Home

MIB Smithy

Developer's Guide

  1. Document Conventions
  2. Getting Started
  3. General Provisions

SMI Databases

  1. Basics
  2. Creating Records
  3. Destroying Records
  4. Importing Modules
  5. Database Search
  6. Querying Properties
  7. Setting Properties
  8. Comparing OIDs
  9. Building/Parsing OIDs
  10. Logging
  11. Record Types
  12. Pattern Matching
  13. MIB Validation
  14. Tree Introspection

SNMP Sessions

  1. Basics
  2. Opening Sessions
  3. Closing Sessions
  4. Listing Sessions
  5. Configuring Sessions
  6. Session Aliases
  7. Get Requests
  8. Set Requests
  9. Get-Next Requests
  10. Get-Bulk Requests
  11. Inform Requests
  12. Sending Traps
  13. Walking Subtrees
  14. Receiving Traps
  15. Pending Requests
  16. Waiting for Requests
  17. Cancelling Requests
  18. Variable Bindings
  19. Callback Functions
  20. Formatting Data
  21. Scanning Data
  22. Logging

USM

  1. USM Key Management

Scotty/TNM Porting

  1. Compatibility Package
  2. MIB Commands
  3. SNMP Commands
  1. Up to Table of Contents

USM Key Management

Converting Password to Unlocalized Key

Syntax:

% snmpcmd usm passToKey ?option value ...? password

Where:

snmpcmd
is the name of an SNMP session;
option value
are zero or more option+value pairs that may be specified to override session configuration parameters; and
password
is the password to be converted.

Returns:

  • The unlocalized key generated from the password using the configured or specified authentication protocol.

Options

-authproto protocol
Specifies the authentication protocol (HMAC-MD5-96 or HMAC-SHA-96) to use in generating the key. If unspecified, the configured authentication protocol for the session is used.

Example

% set key [snmplib usm passToKey -authproto HMAC-MD5-96 maplesyrup]
% smilib format "OCTET STRING" $key
9f:af:32:83:88:4e:92:83:4e:bc:98:47:d8:ed:d9:63

Converting Password to Localized Key

Syntax:

% snmpcmd usm passToLocKey ?option value ...? password

Where:

snmpcmd
is the name of an SNMP session;
option value
are zero or more option+value pairs that may be specified to override session configuration parameters; and
password
is the password to be converted.

Returns:

  • The localized key generated from the password using the configured or specified authentication protocol and Engine ID. Note that the key returned is the full-length key appropriate to the authentication protocol, which may be longer than required for the privacy protocol (e.g. 20 octets versus 16 in the case of HMAC-SHA-96 and DES/CBC).

Options

-authproto protocol
Specifies the authentication protocol (HMAC-MD5-96 or HMAC-SHA-96) to use in generating the key. If unspecified, the configured authentication protocol for the session is used.
-engineid string
Specifies the Engine ID to use for localizing the generated key. If unspecified, the known Engine ID for the configured remote engine for the session is used.

Example

% set key [snmplib usm passToLocKey -authproto HMAC-MD5-96 -engineid \
        "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02" \
        maplesyrup]
% smilib format "OCTET STRING" $key
52:6f:5e:ed:9f:cc:e2:6f:89:64:c2:93:07:87:d8:2b

Localizing Keys

Syntax:

% snmpcmd usm localizeKey ?option value ...? key

Where:

snmpcmd
is the name of an SNMP session;
option value
are zero or more option+value pairs that may be specified to override session configuration parameters; and
key
is the key to be localized.

Returns:

  • The localized key generated from the unlocalized key the configured or specified authentication protocol and Engine ID. Note that the key returned is the full-length key appropriate to the authentication protocol, which may be longer than required for the privacy protocol (e.g. 20 octets versus 16 in the case of HMAC-SHA-96 and DES/CBC).

Options

-authproto protocol
Specifies the authentication protocol (HMAC-MD5-96 or HMAC-SHA-96) to use in generating the key. If unspecified, the configured authentication protocol for the session is used.
-engineid string
Specifies the Engine ID to use for localizing the generated key. If unspecified, the known Engine ID for the configured remote engine for the session is used.

Example

% set key [snmplib usm localizeKey -authproto HMAC-MD5-96 -engineid \
    "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02" \
    "\x9f\xaf\x32\x83\x88\x4e\x92\x83\x4e\xbc\x98\x47\xd8\xed\xd9\x63"]
% smilib format "OCTET STRING" $key
52:6f:5e:ed:9f:cc:e2:6f:89:64:c2:93:07:87:d8:2b

Encoding/Decoding Authentication KeyChange Values

Syntax:

% snmpcmd usm authKeyChange ?option value ...? old new

Where:

snmpcmd
is the name of an SNMP session;
option value
are zero or more option+value pairs that may be specified to override session configuration parameters;
old
is the old key; and
new
is the new key (or KeyChange value).

Returns:

  • For encoding, the KeyChange value that can be issued in an SNMP set operation to usmUserAuthKeyChange or usmUserOwnAuthKeyChange to change the key from old to new
  • For decoding, the new key that results from reversing the supplied new KeyChange value using the old key.

Options

-authproto protocol
Specifies the authentication protocol (HMAC-MD5-96 or HMAC-SHA-96) to use in generating the KeyChange value. If unspecified, the configured authentication protocol for the session is used.
-direction dir
May either be encode to specify that the old and new parameters are the old and new keys to generate a KeyChange value; or decode to specify that the old and new parameters are the old key and KeyChange value from which to recover the new key. Default: encode
-salt string
By default, the random component of the KeyChange value is generated by the SDK. This option may be used to specify the random component for purpose of testing or using an alternate source of random data. This option is ignored when decoding.

Example

% set kc [snmplib usm authKeyChange -authproto HMAC-MD5-96 \
    "\x52\x6f\x5e\xed\x9f\xcc\xe2\x6f\x89\x64\xc2\x93\x07\x87\xd8\x2b" \
    "\x87\x02\x1d\x7b\xd9\xd1\x01\xba\x05\xea\x6e\x3b\xf9\xd9\xbd\x4a"]
% smilib format KeyChange $kc
00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:88:05:61:51:41:67:6c:c9:19:
61:74:e7:42:a3:25:51

Encoding/Decoding Privacy KeyChange Values

Syntax:

% snmpcmd usm privKeyChange ?option value ...? password

Where:

snmpcmd
is the name of an SNMP session;
option value
are zero or more option+value pairs that may be specified to override session configuration parameters;
old
is the old key; and
new
is the new key (or KeyChange value).

Returns:

  • For encoding, the KeyChange value that can be issued in an SNMP set operation to usmUserPrivKeyChange or usmUserOwnPrivKeyChange to change the key from old to new
  • For decoding, the new key that results from reversing the supplied new KeyChange value using the old key.

Options

-authproto protocol
Specifies the authentication protocol (HMAC-MD5-96 or HMAC-SHA-96) to use in generating the KeyChange value. If unspecified, the configured authentication protocol for the session is used.
-direction dir
May either be encode to specify that the old and new parameters are the old and new keys to generate a KeyChange value; or decode to specify that the old and new parameters are the old key and KeyChange value from which to recover the new key. Default: encode
-privproto protocol
Specifies the privacy protocol to use in generating the KeyChange value. If unspecified, the configured authentication protocol for the session is used. At present, DES/CBC and AES128/CFB are supported.
-salt string
By default, the random component of the KeyChange value is generated by the SDK. This option may be used to specify the random component for purpose of testing or using an alternate source of random data. This option is ignored when decoding.

Example

% set kc [snmplib usm privKeyChange -authproto HMAC-SHA-96 \
    "\x66\x95\xfe\xbc\x92\x88\xe3\x62\x82\x23\x5f\xc7\x15\x1f\x12\x84\x97\xb3\x8f\x3f" \
    "\x78\xe2\xdc\xce\x79\xd5\x94\x03\xb5\x8c\x1b\xba\xa5\xbf\xf4\x63\x91\xf1\xcd\x25"]
% smilib format KeyChange $kc
00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:7e:f8:d8:a4:c9:cd:b2:6b:47:
59:1c:d8:52:ff:88:b5
  1. Up to Table of Contents
Copyright © 2024 Muonics, Inc. All Rights Reserved. Muonics, MIB Smithy, MIB Views, and their respective logos are trademarks of Muonics, Inc.