated with the
+ failure.";
+ }
+ }
+ container ipv4 {
+ description
+ "IPv4 interface type.";
+ leaf bind-ni-name {
+ type leafref {
+ path "/if:interfaces/if:interface/ip:ipv4/ni:bind-ni-name";
+ }
+ description
+ "Contains the bind-ni-name associated with the
+ failure.";
+ }
+ }
+ container ipv6 {
+ description
+ "IPv6 interface type.";
+ leaf bind-ni-name {
+ type leafref {
+ path "/if:interfaces/if:interface/ip:ipv6"
+ + "/ni:bind-ni-name";
+ }
+ description
+ "Contains the bind-ni-name associated with the
+ failure.";
+ }
+ }
+ leaf error-info {
+ type string;
+ description
+ "Optionally, indicates the source of the assignment
+ failure.";
+ }
+ }
+}
diff --git a/yangkit-examples/src/main/resources/App6/yangs/ietf-notification-capabilities@2022-02-17.yang b/yangkit-examples/src/main/resources/App6/yangs/ietf-notification-capabilities@2022-02-17.yang
new file mode 100644
index 00000000..c9385b25
--- /dev/null
+++ b/yangkit-examples/src/main/resources/App6/yangs/ietf-notification-capabilities@2022-02-17.yang
@@ -0,0 +1,262 @@
+module ietf-notification-capabilities {
+ yang-version 1.1;
+ namespace
+ "urn:ietf:params:xml:ns:yang:ietf-notification-capabilities";
+ prefix notc;
+
+ import ietf-yang-push {
+ prefix yp;
+ description
+ "This module requires ietf-yang-push to be implemented.";
+ reference
+ "RFC 8641: Subscription to YANG Notifications for
+ Datastore Updates";
+ }
+ import ietf-system-capabilities {
+ prefix sysc;
+ description
+ "This module requires ietf-system-capabilities to be
+ implemented.";
+ reference
+ "RFC 9196: YANG Modules Describing Capabilities for Systems
+ and Datastore Update Notifications";
+ }
+
+ organization
+ "IETF NETCONF (Network Configuration) Working Group";
+ contact
+ "WG Web:
+ WG List:
+
+ Editor: Balazs Lengyel
+ ";
+ description
+ "This module specifies publisher capabilities related to
+ YANG-Push (RFC 8641).
+
+ The module contains:
+
+ - a specification of the data nodes that support 'on-change' or
+ 'periodic' notifications.
+
+ - capabilities related to the throughput of notification data
+ that the publisher can support. (Note that for a specific
+ subscription, the publisher MAY allow only longer periods
+ or smaller updates depending on, e.g., actual load conditions.)
+
+ Capability values can be specified at the system/publisher
+ level, at the datastore level, or for specific data nodes of
+ a specific datastore (and their contained subtrees), as defined
+ in the ietf-system-capabilities module.
+
+ If different data nodes covered by a single subscription
+ have different values for a specific capability, then using
+ values that are only acceptable for some of these data nodes,
+ but not for others, may result in the rejection of the
+ subscription.
+
+ The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL',
+ 'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED',
+ 'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this document
+ are to be interpreted as described in BCP 14 (RFC 2119)
+ (RFC 8174) when, and only when, they appear in all
+ capitals, as shown here.
+
+ Copyright (c) 2022 IETF Trust and the persons identified as
+ authors of the code. All rights reserved.
+
+ Redistribution and use in source and binary forms, with or
+ without modification, is permitted pursuant to, and subject to
+ the license terms contained in, the Revised BSD License set
+ forth in Section 4.c of the IETF Trust's Legal Provisions
+ Relating to IETF Documents
+ (https://trustee.ietf.org/license-info).
+
+ This version of this YANG module is part of RFC 9196
+ (https://www.rfc-editor.org/info/rfc9196); see the RFC itself
+ for full legal notices.";
+
+ revision 2022-02-17 {
+ description
+ "Initial version";
+ reference
+ "RFC 9196: YANG Modules Describing Capabilities for Systems
+ and Datastore Update Notifications";
+ }
+
+ grouping subscription-capabilities {
+ description
+ "Capabilities related to YANG-Push subscriptions
+ and notifications";
+ container subscription-capabilities {
+ description
+ "Capabilities related to YANG-Push subscriptions
+ and notifications";
+ typedef notification-support {
+ type bits {
+ bit config-changes {
+ description
+ "The publisher is capable of sending
+ notifications for 'config true' nodes for the
+ relevant scope and subscription type.";
+ }
+ bit state-changes {
+ description
+ "The publisher is capable of sending
+ notifications for 'config false' nodes for the
+ relevant scope and subscription type.";
+ }
+ }
+ description
+ "Type for defining whether 'on-change' or
+ 'periodic' notifications are supported for all data nodes,
+ 'config false' data nodes, 'config true' data nodes, or
+ no data nodes.
+
+ The bits config-changes or state-changes have no effect
+ when they are set for a datastore or for a set of nodes
+ that does not contain nodes with the indicated config
+ value. In those cases, the effect is the same as if no
+ support was declared. One example of this is indicating
+ support for state-changes for a candidate datastore that
+ has no effect.";
+ }
+
+ leaf max-nodes-per-update {
+ type uint32 {
+ range "1..max";
+ }
+ description
+ "Maximum number of data nodes that can be sent
+ in an update. The publisher MAY support more data nodes
+ but SHOULD support at least this number.
+
+ May be used to avoid the 'update-too-big' error
+ during subscription.";
+ reference
+ "RFC 8641: Subscription to YANG Notifications for
+ Datastore Updates, the 'update-too-big' error/identity";
+ }
+ leaf periodic-notifications-supported {
+ type notification-support;
+ description
+ "Specifies whether the publisher is capable of
+ sending 'periodic' notifications for the selected
+ data nodes, including any subtrees that may exist
+ below them.";
+ reference
+ "RFC 8641: Subscription to YANG Notifications for
+ Datastore Updates, 'periodic' subscription concept";
+ }
+ choice update-period {
+ description
+ "Supported update period value or values for
+ 'periodic' subscriptions.";
+ leaf minimum-update-period {
+ type uint32;
+ units "centiseconds";
+ description
+ "Indicates the minimal update period that is
+ supported for a 'periodic' subscription.
+
+ A subscription request to the selected data nodes with
+ a smaller period than what this leaf specifies is
+ likely to result in a 'period-unsupported' error.";
+ reference
+ "RFC 8641: Subscription to YANG Notifications for
+ Datastore Updates, the period leaf in the ietf-yang-push
+ YANG module";
+ }
+ leaf-list supported-update-period {
+ type uint32;
+ units "centiseconds";
+ description
+ "Supported update period values for a 'periodic'
+ subscription.
+
+ A subscription request to the selected data nodes with a
+ period not included in the leaf-list will result in a
+ 'period-unsupported' error.";
+ reference
+ "RFC 8641: Subscription to YANG Notifications for
+ Datastore Updates, the period leaf in the ietf-yang-push
+ YANG module";
+ }
+ }
+ leaf on-change-supported {
+ if-feature "yp:on-change";
+ type notification-support;
+ description
+ "Specifies whether the publisher is capable of
+ sending 'on-change' notifications for the selected
+ data nodes and the subtree below them.";
+ reference
+ "RFC 8641: Subscription to YANG Notifications for Datastore
+ Updates, on-change concept";
+ }
+ leaf minimum-dampening-period {
+ if-feature "yp:on-change";
+ type uint32;
+ units "centiseconds";
+ description
+ "The minimum dampening period supported for 'on-change'
+ subscriptions for the selected data nodes.
+
+ If this value is present and greater than zero,
+ that implies dampening is mandatory.";
+ reference
+ "RFC 8641: Subscription to YANG Notifications for
+ Datastore Updates, the dampening-period leaf in the
+ ietf-yang-push YANG module";
+ }
+ leaf-list supported-excluded-change-type {
+ if-feature "yp:on-change";
+ type union {
+ type enumeration {
+ enum none {
+ value -2;
+ description
+ "None of the change types can be excluded.";
+ }
+ enum all {
+ value -1;
+ description
+ "Any combination of change types can be excluded.";
+ }
+ }
+ type yp:change-type;
+ }
+ description
+ "The change types that can be excluded in
+ YANG-Push subscriptions for the selected data nodes.";
+ reference
+ "RFC 8641: Subscription to YANG Notifications for Datastore
+ Updates, the change-type typedef in the ietf-yang-push
+ YANG module";
+ }
+ }
+ }
+
+ augment "/sysc:system-capabilities" {
+ description
+ "Add system level capabilities";
+ uses subscription-capabilities {
+ refine
+ "subscription-capabilities/supported-excluded-change-type" {
+ default "none";
+ }
+ }
+ }
+
+ augment "/sysc:system-capabilities/sysc:datastore-capabilities"
+ + "/sysc:per-node-capabilities" {
+ description
+ "Add datastore and node-level capabilities";
+ uses subscription-capabilities {
+ refine
+ "subscription-capabilities/supported-excluded-change-type" {
+ default "none";
+ }
+ }
+ }
+}
diff --git a/yangkit-examples/src/main/resources/App6/yangs/ietf-platform-manifest@2025-02-21.yang b/yangkit-examples/src/main/resources/App6/yangs/ietf-platform-manifest@2025-02-21.yang
new file mode 100644
index 00000000..29c738bc
--- /dev/null
+++ b/yangkit-examples/src/main/resources/App6/yangs/ietf-platform-manifest@2025-02-21.yang
@@ -0,0 +1,150 @@
+module ietf-platform-manifest {
+ yang-version 1.1;
+ namespace "urn:ietf:params:xml:ns:yang:ietf-platform-manifest";
+ prefix p-mf;
+
+ import ietf-yang-library {
+ prefix yanglib;
+ reference
+ "RFC8525: YANG Library";
+ }
+
+ organization
+ "IETF OPSAWG (Operations and Management Area) Working Group";
+ contact
+ "WG Web:
+ WG List:
+ Author: Benoit Claise
+ Author: Jean Quilbeuf
+ Author: Diego R. Lopez
+ Author: Ignacio Dominguez
+
+ Author: Thomas Graf ";
+ description
+ "This module describes the platform information to be used as
+ context of data collection from a given network element. The
+ contents of this model must be streamed along with the data
+ streamed from the network element so that the platform context
+ of the data collection can be retrieved later.
+
+ The data content of this model should not change except on
+ upgrade or patching of the device.
+
+ Copyright (c) 2022 IETF Trust and the persons identified as
+ authors of the code. All rights reserved.
+
+ Redistribution and use in source and binary forms, with or
+ without modification, is permitted pursuant to, and subject
+ to the license terms contained in, the Revised BSD License
+ set forth in Section 4.c of the IETF Trust's Legal Provisions
+ Relating to IETF Documents
+ (https://trustee.ietf.org/license-info).
+ This version of this YANG module is part of RFC XXXX; see the
+ RFC itself for full legal notices. ";
+
+ revision 2025-02-21 {
+ description
+ "Initial revision";
+ reference
+ "RFC xxxx: A Data Manifest for Contextualized Telemetry Data";
+ }
+
+ grouping platform-details {
+ description
+ "This grouping contains the information about a particular
+ platform, as stored in the YANG catalog.";
+ leaf name {
+ type string {
+ length "1..1023";
+ }
+ description
+ "Model of the platform from which data is collected.";
+ }
+ leaf vendor {
+ type string {
+ length "1..1023";
+ }
+ description
+ "Organization that implements that platform.";
+ }
+ leaf vendor-pen {
+ type uint32;
+ description
+ "Vendor's registered Private Enterprise Number";
+ reference
+ "RFC9371: Registration Procedures for Private Enterprise
+ Numbers (PENs)";
+ }
+ leaf software-version {
+ type string {
+ length "1..1023";
+ }
+ description
+ "Name of the version of software. With respect to most
+ network device appliances, this will be the operating system
+ version. But for other YANG module implementation, this
+ would be a version of appliance software. Ultimately, this
+ should correspond to a version string that will be
+ recognizable by the consumers of the platform.";
+ }
+ leaf software-flavor {
+ type string {
+ length "1..1023";
+ }
+ description
+ "A variation of a specific version where YANG model support
+ may be different. Depending on the vendor, this could be a
+ license, additional software component, or a feature set.";
+ }
+ leaf os-version {
+ type string {
+ length "1..1023";
+ }
+ description
+ "Version of the operating system using this module. This is
+ primarily useful if the software implementing the module is
+ an application that requires a specific operating system
+ version.";
+ }
+ leaf os-type {
+ type string {
+ length "1..1023";
+ }
+ description
+ "Type of the operating system using this module. This is
+ primarily useful if the software implementing the module is
+ an application that requires a specific operating system
+ type.";
+ }
+ }
+
+ container platforms {
+ config false;
+ description
+ "Top container including all platforms in scope. If this model
+ is hosted on a single device, it should contain a single entry
+ in the list. At the network level, it should contain an entry
+ for every monitored platform.";
+ list platform {
+ key "id";
+ description
+ "Contains information about the platform that allows
+ identifying and understanding the individual data collection
+ information.";
+ leaf id {
+ type string {
+ length "1..1023";
+ }
+ description
+ "Identifies a given platform on the network, for instance
+ the 'sysName' of the platform. The 'id' has to be unique
+ within the network scope at every point in time. The same
+ id can point to different platform if they are not
+ simultaneously part of the network, e.g., when a device
+ associated to a particular id is replaced.";
+ }
+ uses platform-details;
+ uses yanglib:yang-library-parameters;
+ }
+ }
+}
\ No newline at end of file
diff --git a/yangkit-examples/src/main/resources/App6/yangs/ietf-restconf@2017-01-26.yang b/yangkit-examples/src/main/resources/App6/yangs/ietf-restconf@2017-01-26.yang
new file mode 100644
index 00000000..b47455b8
--- /dev/null
+++ b/yangkit-examples/src/main/resources/App6/yangs/ietf-restconf@2017-01-26.yang
@@ -0,0 +1,278 @@
+module ietf-restconf {
+ yang-version 1.1;
+ namespace "urn:ietf:params:xml:ns:yang:ietf-restconf";
+ prefix "rc";
+
+ organization
+ "IETF NETCONF (Network Configuration) Working Group";
+
+ contact
+ "WG Web:
+ WG List:
+
+ Author: Andy Bierman
+
+
+ Author: Martin Bjorklund
+
+
+ Author: Kent Watsen
+ ";
+
+ description
+ "This module contains conceptual YANG specifications
+ for basic RESTCONF media type definitions used in
+ RESTCONF protocol messages.
+
+ Note that the YANG definitions within this module do not
+ represent configuration data of any kind.
+ The 'restconf-media-type' YANG extension statement
+ provides a normative syntax for XML and JSON
+ message-encoding purposes.
+
+ Copyright (c) 2017 IETF Trust and the persons identified as
+ authors of the code. All rights reserved.
+
+ Redistribution and use in source and binary forms, with or
+ without modification, is permitted pursuant to, and subject
+ to the license terms contained in, the Simplified BSD License
+ set forth in Section 4.c of the IETF Trust's Legal Provisions
+ Relating to IETF Documents
+ (http://trustee.ietf.org/license-info).
+
+ This version of this YANG module is part of RFC 8040; see
+ the RFC itself for full legal notices.";
+
+ revision 2017-01-26 {
+ description
+ "Initial revision.";
+ reference
+ "RFC 8040: RESTCONF Protocol.";
+ }
+
+ extension yang-data {
+ argument name {
+ yin-element true;
+ }
+ description
+ "This extension is used to specify a YANG data template that
+ represents conceptual data defined in YANG. It is
+ intended to describe hierarchical data independent of
+ protocol context or specific message-encoding format.
+ Data definition statements within a yang-data extension
+ specify the generic syntax for the specific YANG data
+ template, whose name is the argument of the 'yang-data'
+ extension statement.
+
+ Note that this extension does not define a media type.
+ A specification using this extension MUST specify the
+ message-encoding rules, including the content media type.
+
+ The mandatory 'name' parameter value identifies the YANG
+ data template that is being defined. It contains the
+ template name.
+
+ This extension is ignored unless it appears as a top-level
+ statement. It MUST contain data definition statements
+ that result in exactly one container data node definition.
+ An instance of a YANG data template can thus be translated
+ into an XML instance document, whose top-level element
+ corresponds to the top-level container.
+ The module name and namespace values for the YANG module using
+ the extension statement are assigned to instance document data
+ conforming to the data definition statements within
+ this extension.
+
+ The substatements of this extension MUST follow the
+ 'data-def-stmt' rule in the YANG ABNF.
+
+ The XPath document root is the extension statement itself,
+ such that the child nodes of the document root are
+ represented by the data-def-stmt substatements within
+ this extension. This conceptual document is the context
+ for the following YANG statements:
+
+ - must-stmt
+ - when-stmt
+ - path-stmt
+ - min-elements-stmt
+ - max-elements-stmt
+ - mandatory-stmt
+ - unique-stmt
+ - ordered-by
+ - instance-identifier data type
+
+ The following data-def-stmt substatements are constrained
+ when used within a 'yang-data' extension statement.
+
+ - The list-stmt is not required to have a key-stmt defined.
+ - The if-feature-stmt is ignored if present.
+ - The config-stmt is ignored if present.
+ - The available identity values for any 'identityref'
+ leaf or leaf-list nodes are limited to the module
+ containing this extension statement and the modules
+ imported into that module.
+ ";
+ }
+
+ rc:yang-data yang-errors {
+ uses errors;
+ }
+
+ rc:yang-data yang-api {
+ uses restconf;
+ }
+
+ grouping errors {
+ description
+ "A grouping that contains a YANG container
+ representing the syntax and semantics of a
+ YANG Patch error report within a response message.";
+
+ container errors {
+ description
+ "Represents an error report returned by the server if
+ a request results in an error.";
+
+ list error {
+ description
+ "An entry containing information about one
+ specific error that occurred while processing
+ a RESTCONF request.";
+ reference
+ "RFC 6241, Section 4.3.";
+
+ leaf error-type {
+ type enumeration {
+ enum transport {
+ description
+ "The transport layer.";
+ }
+ enum rpc {
+ description
+ "The rpc or notification layer.";
+ }
+ enum protocol {
+ description
+ "The protocol operation layer.";
+ }
+ enum application {
+ description
+ "The server application layer.";
+ }
+ }
+ mandatory true;
+ description
+ "The protocol layer where the error occurred.";
+ }
+
+ leaf error-tag {
+ type string;
+ mandatory true;
+ description
+ "The enumerated error-tag.";
+ }
+
+ leaf error-app-tag {
+ type string;
+ description
+ "The application-specific error-tag.";
+ }
+
+ leaf error-path {
+ type instance-identifier;
+ description
+ "The YANG instance identifier associated
+ with the error node.";
+ }
+
+ leaf error-message {
+ type string;
+ description
+ "A message describing the error.";
+ }
+
+ anydata error-info {
+ description
+ "This anydata value MUST represent a container with
+ zero or more data nodes representing additional
+ error information.";
+ }
+ }
+ }
+ }
+
+ grouping restconf {
+ description
+ "Conceptual grouping representing the RESTCONF
+ root resource.";
+
+ container restconf {
+ description
+ "Conceptual container representing the RESTCONF
+ root resource.";
+
+ container data {
+ description
+ "Container representing the datastore resource.
+ Represents the conceptual root of all state data
+ and configuration data supported by the server.
+ The child nodes of this container can be any data
+ resources that are defined as top-level data nodes
+ from the YANG modules advertised by the server in
+ the 'ietf-yang-library' module.";
+ }
+
+ container operations {
+ description
+ "Container for all operation resources.
+
+ Each resource is represented as an empty leaf with the
+ name of the RPC operation from the YANG 'rpc' statement.
+
+ For example, the 'system-restart' RPC operation defined
+ in the 'ietf-system' module would be represented as
+ an empty leaf in the 'ietf-system' namespace. This is
+ a conceptual leaf and will not actually be found in
+ the module:
+
+ module ietf-system {
+ leaf system-reset {
+ type empty;
+ }
+ }
+
+ To invoke the 'system-restart' RPC operation:
+
+ POST /restconf/operations/ietf-system:system-restart
+
+ To discover the RPC operations supported by the server:
+
+ GET /restconf/operations
+
+ In XML, the YANG module namespace identifies the module:
+
+
+
+ In JSON, the YANG module name identifies the module:
+
+ { 'ietf-system:system-restart' : [null] }
+ ";
+ }
+ leaf yang-library-version {
+ type string {
+ pattern '\d{4}-\d{2}-\d{2}';
+ }
+ config false;
+ mandatory true;
+ description
+ "Identifies the revision date of the 'ietf-yang-library'
+ module that is implemented by this RESTCONF server.
+ Indicates the year, month, and day in YYYY-MM-DD
+ numeric format.";
+ }
+ }
+ }
+
+}
diff --git a/yangkit-examples/src/main/resources/App6/yangs/ietf-subscribed-notif-receivers@2024-02-01.yang b/yangkit-examples/src/main/resources/App6/yangs/ietf-subscribed-notif-receivers@2024-02-01.yang
new file mode 100644
index 00000000..b3ebb8f9
--- /dev/null
+++ b/yangkit-examples/src/main/resources/App6/yangs/ietf-subscribed-notif-receivers@2024-02-01.yang
@@ -0,0 +1,110 @@
+module ietf-subscribed-notif-receivers {
+ yang-version 1.1;
+ namespace
+ "urn:ietf:params:xml:ns:yang:ietf-subscribed-notif-receivers";
+ prefix "snr";
+
+ import ietf-subscribed-notifications {
+ prefix sn;
+ reference
+ "RFC 8639: Subscription to YANG Notifications";
+ }
+
+ organization
+ "IETF NETCONF Working Group";
+
+ contact
+ "WG Web:
+ WG List:
+
+ Authors: Mahesh Jethanandani (mjethanandani at gmail dot com)
+ Kent Watsen (kent plus ietf at watsen dot net)";
+
+ description
+ "This YANG module is implemented by Publishers implementing
+ the 'ietf-subscribed-notifications' module defined in RFC 8639.
+
+ While this module is defined in RFC XXXX, which primarily
+ defines an HTTPS-based transport for notifications, this module
+ is not HTTP-specific. It is a generic extension that can be
+ used by any 'notif' transport.
+
+ This module defines two 'augment' statements. One statement
+ augments a 'container' statement called 'receiver-instances'
+ into the top-level 'subscriptions' container. The other
+ statement, called 'receiver-instance-ref', augments a 'leaf'
+ statement into each 'receiver' that references one of the
+ afore mentioned receiver instances. This indirection enables
+ multiple configured subscriptions to send notifications to
+ the same receiver instance.
+
+ Copyright (c) 2024 IETF Trust and the persons identified as
+ authors of the code. All rights reserved.
+ Redistribution and use in source and binary forms, with or
+ without modification, is permitted pursuant to, and subject
+ to the license terms contained in, the Revised BSD
+ License set forth in Section 4.c of the IETF Trust's Legal
+ Provisions Relating to IETF Documents
+ (http://trustee.ietf.org/license-info).
+
+ This version of this YANG module is part of RFC XXXX; see
+ the RFC itself for full legal notices.
+
+ The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL
+ NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED',
+ 'MAY', and 'OPTIONAL' in this document are to be interpreted as
+ described in BCP 14 (RFC 2119) (RFC 8174) when, and only when,
+ they appear in all capitals, as shown here.";
+
+ revision "2024-02-01" {
+ description
+ "Initial Version.";
+ reference
+ "RFC XXXX: An HTTPS-based Transport for YANG Notifications.";
+ }
+
+ augment "/sn:subscriptions" {
+ container receiver-instances {
+ description
+ "A container for all instances of receivers.";
+
+ list receiver-instance {
+ key "name";
+
+ leaf name {
+ type string;
+ description
+ "An arbitrary but unique name for this receiver
+ instance.";
+ }
+
+ choice transport-type {
+ mandatory true;
+ description
+ "Choice of different types of transports used to
+ send notifications. The 'case' statements must
+ be augmented in by other modules.";
+ }
+ description
+ "A list of all receiver instances.";
+ }
+ }
+ description
+ "Augment the subscriptions container to define the
+ transport type.";
+ }
+ augment
+ "/sn:subscriptions/sn:subscription/sn:receivers/sn:receiver" {
+ leaf receiver-instance-ref {
+ type leafref {
+ path "/sn:subscriptions/snr:receiver-instances/" +
+ "snr:receiver-instance/snr:name";
+ }
+ description
+ "Reference to a receiver instance.";
+ }
+ description
+ "Augment the subscriptions container to define an optional
+ reference to a receiver instance.";
+ }
+}
diff --git a/yangkit-examples/src/main/resources/App6/yangs/ietf-subscribed-notifications@2019-09-09.yang b/yangkit-examples/src/main/resources/App6/yangs/ietf-subscribed-notifications@2019-09-09.yang
new file mode 100644
index 00000000..e04593c3
--- /dev/null
+++ b/yangkit-examples/src/main/resources/App6/yangs/ietf-subscribed-notifications@2019-09-09.yang
@@ -0,0 +1,1350 @@
+module ietf-subscribed-notifications {
+ yang-version 1.1;
+ namespace "urn:ietf:params:xml:ns:yang:ietf-subscribed-notifications";
+ prefix sn;
+
+ import ietf-inet-types {
+ prefix inet;
+ reference
+ "RFC 6991: Common YANG Data Types";
+ }
+ import ietf-interfaces {
+ prefix if;
+ reference
+ "RFC 8343: A YANG Data Model for Interface Management";
+ }
+ import ietf-netconf-acm {
+ prefix nacm;
+ reference
+ "RFC 8341: Network Configuration Access Control Model";
+ }
+ import ietf-network-instance {
+ prefix ni;
+ reference
+ "RFC 8529: YANG Data Model for Network Instances";
+ }
+ import ietf-restconf {
+ prefix rc;
+ reference
+ "RFC 8040: RESTCONF Protocol";
+ }
+ import ietf-yang-types {
+ prefix yang;
+ reference
+ "RFC 6991: Common YANG Data Types";
+ }
+
+ organization
+ "IETF NETCONF (Network Configuration) Working Group";
+ contact
+ "WG Web:
+ WG List:
+
+ Author: Alexander Clemm
+
+
+ Author: Eric Voit
+
+
+ Author: Alberto Gonzalez Prieto
+
+
+ Author: Einar Nilsen-Nygaard
+
+
+ Author: Ambika Prasad Tripathy
+ ";
+ description
+ "This module defines a YANG data model for subscribing to event
+ records and receiving matching content in notification messages.
+
+ The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL
+ NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED',
+ 'MAY', and 'OPTIONAL' in this document are to be interpreted as
+ described in BCP 14 (RFC 2119) (RFC 8174) when, and only when,
+ they appear in all capitals, as shown here.
+
+ Copyright (c) 2019 IETF Trust and the persons identified as
+ authors of the code. All rights reserved.
+
+ Redistribution and use in source and binary forms, with or
+ without modification, is permitted pursuant to, and subject to
+ the license terms contained in, the Simplified BSD License set
+ forth in Section 4.c of the IETF Trust's Legal Provisions
+ Relating to IETF Documents
+ (https://trustee.ietf.org/license-info).
+
+ This version of this YANG module is part of RFC 8639; see the
+ RFC itself for full legal notices.";
+
+ revision 2019-09-09 {
+ description
+ "Initial version.";
+ reference
+ "RFC 8639: A YANG Data Model for Subscriptions to
+ Event Notifications";
+ }
+
+ /*
+ * FEATURES
+ */
+
+ feature configured {
+ description
+ "This feature indicates that configuration of subscriptions is
+ supported.";
+ }
+
+ feature dscp {
+ description
+ "This feature indicates that a publisher supports the ability
+ to set the Differentiated Services Code Point (DSCP) value in
+ outgoing packets.";
+ }
+
+ feature encode-json {
+ description
+ "This feature indicates that JSON encoding of notification
+ messages is supported.";
+ }
+
+ feature encode-xml {
+ description
+ "This feature indicates that XML encoding of notification
+ messages is supported.";
+ }
+
+ feature interface-designation {
+ description
+ "This feature indicates that a publisher supports sourcing all
+ receiver interactions for a configured subscription from a
+ single designated egress interface.";
+ }
+
+ feature qos {
+ description
+ "This feature indicates that a publisher supports absolute
+ dependencies of one subscription's traffic over another
+ as well as weighted bandwidth sharing between subscriptions.
+ Both of these are Quality of Service (QoS) features that allow
+ differentiated treatment of notification messages between a
+ publisher and a specific receiver.";
+ }
+
+ feature replay {
+ description
+ "This feature indicates that historical event record replay is
+ supported. With replay, it is possible for past event records
+ to be streamed in chronological order.";
+ }
+
+ feature subtree {
+ description
+ "This feature indicates support for YANG subtree filtering.";
+ reference
+ "RFC 6241: Network Configuration Protocol (NETCONF),
+ Section 6";
+ }
+
+ feature supports-vrf {
+ description
+ "This feature indicates that a publisher supports VRF
+ configuration for configured subscriptions. VRF support for
+ dynamic subscriptions does not require this feature.";
+ reference
+ "RFC 8529: YANG Data Model for Network Instances,
+ Section 6";
+ }
+
+ feature xpath {
+ description
+ "This feature indicates support for XPath filtering.";
+ reference
+ "XML Path Language (XPath) Version 1.0
+ (https://www.w3.org/TR/1999/REC-xpath-19991116)";
+ }
+
+ /*
+ * EXTENSIONS
+ */
+
+ extension subscription-state-notification {
+ description
+ "This statement applies only to notifications. It indicates
+ that the notification is a subscription state change
+ notification. Therefore, it does not participate in a regular
+ event stream and does not need to be specifically subscribed
+ to in order to be received. This statement can only occur as
+ a substatement of the YANG 'notification' statement. This
+ statement is not for use outside of this YANG module.";
+ }
+
+ /*
+ * IDENTITIES
+ */
+ /* Identities for RPC and notification errors */
+
+ identity delete-subscription-error {
+ description
+ "Base identity for the problem found while attempting to
+ fulfill either a 'delete-subscription' RPC request or a
+ 'kill-subscription' RPC request.";
+ }
+
+ identity establish-subscription-error {
+ description
+ "Base identity for the problem found while attempting to
+ fulfill an 'establish-subscription' RPC request.";
+ }
+
+ identity modify-subscription-error {
+ description
+ "Base identity for the problem found while attempting to
+ fulfill a 'modify-subscription' RPC request.";
+ }
+
+ identity subscription-suspended-reason {
+ description
+ "Base identity for the problem condition communicated to a
+ receiver as part of a 'subscription-suspended'
+ notification.";
+ }
+
+ identity subscription-terminated-reason {
+ description
+ "Base identity for the problem condition communicated to a
+ receiver as part of a 'subscription-terminated'
+ notification.";
+ }
+
+ identity dscp-unavailable {
+ base establish-subscription-error;
+ if-feature "dscp";
+ description
+ "The publisher is unable to mark notification messages with
+ prioritization information in a way that will be respected
+ during network transit.";
+ }
+
+ identity encoding-unsupported {
+ base establish-subscription-error;
+ description
+ "Unable to encode notification messages in the desired
+ format.";
+ }
+
+ identity filter-unavailable {
+ base subscription-terminated-reason;
+ description
+ "Referenced filter does not exist. This means a receiver is
+ referencing a filter that doesn't exist or to which it
+ does not have access permissions.";
+ }
+
+ identity filter-unsupported {
+ base establish-subscription-error;
+ base modify-subscription-error;
+ description
+ "Cannot parse syntax in the filter. This failure can be from
+ a syntax error or a syntax too complex to be processed by the
+ publisher.";
+ }
+
+ identity insufficient-resources {
+ base establish-subscription-error;
+ base modify-subscription-error;
+ base subscription-suspended-reason;
+ description
+ "The publisher does not have sufficient resources to support
+ the requested subscription. An example might be that
+ allocated CPU is too limited to generate the desired set of
+ notification messages.";
+ }
+
+ identity no-such-subscription {
+ base modify-subscription-error;
+ base delete-subscription-error;
+ base subscription-terminated-reason;
+ description
+ "Referenced subscription doesn't exist. This may be as a
+ result of a nonexistent subscription ID, an ID that belongs to
+ another subscriber, or an ID for a configured subscription.";
+ }
+
+ identity replay-unsupported {
+ base establish-subscription-error;
+ if-feature "replay";
+ description
+ "Replay cannot be performed for this subscription. This means
+ the publisher will not provide the requested historic
+ information from the event stream via replay to this
+ receiver.";
+ }
+
+ identity stream-unavailable {
+ base subscription-terminated-reason;
+ description
+ "Not a subscribable event stream. This means the referenced
+ event stream is not available for subscription by the
+ receiver.";
+ }
+
+ identity suspension-timeout {
+ base subscription-terminated-reason;
+ description
+ "Termination of a previously suspended subscription. The
+ publisher has eliminated the subscription, as it exceeded a
+ time limit for suspension.";
+ }
+
+ identity unsupportable-volume {
+ base subscription-suspended-reason;
+ description
+ "The publisher does not have the network bandwidth needed to
+ get the volume of generated information intended for a
+ receiver.";
+ }
+
+ /* Identities for encodings */
+
+ identity configurable-encoding {
+ description
+ "If a transport identity derives from this identity, it means
+ that it supports configurable encodings. An example of a
+ configurable encoding might be a new identity such as
+ 'encode-cbor'. Such an identity could use
+ 'configurable-encoding' as its base. This would allow a
+ dynamic subscription encoded in JSON (RFC 8259) to request
+ that notification messages be encoded via the Concise Binary
+ Object Representation (CBOR) (RFC 7049). Further details for
+ any specific configurable encoding would be explored in a
+ transport document based on this specification.";
+ reference
+ "RFC 8259: The JavaScript Object Notation (JSON) Data
+ Interchange Format
+ RFC 7049: Concise Binary Object Representation (CBOR)";
+ }
+
+ identity encoding {
+ description
+ "Base identity to represent data encodings.";
+ }
+
+ identity encode-xml {
+ base encoding;
+ if-feature "encode-xml";
+ description
+ "Encode data using XML as described in RFC 7950.";
+ reference
+ "RFC 7950: The YANG 1.1 Data Modeling Language";
+ }
+
+ identity encode-json {
+ base encoding;
+ if-feature "encode-json";
+ description
+ "Encode data using JSON as described in RFC 7951.";
+ reference
+ "RFC 7951: JSON Encoding of Data Modeled with YANG";
+ }
+
+ /* Identities for transports */
+
+ identity transport {
+ description
+ "An identity that represents the underlying mechanism for
+ passing notification messages.";
+ }
+
+ /*
+ * TYPEDEFs
+ */
+
+ typedef encoding {
+ type identityref {
+ base encoding;
+ }
+ description
+ "Specifies a data encoding, e.g., for a data subscription.";
+ }
+
+ typedef stream-filter-ref {
+ type leafref {
+ path "/sn:filters/sn:stream-filter/sn:name";
+ }
+ description
+ "This type is used to reference an event stream filter.";
+ }
+
+ typedef stream-ref {
+ type leafref {
+ path "/sn:streams/sn:stream/sn:name";
+ }
+ description
+ "This type is used to reference a system-provided
+ event stream.";
+ }
+
+ typedef subscription-id {
+ type uint32;
+ description
+ "A type for subscription identifiers.";
+ }
+
+ typedef transport {
+ type identityref {
+ base transport;
+ }
+ description
+ "Specifies the transport used to send notification messages
+ to a receiver.";
+ }
+
+ /*
+ * GROUPINGS
+ */
+
+ grouping stream-filter-elements {
+ description
+ "This grouping defines the base for filters applied to event
+ streams.";
+ choice filter-spec {
+ description
+ "The content filter specification for this request.";
+ anydata stream-subtree-filter {
+ if-feature "subtree";
+ description
+ "Event stream evaluation criteria encoded in the syntax of
+ a subtree filter as defined in RFC 6241, Section 6.
+
+ The subtree filter is applied to the representation of
+ individual, delineated event records as contained in the
+ event stream.
+
+ If the subtree filter returns a non-empty node set, the
+ filter matches the event record, and the event record is
+ included in the notification message sent to the
+ receivers.";
+ reference
+ "RFC 6241: Network Configuration Protocol (NETCONF),
+ Section 6";
+ }
+ leaf stream-xpath-filter {
+ if-feature "xpath";
+ type yang:xpath1.0;
+ description
+ "Event stream evaluation criteria encoded in the syntax of
+ an XPath 1.0 expression.
+
+ The XPath expression is evaluated on the representation of
+ individual, delineated event records as contained in
+ the event stream.
+
+ The result of the XPath expression is converted to a
+ boolean value using the standard XPath 1.0 rules. If the
+ boolean value is 'true', the filter matches the event
+ record, and the event record is included in the
+ notification message sent to the receivers.
+
+ The expression is evaluated in the following XPath
+ context:
+
+ o The set of namespace declarations is the set of
+ prefix and namespace pairs for all YANG modules
+ implemented by the server, where the prefix is the
+ YANG module name and the namespace is as defined by
+ the 'namespace' statement in the YANG module.
+
+ If the leaf is encoded in XML, all namespace
+ declarations in scope on the 'stream-xpath-filter'
+ leaf element are added to the set of namespace
+ declarations. If a prefix found in the XML is
+ already present in the set of namespace
+ declarations, the namespace in the XML is used.
+
+ o The set of variable bindings is empty.
+
+ o The function library is comprised of the core
+ function library and the XPath functions defined in
+ Section 10 in RFC 7950.
+
+ o The context node is the root node.";
+ reference
+ "XML Path Language (XPath) Version 1.0
+ (https://www.w3.org/TR/1999/REC-xpath-19991116)
+ RFC 7950: The YANG 1.1 Data Modeling Language,
+ Section 10";
+ }
+ }
+ }
+
+ grouping update-qos {
+ description
+ "This grouping describes QoS information concerning a
+ subscription. This information is passed to lower layers
+ for transport prioritization and treatment.";
+ leaf dscp {
+ if-feature "dscp";
+ type inet:dscp;
+ default "0";
+ description
+ "The desired network transport priority level. This is the
+ priority set on notification messages encapsulating the
+ results of the subscription. This transport priority is
+ shared for all receivers of a given subscription.";
+ }
+ leaf weighting {
+ if-feature "qos";
+ type uint8 {
+ range "0 .. 255";
+ }
+ description
+ "Relative weighting for a subscription. Larger weights get
+ more resources. Allows an underlying transport layer to
+ perform informed load-balance allocations between various
+ subscriptions.";
+ reference
+ "RFC 7540: Hypertext Transfer Protocol Version 2 (HTTP/2),
+ Section 5.3.2";
+ }
+ leaf dependency {
+ if-feature "qos";
+ type subscription-id;
+ description
+ "Provides the 'subscription-id' of a parent subscription.
+ The parent subscription has absolute precedence should
+ that parent have push updates ready to egress the publisher.
+ In other words, there should be no streaming of objects from
+ the current subscription if the parent has something ready
+ to push.
+
+ If a dependency is asserted via configuration or via an RPC
+ but the referenced 'subscription-id' does not exist, the
+ dependency is silently discarded. If a referenced
+ subscription is deleted, this dependency is removed.";
+ reference
+ "RFC 7540: Hypertext Transfer Protocol Version 2 (HTTP/2),
+ Section 5.3.1";
+ }
+ }
+
+ grouping subscription-policy-modifiable {
+ description
+ "This grouping describes all objects that may be changed
+ in a subscription.";
+ choice target {
+ mandatory true;
+ description
+ "Identifies the source of information against which a
+ subscription is being applied as well as specifics on the
+ subset of information desired from that source.";
+ case stream {
+ choice stream-filter {
+ description
+ "An event stream filter can be applied to a subscription.
+ That filter will either come referenced from a global
+ list or be provided in the subscription itself.";
+ case by-reference {
+ description
+ "Apply a filter that has been configured separately.";
+ leaf stream-filter-name {
+ type stream-filter-ref;
+ mandatory true;
+ description
+ "References an existing event stream filter that is
+ to be applied to an event stream for the
+ subscription.";
+ }
+ }
+ case within-subscription {
+ description
+ "A local definition allows a filter to have the same
+ lifecycle as the subscription.";
+ uses stream-filter-elements;
+ }
+ }
+ }
+ }
+ leaf stop-time {
+ type yang:date-and-time;
+ description
+ "Identifies a time after which notification messages for a
+ subscription should not be sent. If 'stop-time' is not
+ present, the notification messages will continue until the
+ subscription is terminated. If 'replay-start-time' exists,
+ 'stop-time' must be for a subsequent time. If
+ 'replay-start-time' doesn't exist, 'stop-time', when
+ established, must be for a future time.";
+ }
+ }
+
+ grouping subscription-policy-dynamic {
+ description
+ "This grouping describes the only information concerning a
+ subscription that can be passed over the RPCs defined in this
+ data model.";
+ uses subscription-policy-modifiable {
+ augment "target/stream" {
+ description
+ "Adds additional objects that can be modified by an RPC.";
+ leaf stream {
+ type stream-ref {
+ require-instance false;
+ }
+ mandatory true;
+ description
+ "Indicates the event stream to be considered for
+ this subscription.";
+ }
+ leaf replay-start-time {
+ if-feature "replay";
+ type yang:date-and-time;
+ config false;
+ description
+ "Used to trigger the 'replay' feature for a dynamic
+ subscription, where event records that are selected
+ need to be at or after the specified starting time. If
+ 'replay-start-time' is not present, this is not a replay
+ subscription and event record push should start
+ immediately. It is never valid to specify start times
+ that are later than or equal to the current time.";
+ }
+ }
+ }
+ uses update-qos;
+ }
+
+ grouping subscription-policy {
+ description
+ "This grouping describes the full set of policy information
+ concerning both dynamic and configured subscriptions, with the
+ exclusion of both receivers and networking information
+ specific to the publisher, such as what interface should be
+ used to transmit notification messages.";
+ uses subscription-policy-dynamic;
+ leaf transport {
+ if-feature "configured";
+ type transport;
+ description
+ "For a configured subscription, this leaf specifies the
+ transport used to deliver messages destined for all
+ receivers of that subscription.";
+ }
+ leaf encoding {
+ when 'not(../transport) or derived-from(../transport,
+ "sn:configurable-encoding")';
+ type encoding;
+ description
+ "The type of encoding for notification messages. For a
+ dynamic subscription, if not included as part of an
+ 'establish-subscription' RPC, the encoding will be populated
+ with the encoding used by that RPC. For a configured
+ subscription, if not explicitly configured, the encoding
+ will be the default encoding for an underlying transport.";
+ }
+ leaf purpose {
+ if-feature "configured";
+ type string;
+ description
+ "Open text allowing a configuring entity to embed the
+ originator or other specifics of this subscription.";
+ }
+ }
+
+ /*
+ * RPCs
+ */
+
+ rpc establish-subscription {
+ description
+ "This RPC allows a subscriber to create (and possibly
+ negotiate) a subscription on its own behalf. If successful,
+ the subscription remains in effect for the duration of the
+ subscriber's association with the publisher or until the
+ subscription is terminated. If an error occurs or the
+ publisher cannot meet the terms of a subscription, an RPC
+ error is returned, and the subscription is not created.
+ In that case, the RPC reply's 'error-info' MAY include
+ suggested parameter settings that would have a higher
+ likelihood of succeeding in a subsequent
+ 'establish-subscription' request.";
+ input {
+ uses subscription-policy-dynamic;
+ leaf encoding {
+ type encoding;
+ description
+ "The type of encoding for the subscribed data. If not
+ included as part of the RPC, the encoding MUST be set by
+ the publisher to be the encoding used by this RPC.";
+ }
+ }
+ output {
+ leaf id {
+ type subscription-id;
+ mandatory true;
+ description
+ "Identifier used for this subscription.";
+ }
+ leaf replay-start-time-revision {
+ if-feature "replay";
+ type yang:date-and-time;
+ description
+ "If a replay has been requested, this object represents
+ the earliest time covered by the event buffer for the
+ requested event stream. The value of this object is the
+ 'replay-log-aged-time' if it exists. Otherwise, it is
+ the 'replay-log-creation-time'. All buffered event
+ records after this time will be replayed to a receiver.
+ This object will only be sent if the starting time has
+ been revised to be later than the time requested by the
+ subscriber.";
+ }
+ }
+ }
+
+ rc:yang-data establish-subscription-stream-error-info {
+ container establish-subscription-stream-error-info {
+ description
+ "If any 'establish-subscription' RPC parameters are
+ unsupportable against the event stream, a subscription
+ is not created and the RPC error response MUST indicate the
+ reason why the subscription failed to be created. This
+ yang-data MAY be inserted as structured data in a
+ subscription's RPC error response to indicate the reason for
+ the failure. This yang-data MUST be inserted if hints are
+ to be provided back to the subscriber.";
+ leaf reason {
+ type identityref {
+ base establish-subscription-error;
+ }
+ description
+ "Indicates the reason why the subscription has failed to
+ be created to a targeted event stream.";
+ }
+ leaf filter-failure-hint {
+ type string;
+ description
+ "Information describing where and/or why a provided
+ filter was unsupportable for a subscription. The
+ syntax and semantics of this hint are
+ implementation specific.";
+ }
+ }
+ }
+
+ rpc modify-subscription {
+ description
+ "This RPC allows a subscriber to modify a dynamic
+ subscription's parameters. If successful, the changed
+ subscription parameters remain in effect for the duration of
+ the subscription, until the subscription is again modified, or
+ until the subscription is terminated. In the case of an error
+ or an inability to meet the modified parameters, the
+ subscription is not modified and the original subscription
+ parameters remain in effect. In that case, the RPC error MAY
+ include 'error-info' suggested parameter hints that would have
+ a high likelihood of succeeding in a subsequent
+ 'modify-subscription' request. A successful
+ 'modify-subscription' will return a suspended subscription to
+ the 'active' state.";
+ input {
+ leaf id {
+ type subscription-id;
+ mandatory true;
+ description
+ "Identifier to use for this subscription.";
+ }
+ uses subscription-policy-modifiable;
+ }
+ }
+
+ rc:yang-data modify-subscription-stream-error-info {
+ container modify-subscription-stream-error-info {
+ description
+ "This yang-data MAY be provided as part of a subscription's
+ RPC error response when there is a failure of a
+ 'modify-subscription' RPC that has been made against an
+ event stream. This yang-data MUST be used if hints are to
+ be provided back to the subscriber.";
+ leaf reason {
+ type identityref {
+ base modify-subscription-error;
+ }
+ description
+ "Information in a 'modify-subscription' RPC error response
+ that indicates the reason why the subscription to an event
+ stream has failed to be modified.";
+ }
+ leaf filter-failure-hint {
+ type string;
+ description
+ "Information describing where and/or why a provided
+ filter was unsupportable for a subscription. The syntax
+ and semantics of this hint are
+ implementation specific.";
+ }
+ }
+ }
+
+ rpc delete-subscription {
+ description
+ "This RPC allows a subscriber to delete a subscription that
+ was previously created by that same subscriber using the
+ 'establish-subscription' RPC.
+
+ If an error occurs, the server replies with an 'rpc-error'
+ where the 'error-info' field MAY contain a
+ 'delete-subscription-error-info' structure.";
+ input {
+ leaf id {
+ type subscription-id;
+ mandatory true;
+ description
+ "Identifier of the subscription that is to be deleted.
+ Only subscriptions that were created using
+ 'establish-subscription' from the same origin as this RPC
+ can be deleted via this RPC.";
+ }
+ }
+ }
+
+ rpc kill-subscription {
+ nacm:default-deny-all;
+ description
+ "This RPC allows an operator to delete a dynamic subscription
+ without restrictions on the originating subscriber or
+ underlying transport session.
+
+ If an error occurs, the server replies with an 'rpc-error'
+ where the 'error-info' field MAY contain a
+ 'delete-subscription-error-info' structure.";
+ input {
+ leaf id {
+ type subscription-id;
+ mandatory true;
+ description
+ "Identifier of the subscription that is to be deleted.
+ Only subscriptions that were created using
+ 'establish-subscription' can be deleted via this RPC.";
+ }
+ }
+ }
+
+ rc:yang-data delete-subscription-error-info {
+ container delete-subscription-error-info {
+ description
+ "If a 'delete-subscription' RPC or a 'kill-subscription' RPC
+ fails, the subscription is not deleted and the RPC error
+ response MUST indicate the reason for this failure. This
+ yang-data MAY be inserted as structured data in a
+ subscription's RPC error response to indicate the reason
+ for the failure.";
+ leaf reason {
+ type identityref {
+ base delete-subscription-error;
+ }
+ mandatory true;
+ description
+ "Indicates the reason why the subscription has failed to be
+ deleted.";
+ }
+ }
+ }
+
+ /*
+ * NOTIFICATIONS
+ */
+
+ notification replay-completed {
+ sn:subscription-state-notification;
+ if-feature "replay";
+ description
+ "This notification is sent to indicate that all of the replay
+ notifications have been sent.";
+ leaf id {
+ type subscription-id;
+ mandatory true;
+ description
+ "This references the affected subscription.";
+ }
+ }
+
+ notification subscription-completed {
+ sn:subscription-state-notification;
+ if-feature "configured";
+ description
+ "This notification is sent to indicate that a subscription has
+ finished passing event records, as the 'stop-time' has been
+ reached.";
+ leaf id {
+ type subscription-id;
+ mandatory true;
+ description
+ "This references the gracefully completed subscription.";
+ }
+ }
+
+ notification subscription-modified {
+ sn:subscription-state-notification;
+ description
+ "This notification indicates that a subscription has been
+ modified. Notification messages sent from this point on will
+ conform to the modified terms of the subscription. For
+ completeness, this subscription state change notification
+ includes both modified and unmodified aspects of a
+ subscription.";
+ leaf id {
+ type subscription-id;
+ mandatory true;
+ description
+ "This references the affected subscription.";
+ }
+ uses subscription-policy {
+ refine "target/stream/stream-filter/within-subscription" {
+ description
+ "Filter applied to the subscription. If the
+ 'stream-filter-name' is populated, the filter in the
+ subscription came from the 'filters' container.
+ Otherwise, it is populated in-line as part of the
+ subscription.";
+ }
+ }
+ }
+
+ notification subscription-resumed {
+ sn:subscription-state-notification;
+ description
+ "This notification indicates that a subscription that had
+ previously been suspended has resumed. Notifications will
+ once again be sent. In addition, a 'subscription-resumed'
+ indicates that no modification of parameters has occurred
+ since the last time event records have been sent.";
+ leaf id {
+ type subscription-id;
+ mandatory true;
+ description
+ "This references the affected subscription.";
+ }
+ }
+
+ notification subscription-started {
+ sn:subscription-state-notification;
+ if-feature "configured";
+ description
+ "This notification indicates that a subscription has started
+ and notifications will now be sent.";
+ leaf id {
+ type subscription-id;
+ mandatory true;
+ description
+ "This references the affected subscription.";
+ }
+ uses subscription-policy {
+ refine "target/stream/replay-start-time" {
+ description
+ "Indicates the time that a replay is using for the
+ streaming of buffered event records. This will be
+ populated with the most recent of the following:
+ the event time of the previous event record sent to a
+ receiver, the 'replay-log-creation-time', the
+ 'replay-log-aged-time', or the most recent publisher
+ boot time.";
+ }
+ refine "target/stream/stream-filter/within-subscription" {
+ description
+ "Filter applied to the subscription. If the
+ 'stream-filter-name' is populated, the filter in the
+ subscription came from the 'filters' container.
+ Otherwise, it is populated in-line as part of the
+ subscription.";
+ }
+ augment "target/stream" {
+ description
+ "This augmentation adds additional parameters specific to a
+ 'subscription-started' notification.";
+ leaf replay-previous-event-time {
+ when '../replay-start-time';
+ if-feature "replay";
+ type yang:date-and-time;
+ description
+ "If there is at least one event in the replay buffer
+ prior to 'replay-start-time', this gives the time of
+ the event generated immediately prior to the
+ 'replay-start-time'.
+
+ If a receiver previously received event records for
+ this configured subscription, it can compare this time
+ to the last event record previously received. If the
+ two are not the same (perhaps due to a reboot), then a
+ dynamic replay can be initiated to acquire any missing
+ event records.";
+ }
+ }
+ }
+ }
+
+ notification subscription-suspended {
+ sn:subscription-state-notification;
+ description
+ "This notification indicates that a suspension of the
+ subscription by the publisher has occurred. No further
+ notifications will be sent until the subscription resumes.
+ This notification shall only be sent to receivers of a
+ subscription; it does not constitute a general-purpose
+ notification.";
+ leaf id {
+ type subscription-id;
+ mandatory true;
+ description
+ "This references the affected subscription.";
+ }
+ leaf reason {
+ type identityref {
+ base subscription-suspended-reason;
+ }
+ mandatory true;
+ description
+ "Identifies the condition that resulted in the suspension.";
+ }
+ }
+
+ notification subscription-terminated {
+ sn:subscription-state-notification;
+ description
+ "This notification indicates that a subscription has been
+ terminated.";
+ leaf id {
+ type subscription-id;
+ mandatory true;
+ description
+ "This references the affected subscription.";
+ }
+ leaf reason {
+ type identityref {
+ base subscription-terminated-reason;
+ }
+ mandatory true;
+ description
+ "Identifies the condition that resulted in the termination.";
+ }
+ }
+
+ /*
+ * DATA NODES
+ */
+
+ container streams {
+ config false;
+ description
+ "Contains information on the built-in event streams provided by
+ the publisher.";
+ list stream {
+ key "name";
+ description
+ "Identifies the built-in event streams that are supported by
+ the publisher.";
+ leaf name {
+ type string;
+ description
+ "A handle for a system-provided event stream made up of a
+ sequential set of event records, each of which is
+ characterized by its own domain and semantics.";
+ }
+ leaf description {
+ type string;
+ description
+ "A description of the event stream, including such
+ information as the type of event records that are
+ available in this event stream.";
+ }
+ leaf replay-support {
+ if-feature "replay";
+ type empty;
+ description
+ "Indicates that event record replay is available on this
+ event stream.";
+ }
+ leaf replay-log-creation-time {
+ when '../replay-support';
+ if-feature "replay";
+ type yang:date-and-time;
+ mandatory true;
+ description
+ "The timestamp of the creation of the log used to support
+ the replay function on this event stream. This time
+ might be earlier than the earliest available information
+ contained in the log. This object is updated if the log
+ resets for some reason.";
+ }
+ leaf replay-log-aged-time {
+ when '../replay-support';
+ if-feature "replay";
+ type yang:date-and-time;
+ description
+ "The timestamp associated with the last event record that
+ has been aged out of the log. This timestamp identifies
+ how far back in history this replay log extends, if it
+ doesn't extend back to the 'replay-log-creation-time'.
+ This object MUST be present if replay is supported and any
+ event records have been aged out of the log.";
+ }
+ }
+ }
+ container filters {
+ description
+ "Contains a list of configurable filters that can be applied to
+ subscriptions. This facilitates the reuse of complex filters
+ once defined.";
+ list stream-filter {
+ key "name";
+ description
+ "A list of preconfigured filters that can be applied to
+ subscriptions.";
+ leaf name {
+ type string;
+ description
+ "A name to differentiate between filters.";
+ }
+ uses stream-filter-elements;
+ }
+ }
+ container subscriptions {
+ description
+ "Contains the list of currently active subscriptions, i.e.,
+ subscriptions that are currently in effect, used for
+ subscription management and monitoring purposes. This
+ includes subscriptions that have been set up via
+ RPC primitives as well as subscriptions that have been
+ established via configuration.";
+ list subscription {
+ key "id";
+ description
+ "The identity and specific parameters of a subscription.
+ Subscriptions in this list can be created using a control
+ channel or RPC or can be established through configuration.
+
+ If the 'kill-subscription' RPC or configuration operations
+ are used to delete a subscription, a
+ 'subscription-terminated' message is sent to any active or
+ suspended receivers.";
+ leaf id {
+ type subscription-id;
+ description
+ "Identifier of a subscription; unique in a given
+ publisher.";
+ }
+ uses subscription-policy {
+ refine "target/stream/stream" {
+ description
+ "Indicates the event stream to be considered for this
+ subscription. If an event stream has been removed
+ and can no longer be referenced by an active
+ subscription, send a 'subscription-terminated'
+ notification with 'stream-unavailable' as the reason.
+ If a configured subscription refers to a nonexistent
+ event stream, move that subscription to the
+ 'invalid' state.";
+ }
+ refine "transport" {
+ description
+ "For a configured subscription, this leaf specifies the
+ transport used to deliver messages destined for all
+ receivers of that subscription. This object is
+ mandatory for subscriptions in the configuration
+ datastore. This object (1) is not mandatory for dynamic
+ subscriptions in the operational state datastore and
+ (2) should not be present for other types of dynamic
+ subscriptions.";
+ }
+ augment "target/stream" {
+ description
+ "Enables objects to be added to a configured stream
+ subscription.";
+ leaf configured-replay {
+ if-feature "configured";
+ if-feature "replay";
+ type empty;
+ description
+ "The presence of this leaf indicates that replay for
+ the configured subscription should start at the
+ earliest time in the event log or at the publisher
+ boot time, whichever is later.";
+ }
+ }
+ }
+ choice notification-message-origin {
+ if-feature "configured";
+ description
+ "Identifies the egress interface on the publisher
+ from which notification messages are to be sent.";
+ case interface-originated {
+ description
+ "When notification messages are to egress a specific,
+ designated interface on the publisher.";
+ leaf source-interface {
+ if-feature "interface-designation";
+ type if:interface-ref;
+ description
+ "References the interface for notification messages.";
+ }
+ }
+ case address-originated {
+ description
+ "When notification messages are to depart from a
+ publisher using a specific originating address and/or
+ routing context information.";
+ leaf source-vrf {
+ if-feature "supports-vrf";
+ type leafref {
+ path "/ni:network-instances/ni:network-instance/ni:name";
+ }
+ description
+ "VRF from which notification messages should egress a
+ publisher.";
+ }
+ leaf source-address {
+ type inet:ip-address-no-zone;
+ description
+ "The source address for the notification messages.
+ If a source VRF exists but this object doesn't, a
+ publisher's default address for that VRF must
+ be used.";
+ }
+ }
+ }
+ leaf configured-subscription-state {
+ if-feature "configured";
+ type enumeration {
+ enum valid {
+ value 1;
+ description
+ "The subscription is supportable with its current
+ parameters.";
+ }
+ enum invalid {
+ value 2;
+ description
+ "The subscription as a whole is unsupportable with its
+ current parameters.";
+ }
+ enum concluded {
+ value 3;
+ description
+ "A subscription is inactive, as it has hit a
+ stop time. It no longer has receivers in the
+ 'active' or 'suspended' state, but the subscription
+ has not yet been removed from configuration.";
+ }
+ }
+ config false;
+ description
+ "The presence of this leaf indicates that the subscription
+ originated from configuration, not through a control
+ channel or RPC. The value indicates the state of the
+ subscription as established by the publisher.";
+ }
+ container receivers {
+ description
+ "Set of receivers in a subscription.";
+ list receiver {
+ key "name";
+ min-elements 1;
+ description
+ "A host intended as a recipient for the notification
+ messages of a subscription. For configured
+ subscriptions, transport-specific network parameters
+ (or a leafref to those parameters) may be augmented to a
+ specific receiver in this list.";
+ leaf name {
+ type string;
+ description
+ "Identifies a unique receiver for a subscription.";
+ }
+ leaf sent-event-records {
+ type yang:zero-based-counter64;
+ config false;
+ description
+ "The number of event records sent to the receiver. The
+ count is initialized when a dynamic subscription is
+ established or when a configured receiver
+ transitions to the 'valid' state.";
+ }
+ leaf excluded-event-records {
+ type yang:zero-based-counter64;
+ config false;
+ description
+ "The number of event records explicitly removed via
+ either an event stream filter or an access control
+ filter so that they are not passed to a receiver.
+ This count is set to zero each time
+ 'sent-event-records' is initialized.";
+ }
+ leaf state {
+ type enumeration {
+ enum active {
+ value 1;
+ description
+ "The receiver is currently being sent any
+ applicable notification messages for the
+ subscription.";
+ }
+ enum suspended {
+ value 2;
+ description
+ "The receiver state is 'suspended', so the
+ publisher is currently unable to provide
+ notification messages for the subscription.";
+ }
+ enum connecting {
+ value 3;
+ if-feature "configured";
+ description
+ "A subscription has been configured, but a
+ 'subscription-started' subscription state change
+ notification needs to be successfully received
+ before notification messages are sent.
+
+ If the 'reset' action is invoked for a receiver of
+ an active configured subscription, the state
+ must be moved to 'connecting'.";
+ }
+ enum disconnected {
+ value 4;
+ if-feature "configured";
+ description
+ "A subscription has failed to send a
+ 'subscription-started' state change to the
+ receiver. Additional connection attempts are not
+ currently being made.";
+ }
+ }
+ config false;
+ mandatory true;
+ description
+ "Specifies the state of a subscription from the
+ perspective of a particular receiver. With this
+ information, it is possible to determine whether a
+ publisher is currently generating notification
+ messages intended for that receiver.";
+ }
+ action reset {
+ if-feature "configured";
+ description
+ "Allows the reset of this configured subscription's
+ receiver to the 'connecting' state. This enables the
+ connection process to be reinitiated.";
+ output {
+ leaf time {
+ type yang:date-and-time;
+ mandatory true;
+ description
+ "Time at which a publisher returned the receiver to
+ the 'connecting' state.";
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+}
diff --git a/yangkit-examples/src/main/resources/App6/yangs/ietf-system-capabilities@2022-02-17.yang b/yangkit-examples/src/main/resources/App6/yangs/ietf-system-capabilities@2022-02-17.yang
new file mode 100644
index 00000000..55f959d8
--- /dev/null
+++ b/yangkit-examples/src/main/resources/App6/yangs/ietf-system-capabilities@2022-02-17.yang
@@ -0,0 +1,170 @@
+module ietf-system-capabilities {
+ yang-version 1.1;
+ namespace "urn:ietf:params:xml:ns:yang:ietf-system-capabilities";
+ prefix sysc;
+
+ import ietf-netconf-acm {
+ prefix nacm;
+ reference
+ "RFC 8341: Network Configuration Access Control Model";
+ }
+ import ietf-yang-library {
+ prefix yanglib;
+ description
+ "This module requires ietf-yang-library to be implemented.
+ Revision 2019-01-04 or a revision derived from it
+ is REQUIRED.";
+ reference
+ "RFC8525: YANG Library";
+ }
+
+ organization
+ "IETF NETCONF (Network Configuration) Working Group";
+ contact
+ "WG Web:
+ WG List:
+
+ Editor: Balazs Lengyel
+ ";
+ description
+ "This module specifies a structure to specify system
+ capabilities for a server or a publisher. System capabilities
+ may include capabilities of a NETCONF or RESTCONF server or a
+ notification publisher.
+
+ This module does not contain any specific capabilities; it only
+ provides a structure where containers containing the actual
+ capabilities are augmented in.
+
+ Capability values can be specified at the system level, at the
+ datastore level (by selecting all nodes in the datastore), or
+ for specific data nodes of a specific datastore (and their
+ contained subtrees).
+ Capability values specified for a specific datastore or
+ node-set override values specified on the system/publisher
+ level.
+
+ The same grouping MUST be used to define hierarchical
+ capabilities supported both at the system level and at the
+ datastore/data-node level.
+
+ To find a capability value for a specific data node in a
+ specific datastore, the user SHALL:
+
+ 1) search for a datastore-capabilities list entry for
+ the specific datastore. When stating a specific capability, the
+ relative path for any specific capability must be the same
+ under the system-capabilities container and under the
+ per-node-capabilities list.
+
+ 2) If the datastore entry is found within that entry, process
+ all per-node-capabilities entries in the order they appear in
+ the list. The first entry that specifies the specific
+ capability and has a node-selector selecting the specific data
+ node defines the capability value.
+
+ 3) If the capability value is not found above and the specific
+ capability is specified under the system-capabilities container
+ (outside the datastore-capabilities list), this value shall be
+ used.
+
+ 4) If no values are found in the previous steps, the
+ system/publisher is not capable of providing a value. Possible
+ reasons are that it is unknown, the capability is changing for
+ some reason, there is no specified limit, etc. In this case,
+ the system's behavior is unspecified.
+
+ The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL',
+ 'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED',
+ 'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this document
+ are to be interpreted as described in BCP 14 (RFC 2119)
+ (RFC 8174) when, and only when, they appear in all
+ capitals, as shown here.
+
+ Copyright (c) 2022 IETF Trust and the persons identified as
+ authors of the code. All rights reserved.
+
+ Redistribution and use in source and binary forms, with or
+ without modification, is permitted pursuant to, and subject to
+ the license terms contained in, the Revised BSD License set
+ forth in Section 4.c of the IETF Trust's Legal Provisions
+ Relating to IETF Documents
+ (https://trustee.ietf.org/license-info).
+
+ This version of this YANG module is part of RFC 9196
+ (https://www.rfc-editor.org/info/rfc9196); see the RFC itself
+ for full legal notices.";
+
+ revision 2022-02-17 {
+ description
+ "Initial version";
+ reference
+ "RFC 9196: YANG Modules Describing Capabilities for Systems
+ and Datastore Update Notifications";
+ }
+
+ container system-capabilities {
+ config false;
+ description
+ "System capabilities.
+ Capability values specified here at the system level
+ are valid for all datastores and are used when the
+ capability is not specified at the datastore level
+ or for specific data nodes.";
+ /*
+ * "Augmentation point for system-level capabilities."
+ */
+ list datastore-capabilities {
+ key "datastore";
+ description
+ "Capabilities values per datastore.
+
+ For non-NMDA servers/publishers, 'config false' data is
+ considered as if it were part of the running datastore.";
+ leaf datastore {
+ type leafref {
+ path
+ "/yanglib:yang-library/yanglib:datastore/yanglib:name";
+ }
+ description
+ "The datastore for which capabilities are defined.
+ Only one specific datastore can be specified,
+ e.g., ds:conventional must not be used, as it
+ represents a set of configuration datastores.";
+ }
+ list per-node-capabilities {
+ description
+ "Each list entry specifies capabilities for the selected
+ data nodes. The same capabilities apply to the data nodes
+ in the subtree below the selected nodes.
+
+ The system SHALL order the entries according to their
+ precedence. The order of the entries MUST NOT change
+ unless the underlying capabilities also change.
+
+ Note that the longest patch matching can be achieved
+ by ordering more specific matches before less
+ specific ones.";
+ choice node-selection {
+ description
+ "A method to select some or all nodes within a
+ datastore.";
+ leaf node-selector {
+ type nacm:node-instance-identifier;
+ description
+ "Selects the data nodes for which capabilities are
+ specified. The special value '/' denotes all data
+ nodes in the datastore, consistent with the path
+ leaf node on page 41 of [RFC8341].";
+ reference
+ "RFC 8341: Network Configuration Access Control Model";
+ }
+ }
+ /*
+ * "Augmentation point for datastore- or data-node-level
+ * capabilities."
+ */
+ }
+ }
+ }
+}
diff --git a/yangkit-examples/src/main/resources/App6/yangs/ietf-telemetry-message@2025-04-17.yang b/yangkit-examples/src/main/resources/App6/yangs/ietf-telemetry-message@2025-04-17.yang
new file mode 100644
index 00000000..c8cf359c
--- /dev/null
+++ b/yangkit-examples/src/main/resources/App6/yangs/ietf-telemetry-message@2025-04-17.yang
@@ -0,0 +1,218 @@
+module ietf-telemetry-message {
+ yang-version 1.1;
+ namespace "urn:ietf:params:xml:ns:yang:ietf-telemetry-message";
+ prefix tm;
+
+ import ietf-yang-types {
+ prefix yang;
+ reference
+ "RFC 6991: Common YANG Data Types";
+ }
+ import ietf-inet-types {
+ prefix inet;
+ }
+ import ietf-platform-manifest {
+ prefix p-mf;
+ reference
+ "draft-ietf-opsawg-collected-data-manifest: A Data Manifest for
+ Contextualized Telemetry Data";
+ }
+
+ organization
+ "IETF Draft";
+ contact
+ "Author: Ahmed Elhassany
+
+
+ Thomas Graf
+ ";
+ description
+ "This YANG modules defines a model for a telemetry collector to send
+ collected YANG data from the network.
+
+ Copyright (c) 2025 IETF Trust and the persons identified as
+ authors of the code. All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, is permitted pursuant to, and subject to the license
+ terms contained in, the Revised BSD License set forth in Section
+ 4.c of the IETF Trust's Legal Provisions Relating to IETF Documents
+ (https://trustee.ietf.org/license-info).
+
+ This version of this YANG module is part of RFC XXXX; see the RFC
+ itself for full legal notices.";
+
+ revision 2025-04-17 {
+ description
+ "Initial revision.";
+ reference
+ "RFC XXXX";
+ }
+
+ identity session-protocol {
+ description
+ "Base identity to represent session protocols.";
+ }
+
+ identity yp-push {
+ base session-protocol;
+ description
+ "YANG-Push in RFC 8640 or RFC 8641 or RFC 8650.";
+ reference
+ "RFC 8640, RFC 8641, RFC 8650: YANG-Push Events and Notifications for Datastores.";
+ }
+
+ identity netconf {
+ base session-protocol;
+ description
+ "NETCONF RPC as described in RFC 6241.";
+ reference
+ "RFC 6241: NETCONF RPC.";
+ }
+
+ identity restconf {
+ base session-protocol;
+ description
+ "RESTCONF HTTP as described in RFC 8040.";
+ reference
+ "RFC 8040.";
+ }
+
+ typedef telemetry-notification-event-type {
+ type enumeration {
+ enum log {
+ description
+ "Collector is reporting the event as it arrived from the
+ network element.";
+ }
+ enum update {
+ description
+ "
+ Collector has updated an entry inside its local cache.
+ This could be triggered by an event from the network for
+ instance interface operational status changed or an internal
+ event in the collector, such as a timer triggered to referesh
+ old enteries.";
+ }
+ enum delete {
+ description
+ "Collector has deleted an entry from its local cache.";
+ }
+ }
+ description
+ "Type of event reported by the collector.";
+ }
+
+ typedef telemetry-session-protocol-type {
+ type identityref {
+ base session-protocol;
+ }
+ description
+ "Notification protocol used to deliver the notification to the
+ data collection.";
+ }
+
+ container message {
+ config false;
+ description
+ "Telemetry message used in Data Mesh";
+ leaf timestamp {
+ type yang:date-and-time;
+ mandatory true;
+ description
+ "Timestamp when the data collection collected the payload
+ from the network element or an update or delete event is
+ triggered.";
+ }
+ leaf session-protocol {
+ type telemetry-session-protocol-type;
+ mandatory true;
+ description
+ "Session protocol used to collect the payload of this message
+ from the network";
+ }
+ container network-node-manifest {
+ description
+ "Address of network element from which the payload is collected.";
+ uses p-mf:platform-details;
+ }
+ container data-collection-manifest {
+ description
+ "Address of the telemetry data collection.";
+ uses p-mf:platform-details;
+ }
+ container telemetry-message-metadata {
+ description
+ "Extensible message and protocol specific metadata";
+ leaf event-time {
+ type yang:date-and-time;
+ description
+ "NETCONF eventTime. Redefined in here since NETCONF header is
+ XML not YANG.";
+ }
+ }
+ container data-collection-metadata {
+ description
+ "Metadata added by data collection.";
+ leaf remote-address {
+ type inet:host;
+ mandatory true;
+ description
+ "Network node IP address.";
+ }
+ leaf remote-port {
+ type inet:port-number;
+ description
+ "Network node transport port number.";
+ }
+ leaf local-address {
+ type inet:host;
+ description
+ "Data collection IP address.";
+ }
+ leaf local-port {
+ type inet:port-number;
+ description
+ "Data collection transport port number.";
+ }
+ list labels {
+ key "name";
+ description
+ "Arbiterary labels assinged by the data collection.";
+ leaf name {
+ type string {
+ length "1..max";
+ }
+ description
+ "Label name.";
+ }
+ choice value {
+ mandatory true;
+ description
+ "label value";
+ choice string-choice {
+ description
+ "String value";
+ leaf string-value {
+ type string;
+ description
+ "String value";
+ }
+ }
+ choice anydata-choice {
+ description
+ "YANG anydata value";
+ anydata anydata-values {
+ description
+ "anydata yang";
+ }
+ }
+ }
+ }
+ }
+ anydata payload {
+ description
+ "Message or notification received from network element.";
+ }
+ }
+}
diff --git a/yangkit-examples/src/main/resources/App6/yangs/ietf-tls-client@2024-10-10.yang b/yangkit-examples/src/main/resources/App6/yangs/ietf-tls-client@2024-10-10.yang
new file mode 100644
index 00000000..e490640a
--- /dev/null
+++ b/yangkit-examples/src/main/resources/App6/yangs/ietf-tls-client@2024-10-10.yang
@@ -0,0 +1,516 @@
+module ietf-tls-client {
+ yang-version 1.1;
+ namespace "urn:ietf:params:xml:ns:yang:ietf-tls-client";
+ prefix tlsc;
+
+ import ietf-netconf-acm {
+ prefix nacm;
+ reference
+ "RFC 8341: Network Configuration Access Control Model";
+ }
+ import ietf-crypto-types {
+ prefix ct;
+ reference
+ "RFC 9640: YANG Data Types and Groupings for Cryptography";
+ }
+ import ietf-truststore {
+ prefix ts;
+ reference
+ "RFC 9641: A YANG Data Model for a Truststore";
+ }
+ import ietf-keystore {
+ prefix ks;
+ reference
+ "RFC 9642: A YANG Data Model for a Keystore";
+ }
+ import ietf-tls-common {
+ prefix tlscmn;
+ reference
+ "RFC 9645: YANG Groupings for TLS Clients and TLS Servers";
+ }
+
+ organization
+ "IETF NETCONF (Network Configuration) Working Group";
+ contact
+ "WG List: NETCONF WG list
+ WG Web: https://datatracker.ietf.org/wg/netconf
+ Author: Kent Watsen
+ Author: Jeff Hartley ";
+ description
+ "This module defines reusable groupings for TLS clients that
+ can be used as a basis for specific TLS client instances.
+
+ The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL',
+ 'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED',
+ 'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this document
+ are to be interpreted as described in BCP 14 (RFC 2119)
+ (RFC 8174) when, and only when, they appear in all
+ capitals, as shown here.
+
+ Copyright (c) 2024 IETF Trust and the persons identified
+ as authors of the code. All rights reserved.
+
+ Redistribution and use in source and binary forms, with
+ or without modification, is permitted pursuant to, and
+ subject to the license terms contained in, the Revised
+ BSD License set forth in Section 4.c of the IETF Trust's
+ Legal Provisions Relating to IETF Documents
+ (https://trustee.ietf.org/license-info).
+
+ This version of this YANG module is part of RFC 9645
+ (https://www.rfc-editor.org/info/rfc9645); see the RFC
+ itself for full legal notices.";
+
+ revision 2024-10-10 {
+ description
+ "Initial version";
+ reference
+ "RFC 9645: YANG Groupings for TLS Clients and TLS Servers";
+ }
+
+ // Features
+
+ feature tls-client-keepalives {
+ description
+ "Per-socket TLS keepalive parameters are configurable for
+ TLS clients on the server implementing this feature.";
+ }
+
+ feature client-ident-x509-cert {
+ description
+ "Indicates that the client supports identifying itself
+ using X.509 certificates.";
+ reference
+ "RFC 5280:
+ Internet X.509 Public Key Infrastructure Certificate
+ and Certificate Revocation List (CRL) Profile";
+ }
+
+ feature client-ident-raw-public-key {
+ description
+ "Indicates that the client supports identifying itself
+ using raw public keys.";
+ reference
+ "RFC 7250:
+ Using Raw Public Keys in Transport Layer Security (TLS)
+ and Datagram Transport Layer Security (DTLS)";
+ }
+
+ feature client-ident-tls12-psk {
+ if-feature "tlscmn:tls12";
+ description
+ "Indicates that the client supports identifying itself
+ using TLS 1.2 PSKs (pre-shared or pairwise symmetric keys).";
+ reference
+ "RFC 4279:
+ Pre-Shared Key Ciphersuites for Transport Layer Security
+ (TLS)";
+ }
+
+ feature client-ident-tls13-epsk {
+ if-feature "tlscmn:tls13";
+ description
+ "Indicates that the client supports identifying itself
+ using TLS 1.3 External PSKs (pre-shared keys).";
+ reference
+ "RFC 8446:
+ The Transport Layer Security (TLS) Protocol Version 1.3";
+ }
+
+ feature server-auth-x509-cert {
+ description
+ "Indicates that the client supports authenticating servers
+ using X.509 certificates.";
+ reference
+ "RFC 5280:
+ Internet X.509 Public Key Infrastructure Certificate
+ and Certificate Revocation List (CRL) Profile";
+ }
+
+ feature server-auth-raw-public-key {
+ description
+ "Indicates that the client supports authenticating servers
+ using raw public keys.";
+ reference
+ "RFC 7250:
+ Using Raw Public Keys in Transport Layer Security (TLS)
+ and Datagram Transport Layer Security (DTLS)";
+ }
+
+ feature server-auth-tls12-psk {
+ description
+ "Indicates that the client supports authenticating servers
+ using PSKs (pre-shared or pairwise symmetric keys).";
+ reference
+ "RFC 4279:
+ Pre-Shared Key Ciphersuites for Transport Layer Security
+ (TLS)";
+ }
+
+ feature server-auth-tls13-epsk {
+ description
+ "Indicates that the client supports authenticating servers
+ using TLS 1.3 External PSKs (pre-shared keys).";
+ reference
+ "RFC 8446:
+ The Transport Layer Security (TLS) Protocol Version 1.3";
+ }
+
+ // Groupings
+
+ grouping tls-client-grouping {
+ description
+ "A reusable grouping for configuring a TLS client without
+ any consideration for how an underlying TCP session is
+ established.
+
+ Note that this grouping uses fairly typical descendant
+ node names such that a stack of 'uses' statements will
+ have name conflicts. It is intended that the consuming
+ data model will resolve the issue (e.g., by wrapping
+ the 'uses' statement in a container called
+ 'tls-client-parameters'). This model purposely does
+ not do this itself so as to provide maximum flexibility
+ to consuming models.";
+ container client-identity {
+ nacm:default-deny-write;
+ presence "Indicates that a TLS-level client identity has been
+ configured. This statement is present so the
+ mandatory descendant nodes do not imply that this
+ node must be configured.";
+ description
+ "Identity credentials the TLS client MAY present when
+ establishing a connection to a TLS server. If not
+ configured, then client authentication is presumed to
+ occur in a protocol layer above TLS. When configured,
+ and requested by the TLS server when establishing a
+ TLS session, these credentials are passed in the
+ Certificate message defined in Section 7.4.2 of
+ RFC 5246 and Section 4.4.2 of RFC 8446.";
+ reference
+ "RFC 5246: The Transport Layer Security (TLS)
+ Protocol Version 1.2
+ RFC 8446: The Transport Layer Security (TLS)
+ Protocol Version 1.3
+ RFC 9642: A YANG Data Model for a Keystore";
+ choice auth-type {
+ mandatory true;
+ description
+ "A choice amongst authentication types, of which one must
+ be enabled (via its associated 'feature') and selected.";
+ case certificate {
+ if-feature "client-ident-x509-cert";
+ container certificate {
+ description
+ "Specifies the client identity using a certificate.";
+ uses "ks:inline-or-keystore-end-entity-cert-with-key-"
+ + "grouping" {
+ refine "inline-or-keystore/inline/inline-definition" {
+ must 'not(public-key-format) or derived-from-or-self'
+ + '(public-key-format, "ct:subject-public-key-'
+ + 'info-format")';
+ }
+ refine "inline-or-keystore/central-keystore/"
+ + "central-keystore-reference/asymmetric-key" {
+ must 'not(deref(.)/../ks:public-key-format) or '
+ + 'derived-from-or-self(deref(.)/../ks:public-'
+ + 'key-format, "ct:subject-public-key-info-'
+ + 'format")';
+ }
+ }
+ }
+ }
+ case raw-public-key {
+ if-feature "client-ident-raw-public-key";
+ container raw-private-key {
+ description
+ "Specifies the client identity using a raw
+ private key.";
+ uses ks:inline-or-keystore-asymmetric-key-grouping {
+ refine "inline-or-keystore/inline/inline-definition" {
+ must 'not(public-key-format) or derived-from-or-self'
+ + '(public-key-format, "ct:subject-public-key-'
+ + 'info-format")';
+ }
+ refine "inline-or-keystore/central-keystore/"
+ + "central-keystore-reference" {
+ must 'not(deref(.)/../ks:public-key-format) or '
+ + 'derived-from-or-self(deref(.)/../ks:public-'
+ + 'key-format, "ct:subject-public-key-info-'
+ + 'format")';
+ }
+ }
+ }
+ }
+ case tls12-psk {
+ if-feature "client-ident-tls12-psk";
+ container tls12-psk {
+ description
+ "Specifies the client identity using a PSK (pre-shared
+ or pairwise symmetric key).";
+ uses ks:inline-or-keystore-symmetric-key-grouping;
+ leaf id {
+ type string;
+ description
+ "The key 'psk_identity' value used in the TLS
+ 'ClientKeyExchange' message.";
+ reference
+ "RFC 4279: Pre-Shared Key Ciphersuites for
+ Transport Layer Security (TLS)";
+ }
+ }
+ }
+ case tls13-epsk {
+ if-feature "client-ident-tls13-epsk";
+ container tls13-epsk {
+ description
+ "An External Pre-Shared Key (EPSK) is established
+ or provisioned out of band, i.e., not from a TLS
+ connection. An EPSK is a tuple of (Base Key,
+ External Identity, Hash). EPSKs MUST NOT be
+ imported for (D)TLS 1.2 or prior versions. When
+ PSKs are provisioned out of band, the PSK identity
+ and the Key Derivation Function (KDF) hash algorithm
+ to be used with the PSK MUST also be provisioned.
+
+ The structure of this container is designed to satisfy
+ the requirements in Section 4.2.11 of RFC 8446, the
+ recommendations from Section 6 of RFC 9257, and the
+ EPSK input fields detailed in Section 5.1 of RFC 9258.
+ The base-key is based upon
+ 'ks:inline-or-keystore-symmetric-key-grouping' in
+ order to provide users with flexible and secure
+ storage options.";
+ reference
+ "RFC 8446: The Transport Layer Security (TLS)
+ Protocol Version 1.3
+ RFC 9257: Guidance for External Pre-Shared Key
+ (PSK) Usage in TLS
+ RFC 9258: Importing External Pre-Shared Keys
+ (PSKs) for TLS 1.3";
+ uses ks:inline-or-keystore-symmetric-key-grouping;
+ leaf external-identity {
+ type string;
+ mandatory true;
+ description
+ "As per Section 4.2.11 of RFC 8446 and Section 4.1
+ of RFC 9257, a sequence of bytes used to identify
+ an EPSK. A label for a pre-shared key established
+ externally.";
+ reference
+ "RFC 8446: The Transport Layer Security (TLS)
+ Protocol Version 1.3
+ RFC 9257: Guidance for External Pre-Shared Key
+ (PSK) Usage in TLS";
+ }
+ leaf hash {
+ type tlscmn:epsk-supported-hash;
+ default "sha-256";
+ description
+ "As per Section 4.2.11 of RFC 8446, for EPSKs,
+ the hash algorithm MUST be set when the PSK is
+ established; otherwise, default to SHA-256 if
+ no such algorithm is defined. The server MUST
+ ensure that it selects a compatible PSK (if any)
+ and cipher suite. Each PSK MUST only be used
+ with a single hash function.";
+ reference
+ "RFC 8446: The Transport Layer Security (TLS)
+ Protocol Version 1.3";
+ }
+ leaf context {
+ type string;
+ description
+ "As per Section 5.1 of RFC 9258, context MUST
+ include the context used to determine the EPSK,
+ if any exists. For example, context may include
+ information about peer roles or identities
+ to mitigate Selfie-style reflection attacks.
+ Since the EPSK is a key derived from an external
+ protocol or a sequence of protocols, context MUST
+ include a channel binding for the deriving
+ protocols (see RFC 5056). The details of this
+ binding are protocol specific and out of scope
+ for this document.";
+ reference
+ "RFC 9258: Importing External Pre-Shared Keys
+ (PSKs) for TLS 1.3";
+ }
+ leaf target-protocol {
+ type uint16;
+ description
+ "As per Section 3 of RFC 9258, the protocol
+ for which a PSK is imported for use.";
+ reference
+ "RFC 9258: Importing External Pre-Shared Keys
+ (PSKs) for TLS 1.3";
+ }
+ leaf target-kdf {
+ type uint16;
+ description
+ "As per Section 3 of RFC 9258, the Key Derivation
+ Function (KDF) for which a PSK is imported for
+ use.";
+ reference
+ "RFC 9258: Importing External Pre-Shared Keys
+ (PSKs) for TLS 1.3";
+ }
+ }
+ }
+ }
+ } // container client-identity
+ container server-authentication {
+ nacm:default-deny-write;
+ must "ca-certs or ee-certs or raw-public-keys or tls12-psks
+ or tls13-epsks";
+ description
+ "Specifies how the TLS client can authenticate TLS servers.
+ Any combination of credentials is additive and unordered.
+
+ Note that no configuration is required for authentication
+ based on PSK (pre-shared or pairwise symmetric key) as
+ the key is necessarily the same as configured in the
+ '../client-identity' node.";
+ container ca-certs {
+ if-feature "server-auth-x509-cert";
+ presence "Indicates that Certification Authority (CA)
+ certificates have been configured. This
+ statement is present so the mandatory
+ descendant nodes do not imply that this
+ node must be configured.";
+ description
+ "A set of CA certificates used by the TLS client to
+ authenticate TLS server certificates. A server
+ certificate is authenticated if it has a valid chain of
+ trust to a configured CA certificate.";
+ reference
+ "RFC 9641: A YANG Data Model for a Truststore";
+ uses ts:inline-or-truststore-certs-grouping;
+ }
+ container ee-certs {
+ if-feature "server-auth-x509-cert";
+ presence "Indicates that End-Entity (EE) certificates have
+ been configured. This statement is present so
+ the mandatory descendant nodes do not imply
+ that this node must be configured.";
+ description
+ "A set of server certificates (i.e., EE certificates) used
+ by the TLS client to authenticate certificates presented
+ by TLS servers. A server certificate is authenticated if
+ it is an exact match to a configured server certificate.";
+ reference
+ "RFC 9641: A YANG Data Model for a Truststore";
+ uses ts:inline-or-truststore-certs-grouping;
+ }
+ container raw-public-keys {
+ if-feature "server-auth-raw-public-key";
+ presence "Indicates that raw public keys have been
+ configured. This statement is present so
+ the mandatory descendant nodes do not imply
+ that this node must be configured.";
+ description
+ "A set of raw public keys used by the TLS client to
+ authenticate raw public keys presented by the TLS
+ server. A raw public key is authenticated if it
+ is an exact match to a configured raw public key.";
+ reference
+ "RFC 9641: A YANG Data Model for a Truststore";
+ uses ts:inline-or-truststore-public-keys-grouping {
+ refine "inline-or-truststore/inline/inline-definition/"
+ + "public-key" {
+ must 'derived-from-or-self(public-key-format,'
+ + ' "ct:subject-public-key-info-format")';
+ }
+ refine "inline-or-truststore/central-truststore/"
+ + "central-truststore-reference" {
+ must 'not(deref(.)/../ts:public-key/ts:public-key-'
+ + 'format[not(derived-from-or-self(., "ct:subject-'
+ + 'public-key-info-format"))])';
+ }
+ }
+ }
+ leaf tls12-psks {
+ if-feature "server-auth-tls12-psk";
+ type empty;
+ description
+ "Indicates that the TLS client can authenticate TLS servers
+ using configured PSKs (pre-shared or pairwise symmetric
+ keys).
+
+ No configuration is required since the PSK value is the
+ same as the PSK value configured in the 'client-identity'
+ node.";
+ }
+ leaf tls13-epsks {
+ if-feature "server-auth-tls13-epsk";
+ type empty;
+ description
+ "Indicates that the TLS client can authenticate TLS servers
+ using configured External PSKs (pre-shared keys).
+
+ No configuration is required since the PSK value is the
+ same as the PSK value configured in the 'client-identity'
+ node.";
+ }
+ } // container server-authentication
+ container hello-params {
+ nacm:default-deny-write;
+ if-feature "tlscmn:hello-params";
+ uses tlscmn:hello-params-grouping;
+ description
+ "Configurable parameters for the TLS hello message.";
+ } // container hello-params
+ container keepalives {
+ nacm:default-deny-write;
+ if-feature "tls-client-keepalives";
+ description
+ "Configures the keepalive policy for the TLS client.";
+ leaf peer-allowed-to-send {
+ type empty;
+ description
+ "Indicates that the remote TLS server is allowed to send
+ HeartbeatRequest messages, as defined by RFC 6520,
+ to this TLS client.";
+ reference
+ "RFC 6520: Transport Layer Security (TLS) and Datagram
+ Transport Layer Security (DTLS) Heartbeat Extension";
+ }
+ container test-peer-aliveness {
+ presence "Indicates that the TLS client proactively tests the
+ aliveness of the remote TLS server.";
+ description
+ "Configures the keepalive policy to proactively test
+ the aliveness of the TLS server. An unresponsive
+ TLS server is dropped after approximately max-wait
+ * max-attempts seconds. The TLS client MUST send
+ HeartbeatRequest messages, as defined in RFC 6520.";
+ reference
+ "RFC 6520: Transport Layer Security (TLS) and Datagram
+ Transport Layer Security (DTLS) Heartbeat Extension";
+ leaf max-wait {
+ type uint16 {
+ range "1..max";
+ }
+ units "seconds";
+ default "30";
+ description
+ "Sets the amount of time in seconds, after which a
+ TLS-level message will be sent to test the
+ aliveness of the TLS server if no data has been
+ received from the TLS server.";
+ }
+ leaf max-attempts {
+ type uint8;
+ default "3";
+ description
+ "Sets the maximum number of sequential keepalive
+ messages that can fail to obtain a response from
+ the TLS server before assuming the TLS server is
+ no longer alive.";
+ }
+ }
+ }
+ } // grouping tls-client-grouping
+
+}
+
diff --git a/yangkit-examples/src/main/resources/App6/yangs/ietf-tls-common@2024-10-10.yang b/yangkit-examples/src/main/resources/App6/yangs/ietf-tls-common@2024-10-10.yang
new file mode 100644
index 00000000..a4d5ef3d
--- /dev/null
+++ b/yangkit-examples/src/main/resources/App6/yangs/ietf-tls-common@2024-10-10.yang
@@ -0,0 +1,314 @@
+module ietf-tls-common {
+ yang-version 1.1;
+ namespace "urn:ietf:params:xml:ns:yang:ietf-tls-common";
+ prefix tlscmn;
+
+ import iana-tls-cipher-suite-algs {
+ prefix tlscsa;
+ reference
+ "RFC 9645: YANG Groupings for TLS Clients and TLS Servers";
+ }
+
+ import ietf-crypto-types {
+ prefix ct;
+ reference
+ "RFC 9640: YANG Data Types and Groupings for Cryptography";
+ }
+
+ import ietf-keystore {
+ prefix ks;
+ reference
+ "RFC 9642: A YANG Data Model for a Keystore";
+ }
+
+ organization
+ "IETF NETCONF (Network Configuration) Working Group";
+
+ contact
+ "WG List: NETCONF WG list
+ WG Web: https://datatracker.ietf.org/wg/netconf
+ Author: Kent Watsen
+ Author: Jeff Hartley
+ Author: Gary Wu ";
+
+ description
+ "This module defines common features and groupings for
+ Transport Layer Security (TLS).
+
+ The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL',
+ 'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED',
+ 'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this document
+ are to be interpreted as described in BCP 14 (RFC 2119)
+ (RFC 8174) when, and only when, they appear in all
+ capitals, as shown here.
+
+ Copyright (c) 2024 IETF Trust and the persons identified
+ as authors of the code. All rights reserved.
+
+ Redistribution and use in source and binary forms, with
+ or without modification, is permitted pursuant to, and
+ subject to the license terms contained in, the Revised
+ BSD License set forth in Section 4.c of the IETF Trust's
+ Legal Provisions Relating to IETF Documents
+ (https://trustee.ietf.org/license-info).
+
+ This version of this YANG module is part of RFC 9645
+ (https://www.rfc-editor.org/info/rfc9645); see the RFC
+ itself for full legal notices.";
+
+ revision 2024-10-10 {
+ description
+ "Initial version.";
+ reference
+ "RFC 9645: YANG Groupings for TLS Clients and TLS Servers";
+ }
+
+ // Features
+
+ feature tls12 {
+ description
+ "TLS Protocol Version 1.2 is supported. TLS 1.2 is obsolete,
+ and thus it is NOT RECOMMENDED to enable this feature.";
+ reference
+ "RFC 5246: The Transport Layer Security (TLS) Protocol
+ Version 1.2";
+ }
+
+ feature tls13 {
+ description
+ "TLS Protocol Version 1.3 is supported.";
+ reference
+ "RFC 8446: The Transport Layer Security (TLS)
+ Protocol Version 1.3";
+ }
+
+ feature hello-params {
+ description
+ "TLS hello message parameters are configurable.";
+ }
+
+ feature algorithm-discovery {
+ description
+ "Indicates that the server implements the
+ 'supported-algorithms' container.";
+ }
+
+ feature asymmetric-key-pair-generation {
+ description
+ "Indicates that the server implements the
+ 'generate-asymmetric-key-pair' RPC.";
+ }
+
+ // Identities
+
+ identity tls-version-base {
+ description
+ "Base identity used to identify TLS protocol versions.";
+ }
+
+ identity tls12 {
+ if-feature "tls12";
+ base tls-version-base;
+ description
+ "TLS Protocol Version 1.2.";
+ reference
+ "RFC 5246: The Transport Layer Security (TLS) Protocol
+ Version 1.2";
+ }
+
+ identity tls13 {
+ if-feature "tls13";
+ base tls-version-base;
+ description
+ "TLS Protocol Version 1.3.";
+ reference
+ "RFC 8446: The Transport Layer Security (TLS)
+ Protocol Version 1.3";
+ }
+
+ // Typedefs
+
+ typedef epsk-supported-hash {
+ type enumeration {
+ enum sha-256 {
+ description
+ "The SHA-256 hash.";
+ }
+ enum sha-384 {
+ description
+ "The SHA-384 hash.";
+ }
+ }
+ description
+ "As per Section 4.2.11 of RFC 8446, the hash algorithm
+ supported by an instance of an External Pre-Shared
+ Key (EPSK).";
+ reference
+ "RFC 8446: The Transport Layer Security (TLS)
+ Protocol Version 1.3";
+ }
+
+ // Groupings
+
+ grouping hello-params-grouping {
+ description
+ "A reusable grouping for TLS hello message parameters.";
+ reference
+ "RFC 5246: The Transport Layer Security (TLS) Protocol
+ Version 1.2
+ RFC 8446: The Transport Layer Security (TLS) Protocol
+ Version 1.3";
+ container tls-versions {
+ description
+ "Parameters limiting which TLS versions, amongst
+ those enabled by 'features', are presented during
+ the TLS handshake.";
+ leaf min {
+ type identityref {
+ base tls-version-base;
+ }
+ description
+ "If not specified, then there is no configured
+ minimum version.";
+ }
+ leaf max {
+ type identityref {
+ base tls-version-base;
+ }
+ description
+ "If not specified, then there is no configured
+ maximum version.";
+ }
+ }
+ container cipher-suites {
+ description
+ "Parameters regarding cipher suites.";
+ leaf-list cipher-suite {
+ type tlscsa:tls-cipher-suite-algorithm;
+ ordered-by user;
+ description
+ "Acceptable cipher suites in order of descending
+ preference. The configured host key algorithms should
+ be compatible with the algorithm used by the configured
+ private key. Please see Section 5 of RFC 9645 for
+ valid combinations.
+
+ If this leaf-list is not configured (has zero elements),
+ the acceptable cipher suites are implementation-
+ defined.";
+ reference
+ "RFC 9645: YANG Groupings for TLS Clients and TLS Servers";
+ }
+ }
+ } // hello-params-grouping
+
+ // Protocol-accessible Nodes
+
+ container supported-algorithms {
+ if-feature "algorithm-discovery";
+ config false;
+ description
+ "A container for a list of cipher suite algorithms supported
+ by the server.";
+ leaf-list supported-algorithm {
+ type tlscsa:tls-cipher-suite-algorithm;
+ description
+ "A cipher suite algorithm supported by the server.";
+ }
+ }
+
+ rpc generate-asymmetric-key-pair {
+ if-feature "asymmetric-key-pair-generation";
+ description
+ "Requests the device to generate an 'asymmetric-key-pair'
+ key using the specified key algorithm.";
+ input {
+ leaf algorithm {
+ type tlscsa:tls-cipher-suite-algorithm;
+ mandatory true;
+ description
+ "The cipher suite algorithm that the generated key
+ works with. Implementations derive the public key
+ algorithm from the cipher suite algorithm. For
+ example, cipher suite
+ 'tls-rsa-with-aes-256-cbc-sha256' maps to the RSA
+ public key.";
+ }
+ leaf num-bits {
+ type uint16;
+ description
+ "Specifies the number of bits to create in the key.
+ For RSA keys, the minimum size is 1024 bits, and
+ the default is 3072 bits. Generally, 3072 bits is
+ considered sufficient. DSA keys must be exactly
+ 1024 bits as specified by FIPS 186-2. For
+ elliptical keys, the 'num-bits' value determines
+ the key length of the curve (e.g., 256, 384, or 521),
+ where valid values supported by the server are
+ conveyed via an unspecified mechanism. For some
+ public algorithms, the keys have a fixed length, and
+ thus the 'num-bits' value is not specified.";
+ }
+ container private-key-encoding {
+ description
+ "Indicates how the private key is to be encoded.";
+ choice private-key-encoding {
+ mandatory true;
+ description
+ "A choice amongst optional private key handling.";
+ case cleartext {
+ if-feature "ct:cleartext-private-keys";
+ leaf cleartext {
+ type empty;
+ description
+ "Indicates that the private key is to be returned
+ as a cleartext value.";
+ }
+ }
+ case encrypted {
+ if-feature "ct:encrypted-private-keys";
+ container encrypted {
+ description
+ "Indicates that the key is to be encrypted using
+ the specified symmetric or asymmetric key.";
+ uses ks:encrypted-by-grouping;
+ }
+ }
+ case hidden {
+ if-feature "ct:hidden-private-keys";
+ leaf hidden {
+ type empty;
+ description
+ "Indicates that the private key is to be hidden.
+
+ Unlike the 'cleartext' and 'encrypt' options, the
+ key returned is a placeholder for an internally
+ stored key. See Section 3 of RFC 9642 ('Support
+ for Built-In Keys') for information about hidden
+ keys.";
+ }
+ }
+ }
+ }
+ }
+ output {
+ choice key-or-hidden {
+ case key {
+ uses ct:asymmetric-key-pair-grouping;
+ }
+ case hidden {
+ leaf location {
+ type instance-identifier;
+ description
+ "The location to where a hidden key was created.";
+ }
+ }
+ description
+ "The output can be either a key (for cleartext and
+ encrypted keys) or the location to where the key
+ was created (for hidden keys).";
+ }
+ }
+ } // end generate-asymmetric-key-pair
+
+}
diff --git a/yangkit-examples/src/main/resources/App6/yangs/ietf-truststore@2024-10-10.yang b/yangkit-examples/src/main/resources/App6/yangs/ietf-truststore@2024-10-10.yang
new file mode 100644
index 00000000..e4eeed2a
--- /dev/null
+++ b/yangkit-examples/src/main/resources/App6/yangs/ietf-truststore@2024-10-10.yang
@@ -0,0 +1,390 @@
+module ietf-truststore {
+ yang-version 1.1;
+ namespace "urn:ietf:params:xml:ns:yang:ietf-truststore";
+ prefix ts;
+
+ import ietf-netconf-acm {
+ prefix nacm;
+ reference
+ "RFC 8341: Network Configuration Access Control Model";
+ }
+ import ietf-crypto-types {
+ prefix ct;
+ reference
+ "RFC 9640: YANG Data Types and Groupings for Cryptography";
+ }
+
+ organization
+ "IETF NETCONF (Network Configuration) Working Group";
+ contact
+ "WG Web: https://datatracker.ietf.org/wg/netconf
+ WG List: NETCONF WG list
+ Author: Kent Watsen ";
+ description
+ "This module defines a 'truststore' to centralize management
+ of trust anchors, including certificates and public keys.
+
+ The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL',
+ 'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED',
+ 'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this document
+ are to be interpreted as described in BCP 14 (RFC 2119)
+ (RFC 8174) when, and only when, they appear in all
+ capitals, as shown here.
+
+ Copyright (c) 2024 IETF Trust and the persons identified
+ as authors of the code. All rights reserved.
+
+ Redistribution and use in source and binary forms, with
+ or without modification, is permitted pursuant to, and
+ subject to the license terms contained in, the Revised
+ BSD License set forth in Section 4.c of the IETF Trust's
+ Legal Provisions Relating to IETF Documents
+ (https://trustee.ietf.org/license-info).
+
+ This version of this YANG module is part of RFC 9641
+ (https://www.rfc-editor.org/info/rfc9641); see the RFC
+ itself for full legal notices.";
+
+ revision 2024-10-10 {
+ description
+ "Initial version.";
+ reference
+ "RFC 9641: A YANG Data Model for a Truststore";
+ }
+
+ /****************/
+ /* Features */
+ /****************/
+
+ feature central-truststore-supported {
+ description
+ "The 'central-truststore-supported' feature indicates that
+ the server supports the truststore (i.e., implements the
+ 'ietf-truststore' module).";
+ }
+
+ feature inline-definitions-supported {
+ description
+ "The 'inline-definitions-supported' feature indicates that
+ the server supports locally defined trust anchors.";
+ }
+
+ feature certificates {
+ description
+ "The 'certificates' feature indicates that the server
+ implements the /truststore/certificate-bags subtree.";
+ }
+
+ feature public-keys {
+ description
+ "The 'public-keys' feature indicates that the server
+ implements the /truststore/public-key-bags subtree.";
+ }
+
+ /****************/
+ /* Typedefs */
+ /****************/
+
+ typedef central-certificate-bag-ref {
+ type leafref {
+ path "/ts:truststore/ts:certificate-bags/"
+ + "ts:certificate-bag/ts:name";
+ }
+ description
+ "This typedef defines a reference to a certificate bag
+ in the central truststore.";
+ }
+
+ typedef central-certificate-ref {
+ type leafref {
+ path "/ts:truststore/ts:certificate-bags/ts:certificate-bag"
+ + "[ts:name = current()/../certificate-bag]/"
+ + "ts:certificate/ts:name";
+ }
+ description
+ "This typedef defines a reference to a specific certificate
+ in a certificate bag in the central truststore. This typedef
+ requires that there exist a sibling 'leaf' node called
+ 'certificate-bag' that SHOULD have the
+ 'central-certificate-bag-ref' typedef.";
+ }
+
+ typedef central-public-key-bag-ref {
+ type leafref {
+ path "/ts:truststore/ts:public-key-bags/"
+ + "ts:public-key-bag/ts:name";
+ }
+ description
+ "This typedef defines a reference to a public key bag
+ in the central truststore.";
+ }
+
+ typedef central-public-key-ref {
+ type leafref {
+ path "/ts:truststore/ts:public-key-bags/ts:public-key-bag"
+ + "[ts:name = current()/../public-key-bag]/"
+ + "ts:public-key/ts:name";
+ }
+ description
+ "This typedef defines a reference to a specific public key
+ in a public key bag in the truststore. This typedef
+ requires that there exist a sibling 'leaf' node called
+ 'public-key-bag' SHOULD have the
+ 'central-public-key-bag-ref' typedef.";
+ }
+
+ /*****************/
+ /* Groupings */
+ /*****************/
+ // *-ref groupings
+
+ grouping central-certificate-ref-grouping {
+ description
+ "Grouping for the reference to a certificate in a
+ certificate-bag in the central truststore.";
+ leaf certificate-bag {
+ nacm:default-deny-write;
+ if-feature "central-truststore-supported";
+ if-feature "certificates";
+ type ts:central-certificate-bag-ref;
+ must '../certificate';
+ description
+ "Reference to a certificate-bag in the truststore.";
+ }
+ leaf certificate {
+ nacm:default-deny-write;
+ if-feature "central-truststore-supported";
+ if-feature "certificates";
+ type ts:central-certificate-ref;
+ must '../certificate-bag';
+ description
+ "Reference to a specific certificate in the
+ referenced certificate-bag.";
+ }
+ }
+
+ grouping central-public-key-ref-grouping {
+ description
+ "Grouping for the reference to a public key in a
+ public-key-bag in the central truststore.";
+ leaf public-key-bag {
+ nacm:default-deny-write;
+ if-feature "central-truststore-supported";
+ if-feature "public-keys";
+ type ts:central-public-key-bag-ref;
+ description
+ "Reference of a public key bag in the truststore, including
+ the certificate to authenticate the TLS client.";
+ }
+ leaf public-key {
+ nacm:default-deny-write;
+ if-feature "central-truststore-supported";
+ if-feature "public-keys";
+ type ts:central-public-key-ref;
+ description
+ "Reference to a specific public key in the
+ referenced public-key-bag.";
+ }
+ }
+
+ // inline-or-truststore-* groupings
+
+ grouping inline-or-truststore-certs-grouping {
+ description
+ "A grouping for the configuration of a list of certificates.
+ The list of certificates may be defined inline or as a
+ reference to a certificate bag in the central truststore.
+
+ Servers that wish to define alternate truststore locations
+ MUST augment in custom 'case' statements, enabling
+ references to those alternate truststore locations.";
+ choice inline-or-truststore {
+ nacm:default-deny-write;
+ mandatory true;
+ description
+ "A choice between an inlined definition and a definition
+ that exists in the truststore.";
+ case inline {
+ if-feature "inline-definitions-supported";
+ container inline-definition {
+ description
+ "A container for locally configured trust anchor
+ certificates.";
+ list certificate {
+ key "name";
+ min-elements 1;
+ description
+ "A trust anchor certificate or chain of certificates.";
+ leaf name {
+ type string;
+ description
+ "An arbitrary name for this certificate.";
+ }
+ uses ct:trust-anchor-cert-grouping {
+ refine "cert-data" {
+ mandatory true;
+ }
+ }
+ }
+ }
+ }
+ case central-truststore {
+ if-feature "central-truststore-supported";
+ if-feature "certificates";
+ leaf central-truststore-reference {
+ type ts:central-certificate-bag-ref;
+ description
+ "A reference to a certificate bag that exists in the
+ central truststore.";
+ }
+ }
+ }
+ }
+
+ grouping inline-or-truststore-public-keys-grouping {
+ description
+ "A grouping that allows the public keys to either be
+ configured locally, within the data model being used, or be a
+ reference to a public key bag stored in the truststore.
+
+ Servers that wish to define alternate truststore locations
+ SHOULD augment in custom 'case' statement, enabling
+ references to those alternate truststore locations.";
+ choice inline-or-truststore {
+ nacm:default-deny-write;
+ mandatory true;
+ description
+ "A choice between an inlined definition and a definition
+ that exists in the truststore.";
+ case inline {
+ if-feature "inline-definitions-supported";
+ container inline-definition {
+ description
+ "A container to hold local public key definitions.";
+ list public-key {
+ key "name";
+ description
+ "A public key definition.";
+ leaf name {
+ type string;
+ description
+ "An arbitrary name for this public key.";
+ }
+ uses ct:public-key-grouping;
+ }
+ }
+ }
+ case central-truststore {
+ if-feature "central-truststore-supported";
+ if-feature "public-keys";
+ leaf central-truststore-reference {
+ type ts:central-public-key-bag-ref;
+ description
+ "A reference to a bag of public keys that exists
+ in the central truststore.";
+ }
+ }
+ }
+ }
+
+ // the truststore grouping
+
+ grouping truststore-grouping {
+ description
+ "A grouping definition that enables use in other contexts.
+ Where used, implementations MUST augment new 'case'
+ statements into the various inline-or-truststore 'choice'
+ statements to supply leafrefs to the model-specific
+ location(s).";
+ container certificate-bags {
+ nacm:default-deny-write;
+ if-feature "certificates";
+ description
+ "A collection of certificate bags.";
+ list certificate-bag {
+ key "name";
+ description
+ "A bag of certificates. Each bag of certificates should
+ be for a specific purpose. For instance, one bag could
+ be used to authenticate a specific set of servers, while
+ another could be used to authenticate a specific set of
+ clients.";
+ leaf name {
+ type string;
+ description
+ "An arbitrary name for this bag of certificates.";
+ }
+ leaf description {
+ type string;
+ description
+ "A description for this bag of certificates. The
+ intended purpose for the bag SHOULD be described.";
+ }
+ list certificate {
+ key "name";
+ description
+ "A trust anchor certificate or chain of certificates.";
+ leaf name {
+ type string;
+ description
+ "An arbitrary name for this certificate.";
+ }
+ uses ct:trust-anchor-cert-grouping {
+ refine "cert-data" {
+ mandatory true;
+ }
+ }
+ }
+ }
+ }
+ container public-key-bags {
+ nacm:default-deny-write;
+ if-feature "public-keys";
+ description
+ "A collection of public key bags.";
+ list public-key-bag {
+ key "name";
+ description
+ "A bag of public keys. Each bag of keys SHOULD be for
+ a specific purpose. For instance, one bag could be used
+ to authenticate a specific set of servers, while another
+ could be used to authenticate a specific set of clients.";
+ leaf name {
+ type string;
+ description
+ "An arbitrary name for this bag of public keys.";
+ }
+ leaf description {
+ type string;
+ description
+ "A description for this bag of public keys. The
+ intended purpose for the bag MUST be described.";
+ }
+ list public-key {
+ key "name";
+ description
+ "A public key.";
+ leaf name {
+ type string;
+ description
+ "An arbitrary name for this public key.";
+ }
+ uses ct:public-key-grouping;
+ }
+ }
+ }
+ }
+
+ /*********************************/
+ /* Protocol-accessible nodes */
+ /*********************************/
+
+ container truststore {
+ if-feature "central-truststore-supported";
+ nacm:default-deny-write;
+ description
+ "The truststore contains bags of certificates and
+ public keys.";
+ uses truststore-grouping;
+ }
+}
diff --git a/yangkit-examples/src/main/resources/App6/yangs/ietf-udp-client@2025-02-24.yang b/yangkit-examples/src/main/resources/App6/yangs/ietf-udp-client@2025-02-24.yang
new file mode 100644
index 00000000..cb3c09a6
--- /dev/null
+++ b/yangkit-examples/src/main/resources/App6/yangs/ietf-udp-client@2025-02-24.yang
@@ -0,0 +1,105 @@
+module ietf-udp-client {
+ yang-version 1.1;
+ namespace
+ "urn:ietf:params:xml:ns:yang:ietf-udp-client";
+ prefix udpc;
+ import ietf-inet-types {
+ prefix inet;
+ reference
+ "RFC 6991: Common YANG Data Types";
+ }
+
+ organization "IETF NETCONF (Network Configuration) Working Group";
+ contact
+ "WG Web:
+ WG List:
+
+ Authors: Alex Huang Feng
+
+ Pierre Francois
+ ";
+
+ description
+ "Defines a generic grouping for UDP-based client applications.
+
+ Copyright (c) 2025 IETF Trust and the persons identified as
+ authors of the code. All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, is permitted pursuant to, and subject to the license
+ terms contained in, the Revised BSD License set forth in Section
+ 4.c of the IETF Trust's Legal Provisions Relating to IETF Documents
+ (https://trustee.ietf.org/license-info).
+
+ This version of this YANG module is part of RFC-to-be; see the RFC
+ itself for full legal notices.";
+
+ revision 2025-02-24 {
+ description
+ "Initial revision";
+ reference
+ "RFC-to-be: YANG Groupings for UDP Clients and UDP Servers";
+ }
+
+ feature local-binding {
+ description
+ "Indicates that the UDP client supports configuring local
+ bindings (i.e., the local address and local port number) for
+ UDP clients.";
+ }
+
+ grouping udp-client {
+ description
+ "A reusable grouping for UDP clients.
+
+ Note that this grouping uses fairly typical descendant
+ node names such that a stack of 'uses' statements will
+ have name conflicts. It is intended that the consuming
+ data model will resolve the issue (e.g., by wrapping
+ the 'uses' statement in a container called
+ 'udp-client-parameters'). This model purposely does
+ not do this itself so as to provide maximum flexibility
+ to consuming models. An example is shown in section 5
+ of RFC6724.";
+
+ leaf remote-address {
+ type inet:host;
+ mandatory true;
+ description
+ "The IP address or hostname of the remote UDP server.
+ If a domain name is configured, then the name resolution should
+ happen on each connection attempt, unless a previously resolved
+ address is cached and still valid. If the name resolution
+ results in multiple IP addresses, the IP addresses
+ are tried until a connection has been established or
+ until all IP addresses have failed. ";
+ }
+
+ leaf remote-port {
+ type inet:port-number;
+ description
+ "The port number of the remote UDP server.";
+ }
+
+ leaf local-address {
+ if-feature "local-binding";
+ type inet:ip-address;
+ description
+ "The local IP address to bind to when sending UDP
+ messages to the remote server. INADDR_ANY ('0.0.0.0') or
+ INADDR6_ANY ('0:0:0:0:0:0:0:0' a.k.a. '::') may be used
+ so that the server can bind to any IPv4 or IPv6 address.";
+ }
+
+ leaf local-port {
+ if-feature "local-binding";
+ type inet:port-number;
+ default "0";
+ description
+ "The local port number to bind to when sending UDP
+ datagrams to the remote server. The port number '0',
+ which is the default value, indicates that any available
+ local port number may be used.";
+ }
+ }
+}
diff --git a/yangkit-examples/src/main/resources/App6/yangs/ietf-udp-notif-transport@2025-02-14.yang b/yangkit-examples/src/main/resources/App6/yangs/ietf-udp-notif-transport@2025-02-14.yang
new file mode 100644
index 00000000..2761e802
--- /dev/null
+++ b/yangkit-examples/src/main/resources/App6/yangs/ietf-udp-notif-transport@2025-02-14.yang
@@ -0,0 +1,186 @@
+module ietf-udp-notif-transport {
+ yang-version 1.1;
+ namespace
+ "urn:ietf:params:xml:ns:yang:ietf-udp-notif-transport";
+ prefix unt;
+ import ietf-subscribed-notifications {
+ prefix sn;
+ reference
+ "RFC 8639: Subscription to YANG Notifications";
+ }
+ import ietf-subscribed-notif-receivers {
+ prefix snr;
+ reference
+ "RFC YYYY: An HTTPS-based Transport for
+ Configured Subscriptions";
+ }
+ import ietf-udp-client {
+ prefix udpc;
+ reference
+ "RFC ZZZZ: YANG Grouping for UDP Clients and UDP Servers";
+ }
+ import ietf-tls-client {
+ prefix tlsc;
+ reference
+ "RFC 9645: YANG Groupings for TLS Clients and TLS Servers";
+ }
+
+ organization "IETF NETCONF (Network Configuration) Working Group";
+ contact
+ "WG Web:
+ WG List:
+
+ Authors: Guangying Zheng
+
+ Tianran Zhou
+
+ Thomas Graf
+
+ Pierre Francois
+
+ Alex Huang Feng
+
+ Paolo Lucente
+ ";
+
+ description
+ "Defines a model for configuring UDP-Notif as a transport
+ for configured subscriptions [RFC8639].
+
+ Copyright (c) 2025 IETF Trust and the persons identified as
+ authors of the code. All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, is permitted pursuant to, and subject to the license
+ terms contained in, the Revised BSD License set forth in Section
+ 4.c of the IETF Trust's Legal Provisions Relating to IETF Documents
+ (https://trustee.ietf.org/license-info).
+
+ This version of this YANG module is part of RFC XXXX
+ (https://www.rfc-editor.org/info/rfcXXXX); see the RFC itself
+ for full legal notices.
+
+ The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL
+ NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED',
+ 'MAY', and 'OPTIONAL' in this document are to be interpreted as
+ described in BCP 14 (RFC 2119) (RFC 8174) when, and only when,
+ they appear in all capitals, as shown here.";
+
+ revision 2025-02-14 {
+ description
+ "Initial revision";
+ reference
+ "RFC XXXX: UDP-based Transport for Configured Subscriptions";
+ }
+
+ /*
+ * FEATURES
+ */
+ feature encode-cbor {
+ description
+ "Indicates that CBOR encoding of notification
+ messages is supported.";
+ reference
+ "RFC 9254: CBOR Encoding of Data Modeled with YANG";
+ }
+ feature dtls {
+ description
+ "Indicates that DTLS encryption of UDP
+ packets is supported. UDP-Notif mandates that, in
+ unsecured networks, DTLS 1.2 or later MUST be supported,
+ and DTLS 1.3 SHOULD be supported.";
+ reference
+ "RFC6347: Datagram Transport Layer Security Version 1.2,
+ RFC 9147: The Datagram Transport Layer Security (DTLS)
+ Protocol Version 1.3";
+ }
+
+ /*
+ * IDENTITIES
+ */
+ identity udp-notif {
+ base sn:transport;
+ base sn:configurable-encoding;
+ description
+ "UDP-Notif is used as transport for notification messages
+ and state change notifications.";
+ }
+
+ identity encode-cbor {
+ base sn:encoding;
+ description
+ "Encode data using CBOR.";
+ reference
+ "RFC 9254: CBOR Encoding of Data Modeled with YANG";
+ }
+
+ identity unsupported-max-segment-size {
+ base sn:establish-subscription-error;
+ base sn:modify-subscription-error;
+ description
+ "Error triggered when the specified value 'max-segment-size'
+ is not supported by the publisher. An implementation may
+ only support a subset of the uint16.";
+ reference
+ "RFC XXXX: UDP-based Transport for Configured Subscriptions";
+ }
+
+ grouping udp-notif-receiver {
+ description
+ "Provides a reusable identification of a UDP-Notif target
+ receiver.";
+
+ uses udpc:udp-client {
+ refine remote-port {
+ mandatory true;
+ }
+ }
+
+ container dtls {
+ if-feature dtls;
+ presence dtls;
+ uses tlsc:tls-client-grouping {
+ // Remove keep-alives for DTLS
+ refine "keepalives" {
+ if-feature "not tlsc:tls-client-keepalives";
+ }
+ }
+ description
+ "Container for configuring DTLS parameters.";
+ }
+
+ leaf enable-segmentation {
+ type boolean;
+ default true;
+ description
+ "When disabled, the publisher will not segment UDP-Notif
+ messages and large messages may be fragmented at the IP
+ layer.";
+ }
+
+ leaf max-segment-size {
+ type uint16;
+ description
+ "UDP-Notif provides a configurable max-segment-size to
+ control the size of each segment (UDP-Notif header, with
+ options, included).
+ The publisher may trigger an 'unsupported-max-segment-size'
+ error if the publisher does not support the configured
+ value.";
+ }
+ }
+
+ augment "/sn:subscriptions/snr:receiver-instances/" +
+ "snr:receiver-instance/snr:transport-type" {
+ case udp-notif {
+ container udp-notif-receiver {
+ description
+ "The UDP-notif receiver to send notifications to.";
+ uses udp-notif-receiver;
+ }
+ }
+ description
+ "Augments the transport-type choice to include the 'udp-notif'
+ transport.";
+ }
+}
diff --git a/yangkit-examples/src/main/resources/App6/yangs/ietf-yang-library@2019-01-04.yang b/yangkit-examples/src/main/resources/App6/yangs/ietf-yang-library@2019-01-04.yang
new file mode 100644
index 00000000..dac53a1d
--- /dev/null
+++ b/yangkit-examples/src/main/resources/App6/yangs/ietf-yang-library@2019-01-04.yang
@@ -0,0 +1,544 @@
+module ietf-yang-library {
+ yang-version 1.1;
+ namespace "urn:ietf:params:xml:ns:yang:ietf-yang-library";
+ prefix yanglib;
+
+ import ietf-yang-types {
+ prefix yang;
+ reference
+ "RFC 6991: Common YANG Data Types";
+ }
+ import ietf-inet-types {
+ prefix inet;
+ reference
+ "RFC 6991: Common YANG Data Types";
+ }
+ import ietf-datastores {
+ prefix ds;
+ reference
+ "RFC 8342: Network Management Datastore Architecture
+ (NMDA)";
+ }
+
+ organization
+ "IETF NETCONF (Network Configuration) Working Group";
+ contact
+ "WG Web:
+ WG List:
+
+ Author: Andy Bierman
+
+
+ Author: Martin Bjorklund
+
+
+ Author: Juergen Schoenwaelder
+
+
+ Author: Kent Watsen
+
+
+ Author: Robert Wilton
+ ";
+ description
+ "This module provides information about the YANG modules,
+ datastores, and datastore schemas used by a network
+ management server.
+ The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL
+ NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED',
+ 'MAY', and 'OPTIONAL' in this document are to be interpreted as
+ described in BCP 14 (RFC 2119) (RFC 8174) when, and only when,
+ they appear in all capitals, as shown here.
+
+ Copyright (c) 2019 IETF Trust and the persons identified as
+ authors of the code. All rights reserved.
+
+ Redistribution and use in source and binary forms, with or
+ without modification, is permitted pursuant to, and subject
+ to the license terms contained in, the Simplified BSD License
+ set forth in Section 4.c of the IETF Trust's Legal Provisions
+ Relating to IETF Documents
+ (https://trustee.ietf.org/license-info).
+
+ This version of this YANG module is part of RFC 8525; see
+ the RFC itself for full legal notices.";
+
+ revision 2019-01-04 {
+ description
+ "Added support for multiple datastores according to the
+ Network Management Datastore Architecture (NMDA).";
+ reference
+ "RFC 8525: YANG Library";
+ }
+ revision 2016-04-09 {
+ description
+ "Initial revision.";
+ reference
+ "RFC 7895: YANG Module Library";
+ }
+
+ /*
+ * Typedefs
+ */
+
+ typedef revision-identifier {
+ type string {
+ pattern '\d{4}-\d{2}-\d{2}';
+ }
+ description
+ "Represents a specific date in YYYY-MM-DD format.";
+ }
+
+ /*
+ * Groupings
+ */
+ grouping module-identification-leafs {
+ description
+ "Parameters for identifying YANG modules and submodules.";
+ leaf name {
+ type yang:yang-identifier;
+ mandatory true;
+ description
+ "The YANG module or submodule name.";
+ }
+ leaf revision {
+ type revision-identifier;
+ description
+ "The YANG module or submodule revision date. If no revision
+ statement is present in the YANG module or submodule, this
+ leaf is not instantiated.";
+ }
+ }
+
+ grouping location-leaf-list {
+ description
+ "Common leaf-list parameter for the locations of modules and
+ submodules.";
+ leaf-list location {
+ type inet:uri;
+ description
+ "Contains a URL that represents the YANG schema
+ resource for this module or submodule.
+
+ This leaf will only be present if there is a URL
+ available for retrieval of the schema for this entry.";
+ }
+ }
+
+ grouping module-implementation-parameters {
+ description
+ "Parameters for describing the implementation of a module.";
+ leaf-list feature {
+ type yang:yang-identifier;
+ description
+ "List of all YANG feature names from this module that are
+ supported by the server, regardless whether they are defined
+ in the module or any included submodule.";
+ }
+ leaf-list deviation {
+ type leafref {
+ path "../../module/name";
+ }
+
+ description
+ "List of all YANG deviation modules used by this server to
+ modify the conformance of the module associated with this
+ entry. Note that the same module can be used for deviations
+ for multiple modules, so the same entry MAY appear within
+ multiple 'module' entries.
+
+ This reference MUST NOT (directly or indirectly)
+ refer to the module being deviated.
+
+ Robust clients may want to make sure that they handle a
+ situation where a module deviates itself (directly or
+ indirectly) gracefully.";
+ }
+ }
+
+ grouping module-set-parameters {
+ description
+ "A set of parameters that describe a module set.";
+ leaf name {
+ type string;
+ description
+ "An arbitrary name of the module set.";
+ }
+ list module {
+ key "name";
+ description
+ "An entry in this list represents a module implemented by the
+ server, as per Section 5.6.5 of RFC 7950, with a particular
+ set of supported features and deviations.";
+ reference
+ "RFC 7950: The YANG 1.1 Data Modeling Language";
+ uses module-identification-leafs;
+ leaf namespace {
+ type inet:uri;
+ mandatory true;
+ description
+ "The XML namespace identifier for this module.";
+ }
+ uses location-leaf-list;
+ list submodule {
+ key "name";
+ description
+ "Each entry represents one submodule within the
+ parent module.";
+ uses module-identification-leafs;
+ uses location-leaf-list;
+ }
+ uses module-implementation-parameters;
+ }
+ list import-only-module {
+ key "name revision";
+ description
+ "An entry in this list indicates that the server imports
+ reusable definitions from the specified revision of the
+ module but does not implement any protocol-accessible
+ objects from this revision.
+
+ Multiple entries for the same module name MAY exist. This
+ can occur if multiple modules import the same module but
+ specify different revision dates in the import statements.";
+ leaf name {
+ type yang:yang-identifier;
+ description
+ "The YANG module name.";
+ }
+ leaf revision {
+ type union {
+ type revision-identifier;
+ type string {
+ length "0";
+ }
+ }
+ description
+ "The YANG module revision date.
+ A zero-length string is used if no revision statement
+ is present in the YANG module.";
+ }
+ leaf namespace {
+ type inet:uri;
+ mandatory true;
+ description
+ "The XML namespace identifier for this module.";
+ }
+ uses location-leaf-list;
+ list submodule {
+ key "name";
+ description
+ "Each entry represents one submodule within the
+ parent module.";
+ uses module-identification-leafs;
+ uses location-leaf-list;
+ }
+ }
+ }
+
+ grouping yang-library-parameters {
+ description
+ "The YANG library data structure is represented as a grouping
+ so it can be reused in configuration or another monitoring
+ data structure.";
+ list module-set {
+ key "name";
+ description
+ "A set of modules that may be used by one or more schemas.
+
+ A module set does not have to be referentially complete,
+ i.e., it may define modules that contain import statements
+ for other modules not included in the module set.";
+ uses module-set-parameters;
+ }
+ list schema {
+ key "name";
+ description
+ "A datastore schema that may be used by one or more
+ datastores.
+
+ The schema must be valid and referentially complete, i.e.,
+ it must contain modules to satisfy all used import
+ statements for all modules specified in the schema.";
+ leaf name {
+ type string;
+ description
+ "An arbitrary name of the schema.";
+ }
+ leaf-list module-set {
+ type leafref {
+ path "../../module-set/name";
+ }
+ description
+ "A set of module-sets that are included in this schema.
+ If a non-import-only module appears in multiple module
+ sets, then the module revision and the associated features
+ and deviations must be identical.";
+ }
+ }
+ list datastore {
+ key "name";
+ description
+ "A datastore supported by this server.
+
+ Each datastore indicates which schema it supports.
+
+ The server MUST instantiate one entry in this list per
+ specific datastore it supports.
+ Each datastore entry with the same datastore schema SHOULD
+ reference the same schema.";
+ leaf name {
+ type ds:datastore-ref;
+ description
+ "The identity of the datastore.";
+ }
+ leaf schema {
+ type leafref {
+ path "../../schema/name";
+ }
+ mandatory true;
+ description
+ "A reference to the schema supported by this datastore.
+ All non-import-only modules of the schema are implemented
+ with their associated features and deviations.";
+ }
+ }
+ }
+
+ /*
+ * Top-level container
+ */
+
+ container yang-library {
+ config false;
+ description
+ "Container holding the entire YANG library of this server.";
+ uses yang-library-parameters;
+ leaf content-id {
+ type string;
+ mandatory true;
+ description
+ "A server-generated identifier of the contents of the
+ '/yang-library' tree. The server MUST change the value of
+ this leaf if the information represented by the
+ '/yang-library' tree, except '/yang-library/content-id', has
+ changed.";
+ }
+ }
+
+ /*
+ * Notifications
+ */
+
+ notification yang-library-update {
+ description
+ "Generated when any YANG library information on the
+ server has changed.";
+ leaf content-id {
+ type leafref {
+ path "/yanglib:yang-library/yanglib:content-id";
+ }
+ mandatory true;
+ description
+ "Contains the YANG library content identifier for the updated
+ YANG library at the time the notification is generated.";
+ }
+ }
+
+ /*
+ * Legacy groupings
+ */
+
+ grouping module-list {
+ status deprecated;
+ description
+ "The module data structure is represented as a grouping
+ so it can be reused in configuration or another monitoring
+ data structure.";
+
+ grouping common-leafs {
+ status deprecated;
+ description
+ "Common parameters for YANG modules and submodules.";
+ leaf name {
+ type yang:yang-identifier;
+ status deprecated;
+ description
+ "The YANG module or submodule name.";
+ }
+ leaf revision {
+ type union {
+ type revision-identifier;
+ type string {
+ length "0";
+ }
+ }
+ status deprecated;
+ description
+ "The YANG module or submodule revision date.
+ A zero-length string is used if no revision statement
+ is present in the YANG module or submodule.";
+ }
+ }
+
+ grouping schema-leaf {
+ status deprecated;
+ description
+ "Common schema leaf parameter for modules and submodules.";
+ leaf schema {
+ type inet:uri;
+ description
+ "Contains a URL that represents the YANG schema
+ resource for this module or submodule.
+
+ This leaf will only be present if there is a URL
+ available for retrieval of the schema for this entry.";
+ }
+ }
+ list module {
+ key "name revision";
+ status deprecated;
+ description
+ "Each entry represents one revision of one module
+ currently supported by the server.";
+ uses common-leafs {
+ status deprecated;
+ }
+ uses schema-leaf {
+ status deprecated;
+ }
+ leaf namespace {
+ type inet:uri;
+ mandatory true;
+ status deprecated;
+ description
+ "The XML namespace identifier for this module.";
+ }
+ leaf-list feature {
+ type yang:yang-identifier;
+ status deprecated;
+ description
+ "List of YANG feature names from this module that are
+ supported by the server, regardless of whether they are
+ defined in the module or any included submodule.";
+ }
+ list deviation {
+ key "name revision";
+ status deprecated;
+
+ description
+ "List of YANG deviation module names and revisions
+ used by this server to modify the conformance of
+ the module associated with this entry. Note that
+ the same module can be used for deviations for
+ multiple modules, so the same entry MAY appear
+ within multiple 'module' entries.
+
+ The deviation module MUST be present in the 'module'
+ list, with the same name and revision values.
+ The 'conformance-type' value will be 'implement' for
+ the deviation module.";
+ uses common-leafs {
+ status deprecated;
+ }
+ }
+ leaf conformance-type {
+ type enumeration {
+ enum implement {
+ description
+ "Indicates that the server implements one or more
+ protocol-accessible objects defined in the YANG module
+ identified in this entry. This includes deviation
+ statements defined in the module.
+
+ For YANG version 1.1 modules, there is at most one
+ 'module' entry with conformance type 'implement' for a
+ particular module name, since YANG 1.1 requires that
+ at most one revision of a module is implemented.
+
+ For YANG version 1 modules, there SHOULD NOT be more
+ than one 'module' entry for a particular module
+ name.";
+ }
+ enum import {
+ description
+ "Indicates that the server imports reusable definitions
+ from the specified revision of the module but does
+ not implement any protocol-accessible objects from
+ this revision.
+
+ Multiple 'module' entries for the same module name MAY
+ exist. This can occur if multiple modules import the
+ same module but specify different revision dates in
+ the import statements.";
+ }
+ }
+ mandatory true;
+ status deprecated;
+ description
+ "Indicates the type of conformance the server is claiming
+ for the YANG module identified by this entry.";
+ }
+ list submodule {
+ key "name revision";
+ status deprecated;
+ description
+ "Each entry represents one submodule within the
+ parent module.";
+ uses common-leafs {
+ status deprecated;
+ }
+ uses schema-leaf {
+ status deprecated;
+ }
+ }
+ }
+ }
+
+ /*
+ * Legacy operational state data nodes
+ */
+
+ container modules-state {
+ config false;
+ status deprecated;
+ description
+ "Contains YANG module monitoring information.";
+ leaf module-set-id {
+ type string;
+ mandatory true;
+ status deprecated;
+ description
+ "Contains a server-specific identifier representing
+ the current set of modules and submodules. The
+ server MUST change the value of this leaf if the
+ information represented by the 'module' list instances
+ has changed.";
+ }
+ uses module-list {
+ status deprecated;
+ }
+ }
+
+ /*
+ * Legacy notifications
+ */
+
+ notification yang-library-change {
+ status deprecated;
+ description
+ "Generated when the set of modules and submodules supported
+ by the server has changed.";
+ leaf module-set-id {
+ type leafref {
+ path "/yanglib:modules-state/yanglib:module-set-id";
+ }
+ mandatory true;
+ status deprecated;
+ description
+ "Contains the module-set-id value representing the
+ set of modules and submodules supported at the server
+ at the time the notification is generated.";
+ }
+ }
+}
diff --git a/yangkit-examples/src/main/resources/App6/yangs/ietf-yang-patch@2017-02-22.yang b/yangkit-examples/src/main/resources/App6/yangs/ietf-yang-patch@2017-02-22.yang
new file mode 100644
index 00000000..d0029ed2
--- /dev/null
+++ b/yangkit-examples/src/main/resources/App6/yangs/ietf-yang-patch@2017-02-22.yang
@@ -0,0 +1,390 @@
+module ietf-yang-patch {
+ yang-version 1.1;
+ namespace "urn:ietf:params:xml:ns:yang:ietf-yang-patch";
+ prefix "ypatch";
+
+ import ietf-restconf { prefix rc; }
+
+ organization
+ "IETF NETCONF (Network Configuration) Working Group";
+
+ contact
+ "WG Web:
+ WG List:
+
+ Author: Andy Bierman
+
+
+ Author: Martin Bjorklund
+
+
+ Author: Kent Watsen
+ ";
+
+ description
+ "This module contains conceptual YANG specifications
+ for the YANG Patch and YANG Patch Status data structures.
+
+ Note that the YANG definitions within this module do not
+ represent configuration data of any kind.
+ The YANG grouping statements provide a normative syntax
+ for XML and JSON message-encoding purposes.
+
+ Copyright (c) 2017 IETF Trust and the persons identified as
+ authors of the code. All rights reserved.
+
+ Redistribution and use in source and binary forms, with or
+ without modification, is permitted pursuant to, and subject
+ to the license terms contained in, the Simplified BSD License
+ set forth in Section 4.c of the IETF Trust's Legal Provisions
+ Relating to IETF Documents
+ (http://trustee.ietf.org/license-info).
+
+ This version of this YANG module is part of RFC 8072; see
+ the RFC itself for full legal notices.";
+
+ revision 2017-02-22 {
+ description
+ "Initial revision.";
+ reference
+ "RFC 8072: YANG Patch Media Type.";
+ }
+
+ typedef target-resource-offset {
+ type string;
+ description
+ "Contains a data resource identifier string representing
+ a sub-resource within the target resource.
+ The document root for this expression is the
+ target resource that is specified in the
+ protocol operation (e.g., the URI for the PATCH request).
+
+ This string is encoded according to the same rules as those
+ for a data resource identifier in a RESTCONF request URI.";
+ reference
+ "RFC 8040, Section 3.5.3.";
+ }
+
+ rc:yang-data "yang-patch" {
+ uses yang-patch;
+ }
+
+ rc:yang-data "yang-patch-status" {
+ uses yang-patch-status;
+ }
+
+ grouping yang-patch {
+
+ description
+ "A grouping that contains a YANG container representing the
+ syntax and semantics of a YANG Patch edit request message.";
+
+ container yang-patch {
+ description
+ "Represents a conceptual sequence of datastore edits,
+ called a patch. Each patch is given a client-assigned
+ patch identifier. Each edit MUST be applied
+ in ascending order, and all edits MUST be applied.
+ If any errors occur, then the target datastore MUST NOT
+ be changed by the YANG Patch operation.
+
+ It is possible for a datastore constraint violation to occur
+ due to any node in the datastore, including nodes not
+ included in the 'edit' list. Any validation errors MUST
+ be reported in the reply message.";
+
+ reference
+ "RFC 7950, Section 8.3.";
+
+ leaf patch-id {
+ type string;
+ mandatory true;
+ description
+ "An arbitrary string provided by the client to identify
+ the entire patch. Error messages returned by the server
+ that pertain to this patch will be identified by this
+ 'patch-id' value. A client SHOULD attempt to generate
+ unique 'patch-id' values to distinguish between
+ transactions from multiple clients in any audit logs
+ maintained by the server.";
+ }
+
+ leaf comment {
+ type string;
+ description
+ "An arbitrary string provided by the client to describe
+ the entire patch. This value SHOULD be present in any
+ audit logging records generated by the server for the
+ patch.";
+ }
+
+ list edit {
+ key edit-id;
+ ordered-by user;
+
+ description
+ "Represents one edit within the YANG Patch request message.
+ The 'edit' list is applied in the following manner:
+
+ - The first edit is conceptually applied to a copy
+ of the existing target datastore, e.g., the
+ running configuration datastore.
+ - Each ascending edit is conceptually applied to
+ the result of the previous edit(s).
+ - After all edits have been successfully processed,
+ the result is validated according to YANG constraints.
+ - If successful, the server will attempt to apply
+ the result to the target datastore.";
+
+ leaf edit-id {
+ type string;
+ description
+ "Arbitrary string index for the edit.
+ Error messages returned by the server that pertain
+ to a specific edit will be identified by this value.";
+ }
+
+ leaf operation {
+ type enumeration {
+ enum create {
+ description
+ "The target data node is created using the supplied
+ value, only if it does not already exist. The
+ 'target' leaf identifies the data node to be
+ created, not the parent data node.";
+ }
+ enum delete {
+ description
+ "Delete the target node, only if the data resource
+ currently exists; otherwise, return an error.";
+ }
+
+ enum insert {
+ description
+ "Insert the supplied value into a user-ordered
+ list or leaf-list entry. The target node must
+ represent a new data resource. If the 'where'
+ parameter is set to 'before' or 'after', then
+ the 'point' parameter identifies the insertion
+ point for the target node.";
+ }
+ enum merge {
+ description
+ "The supplied value is merged with the target data
+ node.";
+ }
+ enum move {
+ description
+ "Move the target node. Reorder a user-ordered
+ list or leaf-list. The target node must represent
+ an existing data resource. If the 'where' parameter
+ is set to 'before' or 'after', then the 'point'
+ parameter identifies the insertion point to move
+ the target node.";
+ }
+ enum replace {
+ description
+ "The supplied value is used to replace the target
+ data node.";
+ }
+ enum remove {
+ description
+ "Delete the target node if it currently exists.";
+ }
+ }
+ mandatory true;
+ description
+ "The datastore operation requested for the associated
+ 'edit' entry.";
+ }
+
+ leaf target {
+ type target-resource-offset;
+ mandatory true;
+ description
+ "Identifies the target data node for the edit
+ operation. If the target has the value '/', then
+ the target data node is the target resource.
+ The target node MUST identify a data resource,
+ not the datastore resource.";
+ }
+
+ leaf point {
+ when "(../operation = 'insert' or ../operation = 'move')"
+ + "and (../where = 'before' or ../where = 'after')" {
+ description
+ "This leaf only applies for 'insert' or 'move'
+ operations, before or after an existing entry.";
+ }
+ type target-resource-offset;
+ description
+ "The absolute URL path for the data node that is being
+ used as the insertion point or move point for the
+ target of this 'edit' entry.";
+ }
+
+ leaf where {
+ when "../operation = 'insert' or ../operation = 'move'" {
+ description
+ "This leaf only applies for 'insert' or 'move'
+ operations.";
+ }
+ type enumeration {
+ enum before {
+ description
+ "Insert or move a data node before the data resource
+ identified by the 'point' parameter.";
+ }
+ enum after {
+ description
+ "Insert or move a data node after the data resource
+ identified by the 'point' parameter.";
+ }
+
+ enum first {
+ description
+ "Insert or move a data node so it becomes ordered
+ as the first entry.";
+ }
+ enum last {
+ description
+ "Insert or move a data node so it becomes ordered
+ as the last entry.";
+ }
+ }
+ default last;
+ description
+ "Identifies where a data resource will be inserted
+ or moved. YANG only allows these operations for
+ list and leaf-list data nodes that are
+ 'ordered-by user'.";
+ }
+
+ anydata value {
+ when "../operation = 'create' "
+ + "or ../operation = 'merge' "
+ + "or ../operation = 'replace' "
+ + "or ../operation = 'insert'" {
+ description
+ "The anydata 'value' is only used for 'create',
+ 'merge', 'replace', and 'insert' operations.";
+ }
+ description
+ "Value used for this edit operation. The anydata 'value'
+ contains the target resource associated with the
+ 'target' leaf.
+
+ For example, suppose the target node is a YANG container
+ named foo:
+
+ container foo {
+ leaf a { type string; }
+ leaf b { type int32; }
+ }
+
+ The 'value' node contains one instance of foo:
+
+
+
+ some value
+ 42
+
+
+ ";
+ }
+ }
+ }
+
+ } // grouping yang-patch
+
+ grouping yang-patch-status {
+
+ description
+ "A grouping that contains a YANG container representing the
+ syntax and semantics of a YANG Patch Status response
+ message.";
+
+ container yang-patch-status {
+ description
+ "A container representing the response message sent by the
+ server after a YANG Patch edit request message has been
+ processed.";
+
+ leaf patch-id {
+ type string;
+ mandatory true;
+ description
+ "The 'patch-id' value used in the request.";
+ }
+
+ choice global-status {
+ description
+ "Report global errors or complete success.
+ If there is no case selected, then errors
+ are reported in the 'edit-status' container.";
+
+ case global-errors {
+ uses rc:errors;
+ description
+ "This container will be present if global errors that
+ are unrelated to a specific edit occurred.";
+ }
+ leaf ok {
+ type empty;
+ description
+ "This leaf will be present if the request succeeded
+ and there are no errors reported in the 'edit-status'
+ container.";
+ }
+ }
+
+ container edit-status {
+ description
+ "This container will be present if there are
+ edit-specific status responses to report.
+ If all edits succeeded and the 'global-status'
+ returned is 'ok', then a server MAY omit this
+ container.";
+
+ list edit {
+ key edit-id;
+
+ description
+ "Represents a list of status responses,
+ corresponding to edits in the YANG Patch
+ request message. If an 'edit' entry was
+ skipped or not reached by the server,
+ then this list will not contain a corresponding
+ entry for that edit.";
+
+ leaf edit-id {
+ type string;
+ description
+ "Response status is for the 'edit' list entry
+ with this 'edit-id' value.";
+ }
+
+ choice edit-status-choice {
+ description
+ "A choice between different types of status
+ responses for each 'edit' entry.";
+ leaf ok {
+ type empty;
+ description
+ "This 'edit' entry was invoked without any
+ errors detected by the server associated
+ with this edit.";
+ }
+ case errors {
+ uses rc:errors;
+ description
+ "The server detected errors associated with the
+ edit identified by the same 'edit-id' value.";
+ }
+ }
+ }
+ }
+ }
+ } // grouping yang-patch-status
+
+}
diff --git a/yangkit-examples/src/main/resources/App6/yangs/ietf-yang-push-revision@2025-04-05.yang b/yangkit-examples/src/main/resources/App6/yangs/ietf-yang-push-revision@2025-04-05.yang
new file mode 100644
index 00000000..e5cc7784
--- /dev/null
+++ b/yangkit-examples/src/main/resources/App6/yangs/ietf-yang-push-revision@2025-04-05.yang
@@ -0,0 +1,274 @@
+module ietf-yang-push-revision {
+ yang-version 1.1;
+ namespace
+ "urn:ietf:params:xml:ns:yang:ietf-yang-push-revision";
+ prefix ypr;
+ import ietf-subscribed-notifications {
+ prefix sn;
+ reference
+ "RFC 8639: Subscription to YANG Notifications";
+ }
+ import ietf-yang-revisions {
+ prefix rev;
+ reference
+ "RFC YYYY: draft-ietf-netmod-yang-module-versioning-11,
+ Updated YANG Module Revision Handling";
+ }
+ import ietf-yang-types {
+ prefix yang;
+ rev:recommended-min-date "2013-07-15";
+ reference
+ "RFC 6991: Common YANG Data Types.";
+ }
+ import ietf-yang-semver {
+ prefix ysver;
+ reference
+ "RFC ZZZZ: draft-ietf-netmod-yang-semver-15, YANG Semantic
+ Versioning";
+ }
+ import ietf-yang-library {
+ prefix yanglib;
+ reference
+ "RFC 8525: YANG Library";
+ }
+ import ietf-system-capabilities {
+ prefix sysc;
+ reference
+ "RFC 9196: YANG Modules Describing Capabilities for
+ Systems and Datastore Update Notifications";
+ }
+ import ietf-notification-capabilities {
+ prefix notc;
+ reference
+ "RFC 9196: YANG Modules Describing Capabilities for
+ Systems and Datastore Update Notifications";
+ }
+
+ organization "IETF NETCONF (Network Configuration) Working Group";
+ contact
+ "WG Web:
+ WG List:
+
+ Authors: Thomas Graf
+
+ Benoit Claise
+
+ Alex Huang Feng
+ ";
+
+ description
+ "Defines YANG-Push event notification header with the revision and
+ the revision-label. Adds the support of the revision and
+ revision-label selection in the YANG-Push subscription RPCs.
+
+ Copyright (c) 2025 IETF Trust and the persons
+ identified as authors of the code. All rights reserved.
+
+ Redistribution and use in source and binary forms, with or
+ without modification, is permitted pursuant to, and subject
+ to the license terms contained in, the Revised BSD License
+ set forth in Section 4.c of the IETF Trust's Legal Provisions
+ Relating to IETF Documents
+ (https://trustee.ietf.org/license-info).
+
+ All revisions of IETF and IANA published modules can be found
+ at the YANG Parameters registry
+ (https://www.iana.org/assignments/yang-parameters).
+
+ This version of this YANG module is part of RFC XXXX; see the RFC
+ itself for full legal notices.";
+
+ revision 2025-04-05 {
+ description
+ "First revision";
+ reference
+ "RFC XXXX: Support of Versioning in YANG Notifications
+ Subscription";
+ }
+
+ feature yang-push-revision-supported {
+ description
+ "This feature indicates the YANG Subscription Notifications
+ supports specifying the list of modules, revisions and
+ revision-label in the YANG subscription.";
+ }
+
+ // Identities
+ identity revision-unsupported {
+ base sn:establish-subscription-error;
+ base sn:modify-subscription-error;
+ description
+ "Revision not supported. This failure can be due to subscribing
+ to a specific revision not supported by the publisher.";
+ }
+
+ identity revision-label-unsupported {
+ base sn:establish-subscription-error;
+ base sn:modify-subscription-error;
+ description
+ "Revision-label not supported. This failure can be due to
+ subscribing to a specific revision-label not supported by the publisher.";
+ }
+
+ identity incompatible-revision-and-revision-label {
+ base sn:establish-subscription-error;
+ base sn:modify-subscription-error;
+ description
+ "The combination of revision and the revision-label are
+ incompatible. This failure happens when the revision and the
+ revision-label are both specified in the RPC and the YANG
+ module supported by the publisher does not support one of the
+ revision or the revision-label.";
+ }
+
+ grouping yang-push-module-version-config {
+ description
+ "This grouping combines the module name, the revision and
+ revision-label leaves. This grouping is to be used for
+ configuration and the leaves are not mandatory.";
+ leaf module-name {
+ type yang:yang-identifier;
+ description
+ "This references the YANG module name.";
+ }
+ leaf revision {
+ type rev:revision-date;
+ description
+ "This references the YANG module revision to be sent in the
+ subscription.";
+ }
+ leaf revision-label {
+ type ysver:version;
+ description
+ "This references the YANG module semantic version to be sent in the
+ subscription.";
+ }
+ }
+
+ grouping yang-push-module-version {
+ description
+ "This grouping combines the module name, the revision and
+ revision-label leaves. This grouping is to be used for
+ read-only cases such as the content of YANG-Push Notifications.
+ The module-name and revision are mandatory and MUST be present
+ in the data.";
+ leaf module-name {
+ type yang:yang-identifier;
+ config false;
+ mandatory true;
+ description
+ "This references the YANG module name.";
+ }
+ leaf revision {
+ type rev:revision-date;
+ config false;
+ mandatory true;
+ description
+ "This references the YANG module revision of the sent
+ notification message.";
+ }
+ leaf revision-label {
+ type ysver:version;
+ description
+ "This references the YANG module semantic version of the sent
+ notification message.";
+ }
+ }
+
+ grouping yang-push-module-version-list {
+ description
+ "This grouping defines a list of yang-push-module-version
+ grouping.";
+ list module-version {
+ key "module-name";
+ config false;
+ description
+ "List of yang-push-module-version grouping. The revision is
+ not configurable.";
+ uses ypr:yang-push-module-version;
+ }
+ leaf yang-library-content-id {
+ config false;
+ type leafref {
+ path "/yanglib:yang-library/yanglib:content-id";
+ }
+ description
+ "Contains the YANG library content identifier RFC 8525
+ information.";
+ }
+ }
+
+ grouping yang-push-module-version-config-list {
+ description
+ "This grouping defines a list of yang-push-module-version-config
+ grouping.";
+ list module-version-config {
+ key "module-name";
+ description
+ "List of yang-push-module-version-config grouping. The revision
+ is configurable.";
+ uses ypr:yang-push-module-version-config;
+ }
+ }
+
+ // Subscription parameters
+ augment "/sn:establish-subscription/sn:input" {
+ if-feature "yang-push-revision-supported";
+ description
+ "Augment the establish-subscription RPC from the
+ ietf-subscribed-notifications YANG module with the
+ yang-push-module-version-config-list grouping.";
+ uses ypr:yang-push-module-version-config-list;
+ }
+ augment "/sn:modify-subscription/sn:input" {
+ if-feature "yang-push-revision-supported";
+ description
+ "Augment the modify-subscription RPC from the
+ ietf-subscribed-notifications YANG module with the
+ yang-push-module-version-config-list grouping.";
+ uses ypr:yang-push-module-version-config-list;
+ }
+
+ // Subscription notifications
+ augment "/sn:subscription-started" {
+ if-feature "yang-push-revision-supported";
+ description
+ "Augment the subscription-started notification from the
+ ietf-subscribed-notifications YANG module with the
+ yang-push-module-version-list grouping.";
+ uses ypr:yang-push-module-version-list;
+ }
+ augment "/sn:subscription-modified" {
+ if-feature "yang-push-revision-supported";
+ description
+ "Augment the subscription-modified notification from the
+ ietf-subscribed-notifications YANG module with the
+ yang-push-module-version-list grouping.";
+ uses ypr:yang-push-module-version-list;
+ }
+
+ // Subscription container
+ augment "/sn:subscriptions/sn:subscription" {
+ if-feature "yang-push-revision-supported";
+ description
+ "Augment the subscriptions RPC container from the
+ ietf-subscribed-notifications YANG module with the
+ yang-push-module-version-config-list grouping.";
+ uses ypr:yang-push-module-version-config-list;
+ }
+
+ // Event capabilities
+ augment "/sysc:system-capabilities/notc:subscription-capabilities" {
+ description
+ "Add system level capabilities";
+ leaf yang-push-module-revision-supported {
+ type boolean;
+ description
+ "Specifies whether the publisher supports exporting
+ revision and revision-label in YANG-Push subscription state change
+ notifications.";
+ reference
+ "RFC XXXX: Support of Versioning in YANG Notifications Subscription";
+ }
+ }
+}
diff --git a/yangkit-examples/src/main/resources/App6/yangs/ietf-yang-push-telemetry-message@2025-04-17.yang b/yangkit-examples/src/main/resources/App6/yangs/ietf-yang-push-telemetry-message@2025-04-17.yang
new file mode 100644
index 00000000..464a647f
--- /dev/null
+++ b/yangkit-examples/src/main/resources/App6/yangs/ietf-yang-push-telemetry-message@2025-04-17.yang
@@ -0,0 +1,265 @@
+module ietf-yang-push-telemetry-message {
+ yang-version 1.1;
+ namespace "urn:ietf:params:xml:ns:yang:ietf-yang-push-telemetry-message";
+ prefix yptm;
+
+ import ietf-subscribed-notifications {
+ prefix sn;
+ reference
+ "RFC 8639: Subscription to YANG Notifications";
+ }
+ import ietf-telemetry-message {
+ prefix tm;
+ reference
+ "XXX";
+ }
+ import ietf-yang-push {
+ prefix yp;
+ reference
+ "RFC 8641: Subscription to YANG Notifications for Datastore Updates";
+ }
+ import ietf-yang-types {
+ prefix yang;
+ reference
+ "RFC 6991: Common YANG Data Types";
+ }
+ import ietf-datastores {
+ prefix ds;
+ reference
+ "RFC 8342: Network Management Datastore Architecture (NMDA)";
+ }
+ import ietf-yang-revisions {
+ prefix rev;
+ reference
+ "RFC YYYY: draft-ietf-netmod-yang-module-versioning-11,
+ Updated YANG Module Revision Handling";
+ }
+ import ietf-yang-semver {
+ prefix ysver;
+ reference
+ "RFC ZZZZ: draft-ietf-netmod-yang-semver-15, YANG Semantic
+ Versioning";
+ }
+
+ organization
+ "IETF Draft";
+ contact
+ "Author: Ahmed Elhassany
+
+
+ Thomas Graf
+ ";
+ description
+ "Augments the ietf-telemetry-message with YANG Push specific
+ fields.
+
+ The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL',
+ 'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED',
+ 'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this document
+ are to be interpreted as described in BCP 14 (RFC 2119)
+ (RFC 8174) when, and only when, they appear in all
+ capitals, as shown here.
+
+ Copyright (c) 2025 IETF Trust and the persons identified as
+ authors of the code. All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, is permitted pursuant to, and subject to the license
+ terms contained in, the Revised BSD License set forth in Section
+ 4.c of the IETF Trust's Legal Provisions Relating to IETF Documents
+ (https://trustee.ietf.org/license-info).
+
+ This version of this YANG module is part of RFC XXXX; see the RFC
+ itself for full legal notices.";
+
+ revision 2025-04-17 {
+ description
+ "Initial revision.";
+ reference
+ "RFC XXXX";
+ }
+
+ augment "/tm:message/tm:telemetry-message-metadata" {
+ description
+ "Augments telemetry-message-metadata with YANG-Push specific metadata";
+ container yang-push-subscription {
+ config false;
+ description
+ "YANG-Push specific metadata";
+ leaf id {
+ type sn:subscription-id;
+ description
+ "This references the affected subscription.";
+ }
+ choice filter-spec {
+ description
+ "The content filter specification for this request.";
+ anydata subtree-filter {
+ description
+ "Event stream evaluation criteria or the parameter identifies the port of the target datastore encoded in the syntax of a subtree filter as defined in RFC 6241, Section 6.";
+ reference
+ "RFC 6241: Network Configuration Protocol (NETCONF), Section 6.";
+ }
+ leaf xpath-filter {
+ type yang:xpath1.0;
+ description
+ "Event stream evaluation criteria or porting of the target datastore encoded in the syntax of an XPath 1.0 expression";
+ reference
+ "XML Path Language (XPath) Version 1.0
+ (https://www.w3.org/TR/1999/REC-xpath-19991116)
+ RFC 7950: The YANG 1.1 Data Modeling Language,
+ Section 10";
+ }
+ }
+ choice target {
+ description
+ "Identifies the source of information against which a
+ subscription is being applied as well as specifics on the
+ subset of information desired from that source.";
+ case stream {
+ leaf stream {
+ type string;
+ description
+ "Indicates the event stream to be considered for this subscription.";
+ }
+ }
+ case datastore {
+ leaf datastore {
+ type identityref {
+ base ds:datastore;
+ }
+ description
+ "Datastore from which to retrieve data.";
+ }
+ }
+ }
+ leaf transport {
+ type sn:transport;
+ description
+ "For a configured subscription, this leaf specifies the
+ transport used to deliver messages destined for all
+ receivers of that subscription.";
+ }
+ leaf encoding {
+ type sn:encoding;
+ description
+ "The type of encoding for notification messages. For a
+ dynamic subscription, if not included as part of an
+ 'establish-subscription' RPC, the encoding will be populated
+ with the encoding used by that RPC. For a configured
+ subscription, if not explicitly configured, the encoding
+ will be the default encoding for an underlying transport.";
+ }
+ leaf purpose {
+ type string;
+ description
+ "Open text allowing a configuring entity to embed the
+ originator or other specifics of this subscription.";
+ }
+ choice update-trigger {
+ description
+ "Defines necessary conditions for sending an event record to
+ the subscriber.";
+ case periodic {
+ container periodic {
+ presence "indicates a periodic subscription";
+ description
+ "The publisher is requested to notify periodically the
+ current values of the datastore as defined by the
+ selection filter.";
+ leaf period {
+ type yp:centiseconds;
+ description
+ "Duration of time which should occur between periodic
+ push updates, in one hundredths of a second.";
+ }
+ leaf anchor-time {
+ type yang:date-and-time;
+ description
+ "Designates a timestamp before or after which a series
+ of periodic push updates are determined. The next
+ update will take place at a whole multiple interval
+ from the anchor time. For example, for an anchor time
+ is set for the top of a particular minute and a period
+ interval of a minute, updates will be sent at the top
+ of every minute this subscription is active.";
+ }
+ }
+ }
+ case on-change {
+ container on-change {
+ presence "indicates an on-change subscription";
+ description
+ "The publisher is requested to notify changes in values
+ in the datastore subset as defined by a selection
+ filter.";
+ leaf dampening-period {
+ type yp:centiseconds;
+ default "0";
+ description
+ "Specifies the minimum interval between the assembly of
+ successive update records for a single receiver of a
+ subscription. Whenever subscribed objects change, and
+ a dampening period interval (which may be zero) has
+ elapsed since the previous update record creation for
+ a receiver, then any subscribed objects and properties
+ which have changed since the previous update record
+ will have their current values marshalled and placed
+ into a new update record.";
+ }
+ leaf sync-on-start {
+ type boolean;
+ default "true";
+ description
+ "When this object is set to false, it restricts an
+ on-change subscription from sending push-update
+ notifications. When false, pushing a full selection per
+ the terms of the selection filter MUST NOT be done for
+ this subscription. Only updates about changes,
+ i.e. only push-change-update notifications are sent.
+ When true (default behavior), in order to facilitate a
+ receiver's synchronization, a full update is sent when
+ the subscription starts using a push-update
+ notification. After that, push-change-update
+ notifications are exclusively sent unless the publisher
+ chooses to resync the subscription via a new push-update
+ notification.";
+ }
+ }
+ }
+ }
+ list module-version {
+ key "module-name";
+ config false;
+ description
+ "List of yang-push-module-version grouping. The revision is
+ not configurable.";
+ leaf module-name {
+ type yang:yang-identifier;
+ config false;
+ description
+ "This references the YANG module name.";
+ }
+ leaf revision {
+ type rev:revision-date;
+ config false;
+ description
+ "This references the YANG module revision of the sent
+ notification message.";
+ }
+ leaf revision-label {
+ type ysver:version;
+ description
+ "This references the YANG module semantic version of the syanglibent
+ notification message.";
+ }
+ }
+ leaf yang-library-content-id {
+ type string;
+ config false;
+ description
+ "Contains the YANG library content identifier RFC 8525 information.";
+ }
+ }
+ }
+}
diff --git a/yangkit-examples/src/main/resources/App6/yangs/ietf-yang-push@2019-09-09.yang b/yangkit-examples/src/main/resources/App6/yangs/ietf-yang-push@2019-09-09.yang
new file mode 100644
index 00000000..ea38fb34
--- /dev/null
+++ b/yangkit-examples/src/main/resources/App6/yangs/ietf-yang-push@2019-09-09.yang
@@ -0,0 +1,797 @@
+module ietf-yang-push {
+ yang-version 1.1;
+ namespace "urn:ietf:params:xml:ns:yang:ietf-yang-push";
+ prefix yp;
+
+ import ietf-yang-types {
+ prefix yang;
+ reference
+ "RFC 6991: Common YANG Data Types";
+ }
+ import ietf-subscribed-notifications {
+ prefix sn;
+ reference
+ "RFC 8639: Subscription to YANG Notifications";
+ }
+ import ietf-datastores {
+ prefix ds;
+ reference
+ "RFC 8342: Network Management Datastore Architecture (NMDA)";
+ }
+ import ietf-restconf {
+ prefix rc;
+ reference
+ "RFC 8040: RESTCONF Protocol";
+ }
+ import ietf-yang-patch {
+ prefix ypatch;
+ reference
+ "RFC 8072: YANG Patch Media Type";
+ }
+
+ organization
+ "IETF NETCONF (Network Configuration) Working Group";
+ contact
+ "WG Web:
+ WG List:
+
+ Author: Alexander Clemm
+
+
+ Author: Eric Voit
+ ";
+
+ description
+ "This module contains YANG specifications for YANG-Push.
+
+ The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL
+ NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED',
+ 'MAY', and 'OPTIONAL' in this document are to be interpreted as
+ described in BCP 14 (RFC 2119) (RFC 8174) when, and only when,
+ they appear in all capitals, as shown here.
+
+ Copyright (c) 2019 IETF Trust and the persons identified as
+ authors of the code. All rights reserved.
+
+ Redistribution and use in source and binary forms, with or
+ without modification, is permitted pursuant to, and subject to
+ the license terms contained in, the Simplified BSD License set
+ forth in Section 4.c of the IETF Trust's Legal Provisions
+ Relating to IETF Documents
+ (https://trustee.ietf.org/license-info).
+
+ This version of this YANG module is part of RFC 8641; see the
+ RFC itself for full legal notices.";
+
+ revision 2019-09-09 {
+ description
+ "Initial revision.";
+ reference
+ "RFC 8641: Subscriptions to YANG Datastores";
+ }
+
+ /*
+ * FEATURES
+ */
+
+ feature on-change {
+ description
+ "This feature indicates that on-change triggered subscriptions
+ are supported.";
+ }
+
+ /*
+ * IDENTITIES
+ */
+
+ /* Error type identities for datastore subscription */
+
+ identity resync-subscription-error {
+ description
+ "Problem found while attempting to fulfill a
+ 'resync-subscription' RPC request.";
+ }
+
+ identity cant-exclude {
+ base sn:establish-subscription-error;
+ description
+ "Unable to remove the set of 'excluded-change' parameters.
+ This means that the publisher is unable to restrict
+ 'push-change-update' notifications to just the change types
+ requested for this subscription.";
+ }
+
+ identity datastore-not-subscribable {
+ base sn:establish-subscription-error;
+ base sn:subscription-terminated-reason;
+ description
+ "This is not a subscribable datastore.";
+ }
+
+ identity no-such-subscription-resync {
+ base resync-subscription-error;
+ description
+ "The referenced subscription doesn't exist. This may be as a
+ result of a nonexistent subscription ID, an ID that belongs to
+ another subscriber, or an ID for a configured subscription.";
+ }
+
+ identity on-change-unsupported {
+ base sn:establish-subscription-error;
+ description
+ "On-change is not supported for any objects that are
+ selectable by this filter.";
+ }
+
+ identity on-change-sync-unsupported {
+ base sn:establish-subscription-error;
+ description
+ "Neither 'sync-on-start' nor resynchronization is supported for
+ this subscription. This error will be used for two reasons:
+ (1) if an 'establish-subscription' RPC includes
+ 'sync-on-start' but the publisher can't support sending a
+ 'push-update' for this subscription for reasons other than
+ 'on-change-unsupported' or 'sync-too-big'
+ (2) if the 'resync-subscription' RPC is invoked for either an
+ existing periodic subscription or an on-change subscription
+ that can't support resynchronization.";
+ }
+
+ identity period-unsupported {
+ base sn:establish-subscription-error;
+ base sn:modify-subscription-error;
+ base sn:subscription-suspended-reason;
+ description
+ "The requested time period or 'dampening-period' is too short.
+ This can be for both periodic and on-change subscriptions
+ (with or without dampening). Hints suggesting alternative
+ periods may be returned as supplemental information.";
+ }
+
+ identity update-too-big {
+ base sn:establish-subscription-error;
+ base sn:modify-subscription-error;
+ base sn:subscription-suspended-reason;
+ description
+ "Periodic or on-change push update data trees exceed a maximum
+ size limit. Hints on the estimated size of what was too big
+ may be returned as supplemental information.";
+ }
+
+ identity sync-too-big {
+ base sn:establish-subscription-error;
+ base sn:modify-subscription-error;
+ base resync-subscription-error;
+ base sn:subscription-suspended-reason;
+ description
+ "The 'sync-on-start' or resynchronization data tree exceeds a
+ maximum size limit. Hints on the estimated size of what was
+ too big may be returned as supplemental information.";
+ }
+
+ identity unchanging-selection {
+ base sn:establish-subscription-error;
+ base sn:modify-subscription-error;
+ base sn:subscription-terminated-reason;
+ description
+ "The selection filter is unlikely to ever select data tree
+ nodes. This means that based on the subscriber's current
+ access rights, the publisher recognizes that the selection
+ filter is unlikely to ever select data tree nodes that change.
+ Examples for this might be that the node or subtree doesn't
+ exist, read access is not permitted for a receiver, or static
+ objects that only change at reboot have been chosen.";
+ }
+
+ /*
+ * TYPE DEFINITIONS
+ */
+
+ typedef change-type {
+ type enumeration {
+ enum create {
+ description
+ "A change that refers to the creation of a new
+ datastore node.";
+ }
+ enum delete {
+ description
+ "A change that refers to the deletion of a
+ datastore node.";
+ }
+ enum insert {
+ description
+ "A change that refers to the insertion of a new
+ user-ordered datastore node.";
+ }
+ enum move {
+ description
+ "A change that refers to a reordering of the target
+ datastore node.";
+ }
+ enum replace {
+ description
+ "A change that refers to a replacement of the target
+ datastore node's value.";
+ }
+ }
+ description
+ "Specifies different types of datastore changes.
+
+ This type is based on the edit operations defined for
+ YANG Patch, with the difference that it is valid for a
+ receiver to process an update record that performs a
+ 'create' operation on a datastore node the receiver believes
+ exists or to process a delete on a datastore node the
+ receiver believes is missing.";
+ reference
+ "RFC 8072: YANG Patch Media Type, Section 2.5";
+ }
+
+ typedef selection-filter-ref {
+ type leafref {
+ path "/sn:filters/yp:selection-filter/yp:filter-id";
+ }
+ description
+ "This type is used to reference a selection filter.";
+ }
+
+ typedef centiseconds {
+ type uint32;
+ description
+ "A period of time, measured in units of 0.01 seconds.";
+ }
+
+ /*
+ * GROUP DEFINITIONS
+ */
+
+ grouping datastore-criteria {
+ description
+ "A grouping to define criteria for which selected objects from
+ a targeted datastore should be included in push updates.";
+ leaf datastore {
+ type identityref {
+ base ds:datastore;
+ }
+ mandatory true;
+ description
+ "Datastore from which to retrieve data.";
+ }
+ uses selection-filter-objects;
+ }
+
+ grouping selection-filter-types {
+ description
+ "This grouping defines the types of selectors for objects
+ from a datastore.";
+ choice filter-spec {
+ description
+ "The content filter specification for this request.";
+ anydata datastore-subtree-filter {
+ if-feature "sn:subtree";
+ description
+ "This parameter identifies the portions of the
+ target datastore to retrieve.";
+ reference
+ "RFC 6241: Network Configuration Protocol (NETCONF),
+ Section 6";
+ }
+ leaf datastore-xpath-filter {
+ if-feature "sn:xpath";
+ type yang:xpath1.0;
+ description
+ "This parameter contains an XPath expression identifying
+ the portions of the target datastore to retrieve.
+
+ If the expression returns a node set, all nodes in the
+ node set are selected by the filter. Otherwise, if the
+ expression does not return a node set, the filter
+ doesn't select any nodes.
+
+ The expression is evaluated in the following XPath
+ context:
+
+ o The set of namespace declarations is the set of prefix
+ and namespace pairs for all YANG modules implemented
+ by the server, where the prefix is the YANG module
+ name and the namespace is as defined by the
+ 'namespace' statement in the YANG module.
+
+ If the leaf is encoded in XML, all namespace
+ declarations in scope on the 'stream-xpath-filter'
+ leaf element are added to the set of namespace
+ declarations. If a prefix found in the XML is
+ already present in the set of namespace declarations,
+ the namespace in the XML is used.
+
+ o The set of variable bindings is empty.
+
+ o The function library is comprised of the core
+ function library and the XPath functions defined in
+ Section 10 in RFC 7950.
+
+ o The context node is the root node of the target
+ datastore.";
+ reference
+ "XML Path Language (XPath) Version 1.0
+ (https://www.w3.org/TR/1999/REC-xpath-19991116)
+ RFC 7950: The YANG 1.1 Data Modeling Language,
+ Section 10";
+ }
+ }
+ }
+
+ grouping selection-filter-objects {
+ description
+ "This grouping defines a selector for objects from a
+ datastore.";
+ choice selection-filter {
+ description
+ "The source of the selection filter applied to the
+ subscription. This will either (1) come referenced from a
+ global list or (2) be provided in the subscription itself.";
+ case by-reference {
+ description
+ "Incorporates a filter that has been configured
+ separately.";
+ leaf selection-filter-ref {
+ type selection-filter-ref;
+ mandatory true;
+ description
+ "References an existing selection filter that is to be
+ applied to the subscription.";
+ }
+ }
+ case within-subscription {
+ description
+ "A local definition allows a filter to have the same
+ lifecycle as the subscription.";
+ uses selection-filter-types;
+ }
+ }
+ }
+
+ grouping update-policy-modifiable {
+ description
+ "This grouping describes the datastore-specific subscription
+ conditions that can be changed during the lifetime of the
+ subscription.";
+ choice update-trigger {
+ description
+ "Defines necessary conditions for sending an event record to
+ the subscriber.";
+ case periodic {
+ container periodic {
+ presence "indicates a periodic subscription";
+ description
+ "The publisher is requested to periodically notify the
+ receiver regarding the current values of the datastore
+ as defined by the selection filter.";
+ leaf period {
+ type centiseconds;
+ mandatory true;
+ description
+ "Duration of time that should occur between periodic
+ push updates, in units of 0.01 seconds.";
+ }
+ leaf anchor-time {
+ type yang:date-and-time;
+ description
+ "Designates a timestamp before or after which a series
+ of periodic push updates are determined. The next
+ update will take place at a point in time that is a
+ multiple of a period from the 'anchor-time'.
+ For example, for an 'anchor-time' that is set for the
+ top of a particular minute and a period interval of a
+ minute, updates will be sent at the top of every
+ minute that this subscription is active.";
+ }
+ }
+ }
+ case on-change {
+ if-feature "on-change";
+ container on-change {
+ presence "indicates an on-change subscription";
+ description
+ "The publisher is requested to notify the receiver
+ regarding changes in values in the datastore subset as
+ defined by a selection filter.";
+ leaf dampening-period {
+ type centiseconds;
+ default "0";
+ description
+ "Specifies the minimum interval between the assembly of
+ successive update records for a single receiver of a
+ subscription. Whenever subscribed objects change and
+ a dampening-period interval (which may be zero) has
+ elapsed since the previous update record creation for
+ a receiver, any subscribed objects and properties
+ that have changed since the previous update record
+ will have their current values marshalled and placed
+ in a new update record.";
+ }
+ }
+ }
+ }
+ }
+
+ grouping update-policy {
+ description
+ "This grouping describes the datastore-specific subscription
+ conditions of a subscription.";
+ uses update-policy-modifiable {
+ augment "update-trigger/on-change/on-change" {
+ description
+ "Includes objects that are not modifiable once a
+ subscription is established.";
+ leaf sync-on-start {
+ type boolean;
+ default "true";
+ description
+ "When this object is set to 'false', (1) it restricts an
+ on-change subscription from sending 'push-update'
+ notifications and (2) pushing a full selection per the
+ terms of the selection filter MUST NOT be done for
+ this subscription. Only updates about changes
+ (i.e., only 'push-change-update' notifications)
+ are sent. When set to 'true' (the default behavior),
+ in order to facilitate a receiver's synchronization,
+ a full update is sent, via a 'push-update' notification,
+ when the subscription starts. After that,
+ 'push-change-update' notifications are exclusively sent,
+ unless the publisher chooses to resync the subscription
+ via a new 'push-update' notification.";
+ }
+ leaf-list excluded-change {
+ type change-type;
+ description
+ "Used to restrict which changes trigger an update. For
+ example, if a 'replace' operation is excluded, only the
+ creation and deletion of objects are reported.";
+ }
+ }
+ }
+ }
+
+ grouping hints {
+ description
+ "Parameters associated with an error for a subscription
+ made upon a datastore.";
+ leaf period-hint {
+ type centiseconds;
+ description
+ "Returned when the requested time period is too short. This
+ hint can assert a viable period for either a periodic push
+ cadence or an on-change dampening interval.";
+ }
+ leaf filter-failure-hint {
+ type string;
+ description
+ "Information describing where and/or why a provided filter
+ was unsupportable for a subscription.";
+ }
+ leaf object-count-estimate {
+ type uint32;
+ description
+ "If there are too many objects that could potentially be
+ returned by the selection filter, this identifies the
+ estimate of the number of objects that the filter would
+ potentially pass.";
+ }
+ leaf object-count-limit {
+ type uint32;
+ description
+ "If there are too many objects that could be returned by
+ the selection filter, this identifies the upper limit of
+ the publisher's ability to service this subscription.";
+ }
+ leaf kilobytes-estimate {
+ type uint32;
+ description
+ "If the returned information could be beyond the capacity
+ of the publisher, this would identify the estimated
+ data size that could result from this selection filter.";
+ }
+ leaf kilobytes-limit {
+ type uint32;
+ description
+ "If the returned information would be beyond the capacity
+ of the publisher, this identifies the upper limit of the
+ publisher's ability to service this subscription.";
+ }
+ }
+
+ /*
+ * RPCs
+ */
+
+ rpc resync-subscription {
+ if-feature "on-change";
+ description
+ "This RPC allows a subscriber of an active on-change
+ subscription to request a full push of objects.
+
+ A successful invocation results in a 'push-update' of all
+ datastore nodes that the subscriber is permitted to access.
+ This RPC can only be invoked on the same session on which the
+ subscription is currently active. In the case of an error, a
+ 'resync-subscription-error' is sent as part of an error
+ response.";
+ input {
+ leaf id {
+ type sn:subscription-id;
+ mandatory true;
+ description
+ "Identifier of the subscription that is to be resynced.";
+ }
+ }
+ }
+
+ rc:yang-data resync-subscription-error {
+ container resync-subscription-error {
+ description
+ "If a 'resync-subscription' RPC fails, the subscription is
+ not resynced and the RPC error response MUST indicate the
+ reason for this failure. This yang-data MAY be inserted as
+ structured data in a subscription's RPC error response
+ to indicate the reason for the failure.";
+ leaf reason {
+ type identityref {
+ base resync-subscription-error;
+ }
+ mandatory true;
+ description
+ "Indicates the reason why the publisher has declined a
+ request for subscription resynchronization.";
+ }
+ uses hints;
+ }
+ }
+
+ augment "/sn:establish-subscription/sn:input" {
+ description
+ "This augmentation adds additional subscription parameters
+ that apply specifically to datastore updates to RPC input.";
+ uses update-policy;
+ }
+
+ augment "/sn:establish-subscription/sn:input/sn:target" {
+ description
+ "This augmentation adds the datastore as a valid target
+ for the subscription to RPC input.";
+ case datastore {
+ description
+ "Information specifying the parameters of a request for a
+ datastore subscription.";
+ uses datastore-criteria;
+ }
+ }
+
+ rc:yang-data establish-subscription-datastore-error-info {
+ container establish-subscription-datastore-error-info {
+ description
+ "If any 'establish-subscription' RPC parameters are
+ unsupportable against the datastore, a subscription is not
+ created and the RPC error response MUST indicate the reason
+ why the subscription failed to be created. This yang-data
+ MAY be inserted as structured data in a subscription's
+ RPC error response to indicate the reason for the failure.
+ This yang-data MUST be inserted if hints are to be provided
+ back to the subscriber.";
+ leaf reason {
+ type identityref {
+ base sn:establish-subscription-error;
+ }
+ description
+ "Indicates the reason why the subscription has failed to
+ be created to a targeted datastore.";
+ }
+ uses hints;
+ }
+ }
+
+ augment "/sn:modify-subscription/sn:input" {
+ description
+ "This augmentation adds additional subscription parameters
+ specific to datastore updates.";
+ uses update-policy-modifiable;
+ }
+
+ augment "/sn:modify-subscription/sn:input/sn:target" {
+ description
+ "This augmentation adds the datastore as a valid target
+ for the subscription to RPC input.";
+ case datastore {
+ description
+ "Information specifying the parameters of a request for a
+ datastore subscription.";
+ uses datastore-criteria;
+ }
+ }
+
+ rc:yang-data modify-subscription-datastore-error-info {
+ container modify-subscription-datastore-error-info {
+ description
+ "This yang-data MAY be provided as part of a subscription's
+ RPC error response when there is a failure of a
+ 'modify-subscription' RPC that has been made against a
+ datastore. This yang-data MUST be used if hints are to be
+ provided back to the subscriber.";
+ leaf reason {
+ type identityref {
+ base sn:modify-subscription-error;
+ }
+ description
+ "Indicates the reason why the subscription has failed to
+ be modified.";
+ }
+ uses hints;
+ }
+ }
+
+ /*
+ * NOTIFICATIONS
+ */
+
+ notification push-update {
+ description
+ "This notification contains a push update that in turn contains
+ data subscribed to via a subscription. In the case of a
+ periodic subscription, this notification is sent for periodic
+ updates. It can also be used for synchronization updates of
+ an on-change subscription. This notification shall only be
+ sent to receivers of a subscription. It does not constitute
+ a general-purpose notification that would be subscribable as
+ part of the NETCONF event stream by any receiver.";
+ leaf id {
+ type sn:subscription-id;
+ description
+ "This references the subscription that drove the
+ notification to be sent.";
+ }
+ anydata datastore-contents {
+ description
+ "This contains the updated data. It constitutes a snapshot
+ at the time of update of the set of data that has been
+ subscribed to. The snapshot corresponds to the same
+ snapshot that would be returned in a corresponding 'get'
+ operation with the same selection filter parameters
+ applied.";
+ }
+ leaf incomplete-update {
+ type empty;
+ description
+ "This is a flag that indicates that not all datastore
+ nodes subscribed to are included with this update. In
+ other words, the publisher has failed to fulfill its full
+ subscription obligations and, despite its best efforts, is
+ providing an incomplete set of objects.";
+ }
+ }
+
+ notification push-change-update {
+ if-feature "on-change";
+ description
+ "This notification contains an on-change push update. This
+ notification shall only be sent to the receivers of a
+ subscription. It does not constitute a general-purpose
+ notification that would be subscribable as part of the
+ NETCONF event stream by any receiver.";
+ leaf id {
+ type sn:subscription-id;
+ description
+ "This references the subscription that drove the
+ notification to be sent.";
+ }
+ container datastore-changes {
+ description
+ "This contains the set of datastore changes of the target
+ datastore, starting at the time of the previous update, per
+ the terms of the subscription.";
+ uses ypatch:yang-patch;
+ }
+ leaf incomplete-update {
+ type empty;
+ description
+ "The presence of this object indicates that not all changes
+ that have occurred since the last update are included with
+ this update. In other words, the publisher has failed to
+ fulfill its full subscription obligations -- for example,
+ in cases where it was not able to keep up with a burst of
+ changes.";
+ }
+ }
+
+ augment "/sn:subscription-started" {
+ description
+ "This augmentation adds datastore-specific objects to
+ the notification that a subscription has started.";
+ uses update-policy;
+ }
+
+ augment "/sn:subscription-started/sn:target" {
+ description
+ "This augmentation allows the datastore to be included as
+ part of the notification that a subscription has started.";
+ case datastore {
+ uses datastore-criteria {
+ refine "selection-filter/within-subscription" {
+ description
+ "Specifies the selection filter and where it originated
+ from. If the 'selection-filter-ref' is populated, the
+ filter in the subscription came from the 'filters'
+ container. Otherwise, it is populated in-line as part
+ of the subscription itself.";
+ }
+ }
+ }
+ }
+
+ augment "/sn:subscription-modified" {
+ description
+ "This augmentation adds datastore-specific objects to
+ the notification that a subscription has been modified.";
+ uses update-policy;
+ }
+
+ augment "/sn:subscription-modified/sn:target" {
+ description
+ "This augmentation allows the datastore to be included as
+ part of the notification that a subscription has been
+ modified.";
+ case datastore {
+ uses datastore-criteria {
+ refine "selection-filter/within-subscription" {
+ description
+ "Specifies the selection filter and where it originated
+ from. If the 'selection-filter-ref' is populated, the
+ filter in the subscription came from the 'filters'
+ container. Otherwise, it is populated in-line as part
+ of the subscription itself.";
+ }
+ }
+ }
+ }
+
+ /*
+ * DATA NODES
+ */
+
+ augment "/sn:filters" {
+ description
+ "This augmentation allows the datastore to be included as part
+ of the selection-filtering criteria for a subscription.";
+ list selection-filter {
+ key "filter-id";
+ description
+ "A list of preconfigured filters that can be applied
+ to datastore subscriptions.";
+ leaf filter-id {
+ type string;
+ description
+ "An identifier to differentiate between selection
+ filters.";
+ }
+ uses selection-filter-types;
+ }
+ }
+
+ augment "/sn:subscriptions/sn:subscription" {
+ when 'yp:datastore';
+ description
+ "This augmentation adds objects to a subscription that are
+ specific to a datastore subscription, i.e., a subscription to
+ a stream of datastore node updates.";
+ uses update-policy;
+ }
+
+ augment "/sn:subscriptions/sn:subscription/sn:target" {
+ description
+ "This augmentation allows the datastore to be included as
+ part of the selection-filtering criteria for a subscription.";
+ case datastore {
+ uses datastore-criteria;
+ }
+ }
+}
diff --git a/yangkit-examples/src/main/resources/App6/yangs/ietf-yang-revisions@2024-06-04.yang b/yangkit-examples/src/main/resources/App6/yangs/ietf-yang-revisions@2024-06-04.yang
new file mode 100644
index 00000000..4e451fcb
--- /dev/null
+++ b/yangkit-examples/src/main/resources/App6/yangs/ietf-yang-revisions@2024-06-04.yang
@@ -0,0 +1,140 @@
+module ietf-yang-revisions {
+ yang-version 1.1;
+ namespace "urn:ietf:params:xml:ns:yang:ietf-yang-revisions";
+ prefix rev;
+
+ organization
+ "IETF NETMOD (Network Modeling) Working Group";
+ contact
+ "WG Web:
+ WG List:
+
+ Author: Joe Clarke
+
+
+ Author: Reshad Rahman
+
+
+ Author: Robert Wilton
+
+
+ Author: Balazs Lengyel
+
+
+ Author: Jason Sterne
+ ";
+ description
+ "This YANG 1.1 module contains definitions and extensions to
+ support updated YANG revision handling.
+
+ Copyright (c) 2024 IETF Trust and the persons identified as
+ authors of the code. All rights reserved.
+
+ Redistribution and use in source and binary forms, with or
+ without modification, is permitted pursuant to, and subject to
+ the license terms contained in, the Revised BSD License set
+ forth in Section 4.c of the IETF Trust's Legal Provisions
+ Relating to IETF Documents
+ (https://trustee.ietf.org/license-info).
+
+ This version of this YANG module is part of RFC XXXX; see
+ the RFC itself for full legal notices.
+
+ The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL
+ NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED',
+ 'MAY', and 'OPTIONAL' in this document are to be interpreted as
+ described in BCP 14 (RFC 2119) (RFC 8174) when, and only when,
+ they appear in all capitals, as shown here.";
+ // RFC Ed.: update the date below with the date of RFC publication
+ // and remove this note.
+ // RFC Ed.: replace XXXX (inc above) with actual RFC number and
+ // remove this note.
+
+ revision 2024-06-04 {
+ description
+ "Initial version.";
+ reference
+ "XXXX: Updated YANG Module Revision Handling";
+ }
+
+ typedef revision-date {
+ type string {
+ pattern '[0-9]{4}-(1[0-2]|0[1-9])-(0[1-9]|[1-2][0-9]|3[0-1])';
+ }
+ description
+ "A date associated with a YANG revision.
+
+ Matches dates formatted as YYYY-MM-DD.";
+ reference
+ "RFC 7950: The YANG 1.1 Data Modeling Language";
+ }
+
+ extension non-backwards-compatible {
+ description
+ "This statement is used to indicate YANG module revisions that
+ contain non-backwards-compatible changes.
+
+ The statement MUST only be a substatement of the 'revision'
+ statement. Zero or one 'non-backwards-compatible' statements
+ per parent statement is allowed. No substatements for this
+ extension have been standardized.
+
+ If a revision of a YANG module contains changes, relative to
+ the preceding revision in the revision history, that do not
+ conform to the backwards-compatible module update rules
+ defined in RFC-XXX, then the 'non-backwards-compatible'
+ statement MUST be added as a substatement to the revision
+ statement.
+
+ Conversely, if a revision does not contain a
+ 'non-backwards-compatible' statement then all changes,
+ relative to the preceding revision in the revision history,
+ MUST be backwards-compatible.
+
+ A new module revision that only contains changes that are
+ backwards-compatible SHOULD NOT include the
+ 'non-backwards-compatible' statement. An example of when an
+ author might add the 'non-backwards-compatible' statement is
+ if they believe a change could negatively impact clients even
+ though the backwards compatibility rules defined in RFC-XXXX
+ classify it as a backwards-compatible change.
+
+ Add, removing, or changing a 'non-backwards-compatible'
+ statement is a backwards-compatible version change.";
+ reference
+ "XXXX: Updated YANG Module Revision Handling;
+ Section 3.2,
+ non-backwards-compatible extension statement";
+ }
+
+ extension recommended-min-date {
+ argument revision-date;
+ description
+ "Recommends the revision of the module that may be imported to
+ one whose revision date matches or is after the specified
+ revision-date.
+
+ The argument value MUST conform to the 'revision-date' defined
+ type.
+
+ The statement MUST only be a substatement of the import
+ statement. Zero, one or more 'recommended-min-date'
+ statements per parent statement are allowed. No substatements
+ for this extension have been standardized.
+
+ Zero or one 'recommended-min-date' extension statement is
+ allowed for each parent 'import' statement.
+
+ A particular revision of an imported module adheres to an
+ import's 'recommended-min-date' extension statement if the
+ imported module's revision date is equal to or later than
+ the revision date argument of the 'recommended-min-date'
+ extension statement in the importing module.
+
+ Adding, removing or updating a 'recommended-min-date'
+ statement to an import is a backwards-compatible change.";
+ reference
+ "XXXX: Updated YANG Module Revision Handling; Section 4,
+ Guidance for revision selection on imports";
+ }
+}
diff --git a/yangkit-examples/src/main/resources/App6/yangs/ietf-yang-schema-mount@2019-01-14.yang b/yangkit-examples/src/main/resources/App6/yangs/ietf-yang-schema-mount@2019-01-14.yang
new file mode 100644
index 00000000..c49458a1
--- /dev/null
+++ b/yangkit-examples/src/main/resources/App6/yangs/ietf-yang-schema-mount@2019-01-14.yang
@@ -0,0 +1,224 @@
+module ietf-yang-schema-mount {
+ yang-version 1.1;
+ namespace "urn:ietf:params:xml:ns:yang:ietf-yang-schema-mount";
+ prefix yangmnt;
+
+ import ietf-inet-types {
+ prefix inet;
+ reference
+ "RFC 6991: Common YANG Data Types";
+ }
+
+ import ietf-yang-types {
+ prefix yang;
+ reference
+ "RFC 6991: Common YANG Data Types";
+ }
+
+ organization
+ "IETF NETMOD (NETCONF Data Modeling Language) Working Group";
+
+ contact
+ "WG Web:
+ WG List:
+
+ Editor: Martin Bjorklund
+
+
+ Editor: Ladislav Lhotka
+ ";
+
+ description
+ "This module defines a YANG extension statement that can be used
+ to incorporate data models defined in other YANG modules in a
+ module. It also defines operational state data that specify the
+ overall structure of the data model.
+
+ The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL
+ NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED',
+ 'MAY', and 'OPTIONAL' in this document are to be interpreted as
+ described in BCP 14 (RFC 2119) (RFC 8174) when, and only when,
+ they appear in all capitals, as shown here.
+
+ Copyright (c) 2019 IETF Trust and the persons identified as
+ authors of the code. All rights reserved.
+
+ Redistribution and use in source and binary forms, with or
+ without modification, is permitted pursuant to, and subject to
+ the license terms contained in, the Simplified BSD License set
+ forth in Section 4.c of the IETF Trust's Legal Provisions
+ Relating to IETF Documents
+ (https://trustee.ietf.org/license-info).
+
+ This version of this YANG module is part of RFC 8528;
+ see the RFC itself for full legal notices.";
+
+ revision 2019-01-14 {
+ description
+ "Initial revision.";
+ reference
+ "RFC 8528: YANG Schema Mount";
+ }
+
+ /*
+ * Extensions
+ */
+
+ extension mount-point {
+ argument label;
+ description
+ "The argument 'label' is a YANG identifier, i.e., it is of the
+ type 'yang:yang-identifier'.
+
+ The 'mount-point' statement MUST NOT be used in a YANG
+ version 1 module, neither explicitly nor via a 'uses'
+ statement.
+ The 'mount-point' statement MAY be present as a substatement
+ of 'container' and 'list' and MUST NOT be present elsewhere.
+ There MUST NOT be more than one 'mount-point' statement in a
+ given 'container' or 'list' statement.
+
+ If a mount point is defined within a grouping, its label is
+ bound to the module where the grouping is used.
+
+ A mount point defines a place in the node hierarchy where
+ other data models may be attached. A server that implements a
+ module with a mount point populates the
+ '/schema-mounts/mount-point' list with detailed information on
+ which data models are mounted at each mount point.
+
+ Note that the 'mount-point' statement does not define a new
+ data node.";
+ }
+
+ /*
+ * State data nodes
+ */
+
+ container schema-mounts {
+ config false;
+ description
+ "Contains information about the structure of the overall
+ mounted data model implemented in the server.";
+ list namespace {
+ key "prefix";
+ description
+ "This list provides a mapping of namespace prefixes that are
+ used in XPath expressions of 'parent-reference' leafs to the
+ corresponding namespace URI references.";
+ leaf prefix {
+ type yang:yang-identifier;
+ description
+ "Namespace prefix.";
+ }
+ leaf uri {
+ type inet:uri;
+ description
+ "Namespace URI reference.";
+ }
+ }
+ list mount-point {
+ key "module label";
+
+ description
+ "Each entry of this list specifies a schema for a particular
+ mount point.
+
+ Each mount point MUST be defined using the 'mount-point'
+ extension in one of the modules listed in the server's
+ YANG library instance with conformance type 'implement'.";
+ leaf module {
+ type yang:yang-identifier;
+ description
+ "Name of a module containing the mount point.";
+ }
+ leaf label {
+ type yang:yang-identifier;
+ description
+ "Label of the mount point defined using the 'mount-point'
+ extension.";
+ }
+ leaf config {
+ type boolean;
+ default "true";
+ description
+ "If this leaf is set to 'false', then all data nodes in the
+ mounted schema are read-only ('config false'), regardless
+ of their 'config' property.";
+ }
+ choice schema-ref {
+ mandatory true;
+ description
+ "Alternatives for specifying the schema.";
+ container inline {
+ presence
+ "A complete self-contained schema is mounted at the
+ mount point.";
+ description
+ "This node indicates that the server has mounted at least
+ the module 'ietf-yang-library' at the mount point, and
+ its instantiation provides the information about the
+ mounted schema.
+
+ Different instances of the mount point may have
+ different schemas mounted.";
+ }
+ container shared-schema {
+ presence
+ "The mounted schema together with the 'parent-reference'
+ make up the schema for this mount point.";
+
+ description
+ "This node indicates that the server has mounted at least
+ the module 'ietf-yang-library' at the mount point, and
+ its instantiation provides the information about the
+ mounted schema. When XPath expressions in the mounted
+ schema are evaluated, the 'parent-reference' leaf-list
+ is taken into account.
+
+ Different instances of the mount point MUST have the
+ same schema mounted.";
+ leaf-list parent-reference {
+ type yang:xpath1.0;
+ description
+ "Entries of this leaf-list are XPath 1.0 expressions
+ that are evaluated in the following context:
+
+ - The context node is the node in the parent data tree
+ where the mount-point is defined.
+
+ - The accessible tree is the parent data tree
+ *without* any nodes defined in modules that are
+ mounted inside the parent schema.
+
+ - The context position and context size are both equal
+ to 1.
+
+ - The set of variable bindings is empty.
+
+ - The function library is the core function library
+ defined in the W3C XPath 1.0 document
+ (http://www.w3.org/TR/1999/REC-xpath-19991116) and
+ the functions defined in Section 10 of RFC 7950.
+
+ - The set of namespace declarations is defined by the
+ 'namespace' list under 'schema-mounts'.
+
+ Each XPath expression MUST evaluate to a node-set
+ (possibly empty). For the purposes of evaluating
+ XPath expressions whose context nodes are defined in
+ the mounted schema, the union of all these node-sets
+ together with ancestor nodes are added to the
+ accessible data tree.
+
+ Note that in the case 'ietf-yang-schema-mount' is
+ itself mounted, a 'parent-reference' in the mounted
+ module may refer to nodes that were brought into the
+ accessible tree through a 'parent-reference' in the
+ parent schema.";
+ }
+ }
+ }
+ }
+ }
+}
diff --git a/yangkit-examples/src/main/resources/App6/yangs/ietf-yang-semver@2024-07-02.yang b/yangkit-examples/src/main/resources/App6/yangs/ietf-yang-semver@2024-07-02.yang
new file mode 100644
index 00000000..35ed7785
--- /dev/null
+++ b/yangkit-examples/src/main/resources/App6/yangs/ietf-yang-semver@2024-07-02.yang
@@ -0,0 +1,153 @@
+module ietf-yang-semver {
+ yang-version 1.1;
+ namespace "urn:ietf:params:xml:ns:yang:ietf-yang-semver";
+ prefix ys;
+
+ organization
+ "IETF NETMOD (Network Modeling) Working Group";
+ contact
+ "WG Web:
+ WG List:
+
+ Author: Joe Clarke
+
+ Author: Robert Wilton
+
+ Author: Reshad Rahman
+
+ Author: Balazs Lengyel
+
+ Author: Jason Sterne
+
+ Author: Benoit Claise
+ ";
+ description
+ "This module provides type and grouping definitions for YANG
+ packages.
+
+ Copyright (c) 2024 IETF Trust and the persons identified as
+ authors of the code. All rights reserved.
+
+ Redistribution and use in source and binary forms, with or
+ without modification, is permitted pursuant to, and subject
+ to the license terms contained in, the Revised BSD License
+ set forth in Section 4.c of the IETF Trust's Legal Provisions
+ Relating to IETF Documents
+ (http://trustee.ietf.org/license-info).
+
+ The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL
+ NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED',
+ 'MAY', and 'OPTIONAL' in this document are to be interpreted as
+ described in BCP 14 (RFC 2119) (RFC 8174) when, and only when,
+ they appear in all capitals, as shown here.
+
+ This version of this YANG module is part of RFC XXXX; see
+ the RFC itself for full legal notices.";
+
+ // RFC Ed.: update the date below with the date of RFC publication
+ // and remove this note.
+ // RFC Ed.: replace XXXX with actual RFC number and remove this
+ // note.
+ // RFC Ed. update the ys:version to "1.0.0".
+
+ revision 2024-07-02 {
+ ys:version "1.0.0-draft-ietf-netmod-yang-semver-17";
+ description
+ "Initial revision";
+ reference
+ "RFC XXXX: YANG Semantic Versioning.";
+ }
+
+ /*
+ * Extensions
+ */
+
+ extension version {
+ argument yang-semantic-version;
+ description
+ "The version extension can be used to provide an additional
+ identifier associated with a module or submodule
+ revision.
+
+ The format of the version extension argument MUST conform
+ to the 'version' typedef defined in this module.
+
+ The statement MUST only be a substatement of the revision
+ statement. Zero or one version statements per parent
+ statement are allowed. No substatements for this extension
+ have been standardized.
+
+ Versions MUST be unique amongst all revisions of a
+ module or submodule.
+
+ Adding a version is a backwards-compatible
+ change. Changing or removing an existing version in
+ the revision history is a non-backwards-compatible
+ change, because it could impact any references to that
+ version.";
+ reference
+ "XXXX: YANG Semantic Versioning;
+ Section 3.2, YANG Semantic Version Extension";
+ }
+
+ extension recommended-min-version {
+ argument yang-semantic-version;
+ description
+ "Recommends the versions of the module that may be imported to
+ one that is greater than or equal to the specified version.
+
+ The format of the recommended-min-version extension argument
+ MUST conform to the 'version' typedef defined in this module.
+
+ The statement MUST only be a substatement of the import
+ statement. Zero, one or more 'recommended-min-version'
+ statements per parent statement are allowed. No
+ substatements for this extension have been
+ standardized.
+
+ If specified multiple times, then any module revision that
+ satisfies at least one of the 'recommended-min-version'
+ statements is an acceptable recommended version for
+ import.
+
+ A module to be imported is considered as meeting the
+ recommended minimum version criteria if it meets one of
+ the following conditions:
+
+ * Has the exact MAJOR, MINOR, PATCH and '_compatible' or
+ '_non_compatible' modifiers as in the
+ recommend-min-version value.
+ * Has the same MAJOR and MINOR version numbers and a
+ greater PATCH number. In this case, '_compatible' and
+ '_non_compatible modifiers' are ignored.
+ * Has the same MAJOR version number and greater MINOR number.
+ In this case the PATCH number and the '_compatible' and
+ '_non_compatible' modifiers are ignored.
+ * Has a greater MAJOR version number. In this case MINOR
+ and PATCH numbers and '_compatible' and '_non_compatible'
+ modifiers are ignored.
+
+ Adding, removing or updating a 'recommended-min-version'
+ statement to an import is a backwards-compatible change.";
+ reference
+ "XXXX: YANG Semantic Versioning; Section 4,
+ Import Module by Semantic Version";
+ }
+
+ /*
+ * Typedefs
+ */
+
+ typedef version {
+ type string {
+ pattern '[0-9]+[.][0-9]+[.][0-9]+(_(non_)?compatible)?'
+ + '(-[A-Za-z0-9.-]+[.-][0-9]+)?([+][A-Za-z0-9.-]+)?';
+ }
+ description
+ "Represents a YANG semantic version. The rules governing the
+ use of this version identifier are defined in the
+ reference for this typedef.";
+ reference
+ "RFC XXXX: YANG Semantic Versioning.";
+ }
+}
diff --git a/yangkit-examples/src/main/resources/App6/yangs/ietf-yang-types@2013-07-15.yang b/yangkit-examples/src/main/resources/App6/yangs/ietf-yang-types@2013-07-15.yang
new file mode 100644
index 00000000..ee58fa3a
--- /dev/null
+++ b/yangkit-examples/src/main/resources/App6/yangs/ietf-yang-types@2013-07-15.yang
@@ -0,0 +1,474 @@
+module ietf-yang-types {
+
+ namespace "urn:ietf:params:xml:ns:yang:ietf-yang-types";
+ prefix "yang";
+
+ organization
+ "IETF NETMOD (NETCONF Data Modeling Language) Working Group";
+
+ contact
+ "WG Web:
+ WG List:
+
+ WG Chair: David Kessens
+
+
+ WG Chair: Juergen Schoenwaelder
+
+
+ Editor: Juergen Schoenwaelder
+ ";
+
+ description
+ "This module contains a collection of generally useful derived
+ YANG data types.
+
+ Copyright (c) 2013 IETF Trust and the persons identified as
+ authors of the code. All rights reserved.
+
+ Redistribution and use in source and binary forms, with or
+ without modification, is permitted pursuant to, and subject
+ to the license terms contained in, the Simplified BSD License
+ set forth in Section 4.c of the IETF Trust's Legal Provisions
+ Relating to IETF Documents
+ (http://trustee.ietf.org/license-info).
+
+ This version of this YANG module is part of RFC 6991; see
+ the RFC itself for full legal notices.";
+
+ revision 2013-07-15 {
+ description
+ "This revision adds the following new data types:
+ - yang-identifier
+ - hex-string
+ - uuid
+ - dotted-quad";
+ reference
+ "RFC 6991: Common YANG Data Types";
+ }
+
+ revision 2010-09-24 {
+ description
+ "Initial revision.";
+ reference
+ "RFC 6021: Common YANG Data Types";
+ }
+
+ /*** collection of counter and gauge types ***/
+
+ typedef counter32 {
+ type uint32;
+ description
+ "The counter32 type represents a non-negative integer
+ that monotonically increases until it reaches a
+ maximum value of 2^32-1 (4294967295 decimal), when it
+ wraps around and starts increasing again from zero.
+
+ Counters have no defined 'initial' value, and thus, a
+ single value of a counter has (in general) no information
+ content. Discontinuities in the monotonically increasing
+ value normally occur at re-initialization of the
+ management system, and at other times as specified in the
+ description of a schema node using this type. If such
+ other times can occur, for example, the creation of
+ a schema node of type counter32 at times other than
+ re-initialization, then a corresponding schema node
+ should be defined, with an appropriate type, to indicate
+ the last discontinuity.
+
+ The counter32 type should not be used for configuration
+ schema nodes. A default statement SHOULD NOT be used in
+ combination with the type counter32.
+
+ In the value set and its semantics, this type is equivalent
+ to the Counter32 type of the SMIv2.";
+ reference
+ "RFC 2578: Structure of Management Information Version 2
+ (SMIv2)";
+ }
+
+ typedef zero-based-counter32 {
+ type yang:counter32;
+ default "0";
+ description
+ "The zero-based-counter32 type represents a counter32
+ that has the defined 'initial' value zero.
+
+ A schema node of this type will be set to zero (0) on creation
+ and will thereafter increase monotonically until it reaches
+ a maximum value of 2^32-1 (4294967295 decimal), when it
+ wraps around and starts increasing again from zero.
+
+ Provided that an application discovers a new schema node
+ of this type within the minimum time to wrap, it can use the
+ 'initial' value as a delta. It is important for a management
+ station to be aware of this minimum time and the actual time
+ between polls, and to discard data if the actual time is too
+ long or there is no defined minimum time.
+
+ In the value set and its semantics, this type is equivalent
+ to the ZeroBasedCounter32 textual convention of the SMIv2.";
+ reference
+ "RFC 4502: Remote Network Monitoring Management Information
+ Base Version 2";
+ }
+
+ typedef counter64 {
+ type uint64;
+ description
+ "The counter64 type represents a non-negative integer
+ that monotonically increases until it reaches a
+ maximum value of 2^64-1 (18446744073709551615 decimal),
+ when it wraps around and starts increasing again from zero.
+
+ Counters have no defined 'initial' value, and thus, a
+ single value of a counter has (in general) no information
+ content. Discontinuities in the monotonically increasing
+ value normally occur at re-initialization of the
+ management system, and at other times as specified in the
+ description of a schema node using this type. If such
+ other times can occur, for example, the creation of
+ a schema node of type counter64 at times other than
+ re-initialization, then a corresponding schema node
+ should be defined, with an appropriate type, to indicate
+ the last discontinuity.
+
+ The counter64 type should not be used for configuration
+ schema nodes. A default statement SHOULD NOT be used in
+ combination with the type counter64.
+
+ In the value set and its semantics, this type is equivalent
+ to the Counter64 type of the SMIv2.";
+ reference
+ "RFC 2578: Structure of Management Information Version 2
+ (SMIv2)";
+ }
+
+ typedef zero-based-counter64 {
+ type yang:counter64;
+ default "0";
+ description
+ "The zero-based-counter64 type represents a counter64 that
+ has the defined 'initial' value zero.
+
+ A schema node of this type will be set to zero (0) on creation
+ and will thereafter increase monotonically until it reaches
+ a maximum value of 2^64-1 (18446744073709551615 decimal),
+ when it wraps around and starts increasing again from zero.
+
+ Provided that an application discovers a new schema node
+ of this type within the minimum time to wrap, it can use the
+ 'initial' value as a delta. It is important for a management
+ station to be aware of this minimum time and the actual time
+ between polls, and to discard data if the actual time is too
+ long or there is no defined minimum time.
+
+ In the value set and its semantics, this type is equivalent
+ to the ZeroBasedCounter64 textual convention of the SMIv2.";
+ reference
+ "RFC 2856: Textual Conventions for Additional High Capacity
+ Data Types";
+ }
+
+ typedef gauge32 {
+ type uint32;
+ description
+ "The gauge32 type represents a non-negative integer, which
+ may increase or decrease, but shall never exceed a maximum
+ value, nor fall below a minimum value. The maximum value
+ cannot be greater than 2^32-1 (4294967295 decimal), and
+ the minimum value cannot be smaller than 0. The value of
+ a gauge32 has its maximum value whenever the information
+ being modeled is greater than or equal to its maximum
+ value, and has its minimum value whenever the information
+ being modeled is smaller than or equal to its minimum value.
+ If the information being modeled subsequently decreases
+ below (increases above) the maximum (minimum) value, the
+ gauge32 also decreases (increases).
+
+ In the value set and its semantics, this type is equivalent
+ to the Gauge32 type of the SMIv2.";
+ reference
+ "RFC 2578: Structure of Management Information Version 2
+ (SMIv2)";
+ }
+
+ typedef gauge64 {
+ type uint64;
+ description
+ "The gauge64 type represents a non-negative integer, which
+ may increase or decrease, but shall never exceed a maximum
+ value, nor fall below a minimum value. The maximum value
+ cannot be greater than 2^64-1 (18446744073709551615), and
+ the minimum value cannot be smaller than 0. The value of
+ a gauge64 has its maximum value whenever the information
+ being modeled is greater than or equal to its maximum
+ value, and has its minimum value whenever the information
+ being modeled is smaller than or equal to its minimum value.
+ If the information being modeled subsequently decreases
+ below (increases above) the maximum (minimum) value, the
+ gauge64 also decreases (increases).
+
+ In the value set and its semantics, this type is equivalent
+ to the CounterBasedGauge64 SMIv2 textual convention defined
+ in RFC 2856";
+ reference
+ "RFC 2856: Textual Conventions for Additional High Capacity
+ Data Types";
+ }
+
+ /*** collection of identifier-related types ***/
+
+ typedef object-identifier {
+ type string {
+ pattern '(([0-1](\.[1-3]?[0-9]))|(2\.(0|([1-9]\d*))))'
+ + '(\.(0|([1-9]\d*)))*';
+ }
+ description
+ "The object-identifier type represents administratively
+ assigned names in a registration-hierarchical-name tree.
+
+ Values of this type are denoted as a sequence of numerical
+ non-negative sub-identifier values. Each sub-identifier
+ value MUST NOT exceed 2^32-1 (4294967295). Sub-identifiers
+ are separated by single dots and without any intermediate
+ whitespace.
+
+ The ASN.1 standard restricts the value space of the first
+ sub-identifier to 0, 1, or 2. Furthermore, the value space
+ of the second sub-identifier is restricted to the range
+ 0 to 39 if the first sub-identifier is 0 or 1. Finally,
+ the ASN.1 standard requires that an object identifier
+ has always at least two sub-identifiers. The pattern
+ captures these restrictions.
+
+ Although the number of sub-identifiers is not limited,
+ module designers should realize that there may be
+ implementations that stick with the SMIv2 limit of 128
+ sub-identifiers.
+
+ This type is a superset of the SMIv2 OBJECT IDENTIFIER type
+ since it is not restricted to 128 sub-identifiers. Hence,
+ this type SHOULD NOT be used to represent the SMIv2 OBJECT
+ IDENTIFIER type; the object-identifier-128 type SHOULD be
+ used instead.";
+ reference
+ "ISO9834-1: Information technology -- Open Systems
+ Interconnection -- Procedures for the operation of OSI
+ Registration Authorities: General procedures and top
+ arcs of the ASN.1 Object Identifier tree";
+ }
+
+ typedef object-identifier-128 {
+ type object-identifier {
+ pattern '\d*(\.\d*){1,127}';
+ }
+ description
+ "This type represents object-identifiers restricted to 128
+ sub-identifiers.
+
+ In the value set and its semantics, this type is equivalent
+ to the OBJECT IDENTIFIER type of the SMIv2.";
+ reference
+ "RFC 2578: Structure of Management Information Version 2
+ (SMIv2)";
+ }
+
+ typedef yang-identifier {
+ type string {
+ length "1..max";
+ pattern '[a-zA-Z_][a-zA-Z0-9\-_.]*';
+ pattern '.|..|[^xX].*|.[^mM].*|..[^lL].*';
+ }
+ description
+ "A YANG identifier string as defined by the 'identifier'
+ rule in Section 12 of RFC 6020. An identifier must
+ start with an alphabetic character or an underscore
+ followed by an arbitrary sequence of alphabetic or
+ numeric characters, underscores, hyphens, or dots.
+
+ A YANG identifier MUST NOT start with any possible
+ combination of the lowercase or uppercase character
+ sequence 'xml'.";
+ reference
+ "RFC 6020: YANG - A Data Modeling Language for the Network
+ Configuration Protocol (NETCONF)";
+ }
+
+ /*** collection of types related to date and time***/
+
+ typedef date-and-time {
+ type string {
+ pattern '\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}(\.\d+)?'
+ + '(Z|[\+\-]\d{2}:\d{2})';
+ }
+ description
+ "The date-and-time type is a profile of the ISO 8601
+ standard for representation of dates and times using the
+ Gregorian calendar. The profile is defined by the
+ date-time production in Section 5.6 of RFC 3339.
+
+ The date-and-time type is compatible with the dateTime XML
+ schema type with the following notable exceptions:
+
+ (a) The date-and-time type does not allow negative years.
+
+ (b) The date-and-time time-offset -00:00 indicates an unknown
+ time zone (see RFC 3339) while -00:00 and +00:00 and Z
+ all represent the same time zone in dateTime.
+
+ (c) The canonical format (see below) of data-and-time values
+ differs from the canonical format used by the dateTime XML
+ schema type, which requires all times to be in UTC using
+ the time-offset 'Z'.
+
+ This type is not equivalent to the DateAndTime textual
+ convention of the SMIv2 since RFC 3339 uses a different
+ separator between full-date and full-time and provides
+ higher resolution of time-secfrac.
+
+ The canonical format for date-and-time values with a known time
+ zone uses a numeric time zone offset that is calculated using
+ the device's configured known offset to UTC time. A change of
+ the device's offset to UTC time will cause date-and-time values
+ to change accordingly. Such changes might happen periodically
+ in case a server follows automatically daylight saving time
+ (DST) time zone offset changes. The canonical format for
+ date-and-time values with an unknown time zone (usually
+ referring to the notion of local time) uses the time-offset
+ -00:00.";
+ reference
+ "RFC 3339: Date and Time on the Internet: Timestamps
+ RFC 2579: Textual Conventions for SMIv2
+ XSD-TYPES: XML Schema Part 2: Datatypes Second Edition";
+ }
+
+ typedef timeticks {
+ type uint32;
+ description
+ "The timeticks type represents a non-negative integer that
+ represents the time, modulo 2^32 (4294967296 decimal), in
+ hundredths of a second between two epochs. When a schema
+ node is defined that uses this type, the description of
+ the schema node identifies both of the reference epochs.
+
+ In the value set and its semantics, this type is equivalent
+ to the TimeTicks type of the SMIv2.";
+ reference
+ "RFC 2578: Structure of Management Information Version 2
+ (SMIv2)";
+ }
+
+ typedef timestamp {
+ type yang:timeticks;
+ description
+ "The timestamp type represents the value of an associated
+ timeticks schema node at which a specific occurrence
+ happened. The specific occurrence must be defined in the
+ description of any schema node defined using this type. When
+ the specific occurrence occurred prior to the last time the
+ associated timeticks attribute was zero, then the timestamp
+ value is zero. Note that this requires all timestamp values
+ to be reset to zero when the value of the associated timeticks
+ attribute reaches 497+ days and wraps around to zero.
+
+ The associated timeticks schema node must be specified
+ in the description of any schema node using this type.
+
+ In the value set and its semantics, this type is equivalent
+ to the TimeStamp textual convention of the SMIv2.";
+ reference
+ "RFC 2579: Textual Conventions for SMIv2";
+ }
+
+ /*** collection of generic address types ***/
+
+ typedef phys-address {
+ type string {
+ pattern '([0-9a-fA-F]{2}(:[0-9a-fA-F]{2})*)?';
+ }
+
+ description
+ "Represents media- or physical-level addresses represented
+ as a sequence octets, each octet represented by two hexadecimal
+ numbers. Octets are separated by colons. The canonical
+ representation uses lowercase characters.
+
+ In the value set and its semantics, this type is equivalent
+ to the PhysAddress textual convention of the SMIv2.";
+ reference
+ "RFC 2579: Textual Conventions for SMIv2";
+ }
+
+ typedef mac-address {
+ type string {
+ pattern '[0-9a-fA-F]{2}(:[0-9a-fA-F]{2}){5}';
+ }
+ description
+ "The mac-address type represents an IEEE 802 MAC address.
+ The canonical representation uses lowercase characters.
+
+ In the value set and its semantics, this type is equivalent
+ to the MacAddress textual convention of the SMIv2.";
+ reference
+ "IEEE 802: IEEE Standard for Local and Metropolitan Area
+ Networks: Overview and Architecture
+ RFC 2579: Textual Conventions for SMIv2";
+ }
+
+ /*** collection of XML-specific types ***/
+
+ typedef xpath1.0 {
+ type string;
+ description
+ "This type represents an XPATH 1.0 expression.
+
+ When a schema node is defined that uses this type, the
+ description of the schema node MUST specify the XPath
+ context in which the XPath expression is evaluated.";
+ reference
+ "XPATH: XML Path Language (XPath) Version 1.0";
+ }
+
+ /*** collection of string types ***/
+
+ typedef hex-string {
+ type string {
+ pattern '([0-9a-fA-F]{2}(:[0-9a-fA-F]{2})*)?';
+ }
+ description
+ "A hexadecimal string with octets represented as hex digits
+ separated by colons. The canonical representation uses
+ lowercase characters.";
+ }
+
+ typedef uuid {
+ type string {
+ pattern '[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-'
+ + '[0-9a-fA-F]{4}-[0-9a-fA-F]{12}';
+ }
+ description
+ "A Universally Unique IDentifier in the string representation
+ defined in RFC 4122. The canonical representation uses
+ lowercase characters.
+
+ The following is an example of a UUID in string representation:
+ f81d4fae-7dec-11d0-a765-00a0c91e6bf6
+ ";
+ reference
+ "RFC 4122: A Universally Unique IDentifier (UUID) URN
+ Namespace";
+ }
+
+ typedef dotted-quad {
+ type string {
+ pattern
+ '(([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}'
+ + '([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])';
+ }
+ description
+ "An unsigned 32-bit number expressed in the dotted-quad
+ notation, i.e., four octets written as decimal numbers
+ and separated with the '.' (full stop) character.";
+ }
+}
diff --git a/yangkit-examples/src/test/java/IETFCasesTest.java b/yangkit-examples/src/test/java/IETFCasesTest.java
new file mode 100644
index 00000000..e004089a
--- /dev/null
+++ b/yangkit-examples/src/test/java/IETFCasesTest.java
@@ -0,0 +1,157 @@
+import com.fasterxml.jackson.databind.JsonNode;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import org.apache.commons.io.IOUtils;
+import org.dom4j.DocumentException;
+import org.junit.jupiter.api.Disabled;
+import org.junit.jupiter.api.Test;
+import org.yangcentral.yangkit.base.YangElement;
+import org.yangcentral.yangkit.common.api.validate.ValidatorResult;
+import org.yangcentral.yangkit.common.api.validate.ValidatorResultBuilder;
+import org.yangcentral.yangkit.data.api.model.YangDataDocument;
+import org.yangcentral.yangkit.data.codec.json.YangDataDocumentJsonParser;
+import org.yangcentral.yangkit.examples.App1;
+import org.yangcentral.yangkit.examples.App4;
+import org.yangcentral.yangkit.examples.App5;
+import org.yangcentral.yangkit.examples.App6;
+import org.yangcentral.yangkit.model.api.schema.YangSchemaContext;
+import org.yangcentral.yangkit.model.api.stmt.Module;
+import org.yangcentral.yangkit.model.api.stmt.YangStatement;
+import org.yangcentral.yangkit.parser.YangParser;
+import org.yangcentral.yangkit.parser.YangParserEnv;
+import org.yangcentral.yangkit.parser.YangParserException;
+import org.yangcentral.yangkit.parser.YangYinParser;
+import org.yangcentral.yangkit.register.YangStatementImplRegister;
+import org.yangcentral.yangkit.register.YangStatementRegister;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.URL;
+import java.util.List;
+
+import static org.junit.jupiter.api.Assertions.*;
+
+public class IETFCasesTest {
+
+ /**
+ * Validates custom insa-test.yang
+ */
+ @Test
+ public void validateApp1Example() throws IOException {
+ InputStream inputStream = App1.class.getClassLoader().getResourceAsStream("App1/insa-test.yang");
+ assertNotNull(inputStream);
+ String yang = new String(IOUtils.toByteArray(inputStream));
+ inputStream.close();
+
+ YangStatementImplRegister.registerImpl();
+ YangParser yangParser = new YangParser();
+ YangParserEnv yangParserEnv = new YangParserEnv();
+ yangParserEnv.setYangStr(yang);
+ yangParserEnv.setFilename("insa-test");
+ yangParserEnv.setCurPos(0);
+ List yangElements;
+ try {
+ yangElements = yangParser.parseYang(yang, yangParserEnv);
+ } catch (YangParserException e) {
+ throw new RuntimeException(e);
+ }
+
+ assertEquals(yangElements.size(), 1);
+ YangSchemaContext context = YangStatementRegister.getInstance().getSchemeContextInstance();
+ // Add the yang module to the context;
+ for (YangElement element : yangElements) {
+ if (element instanceof YangStatement) {
+ context.addModule((Module) element);
+ }
+ }
+ ValidatorResult validatorResult = context.validate();
+ assertTrue(validatorResult.isOk());
+ }
+
+ /**
+ * Validates ietf-notification message (from ietf-yang-push.yang)
+ */
+ @Test
+ @Disabled
+ public void validateApp4Example() throws IOException, DocumentException, YangParserException {
+ URL yangUrl = App4.class.getClassLoader().getResource("App4/yang");
+ String yangDir = yangUrl.getFile();
+
+ // Parsing module
+ YangSchemaContext schemaContext = YangYinParser.parse(yangDir);
+ ValidatorResult result = schemaContext.validate();
+ assertTrue(result.isOk());
+ assertEquals(schemaContext.getModules().size(), 15);
+
+ // Validating valid notification
+ InputStream jsonInputStream = App4.class.getClassLoader().getResourceAsStream("App4/json/valid_notification.json");
+ ObjectMapper objectMapper = new ObjectMapper();
+ JsonNode jsonElement = objectMapper.readTree(jsonInputStream);
+
+ ValidatorResultBuilder validatorResultBuilder = new ValidatorResultBuilder();
+ YangDataDocument doc = new YangDataDocumentJsonParser(schemaContext).parse(jsonElement, validatorResultBuilder);
+ doc.update();
+ ValidatorResult validatorResult = validatorResultBuilder.build();
+
+ System.out.println(validatorResult.getRecords());
+ assertTrue(validatorResult.isOk());
+ doc.validate();
+ assertTrue(validatorResult.isOk());
+ }
+
+ /**
+ * Validates ietf-interfaces.yang and JSON encoded message
+ */
+ @Test
+ public void validateApp5Example() throws IOException, DocumentException, YangParserException {
+ URL yangUrl = App5.class.getClassLoader().getResource("App5/interfaces");
+ String yangDir = yangUrl.getFile();
+
+ // Parsing module
+ YangSchemaContext schemaContext = YangYinParser.parse(yangDir);
+ ValidatorResult result = schemaContext.validate();
+ assertTrue(result.isOk());
+ assertEquals(schemaContext.getModules().size(), 3);
+
+ InputStream jsonInputStream = App5.class.getClassLoader().getResourceAsStream("App5/json/interface.json");
+ ObjectMapper objectMapper = new ObjectMapper();
+ JsonNode jsonElement = objectMapper.readTree(jsonInputStream);
+
+ // Validating
+ ValidatorResultBuilder validatorResultBuilder = new ValidatorResultBuilder();
+ YangDataDocument doc = new YangDataDocumentJsonParser(schemaContext).parse(jsonElement, validatorResultBuilder);
+ doc.update();
+ ValidatorResult validatorResult = validatorResultBuilder.build();
+ assertTrue(validatorResult.isOk());
+ doc.validate();
+ assertTrue(validatorResult.isOk());
+ }
+
+ /**
+ * Validates ietf-telemetry-message.yang and JSON encoded message
+ */
+ @Test
+ public void validateApp6Example() throws IOException, DocumentException, YangParserException {
+ URL yangUrl = App6.class.getClassLoader().getResource("App6/yangs");
+ String yangDir = yangUrl.getFile();
+
+ // Parsing module
+ YangSchemaContext schemaContext = YangYinParser.parse(yangDir);
+ ValidatorResult result = schemaContext.validate();
+ assertTrue(result.isOk());
+ assertEquals(schemaContext.getModules().size(), 30);
+
+ InputStream jsonInputStream = App6.class.getClassLoader().getResourceAsStream("App6/json/telemetry-msg.json");
+ ObjectMapper objectMapper = new ObjectMapper();
+ JsonNode jsonElement = objectMapper.readTree(jsonInputStream);
+
+ // Validating
+ ValidatorResultBuilder validatorResultBuilder = new ValidatorResultBuilder();
+ YangDataDocument doc = new YangDataDocumentJsonParser(schemaContext).parse(jsonElement, validatorResultBuilder);
+ doc.update();
+ ValidatorResult validatorResult = validatorResultBuilder.build();
+ assertTrue(validatorResult.isOk());
+ doc.validate();
+ assertTrue(validatorResult.isOk());
+ }
+
+}
diff --git a/yangkit-model-impl/src/main/java/org/yangcentral/yangkit/model/impl/stmt/AugmentImpl.java b/yangkit-model-impl/src/main/java/org/yangcentral/yangkit/model/impl/stmt/AugmentImpl.java
index 9b09cbfd..abdd80fe 100644
--- a/yangkit-model-impl/src/main/java/org/yangcentral/yangkit/model/impl/stmt/AugmentImpl.java
+++ b/yangkit-model-impl/src/main/java/org/yangcentral/yangkit/model/impl/stmt/AugmentImpl.java
@@ -336,9 +336,12 @@ protected ValidatorResult validateSelf() {
if(this.getWhen() != null){
severity = Severity.WARNING;
}
- validatorResultBuilder.addRecord(
- ModelUtil.reportError(mandatoryDescendant,severity, ErrorTag.BAD_ELEMENT,
- ErrorCode.AUGMENT_MANDATORY_NODE.getFieldName()));
+ // If augmentation is in different module than the target
+ if (!mandatoryDescendant.getContext().getCurModule().equals(this.target.getContext().getCurModule())) {
+ validatorResultBuilder.addRecord(
+ ModelUtil.reportError(mandatoryDescendant,severity, ErrorTag.BAD_ELEMENT,
+ ErrorCode.AUGMENT_MANDATORY_NODE.getFieldName()));
+ }
}