Class: NETSNMP::Encryption::AES

Inherits:

Object

• Object
• NETSNMP::Encryption::AES

Defined in:

lib/netsnmp/encryption/aes.rb

Instance Method Summary

• #decrypt(encrypted_data, salt:, engine_boots:, engine_time:) ⇒ Object
• #encrypt(decrypted_data, engine_boots:, engine_time:) ⇒ Object
• #initialize(priv_key, local: 0) ⇒ AES constructor

  A new instance of AES.

Constructor Details

#initialize(priv_key, local: 0) ⇒ AES

Returns a new instance of AES.

# File 'lib/netsnmp/encryption/aes.rb', line 6

def initialize(priv_key, local: 0)
  @priv_key = priv_key
  @local = local
end

Instance Method Details

#decrypt(encrypted_data, salt:, engine_boots:, engine_time:) ⇒ Object

Raises:

• (Error)

# File 'lib/netsnmp/encryption/aes.rb', line 29

def decrypt(encrypted_data, salt:, engine_boots:, engine_time:)
  raise Error, "invalid priv salt received" unless !salt.empty? && (salt.length % 8).zero?

  cipher = OpenSSL::Cipher::AES128.new(:CFB)
  cipher.padding = 0

  iv = generate_decryption_key(engine_boots, engine_time, salt)

  cipher.decrypt
  cipher.key = aes_key
  cipher.iv = iv
  decrypted_data = cipher.update(encrypted_data) + cipher.final

  hlen, bodylen = OpenSSL::ASN1.traverse(decrypted_data) { |_, _, x, y, *| break x, y }
  decrypted_data.byteslice(0, hlen + bodylen)
end

#encrypt(decrypted_data, engine_boots:, engine_time:) ⇒ Object

# File 'lib/netsnmp/encryption/aes.rb', line 11

def encrypt(decrypted_data, engine_boots:, engine_time:)
  cipher = OpenSSL::Cipher::AES128.new(:CFB)

  iv, salt = generate_encryption_key(engine_boots, engine_time)

  cipher.encrypt
  cipher.iv = iv
  cipher.key = aes_key

  if (diff = decrypted_data.length % 8) != 0
    decrypted_data << ("\x00" * (8 - diff))
  end

  encrypted_data = cipher.update(decrypted_data) + cipher.final

  [encrypted_data, salt]
end