puresnmp.plugins.priv module
This module provides a plugin architecture for privacy (enryption) methods.
Each privacy plugin can be distributed as separate package by providing
modules inside the namespace-package “puresnmp_plugins.priv”. Note that in
order to be a valid namespace-package, such a package must not have a
__init__.py
file!
Example folder-structure for a privacy plugin:
my-privacy-plugin/
+- setup.py (or pyproject.toml)
+- puresnmp/
+- priv/
+- mymodule.py
+- myothermodule.py
Note that there is no __init__.py
file!
In order for modules to be detected as plugin, they must follow the following rules:
Have a function
encrypt_data
implementing thepuresnmp_plugins.priv.TPriv.encrypt_data()
protocol.Have a function
decrypt_data
implementing thepuresnmp_plugins.priv.TPriv.decrypt_data()
protocol.Contain a string-variable
IDENTIFIER
. This variable should be user-friends and is used to uniquely identify this privacy module.
- class puresnmp.plugins.priv.EncryptionResult(encrypted_data: bytes, priv_params: bytes)
Bases:
NamedTuple
Wrapper for encrypted data.
- class puresnmp.plugins.priv.TPriv(*args, **kwargs)
Bases:
Protocol
Protocol describing the en-/de-cryption API
- decrypt_data(localised_key: bytes, engine_id: bytes, engine_boots: int, engine_time: int, salt: bytes, data: bytes) bytes
Decrypts a message
- Parameters:
localised_key – The decryption key localised to the given engine-id
engine_id – The remote engine-id
engine_boots – The number of engine-boots
engine_time – Timeliness parameter for encryption
salt – The salt used during encryption
data – The encrypted SNMP message
- Returns:
The unencrypted data.
- encrypt_data(localised_key: bytes, engine_id: bytes, engine_boots: int, engine_time: int, data: bytes) EncryptionResult
Encrypts data from an SNMP PDU following the SNMPv3 spec.
- Parameters:
localised_key – The encryption key localised to the given engine-id
engine_id – The ID of the recipient SNMP-engine
engine_boots – Number of times the recipient engine has been restarted
data – The data that needs to be encrypted
- Returns:
The encrypted data together with the used salt
- puresnmp.plugins.priv.is_valid_priv_mod(mod: ModuleType) bool