DeterministicESPAsyncWebServer v6.27.1
Zero-allocation, bounded-execution async HTTP server for ESP32
Loading...
Searching...
No Matches
snmp_crypto.h File Reference

USM cryptographic primitives for SNMPv3 (DETWS_ENABLE_SNMP_V3). More...

#include "ServerConfig.h"
#include <stddef.h>
#include <stdint.h>

Go to the source code of this file.

Detailed Description

USM cryptographic primitives for SNMPv3 (DETWS_ENABLE_SNMP_V3).

Provides exactly what the User-based Security Model needs and nothing more:

  • Key localization (RFC 3414 §2.6, SHA-256 variant per RFC 7860): turn a human password into the engine-localized authentication/privacy key.
  • AES-128 in CFB-128 mode (RFC 3826): the v3 privacy transform. A compact portable software AES is used on both host and ESP32 - SNMP payloads are a few hundred bytes, so this is not a throughput path; it is therefore identical and unit-testable off-target. (Like the SSH software crypto, it is not constant-time; for SNMP this is acceptable - see SECURITY.md.)

SHA-256 and HMAC-SHA-256 are reused from the existing SSH crypto layer.

Definition in file snmp_crypto.h.