diff options
Diffstat (limited to 'vnfs/TestVNF/netconftemplates/netconftemplates/iana-crypt-hash@2014-08-06.yin')
| -rw-r--r-- | vnfs/TestVNF/netconftemplates/netconftemplates/iana-crypt-hash@2014-08-06.yin | 132 |
1 files changed, 132 insertions, 0 deletions
diff --git a/vnfs/TestVNF/netconftemplates/netconftemplates/iana-crypt-hash@2014-08-06.yin b/vnfs/TestVNF/netconftemplates/netconftemplates/iana-crypt-hash@2014-08-06.yin new file mode 100644 index 00000000..d37aac18 --- /dev/null +++ b/vnfs/TestVNF/netconftemplates/netconftemplates/iana-crypt-hash@2014-08-06.yin @@ -0,0 +1,132 @@ +<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="m-1"> + <data xmlns="urn:ietf:params:xml:ns:yang:ietf-netconf-monitoring"><?xml version="1.0" encoding="UTF-8"?> +<module name="iana-crypt-hash" + xmlns="urn:ietf:params:xml:ns:yang:yin:1" + xmlns:ianach="urn:ietf:params:xml:ns:yang:iana-crypt-hash"> + <namespace uri="urn:ietf:params:xml:ns:yang:iana-crypt-hash"/> + <prefix value="ianach"/> + <organization> + <text>IANA</text> + </organization> + <contact> + <text> Internet Assigned Numbers Authority + +Postal: ICANN + 12025 Waterfront Drive, Suite 300 + Los Angeles, CA 90094-2536 + United States + +Tel: +1 310 301 5800 +E-Mail: iana@iana.org&gt;</text> + </contact> + <description> + <text>This YANG module defines a type for storing passwords +using a hash function and features to indicate which hash +functions are supported by an implementation. + +The latest revision of this YANG module can be obtained from +the IANA web site. + +Requests for new values should be made to IANA via +email (iana@iana.org). + +Copyright (c) 2014 IETF Trust and the persons identified as +authors of the code. All rights reserved. + +Redistribution and use in source and binary forms, with or +without modification, is permitted pursuant to, and subject +to the license terms contained in, the Simplified BSD License +set forth in Section 4.c of the IETF Trust's Legal Provisions +Relating to IETF Documents +(http://trustee.ietf.org/license-info). + +The initial version of this YANG module is part of RFC 7317; +see the RFC itself for full legal notices.</text> + </description> + <revision date="2014-08-06"> + <description> + <text>Initial revision.</text> + </description> + <reference> + <text>RFC 7317: A YANG Data Model for System Management</text> + </reference> + </revision> + <feature name="crypt-hash-md5"> + <description> + <text>Indicates that the device supports the MD5 +hash function in 'crypt-hash' values.</text> + </description> + <reference> + <text>RFC 1321: The MD5 Message-Digest Algorithm</text> + </reference> + </feature> + <feature name="crypt-hash-sha-256"> + <description> + <text>Indicates that the device supports the SHA-256 +hash function in 'crypt-hash' values.</text> + </description> + <reference> + <text>FIPS.180-4.2012: Secure Hash Standard (SHS)</text> + </reference> + </feature> + <feature name="crypt-hash-sha-512"> + <description> + <text>Indicates that the device supports the SHA-512 +hash function in 'crypt-hash' values.</text> + </description> + <reference> + <text>FIPS.180-4.2012: Secure Hash Standard (SHS)</text> + </reference> + </feature> + <typedef name="crypt-hash"> + <type name="string"> + <pattern value="$0$.*|$1$[a-zA-Z0-9./]{1,8}$[a-zA-Z0-9./]{22}|$5$(rounds=\d+$)?[a-zA-Z0-9./]{1,16}$[a-zA-Z0-9./]{43}|$6$(rounds=\d+$)?[a-zA-Z0-9./]{1,16}$[a-zA-Z0-9./]{86}"/> + </type> + <description> + <text>The crypt-hash type is used to store passwords using +a hash function. The algorithms for applying the hash +function and encoding the result are implemented in +various UNIX systems as the function crypt(3). + +A value of this type matches one of the forms: + + $0$&lt;clear text password&gt; + $&lt;id&gt;$&lt;salt&gt;$&lt;password hash&gt; + $&lt;id&gt;$&lt;parameter&gt;$&lt;salt&gt;$&lt;password hash&gt; + +The '$0$' prefix signals that the value is clear text. When +such a value is received by the server, a hash value is +calculated, and the string '$&lt;id&gt;$&lt;salt&gt;$' or +$&lt;id&gt;$&lt;parameter&gt;$&lt;salt&gt;$ is prepended to the result. This +value is stored in the configuration data store. +If a value starting with '$&lt;id&gt;$', where &lt;id&gt; is not '0', is +received, the server knows that the value already represents a +hashed value and stores it 'as is' in the data store. + +When a server needs to verify a password given by a user, it +finds the stored password hash string for that user, extracts +the salt, and calculates the hash with the salt and given +password as input. If the calculated hash value is the same +as the stored value, the password given by the client is +accepted. + +This type defines the following hash functions: + + id | hash function | feature + ---+---------------+------------------- + 1 | MD5 | crypt-hash-md5 + 5 | SHA-256 | crypt-hash-sha-256 + 6 | SHA-512 | crypt-hash-sha-512 + +The server indicates support for the different hash functions +by advertising the corresponding feature.</text> + </description> + <reference> + <text>IEEE Std 1003.1-2008 - crypt() function +RFC 1321: The MD5 Message-Digest Algorithm +FIPS.180-4.2012: Secure Hash Standard (SHS)</text> + </reference> + </typedef> +</module> +</data> +</rpc-reply> |