예제 #1
0
uint8_t SNMPv3AESEncryptResponseScopedPdu(SNMPV3_RESPONSE_WHOLEMSG* plain_text/*uint8_t userDBIndex*/)
{

uint8_t* cryptoKey;
uint8_t* initVector;
uint8_t* plainText;
uint16_t plaintextLen;
uint8_t* encrypted_text;
uint8_t extraMemReqd;
AES_ROUND_KEYS_128_BIT round_keys;
AES_CFB_STATE_DATA current_stream;

SNMPV3_PROCESSING_MEM_INFO_PTRS snmpv3PktProcessingMemPntr; 
SNMPV3_STACK_DCPT_STUB * snmpv3EngnDcptMemoryStubPtr=0;		
				
	SNMPv3GetPktProcessingDynMemStubPtrs(&snmpv3PktProcessingMemPntr);
				
	snmpv3EngnDcptMemoryStubPtr=snmpv3PktProcessingMemPntr.snmpv3StkProcessingDynMemStubPtr;
	
	//This is a secured request. Compute the AES Encryption IV 
	SNMPv3UsmAesEncryptDecrptInitVector(SNMP_RESPONSE_PDU);

	plaintextLen= (plain_text->scopedPduStructLen);
	cryptoKey=snmpv3EngnDcptMemoryStubPtr->UserInfoDataBase[snmpv3EngnDcptMemoryStubPtr->UserInfoDataBaseIndx].userPrivPswdLoclizdKey;
	initVector=snmpV3AesEncryptInitVector;
	plainText=(plain_text->scopedPduOffset);
	

	extraMemReqd=(16-(plaintextLen%16)); //AES Blocks are in multiples of 16 Bytes
	encrypted_text=(uint8_t*)(TCPIP_HEAP_Calloc(snmpv3PktProcessingMemPntr.snmpHeapMemHandler,1,(size_t)plaintextLen+extraMemReqd));

	if(encrypted_text != NULL)
	{		
		AESCreateRoundKeys (&round_keys,cryptoKey,AES_KEY_SIZE_128_BIT);

        memcpy(current_stream.initial_vector,initVector,16);

		AESCFBEncrypt(encrypted_text,plainText, plaintextLen,    
                    &round_keys, &current_stream,        
                    AES_STREAM_START | AES_USE_CFB128 );

	}
	else
		return	SNMPV3_MSG_PRIV_FAIL;

	//Copy decrypted text to already allocated WholeMsg dynamic memory Buffer.
	memcpy(plainText,encrypted_text,plaintextLen);

	//free this temp buffer used for decryption purpose.
	TCPIP_HEAP_Free(snmpv3PktProcessingMemPntr.snmpHeapMemHandler, encrypted_text);

	return SNMPV3_MSG_PRIV_PASS;
}
예제 #2
0
/****************************************************************************
  Function:
	uint8_t SNMPv3AESDecryptRxedScopedPdu(void)
	
  Summary:
  	Incoming SNMPv3 scoped PDU decryption using AES decryption protocol.
	
  Description:
  	This routine decrypts SNMPV3 incoming PDU using AES protocol , but before this 
  	encrypted data length is verified.If the length of the encrypted OCTECT-STRING 
  	is not multiple of 8, then dryption will be halted.
  	RFC - 3414. ( section 8)
  	 		 		  	
  Precondition:
   	SNMPv3Init() and ProcessVariabels() are called.	

  Parameters:
  	None 
  	  	
  Return Values:
	SNMPV3_MSG_PRIV_FAIL - Failure
	SNMPV3_MSG_PRIV_PASS - Success

  Remarks:
	None 
***************************************************************************/
uint8_t SNMPv3AESDecryptRxedScopedPdu(/*uint8_t userDBIndex*/)
{

uint8_t* cryptoKey;
uint8_t* initVector;
uint8_t* snmpv3_cipher_text;
uint16_t cipherTextLen;
uint8_t* decrypted_text;
uint16_t temp;
uint8_t extraMemReqd;

AES_ROUND_KEYS_128_BIT round_keys;
AES_CFB_STATE_DATA current_stream;

SNMPV3_PROCESSING_MEM_INFO_PTRS snmpv3PktProcessingMemPntr; 
SNMPV3_STACK_DCPT_STUB * snmpv3EngnDcptMemoryStubPtr=0;		
				
	SNMPv3GetPktProcessingDynMemStubPtrs(&snmpv3PktProcessingMemPntr);
				
	snmpv3EngnDcptMemoryStubPtr=snmpv3PktProcessingMemPntr.snmpv3StkProcessingDynMemStubPtr;


	cryptoKey=snmpv3EngnDcptMemoryStubPtr->UserInfoDataBase[snmpv3EngnDcptMemoryStubPtr->UserInfoDataBaseIndx].userPrivPswdLoclizdKey;
	initVector=snmpV3AesDecryptInitVector;
	temp=snmpv3EngnDcptMemoryStubPtr->InPduWholeMsgBuf.scopedPduOffset;
	snmpv3_cipher_text=(snmpv3EngnDcptMemoryStubPtr->InPduWholeMsgBuf.snmpMsgHead+temp);
	cipherTextLen= snmpv3EngnDcptMemoryStubPtr->InPduWholeMsgBuf.scopedPduStructLen;

	extraMemReqd=(16-(cipherTextLen%16)); //AES Blocks are in multiples of 16 Bytes
	decrypted_text=(uint8_t*)(TCPIP_HEAP_Calloc(snmpv3PktProcessingMemPntr.snmpHeapMemHandler,1,(size_t)cipherTextLen+extraMemReqd));
	
	if(decrypted_text != NULL)
	{
				
		AESCreateRoundKeys (&round_keys,cryptoKey,AES_KEY_SIZE_128_BIT);
	
		memcpy(current_stream.initial_vector,initVector,16);
	
		AESCFBDecrypt(decrypted_text,snmpv3_cipher_text, cipherTextLen,	
						&round_keys, &current_stream,		 
						AES_STREAM_START | AES_USE_CFB128);
	}
	else
		return SNMPV3_MSG_PRIV_FAIL;

	//Copy decrypted text to already allocated WholeMsg dynamic memory Buffer.
	memcpy(snmpv3_cipher_text,decrypted_text,cipherTextLen);

	//free this temp buffer used for decryption purpose.
	TCPIP_HEAP_Free(snmpv3PktProcessingMemPntr.snmpHeapMemHandler, decrypted_text);

	return SNMPV3_MSG_PRIV_PASS;
}
예제 #3
0
BYTE Snmpv3AESEncryptResponseScopedPdu(SNMPV3_RESPONSE_WHOLEMSG* plain_text)
{

UINT8* cryptoKey;
UINT8* initVector;
UINT8* plainText;
WORD plaintextLen;
UINT8* encrypted_text;
BYTE extraMemReqd;
AES_ROUND_KEYS_128_BIT round_keys;
AES_CFB_STATE_DATA current_stream;

		
	//This is a secured request. Compute the AES Encryption IV 
	Snmpv3UsmAesEncryptDecryptInitVector(SNMP_RESPONSE_PDU);

	plaintextLen= (plain_text->scopedPduStructLen);
	cryptoKey=snmpV3UserDataBase[gSnmpv3UserDBIndex].userPrivPswdLoclizdKey;
	initVector=snmpV3AesEncryptInitVector;
	plainText=(plain_text->scopedPduOffset);
	

	extraMemReqd=(16-(plaintextLen%16)); //AES Blocks are in multiples of 16 Bytes
	encrypted_text=(UINT8*)(malloc((size_t)plaintextLen+extraMemReqd));

	if(encrypted_text != NULL)
	{		
		AESCreateRoundKeys (&round_keys,cryptoKey,AES_KEY_SIZE_128_BIT);

        memcpy(current_stream.initial_vector,initVector,16);

		AESCFBEncrypt(encrypted_text,plainText, plaintextLen,    
                    &round_keys, &current_stream,        
                    AES_STREAM_START | AES_USE_CFB128 );

	}
	else
		return	SNMPV3_MSG_PRIV_FAIL;

	//Copy decrypted text to already allocated WholeMsg dynamic memory Buffer.
	memcpy(plainText,encrypted_text,plaintextLen);

	//free this temp buffer used for decryption purpose.
	free(encrypted_text);

	return SNMPV3_MSG_PRIV_PASS;
}
예제 #4
0
BYTE Snmpv3AESDecryptRxedScopedPdu(void)
{

UINT8* cryptoKey;
UINT8* initVector;
UINT8* cipher_text;
WORD cipherTextLen;
UINT8* decrypted_text;
WORD temp;
BYTE extraMemReqd;

	AES_ROUND_KEYS_128_BIT round_keys;
	AES_CFB_STATE_DATA current_stream;

	cryptoKey=snmpV3UserDataBase[gSnmpv3UserDBIndex].userPrivPswdLoclizdKey;
	initVector=snmpV3AesDecryptInitVector;
	temp=gSnmpV3InPduWholeMsgBuf.scopedPduOffset;
	cipher_text=(gSnmpV3InPduWholeMsgBuf.snmpMsgHead+temp);
	cipherTextLen= gSnmpV3InPduWholeMsgBuf.scopedPduStructLen;

	extraMemReqd=(16-(cipherTextLen%16)); //AES Blocks are in multiples of 16 Bytes
	decrypted_text=(BYTE*)(malloc((size_t)cipherTextLen+extraMemReqd));
	
	if(decrypted_text != NULL)
	{
				
		AESCreateRoundKeys (&round_keys,cryptoKey,AES_KEY_SIZE_128_BIT);
	
		memcpy(current_stream.initial_vector,initVector,16);
	
		AESCFBDecrypt(decrypted_text,cipher_text, cipherTextLen,	
						&round_keys, &current_stream,		 
						AES_STREAM_START | AES_USE_CFB128);
	}
	else
		return SNMPV3_MSG_PRIV_FAIL;

	//Copy decrypted text to already allocated WholeMsg dynamic memory Buffer.
	memcpy(cipher_text,decrypted_text,cipherTextLen);

	//free this temp buffer used for decryption purpose.
	free(decrypted_text);

	return SNMPV3_MSG_PRIV_PASS;
}