BAY-STACK-DIGITAL-CERT DEFINITIONS ::= BEGIN

IMPORTS
    MODULE-IDENTITY, OBJECT-TYPE, Integer32, Unsigned32
        FROM SNMPv2-SMI
    DisplayString, TruthValue, RowStatus, DateAndTime
        FROM SNMPv2-TC
    RcLongDisplayString
    FROM RAPID-CITY
    bayStackMibs
        FROM SYNOPTICS-ROOT-MIB;

bayStackDigitalCert MODULE-IDENTITY
    LAST-UPDATED "201709210000Z"
    ORGANIZATION "Avaya"
    CONTACT-INFO "avaya.com"
    DESCRIPTION "Enterprise MIB for the Digital Certificate mibs."

    REVISION "201709210000Z"  -- September 21, 2017
    DESCRIPTION "Ver 2: * Add object bsDigitalCertSubjectFqdn under 
                        bsDigitalCertSubjectScalars
                        * Add bsDigitalCertForceReplacement under
                        bsDigitalCertImportExport
                        * Remove objects bsDigitalCertFileActionStatus and 
                        bsDigitalCertFileActionError from bsDigitalCertFileMgmt
                        * Add objects bsDigitalCertChainPosition,
                        bsDigitalCertSha1Hash and bsDigitalCertMd5Hash
                        under bsDigitalCertEntry
                        * Add object bsDigitalCertCaChainComplete
                        under bsDigitalCertCaEntry
                        * Add values raCert and crl in enum 
                        bsDigitalCertType
                        * Reversed order of objects bsDigitalCertFileName,
                        bsDigitalCertAssociatedContextName and
                        bsDigitalCertAssociatedContextType under
                        bsDigitalCertEntry"

    REVISION "201705040000Z"  -- April 5, 2017
    DESCRIPTION "Ver 1:  Initial version."

    ::= { bayStackMibs 48 }

bsDigitalCertNotifications      OBJECT IDENTIFIER ::= { bayStackDigitalCert 0 }
bsDigitalCertObjects            OBJECT IDENTIFIER ::= { bayStackDigitalCert 1 }
bsDigitalCertScalars            OBJECT IDENTIFIER ::= { bsDigitalCertObjects 1 }
bsDigitalCertSubjectScalars     OBJECT IDENTIFIER ::= { bsDigitalCertScalars 1 }
bsDigitalCertImportExport       OBJECT IDENTIFIER ::= { bsDigitalCertScalars 2 }
bsDigitalCertFileMgmt           OBJECT IDENTIFIER ::= { bsDigitalCertScalars 3 }

-- scalar objects

-- subject

bsDigitalCertSubjectCommonName OBJECT-TYPE
        SYNTAX        DisplayString (SIZE(0..64))                        
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "The value of the Common Name field of the subject sending the 
           	       Certificate Signing Request to the Certificate Authority"
        ::= {bsDigitalCertSubjectScalars  1 }

bsDigitalCertSubjectEmailAddress OBJECT-TYPE
        SYNTAX        DisplayString (SIZE(0..254))
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "The Email Address of the subject sending the Certificate 
                       Signing Request to the Certificate Authority"
        ::= { bsDigitalCertSubjectScalars 2 }

bsDigitalCertSubjectOrganizationalUnit OBJECT-TYPE
        SYNTAX        DisplayString (SIZE(0..64))
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "The Organizational Unit field of the subject sending the
           	       Certificate Signing Request to the Certificate Authority"
        ::= { bsDigitalCertSubjectScalars 3 }

bsDigitalCertSubjectOrganization OBJECT-TYPE
        SYNTAX        DisplayString (SIZE(0..64))
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "The Organization of the subject sending the Certificate
                   Signing Request to the Certificate Authority"
        ::= { bsDigitalCertSubjectScalars 4 }

bsDigitalCertSubjectLocality OBJECT-TYPE
        SYNTAX        DisplayString (SIZE(0..128))
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "The name of the Locality of the subject sending the
                   Certificate Signing Request to the Certificate Authority"
        ::= { bsDigitalCertSubjectScalars 5 }

bsDigitalCertSubjectProvince  OBJECT-TYPE
        SYNTAX        DisplayString (SIZE(0..128))
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "The Province name of the subject sending the Certificate
                   Signing Request to the Certificate Authority"
        ::= { bsDigitalCertSubjectScalars 6 }

bsDigitalCertSubjectCountry OBJECT-TYPE
        SYNTAX        DisplayString (SIZE(0..2))
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "The name of the country of the subject sending the
                   Certificate Signing Request to the Certificate Authority"
        ::= { bsDigitalCertSubjectScalars 7 }

bsDigitalCertSubjectIncludeIpAddress OBJECT-TYPE
        SYNTAX        TruthValue
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "Specifies whether all IP addresses will be included in
                    the Subject Alternative Name extension of the Certificate
                    Signing Request"
        ::= { bsDigitalCertSubjectScalars 8 }

bsDigitalCertSubjectFqdn OBJECT-TYPE
        SYNTAX        DisplayString (SIZE(0..128))
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "The fully qualified name of the subject"
        ::= { bsDigitalCertSubjectScalars 9 }

-- import and export

bsDigitalCertLocalResource OBJECT-TYPE
        SYNTAX        INTEGER 
                      { 
                                file(1),
                                csr(2),
                                pkcs12(3),
                                keypair(4),
                                pkcs7(5)
                      }
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "The type of resource to be exported"
        ::= { bsDigitalCertImportExport 1 }
bsDigitalCertPkcs12Passphrase OBJECT-TYPE
        SYNTAX        DisplayString (SIZE(0..128))
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "Specifies the passphrase to use for encrypting and decrypting pkcs#12 containers"
        ::= { bsDigitalCertImportExport 2 }
bsDigitalCertLocalName OBJECT-TYPE
        SYNTAX        DisplayString (SIZE(0..254))
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "The name of the file or key pair to be imported or exported from nvram.
                       Ignored for CSR, PKCS#7 and PKCS#12."
        ::= { bsDigitalCertImportExport 3 }
bsDigitalCertFileAssociatedContextName OBJECT-TYPE
        SYNTAX        DisplayString (SIZE(0..45))
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "The name of the context to associate imported and exported files"
        ::= { bsDigitalCertImportExport 4 }
bsDigitalCertFileAssociatedContextType OBJECT-TYPE
        SYNTAX        INTEGER { 
                                ca(1),
                                truststore(2)
                              }
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "The type of the context to associate imported and exported files "
        ::= { bsDigitalCertImportExport 5 }
bsDigitalCertRemoteFileName OBJECT-TYPE
        SYNTAX        DisplayString (SIZE(0..254))
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "The address and name of the file to be imported or exported on a remote location"
        ::= { bsDigitalCertImportExport 6 }
bsDigitalCertFileSupport OBJECT-TYPE
        SYNTAX        INTEGER { 
                                usb(1),
                                sftp(2)
                              }
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "The storage type of the file to be imported or exported"
        ::= { bsDigitalCertImportExport 7 }
bsDigitalCertSftpUsername OBJECT-TYPE
        SYNTAX        DisplayString (SIZE(0..128))
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "The username to log into when accessing the SFTP server"
        ::= { bsDigitalCertImportExport 8 }
bsDigitalCertUsbUnitNumber OBJECT-TYPE
        SYNTAX        Integer32 (0..8)
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "The unit number whose USB to access"
        ::= { bsDigitalCertImportExport 9 }
bsDigitalCertForceReplacement OBJECT-TYPE
        SYNTAX        TruthValue
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "Controls whether a name conflict will be resolved by replacing the old file with the new one"
        ::= { bsDigitalCertImportExport 10 }
bsDigitalCertAction OBJECT-TYPE
        SYNTAX        INTEGER { 
                                noop(1),
                                import(2),
                                export(3),
                                delete(4)
                              }
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "Specifies the action to be taken on the previously specified file"
        ::= { bsDigitalCertImportExport 11 }
bsDigitalCertActionStatus OBJECT-TYPE
        SYNTAX        INTEGER { 
                                none(1),
                                success(2),
                                failed(3),
                                inprogress(4)
                              }
        MAX-ACCESS    read-only
        STATUS        current
        DESCRIPTION   "Displays the status of the latest action"
        ::= { bsDigitalCertImportExport 12 }
bsDigitalCertActionError OBJECT-TYPE
        SYNTAX        DisplayString (SIZE(0..128))
        MAX-ACCESS    read-only
        STATUS        current
        DESCRIPTION   "Displays the error message that occurent during the latest action, if any"
        ::= { bsDigitalCertImportExport 13 }

-- file management

bsDigitalCertSourceFileName OBJECT-TYPE
        SYNTAX        DisplayString (SIZE(0..254))
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "The name of the file to be copied, moved or renamed"
        ::= { bsDigitalCertFileMgmt 1 }
bsDigitalCertSourceContextName OBJECT-TYPE
        SYNTAX        DisplayString (SIZE(0..45))
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "The name of the context where the source file is located"
        ::= { bsDigitalCertFileMgmt 2 }
bsDigitalCertSourceContextType OBJECT-TYPE
        SYNTAX        INTEGER { 
                                ca(1),
                                truststore(2)
                              }
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "The type of the context where the source file is located"
        ::= { bsDigitalCertFileMgmt 3 }
bsDigitalCertDestinationFileName OBJECT-TYPE
        SYNTAX        DisplayString (SIZE(0..254))
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "A new name for the source file or its copy"
        ::= { bsDigitalCertFileMgmt 4 }
bsDigitalCertDestinationContextName OBJECT-TYPE
        SYNTAX        DisplayString (SIZE(0..45))
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "The name of the context where to place the source file or its copy"
        ::= { bsDigitalCertFileMgmt 5 }
bsDigitalCertDestinationContextType OBJECT-TYPE
        SYNTAX        INTEGER { 
                                ca(1),
                                truststore(2)
                              }
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "The type of the context where to place the source file or its copy"
        ::= { bsDigitalCertFileMgmt 6 }
bsDigitalCertFileAction OBJECT-TYPE
        SYNTAX        INTEGER { 
                                noop(1),
                                copy(2),
                                move(3)
                              }
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "Specifies the action to be taken on the previously specified file. 
                        Moving a file within the same CA entry will result in a rename."
        ::= { bsDigitalCertFileMgmt 7 }

-- key table

bsDigitalCertKeyTable OBJECT-TYPE
        SYNTAX        SEQUENCE OF BsDigitalCertKeyEntry
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION   "Table containing all the information related to the key-pair, required
                       to get the Digital Certificate from the Certificate Authority."
        ::= { bsDigitalCertObjects 2 }

bsDigitalCertKeyEntry OBJECT-TYPE
        SYNTAX        BsDigitalCertKeyEntry
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION   "The entry specifies the key-pair
                       name, size, the algorithm used for the generation of key-pair
                       and if the user is allowed to export it."
        INDEX          { bsDigitalCertKeyName }
        ::= { bsDigitalCertKeyTable 1 }

BsDigitalCertKeyEntry ::= SEQUENCE {
        bsDigitalCertKeyName            DisplayString,
        bsDigitalCertKeyType            INTEGER,
        bsDigitalCertKeySize            Integer32,
        bsDigitalCertKeyFingerprint     DisplayString,
        bsDigitalCertKeyRowStatus       RowStatus
        }

bsDigitalCertKeyName OBJECT-TYPE
        SYNTAX        DisplayString (SIZE(0..46))
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION   "Refers to the name of the key-pair generated or imported for the subject"
        ::= { bsDigitalCertKeyEntry 1 }

bsDigitalCertKeyType OBJECT-TYPE
        SYNTAX        INTEGER { rsa (1) }
        MAX-ACCESS    read-only
        STATUS        current
        DESCRIPTION   "Defines the algorithm used to generate the key-pair"
        ::= { bsDigitalCertKeyEntry 2 }

bsDigitalCertKeySize OBJECT-TYPE
        SYNTAX        Integer32 (2048)
        MAX-ACCESS    read-only
        STATUS        current
        DESCRIPTION   "Defines the size of the key-pair to be generated "
        ::= { bsDigitalCertKeyEntry 3 }

bsDigitalCertKeyFingerprint OBJECT-TYPE
        SYNTAX        DisplayString (SIZE(0..60))
        MAX-ACCESS    read-only
        STATUS        current
        DESCRIPTION   "Displays the SHA1 fingerprint of the key pair"
        ::= { bsDigitalCertKeyEntry 4 }

bsDigitalCertKeyRowStatus OBJECT-TYPE
        SYNTAX        RowStatus
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION   "Used to create/delete entries"
        ::= { bsDigitalCertKeyEntry 5 }

-- ca table

bsDigitalCertCaTable OBJECT-TYPE
        SYNTAX        SEQUENCE OF BsDigitalCertCaEntry
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION   "Table containing all the information related to the 
               Certificate Authority issuing the Digital Certificate"
        ::= { bsDigitalCertObjects 3 }

bsDigitalCertCaEntry OBJECT-TYPE
        SYNTAX        BsDigitalCertCaEntry
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION   "Entry containing
                       information about the Certificate Authority"
        INDEX     { bsDigitalCertCaName }
        ::= { bsDigitalCertCaTable 1 }

BsDigitalCertCaEntry ::= SEQUENCE {
                bsDigitalCertCaName                             DisplayString,
                bsDigitalCertCaCommonName                       DisplayString,
                bsDigitalCertCaKeyName                          DisplayString,
                bsDigitalCertCaCaUrl                            RcLongDisplayString,
                bsDigitalCertCaAction                           INTEGER,
                bsDigitalCertCaActionChallengePassword          DisplayString,
                bsDigitalCertCaAuthenticated                    TruthValue,
                bsDigitalCertCaLastActionStatus                 INTEGER,
                bsDigitalCertCaLastActionFailureReason          DisplayString,
                bsDigitalCertCaSubjectCertificateValidityDays   Integer32,
                bsDigitalCertCaUsePost                          TruthValue,
                bsDigitalCertUseFor                             BITS,
                bsDigitalCertRegenerateKeyOnEnroll              TruthValue,
                bsDigitalCertCaChainComplete                    TruthValue,
                bsDigitalCertCaRowStatus                        RowStatus
                }


bsDigitalCertCaName OBJECT-TYPE
        SYNTAX        DisplayString (SIZE(1..45))
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION   "User defined name referring to the Certificate Authority 
               issuing the Digital Certificate"
        ::= { bsDigitalCertCaEntry 1 }

bsDigitalCertCaCommonName OBJECT-TYPE
        SYNTAX        DisplayString (SIZE(0..64))
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION   "Defines the Common Name of the Certificate Authority 
               issuing the Digital Certificate"
        ::= { bsDigitalCertCaEntry 2 }

bsDigitalCertCaKeyName OBJECT-TYPE
        SYNTAX        DisplayString (SIZE(0..45))
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION   "Defines the name of the associated key pair . 
               It refers to the Key Name entry of the bsDigitalCertKeyTable"
        ::= { bsDigitalCertCaEntry 3 }

bsDigitalCertCaCaUrl OBJECT-TYPE
        SYNTAX        RcLongDisplayString (SIZE(0..1000))
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION   "Defines the URL of the Certificate Authority issuing 
                       the Digital Certificate"
        ::= { bsDigitalCertCaEntry 4 }

bsDigitalCertCaAction OBJECT-TYPE
        SYNTAX        INTEGER {
                                noop(1),
                                caauth(2),
                                enroll(3),
                                renew(4),
                                remove(5),
                                getCrl(6),
                                genSelfSig(7),
                                getCaCert(8)
                      }
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION   "specifies the various actions Certificate Authority can  take-
            'noop'      - No operation
            'caauth'    - Athenticates the Certificate Authority (CA) based on 
                          the previously retrieved Root CA Certificate.
            'enroll'    - Certificate Enrolment Request.
            'renew'     - Certificate Renew Request.
            'remove'    - Removes the subject certificate obtained online from the Certificate Authority.
            'getCrl'    - Get the Certificate Revocation List from the CDP.
            'genSelfSig'- Generate a self-signed certificate.
            'getCaCert' - Retrieve Root CA certificate from the Certificate Authority"
        ::= { bsDigitalCertCaEntry 5 }

bsDigitalCertCaActionChallengePassword OBJECT-TYPE
        SYNTAX        DisplayString (SIZE(0..128))
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION   "specifies the challenge password required to perform the scep operation"
        ::= { bsDigitalCertCaEntry 6 }

bsDigitalCertCaAuthenticated OBJECT-TYPE
        SYNTAX        TruthValue
        MAX-ACCESS    read-only
        STATUS        current
        DESCRIPTION   "Specifies whether the Online Certificate Authority is authenticated"
        ::= { bsDigitalCertCaEntry 7 }

bsDigitalCertCaLastActionStatus OBJECT-TYPE
        SYNTAX        INTEGER {
                                none(1),
                                success(2),
                                failed(3),
                                inProgress(4)
                              }
        MAX-ACCESS    read-only
        STATUS        current
        DESCRIPTION   "Specifies the status of the last action 
             'none'         - No action was performed yet.
             'success'      - Execution of the action triggered is
                            completed successfully.
             'failed'       - Execution of the action triggered has
                            failed.
             'inProgress'   - Execution of the action triggered is
                            in progress. "
        ::= { bsDigitalCertCaEntry 8 }

bsDigitalCertCaLastActionFailureReason OBJECT-TYPE
        SYNTAX        DisplayString (SIZE(0..81))
        MAX-ACCESS    read-only
        STATUS        current
        DESCRIPTION   "Defines the reason of failure for the last action performed 
                       by the Certificate Authority"
        ::= { bsDigitalCertCaEntry 9 }

bsDigitalCertCaSubjectCertificateValidityDays   OBJECT-TYPE
        SYNTAX        Integer32 (7..1185)
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION   "Number of days for which subject certificate will remain
                       valid"
        DEFVAL         { 365 }
        ::= { bsDigitalCertCaEntry 10 }

bsDigitalCertCaUsePost OBJECT-TYPE
        SYNTAX        TruthValue
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION   "specifies the HTTP request type : URL or POST , TRUE for EJBCA and FALSE for Win2012 CA"
        DEFVAL        { true }
        ::= { bsDigitalCertCaEntry 11 }

bsDigitalCertUseFor OBJECT-TYPE
        SYNTAX        BITS  {
                                ike(0),
                                ssl-server(1),
                                ssl-client(2),
                                slamon(3),
                                cloud(4)
                            }
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION   "Specifies for what features will use the subject certificate from this CA.
                        Features are represented in form of bits as follows:
                        bit 0 - IKE
                        bit 1 - SSL server
                        bit 2 - SSL client
                        bit 3 - SLAmon
                        bit 4 - Cloud"
        ::= { bsDigitalCertCaEntry 12 }

bsDigitalCertRegenerateKeyOnEnroll OBJECT-TYPE
        SYNTAX        TruthValue
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION   "Specifies whether the associated key pair will be regenerated on re-enroll"
        DEFVAL        { false }
        ::= { bsDigitalCertCaEntry 13 }

bsDigitalCertCaChainComplete OBJECT-TYPE
        SYNTAX        TruthValue
        MAX-ACCESS    read-only
        STATUS        current
        DESCRIPTION   "Specifies whether the CA entry contains a complete certificate chain"
        ::= { bsDigitalCertCaEntry 14 }

bsDigitalCertCaRowStatus OBJECT-TYPE
        SYNTAX        RowStatus
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION   "Used to create/delete entries"
        ::= { bsDigitalCertCaEntry 15 }

-- certificates table

bsDigitalCertTable OBJECT-TYPE
        SYNTAX        SEQUENCE OF BsDigitalCertEntry
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION   "Table of information about digital certificates"
        ::= { bsDigitalCertObjects 4 }

bsDigitalCertEntry OBJECT-TYPE
        SYNTAX        BsDigitalCertEntry
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION   "Entry containing
                       information about digital certificates"
        INDEX     { bsDigitalCertAssociatedContextType, bsDigitalCertAssociatedContextName, bsDigitalCertFileName }
        ::= { bsDigitalCertTable 1 }

BsDigitalCertEntry ::= SEQUENCE {
        bsDigitalCertAssociatedContextType          INTEGER,
        bsDigitalCertAssociatedContextName          DisplayString,
        bsDigitalCertFileName                       RcLongDisplayString,
        bsDigitalCertType                           INTEGER,
        bsDigitalCertChainPosition                  Integer32,
        bsDigitalCertSha1Hash                       DisplayString,
        bsDigitalCertMd5Hash                        DisplayString,
        bsDigitalCertVersionNumber                  DisplayString,
        bsDigitalCertSerialNumber                   DisplayString,
        bsDigitalCertIssuerName              	    RcLongDisplayString,
        bsDigitalCertValidStartPeriod               DateAndTime,
        bsDigitalCertValidEndPeriod                 DateAndTime,
        bsDigitalCertCertificateSignatureAlgorithm  INTEGER,
        bsDigitalCertCertificateSignature           RcLongDisplayString,
        bsDigitalCertSubject                        RcLongDisplayString,
        bsDigitalCertSubjectPublicKeyAlgorithm      INTEGER,
        bsDigitalCertSubjectPublicKey               OCTET STRING,
        bsDigitalCertHasBasicConstraint             TruthValue,
        bsDigitalCertHasKeyUsage                    TruthValue,
        bsDigitalCertIsCa                           TruthValue,
        bsDigitalCertKeyUsage                       BITS,
        bsDigitalCertStatus                         DisplayString,
        bsDigitalCertCdpUrl                         RcLongDisplayString,
        bsDigitalCertOcspUrl                        RcLongDisplayString,
        bsDigitalCertExtendedKeyUsage               DisplayString
        }

bsDigitalCertAssociatedContextType OBJECT-TYPE
        SYNTAX        INTEGER {
                                ca(1),
                                truststore(2)
                              }
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION   "Specifies the type of the associated context"
        ::= { bsDigitalCertEntry  1 }

bsDigitalCertAssociatedContextName OBJECT-TYPE
        SYNTAX        DisplayString (SIZE(1..45))
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION   "Specifies the name of the associated context"
        ::= { bsDigitalCertEntry  2 }

bsDigitalCertFileName OBJECT-TYPE
        SYNTAX        RcLongDisplayString (SIZE(0..512))
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION   "Specifies the common name value of the certificate subject"
        ::= { bsDigitalCertEntry  3 }

bsDigitalCertType OBJECT-TYPE
        SYNTAX        INTEGER {
                                 caCert(1),
                                 intermediateCaCert (2),
                                 subjectCert(3),
                                 raCert(4),
                                 crl(5)
                              }
        MAX-ACCESS    read-only
        STATUS        current
        DESCRIPTION   "Identifies certificate role in a chain of trust
                       'caCert'                 - Root Certificate Authority's Certificate
                       'intermediateCaCert'     - Intermediate Certificate Authority's Certificate
                       'subjectCert'            - Subject Certificate
                       'raCert'                 - Registration Authority Certificate
                       'crl'                    - Certificate Revocation List"
        ::= { bsDigitalCertEntry  4 }

bsDigitalCertChainPosition OBJECT-TYPE
        SYNTAX        Integer32
        MAX-ACCESS    read-only
        STATUS        current
        DESCRIPTION   "Certificate position in the chain or 0 if certificate is not part of the chain"
        ::= { bsDigitalCertEntry  5 }

bsDigitalCertSha1Hash OBJECT-TYPE
        SYNTAX        DisplayString (SIZE(0..254))
        MAX-ACCESS    read-only
        STATUS        current
        DESCRIPTION   "SHA1 certificate fingerprint"
        ::= { bsDigitalCertEntry  6 }

bsDigitalCertMd5Hash OBJECT-TYPE
        SYNTAX        DisplayString (SIZE(0..64))
        MAX-ACCESS    read-only
        STATUS        current
        DESCRIPTION   "MD5 certificate fingerprint"
        ::= { bsDigitalCertEntry  7 }

bsDigitalCertVersionNumber OBJECT-TYPE
        SYNTAX        DisplayString (SIZE(0..16))
        MAX-ACCESS    read-only
        STATUS        current
        DESCRIPTION   "Specifies the version number of the certificate for the subject 
                       as issued by the Certificate Authority"
        ::= { bsDigitalCertEntry  8 }

bsDigitalCertSerialNumber OBJECT-TYPE
        SYNTAX        DisplayString (SIZE(0..50))
        MAX-ACCESS    read-only
        STATUS        current
        DESCRIPTION   "Specifies the serial number of the certificate for the subject 
                       as issued by the Certificate Authority "
        ::= { bsDigitalCertEntry  9 }

bsDigitalCertIssuerName OBJECT-TYPE
        SYNTAX        RcLongDisplayString (SIZE(0..1000))
        MAX-ACCESS    read-only
        STATUS        current
        DESCRIPTION   "Specifies the issuer's name of the certificate for the subject 
                       as issued by the Certificate Authority"
        ::= { bsDigitalCertEntry 10 }

bsDigitalCertValidStartPeriod OBJECT-TYPE
        SYNTAX        DateAndTime
        MAX-ACCESS    read-only
        STATUS        current
        DESCRIPTION   "Specifies the start date of the validation period of the certificate 
                       for the subject as issued by the Certificate Authority "
        ::= { bsDigitalCertEntry 11 }

bsDigitalCertValidEndPeriod OBJECT-TYPE
        SYNTAX        DateAndTime
        MAX-ACCESS    read-only
        STATUS        current
        DESCRIPTION   "Specifies the last date of the validation period of the certificate 
                       for the subject as issued by the Certificate Authority"
        ::= { bsDigitalCertEntry 12 }

bsDigitalCertCertificateSignatureAlgorithm OBJECT-TYPE
        SYNTAX        INTEGER {
                                 rsaEncryption(1),
                                 md2withRSAEncryption(2),
                                 md4withRSAEncryption(3),
                                 md5withRSAEncryption(4),
                                 sha1withRSAEncryption(5),
                                 sha256withRSAEncryption(11),
                                 sha384withRSAEncryption(12),
                                 sha512withRSAEncryption(13),
                                 sha224withRSAEncryption(14)
                              }
        MAX-ACCESS    read-only
        STATUS        current
        DESCRIPTION   "Specifies the algorithm used for the issuer's signature on the certificate 
                   for the subject as issued by the Certificate Authority"
        ::= { bsDigitalCertEntry 13 }

bsDigitalCertCertificateSignature OBJECT-TYPE
        SYNTAX        RcLongDisplayString (SIZE(0..4096))
        MAX-ACCESS    read-only
        STATUS        current
        DESCRIPTION   "Specifies the issuer's signature on the certificate for the subject 
		       as issued by the Certificate Authority"
        ::= { bsDigitalCertEntry 14 }

bsDigitalCertSubject OBJECT-TYPE
        SYNTAX        RcLongDisplayString (SIZE(0..1000))
        MAX-ACCESS    read-only
        STATUS        current
        DESCRIPTION   "Specifies the details of the subject on its certificate as 
              issued by Certificate Authority "
        ::= { bsDigitalCertEntry 15 }

bsDigitalCertSubjectPublicKeyAlgorithm OBJECT-TYPE
        SYNTAX        INTEGER  { 
                                 rsaEncryption(1),
                                 md2withRSAEncryption(2),
                                 md4withRSAEncryption(3),
                                 md5withRSAEncryption(4),
                                 sha1withRSAEncryption(5),
                                 sha256withRSAEncryption(11),
                                 sha384withRSAEncryption(12),
                                 sha512withRSAEncryption(13),
                                 sha224withRSAEncryption(14)
                               }
        MAX-ACCESS    read-only
        STATUS        current
        DESCRIPTION   "Specifies the algorithm used to generate the subject's
                       public key for the certificate issued by the Certificate Authority"
        ::= { bsDigitalCertEntry 16 }

bsDigitalCertSubjectPublicKey OBJECT-TYPE
        SYNTAX        OCTET STRING (SIZE(0..2048))
        MAX-ACCESS    read-only
        STATUS        current
        DESCRIPTION   "Specifies the public key of the subject"
        ::= { bsDigitalCertEntry 17 }

bsDigitalCertHasBasicConstraint OBJECT-TYPE
        SYNTAX        TruthValue
        MAX-ACCESS    read-only
        STATUS        current
        DESCRIPTION   "Specifies whether certificate contains basic certificate constraint"
        ::= { bsDigitalCertEntry 18 }

bsDigitalCertHasKeyUsage OBJECT-TYPE
        SYNTAX        TruthValue
        MAX-ACCESS    read-only
        STATUS        current
        DESCRIPTION   "Specifies whether certificate contains basic key usage constraint"
        ::= { bsDigitalCertEntry 19 }

bsDigitalCertIsCa OBJECT-TYPE
        SYNTAX        TruthValue
        MAX-ACCESS    read-only
        STATUS        current
        DESCRIPTION   "Specifies whether this is Certificate Authority's certificate or not"
        ::= { bsDigitalCertEntry 20 }

bsDigitalCertKeyUsage OBJECT-TYPE
        SYNTAX        BITS {
                             digitalSignature(0),
                             nonRepudiation(1),
                             keyEncipherment(2),
                             dataEncipherment(3),
                             keyAgreement(4),
                             keyCertSign(5),
                             cRLSign(6),
                             encipherOnly(7),
                             decipherOnly(8)
                          }
        MAX-ACCESS    read-only
        STATUS        current
        DESCRIPTION   "specifies the purpose of the key used in the
                       certificate. It is represented in form of bits as follows-
                       bit 0 - digitalSignature
                       bit 1 - nonRepudiation
                       bit 2 - keyEncipherment
                       bit 3 - dataEncipherment
                       bit 4 - keyAgreement
                       bit 5 - keyCertSign
                       bit 6 - cRLSign
                       bit 7 - encipherOnly
                       bit 8 - decipherOnly"
        ::= { bsDigitalCertEntry 21 }

bsDigitalCertStatus OBJECT-TYPE
        SYNTAX        DisplayString (SIZE(0..129))
        MAX-ACCESS    read-only
        STATUS        current
        DESCRIPTION   "Specifies the status of the certificate"
        ::= { bsDigitalCertEntry 22 }

bsDigitalCertCdpUrl OBJECT-TYPE
        SYNTAX        RcLongDisplayString (SIZE(0..1000))
        MAX-ACCESS    read-only
        STATUS        current
        DESCRIPTION   "Specifies the CDP URL present in the Extensions 
                   field of the Digital Certificate."
        ::= { bsDigitalCertEntry 23 }

bsDigitalCertOcspUrl OBJECT-TYPE
        SYNTAX        RcLongDisplayString (SIZE(0..1000))
        MAX-ACCESS    read-only
        STATUS        current
        DESCRIPTION   "Specifies the OCSP URL present in the AIA
                   field of the Digital Certificate."
        ::= { bsDigitalCertEntry 24 }

bsDigitalCertExtendedKeyUsage OBJECT-TYPE
        SYNTAX        DisplayString (SIZE(0..128))
        MAX-ACCESS    read-only
        STATUS        current
        DESCRIPTION   "Specifies the purpose for which the key may be used,
                   in addition to or in place of the basic purposes
               indicated in the key-usage field of the certificate."
        ::= { bsDigitalCertEntry 25 }

END
