/*
* initialize the Cryptoki library.
*/
int pkcs_init (void)
{
CK_RV rv;
CK_ULONG slotcount;
CK_SLOT_ID_PTR pSlotList = NULL;
netsnmp_pkcs_slot_session *tmp;
int i, rval = SNMPERR_SUCCESS;
/* Initialize pkcs */
if ((rv = C_Initialize (NULL)) != CKR_OK)
{
DEBUGMSGTL (("pkcs_init", "C_Initialize failed: %s", pkcserr_string (rv)));
return SNMPERR_SC_NOT_CONFIGURED;
}
/* Get slot count */
rv = C_GetSlotList (1, NULL_PTR, &slotcount);
if (rv != CKR_OK || slotcount == 0)
{
DEBUGMSGTL (("pkcs_init", "C_GetSlotList failed: %s", pkcserr_string (rv)));
QUITFUN (SNMPERR_GENERR, pkcs_init_quit);
}
/* Found at least one slot, allocate memory for slot list */
pSlotList = malloc (slotcount * sizeof (CK_SLOT_ID));
pSlot = malloc (sizeof (netsnmp_pkcs_slot_info));
pSlot->pSession = malloc (slotcount * sizeof (netsnmp_pkcs_slot_session));
if (pSlotList == NULL_PTR || pSlot == NULL_PTR || pSlot->pSession == NULL_PTR)
{
DEBUGMSGTL (("pkcs_init", "malloc failed."));
QUITFUN (SNMPERR_GENERR, pkcs_init_quit);
}
/* Get the list of slots */
if ((rv = C_GetSlotList (1, pSlotList, &slotcount)) != CKR_OK)
{
DEBUGMSGTL (("pkcs_init", "C_GetSlotList failed: %s", pkcserr_string (rv)));
QUITFUN (SNMPERR_GENERR, pkcs_init_quit);
}
/* initialize Slots structure */
pSlot->count = slotcount;
for (i = 0, tmp = pSlot->pSession; i < slotcount; i++, tmp++)
{
tmp->sid = pSlotList[i];
tmp->hdl = NULL;
}
snmp_register_callback (SNMP_CALLBACK_LIBRARY, SNMP_CALLBACK_SHUTDOWN, free_slots, NULL);
pkcs_init_quit:
SNMP_FREE (pSlotList);
return rval;
}
/*******************************************************************-o-******
* hash_engineID
*
* Parameters:
* *engineID
* engineID_len
*
* Returns:
* >0 etimelist index for this engineID.
* SNMPERR_GENERR Error.
*
*
* Use a cheap hash to build an index into the etimelist. Method is
* to hash the engineID, then split the hash into u_int's and add them up
* and modulo the size of the list.
*
*/
int hash_engineID (const u_char * engineID, u_int engineID_len)
{
int rval = SNMPERR_GENERR;
size_t buf_len = SNMP_MAXBUF;
u_int additive = 0;
u_char *bufp, buf[SNMP_MAXBUF];
void *context = NULL;
/*
* Sanity check.
*/
if (!engineID || (engineID_len <= 0))
{
QUITFUN (SNMPERR_GENERR, hash_engineID_quit);
}
/*
* Hash engineID into a list index.
*/
#ifndef NETSNMP_DISABLE_MD5
rval = sc_hash (usmHMACMD5AuthProtocol,
sizeof (usmHMACMD5AuthProtocol) / sizeof (oid), engineID, engineID_len, buf, &buf_len);
#else
rval = sc_hash (usmHMACSHA1AuthProtocol,
sizeof (usmHMACSHA1AuthProtocol) / sizeof (oid), engineID, engineID_len, buf, &buf_len);
#endif
QUITFUN (rval, hash_engineID_quit);
for (bufp = buf; (bufp - buf) < (int) buf_len; bufp += 4)
{
additive += (u_int) * bufp;
}
hash_engineID_quit:
SNMP_FREE (context);
memset (buf, 0, SNMP_MAXBUF);
return (rval < 0) ? rval : (int) (additive % ETIMELIST_SIZE);
} /* end hash_engineID() */
char *
dump_snmpEngineID(const u_char * estring, size_t * estring_len)
{
#define eb(b) ( *(esp+b) & 0xff )
int rval = SNMPERR_SUCCESS, gotviolation = 0, slen = 0;
u_int remaining_len;
char buf[SNMP_MAXBUF], *s = NULL, *t;
const u_char *esp = estring;
struct in_addr iaddr;
/*
* Sanity check.
*/
if (!estring || (*estring_len <= 0)) {
QUITFUN(SNMPERR_GENERR, dump_snmpEngineID_quit);
}
remaining_len = *estring_len;
memset(buf, 0, SNMP_MAXBUF);
/*
* Test first bit. Return immediately with a hex string, or
* begin by formatting the enterprise ID.
*/
if (!(*esp & 0x80)) {
snprint_hexstring(buf, SNMP_MAXBUF, esp, remaining_len);
s = strchr(buf, '\0');
s -= 1;
goto dump_snmpEngineID_quit;
}
s = buf;
s += sprintf(s, "enterprise %d, ", ((*(esp + 0) & 0x7f) << 24) |
((*(esp + 1) & 0xff) << 16) |
((*(esp + 2) & 0xff) << 8) | ((*(esp + 3) & 0xff)));
/*
* XXX Ick.
*/
if (remaining_len < 5) { /* XXX Violating string. */
goto dump_snmpEngineID_quit;
}
esp += 4; /* Incremented one more in the switch below. */
remaining_len -= 5;
/*
* Act on the fifth byte.
*/
switch ((int) *esp++) {
case 1: /* IPv4 address. */
if (remaining_len < 4)
goto dump_snmpEngineID_violation;
memcpy(&iaddr.s_addr, esp, 4);
if (!(t = inet_ntoa(iaddr)))
goto dump_snmpEngineID_violation;
s += sprintf(s, "%s", t);
esp += 4;
remaining_len -= 4;
break;
case 2: /* IPv6 address. */
if (remaining_len < 16)
goto dump_snmpEngineID_violation;
s += sprintf(s,
"%02X%02X %02X%02X %02X%02X %02X%02X::"
"%02X%02X %02X%02X %02X%02X %02X%02X",
eb(0), eb(1), eb(2), eb(3),
eb(4), eb(5), eb(6), eb(7),
eb(8), eb(9), eb(10), eb(11),
eb(12), eb(13), eb(14), eb(15));
esp += 16;
remaining_len -= 16;
break;
case 3: /* MAC address. */
if (remaining_len < 6)
goto dump_snmpEngineID_violation;
s += sprintf(s, "%02X:%02X:%02X:%02X:%02X:%02X",
eb(0), eb(1), eb(2), eb(3), eb(4), eb(5));
esp += 6;
remaining_len -= 6;
break;
case 4: /* Text. */
/*
* Doesn't exist on all (many) architectures
*/
/*
* s += snprintf(s, remaining_len+3, "\"%s\"", esp);
*/
s += sprintf(s, "\"%.*s\"", sizeof(buf)-strlen(buf)-3, esp);
goto dump_snmpEngineID_quit;
break;
/*NOTREACHED*/ case 5: /* Octets. */
snprint_hexstring(s, (SNMP_MAXBUF - (s-buf)),
esp, remaining_len);
s = strchr(buf, '\0');
s -= 1;
goto dump_snmpEngineID_quit;
break;
/*NOTREACHED*/ dump_snmpEngineID_violation:
case 0: /* Violation of RESERVED,
* * -OR- of expected length.
*/
gotviolation = 1;
s += sprintf(s, "!!! ");
default: /* Unknown encoding. */
if (!gotviolation) {
s += sprintf(s, "??? ");
}
snprint_hexstring(s, (SNMP_MAXBUF - (s-buf)),
esp, remaining_len);
s = strchr(buf, '\0');
s -= 1;
goto dump_snmpEngineID_quit;
} /* endswitch */
/*
* Cases 1-3 (IP and MAC addresses) should not have trailing
* octets, but perhaps they do. Throw them in too. XXX
*/
if (remaining_len > 0) {
s += sprintf(s, " (??? ");
snprint_hexstring(s, (SNMP_MAXBUF - (s-buf)),
esp, remaining_len);
s = strchr(buf, '\0');
s -= 1;
s += sprintf(s, ")");
}
dump_snmpEngineID_quit:
if (s) {
slen = s - buf + 1;
s = calloc(1, slen);
memcpy(s, buf, (slen) - 1);
}
memset(buf, 0, SNMP_MAXBUF); /* XXX -- Overkill? XXX: Yes! */
return s;
#undef eb
} /* end dump_snmpEngineID() */
/*******************************************************************-o-******
* generate_Ku
*
* Parameters:
* *hashtype MIB OID for the transform type for hashing.
* hashtype_len Length of OID value.
* *P Pre-allocated bytes of passpharase.
* pplen Length of passphrase.
* *Ku Buffer to contain Ku.
* *kulen Length of Ku buffer.
*
* Returns:
* SNMPERR_SUCCESS Success.
* SNMPERR_GENERR All errors.
*
*
* Convert a passphrase into a master user key, Ku, according to the
* algorithm given in RFC 2274 concerning the SNMPv3 User Security Model (USM)
* as follows:
*
* Expand the passphrase to fill the passphrase buffer space, if necessary,
* concatenation as many duplicates as possible of P to itself. If P is
* larger than the buffer space, truncate it to fit.
*
* Then hash the result with the given hashtype transform. Return
* the result as Ku.
*
* If successful, kulen contains the size of the hash written to Ku.
*
* NOTE Passphrases less than USM_LENGTH_P_MIN characters in length
* cause an error to be returned.
* (Punt this check to the cmdline apps? XXX)
*/
int
generate_Ku(const oid * hashtype, u_int hashtype_len,
const u_char * P, size_t pplen, u_char * Ku, size_t * kulen)
#if defined(NETSNMP_USE_INTERNAL_MD5) || defined(NETSNMP_USE_OPENSSL) || defined(NETSNMP_USE_INTERNAL_CRYPTO)
{
int rval = SNMPERR_SUCCESS,
nbytes = USM_LENGTH_EXPANDED_PASSPHRASE;
#if !defined(NETSNMP_USE_OPENSSL) && \
defined(NETSNMP_USE_INTERNAL_MD5) || defined(NETSNMP_USE_INTERNAL_CRYPTO)
int ret;
#endif
u_int i, pindex = 0;
u_char buf[USM_LENGTH_KU_HASHBLOCK], *bufp;
#ifdef NETSNMP_USE_OPENSSL
EVP_MD_CTX *ctx = NULL;
#elif NETSNMP_USE_INTERNAL_CRYPTO
SHA_CTX csha1;
MD5_CTX cmd5;
char cryptotype = 0;
#define TYPE_MD5 1
#define TYPE_SHA1 2
#else
MDstruct MD;
#endif
/*
* Sanity check.
*/
if (!hashtype || !P || !Ku || !kulen || (*kulen <= 0)
|| (hashtype_len != USM_LENGTH_OID_TRANSFORM)) {
QUITFUN(SNMPERR_GENERR, generate_Ku_quit);
}
if (pplen < USM_LENGTH_P_MIN) {
snmp_log(LOG_ERR, "Error: passphrase chosen is below the length "
"requirements of the USM (min=%d).\n",USM_LENGTH_P_MIN);
snmp_set_detail("The supplied password length is too short.");
QUITFUN(SNMPERR_GENERR, generate_Ku_quit);
}
/*
* Setup for the transform type.
*/
#ifdef NETSNMP_USE_OPENSSL
#ifdef HAVE_EVP_MD_CTX_CREATE
ctx = EVP_MD_CTX_create();
#else
ctx = malloc(sizeof(*ctx));
EVP_MD_CTX_init(ctx);
#endif
#ifndef NETSNMP_DISABLE_MD5
if (ISTRANSFORM(hashtype, HMACMD5Auth))
EVP_DigestInit(ctx, EVP_md5());
else
#endif
if (ISTRANSFORM(hashtype, HMACSHA1Auth))
EVP_DigestInit(ctx, EVP_sha1());
else
QUITFUN(SNMPERR_GENERR, generate_Ku_quit);
#elif NETSNMP_USE_INTERNAL_CRYPTO
#ifndef NETSNMP_DISABLE_MD5
if (ISTRANSFORM(hashtype, HMACMD5Auth)) {
MD5_Init(&cmd5);
cryptotype = TYPE_MD5;
} else
#endif
if (ISTRANSFORM(hashtype, HMACSHA1Auth)) {
SHA1_Init(&csha1);
cryptotype = TYPE_SHA1;
} else {
return (SNMPERR_GENERR);
}
#else
MDbegin(&MD);
#endif /* NETSNMP_USE_OPENSSL */
while (nbytes > 0) {
bufp = buf;
for (i = 0; i < USM_LENGTH_KU_HASHBLOCK; i++) {
*bufp++ = P[pindex++ % pplen];
}
#ifdef NETSNMP_USE_OPENSSL
EVP_DigestUpdate(ctx, buf, USM_LENGTH_KU_HASHBLOCK);
#elif NETSNMP_USE_INTERNAL_CRYPTO
if (TYPE_SHA1 == cryptotype) {
rval = !SHA1_Update(&csha1, buf, USM_LENGTH_KU_HASHBLOCK);
} else {
rval = !MD5_Update(&cmd5, buf, USM_LENGTH_KU_HASHBLOCK);
}
if (rval != 0) {
return SNMPERR_USM_ENCRYPTIONERROR;
}
#elif NETSNMP_USE_INTERNAL_MD5
if (MDupdate(&MD, buf, USM_LENGTH_KU_HASHBLOCK * 8)) {
rval = SNMPERR_USM_ENCRYPTIONERROR;
goto md5_fin;
}
#endif /* NETSNMP_USE_OPENSSL */
nbytes -= USM_LENGTH_KU_HASHBLOCK;
}
#ifdef NETSNMP_USE_OPENSSL
{
unsigned int tmp_len;
tmp_len = *kulen;
EVP_DigestFinal(ctx, (unsigned char *) Ku, &tmp_len);
*kulen = tmp_len;
/*
* what about free()
*/
}
#elif NETSNMP_USE_INTERNAL_CRYPTO
if (TYPE_SHA1 == cryptotype) {
SHA1_Final(Ku, &csha1);
} else {
MD5_Final(Ku, &cmd5);
}
ret = sc_get_properlength(hashtype, hashtype_len);
if (ret == SNMPERR_GENERR)
return SNMPERR_GENERR;
*kulen = ret;
#elif NETSNMP_USE_INTERNAL_MD5
if (MDupdate(&MD, buf, 0)) {
rval = SNMPERR_USM_ENCRYPTIONERROR;
goto md5_fin;
}
ret = sc_get_properlength(hashtype, hashtype_len);
if (ret == SNMPERR_GENERR)
return SNMPERR_GENERR;
*kulen = ret;
MDget(&MD, Ku, *kulen);
md5_fin:
memset(&MD, 0, sizeof(MD));
#endif /* NETSNMP_USE_INTERNAL_MD5 */
#ifdef NETSNMP_ENABLE_TESTING_CODE
DEBUGMSGTL(("generate_Ku", "generating Ku (from %s): ", P));
for (i = 0; i < *kulen; i++)
DEBUGMSG(("generate_Ku", "%02x", Ku[i]));
DEBUGMSG(("generate_Ku", "\n"));
#endif /* NETSNMP_ENABLE_TESTING_CODE */
generate_Ku_quit:
memset(buf, 0, sizeof(buf));
#ifdef NETSNMP_USE_OPENSSL
if (ctx) {
#ifdef HAVE_EVP_MD_CTX_DESTROY
EVP_MD_CTX_destroy(ctx);
#else
EVP_MD_CTX_cleanup(ctx);
free(ctx);
#endif
}
#endif
return rval;
} /* end generate_Ku() */
_SCAPI_NOT_CONFIGURED
#endif /* USE_INTERNAL_MD5 */
/*******************************************************************-o-******
* sc_encrypt
*
* Parameters:
* privtype Type of privacy cryptographic transform.
* *key Key bits for crypting.
* keylen Length of key (buffer) in bytes.
* *iv IV bits for crypting.
* ivlen Length of iv (buffer) in bytes.
* *plaintext Plaintext to crypt.
* ptlen Length of plaintext.
* *ciphertext Ciphertext to crypt.
* *ctlen Length of ciphertext.
*
* Returns:
* SNMPERR_SUCCESS Success.
* SNMPERR_SC_NOT_CONFIGURED Encryption is not supported.
* SNMPERR_SC_GENERAL_FAILURE Any other error
*
*
* Encrypt plaintext into ciphertext using key and iv.
*
* ctlen contains actual number of crypted bytes in ciphertext upon
* successful return.
*/
int
sc_encrypt( oid *privtype, size_t privtypelen,
u_char *key, u_int keylen,
u_char *iv, u_int ivlen,
u_char *plaintext, u_int ptlen,
u_char *ciphertext, size_t *ctlen)
#if defined(USE_OPENSSL)
{
int rval = SNMPERR_SUCCESS;
u_int transform,
properlength,
properlength_iv;
u_char pad_block[32]; /* bigger than anything I need */
u_char my_iv[32]; /* ditto */
int pad, plast, pad_size;
des_key_schedule key_sch;
des_cblock key_struct;
DEBUGTRACE;
/*
* Sanity check.
*/
#if !defined(SCAPI_AUTHPRIV)
return SNMPERR_SC_NOT_CONFIGURED;
#endif
if ( !privtype || !key || !iv || !plaintext || !ciphertext || !ctlen
|| (keylen<=0) || (ivlen<=0) || (ptlen<=0) || (*ctlen<=0)
|| (privtypelen != USM_LENGTH_OID_TRANSFORM) )
{
QUITFUN(SNMPERR_GENERR, sc_encrypt_quit);
}
else if ( ptlen >= *ctlen) {
QUITFUN(SNMPERR_GENERR, sc_encrypt_quit);
}
#ifdef SNMP_TESTING_CODE
{
char buf[SNMP_MAXBUF];
sprint_hexstring(buf, iv, ivlen);
DEBUGMSGTL(("scapi", "encrypt: IV: %s/ ", buf));
sprint_hexstring(buf, key, keylen);
DEBUGMSG(("scapi","%s\n", buf));
sprint_hexstring(buf, plaintext, 16);
DEBUGMSGTL(("scapi","encrypt: string: %s\n", buf));
}
#endif /* SNMP_TESTING_CODE */
/*
* Determine privacy transform.
*/
if ( ISTRANSFORM(privtype, DESPriv) ) {
properlength = BYTESIZE(SNMP_TRANS_PRIVLEN_1DES);
properlength_iv = BYTESIZE(SNMP_TRANS_PRIVLEN_1DES_IV);
pad_size = properlength;
} else {
QUITFUN(SNMPERR_GENERR, sc_encrypt_quit);
}
if ( (keylen<properlength) || (ivlen<properlength_iv) ) {
QUITFUN(SNMPERR_GENERR, sc_encrypt_quit);
}
else if ( (keylen<properlength) || (ivlen<properlength_iv) ) {
QUITFUN(SNMPERR_GENERR, sc_encrypt_quit);
}
/* now calculate the padding needed */
pad = pad_size - (ptlen % pad_size);
if (ptlen + pad > *ctlen) {
QUITFUN(SNMPERR_GENERR, sc_encrypt_quit); /* not enough space */
}
memset(pad_block, 0, sizeof(pad_block));
plast = (int) ptlen - (pad_size - pad);
if (pad > 0) /* copy data into pad block if needed */
memcpy( pad_block, plaintext + plast, pad_size - pad);
memset(&pad_block[pad_size-pad], pad, pad); /* filling in padblock */
memset(my_iv, 0, sizeof(my_iv));
if ( ISTRANSFORM(privtype, DESPriv) ) {
memcpy(key_struct, key, sizeof(key_struct));
(void) des_key_sched(&key_struct, key_sch);
memcpy(my_iv, iv, ivlen);
/* encrypt the data */
des_ncbc_encrypt(plaintext, ciphertext, plast, key_sch,
(des_cblock *) &my_iv, DES_ENCRYPT);
/* then encrypt the pad block */
des_ncbc_encrypt(pad_block, ciphertext+plast, pad_size,
key_sch, (des_cblock *)&my_iv, DES_ENCRYPT);
*ctlen = plast + pad_size;
}
sc_encrypt_quit:
/* clear memory just in case */
memset(my_iv, 0, sizeof(my_iv));
memset(pad_block, 0, sizeof(pad_block));
memset(key_struct, 0, sizeof(key_struct));
memset(key_sch, 0, sizeof(key_sch));
return rval;
} /* end sc_encrypt() */
/*
* Determine transform type.
*/
c = malloc(sizeof(HMAC_CTX));
if (c == NULL)
return (SNMPERR_GENERR);
if (ISTRANSFORM(hashtype, HMACMD5Auth)) {
EVP_DigestInit(&c->md_ctx, (const EVP_MD *) EVP_md5());
}
else if (ISTRANSFORM(hashtype, HMACSHA1Auth)) {
EVP_DigestInit(&c->md_ctx, (const EVP_MD *) EVP_sha1());
}
else {
return(SNMPERR_GENERR);
}
EVP_DigestUpdate(&c->md_ctx, buf, buf_len);
EVP_DigestFinal(&(c->md_ctx), MAC, MAC_len);
free(c);
return (rval);
#else /* USE_INTERNAL_MD5 */
if (MDchecksum(buf, buf_len, MAC, *MAC_len)) {
return SNMPERR_GENERR;
}
if (*MAC_len > 16)
*MAC_len = 16;
return SNMPERR_SUCCESS;
#endif /* USE_OPENSSL */
}
#else /* !defined(USE_OPENSSL) && !defined(USE_INTERNAL_MD5) */
_SCAPI_NOT_CONFIGURED
#endif /* !defined(USE_OPENSSL) && !defined(USE_INTERNAL_MD5) */
/*******************************************************************-o-******
* sc_check_keyed_hash
*
* Parameters:
* authtype Transform type of authentication hash.
* *key Key bits in a string of bytes.
* keylen Length of key in bytes.
* *message Message for which to check the hash.
* msglen Length of message.
* *MAC Given hash.
* maclen Length of given hash; indicates truncation if it is
* shorter than the normal size of output for
* given hash transform.
* Returns:
* SNMPERR_SUCCESS Success.
* SNMP_SC_GENERAL_FAILURE Any error
*
*
* Check the hash given in MAC against the hash of message. If the length
* of MAC is less than the length of the transform hash output, only maclen
* bytes are compared. The length of MAC cannot be greater than the
* length of the hash transform output.
*/
int
sc_check_keyed_hash( oid *authtype, size_t authtypelen,
u_char *key, u_int keylen,
u_char *message, u_int msglen,
u_char *MAC, u_int maclen)
#if defined(USE_INTERNAL_MD5) || defined(USE_OPENSSL)
{
int rval = SNMPERR_SUCCESS;
size_t buf_len = SNMP_MAXBUF_SMALL;
u_char buf[SNMP_MAXBUF_SMALL];
DEBUGTRACE;
#ifdef SNMP_TESTING_CODE
{
int i;
DEBUGMSG(("scapi", "sc_check_keyed_hash(): key=0x"));
for(i=0; i< keylen; i++)
DEBUGMSG(("scapi", "%02x", key[i] & 0xff));
DEBUGMSG(("scapi"," (%d)\n", keylen));
}
#endif /* SNMP_TESTING_CODE */
/*
* Sanity check.
*/
if ( !authtype || !key || !message || !MAC
|| (keylen<=0) || (msglen<=0) || (maclen<=0)
|| (authtypelen != USM_LENGTH_OID_TRANSFORM) )
{
QUITFUN(SNMPERR_GENERR, sc_check_keyed_hash_quit);
}
/*
* Generate a full hash of the message, then compare
* the result with the given MAC which may shorter than
* the full hash length.
*/
rval = sc_generate_keyed_hash( authtype, authtypelen,
key, keylen,
message, msglen,
buf, &buf_len);
QUITFUN(rval, sc_check_keyed_hash_quit);
if (maclen > msglen) {
QUITFUN(SNMPERR_GENERR, sc_check_keyed_hash_quit);
} else if ( memcmp(buf, MAC, maclen) != 0 ) {
QUITFUN(SNMPERR_GENERR, sc_check_keyed_hash_quit);
}
sc_check_keyed_hash_quit:
SNMP_ZERO(buf, SNMP_MAXBUF_SMALL);
return rval;
} /* end sc_check_keyed_hash() */
_SCAPI_NOT_CONFIGURED
#endif /* */
/*******************************************************************-o-******
* sc_generate_keyed_hash
*
* Parameters:
* authtype Type of authentication transform.
* authtypelen
* *key Pointer to key (Kul) to use in keyed hash.
* keylen Length of key in bytes.
* *message Pointer to the message to hash.
* msglen Length of the message.
* *MAC Will be returned with allocated bytes containg hash.
* *maclen Length of the hash buffer in bytes; also indicates
* whether the MAC should be truncated.
*
* Returns:
* SNMPERR_SUCCESS Success.
* SNMPERR_GENERR All errs
*
*
* A hash of the first msglen bytes of message using a keyed hash defined
* by authtype is created and stored in MAC. MAC is ASSUMED to be a buffer
* of at least maclen bytes. If the length of the hash is greater than
* maclen, it is truncated to fit the buffer. If the length of the hash is
* less than maclen, maclen set to the number of hash bytes generated.
*
* ASSUMED that the number of hash bits is a multiple of 8.
*/
int
sc_generate_keyed_hash( oid *authtype, size_t authtypelen,
u_char *key, u_int keylen,
u_char *message, u_int msglen,
u_char *MAC, size_t *maclen)
#if defined(USE_INTERNAL_MD5) || defined(USE_OPENSSL)
{
int rval = SNMPERR_SUCCESS;
int properlength;
u_char buf[SNMP_MAXBUF_SMALL];
#if defined(USE_OPENSSL)
int buf_len = sizeof(buf);
u_char *bufp = buf;
#endif
DEBUGTRACE;
#ifdef SNMP_TESTING_CODE
{
int i;
DEBUGMSG(("sc_generate_keyed_hash", "sc_generate_keyed_hash(): key=0x"));
for(i=0; i< keylen; i++)
DEBUGMSG(("sc_generate_keyed_hash", "%02x", key[i] & 0xff));
DEBUGMSG(("sc_generate_keyed_hash"," (%d)\n", keylen));
}
#endif /* SNMP_TESTING_CODE */
/*
* Sanity check.
*/
if ( !authtype || !key || !message || !MAC || !maclen
|| (keylen<=0) || (msglen<=0) || (*maclen<=0)
|| (authtypelen != USM_LENGTH_OID_TRANSFORM) )
{
QUITFUN(SNMPERR_GENERR, sc_generate_keyed_hash_quit);
}
properlength = sc_get_properlength(authtype, authtypelen);
if (properlength == SNMPERR_GENERR)
return properlength;
if ( ((int)keylen < properlength) ) {
QUITFUN(SNMPERR_GENERR, sc_generate_keyed_hash_quit);
}
#ifdef USE_OPENSSL
/*
* Determine transform type.
*/
if (ISTRANSFORM(authtype, HMACMD5Auth))
HMAC(EVP_md5(), key, keylen, message, msglen,
buf, &buf_len);
else if (ISTRANSFORM(authtype, HMACSHA1Auth))
HMAC(EVP_sha1(), key, keylen, message, msglen,
buf, &buf_len);
else {
QUITFUN(SNMPERR_GENERR, sc_generate_keyed_hash_quit);
}
if (buf_len != properlength) {
QUITFUN(rval, sc_generate_keyed_hash_quit);
}
if (*maclen > buf_len)
*maclen = buf_len;
memcpy(MAC, buf, *maclen);
#else
if ((int)*maclen > properlength)
*maclen = properlength;
if (MDsign(message, msglen, MAC, *maclen, key, keylen)) {
rval = SNMPERR_GENERR;
goto sc_generate_keyed_hash_quit;
}
#endif /* USE_OPENSSL */
#ifdef SNMP_TESTING_CODE
{
char *s;
int len = binary_to_hex(MAC, *maclen, &s);
DEBUGMSGTL(("scapi","Full v3 message hash: %s\n", s));
SNMP_ZERO(s, len);
SNMP_FREE(s);
}
#endif
sc_generate_keyed_hash_quit:
SNMP_ZERO(buf, SNMP_MAXBUF_SMALL);
return rval;
} /* end sc_generate_keyed_hash() */
_KEYTOOLS_NOT_AVAILABLE
#endif /* internal or openssl */
/*******************************************************************-o-******
* decode_keychange
*
* Parameters:
* *hashtype MIB OID of the hash transform to use.
* hashtype_len Length of the hash transform MIB OID.
* *oldkey Old key that is used to encode the new key.
* oldkey_len Length of oldkey in bytes.
* *kcstring Encoded KeyString buffer containing the new key.
* kcstring_len Length of kcstring in bytes.
* *newkey Buffer to hold the extracted new key.
* *newkey_len Length of newkey in bytes.
*
* Returns:
* SNMPERR_SUCCESS Success.
* SNMPERR_GENERR All errors.
*
*
* Decodes a string of bits encoded according to the KeyChange TC described
* in RFC 2274, Section 5. The new key is extracted from *kcstring with
* the aid of the old key.
*
* Upon successful return, *newkey_len contains the length of the new key.
*
*
* ASSUMES Old key is exactly 1/2 the length of the KeyChange buffer,
* although this length may be less than the hash transform
* output. Thus the new key length will be equal to the old
* key length.
*/
/* XXX: if the newkey is not long enough, it should be freed and remalloced */
int
decode_keychange( oid *hashtype, u_int hashtype_len,
u_char *oldkey, size_t oldkey_len,
u_char *kcstring, size_t kcstring_len,
u_char *newkey, size_t *newkey_len)
#if defined(USE_OPENSSL) || defined(USE_INTERNAL_MD5)
{
int rval = SNMPERR_SUCCESS;
size_t properlength = 0;
u_int nbytes = 0;
u_char *bufp,
tmp_buf[SNMP_MAXBUF];
size_t tmp_buf_len = SNMP_MAXBUF;
void *context = NULL;
u_char *tmpbuf = NULL;
/*
* Sanity check.
*/
if ( !hashtype || !oldkey || !kcstring || !newkey || !newkey_len
|| (oldkey_len<=0) || (kcstring_len<=0) || (*newkey_len<=0)
|| (hashtype_len != USM_LENGTH_OID_TRANSFORM) )
{
QUITFUN(SNMPERR_GENERR, decode_keychange_quit);
}
/*
* Setup for the transform type.
*/
properlength = sc_get_properlength(hashtype, hashtype_len);
if (properlength == SNMPERR_GENERR)
QUITFUN(SNMPERR_GENERR, decode_keychange_quit);
if ( ((oldkey_len*2) != kcstring_len) || (*newkey_len < oldkey_len) )
{
QUITFUN(SNMPERR_GENERR, decode_keychange_quit);
}
properlength = oldkey_len;
*newkey_len = properlength;
/*
* Use the old key and the given KeyChange TC string to recover
* the new key:
* . Hash (oldkey | random_bytes) (into newkey),
* . XOR hash and encoded (second) half of kcstring (into newkey).
*/
tmpbuf = (u_char *)malloc(properlength*2);
if (tmpbuf) {
memcpy(tmpbuf, oldkey, properlength);
memcpy(tmpbuf+properlength, kcstring, properlength);
rval = sc_hash(hashtype, hashtype_len, tmpbuf, properlength*2,
tmp_buf, &tmp_buf_len);
QUITFUN(rval, decode_keychange_quit);
memcpy(newkey, tmp_buf, properlength);
bufp = kcstring+properlength;
nbytes = 0;
while ((int)(nbytes++) < properlength) {
*newkey++ = *newkey ^ *bufp++;
}
}
decode_keychange_quit:
if (rval != SNMPERR_SUCCESS) {
memset(newkey, 0, properlength);
}
memset(tmp_buf, 0, SNMP_MAXBUF);
SNMP_FREE(context);
if (tmpbuf != NULL) SNMP_FREE(tmpbuf);
return rval;
} /* end decode_keychange() */
_KEYTOOLS_NOT_AVAILABLE
#endif /* internal or openssl */
/*******************************************************************-o-******
* encode_keychange
*
* Parameters:
* *hashtype MIB OID for the hash transform type.
* hashtype_len Length of the MIB OID hash transform type.
* *oldkey Old key that is used to encodes the new key.
* oldkey_len Length of oldkey in bytes.
* *newkey New key that is encoded using the old key.
* newkey_len Length of new key in bytes.
* *kcstring Buffer to contain the KeyChange TC string.
* *kcstring_len Length of kcstring buffer.
*
* Returns:
* SNMPERR_SUCCESS Success.
* SNMPERR_GENERR All errors.
*
*
* Uses oldkey and acquired random bytes to encode newkey into kcstring
* according to the rules of the KeyChange TC described in RFC 2274, Section 5.
*
* Upon successful return, *kcstring_len contains the length of the
* encoded string.
*
* ASSUMES Old and new key are always equal to each other, although
* this may be less than the transform type hash output
* output length (eg, using KeyChange for a DESPriv key when
* the user also uses SHA1Auth). This also implies that the
* hash placed in the second 1/2 of the key change string
* will be truncated before the XOR'ing when the hash output is
* larger than that 1/2 of the key change string.
*
* *kcstring_len will be returned as exactly twice that same
* length though the input buffer may be larger.
*
* XXX FIX: Does not handle varibable length keys.
* XXX FIX: Does not handle keys larger than the hash algorithm used.
*/
int
encode_keychange( oid *hashtype, u_int hashtype_len,
u_char *oldkey, size_t oldkey_len,
u_char *newkey, size_t newkey_len,
u_char *kcstring, size_t *kcstring_len)
#if defined(USE_OPENSSL) || defined(USE_INTERNAL_MD5)
{
int rval = SNMPERR_SUCCESS;
size_t properlength;
size_t nbytes = 0;
u_char *tmpbuf = NULL;
void *context = NULL;
/*
* Sanity check.
*/
if ( !hashtype || !oldkey || !newkey || !kcstring || !kcstring_len
|| (oldkey_len<=0) || (newkey_len<=0) || (*kcstring_len<=0)
|| (hashtype_len != USM_LENGTH_OID_TRANSFORM) )
{
QUITFUN(SNMPERR_GENERR, encode_keychange_quit);
}
/*
* Setup for the transform type.
*/
properlength = sc_get_properlength(hashtype, hashtype_len);
if (properlength == SNMPERR_GENERR)
QUITFUN(SNMPERR_GENERR, encode_keychange_quit);
if ( (oldkey_len != newkey_len) || (*kcstring_len < (2*oldkey_len)) )
{
QUITFUN(SNMPERR_GENERR, encode_keychange_quit);
}
properlength = SNMP_MIN((int)oldkey_len, properlength);
/*
* Use the old key and some random bytes to encode the new key
* in the KeyChange TC format:
* . Get random bytes (store in first half of kcstring),
* . Hash (oldkey | random_bytes) (into second half of kcstring),
* . XOR hash and newkey (into second half of kcstring).
*
* Getting the wrong number of random bytes is considered an error.
*/
nbytes = properlength;
#if defined(SNMP_TESTING_CODE) && defined(RANDOMZEROS)
memset(kcstring, 0, nbytes);
DEBUGMSG(("encode_keychange",
"** Using all zero bits for \"random\" delta of )"
"the keychange string! **\n"));
#else /* !SNMP_TESTING_CODE */
rval = sc_random(kcstring, &nbytes);
QUITFUN(rval, encode_keychange_quit);
if ((int)nbytes != properlength) {
QUITFUN(SNMPERR_GENERR, encode_keychange_quit);
}
#endif /* !SNMP_TESTING_CODE */
tmpbuf = (u_char *)malloc(properlength*2);
if (tmpbuf) {
memcpy(tmpbuf, oldkey, properlength);
memcpy(tmpbuf+properlength, kcstring, properlength);
*kcstring_len -= properlength;
rval = sc_hash(hashtype, hashtype_len, tmpbuf, properlength*2,
kcstring+properlength, kcstring_len);
QUITFUN(rval, encode_keychange_quit);
*kcstring_len = (properlength*2);
kcstring += properlength;
nbytes = 0;
while ((int)(nbytes++) < properlength) {
*kcstring++ = *kcstring ^ *newkey++;
}
}
encode_keychange_quit:
if (rval != SNMPERR_SUCCESS) memset(kcstring, 0, *kcstring_len);
SNMP_FREE(tmpbuf);
SNMP_FREE(context);
return rval;
} /* end encode_keychange() */
_KEYTOOLS_NOT_AVAILABLE
#endif /* internal or openssl */
/*******************************************************************-o-******
* generate_kul
*
* Parameters:
* *hashtype
* hashtype_len
* *engineID
* engineID_len
* *Ku Master key for a given user.
* ku_len Length of Ku in bytes.
* *Kul Localized key for a given user at engineID.
* *kul_len Length of Kul buffer (IN); Length of Kul key (OUT).
*
* Returns:
* SNMPERR_SUCCESS Success.
* SNMPERR_GENERR All errors.
*
*
* Ku MUST be the proper length (currently fixed) for the given hashtype.
*
* Upon successful return, Kul contains the localized form of Ku at
* engineID, and the length of the key is stored in kul_len.
*
* The localized key method is defined in RFC2274, Sections 2.6 and A.2, and
* originally documented in:
* U. Blumenthal, N. C. Hien, B. Wijnen,
* "Key Derivation for Network Management Applications",
* IEEE Network Magazine, April/May issue, 1997.
*
*
* ASSUMES SNMP_MAXBUF >= sizeof(Ku + engineID + Ku).
*
* NOTE Localized keys for privacy transforms are generated via
* the authentication transform held by the same usmUser.
*
* XXX An engineID of any length is accepted, even if larger than
* what is spec'ed for the textual convention.
*/
int
generate_kul( oid *hashtype, u_int hashtype_len,
u_char *engineID, size_t engineID_len,
u_char *Ku, size_t ku_len,
u_char *Kul, size_t *kul_len)
#if defined(USE_OPENSSL) || defined(USE_INTERNAL_MD5)
{
int rval = SNMPERR_SUCCESS;
u_int nbytes = 0;
size_t properlength;
u_char buf[SNMP_MAXBUF];
void *context = NULL;
#ifdef SNMP_TESTING_CODE
int i;
#endif
/*
* Sanity check.
*/
if ( !hashtype || !engineID || !Ku || !Kul || !kul_len
|| (engineID_len<=0) || (ku_len<=0) || (*kul_len<=0)
|| (hashtype_len != USM_LENGTH_OID_TRANSFORM) )
{
QUITFUN(SNMPERR_GENERR, generate_kul_quit);
}
properlength = sc_get_properlength(hashtype, hashtype_len);
if (properlength == SNMPERR_GENERR)
QUITFUN(SNMPERR_GENERR, generate_kul_quit);
if (((int)*kul_len < properlength) || ((int)ku_len < properlength) ) {
QUITFUN(SNMPERR_GENERR, generate_kul_quit);
}
/*
* Concatenate Ku and engineID properly, then hash the result.
* Store it in Kul.
*/
nbytes = 0;
memcpy(buf, Ku, properlength);
nbytes += properlength;
memcpy(buf+nbytes, engineID, engineID_len);
nbytes += engineID_len;
memcpy(buf+nbytes, Ku, properlength);
nbytes += properlength;
rval = sc_hash(hashtype, hashtype_len, buf, nbytes, Kul, kul_len);
#ifdef SNMP_TESTING_CODE
DEBUGMSGTL(("generate_kul", "generating Kul (from Ku): "));
for(i=0; i < *kul_len; i++)
DEBUGMSG(("generate_kul", "%02x",Kul[i]));
DEBUGMSG(("generate_kul", "keytools\n"));
#endif /* SNMP_TESTING_CODE */
QUITFUN(rval, generate_kul_quit);
generate_kul_quit:
SNMP_FREE(context);
return rval;
} /* end generate_kul() */
/*******************************************************************-o-******
* generate_Ku
*
* Parameters:
* *hashtype MIB OID for the transform type for hashing.
* hashtype_len Length of OID value.
* *P Pre-allocated bytes of passpharase.
* pplen Length of passphrase.
* *Ku Buffer to contain Ku.
* *kulen Length of Ku buffer.
*
* Returns:
* SNMPERR_SUCCESS Success.
* SNMPERR_GENERR All errors.
*
*
* Convert a passphrase into a master user key, Ku, according to the
* algorithm given in RFC 2274 concerning the SNMPv3 User Security Model (USM)
* as follows:
*
* Expand the passphrase to fill the passphrase buffer space, if necessary,
* concatenation as many duplicates as possible of P to itself. If P is
* larger than the buffer space, truncate it to fit.
*
* Then hash the result with the given hashtype transform. Return
* the result as Ku.
*
* If successful, kulen contains the size of the hash written to Ku.
*
* NOTE Passphrases less than USM_LENGTH_P_MIN characters in length
* cause an error to be returned.
* (Punt this check to the cmdline apps? XXX)
*/
int
generate_Ku( oid *hashtype, u_int hashtype_len,
u_char *P, size_t pplen,
u_char *Ku, size_t *kulen)
#if defined(USE_INTERNAL_MD5) || defined(USE_OPENSSL)
{
int rval = SNMPERR_SUCCESS,
nbytes = USM_LENGTH_EXPANDED_PASSPHRASE;
u_int i, pindex = 0;
u_char buf[USM_LENGTH_KU_HASHBLOCK],
*bufp;
#ifdef USE_OPENSSL
EVP_MD_CTX *ctx = malloc(sizeof(EVP_MD_CTX));
#else
MDstruct MD;
#endif
/*
* Sanity check.
*/
if ( !hashtype || !P || !Ku || !kulen
|| (*kulen<=0)
|| (hashtype_len != USM_LENGTH_OID_TRANSFORM) )
{
QUITFUN(SNMPERR_GENERR, generate_Ku_quit);
}
if (pplen < USM_LENGTH_P_MIN) {
#ifdef SNMP_TESTING_CODE
snmp_log(LOG_WARNING, "Warning: passphrase chosen is below the length requiremnts of the USM.\n");
#else
snmp_set_detail("Password length too short.");
QUITFUN(SNMPERR_GENERR, generate_Ku_quit);
#endif
}
/*
* Setup for the transform type.
*/
#ifdef USE_OPENSSL
if (ISTRANSFORM(hashtype, HMACMD5Auth))
EVP_DigestInit(ctx, EVP_md5());
else if (ISTRANSFORM(hashtype, HMACSHA1Auth))
EVP_DigestInit(ctx, EVP_sha1());
else {
free(ctx);
return (SNMPERR_GENERR);
}
#else
MDbegin(&MD);
#endif /* USE_OPENSSL */
while (nbytes > 0) {
bufp = buf;
for (i = 0; i < USM_LENGTH_KU_HASHBLOCK; i++) {
*bufp++ = P[pindex++ % pplen];
}
#ifdef USE_OPENSSL
EVP_DigestUpdate(ctx, buf, USM_LENGTH_KU_HASHBLOCK);
#else
if (MDupdate(&MD, buf, USM_LENGTH_KU_HASHBLOCK*8)) {
rval = SNMPERR_USM_ENCRYPTIONERROR;
goto md5_fin;
}
#endif /* USE_OPENSSL */
nbytes -= USM_LENGTH_KU_HASHBLOCK;
}
#ifdef USE_OPENSSL
EVP_DigestFinal(ctx, (unsigned char *) Ku, (unsigned int *) kulen);
/* what about free() */
#else
if (MDupdate(&MD, buf, 0)) {
rval = SNMPERR_USM_ENCRYPTIONERROR;
goto md5_fin;
}
*kulen = sc_get_properlength(hashtype, hashtype_len);
MDget(&MD, Ku, *kulen);
md5_fin:
memset(&MD, 0, sizeof(MD));
#endif /* USE_OPENSSL */
#ifdef SNMP_TESTING_CODE
DEBUGMSGTL(("generate_Ku", "generating Ku (from %s): ", P));
for(i=0; i < *kulen; i++)
DEBUGMSG(("generate_Ku", "%02x",Ku[i]));
DEBUGMSG(("generate_Ku","\n"));
#endif /* SNMP_TESTING_CODE */
generate_Ku_quit:
memset(buf, 0, sizeof(buf));
#ifdef USE_OPENSSL
free(ctx);
#endif
return rval;
} /* end generate_Ku() */
/*******************************************************************-o-******
*/
int
main(int argc, char **argv)
{
int rval = SNMPERR_SUCCESS;
size_t oldKu_len = SNMP_MAXBUF_SMALL,
newKu_len = SNMP_MAXBUF_SMALL,
oldkul_len = SNMP_MAXBUF_SMALL,
newkul_len = SNMP_MAXBUF_SMALL,
keychange_len = SNMP_MAXBUF_SMALL;
char *s = NULL;
u_char oldKu[SNMP_MAXBUF_SMALL],
newKu[SNMP_MAXBUF_SMALL],
oldkul[SNMP_MAXBUF_SMALL],
newkul[SNMP_MAXBUF_SMALL],
keychange[SNMP_MAXBUF_SMALL];
int i;
int arg = 1;
local_progname = argv[0];
/*
* Parse.
*/
for(; (arg < argc) && (argv[arg][0] == '-') ; arg++){
switch(argv[arg][1]){
case 'D': snmp_set_do_debugging(1); break;
case 'E': engineid = (u_char *)argv[++arg]; break;
case 'f': forcepassphrase = 1; break;
case 'N': newpass = argv[++arg]; break;
case 'O': oldpass = argv[++arg]; break;
case 'P': promptindicator = 0; break;
case 't': transform_type_input = argv[++arg]; break;
case 'v': verbose = 1; break;
case 'V': visible = 1; break;
case 'h':
rval = 0;
default:
usage_to_file(stdout);
exit(rval);
}
}
if ( !transform_type_input ) {
fprintf(stderr, "The -t option is mandatory.\n");
usage_synopsis(stdout);
exit(1000);
}
/*
* Convert and error check transform_type.
*/
if ( !strcmp(transform_type_input, "md5") ) {
transform_type = usmHMACMD5AuthProtocol;
} else if ( !strcmp(transform_type_input, "sha1") ) {
transform_type = usmHMACSHA1AuthProtocol;
} else {
fprintf(stderr,
"Unrecognized hash transform: \"%s\".\n",
transform_type_input);
usage_synopsis(stderr);
QUITFUN(rval = SNMPERR_GENERR, main_quit);
}
if (verbose) {
fprintf(stderr, "Hash:\t\t%s\n",
(transform_type == usmHMACMD5AuthProtocol)
? "usmHMACMD5AuthProtocol"
: "usmHMACSHA1AuthProtocol"
);
}
/*
* Build engineID. Accept hex engineID as the bits
* "in-and-of-themselves", otherwise create an engineID with the
* given string as text.
*
* If no engineID is given, lookup the first IP address for the
* localhost and use that (see setup_engineID()).
*/
if ( engineid && (tolower(*(engineid+1)) == 'x') ) {
engineid_len = hex_to_binary2( engineid+2,
strlen((char *)engineid)-2,
(char **) &engineid);
DEBUGMSGTL(("encode_keychange","engineIDLen: %d\n", engineid_len));
} else {
engineid_len = setup_engineID(&engineid, (char *)engineid);
}
#ifdef SNMP_TESTING_CODE
if (verbose) {
fprintf(stderr, "EngineID:\t%s\n",
/* XXX = */ dump_snmpEngineID(engineid, &engineid_len));
}
#endif
/*
* Get passphrases from user.
*/
rval = get_user_passphrases();
QUITFUN(rval, main_quit);
if ( strlen(oldpass) < USM_LENGTH_P_MIN ) {
fprintf(stderr, "Old passphrase must be greater than %d "
"characters in length.\n",
USM_LENGTH_P_MIN);
QUITFUN(rval = SNMPERR_GENERR, main_quit);
} else if ( strlen(newpass) < USM_LENGTH_P_MIN ) {
fprintf(stderr, "New passphrase must be greater than %d "
"characters in length.\n",
USM_LENGTH_P_MIN);
QUITFUN(rval = SNMPERR_GENERR, main_quit);
}
if (verbose) {
fprintf(stderr,
"Old passphrase:\t%s\nNew passphrase:\t%s\n",
oldpass, newpass);
}
/*
* Compute Ku and Kul's from old and new passphrases, then
* compute the keychange string & print it out.
*/
rval = sc_init();
QUITFUN(rval, main_quit);
rval = generate_Ku( transform_type, USM_LENGTH_OID_TRANSFORM,
(u_char *)oldpass, strlen(oldpass),
oldKu, &oldKu_len);
QUITFUN(rval, main_quit);
rval = generate_Ku( transform_type, USM_LENGTH_OID_TRANSFORM,
(u_char *)newpass, strlen(newpass),
newKu, &newKu_len);
QUITFUN(rval, main_quit);
DEBUGMSGTL(("encode_keychange", "EID (%d): ", engineid_len));
for(i=0; i < (int)engineid_len; i++)
DEBUGMSGTL(("encode_keychange", "%02x",(int) (engineid[i])));
DEBUGMSGTL(("encode_keychange","\n"));
DEBUGMSGTL(("encode_keychange", "old Ku (%d) (from %s): ", oldKu_len, oldpass));
for(i=0; i < (int)oldKu_len; i++)
DEBUGMSGTL(("encode_keychange", "%02x",(int) (oldKu[i])));
DEBUGMSGTL(("encode_keychange","\n"));
rval = generate_kul( transform_type, USM_LENGTH_OID_TRANSFORM,
engineid, engineid_len,
oldKu, oldKu_len,
oldkul, &oldkul_len);
QUITFUN(rval, main_quit);
DEBUGMSGTL(("encode_keychange", "generating old Kul (%d) (from Ku): ", oldkul_len));
for(i=0; i < (int)oldkul_len; i++)
DEBUGMSGTL(("encode_keychange", "%02x",(int) (oldkul[i])));
DEBUGMSGTL(("encode_keychange","\n"));
rval = generate_kul( transform_type, USM_LENGTH_OID_TRANSFORM,
engineid, engineid_len,
newKu, newKu_len,
newkul, &newkul_len);
QUITFUN(rval, main_quit);
DEBUGMSGTL(("encode_keychange", "generating new Kul (%d) (from Ku): ", oldkul_len));
for(i=0; i < (int)newkul_len; i++)
DEBUGMSGTL(("encode_keychange", "%02x",newkul[i]));
DEBUGMSGTL(("encode_keychange","\n"));
rval = encode_keychange(transform_type, USM_LENGTH_OID_TRANSFORM,
oldkul, oldkul_len,
newkul, newkul_len,
keychange, &keychange_len);
QUITFUN(rval, main_quit);
binary_to_hex(keychange, keychange_len, &s);
printf("%s%s\n",
(verbose) ? "KeyChange string:\t" : "", /* XXX stdout */
s);
/*
* Cleanup.
*/
main_quit:
snmp_call_callbacks(SNMP_CALLBACK_LIBRARY, SNMP_CALLBACK_SHUTDOWN,
NULL);
SNMP_ZERO(oldpass, strlen(oldpass));
SNMP_ZERO(newpass, strlen(newpass));
SNMP_ZERO(oldKu, oldKu_len);
SNMP_ZERO(newKu, newKu_len);
SNMP_ZERO(oldkul, oldkul_len);
SNMP_ZERO(newkul, newkul_len);
SNMP_ZERO(s, strlen(s));
return rval;
} /* end main() */
_SCAPI_NOT_CONFIGURED
#endif /* NETSNMP_USE_INTERNAL_MD5 */
/*******************************************************************-o-******
* sc_encrypt
*
* Parameters:
* privtype Type of privacy cryptographic transform.
* *key Key bits for crypting.
* keylen Length of key (buffer) in bytes.
* *iv IV bits for crypting.
* ivlen Length of iv (buffer) in bytes.
* *plaintext Plaintext to crypt.
* ptlen Length of plaintext.
* *ciphertext Ciphertext to crypt.
* *ctlen Length of ciphertext.
*
* Returns:
* SNMPERR_SUCCESS Success.
* SNMPERR_SC_NOT_CONFIGURED Encryption is not supported.
* SNMPERR_SC_GENERAL_FAILURE Any other error
*
*
* Encrypt plaintext into ciphertext using key and iv.
*
* ctlen contains actual number of crypted bytes in ciphertext upon
* successful return.
*/
int
sc_encrypt(const oid * privtype, size_t privtypelen,
u_char * key, u_int keylen,
u_char * iv, u_int ivlen,
u_char * plaintext, u_int ptlen,
u_char * ciphertext, size_t * ctlen)
#if defined(NETSNMP_USE_OPENSSL)
{
int rval = SNMPERR_SUCCESS;
u_int properlength = 0, properlength_iv = 0;
u_char pad_block[128]; /* bigger than anything I need */
u_char my_iv[128]; /* ditto */
int pad, plast, pad_size = 0;
int have_trans;
#ifndef NETSNMP_DISABLE_DES
#ifdef OLD_DES
DES_key_schedule key_sch;
#else
DES_key_schedule key_sched_store;
DES_key_schedule *key_sch = &key_sched_store;
#endif
DES_cblock key_struct;
#endif
#ifdef HAVE_AES
AES_KEY aes_key;
int new_ivlen = 0;
#endif
DEBUGTRACE;
/*
* Sanity check.
*/
#if !defined(NETSNMP_ENABLE_SCAPI_AUTHPRIV)
snmp_log(LOG_ERR, "Encryption support not enabled.\n");
return SNMPERR_SC_NOT_CONFIGURED;
#endif
if (!privtype || !key || !iv || !plaintext || !ciphertext || !ctlen
|| (keylen <= 0) || (ivlen <= 0) || (ptlen <= 0) || (*ctlen <= 0)
|| (privtypelen != USM_LENGTH_OID_TRANSFORM)) {
QUITFUN(SNMPERR_GENERR, sc_encrypt_quit);
} else if (ptlen > *ctlen) {
QUITFUN(SNMPERR_GENERR, sc_encrypt_quit);
}
#ifdef NETSNMP_ENABLE_TESTING_CODE
{
size_t buf_len = 128, out_len = 0;
u_char *buf = (u_char *) malloc(buf_len);
if (buf != NULL) {
if (sprint_realloc_hexstring(&buf, &buf_len, &out_len, 1,
iv, ivlen)) {
DEBUGMSGTL(("scapi", "encrypt: IV: %s/", buf));
} else {
DEBUGMSGTL(("scapi", "encrypt: IV: %s [TRUNCATED]/", buf));
}
out_len = 0;
if (sprint_realloc_hexstring(&buf, &buf_len, &out_len, 1,
key, keylen)) {
DEBUGMSG(("scapi", "%s\n", buf));
} else {
DEBUGMSG(("scapi", "%s [TRUNCATED]\n", buf));
}
out_len = 0;
if (sprint_realloc_hexstring(&buf, &buf_len, &out_len, 1,
plaintext, 16)) {
DEBUGMSGTL(("scapi", "encrypt: string: %s\n", buf));
} else {
DEBUGMSGTL(("scapi", "encrypt: string: %s [TRUNCATED]\n",
buf));
}
free(buf);
} else {
DEBUGMSGTL(("scapi",
"encrypt: malloc fail for debug output\n"));
}
}
#endif /* NETSNMP_ENABLE_TESTING_CODE */
/*
* Determine privacy transform.
*/
have_trans = 0;
#ifndef NETSNMP_DISABLE_DES
if (ISTRANSFORM(privtype, DESPriv)) {
properlength = BYTESIZE(SNMP_TRANS_PRIVLEN_1DES);
properlength_iv = BYTESIZE(SNMP_TRANS_PRIVLEN_1DES_IV);
pad_size = properlength;
have_trans = 1;
}
#endif
#ifdef HAVE_AES
if (ISTRANSFORM(privtype, AESPriv)) {
properlength = BYTESIZE(SNMP_TRANS_PRIVLEN_AES);
properlength_iv = BYTESIZE(SNMP_TRANS_PRIVLEN_AES_IV);
have_trans = 1;
}
#endif
if (!have_trans) {
QUITFUN(SNMPERR_GENERR, sc_encrypt_quit);
}
if ((keylen < properlength) || (ivlen < properlength_iv)) {
QUITFUN(SNMPERR_GENERR, sc_encrypt_quit);
}
memset(my_iv, 0, sizeof(my_iv));
#ifndef NETSNMP_DISABLE_DES
if (ISTRANSFORM(privtype, DESPriv)) {
/*
* now calculate the padding needed
*/
pad = pad_size - (ptlen % pad_size);
plast = (int) ptlen - (pad_size - pad);
if (pad == pad_size)
pad = 0;
if (ptlen + pad > *ctlen) {
QUITFUN(SNMPERR_GENERR, sc_encrypt_quit); /* not enough space */
}
if (pad > 0) { /* copy data into pad block if needed */
memcpy(pad_block, plaintext + plast, pad_size - pad);
memset(&pad_block[pad_size - pad], pad, pad); /* filling in padblock */
}
memcpy(key_struct, key, sizeof(key_struct));
(void) DES_key_sched(&key_struct, key_sch);
memcpy(my_iv, iv, ivlen);
/*
* encrypt the data
*/
DES_ncbc_encrypt(plaintext, ciphertext, plast, key_sch,
(DES_cblock *) my_iv, DES_ENCRYPT);
if (pad > 0) {
/*
* then encrypt the pad block
*/
DES_ncbc_encrypt(pad_block, ciphertext + plast, pad_size,
key_sch, (DES_cblock *) my_iv, DES_ENCRYPT);
*ctlen = plast + pad_size;
} else {
*ctlen = plast;
}
}
#endif
#ifdef HAVE_AES
if (ISTRANSFORM(privtype, AESPriv)) {
(void) AES_set_encrypt_key(key, properlength*8, &aes_key);
memcpy(my_iv, iv, ivlen);
/*
* encrypt the data
*/
AES_cfb128_encrypt(plaintext, ciphertext, ptlen,
&aes_key, my_iv, &new_ivlen, AES_ENCRYPT);
*ctlen = ptlen;
}
#endif
sc_encrypt_quit:
/*
* clear memory just in case
*/
memset(my_iv, 0, sizeof(my_iv));
memset(pad_block, 0, sizeof(pad_block));
#ifndef NETSNMP_DISABLE_DES
memset(key_struct, 0, sizeof(key_struct));
#ifdef OLD_DES
memset(&key_sch, 0, sizeof(key_sch));
#else
memset(&key_sched_store, 0, sizeof(key_sched_store));
#endif
#endif
#ifdef HAVE_AES
memset(&aes_key,0,sizeof(aes_key));
#endif
return rval;
} /* end sc_encrypt() */
/*******************************************************************-o-******
* get_enginetime
*
* Parameters:
* *engineID
* engineID_len
* *engineboot
* *engine_time
*
* Returns:
* SNMPERR_SUCCESS Success -- when a record for engineID is found.
* SNMPERR_GENERR Otherwise.
*
*
* Lookup engineID and return the recorded values for the
* <engine_time, engineboot> tuple adjusted to reflect the estimated time
* at the engine in question.
*
* Special case: if engineID is NULL or if engineID_len is 0 then
* the time tuple is returned immediately as zero.
*
* XXX What if timediff wraps? >shrug<
* XXX Then: you need to increment the boots value. Now. Detecting
* this is another matter.
*/
int
get_enginetime(u_char * engineID,
u_int engineID_len,
u_int * engineboot,
u_int * engine_time, u_int authenticated)
{
int rval = SNMPERR_SUCCESS;
time_t timediff = 0;
Enginetime e = NULL;
/*
* Sanity check.
*/
if (!engine_time || !engineboot) {
QUITFUN(SNMPERR_GENERR, get_enginetime_quit);
}
/*
* Compute estimated current engine_time tuple at engineID if
* a record is cached for it.
*/
*engine_time = *engineboot = 0;
if (!engineID || (engineID_len <= 0)) {
QUITFUN(SNMPERR_GENERR, get_enginetime_quit);
}
if (!(e = search_enginetime_list(engineID, engineID_len))) {
QUITFUN(SNMPERR_GENERR, get_enginetime_quit);
}
#ifdef LCD_TIME_SYNC_OPT
if (!authenticated || e->authenticatedFlag) {
#endif
*engine_time = e->engineTime;
*engineboot = e->engineBoot;
timediff = snmpv3_local_snmpEngineTime() - e->lastReceivedEngineTime;
#ifdef LCD_TIME_SYNC_OPT
}
#endif
if (timediff > (int) (ENGINETIME_MAX - *engine_time)) {
*engine_time = (timediff - (ENGINETIME_MAX - *engine_time));
/*
* FIX -- move this check up... should not change anything
* * if engineboot is already locked. ???
*/
if (*engineboot < ENGINEBOOT_MAX) {
*engineboot += 1;
}
} else {
*engine_time += timediff;
}
DEBUGMSGTL(("lcd_get_enginetime", "engineID "));
DEBUGMSGHEX(("lcd_get_enginetime", engineID, engineID_len));
DEBUGMSG(("lcd_get_enginetime", ": boots=%d, time=%d\n", *engineboot,
*engine_time));
get_enginetime_quit:
return rval;
} /* end get_enginetime() */
/*******************************************************************-o-******
* set_enginetime
*
* Parameters:
* *engineID
* engineID_len
* engineboot
* engine_time
*
* Returns:
* SNMPERR_SUCCESS Success.
* SNMPERR_GENERR Otherwise.
*
*
* Lookup engineID and store the given <engine_time, engineboot> tuple
* and then stamp the record with a consistent source of local time.
* If the engineID record does not exist, create one.
*
* Special case: engineID is NULL or engineID_len is 0 defines an engineID
* that is "always set."
*
* XXX "Current time within the local engine" == time(NULL)...
*/
int
set_enginetime(u_char * engineID,
u_int engineID_len,
u_int engineboot, u_int engine_time, u_int authenticated)
{
int rval = SNMPERR_SUCCESS, iindex;
Enginetime e = NULL;
/*
* Sanity check.
*/
if (!engineID || (engineID_len <= 0)) {
return rval;
}
/*
* Store the given <engine_time, engineboot> tuple in the record
* for engineID. Create a new record if necessary.
*/
if (!(e = search_enginetime_list(engineID, engineID_len))) {
if ((iindex = hash_engineID(engineID, engineID_len)) < 0) {
QUITFUN(SNMPERR_GENERR, set_enginetime_quit);
}
e = (Enginetime) calloc(1, sizeof(*e));
e->next = etimelist[iindex];
etimelist[iindex] = e;
e->engineID = (u_char *) calloc(1, engineID_len);
memcpy(e->engineID, engineID, engineID_len);
e->engineID_len = engineID_len;
}
#ifdef LCD_TIME_SYNC_OPT
if (authenticated || !e->authenticatedFlag) {
e->authenticatedFlag = authenticated;
#else
if (authenticated) {
#endif
e->engineTime = engine_time;
e->engineBoot = engineboot;
e->lastReceivedEngineTime = snmpv3_local_snmpEngineTime();
}
e = NULL; /* Indicates a successful update. */
DEBUGMSGTL(("lcd_set_enginetime", "engineID "));
DEBUGMSGHEX(("lcd_set_enginetime", engineID, engineID_len));
DEBUGMSG(("lcd_set_enginetime", ": boots=%d, time=%d\n", engineboot,
engine_time));
set_enginetime_quit:
SNMP_FREE(e);
return rval;
} /* end set_enginetime() */
/*******************************************************************-o-******
* search_enginetime_list
*
* Parameters:
* *engineID
* engineID_len
*
* Returns:
* Pointer to a etimelist record with engineID <engineID> -OR-
* NULL if no record exists.
*
*
* Search etimelist for an entry with engineID.
*
* ASSUMES that no engineID will have more than one record in the list.
*/
Enginetime
search_enginetime_list(u_char * engineID, u_int engineID_len)
{
int rval = SNMPERR_SUCCESS;
Enginetime e = NULL;
/*
* Sanity check.
*/
if (!engineID || (engineID_len <= 0)) {
QUITFUN(SNMPERR_GENERR, search_enginetime_list_quit);
}
/*
* Find the entry for engineID if there be one.
*/
rval = hash_engineID(engineID, engineID_len);
if (rval < 0) {
QUITFUN(SNMPERR_GENERR, search_enginetime_list_quit);
}
e = etimelist[rval];
for ( /*EMPTY*/; e; e = e->next) {
if ((engineID_len == e->engineID_len)
&& !memcmp(e->engineID, engineID, engineID_len)) {
break;
}
}
search_enginetime_list_quit:
return e;
} /* end search_enginetime_list() */
