1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
|
-- ----------------------------------------------------------------------------
--
-- SIAE MICROELETTRONICA s.p.a.
--
-- Via Michelangelo Buonarroti, 21
-- 20093 - Cologno Monzese
-- Milano
-- ITALY
--
-- ----------------------------------------------------------------------------
-- ----------------------------------------------------------------------------
SIAE-RADIO-ENCRYPTION-MIB
DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE,
Integer32
FROM SNMPv2-SMI
RowStatus
FROM SNMPv2-TC
InterfaceIndex
FROM IF-MIB
siaeMib
FROM SIAE-TREE-MIB
AlarmStatus, AlarmSeverityCode
FROM SIAE-ALARM-MIB;
radioEncrypt MODULE-IDENTITY
LAST-UPDATED "201507200000Z"
ORGANIZATION "SIAE MICROELETTRONICA spa"
CONTACT-INFO
"SIAE MICROELETTONICA s.p.a.
Via Michelangelo Buonarroti, 21
20093 - Cologno Monzese
Milano - ITALY
Phone : +39-02-27325-1
E-mail: tbd@siaemic.com
"
DESCRIPTION
"SIAE's radio encryption MIB.
"
REVISION "201507200000Z"
DESCRIPTION
"Initial version 01.00.00
"
::= { siaeMib 96 }
--------------------------------------------------------------------------------
-- RADIO ECRYPTION GROUP
--------------------------------------------------------------------------------
--
-- This group is used to manage SIAE's proprietary radio encryption MIB.
-- Below the denomination 'radio encryption' will be abbreviated as ENCRYPT
--
--------------------------------------------------------------------------------
------ Beginning --------------------------------------------------------------
rdEncryptMibVersion OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Numerical version of this module.
The string version of this MIB have the following format:
XX.YY.ZZ
so, for example, the value 1 should be interpreted as 00.00.01
and the value 10001 should be interpreted as 01.00.01."
DEFVAL { 1 }
::= {radioEncrypt 1}
------ Begin of rdEncryptTable
--
rdEncryptTable OBJECT-TYPE
SYNTAX SEQUENCE OF EncryptEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Table with SIAE's ENCRYPT entries."
::= {radioEncrypt 2}
rdEncryptTableEntry OBJECT-TYPE
SYNTAX EncryptEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"SIAE's ENCRYPT entry. An ENCRYPT instance have the same index of
the relative radio link index. A row in this table is created by
the SNMP agent for each instance of radio link."
INDEX {rdEncryptIfIndex}
::= {rdEncryptTable 1}
EncryptEntry ::=
SEQUENCE {
rdEncryptIfIndex InterfaceIndex,
rdEncryptRowStatus RowStatus,
rdEncryptAdminStatus INTEGER,
rdEncryptAlgo INTEGER,
rdEncryptAlgoMode INTEGER,
rdEncryptKeyMode INTEGER,
rdEncryptKey OCTET STRING,
rdEncryptKeyLifeTime Integer32,
rdEncryptMismatchAlarm AlarmStatus
}
rdEncryptIfIndex OBJECT-TYPE
SYNTAX InterfaceIndex
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A unique value, greater than zero, for each ENCRYPT interface.
This object is identical to the ifIndex of the standard MIB-2
ifTable.
SNMP agent accepts the value of this objects only if the
capability ifextCapabilityEncrypt is shown in ifextCapabilities
for the same ifIndex.
"
::= {rdEncryptTableEntry 1}
rdEncryptRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Status of this row of rdEncryptTable. A manager must set
this object in order to create an instance of ENCRYPT.
"
::= {rdEncryptTableEntry 2}
rdEncryptAdminStatus OBJECT-TYPE
SYNTAX INTEGER {
disable (1),
enable (2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The desired state of the ENCRYPT. This object can be set only
when the rdEncryptRowStatus of the ENCRYPT is active.
When a managed system initializes, all ENCRYPT instance start with
rdEncryptAdminStatus in the disable(2) state, it's a default
state also. As a result of either explicit management
action or per configuration information retained by the
managed system, rdEncryptAdminStatus is then changed to the
enable (1) state (or remains in the disable(2) state).
In order to use ENCRYPT, also rdEncryptSystemControl must be set to
start.
"
DEFVAL { disable }
::= {rdEncryptTableEntry 3}
rdEncryptAlgo OBJECT-TYPE
SYNTAX INTEGER {
aes128 (1),
aes256 (2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The encryption algorithm. The key length depends on the choosen
algorithm.
"
DEFVAL { aes256 }
::= {rdEncryptTableEntry 4}
rdEncryptAlgoMode OBJECT-TYPE
SYNTAX INTEGER {
aesModeElectronicCodebook (1),
aesModeCipherBlockChaining (2),
aesModeCipherFeedback (3),
aesModeOutputFeedback (4),
aesModeCounter (5)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"AES encryption/decryption algorithm can be implemented in
five modes. The modes may be used in conjunction with any
symmetric key block cipher algorithm that is approved by a
Federal Information Processing Standard (FIPS).
The five modes are:
- Electronic Codebook (ECB)
- Cipher Block Chaining (CBC)
- Cipher Feedback (CFB),
- Output Feedback (OFB),
- and Counter (CTR)
Agents can accept only a subset of AES modes.
"
DEFVAL { aesModeCounter }
::= {rdEncryptTableEntry 5}
rdEncryptKeyMode OBJECT-TYPE
SYNTAX INTEGER {
manualEnteredKey (1),
automaticKeyGeneration (2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object select between the Manually-entered key mode and
auto-generated key mode. Agent could not accept the value
automaticKeyGeneration if it don't support the automatic key
generation.
"
DEFVAL { manualEnteredKey }
::= {rdEncryptTableEntry 6}
rdEncryptKey OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(16|32))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The key used for encryption. The length of the key depends on
rdEncryptAlgo.
"
DEFVAL { '00'H }
::= {rdEncryptTableEntry 7}
rdEncryptKeyLifeTime OBJECT-TYPE
SYNTAX Integer32 (1..1096)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The life time in day of the automatically generated key.
The range goes from one day to three years (considering one
leap year).
"
DEFVAL { 7 }
::= {rdEncryptTableEntry 8}
rdEncryptMismatchAlarm OBJECT-TYPE
SYNTAX AlarmStatus
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This alarm is raised when local and remote configuration does not
match."
::= {rdEncryptTableEntry 9}
--
------ End of rdEncryptTable
rdEncryptSystemControl OBJECT-TYPE
SYNTAX INTEGER {
start(1),
shutdown(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The administrative system control status requested by management
for the ENCRYPT feature. The value 'start'(1) indicates that all
resources required by ENCRYPT should be allocated and ENCRYPT
should be supported in the device on ports which shown the
specific capability. The value shutdown(2) indicates that ENCRYPT
should be shutdown in the device on all ports and all allocated
memory must be released."
::= { radioEncrypt 3 }
rdEncryptMismatchAlarmSeverityCode OBJECT-TYPE
SYNTAX AlarmSeverityCode
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Defines the severity associated to the rdEncryptMismatchAlarm
and enables/disables the trap generation on status change event."
DEFVAL {majorTrapEnable}
::= { radioEncrypt 4 }
END
|
