C# Class SnmpSharpNet.Privacy3DES

TripleDES privacy protocol implementation class.

TripleDES privacy implementation is based on the Internet Draft proposal to the SNMPv3 Working Group titled: Extension to the User-Based Security Model (USM) to Support Triple-DES EDE in "Outside" CBC Mode High level, TripleDES privacy in SNMPv3 uses DES-EDE. What this means is that a key is generated that is 24 bytes long. This key is split into 3 * 8 byte keys suitable for use with DES. Keys are then used to perform ecryption, decryption and another encryption using DES. Additionally, each block is XORed with the previous block of encrypted data, or if working on the first block, IV value. For details see draft-reeder-snmpv3-usm-3desede-00.txt. Important: TripleDES privacy protocol is not based on a standard. This extension to the USM standard has been proposed and has expired without approval or move to the standards track. Some vendors have implemented this privacy protocol and for the completeness of the library, it has been included in SnmpSharpNet. Troubleshooting of TripleDES encryption is difficult because of the low availability so if you find problems with the SnmpSharpNet implementation, please try to provide me with as much detail, both about your code and the type/version/mode of the agent you are working with.

Inheritance: IPrivacyProtocol

Exibir arquivo Open project: griffina/SnmpSharpNet

Protected Properties

Property	Type	Description
_salt	System.Int32

Public Methods

Method	Description
Decrypt ( byte encryptedData, int offset, int length, byte key, int engineBoots, int engineTime, byte privacyParameters ) : byte[]	Decrypt TripleDES encrypted ScopedPdu
Encrypt ( byte unencryptedData, int offset, int length, byte key, int engineBoots, int engineTime, byte &privacyParameters, IAuthenticationDigest authDigest ) : byte[]	Encrypt ScopedPdu using TripleDES encryption protocol
ExtendShortKey ( byte shortKey, byte password, byte engineID, IAuthenticationDigest authProtocol ) : byte[]	Extends the encryption key if key size returned by PasswordToKey is less then minimum required by the encryption protocol. There is no need to call this method in a user application becuase PasswordToKey() method will make the call if password it generates is too short.
GetEncryptedLength ( int scopedPduLength ) : int	Get final encrypted length TripleDES performs encryption on 8 byte blocks so the final encrypted size will be a mulitiple of 8 with padding added to the end of the ScopedPdu if required.
NextSalt ( ) : int	Returns next salt value.
PasswordToKey ( byte secret, byte engineId, IAuthenticationDigest authProtocol ) : byte[]	Convert privacy password into encryption key using packet authentication hash.
Privacy3DES ( ) : System	Standard constructor.

Private Methods

Method	Description
GetIV ( byte privacyKey, byte salt ) : byte[]	Generate IV from the privacy key and salt value returned by GetSalt method.
GetSalt ( int engineBoots ) : byte[]	Get TripleDES encryption salt value. Salt value is generated by concatenating engineBoots value with the random integer value.

Method Details

Decrypt() public method

Decrypt TripleDES encrypted ScopedPdu

Thrown when encrypted data is null or length == 0 Thrown when encryption key length is less then 32 byte or if privacy parameters /// argument is null or length other then 8 bytes

public Decrypt ( byte encryptedData, int offset, int length, byte key, int engineBoots, int engineTime, byte privacyParameters ) : byte[]
encryptedData	byte	Source data buffer
offset	int	Offset within the buffer to start decryption process
length	int	Length of data to decrypt
key	byte	Decryption key. Key length has to be 32 bytes in length or longer (bytes beyond 32 bytes are ignored).
engineBoots	int	Authoritative engine boots value
engineTime	int	Authoritative engine time value
privacyParameters	byte	Privacy parameters extracted from USM header
return	byte[]

Encrypt() public method

Encrypt ScopedPdu using TripleDES encryption protocol

Thrown when encryption key is null or length of the encryption key is too short.

public Encrypt ( byte unencryptedData, int offset, int length, byte key, int engineBoots, int engineTime, byte &privacyParameters, IAuthenticationDigest authDigest ) : byte[]
unencryptedData	byte	Unencrypted ScopedPdu byte array
offset	int	Offset to start encryption
length	int	Length of data to encrypt
key	byte	Encryption key. Key has to be at least 32 bytes is length
engineBoots	int	Authoritative engine boots value
engineTime	int	Authoritative engine time value.
privacyParameters	byte	Privacy parameters out buffer. This field will be filled in with information /// required to decrypt the information. Output length of this field is 8 bytes and space has to be reserved /// in the USM header to store this information
authDigest	IAuthenticationDigest	Authentication digest class reference. Used by TripleDES.
return	byte[]

ExtendShortKey() public method

Extends the encryption key if key size returned by PasswordToKey is less then minimum required by the encryption protocol.

There is no need to call this method in a user application becuase PasswordToKey() method will make the call if password it generates is too short.

public ExtendShortKey ( byte shortKey, byte password, byte engineID, IAuthenticationDigest authProtocol ) : byte[]
shortKey	byte	Encryption key
password	byte	Privacy password
engineID	byte	Authoritative engine id
authProtocol	IAuthenticationDigest	Authentication protocol class instance
return	byte[]

GetEncryptedLength() public method

Get final encrypted length

TripleDES performs encryption on 8 byte blocks so the final encrypted size will be a mulitiple of 8 with padding added to the end of the ScopedPdu if required.

public GetEncryptedLength ( int scopedPduLength ) : int
scopedPduLength	int	BER encoded ScopedPdu data length
return	int

NextSalt() public method

Returns next salt value.

public NextSalt ( ) : int
return	int

PasswordToKey() public method

Convert privacy password into encryption key using packet authentication hash.

Thrown when user secret/password is shorter then MinimumKeyLength

public PasswordToKey ( byte secret, byte engineId, IAuthenticationDigest authProtocol ) : byte[]
secret	byte	Privacy user secret/password
engineId	byte	Authoritative engine id of the SNMP agent
authProtocol	IAuthenticationDigest	Authentication protocol
return	byte[]

Privacy3DES() public method

Standard constructor.

public Privacy3DES ( ) : System
return	System

Property Details

_salt protected_oe property

Internal salt value

protected Int32,System _salt
return	System.Int32