--- /dev/null
+<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="m-1">
+ <data xmlns="urn:ietf:params:xml:ns:yang:ietf-netconf-monitoring"><?xml version="1.0" encoding="UTF-8"?>
+<module name="iana-crypt-hash"
+ xmlns="urn:ietf:params:xml:ns:yang:yin:1"
+ xmlns:ianach="urn:ietf:params:xml:ns:yang:iana-crypt-hash">
+ <namespace uri="urn:ietf:params:xml:ns:yang:iana-crypt-hash"/>
+ <prefix value="ianach"/>
+ <organization>
+ <text>IANA</text>
+ </organization>
+ <contact>
+ <text> Internet Assigned Numbers Authority
+
+Postal: ICANN
+ 12025 Waterfront Drive, Suite 300
+ Los Angeles, CA 90094-2536
+ United States
+
+Tel: +1 310 301 5800
+E-Mail: iana@iana.org&gt;</text>
+ </contact>
+ <description>
+ <text>This YANG module defines a type for storing passwords
+using a hash function and features to indicate which hash
+functions are supported by an implementation.
+
+The latest revision of this YANG module can be obtained from
+the IANA web site.
+
+Requests for new values should be made to IANA via
+email (iana@iana.org).
+
+Copyright (c) 2014 IETF Trust and the persons identified as
+authors of the code. All rights reserved.
+
+Redistribution and use in source and binary forms, with or
+without modification, is permitted pursuant to, and subject
+to the license terms contained in, the Simplified BSD License
+set forth in Section 4.c of the IETF Trust's Legal Provisions
+Relating to IETF Documents
+(http://trustee.ietf.org/license-info).
+
+The initial version of this YANG module is part of RFC 7317;
+see the RFC itself for full legal notices.</text>
+ </description>
+ <revision date="2014-08-06">
+ <description>
+ <text>Initial revision.</text>
+ </description>
+ <reference>
+ <text>RFC 7317: A YANG Data Model for System Management</text>
+ </reference>
+ </revision>
+ <feature name="crypt-hash-md5">
+ <description>
+ <text>Indicates that the device supports the MD5
+hash function in 'crypt-hash' values.</text>
+ </description>
+ <reference>
+ <text>RFC 1321: The MD5 Message-Digest Algorithm</text>
+ </reference>
+ </feature>
+ <feature name="crypt-hash-sha-256">
+ <description>
+ <text>Indicates that the device supports the SHA-256
+hash function in 'crypt-hash' values.</text>
+ </description>
+ <reference>
+ <text>FIPS.180-4.2012: Secure Hash Standard (SHS)</text>
+ </reference>
+ </feature>
+ <feature name="crypt-hash-sha-512">
+ <description>
+ <text>Indicates that the device supports the SHA-512
+hash function in 'crypt-hash' values.</text>
+ </description>
+ <reference>
+ <text>FIPS.180-4.2012: Secure Hash Standard (SHS)</text>
+ </reference>
+ </feature>
+ <typedef name="crypt-hash">
+ <type name="string">
+ <pattern value="$0$.*|$1$[a-zA-Z0-9./]{1,8}$[a-zA-Z0-9./]{22}|$5$(rounds=\d+$)?[a-zA-Z0-9./]{1,16}$[a-zA-Z0-9./]{43}|$6$(rounds=\d+$)?[a-zA-Z0-9./]{1,16}$[a-zA-Z0-9./]{86}"/>
+ </type>
+ <description>
+ <text>The crypt-hash type is used to store passwords using
+a hash function. The algorithms for applying the hash
+function and encoding the result are implemented in
+various UNIX systems as the function crypt(3).
+
+A value of this type matches one of the forms:
+
+ $0$&lt;clear text password&gt;
+ $&lt;id&gt;$&lt;salt&gt;$&lt;password hash&gt;
+ $&lt;id&gt;$&lt;parameter&gt;$&lt;salt&gt;$&lt;password hash&gt;
+
+The '$0$' prefix signals that the value is clear text. When
+such a value is received by the server, a hash value is
+calculated, and the string '$&lt;id&gt;$&lt;salt&gt;$' or
+$&lt;id&gt;$&lt;parameter&gt;$&lt;salt&gt;$ is prepended to the result. This
+value is stored in the configuration data store.
+If a value starting with '$&lt;id&gt;$', where &lt;id&gt; is not '0', is
+received, the server knows that the value already represents a
+hashed value and stores it 'as is' in the data store.
+
+When a server needs to verify a password given by a user, it
+finds the stored password hash string for that user, extracts
+the salt, and calculates the hash with the salt and given
+password as input. If the calculated hash value is the same
+as the stored value, the password given by the client is
+accepted.
+
+This type defines the following hash functions:
+
+ id | hash function | feature
+ ---+---------------+-------------------
+ 1 | MD5 | crypt-hash-md5
+ 5 | SHA-256 | crypt-hash-sha-256
+ 6 | SHA-512 | crypt-hash-sha-512
+
+The server indicates support for the different hash functions
+by advertising the corresponding feature.</text>
+ </description>
+ <reference>
+ <text>IEEE Std 1003.1-2008 - crypt() function
+RFC 1321: The MD5 Message-Digest Algorithm
+FIPS.180-4.2012: Secure Hash Standard (SHS)</text>
+ </reference>
+ </typedef>
+</module>
+</data>
+</rpc-reply>
Code Review / demo.git / blobdiff