puresnmp.plugins.priv module

This module provides a plugin architecture for privacy (enryption) methods.

Each privacy plugin can be distributed as separate package by providing modules inside the namespace-package “puresnmp_plugins.priv”. Note that in order to be a valid namespace-package, such a package must not have a __init__.py file!

Example folder-structure for a privacy plugin:

my-privacy-plugin/
 +- setup.py (or pyproject.toml)
 +- puresnmp/
     +- priv/
         +- mymodule.py
         +- myothermodule.py

Note that there is no __init__.py file!

In order for modules to be detected as plugin, they must follow the following rules:

  • Have a function encrypt_data implementing the puresnmp_plugins.priv.TPriv.encrypt_data() protocol.

  • Have a function decrypt_data implementing the puresnmp_plugins.priv.TPriv.decrypt_data() protocol.

  • Contain a string-variable IDENTIFIER. This variable should be user-friends and is used to uniquely identify this privacy module.

class puresnmp.plugins.priv.EncryptionResult(encrypted_data: bytes, priv_params: bytes)

Bases: NamedTuple

Wrapper for encrypted data.

encrypted_data: bytes

The encrypted content (usually a PDU)

priv_params: bytes

The value that will be inserted into the “privParams” field from the SNMP spec. This should contain any “local” data that is needed to decrypt the data (like a salt for example)

class puresnmp.plugins.priv.TPriv(*args, **kwargs)

Bases: Protocol

Protocol describing the en-/de-cryption API

decrypt_data(localised_key: bytes, engine_id: bytes, engine_boots: int, engine_time: int, salt: bytes, data: bytes) bytes

Decrypts a message

Parameters:

  • localised_key – The decryption key localised to the given engine-id

  • engine_id – The remote engine-id

  • engine_boots – The number of engine-boots

  • engine_time – Timeliness parameter for encryption

  • salt – The salt used during encryption

  • data – The encrypted SNMP message

Returns:

The unencrypted data.

encrypt_data(localised_key: bytes, engine_id: bytes, engine_boots: int, engine_time: int, data: bytes) EncryptionResult

Encrypts data from an SNMP PDU following the SNMPv3 spec.

Parameters:

  • localised_key – The encryption key localised to the given engine-id

  • engine_id – The ID of the recipient SNMP-engine

  • engine_boots – Number of times the recipient engine has been restarted

  • data – The data that needs to be encrypted

Returns:

The encrypted data together with the used salt

puresnmp.plugins.priv.create(identifier: str) TPriv
puresnmp.plugins.priv.is_valid_priv_mod(mod: ModuleType) bool