Secure SNMPv3 agent parameters
SNMP Agent specific values. This class stores values to access SNMP version 3 agents. Pass this class with your request data (Pdu) to the request method of the target class to make a request. Based on the information in this class, an appropriate request will be made by the request class. Following request types are generated: * if EngineBoots and EngineTime are integer value 0 or if EngineId value is length 0, Discovery request is made and passed instance of the SecureAgentParameters is updated with returned values. * in all other cases, SNMP request is made to the agent
Inheritance: IAgentParameters
SecureAgentParameters Class Documentation
Esempio n. 1
0
        /// <summary>
        /// Perform SNMP version 3 discovery operation. This is the first operation that needs to be
        /// performed on a newly accessed agent to retrieve agentId, agentBoots and agentTime values, critical
        /// for further authentication and privacy operations.
        /// </summary>
        /// <param name="param"><see cref="SecureAgentParameters"/> class instance that will be updated
        /// with discovered agent values. This class with be reset to its defaults prior to agent
        /// discovered values so do not store any critical information in it prior to calling the
        /// discovery method</param>
        /// <returns>True if discovery operation was a success, otherwise false</returns>
        public bool Discovery(SecureAgentParameters param)
        {
            param.Reset();
            param.SecurityName.Set("");
            param.Reportable = true;
            Pdu          pdu   = new Pdu();  // just leave everything at default.
            SnmpV3Packet inpkt = (SnmpV3Packet)Request(pdu, param);

            if (inpkt != null)
            {
                if (inpkt.USM.EngineBoots == 0 && inpkt.USM.EngineTime == 0)
                {
                    inpkt = (SnmpV3Packet)Request(pdu, param);
                    if (inpkt != null)
                    {
                        return(true);
                    }
                }
                else
                {
                    return(true);
                }
            }
            return(false);
        }
Esempio n. 2
0
        /// <summary>Copy constructor. Initialize the class with the values of the parameter class values.</summary>
        /// <param name="second">Parameter class.</param>
        public SecureAgentParameters(SecureAgentParameters second)
            : this()
        {
            contextEngineId.Set(second.ContextEngineId);
            contextName.Set(second.ContextName);
            engineBoots.Value = second.EngineBoots.Value;
            engineId.Set(second.EngineId);
            engineTime.Value     = second.EngineTime.Value;
            engineTimeStamp      = second.EngineTimeStamp();
            maxMessageSize.Value = second.MaxMessageSize.Value;
            privacyProtocol      = second.Privacy;
            privacySecret.Set(second.PrivacySecret);
            authenticationProtocol = second.Authentication;
            authenticationSecret.Set(second.AuthenticationSecret);
            reportable = second.Reportable;
            securityName.Set(second.SecurityName);

            if (second.AuthenticationKey != null)
            {
                authenticationKey = (byte[])second.AuthenticationKey.Clone();
            }

            if (second.PrivacyKey != null)
            {
                privacyKey = (byte[])second.PrivacyKey.Clone();
            }
        }
Esempio n. 3
0
 /// <summary>Constructor</summary>
 /// <remarks>
 /// Create new SNMPv3 packet class and initialize security parameters and ScopedPdu.
 /// </remarks>
 /// <param name="param">SNMPv3 security parameters</param>
 /// <param name="pdu">ScopedPdu assigned to the class</param>
 public SnmpV3Packet(SecureAgentParameters param, ScopedPdu pdu)
     : this(param)
 {
     if (pdu != null)
     {
         scopedPdu = pdu;
     }
 }
Esempio n. 4
0
 /// <summary>Constructor.</summary>
 /// <remarks>
 /// Create new SNMPv3 packet class and initialize security parameters
 /// </remarks>
 /// <param name="param">Initialization SNMPv3 security parameters</param>
 public SnmpV3Packet(SecureAgentParameters param)
     : this()
 {
     if (param != null)
     {
         param.InitializePacket(this);
     }
 }
Esempio n. 5
0
 /// <summary>
 /// Copy constructor. Initialize the class with the values of the parameter class values.
 /// </summary>
 /// <param name="second">Parameter class.</param>
 public SecureAgentParameters(SecureAgentParameters second)
     : this()
 {
     this._contextEngineId.Set(second.ContextEngineId);
     this._contextName.Set(second.ContextName);
     this._engineBoots.Value = second.EngineBoots.Value;
     this._engineId.Set(second.EngineId);
     this._engineTime.Value     = second.EngineTime.Value;
     this._engineTimeStamp      = second.EngineTimeStamp();
     this._maxMessageSize.Value = second.MaxMessageSize.Value;
     this._privacyProtocol      = second.Privacy;
     this._privacySecret.Set(second.PrivacySecret);
     this._authenticationProtocol = second.Authentication;
     this._authenticationSecret.Set(second.AuthenticationSecret);
     this._reportable = second.Reportable;
     this._securityName.Set(second.SecurityName);
 }
Esempio n. 6
0
 /// <summary>
 /// Copy constructor. Initialize the class with the values of the parameter class values.
 /// </summary>
 /// <param name="second">Parameter class.</param>
 public SecureAgentParameters(SecureAgentParameters second)
     : this()
 {
     this._contextEngineId.Set(second.ContextEngineId);
     this._contextName.Set(second.ContextName);
     this._engineBoots.Value = second.EngineBoots.Value;
     this._engineId.Set(second.EngineId);
     this._engineTime.Value = second.EngineTime.Value;
     this._engineTimeStamp = second.EngineTimeStamp();
     this._maxMessageSize.Value = second.MaxMessageSize.Value;
     this._privacyProtocol = second.Privacy;
     this._privacySecret.Set(second.PrivacySecret);
     this._authenticationProtocol = second.Authentication;
     this._authenticationSecret.Set(second.AuthenticationSecret);
     this._reportable = second.Reportable;
     this._securityName.Set(second.SecurityName);
     if( second.AuthenticationKey != null )
         this._authenticationKey = (byte[])second.AuthenticationKey.Clone();
     if( second.PrivacyKey != null )
         this._privacyKey = (byte[])second.PrivacyKey.Clone();
 }
Esempio n. 7
0
        internal void AsyncResponse(AsyncRequestResult result, IPEndPoint peer, byte[] buffer, int buflen)
        {
            if (result != AsyncRequestResult.NoError)
            {
                _response(result, null);
            }
            else
            {
                if (buffer == null || buffer.Length <= 0 || buflen <= 0)
                {
                    _response(AsyncRequestResult.NoDataReceived, null);
                    return;
                }
                // verify packet
                if (_agentParameters.Version == (int)SnmpVersion.Ver1)
                {
                    SnmpV1Packet packet = new SnmpV1Packet();
                    try
                    {
                        packet.decode(buffer, buflen);
                    }
                    catch (Exception ex)
                    {
                        ex.GetType();
                        // Console.WriteLine("Exception while decoding SNMP packet: " + ex.ToString());
                        _response(AsyncRequestResult.DecodeError, packet);
                        return;
                    }
                    _response(AsyncRequestResult.NoError, packet);
                    return;
                }
                else if (_agentParameters.Version == SnmpVersion.Ver2)
                {
                    SnmpV2Packet packet = new SnmpV2Packet();
                    try
                    {
                        packet.decode(buffer, buflen);
                    }
                    catch (Exception ex)
                    {
                        ex.GetType();
                        // Console.WriteLine("Exception while decoding SNMP packet: " + ex.ToString());
                        // MutableByte b = new MutableByte(buffer, buflen);
                        // Console.WriteLine("Buffer length {0}", buflen);
                        // SnmpConstants.DumpHex(b);
                        _response(AsyncRequestResult.DecodeError, packet);
                        return;
                    }

                    _response(AsyncRequestResult.NoError, packet);
                }
                else if (_agentParameters.Version == SnmpVersion.Ver3)
                {
                    SnmpV3Packet          packet    = new SnmpV3Packet();
                    SecureAgentParameters secparams = (SecureAgentParameters)_agentParameters;
                    secparams.InitializePacket(packet);
                    try {
                        if (secparams.HasCachedKeys)
                        {
                            packet.decode(buffer, buflen, secparams.AuthenticationKey, secparams.PrivacyKey);
                        }
                        else
                        {
                            packet.decode(buffer, buflen);
                        }
                    }
                    catch
                    {
                        _response(AsyncRequestResult.DecodeError, packet);
                        return;
                    }
                    if (!secparams.ValidateIncomingPacket(packet))
                    {
                        _response(AsyncRequestResult.AuthenticationError, packet);
                    }
                    else
                    {
                        secparams.UpdateDiscoveryValues(packet);                         // update time, etc. values
                        _response(AsyncRequestResult.NoError, packet);
                    }
                }
            }
        }
Esempio n. 8
0
        /// <summary>
        /// Make an async discovery request for protocol version 3.
        /// </summary>
        /// <param name="param">Agent parameters</param>
        /// <param name="callback">Callback method</param>
        /// <returns>True if operation was correctly initiated, otherwise false.</returns>
        public bool DiscoveryAsync(SecureAgentParameters param, SnmpAsyncResponse callback)
        {
            Pdu p = new Pdu();

            return(RequestAsync(p, param, callback));
        }
Esempio n. 9
0
        /// <summary>
        /// Make SNMP request. With this method you can make blocked SNMP version 1, 2 and 3 requests of type GET,
        /// GET-NEXT, GET-BULK, SET and REPORT (request types have to compatible with the SNMP protocol version you
        /// are using).
        ///
        /// This method will pass through any exceptions thrown by parsing classes/methods so see individual packet
        /// classes, ASN.1 type classes, authentication, privacy, etc. classes for exceptions thrown.
        /// </summary>
        /// <param name="pdu">Pdu class (do not pass ScopedPdu)</param>
        /// <param name="agentParameters">Security information for the request. Use <see cref="AgentParameters"/>
        /// for SNMP versions 1 and 2 requests. Use <see cref="SecureAgentParameters"/> for SNMP version 3
        /// requests.</param>
        /// <param name="responseCallback">Callback that receives the result of the async operation.</param>
        /// <returns>True if async request was successfully initiated, otherwise false.</returns>
        public bool RequestAsync(Pdu pdu, IAgentParameters agentParameters, SnmpAsyncResponse responseCallback)
        {
            if (IsBusy)
            {
                return(false);                // class is busy
            }
            _response        = null;
            _response       += responseCallback;
            _agentParameters = agentParameters;
            byte[] outPacket;
            if (agentParameters.Version == SnmpVersion.Ver3)
            {
                SecureAgentParameters secparams = (SecureAgentParameters)agentParameters;
                if (secparams.Authentication != AuthenticationDigests.None && secparams.AuthenticationSecret.Length <= 0)
                {
                    // _response(AsyncRequestResult.AuthenticationError, null);
                    return(false);
                }
                if (secparams.Privacy != PrivacyProtocols.None && secparams.PrivacySecret.Length <= 0)
                {
                    // _response(AsyncRequestResult.PrivacyError, null);
                    return(false);
                }
                _noSourceCheck = false;                 // this option is not valid for SNMP v3 requests
                ScopedPdu outPdu = new ScopedPdu(pdu);
                outPdu.ContextEngineId.Set(secparams.EngineId);
                outPdu.ContextName.Set(secparams.ContextName);
                SnmpV3Packet packet = new SnmpV3Packet(outPdu);
                secparams.InitializePacket(packet);
                try
                {
                    if (secparams.HasCachedKeys)
                    {
                        outPacket = packet.encode(secparams.AuthenticationKey, secparams.PrivacyKey);
                    }
                    else
                    {
                        outPacket = packet.encode();
                    }
                }
                catch (Exception ex)
                {
                    ex.GetType();
                    _response(AsyncRequestResult.EncodeError, packet);
                    return(false);
                }
            }
            else if (agentParameters.Version == (int)SnmpVersion.Ver1)
            {
                AgentParameters param = (AgentParameters)agentParameters;
                _noSourceCheck = param.DisableReplySourceCheck;
                SnmpV1Packet packet = new SnmpV1Packet();
                packet.Pdu.Set(pdu);
                packet.Community.Set(param.Community);
                try
                {
                    outPacket = packet.encode();
                }
                catch (Exception ex)
                {
                    ex.GetType();
                    _response(AsyncRequestResult.EncodeError, packet);
                    return(false);
                }
            }
            else if (agentParameters.Version == SnmpVersion.Ver2)
            {
                AgentParameters param = (AgentParameters)agentParameters;
                _noSourceCheck = param.DisableReplySourceCheck;
                SnmpV2Packet packet = new SnmpV2Packet();
                packet.Pdu.Set(pdu);
                packet.Community.Set(param.Community);
                try
                {
                    outPacket = packet.encode();
                }
                catch (Exception ex)
                {
                    ex.GetType();
                    _response(AsyncRequestResult.EncodeError, packet);
                    return(false);
                }
            }
            else
            {
                throw new SnmpInvalidVersionException("Unsupported SNMP version.");
            }

            if (!base.RequestAsync(_address, _port, outPacket, outPacket.Length, _timeout, _retry, new SnmpAsyncCallback(AsyncResponse)))
            {
                return(false);
            }
            return(true);
        }
Esempio n. 10
0
        /// <summary>Make SNMP Request</summary>
        /// <remarks>
        /// Make SNMP request. With this method you can make blocked SNMP version 1, 2 and 3 requests of type GET,
        /// GET-NEXT, GET-BULK, SET and REPORT (request types have to compatible with the SNMP protocol version you
        /// are using).
        ///
        /// This method will pass through any exceptions thrown by parsing classes/methods so see individual packet
        /// classes, ASN.1 type classes, authentication, privacy, etc. classes for exceptions thrown.
        /// </remarks>
        /// <param name="pdu">Pdu class (do not pass ScopedPdu)</param>
        /// <param name="agentParameters">Security information for the request. Use <see cref="AgentParameters"/>
        /// for SNMP versions 1 and 2 requests. Use <see cref="SecureAgentParameters"/> for SNMP version 3
        /// requests.</param>
        /// <returns>Appropriate SNMP packet class for the reply received (<see cref="SnmpV1Packet"/>,
        /// <see cref="SnmpV2Packet"/>, or <see cref="SnmpV3Packet"/>. Null value if there was an error
        /// with the request.</returns>
        /// <exception cref="SnmpAuthenticationException">Thrown on SNMPv3 requests when authentication password
        /// is not specified on authNoPriv or authPriv requests in SecureAgentParameters or if incoming packet
        /// authentication check failed.
        ///
        /// With SNMP ver1 and ver2c, authentication check fails when invalid community name is parsed in the reply.</exception>
        /// <exception cref="SnmpPrivacyException">Thrown on SNMPv3 requests when privacy password is not
        /// specified in SecureAgentParameters on authPriv requests.</exception>
        /// <exception cref="SnmpException">Thrown in following cases:
        ///
        /// * IAgentParameters.Valid() returned false. SnmpException.ErrorCode is set to SnmpException.InvalidIAgentParameters
        /// * No data received on request. SnmpException.ErrorCode is set to SnmpException.NoDataReceived
        /// * Invalid RequestId in reply. SnmpException.ErrorCode is set to SnmpException.InvalidRequestId
        /// </exception>
        public SnmpPacket Request(Pdu pdu, IAgentParameters agentParameters)
        {
            byte[] outPacket;
            if (agentParameters.Version == SnmpVersion.Ver3)
            {
                SecureAgentParameters secparams = (SecureAgentParameters)agentParameters;
                if (secparams.Authentication != AuthenticationDigests.None && secparams.AuthenticationSecret.Length <= 0)
                {
                    throw new SnmpAuthenticationException("Authentication password not specified.");
                }
                if (secparams.Privacy != PrivacyProtocols.None && secparams.PrivacySecret.Length <= 0)
                {
                    throw new SnmpPrivacyException("Privacy password not specified.");
                }
                _noSourceCheck = false;                 // this option is not valid for SNMP v3 requests
                ScopedPdu    outPdu = new ScopedPdu(pdu);
                SnmpV3Packet packet = new SnmpV3Packet(outPdu);
                secparams.InitializePacket(packet);
                if (secparams.HasCachedKeys)
                {
                    outPacket = packet.encode(secparams.AuthenticationKey, secparams.PrivacyKey);
                }
                else
                {
                    outPacket = packet.encode();
                }
            }
            else if (agentParameters.Version == SnmpVersion.Ver1)
            {
                AgentParameters param = (AgentParameters)agentParameters;
                if (!param.Valid())
                {
                    throw new SnmpException(SnmpException.InvalidIAgentParameters, "Invalid AgentParameters. Unable to process request.");
                }
                SnmpV1Packet packet = new SnmpV1Packet();
                packet.Pdu.Set(pdu);
                packet.Community.Set(param.Community);
                outPacket      = packet.encode();
                _noSourceCheck = param.DisableReplySourceCheck;
            }
            else if (agentParameters.Version == SnmpVersion.Ver2)
            {
                AgentParameters param = (AgentParameters)agentParameters;
                if (!param.Valid())
                {
                    throw new SnmpException(SnmpException.InvalidIAgentParameters, "Invalid AgentParameters. Unable to process request.");
                }
                SnmpV2Packet packet = new SnmpV2Packet();
                packet.Pdu.Set(pdu);
                packet.Community.Set(param.Community);
                _noSourceCheck = param.DisableReplySourceCheck;
                outPacket      = packet.encode();
            }
            else
            {
                throw new SnmpInvalidVersionException("Unsupported SNMP version.");
            }

            byte[] inBuffer = base.Request(_address, _port, outPacket, outPacket.Length, _timeout, _retry);

            if (inBuffer == null || inBuffer.Length <= 0)
            {
                throw new SnmpException(SnmpException.NoDataReceived, "No data received on request.");
            }
            // verify packet
            if (agentParameters.Version == SnmpVersion.Ver1)
            {
                SnmpV1Packet    packet = new SnmpV1Packet();
                AgentParameters param  = (AgentParameters)agentParameters;
                packet.decode(inBuffer, inBuffer.Length);
                if (packet.Community != param.Community)
                {
                    // invalid community name received. Ignore the rest of the packet
                    throw new SnmpAuthenticationException("Invalid community name in reply.");
                }
                if (packet.Pdu.RequestId != pdu.RequestId)
                {
                    // invalid request id. unmatched response ignored
                    throw new SnmpException(SnmpException.InvalidRequestId, "Invalid request id in reply.");
                }
                return(packet);
            }
            else if (agentParameters.Version == SnmpVersion.Ver2)
            {
                SnmpV2Packet    packet = new SnmpV2Packet();
                AgentParameters param  = (AgentParameters)agentParameters;
                packet.decode(inBuffer, inBuffer.Length);
                if (packet.Community != param.Community)
                {
                    // invalid community name received. Ignore the rest of the packet
                    throw new SnmpAuthenticationException("Invalid community name in reply.");
                }
                if (packet.Pdu.RequestId != pdu.RequestId)
                {
                    // invalid request id. unmatched response ignored
                    throw new SnmpException(SnmpException.InvalidRequestId, "Invalid request id in reply.");
                }
                return(packet);
            }
            else if (agentParameters.Version == SnmpVersion.Ver3)
            {
                SnmpV3Packet          packet    = new SnmpV3Packet();
                SecureAgentParameters secparams = (SecureAgentParameters)agentParameters;
                secparams.InitializePacket(packet);
                if (secparams.HasCachedKeys)
                {
                    packet.decode(inBuffer, inBuffer.Length, secparams.AuthenticationKey, secparams.PrivacyKey);
                }
                else
                {
                    packet.decode(inBuffer, inBuffer.Length);
                }
                // first check if packet is a discovery response and process it
                if (packet.Pdu.Type == PduType.Report && packet.Pdu.VbCount > 0 && packet.Pdu.VbList[0].Oid.Equals(SnmpConstants.usmStatsUnknownEngineIDs))
                {
                    secparams.UpdateDiscoveryValues(packet);
                    return(packet);
                }
                else
                {
                    if (!secparams.ValidateIncomingPacket(packet))
                    {
                        return(null);
                    }
                    else
                    {
                        secparams.UpdateDiscoveryValues(packet);                         // update time, etc. values
                        return(packet);
                    }
                }
            }
            return(null);
        }
Esempio n. 11
0
 /// <summary>
 /// Constructor
 /// </summary>
 /// <remarks>
 /// Create new SNMPv3 packet class and initialize security parameters and ScopedPdu.
 /// </remarks>
 /// <param name="param">SNMPv3 security parameters</param>
 /// <param name="pdu">ScopedPdu assigned to the class</param>
 public SnmpV3Packet(SecureAgentParameters param, ScopedPdu pdu)
     : this(param)
 {
     if( pdu != null )
         _scopedPdu = pdu;
 }
Esempio n. 12
0
 /// <summary>
 /// Constructor.
 /// </summary>
 /// <remarks>
 /// Create new SNMPv3 packet class and initialize security parameters
 /// </remarks>
 /// <param name="param">Initialization SNMPv3 security parameters</param>
 public SnmpV3Packet(SecureAgentParameters param)
     : this()
 {
     if( param != null )
         param.InitializePacket(this);
 }
Esempio n. 13
0
 /// <summary>
 /// Make an async discovery request for protocol version 3.
 /// </summary>
 /// <param name="param">Agent parameters</param>
 /// <param name="callback">Callback method</param>
 /// <returns>True if operation was correctly initiated, otherwise false.</returns>
 public bool DiscoveryAsync(SecureAgentParameters param, SnmpAsyncResponse callback)
 {
     Pdu p = new Pdu();
     return RequestAsync(p, param, callback);
 }
Esempio n. 14
0
 /// <summary>
 /// Perform SNMP version 3 discovery operation. This is the first operation that needs to be
 /// performed on a newly accessed agent to retrieve agentId, agentBoots and agentTime values, critical
 /// for further authentication and privacy operations.
 /// </summary>
 /// <param name="param"><see cref="SecureAgentParameters"/> class instance that will be updated
 /// with discovered agent values. This class with be reset to its defaults prior to agent
 /// discovered values so do not store any critical information in it prior to calling the
 /// discovery method</param>
 /// <returns>True if discovery operation was a success, otherwise false</returns>
 public bool Discovery(SecureAgentParameters param)
 {
     param.Reset();
     param.SecurityName.Set("");
     param.Reportable = true;
     Pdu pdu = new Pdu(); // just leave everything at default.
     SnmpV3Packet inpkt = (SnmpV3Packet)Request(pdu, param);
     if (inpkt != null)
     {
         if (inpkt.USM.EngineBoots == 0 && inpkt.USM.EngineTime == 0)
         {
             inpkt = (SnmpV3Packet)Request(pdu, param);
             if (inpkt != null)
                 return true;
         } else
             return true;
     }
     return false;
 }