C# Class SnmpSharpNet.Privacy3DES

TripleDES privacy protocol implementation class.
TripleDES privacy implementation is based on the Internet Draft proposal to the SNMPv3 Working Group titled: Extension to the User-Based Security Model (USM) to Support Triple-DES EDE in "Outside" CBC Mode High level, TripleDES privacy in SNMPv3 uses DES-EDE. What this means is that a key is generated that is 24 bytes long. This key is split into 3 * 8 byte keys suitable for use with DES. Keys are then used to perform ecryption, decryption and another encryption using DES. Additionally, each block is XORed with the previous block of encrypted data, or if working on the first block, IV value. For details see draft-reeder-snmpv3-usm-3desede-00.txt. Important: TripleDES privacy protocol is not based on a standard. This extension to the USM standard has been proposed and has expired without approval or move to the standards track. Some vendors have implemented this privacy protocol and for the completeness of the library, it has been included in SnmpSharpNet. Troubleshooting of TripleDES encryption is difficult because of the low availability so if you find problems with the SnmpSharpNet implementation, please try to provide me with as much detail, both about your code and the type/version/mode of the agent you are working with.
Inheritance: IPrivacyProtocol
Mostra file Open project: griffina/SnmpSharpNet

Protected Properties

Property Type Description
_salt System.Int32

Public Methods

Method Description
Decrypt ( byte encryptedData, int offset, int length, byte key, int engineBoots, int engineTime, byte privacyParameters ) : byte[]

Decrypt TripleDES encrypted ScopedPdu

Encrypt ( byte unencryptedData, int offset, int length, byte key, int engineBoots, int engineTime, byte &privacyParameters, IAuthenticationDigest authDigest ) : byte[]

Encrypt ScopedPdu using TripleDES encryption protocol

ExtendShortKey ( byte shortKey, byte password, byte engineID, IAuthenticationDigest authProtocol ) : byte[]

Extends the encryption key if key size returned by PasswordToKey is less then minimum required by the encryption protocol.

There is no need to call this method in a user application becuase PasswordToKey() method will make the call if password it generates is too short.

GetEncryptedLength ( int scopedPduLength ) : int

Get final encrypted length

TripleDES performs encryption on 8 byte blocks so the final encrypted size will be a mulitiple of 8 with padding added to the end of the ScopedPdu if required.

NextSalt ( ) : int

Returns next salt value.

PasswordToKey ( byte secret, byte engineId, IAuthenticationDigest authProtocol ) : byte[]

Convert privacy password into encryption key using packet authentication hash.

Privacy3DES ( ) : System

Standard constructor.

Private Methods

Method Description
GetIV ( byte privacyKey, byte salt ) : byte[]

Generate IV from the privacy key and salt value returned by GetSalt method.

GetSalt ( int engineBoots ) : byte[]

Get TripleDES encryption salt value.

Salt value is generated by concatenating engineBoots value with the random integer value.

Method Details

Decrypt() public method

Decrypt TripleDES encrypted ScopedPdu
Thrown when encrypted data is null or length == 0 Thrown when encryption key length is less then 32 byte or if privacy parameters /// argument is null or length other then 8 bytes
public Decrypt ( byte encryptedData, int offset, int length, byte key, int engineBoots, int engineTime, byte privacyParameters ) : byte[]
encryptedData byte Source data buffer
offset int Offset within the buffer to start decryption process
length int Length of data to decrypt
key byte Decryption key. Key length has to be 32 bytes in length or longer (bytes beyond 32 bytes are ignored).
engineBoots int Authoritative engine boots value
engineTime int Authoritative engine time value
privacyParameters byte Privacy parameters extracted from USM header
return byte[]

Encrypt() public method

Encrypt ScopedPdu using TripleDES encryption protocol
Thrown when encryption key is null or length of the encryption key is too short.
public Encrypt ( byte unencryptedData, int offset, int length, byte key, int engineBoots, int engineTime, byte &privacyParameters, IAuthenticationDigest authDigest ) : byte[]
unencryptedData byte Unencrypted ScopedPdu byte array
offset int Offset to start encryption
length int Length of data to encrypt
key byte Encryption key. Key has to be at least 32 bytes is length
engineBoots int Authoritative engine boots value
engineTime int Authoritative engine time value.
privacyParameters byte Privacy parameters out buffer. This field will be filled in with information /// required to decrypt the information. Output length of this field is 8 bytes and space has to be reserved /// in the USM header to store this information
authDigest IAuthenticationDigest Authentication digest class reference. Used by TripleDES.
return byte[]

ExtendShortKey() public method

Extends the encryption key if key size returned by PasswordToKey is less then minimum required by the encryption protocol.
There is no need to call this method in a user application becuase PasswordToKey() method will make the call if password it generates is too short.
public ExtendShortKey ( byte shortKey, byte password, byte engineID, IAuthenticationDigest authProtocol ) : byte[]
shortKey byte Encryption key
password byte Privacy password
engineID byte Authoritative engine id
authProtocol IAuthenticationDigest Authentication protocol class instance
return byte[]

GetEncryptedLength() public method

Get final encrypted length
TripleDES performs encryption on 8 byte blocks so the final encrypted size will be a mulitiple of 8 with padding added to the end of the ScopedPdu if required.
public GetEncryptedLength ( int scopedPduLength ) : int
scopedPduLength int BER encoded ScopedPdu data length
return int

NextSalt() public method

Returns next salt value.
public NextSalt ( ) : int
return int

PasswordToKey() public method

Convert privacy password into encryption key using packet authentication hash.
Thrown when user secret/password is shorter then MinimumKeyLength
public PasswordToKey ( byte secret, byte engineId, IAuthenticationDigest authProtocol ) : byte[]
secret byte Privacy user secret/password
engineId byte Authoritative engine id of the SNMP agent
authProtocol IAuthenticationDigest Authentication protocol
return byte[]

Privacy3DES() public method

Standard constructor.
public Privacy3DES ( ) : System
return System

Property Details

_salt protected_oe property

Internal salt value
protected Int32,System _salt
return System.Int32