|
version 1.1.2.1, 2012/01/24 13:50:15
|
version 1.1.2.2, 2012/02/15 17:46:31
|
|
|
|
| |
// Copyright (c) 2005 DMTF. All rights reserved. |
| |
[Version ( "2.8.0" ), |
| |
UMLPackagePath ( "CIM::IPsecPolicy" ), |
| |
Description ( |
| |
"IKEProposal contains the parameters necessary to drive the " |
| |
"phase 1 IKE negotiation." ), |
| |
MappingStrings { "IPSP Policy Model.IETF|IKEProposal" }] |
| |
class CIM_IKEProposal : CIM_SAProposal { |
| |
|
| |
[Description ( |
| |
"MaxLifetimeSeconds specifies the maximum time the IKE " |
| |
"message sender proposes for an SA to be considered valid " |
| |
"after it has been created. A value of zero indicates " |
| |
"that the default of 8 hours be used. A non-zero value " |
| |
"indicates the maximum seconds lifetime." ), |
| |
Units ( "Seconds" ), |
| |
MappingStrings { |
| |
"IPSP Policy Model.IETF|IKEProposal.MaxLifetimeSeconds" }, |
| |
ModelCorrespondence { |
| |
"CIM_SecurityAssociationEndpoint.LifetimeSeconds" }, |
| |
PUnit ( "second" )] |
| |
uint64 MaxLifetimeSeconds; |
| |
|
| |
[Description ( |
| |
"MaxLifetimeKilobytes specifies the maximum kilobyte " |
| |
"lifetime the IKE message sender proposes for an SA to be " |
| |
"considered valid after it has been created. A value of " |
| |
"zero (the default) indicates that there should be no " |
| |
"maximum kilobyte lifetime. A non-zero value specifies " |
| |
"the desired kilobyte lifetime." ), |
| |
Units ( "KiloBytes" ), |
| |
MappingStrings { |
| |
"IPSP Policy Model.IETF|IKEProposal.MaxLifetimeKilobytes" }, |
| |
ModelCorrespondence { |
| |
"CIM_SecurityAssociationEndpoint.LifetimeKilobytes" }, |
| |
PUnit ( "byte * 10^3" )] |
| |
uint64 MaxLifetimeKilobytes; |
| |
|
| |
[Description ( |
| |
"CipherAlgorithm is an enumeration that specifies the " |
| |
"proposed encryption algorithm. The list of algorithms " |
| |
"was generated from Appendix A of RFC2409. Note that the " |
| |
"enumeration is different than the RFC list and aligns " |
| |
"with the values in IKESAEndpoint.CipherAlgorithm." ), |
| |
ValueMap { "1", "2", "3", "4", "5", "6", "7", "8..65000", |
| |
"65001..65535" }, |
| |
Values { "Other", "DES", "IDEA", "Blowfish", "RC5", "3DES", |
| |
"CAST", "DMTF/IANA Reserved", "Vendor Reserved" }, |
| |
MappingStrings { |
| |
"IPSP Policy Model.IETF|IKEProposal.CipherAlgorithm", |
| |
"RFC2409.IETF|Appendix A" }, |
| |
ModelCorrespondence { "CIM_IKESAEndpoint.CipherAlgorithm", |
| |
"CIM_IKEProposal.OtherCipherAlgorithm" }] |
| |
uint16 CipherAlgorithm; |
| |
|
| |
[Description ( |
| |
"Description of the encryption algorithm when the value 1 " |
| |
"(\"Other\") is specified for the property, " |
| |
"CipherAlgorithm." ), |
| |
ModelCorrespondence { |
| |
"CIM_IKESAEndpoint.OtherCipherAlgorithm", |
| |
"CIM_IKEProposal.CipherAlgorithm" }] |
| |
string OtherCipherAlgorithm; |
| |
|
| |
[Description ( |
| |
"HashAlgorithm is an enumeration that specifies the " |
| |
"proposed hash function. The list of algorithms was " |
| |
"generated from Appendix A of RFC2409. Note that the " |
| |
"enumeration is different than the RFC list and aligns " |
| |
"with the values in IKESAEndpoint.HashAlgorithm." ), |
| |
ValueMap { "1", "2", "3", "4", "5..65000", "65001..65535" }, |
| |
Values { "Other", "MD5", "SHA-1", "Tiger", |
| |
"DMTF/IANA Reserved", "Vendor Reserved" }, |
| |
MappingStrings { |
| |
"IPSP Policy Model.IETF|IKEProposal.HashAlgorithm", |
| |
"RFC2409.IETF|Appendix A" }, |
| |
ModelCorrespondence { "CIM_IKESAEndpoint.HashAlgorithm", |
| |
"CIM_IKEProposal.OtherHashAlgorithm" }] |
| |
uint16 HashAlgorithm; |
| |
|
| |
[Description ( |
| |
"Description of the hash function when the value 1 " |
| |
"(\"Other\") is specified for the property, " |
| |
"HashAlgorithm." ), |
| |
ModelCorrespondence { "CIM_IKESAEndpoint.OtherHashAlgorithm", |
| |
"CIM_IKEProposal.HashAlgorithm" }] |
| |
string OtherHashAlgorithm; |
| |
|
| |
[Description ( |
| |
"AuthenticationMethod is an enumeration that specifies " |
| |
"the proposed authentication. The list of methods was " |
| |
"generated from Appendix A of RFC2409. Note that the " |
| |
"enumeration is different than the RFC list and aligns " |
| |
"with the values in IKESAEndpoint.AuthenticationMethod. " |
| |
"There is one change to the list - the value 65000 has " |
| |
"special meaning. It is a special value that indicates " |
| |
"that this particular proposal should be repeated once " |
| |
"for each authentication method corresponding to " |
| |
"credentials installed on the machine. For example, if " |
| |
"the system has a pre-shared key and an public-key " |
| |
"certificate, a proposal list would be constructed which " |
| |
"includes a proposal that specifies a pre-shared key and " |
| |
"a proposal for any of the public-key certificates." ), |
| |
ValueMap { "1", "2", "3", "4", "5", "6", "7..64999", "65000", |
| |
"65001..65535" }, |
| |
Values { "Other", "Pre-shared Key", "DSS Signatures", |
| |
"RSA Signatures", "Encryption with RSA", |
| |
"Revised Encryption with RSA", "DMTF/IANA Reserved", |
| |
"Any", "Vendor Reserved" }, |
| |
MappingStrings { |
| |
"IPSP Policy Model.IETF|IKEProposal.AuthenticationMethod", |
| |
"RFC2409.IETF|Appendix A" }, |
| |
ModelCorrespondence { |
| |
"CIM_IKESAEndpoint.AuthenticationMethod", |
| |
"CIM_IKEProposal.OtherAuthenticationMethod" }] |
| |
uint16 AuthenticationMethod; |
| |
|
| |
[Description ( |
| |
"Description of the method when the value 1 (\"Other\") " |
| |
"is specified for the property, AuthenticationMethod." ), |
| |
ModelCorrespondence { |
| |
"CIM_IKESAEndpoint.OtherAuthenticationMethod", |
| |
"CIM_IKEProposal.AuthenticationMethod" }] |
| |
string OtherAuthenticationMethod; |
| |
|
| |
[Description ( |
| |
"The property GroupId specifies the proposed phase 1 " |
| |
"security association key exchange group. This property " |
| |
"is ignored for all aggressive mode exchanges " |
| |
"(IKEAction.ExchangeMode = 4). If the GroupID number is " |
| |
"from the vendor-specific range (32768-65535), the " |
| |
"property VendorID qualifies the group number. Well-known " |
| |
"group identifiers from RFC2412, Appendix E, are: Group " |
| |
"1=\'768 bit prime\', Group 2=\'1024 bit prime\', Group 3 " |
| |
"=\'Elliptic Curve Group with 155 bit field element\', " |
| |
"Group 4= \'Large Elliptic Curve Group with 185 bit field " |
| |
"element\', and Group 5=\'1536 bit prime\'." ), |
| |
ValueMap { "0", "1", "2", "3", "4", "5", "..", "0x8000.." }, |
| |
Values { "No Group/Non-Diffie-Hellman Exchange", |
| |
"DH-768 bit prime", "DH-1024 bit prime", |
| |
"EC2N-155 bit field element", |
| |
"EC2N-185 bit field element", "DH-1536 bit prime", |
| |
"Standard Group - Reserved", "Vendor Reserved" }, |
| |
MappingStrings { |
| |
"IPSP Policy Model.IETF|IKEProposal.GroupID", |
| |
"RFC2412.IETF|Appendix E" }, |
| |
ModelCorrespondence { "CIM_IKESAEndpoint.GroupID", |
| |
"CIM_IKEProposal.VendorID" }] |
| |
uint16 GroupId; |
| |
|
| |
[Description ( |
| |
"VendorID identifies the vendor when the value of GroupID " |
| |
"is in the vendor-specific range, 32768 to 65535." ), |
| |
ModelCorrespondence { "CIM_IKESAEndpoint.VendorID", |
| |
"CIM_IKEProposal.GroupId" }] |
| |
string VendorID; |
| |
|
| |
|
| |
}; |
Return to
CIM_IKEProposal.mof
CVS log
Up to [Pegasus] / pegasus / Schemas / CIM231 / DMTF / IPsecPolicy