/*
Copyright (c) 2015 Inocybe Technology All rights reserved.

This program and the accompanying materials are made available under the
terms of the Eclipse Public License v1.0 which accompanies this distribution,
and is available at http://www.eclipse.org/legal/epl-v10.html INTERNAL
*/

module aaa-cert {
    yang-version 1;
    namespace "urn:opendaylight:yang:aaa:cert";
    prefix aaa-cert;

    description
        "Service definition for aaa certificate";

    contact
        "melserngawy@inocybe.com";

    revision "2015-11-26" {
        description
            "Initial revision.";
    }

    container aaa-cert-service-config {
        leaf use-config {
            description "Use the configuration data to create the keystores";
            type boolean;
            default false;
        }
        leaf use-mdsal {
            description "Use Mdsal as Data store for the keystore and certificates";
            type boolean;
            default false;
        }
        leaf bundle-name {
            description "bundle name of the default TLS config in MdsaL";
            type string;
        }
        container ctlKeystore {
            leaf name {
                description "keystore name default is ctl";
                type string;
            }
            leaf alias {
                description "key alias";
                type string;
            }
            leaf store-password {
                description "keystore password";
                type string;
            }
            leaf dname {
                description "X.500 Distinguished Names should be in the following formate
                    CN=commonName
                    OU=organizationUnit
                    O=organizationName
                    L=localityName
                    S=stateName
                    C=country";
                type string;
            }
            leaf validity {
                description "validity";
                type int32;
            }
            leaf key-alg {
                description "The supported key generation algorithms i.e: DSA or RSA";
                type string;
            }
            leaf sign-alg {
                description "The supported sign algorithmes i.e: SHA1withDSA or SHA1withRSA";
                type string;
            }
            leaf keysize {
                description "the key size i.e: 1024";
                type int32;
            }
            leaf tls-protocols {
                description "the TLS supported protocols SSLv2Hello,TLSv1.1,TLSv1.2";
                type string;
            }
            list cipher-suites {
                 leaf suite-name {
                     type string;
                 }
            }
        }
        container trustKeystore {
            leaf name {
                description "keystore name default is truststore";
                type string;
            }
            leaf store-password {
                description "keystore password";
                type string;
            }
        }
    }
}