diff options
| author | David Leutgeb <david.leutgeb@mannundmouse.com> | 2023-12-05 12:25:34 +0100 |
|---|---|---|
| committer | David Leutgeb <david.leutgeb@mannundmouse.com> | 2023-12-05 12:25:34 +0100 |
| commit | 98a672123c7872f6b9b75a9a2b6bb3aea504de6a (patch) | |
| tree | 9b13bd7f563c3198047bd359195327cf28b3caf0 /MIBS/radlan/RADLAN-SSL | |
| download | mibs-main.tar.gz mibs-main.zip | |
Diffstat (limited to 'MIBS/radlan/RADLAN-SSL')
| -rw-r--r-- | MIBS/radlan/RADLAN-SSL | 380 |
1 files changed, 380 insertions, 0 deletions
diff --git a/MIBS/radlan/RADLAN-SSL b/MIBS/radlan/RADLAN-SSL new file mode 100644 index 0000000..363f326 --- /dev/null +++ b/MIBS/radlan/RADLAN-SSL @@ -0,0 +1,380 @@ +RADLAN-SSL DEFINITIONS ::= BEGIN + +-- Title: RADLAN Ssl Private Extension +-- Version: 7.35 +-- Date: 20 Jan 2004 + +IMPORTS + rnd FROM RADLAN-MIB + DisplayString FROM SNMPv2-TC-v1 + TruthValue, RowStatus FROM RADLAN-SNMPv2 + Unsigned32, IpAddress, + MODULE-IDENTITY, OBJECT-TYPE FROM SNMPv2-SMI + TEXTUAL-CONVENTION FROM SNMPv2-TC; + +rlSsl MODULE-IDENTITY + LAST-UPDATED "200309210000Z" + ORGANIZATION "Radlan Computer Communications Ltd." + CONTACT-INFO + "radlan.com" + DESCRIPTION + "The private MIB module definition for SSL." + REVISION "200309210000Z" + DESCRIPTION + "Added this MODULE-IDENTITY clause." + ::= { rnd 100 } + +rlSslCertificateGenerationTable OBJECT-TYPE + SYNTAX SEQUENCE OF RlSslCertificateGenerationEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "This table is used for : + 1. generating keys and self signed certificate - saved in flash and RAM + (not in configuration file) + 2. generating certificate requests - saved in RAM, can be read by + rlSslCertificateExportTable + 3. generating self signed certificate - saved in flash and RAM (not in + configuraion file) + By setting rlSslCertificateGenerationAction to the appropriate + value this action takes place. The other fields of this table are used for + each of this actions" + ::= { rlSsl 1 } + +rlSslCertificateGenerationEntry OBJECT-TYPE + SYNTAX RlSslCertificateGenerationEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + " The row definition for this table." + INDEX { rlSslCertificateGenerationIndex } + ::= { rlSslCertificateGenerationTable 1 } + +RlSslCertificateGenerationEntry ::= SEQUENCE { + rlSslCertificateGenerationIndex INTEGER, + rlSslCertificateGenerationId INTEGER, + rlSslCertificateGenerationCountryName DisplayString, + rlSslCertificateGenerationStateOrProvinceName DisplayString, + rlSslCertificateGenerationLocalityName DisplayString, + rlSslCertificateGenerationOrganizationName DisplayString, + rlSslCertificateGenerationOrganizationUnitName DisplayString, + rlSslCertificateGenerationCommonName DisplayString, + rlSslCertificateGenerationValidDays INTEGER, + rlSslCertificateGenerationRsaKeyLength INTEGER, + rlSslCertificateGenerationPassphrase DisplayString, + rlSslCertificateGenerationAction INTEGER +} + +rlSslCertificateGenerationIndex OBJECT-TYPE + SYNTAX INTEGER + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "This index is always set to 1 no matter for which certificate or + certificate request the action refers to." + ::= { rlSslCertificateGenerationEntry 1 } + +rlSslCertificateGenerationId OBJECT-TYPE + SYNTAX INTEGER + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "The device can hold a number of keys/certificates/certificate requests. + These certificates are always numbered from 1 to N (maximum number of + certificates in device). This field decides to which + keys/certificates/certificate requests the action refers." + ::= { rlSslCertificateGenerationEntry 2 } + + +rlSslCertificateGenerationCountryName OBJECT-TYPE + SYNTAX DisplayString (SIZE(2)) + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "Value of country name field that will appear when a new certificate + request or self signed certificate is generated." + ::= { rlSslCertificateGenerationEntry 3 } + +rlSslCertificateGenerationStateOrProvinceName OBJECT-TYPE + SYNTAX DisplayString (SIZE(1..64)) + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "Value of state or province name field that will appear when a new + certificate or self signed certificate is generated." + ::= { rlSslCertificateGenerationEntry 4 } + + +rlSslCertificateGenerationLocalityName OBJECT-TYPE + SYNTAX DisplayString (SIZE(1..64)) + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "Value of locality field that will appear when a new certificate or + self signed certificate is generated." + ::= { rlSslCertificateGenerationEntry 5 } + + +rlSslCertificateGenerationOrganizationName OBJECT-TYPE + SYNTAX DisplayString (SIZE(1..64)) + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "Value of organization field that will appear when a new certificate or + self signed certificate is generated." + ::= { rlSslCertificateGenerationEntry 6 } + +rlSslCertificateGenerationOrganizationUnitName OBJECT-TYPE + SYNTAX DisplayString (SIZE(1..64)) + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "Value of organization field that will appear when a new certificate or + self signed certificate is generated." + ::= { rlSslCertificateGenerationEntry 7 } + +rlSslCertificateGenerationCommonName OBJECT-TYPE + SYNTAX DisplayString (SIZE(1..64)) + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "Value of common name field that will appear when a new certificate or + self signed certificate is generated." + ::= { rlSslCertificateGenerationEntry 8 } + +rlSslCertificateGenerationValidDays OBJECT-TYPE + SYNTAX INTEGER + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "When generating self signed certificate this field sets the valid fields. + 'Valid from' is current GMT and 'valid to' current GMT + the value of + this field." + ::= { rlSslCertificateGenerationEntry 9 } + +rlSslCertificateGenerationRsaKeyLength OBJECT-TYPE + SYNTAX INTEGER (512..2048) + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "Setting the RSA key size that will be created when a new key is generated - + generateRsaKeyAndSelfSignedCertificate" + ::= { rlSslCertificateGenerationEntry 10 } + +rlSslCertificateGenerationPassphrase OBJECT-TYPE + SYNTAX DisplayString + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "When a RSA key is generated (generateRsaKeyAndSelfSignedCertificate) + this passphrase is saved in flash and when the time comes and the + certificate and the key are exported in PKCS12 format this passphrase + is used to encrypt it. If the passphrase is empty the key and + certificate can not be exported. There is no method of obtaining this + passphrase once a key was generated." + ::= { rlSslCertificateGenerationEntry 11 } + + +rlSslCertificateGenerationAction OBJECT-TYPE + SYNTAX INTEGER { + generateRsaKeyAndSelfSignedCertificate(1), + generateSelfSignedCertificate(2), + generatePkcs12(3), + generateCertificateRequest(4) + } + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "Setting to a regenerateCertificate causes a new certificate to be + generated and to be used for all new sessions." + ::= { rlSslCertificateGenerationEntry 12 } + + + + +rlSslCertificateExportTable OBJECT-TYPE + SYNTAX SEQUENCE OF RlSslCertificateExportEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "This table is used for viewing saved data from RAM and flash." + ::= { rlSsl 2 } + +rlSslCertificateExportEntry OBJECT-TYPE + SYNTAX RlSslCertificateExportEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + " The row definition for this table." + INDEX { rlSslCertificateExportId, + rlSslCertificateExportType, + rlSslCertificateExportFragmentId } + ::= { rlSslCertificateExportTable 1 } + +RlSslCertificateExportEntry ::= SEQUENCE { + rlSslCertificateExportId INTEGER, + rlSslCertificateExportType INTEGER, + rlSslCertificateExportFragmentId INTEGER, + rlSslCertificateExportFragmentText OCTET STRING +} + +rlSslCertificateExportId OBJECT-TYPE + SYNTAX INTEGER + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Identifies the index of this certficate / certificate request the table holds." + ::= { rlSslCertificateExportEntry 1 } + +rlSslCertificateExportType OBJECT-TYPE + SYNTAX INTEGER { + certificateRequestPemFormat (1), + certificatePemFormat(2), + certificateOpenSslFormat(3), + certificateAndKeyPkcs12(4) + } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Identifies the type of data the current entry shows." + ::= { rlSslCertificateExportEntry 2 } + +rlSslCertificateExportFragmentId OBJECT-TYPE + SYNTAX INTEGER + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Identifies the index of this fragment in the certificate request." + ::= { rlSslCertificateExportEntry 3 } + +rlSslCertificateExportFragmentText OBJECT-TYPE + SYNTAX OCTET STRING + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A part of the readable text entry for the certificate request." + ::= { rlSslCertificateExportEntry 4 } + + + +rlSslCertificateSave OBJECT-TYPE + SYNTAX INTEGER + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "Saves data from rlSslCertificateImportTable to RAM and flash. When + an external certificate should be copied to the device first we copy + it to rlSslCertificateImportTable and then this scalar is set to the + certificate id that we want to save - + 1. All entries in rlSslCertificateImportTable that have this id and + their format is equal to the current value of rlSslCertificateSaveFormat + are concatenated. + 2. If the imported certificate format is .. - section 1 result + is validated against the key with the same index. If validation fails + for any reason - the certificate is not saved and the setting this + scalar fails. + 3. If the imported certificate format is PKCS12 - section1 result is + decrypted using rlSslImportedPKCS12CertificatePassphrase current value. + If decryption fails for any reason the PKCS12 certificate and key are + not saved to FLASH and setting this scalar fails." + ::= { rlSsl 3 } + +rlSslCertificateSaveFormat OBJECT-TYPE + SYNTAX INTEGER{ + x509 (1), + pkcs12(2) + } + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "." + ::= { rlSsl 4 } + +rlSslImportedPKCS12CertificatePassphrase OBJECT-TYPE + SYNTAX DisplayString (SIZE(8..96)) + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "." + ::= { rlSsl 5 } + + +rlSslCertificateImportTable OBJECT-TYPE + SYNTAX SEQUENCE OF RlSslCertificateImportEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "This table is used for copying an external certificate to the device - + see rlSslCertificateSave" + ::= { rlSsl 6 } + +rlSslCertificateImportEntry OBJECT-TYPE + SYNTAX RlSslCertificateImportEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + " The row definition for this table." + INDEX { rlSslCertificateImportId, + rlSslCertificateImportFormat, + rlSslCertificateImportFragmentId} + ::= { rlSslCertificateImportTable 1 } + +RlSslCertificateImportEntry ::= SEQUENCE { + rlSslCertificateImportId INTEGER, + rlSslCertificateImportFormat INTEGER, + rlSslCertificateImportFragmentId INTEGER, + rlSslCertificateImportFragmentText OCTET STRING, + rlSslCertificateImportFragmentStatus RowStatus +} + +rlSslCertificateImportId OBJECT-TYPE + SYNTAX INTEGER + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "The certificate ID." + ::= { rlSslCertificateImportEntry 1 } + +rlSslCertificateImportFormat OBJECT-TYPE + SYNTAX INTEGER { + x509 (1), + pkcs12(2) + } + + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "." + ::= { rlSslCertificateImportEntry 2 } + + +rlSslCertificateImportFragmentId OBJECT-TYPE + SYNTAX INTEGER + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "Identifies the index of this fragment in the certificate." + ::= { rlSslCertificateImportEntry 3 } + + +rlSslCertificateImportFragmentText OBJECT-TYPE + SYNTAX OCTET STRING + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "A part of the readable text entry for the certificate." + ::= { rlSslCertificateImportEntry 4 } + +rlSslCertificateImportFragmentStatus OBJECT-TYPE + SYNTAX RowStatus + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "" + ::= { rlSslCertificateImportEntry 5 } + + + + +END + |