// Copyright (c) 2005 DMTF. All rights reserved.
// Add UmlPackagePath
// qualifier values to CIM Schema.
// Add PUnit qualifier values
// to Units qualifier values.
// ==================================================================
// CIM_ESPTransform
// ==================================================================
[Version ( "2.8.0" ),
UMLPackagePath ( "CIM::Network::IPsec" ),
Description (
"ESPTransform defines the parameters used for a phase 2 ESP "
"(Encapsulating Security Protocol) Security Association." ),
MappingStrings { "IPSP Model.IETF|ESPTransform" }]
class CIM_ESPTransform : CIM_SATransform {
[Description (
"IntegrityTransformId is an enumeration that specifies "
"the ESP integrity algorithm to be used. The list of "
"values is generated from the enumeration defined in "
"RFC2407, Section 4.5. Note that the enumeration is "
"different than the RFC list, since the values of Other "
"and None are taken into account. Also, note that 2 "
"(\"None\") is used when ESP is negotiated without "
"authentication." ),
ValueMap { "1", "2", "3", "4", "5", "6", "7..61439",
"61440..65535" },
Values { "Other", "None", "MD5", "SHA-1", "DES", "KPDK",
"DMTF/IANA Reserved", "Vendor Reserved" },
MappingStrings {
"IPSP Model.IETF|ESPTransform.IntegrityTransformId",
"RFC2407.IETF|Section 4.5" },
ModelCorrespondence {
"CIM_ESPTransform.OtherIntegrityTransformId" }]
uint16 IntegrityTransformId;
[Description (
"Description of the integrity algorithm when the value 1 "
"(\"Other\") is specified for the property, "
"IntegrityTransformId." ),
ModelCorrespondence { "CIM_ESPTransform.IntegrityTransformId" }]
string OtherIntegrityTransformId;
[Description (
"CipherTransformId is an enumeration that specifies the "
"ESP encrypion algorithm to be used. The list of values "
"is defined in RFC2407, Section 4.4.4, where the RFC\'s "
"NULL value maps to 2-\"None\". Note that the enumeration "
"is different than the RFC list, since \'Other\' is added "
"to the enumeration." ),
ValueMap { "1", "2", "3", "4", "5", "6", "7", "8", "9", "10",
"11", "12" },
Values { "Other", "None", "DES_IV64", "DES", "3DES", "RC5",
"IDEA", "CAST", "Blowfish", "3-IDEA", "DES_IV32", "RC4" },
MappingStrings {
"IPSP Model.IETF|ESPTransform.CipherTransformId",
"RFC2407.IETF|Section 4.4.4" },
ModelCorrespondence {
"CIM_ESPTransform.OtherCipherTransformId" }]
uint16 CipherTransformId;
[Description (
"Description of the encryption algorithm when the value 1 "
"(\"Other\") is specified for the property, "
"CipherTransformId." ),
ModelCorrespondence { "CIM_ESPTransform.CipherTransformId" }]
string OtherCipherTransformId;
[Description (
"CipherKeyLength specifies, in bits, the key length for "
"the encryption algorithm. For algorithms with fixed key "
"lengths, this value is ignored." ),
Units ( "Bits" ),
MappingStrings {
"IPSP Model.IETF|ESPTransform.CipherKeyLength" },
PUnit ( "bit" )]
uint16 CipherKeyLength;
[Description (
"CipherKeyRounds specifies the key rounds for the "
"encryption algorithm. For algorithms with a fixed number "
"of key rounds, this value is ignored. Currently, key "
"rounds are NOT defined for any ESP encryption "
"algorithms." ),
MappingStrings {
"IPSP Model.IETF|ESPTransform.CipherKeyRounds" }]
uint16 CipherKeyRounds;
[Description (
"UseReplayPrevention causes the local peer to enable "
"replay prevention detection. This can be accomplished by "
"using a sequence number when sending a packet or "
"checking the sequence number upon receipt of a packet." ),
MappingStrings {
"IPSP Model.IETF|ESPTransform.UseReplayPrevention" }]
boolean UseReplayPrevention;
[Description (
"ReplayPreventionWindowsSize specifies, in bits, the "
"length of the sliding window used by the replay "
"prevention mechanism. The value of this property is "
"meaningless if UseReplayPrevention is false. The window "
"size MUST be a power of 2." ),
Units ( "Bits" ),
MappingStrings {
"IPSP Model.IETF|ESPTransform.ReplayPreventionWindowSize" },
PUnit ( "bit" )]
uint32 ReplayPreventionWindowSize;
};