/*
Copyright (c) 2016 Inocybe Technology All rights reserved.

This program and the accompanying materials are made available under the
terms of the Eclipse Public License v1.0 which accompanies this distribution,
and is available at http://www.eclipse.org/legal/epl-v10.html INTERNAL
*/
module aaa-cert-mdsal {
    yang-version 1;
    namespace "urn:opendaylight:yang:aaa:cert:mdsal";
    prefix "aaa-cert-mdsal";

    organization "The OpenDaylight Project";

    contact "melserngawy@inocybe.com";

    description "Yang model definition for aaa certificate using MDSAL";

    revision 2016-03-21 {
        description "Initial revision";
    }

    grouping node-certificate {
        leaf alias {
            description "network node certificate alias";
            type string;
        }
        leaf x500-certificate {
            description "network node certificate";
            type string;
        }
    }

    grouping keystore {
        leaf name {
            description "keystore name";
            type string;
        }
        leaf alias {
            description "key alias";
            type string;
        }
        leaf store-password {
            description "keystore password";
            type string;
        }
        leaf dname {
            description "X.500 Distinguished Names should be in the following formate
                CN=commonName
                OU=organizationUnit
                O=organizationName
                L=localityName
                S=stateName
                C=country";
            type string;
        }
        leaf validity {
            description "validity";
            type int32;
        }
        leaf key-alg {
            description "supported key geneartion algorithmes are DSA and RSA";
            type string;
        }
        leaf sign-alg {
            description "supported sign algorithmes for DSA the default sign Alg is SHA1withDSA and for RSA the
                default sign Alg is MD5withRSA";
            type string;
        }
        leaf keysize {
            description "key size is 1024 or 2048";
            type int32;
        }
        leaf keystoreFile {
            description "keystore file as Binary";
            type binary;
        }
    }

    grouping cipher-suite {
        list cipher-suites {
             leaf suiteName {
                 type string;
             }
        }
    }

    grouping ssl-data {
        leaf bundle-name {
            description "bundle name";
            type string;
            mandatory true;
        }
        leaf tls-protocols {
            description "the TLS supported protocols (SSLv2Hello,TLSv1.1,TLSv1.2) the selected protocol should be seperated by ',' char";
            type string;
        }
        container odl-keystore {
            uses keystore;
        }
        container trust-keystore {
            uses keystore;
        }
        uses cipher-suite;
    }

    container key-stores {
        leaf id {
            type string;
            mandatory true;
        }
        list ssl-data {
            key bundle-name;
            uses ssl-data;
        }
    }
}