-- ***************************************************************** -- mpIPsec.mib: Maipu enterprise device IPsec MIB file -- -- version 1.0.0.1, Jan 19, 2006 wang wenyu -- -- Copyright (c) by Maipu Communication Inc. -- All rights reserved. -- -- ***************************************************************** MAIPU-SECURITY-PKI-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, Counter32, IpAddress, Unsigned32 FROM SNMPv2-SMI RowStatus FROM SNMPv2-TC mpSecurity FROM MAIPU-SMI; mpSecurityRouter MODULE-IDENTITY LAST-UPDATED "200601190932Z" -- Thu Jan 19 09:32:35 PDT 2006 ORGANIZATION "Maipu Communication" CONTACT-INFO " Wang wenyu Postal: Maipu Inc Tel: (028)85148048 E-Mail: office@maipu.com " DESCRIPTION "The MIB module describes the PKI protocol for Maipu Security Router. " ::= { mpSecurity 3 } -- ***************************************************************** PKIModule OBJECT IDENTIFIER ::= { mpSecurityRouter 2 } PKIConfigGroup OBJECT IDENTIFIER ::= { PKIModule 1 } PKIMonitorGroup OBJECT IDENTIFIER ::= { PKIModule 2 } -- ***************************************************************** -- ***************************************************************** -- CA Table mpPkiCATable OBJECT-TYPE SYNTAX SEQUENCE OF mpPkiCAEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The table contains all the configuration of ca identity." ::={ PKIConfigGroup 1 } mpPkiCAEntry OBJECT-TYPE SYNTAX mpPkiCAEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains the attributes associated with ca identity. CAÐÅÈÎÓò±í" INDEX { mpPkiCAName } ::= { mpPkiCATable 1 } mpPkiCAEntry ::= SEQUENCE { mpPkiCAName OCTET STRING, mpPkiCAAddress OCTET STRING, mpPkiCARevOpt INTEGER, mpPkiCATimeOpt INTEGER, mpPkiCAProtocal INTEGER, mpPkiCACrlRenew INTEGER, mpPkiCAAutoAuth INTEGER, mpPkiCAMD5FingerPrint OCTET STRING, mpPkiCASHA1FingerPrint OCTET STRING, mpPkiCARowStatus RowStatus } mpPkiCAName OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-write STATUS current DESCRIPTION "This object defines the name of ca identity. CAÐÅÈÎÓòÃû³Æ" ::= { mpPkiCAEntry 1 } mpPkiCAAddress OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-write STATUS current DESCRIPTION "This object defines the IP address of ca identity. CA·þÎñÆ÷µÄIPµØÖ·¡¢¶Ë¿ÚÐÅÏ¢»òURLµØÖ·" ::= { mpPkiCAEntry 2 } mpPkiCARevOpt OBJECT-TYPE SYNTAX INTEGER { TRUE(1), FALSE(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "This object defines whether checking the revoked certification or not¨. ¶¨ÒåÊÇ·ñ×öÖ¤Êé³·ÏûµÄ¼ì²â" ::= { mpPkiCAEntry 3 } mpPkiCATimeOpt OBJECT-TYPE SYNTAX INTEGER { TRUE(1), FALSE(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "This object defines whether checking the certification validity or not. ¶¨ÒåÔÚÖ¤ÊéÈÏ֤ʱ£¬ÊÇ·ñÑϸñ¼ì²éÖ¤ÊéÓÐЧÆÚ" ::= { mpPkiCAEntry 4 } mpPkiCAProtocal OBJECT-TYPE SYNTAX INTEGER { MPCMS(1), CTCA(2), WINDOWS(3) } MAX-ACCESS read-write STATUS current DESCRIPTION "This object defines the type of CA server. CA·þÎñÆ÷µÄÀàÐÍ£º 1-MP CMS£» 2-ÖйúµçÐÅCA£» 3-Windows CA" ::= { mpPkiCAEntry 5 } mpPkiCACrlRenew OBJECT-TYPE SYNTAX INTEGER(0..65535) MAX-ACCESS read-write STATUS current DESCRIPTION "This object defines the interval time to renew CRL. CRL×Ô¶¯¸üеIJßÂÔ " ::= { mpPkiCAEntry 6 } mpPkiCAAutoAuth OBJECT-TYPE SYNTAX INTEGER{ TRUE(1), FALSE(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "This object defines the auto-authentication property. ¸ùÖ¤Êé×Ô¶¯ÉêÇë" ::= { mpPkiCAEntry 7 } mpPkiCAMD5FingerPrint OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-write STATUS current DESCRIPTION "This object defines the finger print of ca certification that calculated by MD5 algorithm. CAÖ¤ÊéÓÃMD5¼ÆËãµÄÖ¸ÎÆ" ::= { mpPkiCAEntry 8 } mpPkiCASHA1FingerPrint OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-write STATUS current DESCRIPTION "This object defines the finger print of ca certification that calculated by SHA1 algorithm. CAÖ¤ÊéÓÃSHA1¼ÆËãµÄÖ¸ÎÆ" ::= { mpPkiCAEntry 9 } mpPkiCARowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The object defines the status of the table entry." ::= { mpPkiCAEntry 10 } -- ***************************************************************** -- ***************************************************************** -- subject name Table mpPkiSubNameTable OBJECT-TYPE SYNTAX SEQUENCE OF mpPkiSubNameEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The table contains all the configuration of ca identity." ::={ PKIConfigGroup 2 } mpPkiSubNameEntry OBJECT-TYPE SYNTAX mpPkiSubNameEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains the attributes associated with ca identity. CAÐÅÈÎÓò±í" INDEX { mpPkiCAName, mpPkiSubName} ::= { mpPkiSubNameTable 1 } mpPkiSubNameEntry ::= SEQUENCE { mpPkiCAName OCTET STRING, mpPkiSubName OCTET STRING, mpPkiKeyLen INTEGER, mpPkiPassword OCTET STRING, mpPkiAutoEnroll INTEGER, mpPkiSubNameRowStatus RowStatus } mpPkiCAName OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-write STATUS current DESCRIPTION "This object defines the name of ca identity. CAÐÅÈÎÓòÃû³Æ" ::= { mpPkiSubNameEntry 1 } mpPkiSubName OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-write STATUS current DESCRIPTION "This object defines the subject name. Ö÷ÌåÃû" ::= { mpPkiSubNameEntry 2 } mpPkiKeyLen OBJECT-TYPE SYNTAX INTEGER{ 512(1), 1024(2), 2048(3) } MAX-ACCESS read-write STATUS current DESCRIPTION "This object defines the key length. Ö¸¶¨Éú³ÉÖ¤ÊéµÄÃÜÔ¿³¤¶È" ::= { mpPkiSubNameEntry 3 } mpPkiPassword OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-write STATUS current DESCRIPTION "This object defines the password of users. Óû§¿ÚÁî" ::= { mpPkiSubNameEntry 4 } mpPkiAutoEnroll OBJECT-TYPE SYNTAX INTEGER{ TRUE(1), FALSE(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "This object defines the auto-enroll property. Ö¸¶¨ÊÇ·ñ×Ô¶¯ÉêÇë" ::= { mpPkiSubNameEntry 5 } mpPkiSubNameRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The object defines the status of the table entry." ::= { mpPkiSubNameEntry 6 } -- ***************************************************************** -- ***************************************************************** GetCertGroup OBJECT IDENTIFIER ::= { PKIConfigGroup 3 } mpPkiActType OBJECT-TYPE SYNTAX INTEGER{ GetCaCert(1), GetMyCert(2), GetCRL(3) } MAX-ACCESS read-write STATUS current DESCRIPTION "This object defines the type of action. ¶¨Ò嶯×÷ÀàÐÍ£º 1-»ñÈ¡CAÖ¤Ê飻 2-»ñÈ¡±¾µØÖ¤Ê飻 3-»ñÈ¡CRL" ::= { GetCertGroup 1 } mpPkiCAName OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-write STATUS current DESCRIPTION "This object defines the name of ca identity. CAÐÅÈÎÓòÃû³Æ" ::= { GetCertGroup 2 } mpCertSubjectName OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-write STATUS current DESCRIPTION "This object defines the subject name of certification. Ö¤ÊéÖ÷ÌåÃû" ::= { GetCertGroup 3 } -- ***************************************************************** -- ***************************************************************** DelCertGroup OBJECT IDENTIFIER ::= { PKIConfigGroup 4 } mpPkiCAName OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-write STATUS current DESCRIPTION "This object defines the name of ca identity. CAÐÅÈÎÓòÃû³Æ" ::= { DelCertGroup 1 } mpPkiCertName OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-write STATUS current DESCRIPTION "This object defines the name of certification. Ö¤ÊéÃû³Æ" ::= { DelCertGroup 2 } mpPkiCertSN OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-write STATUS current DESCRIPTION "This object defines the serial number of certification. Ö¤ÊéSN" ::= { DelCertGroup 3 } mpPkiCertType OBJECT-TYPE SYNTAX INTEGER{ All(1), CRL(2), MyCert(3), RemoteCert(4), RequestingCert(5), RootCert(6) } MAX-ACCESS read-write STATUS current DESCRIPTION "This object defines the certifcation type. Ö¸¶¨ÀàÐÍ£º 1-ËùÓÐÖ¤Ê飻 2-CRL 3-×Ô¼ºµÄÖ¤Ê飻 4-¶Ô¶ËµÄÖ¤Ê飻 5-ÇëÇó״̬µÄÖ¤Ê飻 6-¸ùCAÖ¤Êé" ::= { DelCertGroup 4 } -- ***************************************************************** -- ***************************************************************** TrustCertGroup OBJECT IDENTIFIER ::= { PKIConfigGroup 5 } mpPkiCAName OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-write STATUS current DESCRIPTION "This object defines the name of ca identity. CAÐÅÈÎÓòÃû³Æ" ::= { TrustCertGroup 1 } mpPkiCertName OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-write STATUS current DESCRIPTION "This object defines the name of certification. Ö¤ÊéÃû" ::= { TrustCertGroup 2 } mpPkiCertSN OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-write STATUS current DESCRIPTION "This object defines the serial number of certification. Ö¤ÊéSN" ::= { TrustCertGroup 3 } mpPkiTrustSet OBJECT-TYPE SYNTAX INTEGER{ Trust(1), AutoTrust(2), UnTrust(3) } MAX-ACCESS read-write STATUS current DESCRIPTION "This object defines the trust property. Ö¸¶¨ÐÅÈη½Ê½£º 1-Ç¿ÖÆÐÅÈΣ» 2-×Ô¶¯ÅжÏÊÇ·ñÐÅÈΣ» 3-Ç¿ÖƲ»ÐÅÈÎ" ::= { TrustCertGroup 4 } -- ***************************************************************** -- ***************************************************************** -- Certification Table mpPkiCertTable OBJECT-TYPE SYNTAX SEQUENCE OF mpPkiCertEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The table contains all the information of certification. Ö¤Êé±í" ::={ PKIMonitorGroup 1 } mpPkiCertEntry OBJECT-TYPE SYNTAX mpPkiCertEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains the attributes associated with certification." INDEX { mpPkiCertIndex } ::= { mpPkiCertTable 1 } mpPkiCertEntry ::= SEQUENCE { mpPkiCertIndex UInteger32, mpPkiCertType INTEGER, mpPkiCSUntrustRoot INTEGER, mpPkiCSNotIssued INTEGER, mpPkiCSIsRevoked INTEGER, mpPkiCSSignNotValid INTEGER, mpPkiCSUpCACertNotValid INTEGER, mpPkiCSTimeBefore INTEGER, mpPkiCSTimeAfter INTEGER, mpPkiCSAlgNotSupport INTEGER, mpPkiCSCodeErr INTEGER, mpPkiCSNotValidForce INTEGER, mpPkiCSValidForce INTEGER, mpPkiCertSN OCTET STRING, mpPkiCertSubject OCTET STRING, mpPkiCertBegin OCTET STRING, mpPkiCertExpire OCTET STRING, mpPkiCertIssuer OCTET STRING, mpPkiCertUsage INTEGER, mpPkiCAName OCTET STRING, mpPkiCertStatus INTEGER } mpPkiCertIndex OBJECT-TYPE SYNTAX UInteger32 MAX-ACCESS read-only STATUS current DESCRIPTION "This object defines the index of certification. Ö¤ÊéË÷Òý" ::= { mpPkiCertEntry 1 } mpPkiCertType OBJECT-TYPE SYNTAX INTEGER{ CACert(1), RACert(2), LocalUserCert(3), RemoteUserCert(4), RootCACert(5), PendingCert(6), OtherCert(7) } MAX-ACCESS read-only STATUS current DESCRIPTION "This object defines the type of certification. Ö¤ÊéÀàÐÍ£º 1-CAÖ¤Ê飻 2-RAÖ¤Ê飻 3-±¾µØÓû§Ö¤Ê飻 4-¶Ô¶ËÓû§Ö¤Ê飻 5-¸ùCAÖ¤Ê飻 6-ÁÙʱ֤Êé" ::= { mpPkiCertEntry 2 } mpPkiCSUntrustRoot OBJECT-TYPE SYNTAX INTEGER{ TRUE(1), FALSE(2) } MAX-ACCESS read-only STATUS current DESCRIPTION "This object defines the certification is issued by untrust root CA or not. ÊÇ·ñÊÇδÈÏÖ¤µÄ¸ùCA·¢µÄÖ¤Êé" ::= { mpPkiCertEntry 3 } mpPkiCSNotIssued OBJECT-TYPE SYNTAX INTEGER{ TRUE(1), FALSE(2) } MAX-ACCESS read-only STATUS current DESCRIPTION "This object defines the certification is issued or not. Ö¤ÊéÊÇ·ñÉÐδ°ä·¢" ::= { mpPkiCertEntry 4 } mpPkiCSIsRevoked OBJECT-TYPE SYNTAX INTEGER{ TRUE(1), FALSE(2) } MAX-ACCESS read-only STATUS current DESCRIPTION "This object defines the certification is revoked or not. Ö¤ÊéÒѱ»³·Ïû£¿" ::= { mpPkiCertEntry 5 } mpPkiCSSignNotValid OBJECT-TYPE SYNTAX INTEGER{ TRUE(1), FALSE(2) } MAX-ACCESS read-only STATUS current DESCRIPTION "This object defines the signature of certification is valid or not. Ö¤ÊéÇ©ÃûÎÞЧ£¿" ::= { mpPkiCertEntry 6 } mpPkiCSUpCACertNotValid OBJECT-TYPE SYNTAX INTEGER{ TRUE(1), FALSE(2) } MAX-ACCESS read-only STATUS current DESCRIPTION "This object defines the up CA certification is valid or not. Éϼ¶CAÖ¤ÊéÎÞЧ£¿" ::= { mpPkiCertEntry 7 } mpPkiCSTimeBefore OBJECT-TYPE SYNTAX INTEGER{ TRUE(1), FALSE(2) } MAX-ACCESS read-only STATUS current DESCRIPTION "This object defines the certification is invalid because of the time is not reached. Ö¤Ê黹δµ½ÉúЧʱ¼ä£¿" ::= { mpPkiCertEntry 8 } mpPkiCSTimeAfter OBJECT-TYPE SYNTAX INTEGER{ TRUE(1), FALSE(2) } MAX-ACCESS read-only STATUS current DESCRIPTION "This object defines the certification is time out. Ö¤ÊéÒѹýÉúЧʱ¼ä£¿" ::= { mpPkiCertEntry 9 } mpPkiCSAlgNotSupport OBJECT-TYPE SYNTAX INTEGER{ TRUE(1), FALSE(2) } MAX-ACCESS read-only STATUS current DESCRIPTION "This object defines the certification supports the algorithm. Ö¤ÊéËã·¨²»Ö§³Ö£¿" ::= { mpPkiCertEntry 10 } mpPkiCSCodeErr OBJECT-TYPE SYNTAX INTEGER{ TRUE(1), FALSE(2) } MAX-ACCESS read-only STATUS current DESCRIPTION "This object defines the certification has encode or decode error. Ö¤Êé±à½âÂëÓдíÎó£¿" ::= { mpPkiCertEntry 11 } mpPkiCSNotValidForce OBJECT-TYPE SYNTAX INTEGER{ TRUE(1), FALSE(2) } MAX-ACCESS read-only STATUS current DESCRIPTION "This object defines the certification is forced to be invalid. Ö¤Ê鱻ǿÖÆÎÞЧ£¿" ::= { mpPkiCertEntry 12 } mpPkiCSValidForce OBJECT-TYPE SYNTAX INTEGER{ TRUE(1), FALSE(2) } MAX-ACCESS read-only STATUS current DESCRIPTION "This object defines the certification is forced to be valid. Ö¤Ê鱻ǿÖÆÓÐЧ£¿" ::= { mpPkiCertEntry 13 } mpPkiCertSN OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-only STATUS current DESCRIPTION "This object defines the serial number of certification. Ö¤ÊéSN" ::= { mpPkiCertEntry 14 } mpPkiCertSubject OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-only STATUS current DESCRIPTION "This object defines the distinguished name of certification. Ö¤ÊéDN" ::= { mpPkiCertEntry 15 } mpPkiCertBegin OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-only STATUS current DESCRIPTION "This object defines the start time of certification. Ö¤Ê鿪ʼÉúЧʱ¼ä" ::= { mpPkiCertEntry 16 } mpPkiCertExpire OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-only STATUS current DESCRIPTION "This object defines the expire time of certification. Ö¤Êé¹ýÆÚʱ¼ä" ::= { mpPkiCertEntry 17 } mpPkiCertIssuer OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-only STATUS current DESCRIPTION "This object defines the issuer of certification. Ö¤Êé·¢²¼Õß" ::= { mpPkiCertEntry 18 } mpPkiCertUsage OBJECT-TYPE SYNTAX INTEGER{ GEN(1), SIG(2), ENC(3) } MAX-ACCESS read-only STATUS current DESCRIPTION "This object defines the usage type of certification. Ö¤ÊéÓÃ;£º 1-ÓÃÓÚ²úÉúÃÜÔ¿£» 2-ÓÃÓÚÇ©Ãû£» 3-ÓÃÓÚ¼ÓÃÜ" ::= { mpPkiCertEntry 19 } mpPkiCAName OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-only STATUS current DESCRIPTION "This object defines the name of ca identity. CAÐÅÈÎÓòÃû³Æ" ::= { mpPkiCertEntry 20 } mpPkiCertStatus OBJECT-TYPE SYNTAX INTEGER{ VALID(1), INVALID(2), REQUESTING(3), FORCE_VALID(4), FORCE_INVALID(5) } MAX-ACCESS read-only STATUS current DESCRIPTION "This object defines the name of ca identity. CAÐÅÈÎÓòÃû³Æ" ::= { mpPkiCertEntry 21 } -- ***************************************************************** -- ***************************************************************** -- CRL Table mpPkiCRLTable OBJECT-TYPE SYNTAX SEQUENCE OF mpPkiCRLEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The table contains all the information of certification. CRL±í" ::={ PKIMonitorGroup 2 } mpPkiCRLEntry OBJECT-TYPE SYNTAX mpPkiCRLEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains the attributes associated with CRL." INDEX { mpPkiCRLIndex, mpPkiCAName } ::= { mpPkiCRLTable 1 } mpPkiCRLEntry ::= SEQUENCE { mpPkiCRLIndex UInteger32, mpPkiCertIssuer OCTET STRING, mpPkiThisUpdateTime OCTET STRING, mpPkiNextUpdateTime OCTET STRING, mpPkiRevokedCount INTEGER, mpPkiCAName OCTET STRING } mpPkiCRLIndex OBJECT-TYPE SYNTAX UInteger32 MAX-ACCESS read-only STATUS current DESCRIPTION "This object defines the index of certification. CRLË÷Òý" ::= { mpPkiCRLEntry 1 } mpPkiCertIssuer OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-only STATUS current DESCRIPTION "This object defines the issuer of certification. Ö¤Êé·¢²¼Õß" ::= { mpPkiCRLEntry 2 } mpPkiThisUpdateTime OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-only STATUS current DESCRIPTION "This object defines the update time. CRL±¾´Î¸üÐÂʱ¼ä" ::= { mpPkiCRLEntry 3 } mpPkiNextUpdateTime OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-only STATUS current DESCRIPTION "This object defines the next update time. CRLÏ´θüÐÂʱ¼ä" ::= { mpPkiCRLEntry 4 } mpPkiRevokedCount OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-only STATUS current DESCRIPTION "This object defines the issuer of certification. CRLÖб»³·ÏûµÄÖ¤Êé¸öÊý" ::= { mpPkiCRLEntry 5 } mpPkiCAName OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-only STATUS current DESCRIPTION "This object defines the name of ca identity. CAÐÅÈÎÓòÃû" ::= { mpPkiCRLEntry 6 } -- ***************************************************************** END