net-snmp 3.19.2 → 3.20.1

package/README.md

@@ -91,7 +91,7 @@ for each shown in this table:
  * SNMP proxy forwarder for agent
  * AgentX subagent
  * IPv4 and IPv6
- 
+
 # Standards Compliance
 
 This module aims to be fully compliant with the following RFCs:
@@ -258,6 +258,34 @@ Security Model RFC (RFC 3414); 128-bit AES for SNMPv3 was added later in RFC 382
 localization.  Cisco and a number of other vendors commonly use the "Reeder" key
 localization variant.  Other encryption algorithms are not supported.
 
+### Compatibility note on DES and recent Node.js versions
+
+When using SNMPv3 with DES as the privacy protocol (`snmp.PrivProtocols.des`) on Node.js v17 or later, you may encounter the following error:
+
+```
+"error": {
+        "library": "digital envelope routines",
+        "reason": "unsupported",
+        "code": "ERR_OSSL_EVP_UNSUPPORTED",
+        "message": "error:0308010C:digital envelope routines::unsupported",
+        "stack": ["Error: error:0308010C:digital envelope routines::unsupported",
+           "at Cipheriv.createCipherBase (node:internal/crypto/cipher:121:19)",
+        ...
+}
+```
+
+This occurs because newer versions of Node.js have deprecated support for the DES algorithm in OpenSSL for security reasons. 
+
+**Workaround:**
+If you need to communicate with legacy devices that only support DES for SNMPv3, you can run Node.js with the `--openssl-legacy-provider` flag:
+
+```bash
+node --openssl-legacy-provider your-app.js
+```
+
+Whenever possible, it's recommended to use more secure encryption methods like AES (`snmp.PrivProtocols.aes`) instead of DES.
+
+
 ## snmp.AgentXPduType
 
 The Agent Extensibility (AgentX) Protocol specifies these PDUs in RFC 2741:
@@ -3473,6 +3501,14 @@ Example programs are included under the module's `example` directory.
 
  * Fix integer and string constraints check on cast
 
+# Version 3.20.0 - 06/03/2025
+
+ * Fix set value for counter, gauge and unsigned integer types
+
+# Version 3.20.1 - 26/04/2025
+
+ * Update documentation with compatibility note on DES and recent Node.js versions
+
 # License
 
 Copyright (c) 2020 Mark Abrahams <mark@abrahams.co.nz>

package/index.js

@@ -1,20 +1,25 @@
 
 // Copyright 2013 Stephen Vickers <stephen.vickers.sv@gmail.com>
 
-var ber = require ("asn1-ber").Ber;
-var smartbuffer = require ("smart-buffer");
-var dgram = require ("dgram");
-var net = require ("net");
-var events = require ("events");
-var util = require ("util");
-var crypto = require ("crypto");
-var mibparser = require ("./lib/mib");
+const ber = require ("asn1-ber").Ber;
+const smartbuffer = require ("smart-buffer");
+const dgram = require ("dgram");
+const net = require ("net");
+const events = require ("events");
+const util = require ("util");
+const crypto = require ("crypto");
+const mibparser = require ("./lib/mib");
+const Buffer = require('buffer').Buffer;
+
 var DEBUG = false;
 
-var MIN_SIGNED_INT32 = -2147483648;
-var MAX_SIGNED_INT32 = 2147483647;
-var MIN_UNSIGNED_INT32 = 0;
-var MAX_UNSIGNED_INT32 = 4294967295;
+const MIN_SIGNED_INT32 = -2147483648;
+const MAX_SIGNED_INT32 = 2147483647;
+const MIN_UNSIGNED_INT32 = 0;
+const MAX_UNSIGNED_INT32 = 4294967295;
+const MAX_UNSIGNED_INT64 = 18446744073709551615;
+
+const DES_IMPLEMENTATION = 'library';
 
 function debug (line) {
 	if ( DEBUG ) {
@@ -611,7 +616,7 @@ ObjectTypeUtil.castSetValue = function (type, value, constraints) {
 		}
 
 		case ObjectType.OctetString: {
-			if ( ! value instanceof Buffer && typeof value != "string" ) {
+			if ( ! ( value instanceof Buffer || typeof value == "string" ) ) {
 				throw new Error("Invalid OctetString", value);
 			}
 			if ( constraints && ! ObjectTypeUtil.doesStringMeetConstraints (value, constraints) ) {
@@ -635,19 +640,59 @@ ObjectTypeUtil.castSetValue = function (type, value, constraints) {
 		case ObjectType.Counter32:
 		case ObjectType.Gauge:
 		case ObjectType.Gauge32:
-		case ObjectType.Unsigned32:
-		case ObjectType.Counter64: {
+		case ObjectType.Unsigned32: {
 			// Counters should be initialized to 0 (RFC2578, end of section 7.9)
 			// We'll do so.
-			return 0;
+			// return 0;
+			// That ^^^ was fine when castSetValue was used only for DEFVAL
+			// But now it's used in other set value scenarios
+			// So we need to cast the given value to a whole number
+			const parsedValue = parseInt(value, 10);
+			if ( isNaN(parsedValue) ) {
+				throw new Error(`Invalid Integer for ${type}`, value);
+			}
+			if ( parsedValue < 0 ) {
+				throw new Error(`Integer is negative for ${type}`, value);
+			}
+			if ( parsedValue > MAX_UNSIGNED_INT32 ) {
+				throw new Error(`Integer is greater than max unsigned int32 for ${type}`, value);
+			}
+			return parsedValue;
+		}
+
+		case ObjectType.Counter64: {
+			if ( value instanceof Buffer ) {
+				if ( value.length !== 8 ) {
+					throw new Error(`Counter64 buffer is not 8 bytes`, value);
+				}
+				return value;
+			}
+			const parsedValue = parseInt(value, 10);
+			if ( isNaN(parsedValue) ) {
+				throw new Error(`Invalid Integer for Counter64`, value);
+			}
+			if ( parsedValue < 0 ) {
+				throw new Error(`Integer is negative for Counter64`, value);
+			}
+			if ( parsedValue > MAX_UNSIGNED_INT64 ) {
+				throw new Error(`Integer is greater than max unsigned int64 for Counter64`, value);
+			}
+			return parsedValue;
 		}
 
 		case ObjectType.IpAddress: {
-			// A 32-bit internet address represented as OCTET STRING of length 4
-			var bytes = value.split(".");
-			if ( typeof value != "string" || bytes.length != 4 ) {
+			const octets = value.split (".");
+			if ( typeof value != "string" || octets.length != 4 ) {
 				throw new Error("Invalid IpAddress", value);
 			}
+			for ( const octet of octets ) {
+				if ( isNaN (octet) ) {
+					throw new Error("Invalid IpAddress", value);
+				}
+				if ( parseInt (octet) < 0 || parseInt (octet) > 255) {
+					throw new Error("Invalid IpAddress", value);
+				}
+			}
 			return value;
 		}
 
@@ -1337,7 +1382,6 @@ Encryption.encryptPduDes = function (scopedPdu, privProtocol, privPassword, auth
 	var paddedScopedPduLength;
 	var paddedScopedPdu;
 	var encryptedPdu;
-	var cipher;
 
 	encryptionKey = Encryption.generateLocalizedKey (des, authProtocol, privPassword, engine.engineID);
 	privLocalizedKey = Authentication.passwordToKey (authProtocol, privPassword, engine.engineID);
@@ -1355,7 +1399,7 @@ Encryption.encryptPduDes = function (scopedPdu, privProtocol, privPassword, auth
 	for (i = 0; i < iv.length; i++) {
 		iv[i] = preIv[i] ^ salt[i];
 	}
-	
+
 	if (scopedPdu.length % des.BLOCK_LENGTH == 0) {
 		paddedScopedPdu = scopedPdu;
 	} else {
@@ -1363,9 +1407,14 @@ Encryption.encryptPduDes = function (scopedPdu, privProtocol, privPassword, auth
 		paddedScopedPdu = Buffer.alloc (paddedScopedPduLength);
 		scopedPdu.copy (paddedScopedPdu, 0, 0, scopedPdu.length);
 	}
-	cipher = crypto.createCipheriv (des.CRYPTO_ALGORITHM, encryptionKey, iv);
-	encryptedPdu = cipher.update (paddedScopedPdu);
-	encryptedPdu = Buffer.concat ([encryptedPdu, cipher.final()]);
+
+	if (DES_IMPLEMENTATION === 'native') {
+		// TODO: Implement native encryption
+	} else {
+		const cipher = crypto.createCipheriv (des.CRYPTO_ALGORITHM, encryptionKey, iv);
+		encryptedPdu = cipher.update (paddedScopedPdu);
+		encryptedPdu = Buffer.concat ([encryptedPdu, cipher.final()]);
+	}
 	// Encryption.debugEncrypt (encryptionKey, iv, paddedScopedPdu, encryptedPdu);
 
 	return {
@@ -1383,7 +1432,6 @@ Encryption.decryptPduDes = function (encryptedPdu, privProtocol, privParameters,
 	var iv;
 	var i;
 	var decryptedPdu;
-	var decipher;
 
 	privLocalizedKey = Authentication.passwordToKey (authProtocol, privPassword, engine.engineID);
 	decryptionKey = Buffer.alloc (des.KEY_LENGTH);
@@ -1396,11 +1444,15 @@ Encryption.decryptPduDes = function (encryptedPdu, privProtocol, privParameters,
 	for (i = 0; i < iv.length; i++) {
 		iv[i] = preIv[i] ^ salt[i];
 	}
-	
-	decipher = crypto.createDecipheriv (des.CRYPTO_ALGORITHM, decryptionKey, iv);
-	decipher.setAutoPadding(false);
-	decryptedPdu = decipher.update (encryptedPdu);
-	decryptedPdu = Buffer.concat ([decryptedPdu, decipher.final()]);
+
+	if (DES_IMPLEMENTATION === 'native') {
+		// TODO: Implement native decryption
+	} else {
+		const decipher = crypto.createDecipheriv (des.CRYPTO_ALGORITHM, decryptionKey, iv);
+		decipher.setAutoPadding (false);
+		decryptedPdu = decipher.update (encryptedPdu);
+		decryptedPdu = Buffer.concat ([decryptedPdu, decipher.final()]);
+	}
 	// Encryption.debugDecrypt (decryptionKey, iv, encryptedPdu, decryptedPdu);
 
 	return decryptedPdu;
@@ -1980,7 +2032,9 @@ var Session = function (target, authenticator, options) {
 
 	DEBUG = options.debug;
 
-	this.engine = new Engine (options.engineID);
+	this.engine = new Engine ({
+		engineId: options.engineID
+	});
 	this.reqs = {};
 	this.reqCount = 0;
 
@@ -2949,7 +3003,8 @@ Session.createV3 = function (target, user, options) {
 	return new Session (target, user, options);
 };
 
-var Engine = function (engineID, engineBoots, engineTime) {
+var Engine = function (engineOptions) {
+	const { engineID } = engineOptions;
 	if ( engineID ) {
 		if ( ! (engineID instanceof Buffer) ) {
 			engineID = engineID.replace('0x', '');
@@ -3294,7 +3349,9 @@ SimpleAccessControlModel.prototype.isAccessAllowed = function (securityModel, se
 var Receiver = function (options, callback) {
 	DEBUG = options.debug;
 	this.authorizer = new Authorizer (options);
-	this.engine = new Engine (options.engineID);
+	this.engine = new Engine ({
+		engineId: options.engineID
+	});
 
 	this.engineBoots = 0;
 	this.engineTime = 10;
@@ -4809,7 +4866,9 @@ MibRequest.prototype.isTabular = function () {
 var Agent = function (options, callback, mib) {
 	DEBUG = options.debug;
 	this.listener = new Listener (options, this);
-	this.engine = new Engine (options.engineID);
+	this.engine = new Engine ({
+		engineId: options.engineID
+	});
 	this.authorizer = new Authorizer (options);
 	this.callback = callback || function () {};
 	const mibOptions = mib?.options || options?.mibOptions || {};

package/lib/des-ecb.js

@@ -0,0 +1,147 @@
+const { Buffer } = require('buffer');
+
+// --- Lookup tables ---
+const PC1 = [
+    57, 49, 41, 33, 25, 17, 9,
+    1, 58, 50, 42, 34, 26, 18,
+    10, 2, 59, 51, 43, 35, 27,
+    19, 11, 3, 60, 52, 44, 36,
+    63, 55, 47, 39, 31, 23, 15,
+    7, 62, 54, 46, 38, 30, 22,
+    14, 6, 61, 53, 45, 37, 29,
+    21, 13, 5, 28, 20, 12, 4
+];
+const PC2 = [
+    14, 17, 11, 24, 1, 5,
+    3, 28, 15, 6, 21, 10,
+    23, 19, 12, 4, 26, 8,
+    16, 7, 27, 20, 13, 2,
+    41, 52, 31, 37, 47, 55,
+    30, 40, 51, 45, 33, 48,
+    44, 49, 39, 56, 34, 53,
+    46, 42, 50, 36, 29, 32
+];
+const SHIFTS = [
+    1, 1, 2, 2, 2, 2, 2, 2,
+    1, 2, 2, 2, 2, 2, 2, 1
+];
+const IP = [
+    58, 50, 42, 34, 26, 18, 10, 2,
+    60, 52, 44, 36, 28, 20, 12, 4,
+    62, 54, 46, 38, 30, 22, 14, 6,
+    64, 56, 48, 40, 32, 24, 16, 8,
+    57, 49, 41, 33, 25, 17, 9, 1,
+    59, 51, 43, 35, 27, 19, 11, 3,
+    61, 53, 45, 37, 29, 21, 13, 5,
+    63, 55, 47, 39, 31, 23, 15, 7
+];
+const IP_INV = [
+    40, 8, 48, 16, 56, 24, 64, 32,
+    39, 7, 47, 15, 55, 23, 63, 31,
+    38, 6, 46, 14, 54, 22, 62, 30,
+    37, 5, 45, 13, 53, 21, 61, 29,
+    36, 4, 44, 12, 52, 20, 60, 28,
+    35, 3, 43, 11, 51, 19, 59, 27,
+    34, 2, 42, 10, 50, 18, 58, 26,
+    33, 1, 41, 9, 49, 17, 57, 25
+];
+
+// --- Utility functions ---
+function permute(input, table) {
+    const output = new Array(table.length);
+    for (let i = 0; i < table.length; i++) {
+        output[i] = input[table[i] - 1];
+    }
+    return output;
+}
+
+function leftShift(arr, n) {
+    return arr.slice(n).concat(arr.slice(0, n));
+}
+
+function xor(a, b) {
+    return a.map((v, i) => v ^ b[i]);
+}
+
+function toBits(buf) {
+    const bits = [];
+    for (let byte of buf) {
+        for (let i = 7; i >= 0; i--) {
+            bits.push((byte >> i) & 1);
+        }
+    }
+    return bits;
+}
+
+function fromBits(bits) {
+    const buf = Buffer.alloc(bits.length / 8);
+    for (let i = 0; i < bits.length; i += 8) {
+        let byte = 0;
+        for (let j = 0; j < 8; j++) {
+            byte |= bits[i + j] << (7 - j);
+        }
+        buf[i / 8] = byte;
+    }
+    return buf;
+}
+
+// --- Key scheduling ---
+function createSubkeys(keyBits) {
+    let permuted = permute(keyBits, PC1);
+    let C = permuted.slice(0, 28);
+    let D = permuted.slice(28, 56);
+    const subkeys = [];
+
+    for (let shift of SHIFTS) {
+        C = leftShift(C, shift);
+        D = leftShift(D, shift);
+        subkeys.push(permute(C.concat(D), PC2));
+    }
+
+    return subkeys;
+}
+
+// --- Main f-function ---
+function f(R, K) {
+    // Expand, XOR, S-boxes, permute
+    // For simplicity, we'll fake it with XOR only (not real S-boxes)
+    return xor(R, K.slice(0, 32));
+}
+
+// --- Core DES block encrypt ---
+function desBlock(inputBits, subkeys) {
+    let permuted = permute(inputBits, IP);
+    let L = permuted.slice(0, 32);
+    let R = permuted.slice(32, 64);
+
+    for (let i = 0; i < 16; i++) {
+        const temp = R;
+        R = xor(L, f(R, subkeys[i]));
+        L = temp;
+    }
+
+    const preOutput = R.concat(L);
+    return permute(preOutput, IP_INV);
+}
+
+// --- Public API ---
+function encryptBlock(key, block) {
+    const keyBits = toBits(key);
+    const inputBits = toBits(block);
+    const subkeys = createSubkeys(keyBits);
+    const outputBits = desBlock(inputBits, subkeys);
+    return fromBits(outputBits);
+}
+
+function decryptBlock(key, block) {
+    const keyBits = toBits(key);
+    const inputBits = toBits(block);
+    const subkeys = createSubkeys(keyBits).reverse();
+    const outputBits = desBlock(inputBits, subkeys);
+    return fromBits(outputBits);
+}
+
+module.exports = {
+    encryptBlock,
+    decryptBlock,
+};

package/lib/des.js

@@ -0,0 +1,53 @@
+const { Buffer } = require('buffer');
+const des = require('./des-ecb');
+
+// --- CBC Mode wrapper ---
+function encrypt(key, iv, plaintext) {
+    if (plaintext.length % 8 !== 0) {
+        throw new Error('DES plaintext must be multiple of 8 bytes');
+    }
+
+    let prevBlock = Buffer.from(iv);
+    let out = Buffer.alloc(plaintext.length);
+
+    for (let i = 0; i < plaintext.length; i += 8) {
+        const block = Buffer.alloc(8);
+        for (let j = 0; j < 8; j++) {
+            block[j] = plaintext[i + j] ^ prevBlock[j];
+        }
+
+        const encryptedBlock = des.encryptBlock(key, block);
+
+        encryptedBlock.copy(out, i);
+        prevBlock = encryptedBlock;
+    }
+
+    return out;
+}
+
+function decrypt(key, iv, ciphertext) {
+    if (ciphertext.length % 8 !== 0) {
+        throw new Error('DES ciphertext must be multiple of 8 bytes');
+    }
+
+    let prevBlock = Buffer.from(iv);
+    let out = Buffer.alloc(ciphertext.length);
+
+    for (let i = 0; i < ciphertext.length; i += 8) {
+        const block = ciphertext.slice(i, i + 8);
+        const decryptedBlock = des.decryptBlock(key, block);
+
+        for (let j = 0; j < 8; j++) {
+            out[i + j] = decryptedBlock[j] ^ prevBlock[j];
+        }
+
+        prevBlock = block;
+    }
+
+    return out;
+}
+
+module.exports = {
+    encrypt,
+    decrypt,
+};

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "net-snmp",
-  "version": "3.19.2",
+  "version": "3.20.1",
   "description": "JavaScript implementation of the Simple Network Management Protocol (SNMP)",
   "main": "index.js",
   "directories": {

package/test/cast-set-value.test.js

@@ -0,0 +1,200 @@
+const assert = require('assert');
+const snmp = require('..');
+
+describe('Cast Set Value', function() {
+
+    describe('Boolean', function() {
+        it('casts truthy values to true', function() {
+            assert.strictEqual(snmp.ObjectTypeUtil.castSetValue(snmp.ObjectType.Boolean, 1), true);
+            assert.strictEqual(snmp.ObjectTypeUtil.castSetValue(snmp.ObjectType.Boolean, "true"), true);
+            assert.strictEqual(snmp.ObjectTypeUtil.castSetValue(snmp.ObjectType.Boolean, {}), true);
+        });
+
+        it('casts falsy values to false', function() {
+            assert.strictEqual(snmp.ObjectTypeUtil.castSetValue(snmp.ObjectType.Boolean, 0), false);
+            assert.strictEqual(snmp.ObjectTypeUtil.castSetValue(snmp.ObjectType.Boolean, ""), false);
+            assert.strictEqual(snmp.ObjectTypeUtil.castSetValue(snmp.ObjectType.Boolean, null), false);
+        });
+    });
+
+    describe('Integer', function() {
+        it('accepts valid integers', function() {
+            assert.strictEqual(snmp.ObjectTypeUtil.castSetValue(snmp.ObjectType.Integer, 42), 42);
+            assert.strictEqual(snmp.ObjectTypeUtil.castSetValue(snmp.ObjectType.Integer, -42), -42);
+            assert.strictEqual(snmp.ObjectTypeUtil.castSetValue(snmp.ObjectType.Integer, "42"), 42);
+        });
+
+        it('throws on invalid integers', function() {
+            assert.throws(() => {
+                snmp.ObjectTypeUtil.castSetValue(snmp.ObjectType.Integer, "not a number");
+            }, /Invalid Integer/);
+
+            assert.throws(() => {
+                snmp.ObjectTypeUtil.castSetValue(snmp.ObjectType.Integer, {});
+            }, /Invalid Integer/);
+        });
+
+        it('respects enumeration constraints', function() {
+            const constraints = {
+                enumeration: {
+                    1: 'one',
+                    2: 'two'
+                }
+            };
+
+            assert.strictEqual(snmp.ObjectTypeUtil.castSetValue(snmp.ObjectType.Integer, 1, constraints), 1);
+
+            assert.throws(() => {
+                snmp.ObjectTypeUtil.castSetValue(snmp.ObjectType.Integer, 3, constraints);
+            }, /Integer does not meet constraints/);
+        });
+
+        it('respects range constraints', function() {
+            const constraints = {
+                ranges: [
+                    { min: 0, max: 10 }
+                ]
+            };
+
+            assert.strictEqual(snmp.ObjectTypeUtil.castSetValue(snmp.ObjectType.Integer, 5, constraints), 5);
+
+            assert.throws(() => {
+                snmp.ObjectTypeUtil.castSetValue(snmp.ObjectType.Integer, 11, constraints);
+            }, /Integer does not meet constraints/);
+        });
+    });
+
+    describe('OctetString', function() {
+        it('accepts strings', function() {
+            assert.strictEqual(
+                snmp.ObjectTypeUtil.castSetValue(snmp.ObjectType.OctetString, "test string"),
+                "test string"
+            );
+        });
+
+        it('converts buffers to strings', function() {
+            const buf = Buffer.from("test buffer");
+            assert.strictEqual(
+                snmp.ObjectTypeUtil.castSetValue(snmp.ObjectType.OctetString, buf),
+                buf.toString()
+            );
+        });
+
+        it('throws on invalid types', function() {
+            assert.throws(() => {
+                snmp.ObjectTypeUtil.castSetValue(snmp.ObjectType.OctetString, 123);
+            }, /Invalid OctetString/);
+        });
+
+        it('respects size constraints', function() {
+            const constraints = {
+                sizes: [
+                    { min: 2, max: 5 }
+                ]
+            };
+
+            assert.strictEqual(
+                snmp.ObjectTypeUtil.castSetValue(snmp.ObjectType.OctetString, "123", constraints),
+                "123"
+            );
+
+            assert.throws(() => {
+                snmp.ObjectTypeUtil.castSetValue(snmp.ObjectType.OctetString, "too long", constraints);
+            }, /OctetString does not meet constraints/);
+        });
+    });
+
+    describe('OID', function() {
+        it('accepts valid OIDs', function() {
+            assert.strictEqual(
+                snmp.ObjectTypeUtil.castSetValue(snmp.ObjectType.OID, "1.3.6.1.2.1"),
+                "1.3.6.1.2.1"
+            );
+        });
+
+        it('throws on invalid OIDs', function() {
+            assert.throws(() => {
+                snmp.ObjectTypeUtil.castSetValue(snmp.ObjectType.OID, "not.an.oid");
+            }, /Invalid OID/);
+
+            assert.throws(() => {
+                snmp.ObjectTypeUtil.castSetValue(snmp.ObjectType.OID, "1.2.3.");
+            }, /Invalid OID/);
+        });
+    });
+
+    describe('Counter/Gauge/Unsigned32', function() {
+        const types = [
+            snmp.ObjectType.Counter,
+            snmp.ObjectType.Counter32,
+            snmp.ObjectType.Gauge,
+            snmp.ObjectType.Gauge32,
+            snmp.ObjectType.Unsigned32
+        ];
+
+        types.forEach(type => {
+            it(`accepts valid unsigned integers for ${type}`, function() {
+                assert.strictEqual(snmp.ObjectTypeUtil.castSetValue(type, 42), 42);
+                assert.strictEqual(snmp.ObjectTypeUtil.castSetValue(type, "42"), 42);
+            });
+
+            it(`throws on negative numbers for ${type}`, function() {
+                assert.throws(() => {
+                    snmp.ObjectTypeUtil.castSetValue(type, -1);
+                }, /Integer is negative/);
+            });
+
+            it(`throws on values exceeding unsigned 32-bit max for ${type}`, function() {
+                assert.throws(() => {
+                    snmp.ObjectTypeUtil.castSetValue(type, 4294967296); // MAX_UNSIGNED_INT32 + 1
+                }, /Integer is greater than max unsigned int32/);
+            });
+        });
+    });
+
+    describe('Counter64', function() {
+        it('accepts valid unsigned integers', function() {
+            assert.strictEqual(snmp.ObjectTypeUtil.castSetValue(snmp.ObjectType.Counter64, 42), 42);
+            assert.strictEqual(snmp.ObjectTypeUtil.castSetValue(snmp.ObjectType.Counter64, "42"), 42);
+        });
+
+        it('accepts valid 8-byte buffers', function() {
+            const buf = Buffer.alloc(8);
+            assert.strictEqual(
+                snmp.ObjectTypeUtil.castSetValue(snmp.ObjectType.Counter64, buf),
+                buf
+            );
+        });
+
+        it('throws on invalid buffer length', function() {
+            assert.throws(() => {
+                snmp.ObjectTypeUtil.castSetValue(snmp.ObjectType.Counter64, Buffer.alloc(7));
+            }, /Counter64 buffer is not 8 bytes/);
+        });
+
+        it('throws on negative numbers', function() {
+            assert.throws(() => {
+                snmp.ObjectTypeUtil.castSetValue(snmp.ObjectType.Counter64, -1);
+            }, /Integer is negative for Counter64/);
+        });
+    });
+
+    describe('IpAddress', function() {
+        it('accepts valid IP addresses', function() {
+            assert.strictEqual(
+                snmp.ObjectTypeUtil.castSetValue(snmp.ObjectType.IpAddress, "192.168.1.1"),
+                "192.168.1.1"
+            );
+        });
+
+        it('throws on invalid IP addresses', function() {
+            assert.throws(() => {
+                snmp.ObjectTypeUtil.castSetValue(snmp.ObjectType.IpAddress, "not.an.ip.address");
+            }, /Invalid IpAddress/);
+
+            assert.throws(() => {
+                snmp.ObjectTypeUtil.castSetValue(snmp.ObjectType.IpAddress, "192.168.1");
+            }, /Invalid IpAddress/);
+        });
+    });
+});