40 #ifdef SNMP_PP_NAMESPACE
45 #define MAXUINT32 4294967295u
49 #define MAXLEN_USMUSERNAME 32
50 #define MAXLEN_USMSECURITYNAME MAXLEN_USMUSERNAME
52 #define SNMPv3_AUTHFLAG 0x01
53 #define SNMPv3_PRIVFLAG 0x02
54 #define SNMPv3_REPORTABLEFLAG 0x04
68 #define SNMP_SECURITY_LEVEL_NOAUTH_NOPRIV 1
69 #define SNMP_SECURITY_LEVEL_AUTH_NOPRIV 2
70 #define SNMP_SECURITY_LEVEL_AUTH_PRIV 3
79 #define SNMP_AUTHPROTOCOL_NONE 1
80 #define SNMP_AUTHPROTOCOL_HMACMD5 2
81 #define SNMP_AUTHPROTOCOL_HMACSHA 3
90 #define SNMP_PRIVPROTOCOL_NONE 1
91 #define SNMP_PRIVPROTOCOL_DES 2
92 #define SNMP_PRIVPROTOCOL_AES128 4
94 #define SNMP_PRIVPROTOCOL_IDEA 9
95 #define SNMP_PRIVPROTOCOL_AES192 20
96 #define SNMP_PRIVPROTOCOL_AES256 21
97 #define SNMP_PRIVPROTOCOL_3DESEDE 3
106 #define SNMPv3_USM_OK 1400
107 #define SNMPv3_USM_ERROR 1401
108 #define SNMPv3_USM_ERROR_CONFIGFILE 1402
109 #define SNMPv3_USM_UNSUPPORTED_SECURITY_LEVEL 1403
110 #define SNMPv3_USM_UNKNOWN_SECURITY_NAME 1404
111 #define SNMPv3_USM_ENCRYPTION_ERROR 1405
112 #define SNMPv3_USM_DECRYPTION_ERROR 1406
113 #define SNMPv3_USM_AUTHENTICATION_ERROR 1407
114 #define SNMPv3_USM_AUTHENTICATION_FAILURE 1408
115 #define SNMPv3_USM_PARSE_ERROR 1409
116 #define SNMPv3_USM_UNKNOWN_ENGINEID 1410
117 #define SNMPv3_USM_NOT_IN_TIME_WINDOW 1411
118 #define SNMPv3_USM_UNSUPPORTED_AUTHPROTOCOL 1412
119 #define SNMPv3_USM_UNSUPPORTED_PRIVPROTOCOL 1413
120 #define SNMPv3_USM_ADDRESS_ERROR 1414
121 #define SNMPv3_USM_FILECREATE_ERROR 1415
122 #define SNMPv3_USM_FILEOPEN_ERROR 1416
123 #define SNMPv3_USM_FILERENAME_ERROR 1417
124 #define SNMPv3_USM_FILEDELETE_ERROR 1418
125 #define SNMPv3_USM_FILEWRITE_ERROR 1419
126 #define SNMPv3_USM_FILEREAD_ERROR 1420
131 #define SNMPv3_USM_MAX_ERROR SNMPv3_USM_FILEREAD_ERROR
132 #define SNMPv3_USM_MIN_ERROR SNMPv3_USM_OK
133 #define SNMPv3_USM_ERRORCOUNT SNMPv3_USM_MAX_ERROR - SNMPv3_USM_MIN_ERROR
136 #define oidUsmStats "1.3.6.1.6.3.15.1.1"
137 #define oidUsmStatsUnsupportedSecLevels "1.3.6.1.6.3.15.1.1.1.0"
138 #define oidUsmStatsNotInTimeWindows "1.3.6.1.6.3.15.1.1.2.0"
139 #define oidUsmStatsUnknownUserNames "1.3.6.1.6.3.15.1.1.3.0"
140 #define oidUsmStatsUnknownEngineIDs "1.3.6.1.6.3.15.1.1.4.0"
141 #define oidUsmStatsWrongDigests "1.3.6.1.6.3.15.1.1.5.0"
142 #define oidUsmStatsDecryptionErrors "1.3.6.1.6.3.15.1.1.6.0"
144 #define oidUsmUserTable "1.3.6.1.6.3.15.1.2.2"
145 #define oidUsmUserEntry "1.3.6.1.6.3.15.1.2.2.1"
147 #define oidUsmAuthProtocolBase "1.3.6.1.6.3.10.1.1"
148 #define oidUsmNoAuthProtocol "1.3.6.1.6.3.10.1.1.1"
149 #define oidUsmHMACMD5AuthProtocol "1.3.6.1.6.3.10.1.1.2"
150 #define oidUsmHMACSHAAuthProtocol "1.3.6.1.6.3.10.1.1.3"
152 #define oidUsmPrivProtocolBase "1.3.6.1.6.3.10.1.2"
153 #define oidUsmNoPrivProtocol "1.3.6.1.6.3.10.1.2.1"
154 #define oidUsmDESPrivProtocol "1.3.6.1.6.3.10.1.2.2"
155 #define oidUsmIDEAPrivProtocol "1.3.6.1.6.3.10.1.2.9"
156 #define oidUsmAES128PrivProtocol "1.3.6.1.6.3.10.1.2.4"
157 #define oidUsmAES192PrivProtocol "1.3.6.1.6.3.10.1.2.20"
158 #define oidUsmAES256PrivProtocol "1.3.6.1.6.3.10.1.2.21"
159 #define oidUsm3DESEDEPrivProtocol "1.3.6.1.6.3.10.1.2.3"
162 #define USM_KeyUpdate 1
163 #define USM_PasswordUpdate 2
164 #define USM_PasswordKeyUpdate 3
165 #define USM_PasswordAllKeyUpdate 4
204 const OctetStr &usm_user_security_name,
205 const int auth_protocol,
207 const int priv_protocol,
210 struct SecurityStateReference;
214 class USMUserNameTable;
248 USM(
unsigned int engine_boots,
const OctetStr &engine_id,
const v3MP *v3_mp,
249 unsigned int *msg_id,
int &result);
297 int add_usm_user(
const OctetStr& security_name,
298 const long int auth_protocol,
299 const long int priv_protocol,
325 int add_usm_user(
const OctetStr& user_name,
327 const long int auth_protocol,
328 const long int priv_protocol,
361 int add_usm_user(
const OctetStr& user_name,
363 const long int auth_protocol,
364 const long int priv_protocol,
370 const long int auth_protocol,
371 const long int priv_protocol,
375 {
return add_usm_user(security_name, security_name, auth_protocol,
376 priv_protocol, auth_password, priv_password,
386 void delete_usm_user(
const OctetStr& security_name);
397 int save_localized_users(
const char *file);
407 int load_localized_users(
const char *file);
417 int save_users(
const char *file);
427 int load_users(
const char *file);
451 int add_localized_user(
const OctetStr &engine_id,
454 const long auth_protocol,
456 const long priv_protocol,
477 int build_localized_keys(
const OctetStr &engine_id,
480 const unsigned char *auth_password,
481 const unsigned int auth_password_len,
482 const unsigned char *priv_password,
483 const unsigned int priv_password_len,
484 unsigned char *auth_key,
485 unsigned int *auth_key_len,
486 unsigned char *priv_key,
487 unsigned int *priv_key_len);
497 int delete_localized_user(
const OctetStr& user_name);
510 int delete_localized_user(
const OctetStr& engine_id,
532 int remove_time_information(
const OctetStr &engine_id);
550 int update_key(
const unsigned char* user_name,
const long user_name_len,
551 const unsigned char* engine_id,
const long engine_id_len,
552 const unsigned char* new_key,
const long new_key_len,
553 const int type_of_key);
577 void free_user(
struct UsmUser *&user);
589 int get_security_name(
const unsigned char *user_name,
590 const long int user_name_len,
606 int get_user_name(
unsigned char *user_name,
607 long int *user_name_len,
608 const unsigned char *security_name,
609 const long int security_name_len);
636 struct UsmKeyUpdate* key_update_prepare(
const OctetStr& securityName,
650 void key_update_abort(
struct UsmKeyUpdate *uku);
662 int key_update_commit(
struct UsmKeyUpdate *uku,
int update_type);
683 int get_time(
const OctetStr &engine_id,
684 long int *engine_boots,
long int *engine_time);
697 int get_local_time(
long int *engine_boots,
long int *engine_time)
const;
711 {
return usmStatsUnsupportedSecLevels; };
719 {
return usmStatsNotInTimeWindows; };
727 {
return usmStatsUnknownUserNames; };
735 {
return usmStatsUnknownEngineIDs; };
743 {
return usmStatsWrongDigests; };
751 {
return usmStatsDecryptionErrors; };
757 void inc_stats_unsupported_sec_levels();
758 void inc_stats_not_in_time_windows();
759 void inc_stats_unknown_user_names();
760 void inc_stats_unknown_engine_ids();
761 void inc_stats_wrong_digests();
762 void inc_stats_decryption_errors();
769 void lock_user_name_table();
791 void unlock_user_name_table();
797 void lock_user_table();
819 void unlock_user_table();
829 void delete_sec_state_reference(
struct SecurityStateReference *ssr);
873 int get_user_count()
const;
891 int remove_all_users();
900 struct SecurityStateReference *get_new_sec_state_reference();
927 unsigned char *globalData,
928 int globalDataLength,
933 unsigned char *scopedPDU,
935 struct SecurityStateReference *securityStateReference,
936 unsigned char *wholeMsg,
937 int *wholeMsgLength);
970 unsigned char *securityParameters,
971 int securityParametersLength,
972 int securityParametersPosition,
973 long int securityLevel,
974 unsigned char *wholeMsg,
976 unsigned char *msgData,
980 unsigned char *scopedPDU,
981 int *scopedPDULength,
982 long *maxSizeResponseScopedPDU,
983 struct SecurityStateReference *securityStateReference,
995 void delete_sec_parameters(
struct UsmSecurityParameters *usp);
1024 unsigned char *build_sec_params(
unsigned char *outBuf,
int *maxLength,
1025 struct UsmSecurityParameters sp,
1046 unsigned char *build_whole_msg(
1047 unsigned char *outBuf,
int *maxLength,
1048 unsigned char *globalData,
long int globalDataLength,
1049 int *positionAuthPar,
1050 struct UsmSecurityParameters securityParameters,
1051 unsigned char *msgData,
long int msgDataLength);
1059 inline void delete_user_ptr(
struct UsmUser *user);
1099 #define SecurityLevel_noAuthNoPriv SNMP_SECURITY_LEVEL_NOAUTH_NOPRIV
1100 #define SecurityLevel_authNoPriv SNMP_SECURITY_LEVEL_AUTH_NOPRIV
1101 #define SecurityLevel_authPriv SNMP_SECURITY_LEVEL_AUTH_PRIV
1103 #define SNMPv3_usmNoAuthProtocol SNMP_AUTHPROTOCOL_NONE
1104 #define SNMPv3_usmHMACMD5AuthProtocol SNMP_AUTHPROTOCOL_HMACMD5
1105 #define SNMPv3_usmHMACSHAAuthProtocol SNMP_AUTHPROTOCOL_HMACSHA
1107 #define SNMPv3_usmNoPrivProtocol SNMP_PRIVPROTOCOL_NONE
1108 #define SNMPv3_usmDESPrivProtocol SNMP_PRIVPROTOCOL_DES
1109 #define SNMPv3_usmIDEAPrivProtocol SNMP_PRIVPROTOCOL_IDEA
1110 #define SNMPv3_usmAES128PrivProtocol SNMP_PRIVPROTOCOL_AES128
1111 #define SNMPv3_usmAES192PrivProtocol SNMP_PRIVPROTOCOL_AES192
1112 #define SNMPv3_usmAES256PrivProtocol SNMP_PRIVPROTOCOL_AES256
1114 #ifdef SNMP_PP_NAMESPACE
long int authPasswordLength
Class that holds all authentication and privacy protocols for a snmp entity.
unsigned long get_stats_unknown_user_names() const
Get the number of received messages with a unknown userName.
unsigned int usmStatsWrongDigests
unsigned int usmStatsUnknownUserNames
long int usmUserAuthProtocol
long int usmUserAuthProtocol
USMUserTable * usm_user_table
long int usmUserEngineIDLength
OctetStr local_snmp_engine_id
local snmp engine id
long int usmUserSecurityNameLength
unsigned long get_stats_decryption_errors() const
Get the number of received messages with decryption errors.
long int usmUserPrivKeyLength
long int usmUserAuthKeyLength
long int privPasswordLength
unsigned int usmStatsNotInTimeWindows
unsigned long get_stats_unknown_engine_ids() const
Get the number of received messages with a unknown engineID.
long int usmUserNameLength
unsigned int usmStatsDecryptionErrors
unsigned long get_stats_not_in_time_windows() const
Get the number of received messages outside time window.
The SNMPv3 Message Processing Model (v3MP).
unsigned long get_stats_wrong_digests() const
Get the number of received messages with a wrong digest.
USMUserNameTable * usm_user_name_table
unsigned int usmStatsUnknownEngineIDs
long int usmUserPrivProtocol
int add_usm_user(const OctetStr &security_name, const long int auth_protocol, const long int priv_protocol, const OctetStr &auth_password, const OctetStr &priv_password, const OctetStr &engine_id)
long int usmUserNameLength
unsigned int usmStatsUnsupportedSecLevels
int remove_engine_id(const OctetStr &engine_id)
Remove all occurences of this engine id from v3MP and USM.
OctetStr usmUserSecurityName
const OctetStr & get_local_engine_id() const
Return the local snmp engine id.
USMTimeTable * usm_time_table
void set_discovery_mode()
Enables the discovery mode of the USM, i.e.
void(* usm_add_user_callback)(const OctetStr &engine_id, const OctetStr &usm_user_name, const OctetStr &usm_user_security_name, const int auth_protocol, const OctetStr &auth_key, const int priv_protocol, const OctetStr &priv_key)
void unset_discovery_mode()
Disables the discovery mode of the USM, i.e.
This is the class for the User Based Security Model.
long int usmUserPrivProtocol
long int securityNameLength
bool is_discovery_enabled() const
Return TRUE if the USM discovery mode is enabled, FALSE else.
Abstract class used to provide a virtual interface into Targets.
usm_add_user_callback usm_add_user_cb
const v3MP * v3mp
Pointer to the v3MP that created this object.
unsigned long get_stats_unsupported_sec_levels() const
Get the number of received messages with an unsupported securityLevel.