usm
void snmpv3_usm_discovery(int, int, struct headerdata *, struct usm *);
void snmpv3_usm_encode(int, struct ber *, struct usm *);
void snmpv3_usm_decode(int, void *, size_t, void *, size_t, struct usm *);
.usm.engineidlen = 0,
.usm.engineboots = 0,
.usm.enginetime = 0,
.usm.username = "noauthpriv"
snmpv3_usm_discovery(s, timeout, hd, ¶ms->usm);
struct usm *params)
.usm = *params
sp.usm.username[0] = '\0';
memcpy(params->engineid, sp.usm.engineid, sp.usm.engineidlen);
params->engineidlen = sp.usm.engineidlen;
snmpv3_usm_encode(s, ber, ¶ms->usm);
snmpv3_usm_encode(int s, struct ber *ber, struct usm *params)
snmpv3_usm_decode(s, buf, buflen, spstr, spstrlen, &sp->usm);
struct usm *usm)
if (usm->engineidlen == 0) {
memcpy(usm->engineid, engineid, engineidlen);
usm->engineidlen = engineidlen;
if (usm->engineidlen != engineidlen ||
memcmp(usm->engineid, engineid, engineidlen) != 0)
if (usm->engineboots == 0 && usm->enginetime == 0) {
usm->engineboots = engineboots;
usm->enginetime = enginetime;
if (usm->engineboots < engineboots)
else if (usm->engineboots == engineboots) {
if (enginetime < usm->enginetime - 150 ||
enginetime > usm->enginetime + 150)
if (strcmp(username, usm->username) != 0)
struct usm usm;
int32_t snmpv3_usm_send(int, int, struct headerdata *, struct usm *, int32_t,
free(usm);
memcpy(usm->user, user, userlen);
usm->userlen = userlen;
sec->data = usm;
struct usm_sec *usm = agent->v3->sec->data;
if (usm->engineidset && usm->bootsset && usm->timeset)
userlen = usm->userlen;
usm->userlen = 0;
usm->userlen = userlen;
usm->userlen = userlen;
if (!usm->engineidset || !usm->bootsset || !usm->timeset) {
struct usm_sec *usm = agent->v3->sec->data;
if (usm->timeset) {
timespecsub(&now, &(usm->timecheck), &timediff);
usmcookie->time = usm->time + timediff.tv_sec;
usmcookie->boots = usm->boots;
digestlen = usm_digestlen(usm->digest);
if ((params = ober_printf_elements(NULL, "{xddxxx}", usm->engineid,
usm->engineidlen, usmcookie->boots, usmcookie->time, usm->user,
usm->userlen, digest, digestlen, &(usmcookie->salt),
struct usm_sec *usm = agent->v3->sec->data;
encpdu = usm_crypt(usm->cipher, 1, usm->privkey, usmcookie, serialpdu,
struct usm_sec *usm = agent->v3->sec->data;
if (usm->authlevel != USM_KEY_LOCALIZED)
if (HMAC(usm->digest, usm->authkey, EVP_MD_size(usm->digest), buf,
usm_digestlen(usm->digest));
struct usm_sec *usm = agent->v3->sec->data;
if (!usm->engineidset) {
if (usm->engineidlen != engineidlen)
if (memcmp(usm->engineid, engineid, engineidlen) != 0)
if (!usm->bootsset) {
usm->boots = usmcookie->boots;
usm->bootsset = 1;
if (usmcookie->boots < usm->boots)
if (usmcookie->boots > usm->boots) {
usm->bootsset = 0;
usm->timeset = 0;
if (!usm->timeset) {
usm->time = usmcookie->time;
if (clock_gettime(CLOCK_MONOTONIC, &usm->timecheck) == -1)
usm->timeset = 1;
timespecsub(&now, &(usm->timecheck), &timediff);
usm->time + timediff.tv_sec - USM_MAX_TIMEWINDOW ||
usm->time + timediff.tv_sec + USM_MAX_TIMEWINDOW) {
usm->bootsset = 0;
usm->timeset = 0;
if (usm->boots == 0 && usm->time == 0) {
usm->bootsset = 0;
usm->timeset = 0;
if (userlen != usm->userlen ||
memcmp(user, usm->user, userlen) != 0)
if (digestlen != usm_digestlen(usm->digest))
if (HMAC(usm->digest, usm->authkey, EVP_MD_size(usm->digest), packet,
struct usm_sec *usm = agent->v3->sec->data;
if ((rawpdu = usm_crypt(usm->cipher, 0, usm->privkey, usmcookie,
struct usm_sec *usm = data;
free(usm->user);
free(usm->authkey);
free(usm->privkey);
free(usm->engineid);
free(usm);
struct usm_sec *usm = sec->data;
if ((usm->authkey = usm_passwd2mkey(digest, key)) == NULL)
usm->authkey = lkey;
usm->digest = digest;
usm->authlevel = level;
struct usm_sec *usm = sec->data;
if (usm->digest == NULL) {
if ((usm->privkey = usm_passwd2mkey(usm->digest, key)) == NULL)
keylen = EVP_MD_size(usm->digest);
if (keylen != (size_t)EVP_MD_size(usm->digest)) {
usm->privkey = lkey;
usm->cipher = cipher;
usm->privlevel = level;
struct usm_sec *usm = sec->data;
if (usm->engineid != NULL)
free(usm->engineid);
if ((usm->engineid = malloc(engineidlen)) == NULL)
memcpy(usm->engineid, engineid, engineidlen);
usm->engineidlen = engineidlen;
usm->engineidset = 1;
if (usm->authlevel == USM_KEY_MASTER) {
mkey = usm->authkey;
if ((usm->authkey = usm_mkey2lkey(usm, usm->digest,
usm->authkey = mkey;
usm->authlevel = USM_KEY_LOCALIZED;
if (usm->privlevel == USM_KEY_MASTER) {
mkey = usm->privkey;
if ((usm->privkey = usm_mkey2lkey(usm, usm->digest,
usm->privkey = mkey;
usm->privlevel = USM_KEY_LOCALIZED;
struct usm_sec *usm = sec->data;
if (clock_gettime(CLOCK_MONOTONIC, &(usm->timecheck)) == -1)
usm->boots = boots;
usm->bootsset = 1;
usm->time = time;
usm->timeset = 1;
usm_mkey2lkey(struct usm_sec *usm, const EVP_MD *md, const char *mkey)
!EVP_DigestUpdate(ctx, usm->engineid, usm->engineidlen) ||
struct usm_sec *usm;
if ((usm = calloc(1, sizeof(struct usm_sec))) == NULL) {
if ((usm->user = malloc(userlen)) == NULL) {
{ MIBDECL(usm) }, \
struct ber_element *usm = NULL, *next = NULL, *decr;
usm = ober_read_elements(&ber, NULL);
if (usm == NULL) {
smi_debug_elements(usm);
if (ober_scanf_elements(usm, "{xiixpxx$", &engineidv, &engineid.length,
if (usm != NULL)
ober_free_elements(usm);
struct ber_element *usm, *a, *res = NULL;
usm = ober_add_sequence(NULL);
if ((a = ober_printf_elements(usm, "xdds",
smi_debug_elements(usm);
len = ober_write_elements(&ber, usm);
ober_free_elements(usm);