WebApps/Observium_CE
1
0
Fork 0
Code Pull Requests Activity
Observium_CE/mibs/aricent/ARICENT-FIPS-MIB

187 lines
6.0 KiB
Plaintext
Raw Permalink Blame History

-- Copyright (C) 2011-2012 Aricent Group . All Rights Reserved
--*************************************************************************
--$Id: fsfips.mib,v 1.6 2012/09/07 09:52:05 siva Exp $
--
--Description : This file contains MIB definitions for FIPS feature.
--
--*************************************************************************/
-- This document explains the proprietary MIB implemented for FIPS
-- PUB 140-2 Features
-- The standard defines the security requirements that must be satisfied by
-- a cryptographic module used in a security system protecting unclassified
-- formation within IT systems. There are four levels of security: from
-- Level 1 (lowest) to Level 4 (highest). These levels are intended to cover
-- the wide range of potential applications and environments in which
-- cryptographic modules may be deployed. The security requirements cover
-- areas related to the secure design and implementation of a cryptographic
-- module. These areas include basic design and documentation, module
-- interfaces, authorised roles and services, physical security, software
-- security, operating system security, key management, cryptographic
-- algorithms, electromagnetic interference/electromagnetic compatibility
-- (EMI/EMC), and self-testing.
--
ARICENT-FIPS-MIB DEFINITIONS ::= BEGIN
-- ************************************************************************
-- IMPORTS
-- ************************************************************************
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE, Integer32, enterprises FROM SNMPv2-SMI
TruthValue FROM SNMPv2-TC;
-- ************************************************************************
-- START OF THE MODULE
-- ************************************************************************
fsFips MODULE-IDENTITY
LAST-UPDATED "201209050000Z"
ORGANIZATION "ARICENT COMMUNICATIONS SOFTWARE"
CONTACT-INFO "support@aricent.com"
DESCRIPTION
"The Proprietary MIB for FIPS module"
REVISION "201209050000Z"
DESCRIPTION
"Initial Creation"
::= { enterprises aricent-communication-holding-ltd(29601) iss(2) 63}
-- ----------------------------------------------------------------- --
-- groups in the MIB
-- ----------------------------------------------------------------- --
fsFipsConfigurations OBJECT IDENTIFIER ::= { fsFips 1 }
-- ---------------------------------------------------------------- --
-- Operational Mode Configuration Group
fsFipsOperMode OBJECT-TYPE
SYNTAX INTEGER { fips(1), nonfips(2) }
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object tells whether the current operational mode is FIPS
mode or NON-FIPS mode"
DEFVAL { nonfips }
::= { fsFipsConfigurations 1 }
fsFipsTestAlgo OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to trigger FIPS Known Answer Test for the
below mentioned algorithms. The bit positions to run specific
algorithm are as shown below :
Bit 0 - SHA-1
Bit 1 - SHA-2
Bit 2 - HMAC-SHA
Bit 3 - AES
Bit 4 - DES
Bit 5 - RAND
Bit 6 - RSA
Bit 7 - DSA"
DEFVAL { 0 }
::= { fsFipsConfigurations 2 }
fsfipsZeroizeCryptoKeys OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Setting this value to true will delete all cryptographic
keys present in ipsecv4, ipsecv6, ike, radius, ssh and ssl modules."
DEFVAL { false }
::= { fsFipsConfigurations 3 }
fsFipsTraceLevel OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to store the trace options that are enabled
by the user. The bit positions to enable specific traces are as
shown below :
Bit 0 - init-shut
Bit 1 - mgmt
Bit 2 - data
Bit 3 - ctrl
Bit 4 - pkt-dump
Bit 5 - resource
Bit 6 - all-fail
Bit 7 - buf
A value of zero(0) indicates traces are disabled and a value with
all bits set to one indicates all traces are enabled.
By default traces are disabled."
DEFVAL { '00000000'H }
::= { fsFipsConfigurations 4 }
fsFipsTestExecutionResult OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object is used to store the results of last run FIPS Known
Answer Test. The bit positions specifies the result of the execution
of the corresponding algorithm. If the bit is set the
corresponding algorithm test is successful. Otherwise test is not
executed or failed.
Bit 0 - SHA-1
Bit 1 - SHA-2
Bit 2 - HMAC-SHA
Bit 3 - AES
Bit 4 - DES
Bit 5 - RAND
Bit 6 - RSA
Bit 7 - DSA"
DEFVAL { 0 }
::= { fsFipsConfigurations 5 }
fsFipsFailedAlgorithm OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object is used to store the failed algorithm in the last run
FIPS Known Answer Test. If the bit is set the corresponding algorithm
test failed in the last execution. The bit positions to the
corresponding algorithm are as shown below :
Bit 0 - SHA-1
Bit 1 - SHA-2
Bit 2 - HMAC-SHA
Bit 3 - AES
Bit 4 - DES
Bit 5 - RAND
Bit 6 - RSA
Bit 7 - DSA"
DEFVAL { 0 }
::= { fsFipsConfigurations 6 }
fsFipsBypassCapability OBJECT-TYPE
SYNTAX INTEGER { bypassCapability(1), noBypassCapability(2) }
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to enable/disable the crypto bypass capability.
The default value for this object is 'no bypass-capability' (2)."
DEFVAL { noBypassCapability }
::= { fsFipsConfigurations 7 }
END
View Git Blame Copy Permalink