class NETSNMP::Encryption::AES
Public Class Methods
new(priv_key, local: 0)
click to toggle source
# File lib/netsnmp/encryption/aes.rb, line 6 def initialize(priv_key, local: 0) @priv_key = priv_key @local = local end
Public Instance Methods
decrypt(encrypted_data, salt:, engine_boots:, engine_time:)
click to toggle source
# File lib/netsnmp/encryption/aes.rb, line 29 def decrypt(encrypted_data, salt:, engine_boots:, engine_time:) raise Error, "invalid priv salt received" unless !salt.empty? && (salt.length % 8).zero? cipher = OpenSSL::Cipher::AES128.new(:CFB) cipher.padding = 0 iv = generate_decryption_key(engine_boots, engine_time, salt) cipher.decrypt cipher.key = aes_key cipher.iv = iv decrypted_data = cipher.update(encrypted_data) + cipher.final hlen, bodylen = OpenSSL::ASN1.traverse(decrypted_data) { |_, _, x, y, *| break x, y } decrypted_data.byteslice(0, hlen + bodylen) end
encrypt(decrypted_data, engine_boots:, engine_time:)
click to toggle source
# File lib/netsnmp/encryption/aes.rb, line 11 def encrypt(decrypted_data, engine_boots:, engine_time:) cipher = OpenSSL::Cipher::AES128.new(:CFB) iv, salt = generate_encryption_key(engine_boots, engine_time) cipher.encrypt cipher.iv = iv cipher.key = aes_key if (diff = decrypted_data.length % 8) != 0 decrypted_data << ("\x00" * (8 - diff)) end encrypted_data = cipher.update(decrypted_data) + cipher.final [encrypted_data, salt] end
Private Instance Methods
aes_key()
click to toggle source
# File lib/netsnmp/encryption/aes.rb, line 76 def aes_key @priv_key[0, 16] end
generate_decryption_key(boots, time, salt)
click to toggle source
# File lib/netsnmp/encryption/aes.rb, line 65 def generate_decryption_key(boots, time, salt) [0xff & (boots >> 24), 0xff & (boots >> 16), 0xff & (boots >> 8), 0xff & boots, 0xff & (time >> 24), 0xff & (time >> 16), 0xff & (time >> 8), 0xff & time].pack("c*") + salt end
generate_encryption_key(boots, time)
click to toggle source
8.1.1.1
# File lib/netsnmp/encryption/aes.rb, line 49 def generate_encryption_key(boots, time) salt = [0xff & (@local >> 56), 0xff & (@local >> 48), 0xff & (@local >> 40), 0xff & (@local >> 32), 0xff & (@local >> 24), 0xff & (@local >> 16), 0xff & (@local >> 8), 0xff & @local].pack("c*") @local = @local == 0xffffffffffffffff ? 0 : @local + 1 iv = generate_decryption_key(boots, time, salt) [iv, salt] end