OTP-8563: Decode/Encode of Counter64 error

OTP-8574: Option to allow invalid row OIDs
OTP-8594: Make snmp forward compatible with new crypto
OTP-8595: snmpc fails to compile BITS with "holes"

2 files changed, 41 insertions, 20 deletions

diff --git a/lib/snmp/src/misc/snmp_pdus.erl b/lib/snmp/src/misc/snmp_pdus.erl
index 6c80fc3876..dc8900c8cd 100644
--- a/lib/snmp/src/misc/snmp_pdus.erl
+++ b/lib/snmp/src/misc/snmp_pdus.erl
@@ -1,19 +1,19 @@
 %% 
 %% %CopyrightBegin%
-%% 
-%% Copyright Ericsson AB 1996-2009. All Rights Reserved.
-%% 
+%%
+%% Copyright Ericsson AB 1996-2010. All Rights Reserved.
+%%
 %% The contents of this file are subject to the Erlang Public License,
 %% Version 1.1, (the "License"); you may not use this file except in
 %% compliance with the License. You should have received a copy of the
 %% Erlang Public License along with this software. If not, it can be
 %% retrieved online at http://www.erlang.org/.
-%% 
+%%
 %% Software distributed under the License is distributed on an "AS IS"
 %% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
 %% the License for the specific language governing rights and limitations
 %% under the License.
-%% 
+%%
 %% %CopyrightEnd%
 %% 
 
@@ -38,7 +38,10 @@
 	 dec_usm_security_parameters/1,
 	 strip_encrypted_scoped_pdu_data/1,
 	 octet_str_to_bits/1, bits_to_str/1,
-	 get_encoded_length/1]).
+	 get_encoded_length/1,
+	 enc_value/2, dec_value/1]).
+
+%% -compile(export_all).
 
 %% Returns the number of octets required to encode Length.
 get_encoded_length(Length) ->
@@ -290,12 +293,18 @@ dec_value([68 | Bytes]) ->
     {Value, Rest} = dec_oct_str_notag(Bytes),
     {{'Opaque', Value}, Rest};
 dec_value([70 | Bytes]) ->
+    %% Counter64 is an unsigned 64 but is actually encoded as 
+    %% a signed integer 64.
     {Value, Rest} = dec_integer_notag(Bytes),
-    if Value >= 0, Value =< 18446744073709551615 ->
-	    {{'Counter64', Value}, Rest};
-       true ->
-	    exit({error, {bad_counter64, Value}})
-    end;
+    Value2 = 
+	if
+	    (Value >= 0) andalso (Value < 16#8000000000000000) ->
+		Value;
+	    (Value < 0) ->
+		18446744073709551615 + Value + 1;
+	    true ->
+		exit({error, {bad_counter64, Value}})	end,
+    {{'Counter64', Value2}, Rest};
 dec_value([128,0|T]) ->
     {{'NULL', noSuchObject}, T};
 dec_value([129,0|T]) ->
@@ -633,6 +642,21 @@ enc_value(_Type, endOfMibView) ->
     [130,0];
 enc_value('NULL', _Val) ->
     [5,0];
+enc_value('Counter64', Val) ->
+    Val2 = 
+	if
+	    Val > 16#ffffffffffffffff ->
+		exit({error, {bad_counter64, Val}});
+	    Val >= 16#8000000000000000 ->
+		(Val band 16#7fffffffffffffff) - 16#8000000000000000;
+	    Val >= 0 ->
+		Val;
+	    true ->
+		exit({error, {bad_counter64, Val}}) 
+	end,
+    Bytes2 = enc_integer_notag(Val2),
+    Len2 = elength(length(Bytes2)),
+    lists:append([70 | Len2],Bytes2);
 enc_value(Type, Val) ->
     Bytes2 = enc_integer_notag(Val),
     Len2 = elength(length(Bytes2)),
@@ -643,10 +667,7 @@ enc_val_tag('Counter32',Val) when (Val >= 0) andalso (Val =< 4294967295) ->
 enc_val_tag('Unsigned32', Val) when (Val >= 0) andalso (Val =< 4294967295) ->
     66;
 enc_val_tag('TimeTicks', Val) when (Val >= 0) andalso (Val =< 4294967295) ->
-    67;
-enc_val_tag('Counter64', Val) when ((Val >= 0) andalso 
-				    (Val =< 18446744073709551615)) ->
-    70.
+    67.
 
 
 %%----------------------------------------------------------------------
diff --git a/lib/snmp/src/misc/snmp_usm.erl b/lib/snmp/src/misc/snmp_usm.erl
index 19be564a8e..3508f9e1c2 100644
--- a/lib/snmp/src/misc/snmp_usm.erl
+++ b/lib/snmp/src/misc/snmp_usm.erl
@@ -198,7 +198,7 @@ des_encrypt(PrivKey, Data, SaltFun) ->
     [A,B,C,D,E,F,G,H | PreIV] = PrivKey,
     DesKey = [A,B,C,D,E,F,G,H],
     Salt = SaltFun(),
-    IV = snmp_misc:str_xor(PreIV, Salt),
+    IV = list_to_binary(snmp_misc:str_xor(PreIV, Salt)),
     TailLen = (8 - (length(Data) rem 8)) rem 8,
     Tail = mk_tail(TailLen),
     EncData = crypto:des_cbc_encrypt(DesKey, IV, [Data,Tail]),
@@ -213,13 +213,13 @@ des_decrypt(PrivKey, MsgPrivParams, EncData)
     [A,B,C,D,E,F,G,H | PreIV] = PrivKey,
     DesKey = [A,B,C,D,E,F,G,H],
     Salt = MsgPrivParams,
-    IV = snmp_misc:str_xor(PreIV, Salt),
+    IV = list_to_binary(snmp_misc:str_xor(PreIV, Salt)),
     %% Whatabout errors here???  E.g. not a mulitple of 8!
     Data = binary_to_list(crypto:des_cbc_decrypt(DesKey, IV, EncData)),
     Data2 = snmp_pdus:strip_encrypted_scoped_pdu_data(Data),
     {ok, Data2};
 des_decrypt(PrivKey, BadMsgPrivParams, EncData) ->
-    ?vtrace("des_decrypt -> entry with when bad MsgPrivParams"
+    ?vtrace("des_decrypt -> entry when bad MsgPrivParams"
 	    "~n   PrivKey:          ~p"
 	    "~n   BadMsgPrivParams: ~p"
 	    "~n   EncData:          ~p", 
@@ -232,7 +232,7 @@ aes_encrypt(PrivKey, Data, SaltFun) ->
     Salt = SaltFun(),
     EngineBoots = snmp_framework_mib:get_engine_boots(),
     EngineTime = snmp_framework_mib:get_engine_time(),
-    IV = [?i32(EngineBoots), ?i32(EngineTime) | Salt],
+    IV = list_to_binary([?i32(EngineBoots), ?i32(EngineTime) | Salt]),
     EncData = crypto:aes_cfb_128_encrypt(AesKey, IV, Data),
     {ok, binary_to_list(EncData), Salt}.
 
@@ -240,7 +240,7 @@ aes_decrypt(PrivKey, MsgPrivParams, EncData, EngineBoots, EngineTime)
   when length(MsgPrivParams) =:= 8 ->
     AesKey = PrivKey,
     Salt = MsgPrivParams,
-    IV = [?i32(EngineBoots), ?i32(EngineTime) | Salt],
+    IV = list_to_binary([?i32(EngineBoots), ?i32(EngineTime) | Salt]),
     %% Whatabout errors here???  E.g. not a mulitple of 8!
     Data = binary_to_list(crypto:aes_cfb_128_decrypt(AesKey, IV, EncData)),
     Data2 = snmp_pdus:strip_encrypted_scoped_pdu_data(Data),