cim_ikeproposal.mof

Pegasus is an open-source implementationof the DMTF CIM and WBEM standards. It is designed to be por

// Copyright (c) 2005 DMTF.  All rights reserved.
// <change cr="ArchCR00066.004" type="add">Add UmlPackagePath
// qualifier values to CIM Schema.</change>
// ==================================================================
//  CIM_IKEProposal
// ==================================================================
   [UMLPackagePath ( "CIM::IPsecPolicy" ), Version ( "2.8.0" ), 
    Description (
       "IKEProposal contains the parameters necessary to drive the "
       "phase 1 IKE negotiation."), 
    MappingStrings { "IPSP Policy Model.IETF|IKEProposal" }]
class CIM_IKEProposal : CIM_SAProposal {

      [Description (
          "MaxLifetimeSeconds specifies the maximum time the IKE "
          "message sender proposes for an SA to be considered valid "
          "after it has been created. A value of zero indicates that "
          "the default of 8 hours be used. A non-zero value indicates "
          "the maximum seconds lifetime."), 
       Units ( "Seconds" ), 
       MappingStrings { "IPSP Policy " 
          "Model.IETF|IKEProposal.MaxLifetimeSeconds" }, 
       ModelCorrespondence { 
          "CIM_SecurityAssociationEndpoint.LifetimeSeconds" }]
   uint64 MaxLifetimeSeconds;

      [Description (
          "MaxLifetimeKilobytes specifies the maximum kilobyte "
          "lifetime the IKE message sender proposes for an SA to be "
          "considered valid after it has been created. A value of zero "
          "(the default) indicates that there should be no maximum "
          "kilobyte lifetime. A non-zero value specifies the desired "
          "kilobyte lifetime."), 
       Units ( "KiloBytes" ), 
       MappingStrings { "IPSP Policy " 
          "Model.IETF|IKEProposal.MaxLifetimeKilobytes" }, 
       ModelCorrespondence { 
          "CIM_SecurityAssociationEndpoint.LifetimeKilobytes" }]
   uint64 MaxLifetimeKilobytes;

      [Description (
          "CipherAlgorithm is an enumeration that specifies the "
          "proposed encryption algorithm. The list of algorithms was "
          "generated from Appendix A of RFC2409. Note that the "
          "enumeration is different than the RFC list and aligns with "
          "the values in IKESAEndpoint.CipherAlgorithm."), 
       ValueMap { "1", "2", "3", "4", "5", "6", "7", "8..65000",
          "65001..65535" }, 
       Values { "Other", "DES", "IDEA", "Blowfish", "RC5", "3DES",
          "CAST", "DMTF/IANA Reserved", "Vendor Reserved" }, 
       MappingStrings { "IPSP Policy " 
          "Model.IETF|IKEProposal.CipherAlgorithm",
          "RFC2409.IETF|Appendix A" }, 
       ModelCorrespondence { "CIM_IKESAEndpoint.CipherAlgorithm",
          "CIM_IKEProposal.OtherCipherAlgorithm" }]
   uint16 CipherAlgorithm;

      [Description (
          "Description of the encryption algorithm when the value 1 "
          "(\"Other\") is specified for the property, CipherAlgorithm."), 
       ModelCorrespondence { "CIM_IKESAEndpoint.OtherCipherAlgorithm",
          "CIM_IKEProposal.CipherAlgorithm" }]
   string OtherCipherAlgorithm;

      [Description (
          "HashAlgorithm is an enumeration that specifies the proposed "
          "hash function. The list of algorithms was generated from "
          "Appendix A of RFC2409. Note that the enumeration is "
          "different than the RFC list and aligns with the values in "
          "IKESAEndpoint.HashAlgorithm."), 
       ValueMap { "1", "2", "3", "4", "5..65000", "65001..65535" }, 
       Values { "Other", "MD5", "SHA-1", "Tiger", "DMTF/IANA Reserved",
          "Vendor Reserved" }, 
       MappingStrings { "IPSP Policy " 
          "Model.IETF|IKEProposal.HashAlgorithm",
          "RFC2409.IETF|Appendix A" }, 
       ModelCorrespondence { "CIM_IKESAEndpoint.HashAlgorithm",
          "CIM_IKEProposal.OtherHashAlgorithm" }]
   uint16 HashAlgorithm;

      [Description (
          "Description of the hash function when the value 1 "
          "(\"Other\") is specified for the property, HashAlgorithm."), 
       ModelCorrespondence { "CIM_IKESAEndpoint.OtherHashAlgorithm",
          "CIM_IKEProposal.HashAlgorithm" }]
   string OtherHashAlgorithm;

      [Description (
          "AuthenticationMethod is an enumeration that specifies the "
          "proposed authentication. The list of methods was generated "
          "from Appendix A of RFC2409. Note that the enumeration is "
          "different than the RFC list and aligns with the values in "
          "IKESAEndpoint.AuthenticationMethod. There is one change to "
          "the list - the value 65000 has special meaning. It is a "
          "special value that indicates that this particular proposal "
          "should be repeated once for each authentication method "
          "corresponding to credentials installed on the machine. For "
          "example, if the system has a pre-shared key and an "
          "public-key certificate, a proposal list would be "
          "constructed which includes a proposal that specifies a "
          "pre-shared key and a proposal for any of the public-key "
          "certificates."), 
       ValueMap { "1", "2", "3", "4", "5", "6", "7..64999", "65000",
          "65001..65535" }, 
       Values { "Other", "Pre-shared Key", "DSS Signatures",
          "RSA Signatures", "Encryption with RSA",
          "Revised Encryption with RSA", "DMTF/IANA Reserved", "Any",
          "Vendor Reserved" }, 
       MappingStrings { "IPSP Policy " 
          "Model.IETF|IKEProposal.AuthenticationMethod",
          "RFC2409.IETF|Appendix A" }, 
       ModelCorrespondence { "CIM_IKESAEndpoint.AuthenticationMethod",
          "CIM_IKEProposal.OtherAuthenticationMethod" }]
   uint16 AuthenticationMethod;

      [Description (
          "Description of the method when the value 1 (\"Other\") is "
          "specified for the property, AuthenticationMethod."), 
       ModelCorrespondence { 
          "CIM_IKESAEndpoint.OtherAuthenticationMethod",
          "CIM_IKEProposal.AuthenticationMethod" }]
   string OtherAuthenticationMethod;

      [Description (
          "The property GroupId specifies the proposed phase 1 "
          "security association key exchange group. This property is "
          "ignored for all aggressive mode exchanges "
          "(IKEAction.ExchangeMode = 4). If the GroupID number is from "
          "the vendor-specific range (32768-65535), the property "
          "VendorID qualifies the group number. Well-known group "
          "identifiers from RFC2412, Appendix E, are: Group 1='768 bit "
          "prime', Group 2='1024 bit prime', Group 3 ='Elliptic Curve "
          "Group with 155 bit field element', Group 4= 'Large Elliptic "
          "Curve Group with 185 bit field element', and Group 5='1536 "
          "bit prime'."), 
       ValueMap { "0", "1", "2", "3", "4", "5", "..", "0x8000.." }, 
       Values { "No Group/Non-Diffie-Hellman Exchange",
          "DH-768 bit prime", "DH-1024 bit prime",
          "EC2N-155 bit field element", "EC2N-185 bit field element",
          "DH-1536 bit prime", "Standard Group - Reserved",
          "Vendor Reserved" }, 
       MappingStrings { "IPSP Policy Model.IETF|IKEProposal.GroupID",
          "RFC2412.IETF|Appendix E" }, 
       ModelCorrespondence { "CIM_IKESAEndpoint.GroupID",
          "CIM_IKEProposal.VendorID" }]
   uint16 GroupId;

      [Description (
          "VendorID identifies the vendor when the value of GroupID is "
          "in the vendor-specific range, 32768 to 65535."), 
       ModelCorrespondence { "CIM_IKESAEndpoint.VendorID",
          "CIM_IKEProposal.GroupId" }]
   string VendorID;
};