// Copyright (c) 2005 DMTF. All rights reserved. [Version ( "2.8.0" ), UMLPackagePath ( "CIM::Network::IPsec" ), Description ( "ESPTransform defines the parameters used for a phase 2 ESP " "(Encapsulating Security Protocol) Security Association." ), MappingStrings { "IPSP Model.IETF|ESPTransform" }] class CIM_ESPTransform : CIM_SATransform { [Description ( "IntegrityTransformId is an enumeration that specifies " "the ESP integrity algorithm to be used. The list of " "values is generated from the enumeration defined in " "RFC2407, Section 4.5. Note that the enumeration is " "different than the RFC list, since the values of Other " "and None are taken into account. Also, note that 2 " "(\"None\") is used when ESP is negotiated without " "authentication." ), ValueMap { "1", "2", "3", "4", "5", "6", "7..61439", "61440..65535" }, Values { "Other", "None", "MD5", "SHA-1", "DES", "KPDK", "DMTF/IANA Reserved", "Vendor Reserved" }, MappingStrings { "IPSP Model.IETF|ESPTransform.IntegrityTransformId", "RFC2407.IETF|Section 4.5" }, ModelCorrespondence { "CIM_ESPTransform.OtherIntegrityTransformId" }] uint16 IntegrityTransformId; [Description ( "Description of the integrity algorithm when the value 1 " "(\"Other\") is specified for the property, " "IntegrityTransformId." ), ModelCorrespondence { "CIM_ESPTransform.IntegrityTransformId" }] string OtherIntegrityTransformId; [Description ( "CipherTransformId is an enumeration that specifies the " "ESP encrypion algorithm to be used. The list of values " "is defined in RFC2407, Section 4.4.4, where the RFC\'s " "NULL value maps to 2-\"None\". Note that the enumeration " "is different than the RFC list, since \'Other\' is added " "to the enumeration." ), ValueMap { "1", "2", "3", "4", "5", "6", "7", "8", "9", "10", "11", "12" }, Values { "Other", "None", "DES_IV64", "DES", "3DES", "RC5", "IDEA", "CAST", "Blowfish", "3-IDEA", "DES_IV32", "RC4" }, MappingStrings { "IPSP Model.IETF|ESPTransform.CipherTransformId", "RFC2407.IETF|Section 4.4.4" }, ModelCorrespondence { "CIM_ESPTransform.OtherCipherTransformId" }] uint16 CipherTransformId; [Description ( "Description of the encryption algorithm when the value 1 " "(\"Other\") is specified for the property, " "CipherTransformId." ), ModelCorrespondence { "CIM_ESPTransform.CipherTransformId" }] string OtherCipherTransformId; [Description ( "CipherKeyLength specifies, in bits, the key length for " "the encryption algorithm. For algorithms with fixed key " "lengths, this value is ignored." ), Units ( "Bits" ), MappingStrings { "IPSP Model.IETF|ESPTransform.CipherKeyLength" }] uint16 CipherKeyLength; [Description ( "CipherKeyRounds specifies the key rounds for the " "encryption algorithm. For algorithms with a fixed number " "of key rounds, this value is ignored. Currently, key " "rounds are NOT defined for any ESP encryption " "algorithms." ), MappingStrings { "IPSP Model.IETF|ESPTransform.CipherKeyRounds" }] uint16 CipherKeyRounds; [Description ( "UseReplayPrevention causes the local peer to enable " "replay prevention detection. This can be accomplished by " "using a sequence number when sending a packet or " "checking the sequence number upon receipt of a packet." ), MappingStrings { "IPSP Model.IETF|ESPTransform.UseReplayPrevention" }] boolean UseReplayPrevention; [Description ( "ReplayPreventionWindowsSize specifies, in bits, the " "length of the sliding window used by the replay " "prevention mechanism. The value of this property is " "meaningless if UseReplayPrevention is false. The window " "size MUST be a power of 2." ), Units ( "Bits" ), MappingStrings { "IPSP Model.IETF|ESPTransform.ReplayPreventionWindowSize" }] uint32 ReplayPreventionWindowSize; };