[lwip-devel] SNMPv3 implementation WIP

[Elias Önal]

Last week I've started implementing SNMPv3, and since it's progressing 
quite well I'd like to know the process of upstreaming all of this. In 
addition I'd like a few pointers regarding the handling of some of the 
requirements for SNMPv3. One of these is the need for a persistent 
bootup counter. I've assumed the user could take care of this in their 
lwipopts.h and thus my implementation contains the following lines:
> #ifndef LWIP_SNMPV3_GET_ENGINE_BOOTS
> #warning RFC3414 complicance requires a persistent boot count
> #define LWIP_SNMPV3_GET_ENGINE_BOOTS() 0
> #endif
Then there is also the need for cryptography, the polarSSL bits in LwIP 
don't cut it for everything that's needed. (like DES-CBC, AES-CFB, HMAC) 
So I came up with the following defines (and more) for my lwipopts.h:
> #define LWIP_DES_CBC_ENCRYPT_HANDLE                     
>  mbedtls_des_context
> #define LWIP_DES_CBC_ENCRYPT_INIT(dh, key)  (mbedtls_des_init(dh), 
> mbedtls_des_setkey_enc(dh, key))
> #define LWIP_DES_CBC_ENCRYPT_UPDATE(dh, len, iv, in, out) 
>  mbedtls_des_crypt_cbc(dh, MBEDTLS_DES_ENCRYPT, len, iv, in, out)
> #define LWIP_DES_CBC_ENCRYPT_FINAL(dh)  mbedtls_des_free(dh)
As a fallback I would just generate a warning and disable the 
cryptographic functionality, since SNMPv3 can still operate without it. 
I have implemented Authentication (MD5/SHA1) as well as Privacy with DES 
so far, and I've planned to do AES next. The new MIB 
(SNMP-USER-BASED-SM-MIB) is still completely missing, but since it's 
pretty isolated I'd like to upstream the other changes upfront.

-Elias