auth_priv.h

hp snmp++ (support ipv6)

                           const unsigned char *password,
                           const unsigned int   password_len,
                           const unsigned char *engine_id,
                           const unsigned int   engine_id_len,
                           unsigned char *key,
                           unsigned int  *key_len);

  /**
   * Get the keyChange value for the specified keys using the given
   * authentication protocol.
   */
  int get_keychange_value(const int       auth_prot,
                          const OctetStr& old_key,
                          const OctetStr& new_key,
                          OctetStr&       keychange_value);

  /**
   * Get a pointer to a privacy protocol object.
   */
  Priv *get_priv(const int priv_prot);

  /**
   * Get a pointer to a authentication protocol object.
   */
  Auth *get_auth(const int auth_prot);

  /**
   * Get the unique id for the given auth protocol.
   *
   * @param string_id - The string returned by Auth::get_id_string()
   *
   * @return The id or -1
   */
  int get_auth_id(const char *string_id) const;

  /**
   * Get the unique id for the given priv protocol.
   *
   * @param string_id - The string returned by Priv::get_id_string()
   *
   * @return The id or -1
   */
  int get_priv_id(const char *string_id) const;

  /**
   * Encrypt a message.
   */
  int encrypt_msg(const int            priv_prot,
                  const unsigned char *key,
                  const unsigned int   key_len,
                  const unsigned char *buffer,
                  const unsigned int   buffer_len,
                  unsigned char       *out_buffer,
                  unsigned int        *out_buffer_len,
                  unsigned char       *privacy_params,
                  unsigned int        *privacy_params_len,
                  const unsigned long  engine_boots,
                  const unsigned long  engine_time);

  /**
   * Decrypt a message.
   */
  int decrypt_msg(const int            priv_prot,
                  const unsigned char *key,
                  const unsigned int   key_len,
                  const unsigned char *buffer,
                  const unsigned int   buffer_len,
                  unsigned char       *out_buffer,
                  unsigned int        *out_buffer_len,
                  const unsigned char *privacy_params,
                  const unsigned int   privacy_params_len,
		  const unsigned long  engine_boots,
		  const unsigned long  engine_time);

  /**
   * Get the length of the authentication parameters field of the given
   * authentication protocol.
   */
  int get_auth_params_len(const int auth_prot);

  /**
   * Get the length of the privacy parameters field of the given
   * privacy protocol.
   */
  int get_priv_params_len(const int priv_prot);

  /**
   * Fill in the authentication field of an outgoing message
   */
  int auth_out_msg(const int            auth_prot,
                   const unsigned char *key,
                   unsigned char       *msg,
                   const int            msg_len,
                   unsigned char       *auth_par_ptr);

  /**
   * Check the authentication field of an incoming message
   */
  int auth_inc_msg(const int            auth_prot,
                   const unsigned char *key,
                   unsigned char       *msg,
                   const int            msg_len,
                   unsigned char       *auth_par_ptr,
                   const int            auth_par_len);

private:

  AuthPtr *auth;   ///< Array of pointers to Auth-objects
  PrivPtr *priv;   ///< Array of pointers to Priv-objects
  int   auth_size; ///< current size of the auth array
  int   priv_size; ///< current size of the priv array
  pp_uint64 salt;  ///< current salt value (64 bits)
};


/**
 * Authentication module using SHA.
 *
 * @see Auth
 */
class DLLOPT AuthSHA: public Auth
{
public:
  int password_to_key(const unsigned char *password,
		      const unsigned int   password_len,
		      const unsigned char *engine_id,
		      const unsigned int   engine_id_len,
		      unsigned char       *key,
		      unsigned int        *key_len);

  int hash(const unsigned char *data,
	   const unsigned int   data_len,
	   unsigned char       *digest) const;

  int auth_out_msg(const unsigned char *key,
		   unsigned char       *msg,
		   const int            msg_len,
		   unsigned char       *auth_par_ptr);

  int auth_inc_msg(const unsigned char *key,
		   unsigned char       *msg,
		   const int            msg_len,
		   unsigned char       *auth_par_ptr,
                   const int            auth_par_len);

  int get_id() const { return SNMP_AUTHPROTOCOL_HMACSHA; };

  const char *get_id_string() const { return "HMAC-SHA"; };

  int get_auth_params_len() const { return 12; };

  int get_hash_len() const { return SNMPv3_AP_OUTPUT_LENGTH_SHA;};
};

/**
 * Authentication module using MD5.
 *
 * @see Auth
 */
class DLLOPT AuthMD5: public Auth
{
public:
  int password_to_key(const unsigned char *password,
		      const unsigned int   password_len,
		      const unsigned char *engine_id,
		      const unsigned int   engine_id_len,
		      unsigned char       *key,
		      unsigned int        *key_len);

  int hash(const unsigned char *data,
	   const unsigned int   data_len,
	   unsigned char       *digest) const;

  int auth_out_msg(const unsigned char *key,
		   unsigned char       *msg,
		   const int            msg_len,
		   unsigned char       *auth_par_ptr);


  int auth_inc_msg(const unsigned char *key,
		   unsigned char       *msg,
		   const int            msg_len,
		   unsigned char       *auth_par_ptr,
                   const int            auth_par_len);

  int get_id() const { return SNMP_AUTHPROTOCOL_HMACMD5; };

  const char *get_id_string() const { return "HMAC-MD5"; };

  int get_auth_params_len() const { return 12; };

  int get_hash_len() const { return SNMPv3_AP_OUTPUT_LENGTH_MD5;};
};

/**
 * Encryption module using DES.
 *
 * @see Priv
 */
class DLLOPT PrivDES: public Priv
{
 public:
#if defined(_USE_LIBTOMCRYPT) && !defined(_USE_OPENSSL)
  PrivDES();
 private:
  int cipher;
 public:
#endif
  int encrypt(const unsigned char *key,
              const unsigned int   key_len,
              const unsigned char *buffer,
              const unsigned int   buffer_len,
              unsigned char       *out_buffer,
              unsigned int        *out_buffer_len,
              unsigned char       *privacy_params,
              unsigned int        *privacy_params_len,
              const unsigned long  engine_boots,
              const unsigned long  engine_time);

  int decrypt(const unsigned char *key,
              const unsigned int   key_len,
              const unsigned char *buffer,
              const unsigned int   buffer_len,
              unsigned char       *out_buffer,
              unsigned int        *out_buffer_len,
              const unsigned char *privacy_params,
              const unsigned int   privacy_params_len,
	      const unsigned long  engine_boots,
	      const unsigned long  engine_time);

  int extend_short_key(const unsigned char *password,
                       const unsigned int   password_len,
                       const unsigned char *engine_id,
                       const unsigned int   engine_id_len,
                       unsigned char       *key,
                       unsigned int        *key_len,
                       const unsigned int   max_key_len,
                       Auth                *auth)
    { return SNMPv3_USM_ERROR; /* not needed for DES! */ };

  int get_id() const { return SNMP_PRIVPROTOCOL_DES; };
  const char *get_id_string() const { return "DES"; };
  int get_priv_params_len() const { return 8; };
  int get_min_key_len() const { return 16; };
  void fix_key_len(unsigned int &key_len) const
    { key_len = (key_len >= 16 ? 16 : 0); };
};

#ifdef _USE_IDEA
/**
 * Encryption module using IDEA.
 *
 * @see Priv
 */
class DLLOPT PrivIDEA: public Priv
{
public:

  int encrypt(const unsigned char *key,
              const unsigned int   key_len,
              const unsigned char *buffer,
              const unsigned int   buffer_len,
              unsigned char       *out_buffer,
              unsigned int        *out_buffer_len,
              unsigned char       *privacy_params,
              unsigned int        *privacy_params_len,
              const unsigned long  engine_boots,
              const unsigned long  engine_time);

  int decrypt(const unsigned char *key,
              const unsigned int   key_len,
              const unsigned char *buffer,
              const unsigned int   buffer_len,
              unsigned char       *out_buffer,
              unsigned int        *out_buffer_len,
              const unsigned char *privacy_params,
              const unsigned int   privacy_params_len,
	      const unsigned long  engine_boots,
	      const unsigned long  engine_time);

  int extend_short_key(const unsigned char *password,
                       const unsigned int   password_len,
                       const unsigned char *engine_id,
                       const unsigned int   engine_id_len,
                       unsigned char       *key,
                       unsigned int        *key_len,
                       const unsigned int   max_key_len,
                       Auth                *auth)
    { return SNMPv3_USM_ERROR; /* not needed for IDEA! */ };

  int get_id() const { return SNMP_PRIVPROTOCOL_IDEA; };
  const char *get_id_string() const { return "IDEA"; };
  int get_priv_params_len() const { return 8; };
  int get_min_key_len() const { return 16; };
  void fix_key_len(unsigned int &key_len) const
    { key_len = (key_len >= 16 ? 16 : 0); };
};

#endif


#if defined(_USE_LIBTOMCRYPT) || defined(_USE_OPENSSL)

/**
 * Encryption module using AES (only available with libtomcrypt).
 *
 * @see Priv
 */
class DLLOPT PrivAES: public Priv
{
public:

  PrivAES(const int aes_type_);

  int encrypt(const unsigned char *key,
              const unsigned int   key_len,
              const unsigned char *buffer,
              const unsigned int   buffer_len,
              unsigned char       *out_buffer,
              unsigned int        *out_buffer_len,
              unsigned char       *privacy_params,
              unsigned int        *privacy_params_len,
              const unsigned long  engine_boots,
              const unsigned long  engine_time);

  int decrypt(const unsigned char *key,
              const unsigned int   key_len,
              const unsigned char *buffer,
              const unsigned int   buffer_len,
              unsigned char       *out_buffer,
              unsigned int        *out_buffer_len,
              const unsigned char *privacy_params,
              const unsigned int   privacy_params_len,
	      const unsigned long  engine_boots,
	      const unsigned long  engine_time);

  int extend_short_key(const unsigned char *password,
                       const unsigned int   password_len,
                       const unsigned char *engine_id,
                       const unsigned int   engine_id_len,
                       unsigned char       *key,
                       unsigned int        *key_len,
                       const unsigned int   max_key_len,
                       Auth                *auth);

  int get_id() const { return aes_type; };
  const char *get_id_string() const;
  int get_priv_params_len() const { return 8; };
  int get_min_key_len() const { return key_bytes; };
  void fix_key_len(unsigned int &key_len) const
    { key_len = (key_len >= (unsigned)key_bytes ? key_bytes : 0); };

 private:
  int aes_type;
  int key_bytes;
  int rounds;
#if defined(_USE_LIBTOMCRYPT) && !defined(_USE_OPENSSL)
  int cipher;
#endif
  int need_byteswap;
};
#endif // _USE_LIBTOMCRYPT or _USE_OPENSSL

#ifdef _USE_3DES_EDE
/**
 * Encryption module using TripleDES-EDE KEY
 * 
 *
 * @see Priv
 */
#define TRIPLEDES_EDE_KEY_LEN 32


class DLLOPT Priv3DES_EDE: public Priv
{
public:
#if defined(_USE_LIBTOMCRYPT) && !defined(_USE_OPENSSL)
  Priv3DES_EDE();
 private:
  int cipher;
 public:
#endif

  int encrypt(const unsigned char *key,
              const unsigned int   key_len,
              const unsigned char *buffer,
              const unsigned int   buffer_len,
              unsigned char       *out_buffer,
              unsigned int        *out_buffer_len,
              unsigned char       *privacy_params,
              unsigned int        *privacy_params_len,
              const unsigned long  engine_boots,
              const unsigned long  engine_time);

  int decrypt(const unsigned char *key,
              const unsigned int   key_len,
              const unsigned char *buffer,
              const unsigned int   buffer_len,
              unsigned char       *out_buffer,
              unsigned int        *out_buffer_len,
              const unsigned char *privacy_params,
              const unsigned int   privacy_params_len,
	      const unsigned long  engine_boots,
	      const unsigned long  engine_time);

  int extend_short_key(const unsigned char *password,
                       const unsigned int   password_len,
                       const unsigned char *engine_id,
                       const unsigned int   engine_id_len,
                       unsigned char       *key,
                       unsigned int        *key_len,
                       const unsigned int   max_key_len,
                       Auth                *auth);

  int get_id() const { return SNMP_PRIVPROTOCOL_3DESEDE; };
  const char *get_id_string() const { return "3DESEDE"; };
  int get_priv_params_len() const { return 8; };
  int get_min_key_len() const { return TRIPLEDES_EDE_KEY_LEN; };
  void fix_key_len(unsigned int &key_len) const
    { key_len = (key_len >= TRIPLEDES_EDE_KEY_LEN
                                              ? TRIPLEDES_EDE_KEY_LEN : 0); };
#ifdef _TEST
  bool test();
#endif
};

#endif // _USE_3DES_EDE

#ifdef SNMP_PP_NAMESPACE
}; // end of namespace Snmp_pp
#endif 

#endif // _SNMPv3

#endif