void debugmsg_hex (const char *token, const u_char * thedata, size_t len) { u_char *buf = NULL; size_t buf_len = 0, out_len = 0; if (sprint_realloc_hexstring (&buf, &buf_len, &out_len, 1, thedata, len)) { if (buf != NULL) { debugmsg (token, "%s", buf); } } else { if (buf != NULL) { debugmsg (token, "%s [TRUNCATED]", buf); } } if (buf != NULL) { free (buf); } }
void debugmsg_hextli (const char *token, const u_char * thedata, size_t len) { char buf[SPRINT_MAX_LEN], token2[SPRINT_MAX_LEN]; u_char *b3 = NULL; size_t b3_len = 0, o3_len = 0; int incr; sprintf (token2, "dumpx_%s", token); /* * XX tracing lines removed from this function DEBUGTRACE; */ DEBUGIF (token2) { for (incr = 16; len > 0; len -= incr, thedata += incr) { if ((int) len < incr) { incr = len; } /* * XXnext two lines were DEBUGPRINTINDENT(token); */ sprintf (buf, "dumpx%s", token); debugmsg (buf, "%s: %*s", token2, debug_indent_get (), ""); if (sprint_realloc_hexstring (&b3, &b3_len, &o3_len, 1, thedata, incr)) { if (b3 != NULL) { debugmsg (token2, "%s", b3); } } else { if (b3 != NULL) { debugmsg (token2, "%s [TRUNCATED]", b3); } } o3_len = 0; } } if (b3 != NULL) { free (b3); } }
/** * Get snmp value to the structure my_poid_result-> * Author : lining 15810423651 [email protected] * @param netsnmp_variable_list *vars : the return pdu variable value. * @param my_oid_result : the structure my_poid_result-> * @return void. */ void get_oid_value(netsnmp_variable_list *vars, my_oid_result **oid_result) { unsigned int count = 0; (*oid_result)->oid_name_length = vars->name_length; for(count=0; count < vars->name_length; count++) { (*oid_result)->oid_name[count] = *(vars->name+count); } (*oid_result)->val_len = vars->val_len; (*oid_result)->type = vars->type; if(vars->type == SNMP_NOSUCHOBJECT) { return; } if(vars->type == SNMP_NOSUCHINSTANCE) { return; } if(vars->type == SNMP_ENDOFMIBVIEW) { return; } if (vars->type == ASN_OCTET_STR) { int hex = 0; int x; u_char * cp; int allow_realloc = 1; u_char *buf = NULL; size_t buf_len = 256, out_len = 0; for (cp = vars->val.string, x = 0; x < (int)vars->val_len; x++, cp++) { if (!isprint(*cp) && !isspace(*cp)) { hex = 1; } } if(!hex) { for(count=0; count < vars->val_len; count++) { (*oid_result)->val.string[count] = vars->val.string[count]; } return; } else { buf = (u_char *) calloc(buf_len, 1); sprint_realloc_hexstring(&buf, &buf_len, &out_len, allow_realloc, vars->val.string, vars->val_len); for(count=0; count < strlen(buf); count++) { (*oid_result)->val.string[count] = buf[count]; } (*oid_result)->val.string[strlen(buf)] = 0; free(buf); return; } } if (vars->type == ASN_BIT_STR) { sprintf((*oid_result)->val.bitstring, "%s" ,vars->val.bitstring); return; } if (vars->type == ASN_OPAQUE) { return; } if (vars->type == ASN_INTEGER) { (*oid_result)->val.integer = *vars->val.integer; (*oid_result)->val.integer = (*oid_result)->val.integer & 0x00000000ffffffff; return; } if (vars->type == ASN_UINTEGER) { (*oid_result)->val.integer = *vars->val.integer; (*oid_result)->val.integer = (*oid_result)->val.integer & 0x00000000ffffffff; return; } if (vars->type == ASN_OBJECT_ID) { (*oid_result)->objid_length = vars->val_len/sizeof(oid); for(count=0; count < (*oid_result)->objid_length; count++) { (*oid_result)->val.objid[count] = vars->val.objid[count]; } return; } if (vars->type == ASN_TIMETICKS) { (*oid_result)->val.integer = *(u_long *)vars->val.integer; return; } if (vars->type == ASN_IPADDRESS) { (*oid_result)->val.string[0] = vars->val.string[0]; (*oid_result)->val.string[1] = vars->val.string[1]; (*oid_result)->val.string[2] = vars->val.string[2]; (*oid_result)->val.string[3] = vars->val.string[3]; return; } if (vars->type == ASN_OPAQUE_I64) { printI64((*oid_result)->val.string, vars->val.counter64); return; } if (vars->type == ASN_OPAQUE_COUNTER64 || vars->type == ASN_OPAQUE_U64 || vars->type == ASN_COUNTER64) { printU64((*oid_result)->val.string, vars->val.counter64); return; } if (vars->type == ASN_COUNTER) { (*oid_result)->val.integer = *vars->val.integer; return; } if (vars->type == ASN_GAUGE) { (*oid_result)->val.integer = *vars->val.integer; return; } if (vars->type == ASN_OPAQUE_FLOAT) { (*oid_result)->val.floatVal = *vars->val.floatVal; return; } if (vars->type == ASN_OPAQUE_DOUBLE) { (*oid_result)->val.doubleVal = *vars->val.doubleVal; return; } if (vars->type == ASN_NULL) { return; } return; }
_SCAPI_NOT_CONFIGURED #endif /* NETSNMP_USE_INTERNAL_MD5 */ /*******************************************************************-o-****** * sc_encrypt * * Parameters: * privtype Type of privacy cryptographic transform. * *key Key bits for crypting. * keylen Length of key (buffer) in bytes. * *iv IV bits for crypting. * ivlen Length of iv (buffer) in bytes. * *plaintext Plaintext to crypt. * ptlen Length of plaintext. * *ciphertext Ciphertext to crypt. * *ctlen Length of ciphertext. * * Returns: * SNMPERR_SUCCESS Success. * SNMPERR_SC_NOT_CONFIGURED Encryption is not supported. * SNMPERR_SC_GENERAL_FAILURE Any other error * * * Encrypt plaintext into ciphertext using key and iv. * * ctlen contains actual number of crypted bytes in ciphertext upon * successful return. */ int sc_encrypt(const oid * privtype, size_t privtypelen, u_char * key, u_int keylen, u_char * iv, u_int ivlen, u_char * plaintext, u_int ptlen, u_char * ciphertext, size_t * ctlen) #if defined(NETSNMP_USE_OPENSSL) { int rval = SNMPERR_SUCCESS; u_int properlength = 0, properlength_iv = 0; u_char pad_block[128]; /* bigger than anything I need */ u_char my_iv[128]; /* ditto */ int pad, plast, pad_size = 0; int have_trans; #ifndef NETSNMP_DISABLE_DES #ifdef OLD_DES DES_key_schedule key_sch; #else DES_key_schedule key_sched_store; DES_key_schedule *key_sch = &key_sched_store; #endif DES_cblock key_struct; #endif #ifdef HAVE_AES AES_KEY aes_key; int new_ivlen = 0; #endif DEBUGTRACE; /* * Sanity check. */ #if !defined(NETSNMP_ENABLE_SCAPI_AUTHPRIV) snmp_log(LOG_ERR, "Encryption support not enabled.\n"); return SNMPERR_SC_NOT_CONFIGURED; #endif if (!privtype || !key || !iv || !plaintext || !ciphertext || !ctlen || (keylen <= 0) || (ivlen <= 0) || (ptlen <= 0) || (*ctlen <= 0) || (privtypelen != USM_LENGTH_OID_TRANSFORM)) { QUITFUN(SNMPERR_GENERR, sc_encrypt_quit); } else if (ptlen > *ctlen) { QUITFUN(SNMPERR_GENERR, sc_encrypt_quit); } #ifdef NETSNMP_ENABLE_TESTING_CODE { size_t buf_len = 128, out_len = 0; u_char *buf = (u_char *) malloc(buf_len); if (buf != NULL) { if (sprint_realloc_hexstring(&buf, &buf_len, &out_len, 1, iv, ivlen)) { DEBUGMSGTL(("scapi", "encrypt: IV: %s/", buf)); } else { DEBUGMSGTL(("scapi", "encrypt: IV: %s [TRUNCATED]/", buf)); } out_len = 0; if (sprint_realloc_hexstring(&buf, &buf_len, &out_len, 1, key, keylen)) { DEBUGMSG(("scapi", "%s\n", buf)); } else { DEBUGMSG(("scapi", "%s [TRUNCATED]\n", buf)); } out_len = 0; if (sprint_realloc_hexstring(&buf, &buf_len, &out_len, 1, plaintext, 16)) { DEBUGMSGTL(("scapi", "encrypt: string: %s\n", buf)); } else { DEBUGMSGTL(("scapi", "encrypt: string: %s [TRUNCATED]\n", buf)); } free(buf); } else { DEBUGMSGTL(("scapi", "encrypt: malloc fail for debug output\n")); } } #endif /* NETSNMP_ENABLE_TESTING_CODE */ /* * Determine privacy transform. */ have_trans = 0; #ifndef NETSNMP_DISABLE_DES if (ISTRANSFORM(privtype, DESPriv)) { properlength = BYTESIZE(SNMP_TRANS_PRIVLEN_1DES); properlength_iv = BYTESIZE(SNMP_TRANS_PRIVLEN_1DES_IV); pad_size = properlength; have_trans = 1; } #endif #ifdef HAVE_AES if (ISTRANSFORM(privtype, AESPriv)) { properlength = BYTESIZE(SNMP_TRANS_PRIVLEN_AES); properlength_iv = BYTESIZE(SNMP_TRANS_PRIVLEN_AES_IV); have_trans = 1; } #endif if (!have_trans) { QUITFUN(SNMPERR_GENERR, sc_encrypt_quit); } if ((keylen < properlength) || (ivlen < properlength_iv)) { QUITFUN(SNMPERR_GENERR, sc_encrypt_quit); } memset(my_iv, 0, sizeof(my_iv)); #ifndef NETSNMP_DISABLE_DES if (ISTRANSFORM(privtype, DESPriv)) { /* * now calculate the padding needed */ pad = pad_size - (ptlen % pad_size); plast = (int) ptlen - (pad_size - pad); if (pad == pad_size) pad = 0; if (ptlen + pad > *ctlen) { QUITFUN(SNMPERR_GENERR, sc_encrypt_quit); /* not enough space */ } if (pad > 0) { /* copy data into pad block if needed */ memcpy(pad_block, plaintext + plast, pad_size - pad); memset(&pad_block[pad_size - pad], pad, pad); /* filling in padblock */ } memcpy(key_struct, key, sizeof(key_struct)); (void) DES_key_sched(&key_struct, key_sch); memcpy(my_iv, iv, ivlen); /* * encrypt the data */ DES_ncbc_encrypt(plaintext, ciphertext, plast, key_sch, (DES_cblock *) my_iv, DES_ENCRYPT); if (pad > 0) { /* * then encrypt the pad block */ DES_ncbc_encrypt(pad_block, ciphertext + plast, pad_size, key_sch, (DES_cblock *) my_iv, DES_ENCRYPT); *ctlen = plast + pad_size; } else { *ctlen = plast; } } #endif #ifdef HAVE_AES if (ISTRANSFORM(privtype, AESPriv)) { (void) AES_set_encrypt_key(key, properlength*8, &aes_key); memcpy(my_iv, iv, ivlen); /* * encrypt the data */ AES_cfb128_encrypt(plaintext, ciphertext, ptlen, &aes_key, my_iv, &new_ivlen, AES_ENCRYPT); *ctlen = ptlen; } #endif sc_encrypt_quit: /* * clear memory just in case */ memset(my_iv, 0, sizeof(my_iv)); memset(pad_block, 0, sizeof(pad_block)); #ifndef NETSNMP_DISABLE_DES memset(key_struct, 0, sizeof(key_struct)); #ifdef OLD_DES memset(&key_sch, 0, sizeof(key_sch)); #else memset(&key_sched_store, 0, sizeof(key_sched_store)); #endif #endif #ifdef HAVE_AES memset(&aes_key,0,sizeof(aes_key)); #endif return rval; } /* end sc_encrypt() */