-- Copyright (C) 2008-2014 Super Micro Computer Inc. All Rights Reserved

--*************************************************************************
--$Id: fsfips.mib,v 1.6 2012/09/07 09:52:05 siva Exp $
--
--Description : This file contains MIB definitions for FIPS feature.
--
--*************************************************************************/

-- This document explains the proprietary MIB implemented for FIPS
-- PUB 140-2 Features

-- The standard defines the security requirements that must be satisfied by
-- a cryptographic module used in a security system protecting unclassified
-- formation within IT systems. There are four levels of security: from 
-- Level 1 (lowest) to Level 4 (highest). These levels are intended to cover
-- the wide range of potential applications and environments in which
-- cryptographic modules may be deployed. The security requirements cover
-- areas related to the secure design and implementation of a cryptographic
-- module. These areas include basic design and documentation, module 
-- interfaces, authorised roles and services, physical security, software
-- security, operating system security, key management, cryptographic
-- algorithms, electromagnetic interference/electromagnetic compatibility
-- (EMI/EMC), and self-testing.
-- 

SUPERMICRO-FIPS-MIB DEFINITIONS ::= BEGIN

-- ************************************************************************
--                  IMPORTS
-- ************************************************************************
IMPORTS 
    MODULE-IDENTITY, OBJECT-TYPE, Integer32, enterprises FROM SNMPv2-SMI
    TruthValue FROM SNMPv2-TC;

-- ************************************************************************
--                  START OF THE MODULE
-- ************************************************************************
fsFips MODULE-IDENTITY
    LAST-UPDATED "201209050000Z"
    ORGANIZATION "Super Micro Computer Inc." 

    CONTACT-INFO "support@Supermicro.com"

    DESCRIPTION 
        "The Proprietary MIB for FIPS module"
  
    REVISION "201209050000Z"

    DESCRIPTION 
         "Initial Creation" 
    ::=  { enterprises supermicro-computer-inc(10876) super-switch(101) basic(2) 63}


-- ----------------------------------------------------------------- -- 
-- groups in the MIB  
-- ----------------------------------------------------------------- -- 

    fsFipsConfigurations          OBJECT IDENTIFIER ::= { fsFips 1 }

-- ---------------------------------------------------------------- --

-- Operational Mode Configuration Group

fsFipsOperMode  OBJECT-TYPE
    SYNTAX      INTEGER { fips(1), nonfips(2) }
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "This object tells whether the current operational mode is FIPS
         mode or NON-FIPS mode"

    DEFVAL      { nonfips }
    ::= { fsFipsConfigurations 1 }

fsFipsTestAlgo OBJECT-TYPE 
    SYNTAX      Integer32          
    MAX-ACCESS  read-write 
    STATUS      current 
    DESCRIPTION 
      "This object is used to trigger FIPS Known Answer Test for the 
       below mentioned algorithms. The bit positions to run specific 
       algorithm are as shown below :

       Bit 0  - SHA-1
       Bit 1  - SHA-2
       Bit 2  - HMAC-SHA
       Bit 3  - AES
       Bit 4  - DES
       Bit 5  - RAND
       Bit 6  - RSA
       Bit 7  - DSA"

    DEFVAL { 0 }
    ::= { fsFipsConfigurations 2 }

fsfipsZeroizeCryptoKeys OBJECT-TYPE
    SYNTAX      TruthValue
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
      "Setting this value to true will delete all cryptographic
        keys present in ipsecv4, ipsecv6, ike, radius, ssh and ssl modules."
    DEFVAL   { false }
    ::= { fsFipsConfigurations 3 }

fsFipsTraceLevel OBJECT-TYPE 
    SYNTAX      Integer32          
    MAX-ACCESS  read-write 
    STATUS      current 
    DESCRIPTION 
      "This object is used to store the trace options that are enabled
       by the user. The bit positions to enable specific traces are as 
       shown below :

       Bit 0  - init-shut
       Bit 1  - mgmt
       Bit 2  - data
       Bit 3  - ctrl
       Bit 4  - pkt-dump
       Bit 5  - resource
       Bit 6  - all-fail
       Bit 7  - buf

       A value of zero(0) indicates traces are disabled and a value with 
       all bits set to one indicates all traces are enabled.
       By default traces are disabled."
    DEFVAL { '00000000'H }
    ::= { fsFipsConfigurations 4 }

fsFipsTestExecutionResult OBJECT-TYPE 
    SYNTAX      Integer32          
    MAX-ACCESS  read-only
    STATUS      current 
    DESCRIPTION 
      "This object is used to store the results of last run FIPS Known 
       Answer Test. The bit positions specifies the result of the execution
       of the corresponding algorithm. If the bit is set the
       corresponding algorithm test is successful. Otherwise test is not
       executed or failed.

       Bit 0  - SHA-1
       Bit 1  - SHA-2
       Bit 2  - HMAC-SHA
       Bit 3  - AES
       Bit 4  - DES
       Bit 5  - RAND
       Bit 6  - RSA
       Bit 7  - DSA"

    DEFVAL { 0 }
    ::= { fsFipsConfigurations 5 }

fsFipsFailedAlgorithm OBJECT-TYPE 
    SYNTAX      Integer32          
    MAX-ACCESS  read-only
    STATUS      current 
    DESCRIPTION 
      "This object is used to store the failed algorithm in the last run
       FIPS Known Answer Test. If the bit is set the corresponding algorithm
       test failed in the last execution. The bit positions to the
       corresponding algorithm are as shown below :

       Bit 0  - SHA-1
       Bit 1  - SHA-2
       Bit 2  - HMAC-SHA
       Bit 3  - AES
       Bit 4  - DES
       Bit 5  - RAND
       Bit 6  - RSA
       Bit 7  - DSA"

    DEFVAL { 0 }
    ::= { fsFipsConfigurations 6 }

fsFipsBypassCapability  OBJECT-TYPE
    SYNTAX      INTEGER { bypassCapability(1), noBypassCapability(2) }
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "This object is used to enable/disable the crypto bypass capability.
         The default value for this object is 'no bypass-capability' (2)."

    DEFVAL      { noBypassCapability }
    ::= { fsFipsConfigurations 7 }
END
