-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathietf-tls-client.yang
526 lines (491 loc) · 19.7 KB
/
ietf-tls-client.yang
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
module ietf-tls-client {
yang-version 1.1;
namespace "urn:ietf:params:xml:ns:yang:ietf-tls-client";
prefix tlsc;
import ietf-netconf-acm {
prefix nacm;
reference
"RFC 8341: Network Configuration Access Control Model";
}
import ietf-crypto-types {
prefix ct;
reference
"RFC AAAA: YANG Data Types and Groupings for Cryptography";
}
import ietf-truststore {
prefix ts;
reference
"RFC BBBB: A YANG Data Model for a Truststore";
}
import ietf-keystore {
prefix ks;
reference
"RFC CCCC: A YANG Data Model for a Keystore";
}
import ietf-tls-common {
prefix tlscmn;
reference
"RFC FFFF: YANG Groupings for TLS Clients and TLS Servers";
}
organization
"IETF NETCONF (Network Configuration) Working Group";
contact
"WG List: NETCONF WG list <mailto:netconf@ietf.org>
WG Web: https://datatracker.ietf.org/wg/netconf
Author: Kent Watsen <mailto:kent+ietf@watsen.net>
Author: Jeff Hartley <mailto:intensifysecurity@gmail.com>";
description
"This module defines reusable groupings for TLS clients that
can be used as a basis for specific TLS client instances.
Copyright (c) 2024 IETF Trust and the persons identified
as authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with
or without modification, is permitted pursuant to, and
subject to the license terms contained in, the Revised
BSD License set forth in Section 4.c of the IETF Trust's
Legal Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info).
This version of this YANG module is part of RFC FFFF
(https://www.rfc-editor.org/info/rfcFFFF); see the RFC
itself for full legal notices.
The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL',
'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED',
'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this document
are to be interpreted as described in BCP 14 (RFC 2119)
(RFC 8174) when, and only when, they appear in all
capitals, as shown here.";
revision YYYY-MM-DD {
description
"Initial version";
reference
"RFC FFFF: YANG Groupings for TLS Clients and TLS Servers";
}
// Features
feature tls-client-keepalives {
description
"Per socket TLS keepalive parameters are configurable for
TLS clients on the server implementing this feature.";
}
feature client-ident-x509-cert {
description
"Indicates that the client supports identifying itself
using X.509 certificates.";
reference
"RFC 5280:
Internet X.509 Public Key Infrastructure Certificate
and Certificate Revocation List (CRL) Profile";
}
feature client-ident-raw-public-key {
description
"Indicates that the client supports identifying itself
using raw public keys.";
reference
"RFC 7250:
Using Raw Public Keys in Transport Layer Security (TLS)
and Datagram Transport Layer Security (DTLS)";
}
feature client-ident-tls12-psk {
if-feature "tlscmn:tls12";
description
"Indicates that the client supports identifying itself
using TLS-1.2 PSKs (pre-shared or pairwise-symmetric keys).";
reference
"RFC 4279:
Pre-Shared Key Ciphersuites for Transport Layer Security
(TLS)";
}
feature client-ident-tls13-epsk {
if-feature "tlscmn:tls13";
description
"Indicates that the client supports identifying itself
using TLS-1.3 External PSKs (pre-shared keys).";
reference
"RFC 8446:
The Transport Layer Security (TLS) Protocol Version 1.3";
}
feature server-auth-x509-cert {
description
"Indicates that the client supports authenticating servers
using X.509 certificates.";
reference
"RFC 5280:
Internet X.509 Public Key Infrastructure Certificate
and Certificate Revocation List (CRL) Profile";
}
feature server-auth-raw-public-key {
description
"Indicates that the client supports authenticating servers
using raw public keys.";
reference
"RFC 7250:
Using Raw Public Keys in Transport Layer Security (TLS)
and Datagram Transport Layer Security (DTLS)";
}
feature server-auth-tls12-psk {
description
"Indicates that the client supports authenticating servers
using PSKs (pre-shared or pairwise-symmetric keys).";
reference
"RFC 4279:
Pre-Shared Key Ciphersuites for Transport Layer Security
(TLS)";
}
feature server-auth-tls13-epsk {
description
"Indicates that the client supports authenticating servers
using TLS-1.3 External PSKs (pre-shared keys).";
reference
"RFC 8446:
The Transport Layer Security (TLS) Protocol Version 1.3";
}
// Groupings
grouping tls-client-grouping {
description
"A reusable grouping for configuring a TLS client without
any consideration for how an underlying TCP session is
established.
Note that this grouping uses fairly typical descendant
node names such that a stack of 'uses' statements will
have name conflicts. It is intended that the consuming
data model will resolve the issue (e.g., by wrapping
the 'uses' statement in a container called
'tls-client-parameters'). This model purposely does
not do this itself so as to provide maximum flexibility
to consuming models.";
container client-identity {
nacm:default-deny-write;
presence
"Indicates that a TLS-level client identity has been
configured. This statement is present so the mandatory
descendant do not imply that this node must be configured.";
description
"Identity credentials the TLS client MAY present when
establishing a connection to a TLS server. If not
configured, then client authentication is presumed to
occur in a protocol layer above TLS. When configured,
and requested by the TLS server when establishing a
TLS session, these credentials are passed in the
Certificate message defined in Section 7.4.2 of
RFC 5246 and Section 4.4.2 in RFC 8446.";
reference
"RFC 5246: The Transport Layer Security (TLS)
Protocol Version 1.2
RFC 8446: The Transport Layer Security (TLS)
Protocol Version 1.3
RFC CCCC: A YANG Data Model for a Keystore";
choice auth-type {
mandatory true;
description
"A choice amongst authentication types, of which one must
be enabled (via its associated 'feature') and selected.";
case certificate {
if-feature "client-ident-x509-cert";
container certificate {
description
"Specifies the client identity using a certificate.";
uses
"ks:inline-or-keystore-end-entity-cert-with-key-"
+ "grouping" {
refine "inline-or-keystore/inline/inline-definition" {
must 'not(public-key-format) or derived-from-or-self'
+ '(public-key-format, "ct:subject-public-key-'
+ 'info-format")';
}
refine "inline-or-keystore/central-keystore/"
+ "central-keystore-reference/asymmetric-key" {
must 'not(deref(.)/../ks:public-key-format) or '
+ 'derived-from-or-self(deref(.)/../ks:public-'
+ 'key-format, "ct:subject-public-key-info-'
+ 'format")';
}
}
}
}
case raw-public-key {
if-feature "client-ident-raw-public-key";
container raw-private-key {
description
"Specifies the client identity using a raw
private key.";
uses ks:inline-or-keystore-asymmetric-key-grouping {
refine "inline-or-keystore/inline/inline-definition" {
must 'not(public-key-format) or derived-from-or-self'
+ '(public-key-format, "ct:subject-public-key-'
+ 'info-format")';
}
refine "inline-or-keystore/central-keystore/"
+ "central-keystore-reference" {
must 'not(deref(.)/../ks:public-key-format) or '
+ 'derived-from-or-self(deref(.)/../ks:public-'
+ 'key-format, "ct:subject-public-key-info-'
+ 'format")';
}
}
}
}
case tls12-psk {
if-feature "client-ident-tls12-psk";
container tls12-psk {
description
"Specifies the client identity using a PSK (pre-shared
or pairwise-symmetric key).";
uses ks:inline-or-keystore-symmetric-key-grouping;
leaf id {
type string;
description
"The key 'psk_identity' value used in the TLS
'ClientKeyExchange' message.";
reference
"RFC 4279: Pre-Shared Key Ciphersuites for
Transport Layer Security (TLS)";
}
}
}
case tls13-epsk {
if-feature "client-ident-tls13-epsk";
container tls13-epsk {
description
"An External Pre-Shared Key (EPSK) is established
or provisioned out-of-band, i.e., not from a TLS
connection. An EPSK is a tuple of (Base Key,
External Identity, Hash). External PSKs MUST NOT
be imported for (D)TLS 1.2 or prior versions. When
PSKs are provisioned out of band, the PSK identity
and the KDF hash algorithm to be used with the PSK
MUST also be provisioned.
The structure of this container is designed to
satisfy the requirements of RFC 8446 Section
4.2.11, the recommendations from Section 6 in
RFC 9257, and the EPSK input fields detailed in
Section 5.1 in RFC 9258. The base-key is based
upon ks:inline-or-keystore-symmetric-key-grouping
in order to provide users with flexible and
secure storage options.";
reference
"RFC 8446: The Transport Layer Security (TLS)
Protocol Version 1.3
RFC 9257: Guidance for External Pre-Shared Key
(PSK) Usage in TLS
RFC 9258: Importing External Pre-Shared Keys
(PSKs) for TLS 1.3";
uses ks:inline-or-keystore-symmetric-key-grouping;
leaf external-identity {
type string;
mandatory true;
description
"As per Section 4.2.11 of RFC 8446, and Section 4.1
of RFC 9257, a sequence of bytes used to identify
an EPSK. A label for a pre-shared key established
externally.";
reference
"RFC 8446: The Transport Layer Security (TLS)
Protocol Version 1.3
RFC 9257: Guidance for External Pre-Shared Key
(PSK) Usage in TLS";
}
leaf hash {
type tlscmn:epsk-supported-hash;
default sha-256;
description
"As per Section 4.2.11 of RFC 8446, for externally
established PSKs, the Hash algorithm MUST be set
when the PSK is established or default to SHA-256
if no such algorithm is defined. The server MUST
ensure that it selects a compatible PSK (if any)
and cipher suite. Each PSK MUST only be used with
a single hash function.";
reference
"RFC 8446: The Transport Layer Security (TLS)
Protocol Version 1.3";
}
leaf context {
type string;
description
"Per Section 5.1 of RFC 9258, context MUST include
the context used to determine the EPSK, if
any exists. For example, context may include
information about peer roles or identities
to mitigate Selfie-style reflection attacks.
Since the EPSK is a key derived from an external
protocol or sequence of protocols, context MUST
include a channel binding for the deriving
protocols [RFC5056]. The details of this
binding are protocol specfic and out of scope
for this document.";
reference
"RFC 9258: Importing External Pre-Shared Keys
(PSKs) for TLS 1.3";
}
leaf target-protocol {
type uint16;
description
"As per Section 3 of RFC 9258, the protocol
for which a PSK is imported for use.";
reference
"RFC 9258: Importing External Pre-Shared Keys
(PSKs) for TLS 1.3";
}
leaf target-kdf {
type uint16;
description
"As per Section 3 of RFC 9258, the KDF for
which a PSK is imported for use.";
reference
"RFC 9258: Importing External Pre-Shared Keys
(PSKs) for TLS 1.3";
}
}
}
}
} // container client-identity
container server-authentication {
nacm:default-deny-write;
must 'ca-certs or ee-certs or raw-public-keys or tls12-psks
or tls13-epsks';
description
"Specifies how the TLS client can authenticate TLS servers.
Any combination of credentials is additive and unordered.
Note that no configuration is required for PSK (pre-shared
or pairwise-symmetric key) based authentication as the key
is necessarily the same as configured in the '../client-
identity' node.";
container ca-certs {
if-feature "server-auth-x509-cert";
presence
"Indicates that CA certificates have been configured.
This statement is present so the mandatory descendant
nodes do not imply that this node must be configured.";
description
"A set of certificate authority (CA) certificates used by
the TLS client to authenticate TLS server certificates.
A server certificate is authenticated if it has a valid
chain of trust to a configured CA certificate.";
reference
"RFC BBBB: A YANG Data Model for a Truststore";
uses ts:inline-or-truststore-certs-grouping;
}
container ee-certs {
if-feature "server-auth-x509-cert";
presence
"Indicates that EE certificates have been configured.
This statement is present so the mandatory descendant
nodes do not imply that this node must be configured.";
description
"A set of server certificates (i.e., end entity
certificates) used by the TLS client to authenticate
certificates presented by TLS servers. A server
certificate is authenticated if it is an exact
match to a configured server certificate.";
reference
"RFC BBBB: A YANG Data Model for a Truststore";
uses ts:inline-or-truststore-certs-grouping;
}
container raw-public-keys {
if-feature "server-auth-raw-public-key";
presence
"Indicates that raw public keys have been configured.
This statement is present so the mandatory descendant
nodes do not imply that this node must be configured.";
description
"A set of raw public keys used by the TLS client to
authenticate raw public keys presented by the TLS
server. A raw public key is authenticated if it
is an exact match to a configured raw public key.";
reference
"RFC BBBB: A YANG Data Model for a Truststore";
uses ts:inline-or-truststore-public-keys-grouping {
refine "inline-or-truststore/inline/inline-definition/"
+ "public-key" {
must 'derived-from-or-self(public-key-format,'
+ ' "ct:subject-public-key-info-format")';
}
refine "inline-or-truststore/central-truststore/"
+ "central-truststore-reference" {
must 'not(deref(.)/../ts:public-key/ts:public-key-'
+ 'format[not(derived-from-or-self(., "ct:subject-'
+ 'public-key-info-format"))])';
}
}
}
leaf tls12-psks {
if-feature "server-auth-tls12-psk";
type empty;
description
"Indicates that the TLS client can authenticate TLS servers
using configured PSKs (pre-shared or pairwise-symmetric
keys).
No configuration is required since the PSK value is the
same as PSK value configured in the 'client-identity'
node.";
}
leaf tls13-epsks {
if-feature "server-auth-tls13-epsk";
type empty;
description
"Indicates that the TLS client can authenticate TLS servers
using configured external PSKs (pre-shared keys).
No configuration is required since the PSK value is the
same as PSK value configured in the 'client-identity'
node.";
}
} // container server-authentication
container hello-params {
nacm:default-deny-write;
if-feature "tlscmn:hello-params";
uses tlscmn:hello-params-grouping;
description
"Configurable parameters for the TLS hello message.";
} // container hello-params
container keepalives {
nacm:default-deny-write;
if-feature "tls-client-keepalives";
description
"Configures the keepalive policy for the TLS client.";
leaf peer-allowed-to-send {
type empty;
description
"Indicates that the remote TLS server is allowed to send
HeartbeatRequest messages, as defined by RFC 6520
to this TLS client.";
reference
"RFC 6520: Transport Layer Security (TLS) and Datagram
Transport Layer Security (DTLS) Heartbeat Extension";
}
container test-peer-aliveness {
presence
"Indicates that the TLS client proactively tests the
aliveness of the remote TLS server.";
description
"Configures the keep-alive policy to proactively test
the aliveness of the TLS server. An unresponsive
TLS server is dropped after approximately max-wait
* max-attempts seconds. The TLS client MUST send
HeartbeatRequest messages, as defined by RFC 6520.";
reference
"RFC 6520: Transport Layer Security (TLS) and Datagram
Transport Layer Security (DTLS) Heartbeat Extension";
leaf max-wait {
type uint16 {
range "1..max";
}
units "seconds";
default "30";
description
"Sets the amount of time in seconds after which if
no data has been received from the TLS server, a
TLS-level message will be sent to test the
aliveness of the TLS server.";
}
leaf max-attempts {
type uint8;
default "3";
description
"Sets the maximum number of sequential keep-alive
messages that can fail to obtain a response from
the TLS server before assuming the TLS server is
no longer alive.";
}
}
}
} // grouping tls-client-grouping
}