cddl 0.6.2 → 0.6.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/bin/cddl +35 -3
- data/cddl.gemspec +1 -1
- data/data/prelude.cddl +1 -1
- data/lib/cbor-pp-play.rb +13 -0
- data/lib/cbor-pp.rb +180 -0
- data/lib/cddl.rb +101 -35
- data/test-data/dcaf.cddl +58 -0
- data/test-data/grasp-v1.cddl +97 -0
- data/test-data/grasp-v2X.cddl +89 -0
- data/test-data/ifmap-base-2.2v9_fh-cabo.cddl +149 -0
- data/test-data/ifmap-metadata-2.2v9_fh-cabo.cddl +239 -0
- data/test/test-cddl.rb +68 -6
- metadata +10 -2
data/test-data/dcaf.cddl
ADDED
@@ -0,0 +1,58 @@
|
|
1
|
+
dcaf-msg = sam-information-msg
|
2
|
+
/ access-request-msg
|
3
|
+
/ ticket-transfer-msg
|
4
|
+
/ ticket-grant-msg
|
5
|
+
|
6
|
+
sam-information-msg = { sam, ? full-timestamp, ? accepted-formats,
|
7
|
+
? piggybacked }
|
8
|
+
|
9
|
+
access-request-msg = { sam, sam-ai, full-timestamp }
|
10
|
+
|
11
|
+
ticket-transfer-msg = { face-or-encrypted, verifier }
|
12
|
+
face-or-encrypted = ( face // encrypted-face )
|
13
|
+
face = ( F => { sam-ai, limited-timestamp, lifetime, psk-gen } )
|
14
|
+
verifier = ( V => shared-secret )
|
15
|
+
shared-secret = bstr
|
16
|
+
F = 8
|
17
|
+
V = 9
|
18
|
+
|
19
|
+
encrypted-face = ( E => bstr, K => tstr )
|
20
|
+
E = 3
|
21
|
+
K = 4
|
22
|
+
|
23
|
+
ticket-grant-msg = { face-or-encrypted, verifier, ? client-info }
|
24
|
+
client-info = ( cam-ai, full-timestamp, lifetime)
|
25
|
+
|
26
|
+
sam = (SAM => abs-uri)
|
27
|
+
SAM = 0
|
28
|
+
abs-uri = tstr ; .regexp "______"
|
29
|
+
|
30
|
+
sam-ai = ( SAI => [* auth-info])
|
31
|
+
SAI = 1
|
32
|
+
auth-info = ( uri : tstr, mask : 0..15 )
|
33
|
+
|
34
|
+
cam-ai = ( CAI => [* auth-info])
|
35
|
+
CAI = 2
|
36
|
+
|
37
|
+
full-timestamp = ( TS => date)
|
38
|
+
TS = 5
|
39
|
+
date = tdate / localdate
|
40
|
+
localdate = uint
|
41
|
+
limited-timestamp = ( TS => localdate)
|
42
|
+
|
43
|
+
accepted-formats = ( A => [+ content-format] )
|
44
|
+
content-format = uint ; valid entry from CoAP content format registry
|
45
|
+
A=10
|
46
|
+
|
47
|
+
piggybacked = ( data, lifetime, nonce )
|
48
|
+
data = ( D => bstr )
|
49
|
+
nonce = ( N => bstr )
|
50
|
+
lifetime = ( L => period)
|
51
|
+
period = uint ; in seconds
|
52
|
+
L = 6
|
53
|
+
D = 11
|
54
|
+
N = 12
|
55
|
+
|
56
|
+
psk-gen = ( G => mac-algorithm)
|
57
|
+
G = 7
|
58
|
+
mac-algorithm = &( hmac-sha256: 0, hmac-sha384: 1, hmac-sha512: 2 )
|
@@ -0,0 +1,97 @@
|
|
1
|
+
grasp-message = message
|
2
|
+
|
3
|
+
session-id = 0..16777215
|
4
|
+
; that is still 24 bits; we could pick any size we want
|
5
|
+
|
6
|
+
message /= discovery-message
|
7
|
+
discovery-message = [M_DISCOVERY, session-id, objective]
|
8
|
+
|
9
|
+
message /= response-message
|
10
|
+
response-message = [M_RESPONSE, session-id, *locator-option / divert-option / objective]
|
11
|
+
|
12
|
+
message /= request-message
|
13
|
+
request-message = [M_REQUEST, session-id, objective]
|
14
|
+
|
15
|
+
message /= negotiation-message
|
16
|
+
negotiation-message = [M_NEGOTIATE, session-id, objective]
|
17
|
+
|
18
|
+
message /= end-message
|
19
|
+
end-message = [M_END, session-id, accept-option / decline option]
|
20
|
+
|
21
|
+
message /= wait-message
|
22
|
+
wait-message = [M_WAIT, session-id, waiting-time-option]
|
23
|
+
|
24
|
+
|
25
|
+
M_DISCOVERY = 1
|
26
|
+
M_RESPONSE = 2
|
27
|
+
M_REQUEST = 3
|
28
|
+
M_NEGOTIATE = 4
|
29
|
+
M_END = 5
|
30
|
+
M_WAIT = 6
|
31
|
+
|
32
|
+
option /= divert-option
|
33
|
+
divert-option = [OPTION_DIVERT, *locator-option]
|
34
|
+
OPTION_DIVERT = 372 ; use section numbers for now
|
35
|
+
|
36
|
+
option /= accept-option
|
37
|
+
accept-option = [OPTION_ACCEPT]
|
38
|
+
OPTION_ACCEPT = 373
|
39
|
+
|
40
|
+
option /= decline-option
|
41
|
+
decline-option = [OPTION_DECLINE]
|
42
|
+
OPTION_DECLINE = 374
|
43
|
+
|
44
|
+
option /= waiting-time-option
|
45
|
+
waiting-time-option = [OPTION_WAITING, option-waiting-time]
|
46
|
+
OPTION_WAITING = 375
|
47
|
+
option-waiting-time = 0..4294967295 ; in milliseconds
|
48
|
+
|
49
|
+
option /= option-device-id
|
50
|
+
option-device-id = [OPTION_DEVICE_ID, bytes]
|
51
|
+
OPTION_DEVICE_ID = 376
|
52
|
+
|
53
|
+
locator-option /= ipv4-locator-option
|
54
|
+
ipv4-locator-option = bytes .size 4
|
55
|
+
; this is simpler than [OPTION_IPv4_LOCATOR, bytes .size 4] -- do we want regularity or simplicity?
|
56
|
+
|
57
|
+
locator-option /= ipv6-locator-option
|
58
|
+
ipv6-locator-option = bytes .size 16
|
59
|
+
|
60
|
+
locator-option /= fqdn-locator-option
|
61
|
+
OPTION_FQDN_LOCATOR = 3773
|
62
|
+
fqdn-locator-option = [OPTION_FQDN_LOCATOR, text]
|
63
|
+
|
64
|
+
locator-option /= url-locator-option
|
65
|
+
OPTION_URL_LOCATOR = 3774
|
66
|
+
url-locator-option = [OPTION_URL_LOCATOR, text]
|
67
|
+
|
68
|
+
objective-flags = uint .bits objective-flag
|
69
|
+
|
70
|
+
objective-flag = &(
|
71
|
+
D: 0
|
72
|
+
N: 1
|
73
|
+
S: 2
|
74
|
+
)
|
75
|
+
|
76
|
+
; D means valid for discovery only
|
77
|
+
; N means valid for discovery and negotiation
|
78
|
+
; S means valid for discovery and synchronization
|
79
|
+
|
80
|
+
option /= objective
|
81
|
+
|
82
|
+
objective /= generic-obj
|
83
|
+
generic-obj = [objective-name, objective-flags, loop-count, any]
|
84
|
+
|
85
|
+
objective /= vendor-obj
|
86
|
+
vendor-obj = [{"PEN":pen}, objective-name, objective-flags, loop-count, any]
|
87
|
+
|
88
|
+
; Objectives have names rather than numbers here. But the names need
|
89
|
+
; to be unique. Registry needed, it seems.
|
90
|
+
|
91
|
+
; A PEN is used to distinguish vendor-specific options. Or we could
|
92
|
+
; decide to use a domain name. Anything unique will do.
|
93
|
+
|
94
|
+
pen = 0..4294967295
|
95
|
+
objective-name = tstr
|
96
|
+
loop-count = 0..255
|
97
|
+
|
@@ -0,0 +1,89 @@
|
|
1
|
+
grasp-message = message
|
2
|
+
|
3
|
+
session-id = 0..16777215
|
4
|
+
; that is up to 24 bits
|
5
|
+
|
6
|
+
message /= discovery-message
|
7
|
+
discovery-message = [M_DISCOVERY, session-id, objective]
|
8
|
+
|
9
|
+
message /= response-message
|
10
|
+
response-message = [M_RESPONSE, session-id, +locator-option / divert-option / objective]
|
11
|
+
; must split to satisfy CDDL tool
|
12
|
+
|
13
|
+
message /= request-message
|
14
|
+
request-message = [M_REQUEST, session-id, objective]
|
15
|
+
|
16
|
+
message /= negotiation-message
|
17
|
+
negotiation-message = [M_NEGOTIATE, session-id, objective]
|
18
|
+
|
19
|
+
message /= end-message
|
20
|
+
end-message = [M_END, session-id, (accept-option / decline-option)]
|
21
|
+
|
22
|
+
message /= wait-message
|
23
|
+
wait-message = [M_WAIT, session-id, waiting-time-option]
|
24
|
+
|
25
|
+
divert-option = [O_DIVERT, +locator-option]
|
26
|
+
|
27
|
+
accept-option = [O_ACCEPT]
|
28
|
+
|
29
|
+
decline-option = [O_DECLINE]
|
30
|
+
|
31
|
+
waiting-time-option = [O_WAITING, option-waiting-time]
|
32
|
+
option-waiting-time = 0..4294967295 ; in milliseconds
|
33
|
+
|
34
|
+
option-device-id = [O_DEVICE_ID, bytes]
|
35
|
+
|
36
|
+
locator-option /= ipv4-locator-option
|
37
|
+
ipv4-locator-option = bytes .size 4
|
38
|
+
; this is simpler than [O_IPv4_LOCATOR, bytes .size 4]
|
39
|
+
|
40
|
+
locator-option /= ipv6-locator-option
|
41
|
+
ipv6-locator-option = bytes .size 16
|
42
|
+
|
43
|
+
locator-option /= fqdn-locator-option
|
44
|
+
fqdn-locator-option = [O_FQDN_LOCATOR, text]
|
45
|
+
|
46
|
+
locator-option /= url-locator-option
|
47
|
+
url-locator-option = [O_URL_LOCATOR, text]
|
48
|
+
|
49
|
+
objective-flags = uint .bits objective-flag
|
50
|
+
|
51
|
+
objective-flag = &(
|
52
|
+
D: 0
|
53
|
+
N: 1
|
54
|
+
S: 2
|
55
|
+
)
|
56
|
+
|
57
|
+
; D means valid for discovery only
|
58
|
+
; N means valid for discovery and negotiation
|
59
|
+
; S means valid for discovery and synchronization
|
60
|
+
|
61
|
+
objective /= generic-obj
|
62
|
+
generic-obj = [objective-name, objective-flags, loop-count, ?any]
|
63
|
+
|
64
|
+
objective /= vendor-obj
|
65
|
+
vendor-obj = [{"PEN":pen}, objective-name, objective-flags,
|
66
|
+
loop-count, ?any]
|
67
|
+
|
68
|
+
; A PEN is used to distinguish vendor-specific options.
|
69
|
+
|
70
|
+
pen = 0..4294967295
|
71
|
+
objective-name = tstr
|
72
|
+
loop-count = 0..255
|
73
|
+
|
74
|
+
; Constants
|
75
|
+
|
76
|
+
M_DISCOVERY = 1
|
77
|
+
M_RESPONSE = 2
|
78
|
+
M_REQUEST = 3
|
79
|
+
M_NEGOTIATE = 4
|
80
|
+
M_END = 5
|
81
|
+
M_WAIT = 6
|
82
|
+
|
83
|
+
O_DIVERT = 100
|
84
|
+
O_ACCEPT = 101
|
85
|
+
O_DECLINE = 102
|
86
|
+
O_WAITING = 103
|
87
|
+
O_DEVICE_ID = 104
|
88
|
+
O_FQDN_LOCATOR = 105
|
89
|
+
O_URL_LOCATOR = 106
|
@@ -0,0 +1,149 @@
|
|
1
|
+
messages = request / response
|
2
|
+
|
3
|
+
request = new-session-request / end-session / renew-session / publish-request / search-request / subscribe-request / poll-request
|
4
|
+
/ purge-publisher-request / $ExtendedRequestTypes
|
5
|
+
|
6
|
+
error-code = "AccessDenied" / "Failure" / "InvalidIdentifier" / "InvalidIdentifierType" /
|
7
|
+
"IdentifierTooLong" / "InvalidMetadata" / "InvalidSchemaVersion" / "InvalidSessionID" /
|
8
|
+
"MetadataTooLong" / "SearchResultsTooBig" / "PollResultsTooBig" / "SystemError" / $ExtendedErrorCodeTypes
|
9
|
+
|
10
|
+
error-result =
|
11
|
+
("ifmap", "error-result",
|
12
|
+
[ ],
|
13
|
+
[ ? "name", ? tstr,
|
14
|
+
"error-code", error-code,
|
15
|
+
"error-string", tstr
|
16
|
+
])
|
17
|
+
|
18
|
+
poll-result = ("", "poll-result", [], [ *(search-result // error-result)])
|
19
|
+
|
20
|
+
response-choice = (error-result // poll-result // search-result // subscribe-received //
|
21
|
+
publish-received // purge-publisher-received // new-session-result //
|
22
|
+
renew-session-result // end-session-result // $ExtendedResponses )
|
23
|
+
|
24
|
+
purge-publisher-received =
|
25
|
+
("", "purge-publisher-received", [], [])
|
26
|
+
|
27
|
+
purge-publisher-request =
|
28
|
+
["ifmap", "purge-publisher",
|
29
|
+
[ "ifmap-publisher-id", tstr,
|
30
|
+
session-attributes
|
31
|
+
],
|
32
|
+
[]]
|
33
|
+
|
34
|
+
; needs to be constructed according to IF-MAP Filter syntax
|
35
|
+
filter-type = tstr
|
36
|
+
|
37
|
+
poll-request =
|
38
|
+
["ifmap", "poll",
|
39
|
+
[ session-attributes,
|
40
|
+
validation-attributes
|
41
|
+
],
|
42
|
+
[]]
|
43
|
+
|
44
|
+
subscribe-received =
|
45
|
+
("", "subscribe-received", [], [])
|
46
|
+
|
47
|
+
subscribe-request =
|
48
|
+
["ifmap", "subscribe",
|
49
|
+
[ session-attributes,
|
50
|
+
validation-attributes
|
51
|
+
],
|
52
|
+
[ 1*(subscribe-update // subscribe-delete)
|
53
|
+
]]
|
54
|
+
|
55
|
+
subscribe-delete =
|
56
|
+
("", "delete",
|
57
|
+
[ "name", tstr,
|
58
|
+
],
|
59
|
+
[])
|
60
|
+
|
61
|
+
subscribe-update =
|
62
|
+
("", "update",
|
63
|
+
[ "match-links", filter-type,
|
64
|
+
"max-depth", uint,
|
65
|
+
"terminal-identifier-type", tstr,
|
66
|
+
"max-size", uint,
|
67
|
+
"result-filter", filter-type,
|
68
|
+
"name", tstr,
|
69
|
+
],
|
70
|
+
[ $$identifier ])
|
71
|
+
search-request =
|
72
|
+
["ifmap", "search",
|
73
|
+
[ session-attributes,
|
74
|
+
validation-attributes,
|
75
|
+
"match-links", filter-type,
|
76
|
+
"max-depth", uint,
|
77
|
+
"terminal-identifier-type", tstr,
|
78
|
+
"max-size", uint,
|
79
|
+
"result-filter", filter-type
|
80
|
+
],
|
81
|
+
[ $$identifier
|
82
|
+
]]
|
83
|
+
|
84
|
+
search-result =
|
85
|
+
("", "search-result",
|
86
|
+
["name", tstr],
|
87
|
+
[ *result-item])
|
88
|
+
|
89
|
+
result-item =
|
90
|
+
("", "result-item",
|
91
|
+
[],
|
92
|
+
[ 1*2 $$identifier,
|
93
|
+
"metadata", metadata-list-type
|
94
|
+
])
|
95
|
+
|
96
|
+
publish-request =
|
97
|
+
["ifmap", "publish",
|
98
|
+
[ session-attributes,
|
99
|
+
? validation-attributes
|
100
|
+
],
|
101
|
+
[+ (update-request // notify-request // delete-request) ]]
|
102
|
+
|
103
|
+
update-request =
|
104
|
+
("", "update", [ ? lifetime-attributes],
|
105
|
+
[ 1*2 $$identifier, metadata-list-type ])
|
106
|
+
notify-request = ("", "notify", [ ? lifetime-attributes], [ 1*2 $$identifier])
|
107
|
+
delete-request = ("", "delete", [ "filter", tstr], [])
|
108
|
+
|
109
|
+
publish-received =
|
110
|
+
("", "publish-received", [], [])
|
111
|
+
|
112
|
+
renew-session = ["ifmap", "renew-session", [ ? session-attributes ], []]
|
113
|
+
renew-session-result = ("", "renew-session-result", [], [])
|
114
|
+
|
115
|
+
end-session = ["ifmap", "end-session", [], []]
|
116
|
+
end-session-result =
|
117
|
+
("", "end-session-result", [], [])
|
118
|
+
|
119
|
+
new-session-request =
|
120
|
+
["ifmap", "new-session",
|
121
|
+
[ ? ("max-poll-result-size", uint)],
|
122
|
+
[]]
|
123
|
+
|
124
|
+
new-session-result =
|
125
|
+
("", "new-session-result",
|
126
|
+
[ session-attributes,
|
127
|
+
"ifmap-publisher-id", tstr,
|
128
|
+
"max-poll-result-size", uint,
|
129
|
+
],
|
130
|
+
[])
|
131
|
+
|
132
|
+
session-attributes = (
|
133
|
+
"session-id", tstr
|
134
|
+
)
|
135
|
+
|
136
|
+
validation-attributes = (
|
137
|
+
"validation", ("None" / "BaseOnly" / "MetadataOnly" / "All")
|
138
|
+
)
|
139
|
+
|
140
|
+
lifetime-attributes = (
|
141
|
+
"lifetime", ("session" / "forever")
|
142
|
+
)
|
143
|
+
|
144
|
+
response =
|
145
|
+
["ifmap", "response",
|
146
|
+
[ ? validation-attributes ],
|
147
|
+
[ response-choice ]]
|
148
|
+
|
149
|
+
metadata-list-type = ["", "metadata", [], [ *$$metadata ]]
|
@@ -0,0 +1,239 @@
|
|
1
|
+
|
2
|
+
|
3
|
+
$$metadata //= (access-request-device // access-request-ip // access-request-mac //
|
4
|
+
authenticated-as // authenticated-by // capability // device-attribute //
|
5
|
+
device-characteristic // device-ip // discovered-by // enforcement-report //
|
6
|
+
event // ip-mac // layer2-information // location // request-for-investigation //
|
7
|
+
role // unexpected-behavior // wlan-information)
|
8
|
+
|
9
|
+
|
10
|
+
client-time = ("opmeta", "client-time",
|
11
|
+
[ single-value-metadata-attributes,
|
12
|
+
"current-time", tdate
|
13
|
+
], [])
|
14
|
+
|
15
|
+
; list every capability explicitly?
|
16
|
+
server-capability = ("opmeta", "server-capability",
|
17
|
+
[ single-value-metadata-attributes,
|
18
|
+
],
|
19
|
+
[
|
20
|
+
["", "capability", [], tstr],
|
21
|
+
]
|
22
|
+
)
|
23
|
+
$$metadata //= (client-time // server-capability)
|
24
|
+
|
25
|
+
adm-dom = (
|
26
|
+
"administrative-domain", tstr,
|
27
|
+
)
|
28
|
+
|
29
|
+
access-request =
|
30
|
+
("ifmap", "access-request",
|
31
|
+
[ ? adm-dom,
|
32
|
+
"name", tstr
|
33
|
+
],
|
34
|
+
[])
|
35
|
+
|
36
|
+
device = ("ifmap", "device", [], [device-type])
|
37
|
+
device-type =( ("ifmap","aik-name", [], tstr) //
|
38
|
+
("ifmap","name", [], tstr))
|
39
|
+
|
40
|
+
identity = ("ifmap", "identity",
|
41
|
+
[ ? adm-dom,
|
42
|
+
"name", tstr,
|
43
|
+
"type", ("aik-name" / "distinguished-name" / "dns-name" / "email-address" /
|
44
|
+
"hip-hit" / "kerberos-principal" / "trusted-platform-module" /
|
45
|
+
"username" / "other"),
|
46
|
+
"other-type-definition", tstr
|
47
|
+
],
|
48
|
+
[])
|
49
|
+
|
50
|
+
ip-address = ("ifmap", "ip-address",
|
51
|
+
[ ? adm-dom,
|
52
|
+
"value", tstr,
|
53
|
+
"type", &("IPv4" / "IPv6")
|
54
|
+
],
|
55
|
+
[])
|
56
|
+
|
57
|
+
mac-address = ("ifmap", "mac-address",
|
58
|
+
[ ? adm-dom,
|
59
|
+
"value", tstr,
|
60
|
+
],
|
61
|
+
[])
|
62
|
+
|
63
|
+
$$identifier //= ( access-request // device // identity // ip-address // mac-address )
|
64
|
+
|
65
|
+
metadata-attributes = (
|
66
|
+
"ifmap-publisher-id", tstr,
|
67
|
+
"ifmap-timestamp", tdate,
|
68
|
+
"ifmap-timestamp-fraction", tstr
|
69
|
+
)
|
70
|
+
|
71
|
+
single-value-metadata-attributes = (
|
72
|
+
? metadata-attributes,
|
73
|
+
"ifmap-cardinality", "singleValue"
|
74
|
+
)
|
75
|
+
|
76
|
+
multi-value-metadata-attributes = (
|
77
|
+
? metadata-attributes,
|
78
|
+
"ifmap-cardinality", "multiValue"
|
79
|
+
)
|
80
|
+
|
81
|
+
access-request-device = ("meta", "access-request-device",
|
82
|
+
[ single-value-metadata-attributes ], [])
|
83
|
+
|
84
|
+
access-request-ip = ("meta", "access-request-ip",
|
85
|
+
[ single-value-metadata-attributes ], [])
|
86
|
+
|
87
|
+
access-request-mac = ("meta", "access-request-mac",
|
88
|
+
[ single-value-metadata-attributes ], [])
|
89
|
+
|
90
|
+
authenticated-as = ("meta", "authenticated-as",
|
91
|
+
[ single-value-metadata-attributes ], [])
|
92
|
+
|
93
|
+
authenticated-by = ("meta", "authenticated-by",
|
94
|
+
[ single-value-metadata-attributes ], [])
|
95
|
+
|
96
|
+
capability = ("meta", "capability",
|
97
|
+
[ multi-value-metadata-attributes ],
|
98
|
+
[ ? adm-dom,
|
99
|
+
"name", tstr
|
100
|
+
])
|
101
|
+
|
102
|
+
device-attribute = ("meta", "device-attribute",
|
103
|
+
[ multi-value-metadata-attributes ],
|
104
|
+
[ "name", tstr
|
105
|
+
])
|
106
|
+
|
107
|
+
administrative-domain = ("ifmap", "administrative-domain", [], tstr)
|
108
|
+
manufacturer = ("", "manufacturer", [], tstr)
|
109
|
+
model = ("", "model", [], tstr)
|
110
|
+
os = ("", "os", [], tstr)
|
111
|
+
os-version = ("", "os-version", [], tstr)
|
112
|
+
type = ("", "type", [],
|
113
|
+
("p2p" / "cve" / "botnet infection" / "worm infection" / "excessive flows" /
|
114
|
+
"behavioral change" / "policy violation" / "other"))
|
115
|
+
discovered-time = ("", "discovered-time", [], tdate)
|
116
|
+
discoverer-id = ("", "discoverer-id", [], tstr)
|
117
|
+
discovery-method = ("", "discovery-method", [], tstr)
|
118
|
+
name = ("", "name", [], tstr)
|
119
|
+
magnitude = ("", "magnitude", [], 0..100)
|
120
|
+
confidence = ("", "confidence", [], 0..100)
|
121
|
+
significance = ("", "significance", [], ("critical" / "important" / "informational"))
|
122
|
+
information = ("", "information", [], tstr)
|
123
|
+
vulnerability-uri = ("", "vulnerability-uri", [], uri)
|
124
|
+
enforcement-action = ("", "enforcement-action", [], tstr)
|
125
|
+
other-type-definition = ("", "other-type-definition", [], tstr)
|
126
|
+
enforcement-reason = ("", "enforcement-reason", [], tstr)
|
127
|
+
start-time = ("", "start-time", [], tdate)
|
128
|
+
end-time = ("", "end-time", [], tdate)
|
129
|
+
dhcp-server = ("", "dhcp-server", [], tstr)
|
130
|
+
vlan = ("", "vlan", [], uint)
|
131
|
+
vlan-name = ("", "vlan-name", [], uint)
|
132
|
+
port = ("", "port", [], uint)
|
133
|
+
location-information = ("", "location-information",
|
134
|
+
( "type", tstr,
|
135
|
+
"value", tstr), [])
|
136
|
+
qualifier = ("", "qualifier", [], tstr)
|
137
|
+
|
138
|
+
device-characteristic = ("meta", "device-characteristic",
|
139
|
+
[ multi-value-metadata-attributes ],
|
140
|
+
[ ? manufacturer,
|
141
|
+
? model,
|
142
|
+
? os,
|
143
|
+
? os-version,
|
144
|
+
* type,
|
145
|
+
discovered-time,
|
146
|
+
discoverer-id,
|
147
|
+
+ discovery-method
|
148
|
+
])
|
149
|
+
|
150
|
+
device-ip = ("meta", "device-ip",
|
151
|
+
[ single-value-metadata-attributes ], [ device, ip-address])
|
152
|
+
|
153
|
+
discovered-by = ("meta", "discovered-by",
|
154
|
+
[ single-value-metadata-attributes ], [])
|
155
|
+
|
156
|
+
enforcement-report = ("meta", "enforcement-report",
|
157
|
+
[ multi-value-metadata-attributes ],
|
158
|
+
[ enforcement-action,
|
159
|
+
other-type-definition,
|
160
|
+
enforcement-reason
|
161
|
+
])
|
162
|
+
|
163
|
+
event = ("meta", "event",
|
164
|
+
[ multi-value-metadata-attributes ],
|
165
|
+
[ name,
|
166
|
+
discovered-time,
|
167
|
+
discoverer-id,
|
168
|
+
magnitude,
|
169
|
+
confidence,
|
170
|
+
significance,
|
171
|
+
? type,
|
172
|
+
? other-type-definition,
|
173
|
+
? information,
|
174
|
+
? vulnerability-uri
|
175
|
+
])
|
176
|
+
|
177
|
+
ip-mac = ("meta", "ip-mac",
|
178
|
+
[ multi-value-metadata-attributes ],
|
179
|
+
[ ? start-time,
|
180
|
+
? end-time,
|
181
|
+
? dhcp-server
|
182
|
+
])
|
183
|
+
|
184
|
+
layer2-information = ("meta", "layer2-information",
|
185
|
+
[ multi-value-metadata-attributes ],
|
186
|
+
[ ? vlan,
|
187
|
+
? vlan-name,
|
188
|
+
? port,
|
189
|
+
? adm-dom
|
190
|
+
])
|
191
|
+
|
192
|
+
location = ("meta", "location",
|
193
|
+
[ multi-value-metadata-attributes ],
|
194
|
+
[ discovered-time,
|
195
|
+
discoverer-id,
|
196
|
+
+ location-information
|
197
|
+
])
|
198
|
+
|
199
|
+
request-for-investigation = ("meta", "request-for-investigation",
|
200
|
+
[ multi-value-metadata-attributes ],
|
201
|
+
[ ? qualifier ])
|
202
|
+
|
203
|
+
role = ("meta", "role",
|
204
|
+
[ multi-value-metadata-attributes ],
|
205
|
+
[ ? administrative-domain,
|
206
|
+
name
|
207
|
+
])
|
208
|
+
|
209
|
+
unexpected-behavior = ("meta", "unexpected-behavior",
|
210
|
+
[ multi-value-metadata-attributes ],
|
211
|
+
[ discovered-time,
|
212
|
+
discoverer-id,
|
213
|
+
? information,
|
214
|
+
magnitude,
|
215
|
+
? confidence,
|
216
|
+
significance,
|
217
|
+
? type
|
218
|
+
])
|
219
|
+
|
220
|
+
wlan-security-type = "open" / "wep" / "tkip" / "ccmp" / "bip" / "other"
|
221
|
+
|
222
|
+
ssid = ("", "ssid", [], tstr)
|
223
|
+
ssid-unicast-security = ("", "ssid-unicast-security",
|
224
|
+
[ ? other-type-definition ],
|
225
|
+
[ wlan-security-type ])
|
226
|
+
ssid-group-security = ("", "ssid-group-security",
|
227
|
+
[ ? other-type-definition ],
|
228
|
+
[ wlan-security-type ])
|
229
|
+
ssid-management-security = ("", "ssid-management-security",
|
230
|
+
[ ? other-type-definition ],
|
231
|
+
[ wlan-security-type ])
|
232
|
+
|
233
|
+
wlan-information = ("meta", "wlan-information",
|
234
|
+
[ single-value-metadata-attributes ],
|
235
|
+
[ ? ssid,
|
236
|
+
+ ssid-unicast-security,
|
237
|
+
ssid-group-security,
|
238
|
+
+ ssid-management-security
|
239
|
+
])
|