SAFENET-HSM-MIB DEFINITIONS ::= BEGIN

--
-- Copyright 2013-14 SafeNet, Inc. All rights reserved.
--
-- All rights reserved. This file contains information that is
-- proprietary to SafeNet, Inc. and may not be distributed
-- or copied without written consent from SafeNet, Inc.
--

IMPORTS
    MODULE-IDENTITY, OBJECT-TYPE, enterprises, Unsigned32, Counter32, Counter64  FROM SNMPv2-SMI
    DisplayString, TruthValue FROM SNMPv2-TC
    luna FROM SAFENET-GLOBAL-MIB;


hardwareSecurityModules MODULE-IDENTITY
    LAST-UPDATED "201407171200Z"
    ORGANIZATION "www.safenet-inc.com"
    CONTACT-INFO    
          "
      postal: 20 Colonnade Road, Suite 200
                    Ottawa, ON
                    Canada
                    K2E 7M6

      phone:    1-613-723-5077
      email:    support@safenet-inc.com
          "
    DESCRIPTION
     "
           SafeNet MIB definition for Hardware Security Modules on a managed element.

           This file contains the definitions for the Hardware Security Module managed elements supported 
           by the SafeNet Luna SNMP Agent. The following are the supported elements:
            hsmTable          
                - This table provides a list of all the HSM information on the managed element.
            hsmPartitionTable 
                - This table provides a list of all the partition information on the managed element. 
            hsmLicenseTable   
                - This table provides a list of all the license information on the managed element.
            hsmPolicyTable
                - This table provides a list of all the HSM policy information on the managed element.
            hsmPartitionPolicyTable
                -  This table provides a list of all the partition policy information on the managed element.
            hsmClientRegistrationTable
                - This table provides a list of registered clients.
            hsmClientPartitionAssignmentTable 
                - This table provides a list of assigned partitions for a given client.
     "
    REVISION     "201407171200Z"
    DESCRIPTION  "Second release."
    ::= { luna 1 }


--
-- Hardware Security Module Table
--

hsmTable OBJECT-TYPE
    SYNTAX      SEQUENCE OF HsmTableEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION 
        "Table containing information about each available Hardware Security Module on the managed platform."
    ::= { hardwareSecurityModules 2 }


hsmTableEntry OBJECT-TYPE
    SYNTAX      HsmTableEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "Each entry in the HSM Table is made up of attributes specified in this entry."
   INDEX    { hsmSerialNumber }
    ::= { hsmTable 1 }

    
HsmTableEntry ::=
    SEQUENCE {
        hsmSerialNumber          DisplayString,    -- serial number of the HSM  
        hsmFirmwareVersion       DisplayString,    -- version of firmware executing on the HSM
        hsmLabel                 DisplayString,    -- label associated with the HSM
        hsmModel                 DisplayString,    -- model identifier for the HSM
        hsmAuthenticationMethod  INTEGER,          -- authentication mode of the HSM
        hsmRpvInitialized        INTEGER,          -- remote PED vector initialized flag of the HSM
        hsmFipsMode              TruthValue,       -- FIPS 140-2 operation mode enabled flag of the HSM
        hsmPerformance           INTEGER,          -- performance level of the HSM
        hsmStorageTotalBytes     Unsigned32,       -- total storage capacity in bytes of the HSM
        hsmStorageAllocatedBytes Unsigned32,       -- number of allocated bytes on the HSM
        hsmStorageAvailableBytes Unsigned32,       -- number of available bytes on the HSM 
        hsmMaximumPartitions     Unsigned32,       -- maximum number of partitions allowed on the HSM
        hsmPartitionsCreated     Unsigned32,       -- number of partitions created on the HSM
        hsmPartitionsFree        Unsigned32,       -- number of partitions that can still be created on the HSM 
        hsmBackupProtocol        INTEGER,          -- backup protocol used on the HSM
        hsmAdminLoginAttempts    Counter32,        -- number of failed Administrator login attempts left before HSM zeroized
        hsmAuditRoleInitialized  INTEGER,          -- audit role is initialized flag
        hsmManuallyZeroized      TruthValue,       -- was HSM manually zeroized flag
        hsmUpTime                Counter64,        -- up time in seconds since last HSM reset
        hsmBusyTime              Counter64,        -- busy time in seconds since the last HSM reset 
        hsmCommandCount          Counter64         -- HSM commands processed since last HSM reset
    }

    
hsmSerialNumber OBJECT-TYPE
    SYNTAX     DisplayString
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "The serial number of the HSM. It is used as the index into tables."
    ::= { hsmTableEntry 1 }


hsmFirmwareVersion OBJECT-TYPE
    SYNTAX     DisplayString
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "The version of firmware executing on the HSM."
    ::= { hsmTableEntry 2 }

    
hsmLabel OBJECT-TYPE
    SYNTAX     DisplayString
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "The label associated with the HSM."
    ::= { hsmTableEntry 3 }

    
hsmModel OBJECT-TYPE
    SYNTAX     DisplayString
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "The model identifier for the HSM."
    ::= { hsmTableEntry 4 }


hsmAuthenticationMethod OBJECT-TYPE
    SYNTAX     INTEGER {
        unknown(1),      -- not known
        password(2),     -- requires passwords
        pedKeys(3)       -- requires PED
    }     
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "The authentication mode of the HSM."
    ::= { hsmTableEntry 5 }


hsmRpvInitialized OBJECT-TYPE
    SYNTAX     INTEGER {
        notSupported(1),    -- RPV not supported
        uninitialized(2),   -- RPV not initialized
        initialized(3)      -- RPV initialized
    }
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "The remote PED vector initialized flag of the HSM."
    ::= { hsmTableEntry 6 }

    
hsmFipsMode OBJECT-TYPE
    SYNTAX     TruthValue
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "The FIPS 140-2 operation mode enabled flag of the HSM."
    ::= { hsmTableEntry 7 }


hsmPerformance OBJECT-TYPE
    SYNTAX    INTEGER
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "The performance level of the HSM."
    ::= { hsmTableEntry 8  }

        
hsmStorageTotalBytes OBJECT-TYPE
    SYNTAX    Unsigned32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "The total storage capacity in bytes of the HSM."
    ::= { hsmTableEntry 9 }

    
hsmStorageAllocatedBytes OBJECT-TYPE
    SYNTAX    Unsigned32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "The number of allocated bytes on the HSM."
    ::= { hsmTableEntry 10 }

    
hsmStorageAvailableBytes OBJECT-TYPE
    SYNTAX    Unsigned32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "The number of available bytes on the HSM."
    ::= { hsmTableEntry 11 }

    
hsmMaximumPartitions OBJECT-TYPE
    SYNTAX    Unsigned32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "The maximum number of partitions allowed on the HSM."
    ::= { hsmTableEntry 12 }


hsmPartitionsCreated OBJECT-TYPE
    SYNTAX    Unsigned32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "The number of partitions created on the HSM."
    ::= { hsmTableEntry 13 }


hsmPartitionsFree OBJECT-TYPE
    SYNTAX    Unsigned32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "The number of partitions that can still be created on the HSM."
    ::= { hsmTableEntry 14 }


hsmBackupProtocol OBJECT-TYPE
    SYNTAX    INTEGER {
        unknown(1),
        none(2),
        cloning(3),
        keyExport(4)
    }
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "The backup protocol used on the HSM."
    ::= { hsmTableEntry 15 }
    
        
hsmAdminLoginAttempts OBJECT-TYPE
    SYNTAX    Counter32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "The number of failed Administrator login attempts remaining before HSM is zeroized."
    ::= { hsmTableEntry 16 }
    
    
hsmAuditRoleInitialized OBJECT-TYPE
    SYNTAX    INTEGER {
        notSupported(0),
        yes(1),
        no(2)
    }
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "The flag that specifies if the audit role is initialized."
    ::= { hsmTableEntry 17 }
    
    
hsmManuallyZeroized OBJECT-TYPE
    SYNTAX    TruthValue
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "The flag that specifies if HSM has been manually zeroized."
    ::= { hsmTableEntry 18 }
    
  
hsmUpTime OBJECT-TYPE
    SYNTAX    Counter64
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "The number of seconds the HSM has been up since the last HSM reset."
    ::= { hsmTableEntry 19 }  
    
    
hsmBusyTime OBJECT-TYPE
    SYNTAX    Counter64
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "The number of seconds the HSM has been busy since the last HSM reset."
    ::= { hsmTableEntry 20 }    


hsmCommandCount OBJECT-TYPE
    SYNTAX    Counter64
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "The number of HSM commands processed since the last HSM reset."
    ::= { hsmTableEntry 21 }
    
     
--
-- Hardware Security Module License Table
--

hsmLicenseTable OBJECT-TYPE
    SYNTAX      SEQUENCE OF HsmLicenseTableEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION 
        "This table contains the licensing information for each HSM."
    ::= { hardwareSecurityModules 3 }

    
hsmLicenseTableEntry OBJECT-TYPE
    SYNTAX      HsmLicenseTableEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "The HSM License table attributes are accessed with two indices, the first index identifies the HSM
         for which the license entry corresponds (hsmSerialNumber), and the second is the index for the 
         corresponding license (hsmLicenseID)."
   INDEX    { hsmSerialNumber, hsmLicenseID }
    ::= { hsmLicenseTable 1 }

    
HsmLicenseTableEntry ::=
    SEQUENCE {
        hsmLicenseID            DisplayString,  -- license identifier
        hsmLicenseDescription   DisplayString   -- license description 
    }


hsmLicenseID OBJECT-TYPE
    SYNTAX     DisplayString
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "The license identifier. This identifier is used as an index into the table."
    ::= { hsmLicenseTableEntry 1 }


hsmLicenseDescription OBJECT-TYPE
    SYNTAX     DisplayString
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "The license description."
    ::= { hsmLicenseTableEntry 2 }


--
-- Hardware Security Module Partition Table
--

hsmPartitionTable OBJECT-TYPE
    SYNTAX      SEQUENCE OF HsmPartitionTableEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION "This table contains the partition information for each HSM."
    ::= { hardwareSecurityModules 4 }


hsmPartitionTableEntry OBJECT-TYPE
    SYNTAX      HsmPartitionTableEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "The HSM partition table attributes are accessed with two indices, the first index corresponds the HSM index
         for which the partition entry corresponds, and the second is the index into the corresponding partitions."
   INDEX    { hsmSerialNumber, hsmPartitionSerialNumber }
    ::= { hsmPartitionTable 1 }

    
HsmPartitionTableEntry ::=
    SEQUENCE {
        hsmPartitionSerialNumber          DisplayString,     -- serial number for the partition     
        hsmPartitionLabel                 DisplayString,     -- label assigned to the partition
        hsmPartitionActivated             TruthValue,        -- partition activation flag
        hsmPartitionStorageTotalBytes     Unsigned32,        -- total storage capacity in bytes of the partition
        hsmPartitionStorageAllocatedBytes Unsigned32,        -- number of allocated (in use) bytes on the partition
        hsmPartitionStorageAvailableBytes Unsigned32,        -- number of available (unused) bytes on the partition
        hsmPartitionObjectCount           Unsigned32         -- number of objects in the partition
    }


hsmPartitionSerialNumber OBJECT-TYPE
    SYNTAX     DisplayString
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
         "The serial number for the partition. Also an index into the table."
    ::= { hsmPartitionTableEntry 1}


hsmPartitionLabel OBJECT-TYPE
    SYNTAX     DisplayString
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "The label assigned to the partition."
    ::= { hsmPartitionTableEntry 2 }

    
hsmPartitionActivated OBJECT-TYPE
    SYNTAX     TruthValue
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "The partition activation flag."
    ::= { hsmPartitionTableEntry 3 }

    
hsmPartitionStorageTotalBytes OBJECT-TYPE
    SYNTAX     Unsigned32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "The total storage capacity in bytes of the partition."
    ::= { hsmPartitionTableEntry 4 }

    
hsmPartitionStorageAllocatedBytes OBJECT-TYPE
    SYNTAX     Unsigned32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "The number of allocated (in use) bytes on the partition."
    ::= { hsmPartitionTableEntry 5 }

    
hsmPartitionStorageAvailableBytes OBJECT-TYPE
    SYNTAX     Unsigned32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "The number of available (unused) bytes on the partition."
    ::= { hsmPartitionTableEntry 6 }

    
hsmPartitionObjectCount OBJECT-TYPE
    SYNTAX    Unsigned32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "The number of objects in the partition."
    ::= { hsmPartitionTableEntry 7 }


--
-- Policy Table
-- 

hsmPolicyTable OBJECT-TYPE
    SYNTAX      SEQUENCE OF HsmPolicyTableEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION 
        "This table contains the policy information for each HSM."
    ::= { hardwareSecurityModules 5 }

    
hsmPolicyTableEntry OBJECT-TYPE
    SYNTAX      HsmPolicyTableEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "The HSM policy table attributes are accessed with two indices, the first index corresponds the HSM index
         for which the policy entry corresponds, and the second is the index into the corresponding policies."
    INDEX    { hsmSerialNumber, hsmPolicyType, hsmPolicyID }
    ::= { hsmPolicyTable 1 }

    
HsmPolicyTableEntry ::=
    SEQUENCE {
        hsmPolicyType                  INTEGER,       -- type of policy
        hsmPolicyID                    Unsigned32,    -- policy identifier
        hsmPolicyDescription           DisplayString, -- description of the policy
        hsmPolicyValue                 DisplayString  -- current value of the policy
    }

hsmPolicyType OBJECT-TYPE
    SYNTAX      INTEGER {
        capability(1),
        policy(2)
     }
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
            "The policy type. Type of policy."
    ::= { hsmPolicyTableEntry 1 }  
    
hsmPolicyID OBJECT-TYPE
    SYNTAX      Unsigned32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
            "The policy identifier. Also an index into policy Table."
    ::= { hsmPolicyTableEntry 2 }


hsmPolicyDescription OBJECT-TYPE
    SYNTAX     DisplayString
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "The description of the policy."
    ::= { hsmPolicyTableEntry 3 }


hsmPolicyValue OBJECT-TYPE
    SYNTAX     DisplayString
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "The current value of the policy"
    ::= { hsmPolicyTableEntry 4 }
  
--
-- Partition Policy Table
--

hsmPartitionPolicyTable OBJECT-TYPE
    SYNTAX      SEQUENCE OF HsmPartitionPolicyTableEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION 
        "This table contains the policy information for each partition."
    ::= { hardwareSecurityModules 6 }

    
hsmPartitionPolicyTableEntry OBJECT-TYPE
    SYNTAX      HsmPartitionPolicyTableEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "The Partition policy table attributes are accessed with four indices, the first index corresponds the HSM index
         for which the HSM containing the partition for which these policies apply, the second index corresponds to
         the partition that has the corresponding policies, and the third index identifies capabilities or policies,
         and the fourth is an index which corresponds to a specific policy  for the partition."
    INDEX    { hsmSerialNumber, hsmPartitionSerialNumber, hsmPartitionPolicyType, hsmPartitionPolicyID }
    ::= { hsmPartitionPolicyTable 1 }

    
HsmPartitionPolicyTableEntry ::=
    SEQUENCE {
        hsmPartitionPolicyType                 INTEGER,       -- capability or policy   
        hsmPartitionPolicyID                   Unsigned32,    -- policy identifier
        hsmPartitionPolicyDescription          DisplayString, -- description of the policy
        hsmPartitionPolicyValue                DisplayString  -- current value of the policy
    }


hsmPartitionPolicyType OBJECT-TYPE
    SYNTAX      INTEGER {
        capability(1),
        policy(2)
     }
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
            "The partition policy type. Type of policy."
    ::= { hsmPartitionPolicyTableEntry 1 } 
    
    
hsmPartitionPolicyID OBJECT-TYPE
    SYNTAX      Unsigned32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
            "The policy identifier. Also the index into policy Table."
    ::= { hsmPartitionPolicyTableEntry 2 }


hsmPartitionPolicyDescription OBJECT-TYPE
    SYNTAX     DisplayString
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "The description of the policy."
    ::= { hsmPartitionPolicyTableEntry 3 }


hsmPartitionPolicyValue OBJECT-TYPE
    SYNTAX     DisplayString
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "The current value of the policy"
    ::= { hsmPartitionPolicyTableEntry 4 }


--
-- Client Registration Table
--

hsmClientRegistrationTable OBJECT-TYPE
    SYNTAX      SEQUENCE OF HsmClientRegistrationTableEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION "This table contains a list of client information."
    ::= { hardwareSecurityModules 7 }


hsmClientRegistrationTableEntry OBJECT-TYPE
    SYNTAX      HsmClientRegistrationTableEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "This entry specifies the information provided for a specific client. Attributes in an entry are
        indexed by the hsmTableIndex, hsmPartitionTableIndex and the hsmClientRegistrationTableIndex. This gives us the
        relationship of clients per partition per HSM."
    INDEX    { hsmClientName }
    ::= { hsmClientRegistrationTable 1 }


HsmClientRegistrationTableEntry ::=
    SEQUENCE {
        hsmClientName                    DisplayString,     -- name of the client
        hsmClientAddress                 DisplayString,     -- address of the client
        hsmClientRequiresHTL             TruthValue,        -- flag specifying if HTL required for the client
        hsmClientOTTExpiry               INTEGER            -- OTT expiry time (-1 if not provisioned)
    }


hsmClientName OBJECT-TYPE
    SYNTAX     DisplayString
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "The name of the client. Also index into table."
    ::= { hsmClientRegistrationTableEntry 1 }

    
hsmClientAddress OBJECT-TYPE
    SYNTAX     DisplayString
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "The address of the client."
    ::= { hsmClientRegistrationTableEntry 2 }

 
hsmClientRequiresHTL OBJECT-TYPE
    SYNTAX     TruthValue
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "The flag specifying if HTL required for the client."
    ::= { hsmClientRegistrationTableEntry 3 }
    
    
hsmClientOTTExpiry OBJECT-TYPE
    SYNTAX     INTEGER
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "The flag specifying if OTT expiry time for the client. (-1 if not provisioned)"
    ::= { hsmClientRegistrationTableEntry 4 }    


--
-- Client Partition Assignment Table
--  

hsmClientPartitionAssignmentTable OBJECT-TYPE
    SYNTAX      SEQUENCE OF HsmClientPartitionAssignmentTableEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION "This table contains a list of client information."
    ::= { hardwareSecurityModules 8 }
    
    
hsmClientPartitionAssignmentTableEntry OBJECT-TYPE
    SYNTAX      HsmClientPartitionAssignmentTableEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "This entry specifies the indexes of the corresponding HSM and partitions that can be accessed by a given client"
    INDEX    {  hsmClientName, hsmSerialNumber, hsmPartitionSerialNumber }
    ::= { hsmClientPartitionAssignmentTable 1 }


HsmClientPartitionAssignmentTableEntry ::=
    SEQUENCE {
        hsmClientHsmSerialNumber                DisplayString,  -- index into the HSM table
        hsmClientPartitionSerialNumber          DisplayString   -- index into the Partition Table
    }
    

hsmClientHsmSerialNumber OBJECT-TYPE
    SYNTAX      DisplayString
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The index into the HSM table for the corresponding client."
    ::= { hsmClientPartitionAssignmentTableEntry 1 }
    

hsmClientPartitionSerialNumber OBJECT-TYPE
    SYNTAX      DisplayString
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The index into the partition table for the corresponding client."
    ::= { hsmClientPartitionAssignmentTableEntry 2 }
    
END

