lextudio · kdurkin77 · Nov 15, 2019 · Dec 5, 2019 · Dec 5, 2019 · Dec 5, 2019
diff --git a/SharpSnmpLib/Header.cs b/SharpSnmpLib/Header.cs
@@ -31,7 +31,7 @@ public sealed class Header : ISegment
         private readonly Integer32 _maxSize;
         private readonly OctetString _flags;
         private readonly Integer32 _securityModel;
-        private static readonly Integer32 DefaultSecurityModel = new Integer32(3);
+        private static readonly Integer32 DefaultSecurityModel = new Integer32((int)SecurityModel.Usm);
         private static readonly Integer32 DefaultMaxMessageSize = new Integer32(MaxMessageSize);
         private static readonly Header EmptyHeader = new Header();
         private readonly Sequence _container;
@@ -82,8 +82,9 @@ public Header(ISnmpData data)
         /// <param name="messageId">The message id.</param>
         /// <param name="maxMessageSize">Size of the max message.</param>
         /// <param name="securityLevel">The security level.</param>
+        /// <param name="securityModel">The security model.</param>
         /// <remarks>If you want an empty header, please use <see cref="Empty"/>.</remarks>
-        public Header(Integer32 messageId, Integer32 maxMessageSize, Levels securityLevel)
+        public Header(Integer32 messageId, Integer32 maxMessageSize, Levels securityLevel, Integer32 securityModel)
         {
             if (maxMessageSize == null)
             {
@@ -94,7 +95,19 @@ public Header(Integer32 messageId, Integer32 maxMessageSize, Levels securityLeve
             _maxSize = maxMessageSize;
             SecurityLevel = securityLevel;
             _flags = new OctetString(SecurityLevel);
-            _securityModel = DefaultSecurityModel;
+            _securityModel = securityModel;
+        }
+
+        /// <summary>
+        /// Initializes a new instance of the <see cref="Header"/> class.
+        /// </summary>
+        /// <param name="messageId">The message id.</param>
+        /// <param name="maxMessageSize">Size of the max message.</param>
+        /// <param name="securityLevel">The security level.</param>
+        /// <remarks>If you want an empty header, please use <see cref="Empty"/>.</remarks>
+        public Header(Integer32 messageId, Integer32 maxMessageSize, Levels securityLevel) 
+            : this(messageId, maxMessageSize, securityLevel, DefaultSecurityModel)
+        {
         }
 
         /// <summary>
@@ -119,6 +132,15 @@ public int MessageId
             get { return _messageId.ToInt32(); }
         }
 
+        /// <summary>
+        /// Gets the security model.
+        /// </summary>
+        /// <value>The security model.</value>
+        public SecurityModel SecurityModel
+        {
+            get { return (SecurityModel)_securityModel.ToInt32(); }
+        }
+
         #region ISegment Members
 
         /// <summary>

diff --git a/SharpSnmpLib/Messaging/GetRequestMessage.cs b/SharpSnmpLib/Messaging/GetRequestMessage.cs
@@ -17,10 +17,10 @@
 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
 // DEALINGS IN THE SOFTWARE.
 
+using Lextm.SharpSnmpLib.Security;
 using System;
 using System.Collections.Generic;
 using System.Globalization;
-using Lextm.SharpSnmpLib.Security;
 
 namespace Lextm.SharpSnmpLib.Messaging
 {
@@ -83,6 +83,60 @@ public GetRequestMessage(VersionCode version, int messageId, int requestId, Octe
         {
         }
 
+        /// <summary>
+        /// Initializes a new instance of the <see cref="GetRequestMessage"/> class.
+        /// </summary>
+        /// <param name="version">The version.</param>
+        /// <param name="messageId">The message id.</param>
+        /// <param name="requestId">The request id.</param>
+        /// <param name="userName">Name of the user.</param>
+        /// <param name="contextName">Context name.</param>
+        /// <param name="variables">The variables.</param>
+        /// <param name="privacy">The privacy provider.</param>
+        /// <param name="maxMessageSize">Size of the max message.</param>
+        /// <param name="securityModel">The type of security model</param>
+        public GetRequestMessage(VersionCode version, int messageId, int requestId, OctetString userName, OctetString contextName, IList<Variable> variables, IPrivacyProvider privacy, int maxMessageSize)
+        {
+            if (userName == null)
+            {
+                throw new ArgumentNullException(nameof(userName));
+            }
+
+            if (variables == null)
+            {
+                throw new ArgumentNullException(nameof(variables));
+            }
+
+            if (contextName == null)
+            {
+                throw new ArgumentNullException(nameof(contextName));
+            }
+
+            if (version != VersionCode.V3)
+            {
+                throw new ArgumentException("Only v3 is supported.", nameof(version));
+            }
+
+            if (privacy == null)
+            {
+                throw new ArgumentNullException(nameof(privacy));
+            }
+
+            Version = version;
+            Privacy = privacy;
+            Header = new Header(new Integer32(messageId), new Integer32(maxMessageSize), privacy.ToSecurityLevel() | Levels.Reportable, new Integer32((int)SecurityModel.Tsm));
+            Parameters = new SecurityParameters();
+
+            var pdu = new GetRequestPdu(
+                requestId,
+                variables);
+            var contextEngineId = OctetString.Empty;
+            Scope = new Scope(contextEngineId, contextName, pdu);
+
+            Privacy.ComputeHash(Version, Header, Parameters, Scope);
+            _bytes = this.PackMessage(null).ToBytes();
+        }
+
         /// <summary>
         /// Initializes a new instance of the <see cref="GetRequestMessage"/> class.
         /// </summary>
@@ -95,7 +149,8 @@ public GetRequestMessage(VersionCode version, int messageId, int requestId, Octe
         /// <param name="privacy">The privacy provider.</param>
         /// <param name="maxMessageSize">Size of the max message.</param>
         /// <param name="report">The report.</param>
-        public GetRequestMessage(VersionCode version, int messageId, int requestId, OctetString userName, OctetString contextName, IList<Variable> variables, IPrivacyProvider privacy, int maxMessageSize, ISnmpMessage report)
+        /// <param name="securityModel">The type of security model</param>
+        public GetRequestMessage(VersionCode version, int messageId, int requestId, OctetString userName, OctetString contextName, IList<Variable> variables, IPrivacyProvider privacy, int maxMessageSize, ISnmpMessage report, SecurityModel securityModel)
         {
             if (userName == null)
             {
@@ -129,17 +184,26 @@ public GetRequestMessage(VersionCode version, int messageId, int requestId, Octe
 
             Version = version;
             Privacy = privacy;
+            Header = new Header(new Integer32(messageId), new Integer32(maxMessageSize), privacy.ToSecurityLevel() | Levels.Reportable, new Integer32((int)securityModel));
 
-            Header = new Header(new Integer32(messageId), new Integer32(maxMessageSize), privacy.ToSecurityLevel() | Levels.Reportable);
             var parameters = report.Parameters;
             var authenticationProvider = Privacy.AuthenticationProvider;
-            Parameters = new SecurityParameters(
-                parameters.EngineId,
-                parameters.EngineBoots,
-                parameters.EngineTime,
-                userName,
-                authenticationProvider.CleanDigest,
-                Privacy.Salt);
+
+            if (securityModel == SecurityModel.Tsm)
+            {
+                Parameters = new SecurityParameters();
+            }
+            else
+            {
+                Parameters = new SecurityParameters(
+                    parameters.EngineId,
+                    parameters.EngineBoots,
+                    parameters.EngineTime,
+                    userName,
+                    authenticationProvider.CleanDigest,
+                    Privacy.Salt);
+            }
+
             var pdu = new GetRequestPdu(
                 requestId,
                 variables);
@@ -151,6 +215,22 @@ public GetRequestMessage(VersionCode version, int messageId, int requestId, Octe
             _bytes = this.PackMessage(null).ToBytes();
         }
 
+        /// <summary>
+        /// Initializes a new instance of the <see cref="GetRequestMessage"/> class.
+        /// </summary>
+        /// <param name="version">The version.</param>
+        /// <param name="messageId">The message id.</param>
+        /// <param name="requestId">The request id.</param>
+        /// <param name="userName">Name of the user.</param>
+        /// <param name="contextName">Context name.</param>
+        /// <param name="variables">The variables.</param>
+        /// <param name="privacy">The privacy provider.</param>
+        /// <param name="maxMessageSize">Size of the max message.</param>
+        /// <param name="report">The report.</param>
+        public GetRequestMessage(VersionCode version, int messageId, int requestId, OctetString userName, OctetString contextName, IList<Variable> variables, IPrivacyProvider privacy, int maxMessageSize, ISnmpMessage report)
+            : this(version, messageId, requestId, userName, contextName, variables, privacy, maxMessageSize, report, SecurityModel.Usm)
+        {
+        }
 
         /// <summary>
         /// Initializes a new instance of the <see cref="GetRequestMessage"/> class.

diff --git a/SharpSnmpLib/Messaging/MessageFactory.cs b/SharpSnmpLib/Messaging/MessageFactory.cs
@@ -156,7 +156,15 @@ private static ISnmpMessage ParseMessage(int first, Stream stream, UserRegistry
             {
                 header = new Header(body[1]);
                 parameters = new SecurityParameters((OctetString)body[2]);
-                privacy = registry.Find(parameters.UserName);
+                if (header.SecurityModel == SecurityModel.Tsm)
+                {
+                    privacy = new TsmPrivacyProvider(TsmAuthenticationProvider.Instance);
+                }
+                else
+                {
+                    privacy = registry.Find(parameters.UserName);
+                }
+
                 if (privacy == null)
                 {
                     // handle decryption exception.
@@ -187,7 +195,7 @@ private static ISnmpMessage ParseMessage(int first, Stream stream, UserRegistry
                     throw new SnmpException(string.Format(CultureInfo.InvariantCulture, "invalid v3 packets scoped data: {0}", code));
                 }
 
-                if (!privacy.VerifyHash(version, header, parameters, body[3], body.GetLengthBytes()))
+                if (header.SecurityModel != SecurityModel.Tsm && !privacy.VerifyHash(version, header, parameters, body[3], body.GetLengthBytes()))
                 {
                     parameters.IsInvalid = true;
                 }

diff --git a/SharpSnmpLib/Messaging/SecureDiscovery.cs b/SharpSnmpLib/Messaging/SecureDiscovery.cs
@@ -0,0 +1,133 @@
+// Discovery type.
+// Copyright (C) 2008-2010 Malcolm Crowe, Lex Li, and other contributors.
+// 
+// Permission is hereby granted, free of charge, to any person obtaining a copy of this
+// software and associated documentation files (the "Software"), to deal in the Software
+// without restriction, including without limitation the rights to use, copy, modify, merge,
+// publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons
+// to whom the Software is furnished to do so, subject to the following conditions:
+// 
+// The above copyright notice and this permission notice shall be included in all copies or
+// substantial portions of the Software.
+// 
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED,
+// INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
+// PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE
+// FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
+// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+// DEALINGS IN THE SOFTWARE.
+
+/*
+ * Created by SharpDevelop.
+ * User: lextm
+ * Date: 5/24/2009
+ * Time: 11:56 AM
+ * 
+ * To change this template use Tools | Options | Coding | Edit Standard Headers.
+ */
+
+using System;
+using System.Collections.Generic;
+using System.Globalization;
+using System.Net;
+using Lextm.SharpSnmpLib.Security;
+using System.Threading.Tasks;
+using SharpSnmpLib.DTLS;
+using DTLS;
+
+namespace Lextm.SharpSnmpLib.Messaging
+{
+    /// <summary>
+    /// Discovery class that participates in SNMP v3 discovery process.
+    /// </summary>
+    public sealed class SecureDiscovery
+    {
+        private readonly ISnmpMessage _discovery;
+        private static readonly UserRegistry Empty = new UserRegistry();
+        private static readonly SecurityParameters DefaultSecurityParameters =
+            new SecurityParameters(
+                OctetString.Empty,
+                Integer32.Zero,
+                Integer32.Zero,
+                OctetString.Empty,
+                OctetString.Empty,
+                OctetString.Empty);
+
+        /// <summary>
+        /// Initializes a new instance of the <see cref="Discovery"/> class.
+        /// </summary>
+        /// <param name="requestId">The request id.</param>
+        /// <param name="messageId">The message id.</param>
+        /// <param name="maxMessageSize">The max size of message.</param>
+        public SecureDiscovery(int messageId, int requestId, int maxMessageSize)
+        {
+            _discovery = new GetRequestMessage(
+                VersionCode.V3,
+                new Header(
+                    new Integer32(messageId),
+                    new Integer32(maxMessageSize),
+                    Levels.Reportable),
+                DefaultSecurityParameters,
+                new Scope(
+                    OctetString.Empty,
+                    OctetString.Empty,
+                    new GetRequestPdu(requestId, new List<Variable>())),
+                DefaultPrivacyProvider.DefaultPair,
+                null);
+        }
+
+        /// <summary>
+        /// Gets the response.
+        /// </summary>
+        /// <param name="timeout">The time-out value, in milliseconds. The default value is 0, which indicates an infinite time-out period. Specifying -1 also indicates an infinite time-out period.</param>
+        /// <param name="receiver">The receiver.</param>
+        /// <returns></returns>
+        public ReportMessage GetResponse(int timeout, IPEndPoint receiver, Client client)
+        {
+            if (receiver == null)
+            {
+                throw new ArgumentNullException(nameof(receiver));
+            }
+
+            return (ReportMessage)_discovery.GetSecureResponse(timeout, receiver, client, Empty);
+        }
+
+        /// <summary>
+        /// Gets the response.
+        /// </summary>
+        /// <param name="receiver">The receiver.</param>
+        /// <returns></returns>
+        public async Task<ReportMessage> GetResponseAsync(IPEndPoint receiver)
+        {
+            if (receiver == null)
+            {
+                throw new ArgumentNullException(nameof(receiver));
+            }
+
+            using (var socket = receiver.GetSocket())
+            {
+                return (ReportMessage)await _discovery.GetResponseAsync(receiver, Empty, socket).ConfigureAwait(false);
+            }
+        }
+
+        /// <summary>
+        /// Converts to the bytes.
+        /// </summary>
+        /// <returns></returns>
+        public byte[] ToBytes()
+        {
+            return _discovery.ToBytes();
+        }
+
+        /// <summary>
+        /// Returns a <see cref="System.String"/> that represents this instance.
+        /// </summary>
+        /// <returns>
+        /// A <see cref="System.String"/> that represents this instance.
+        /// </returns>
+        public override string ToString()
+        {
+            return string.Format(CultureInfo.InvariantCulture, "discovery class: message id: {0}; request id: {1}", _discovery.MessageId(), _discovery.RequestId());
+        }
+    }
+}