Reeder key localization refactored

author: Ilya Etingof <etingof@gmail.com> 2016-08-21 23:24:58 +0200
committer: Ilya Etingof <etingof@gmail.com> 2016-08-21 23:24:58 +0200
commit: 236178fac0ab7535c1ff619f4cedd5ebb2338b59 (patch)
tree: 36295d79a8e8765437b75be1675f8ce63a46aa08
parent: 6eed8eff24910727316a25b6a180822174d2bcab (diff)
download: pysnmp-git-236178fac0ab7535c1ff619f4cedd5ebb2338b59.tar.gz
9 files changed, 34 insertions, 24 deletions
diff --git a/docs/source/docs/api-reference.rst b/docs/source/docs/api-reference.rst
index 8781df6f..ad6b7f21 100644
--- a/docs/source/docs/api-reference.rst
+++ b/docs/source/docs/api-reference.rst
@@ -222,6 +222,8 @@ via constant OIDs:
 .. autodata:: pysnmp.hlapi.usmAesCfb128Protocol
 .. autodata:: pysnmp.hlapi.usmAesCfb192Protocol
 .. autodata:: pysnmp.hlapi.usmAesCfb256Protocol
+.. autodata:: pysnmp.hlapi.usmAesBlumenthalCfb192Protocol
+.. autodata:: pysnmp.hlapi.usmAesBlumenthalCfb256Protocol
 
 Transport configuration is I/O framework specific and is described in
 respective sections.
diff --git a/pysnmp/entity/config.py b/pysnmp/entity/config.py
index 13e284f1..80de78ed 100644
--- a/pysnmp/entity/config.py
+++ b/pysnmp/entity/config.py
@@ -29,10 +29,10 @@ usmNoAuthProtocol = noauth.NoAuth.serviceID
 usmDESPrivProtocol = des.Des.serviceID
 usm3DESEDEPrivProtocol = des3.Des3.serviceID
 usmAesCfb128Protocol = aes.Aes.serviceID
-usmAesBlumenthalCfb192Protocol = aes192.Aes192.serviceID  # semi-standard but not widely used
-usmAesBlumenthalCfb256Protocol = aes256.Aes256.serviceID  # semi-standard but not widely used
-usmAesCfb192Protocol = aes192.AesReeder192.serviceID  # non-standard but used by many vendors
-usmAesCfb256Protocol = aes256.AesReeder256.serviceID  # non-standard but used by many vendors
+usmAesBlumenthalCfb192Protocol = aes192.AesBlumenthal192.serviceID  # semi-standard but not widely used
+usmAesBlumenthalCfb256Protocol = aes256.AesBlumenthal256.serviceID  # semi-standard but not widely used
+usmAesCfb192Protocol = aes192.Aes192.serviceID  # non-standard but used by many vendors
+usmAesCfb256Protocol = aes256.Aes256.serviceID  # non-standard but used by many vendors
 usmNoPrivProtocol = nopriv.NoPriv.serviceID
 
 # Auth services
@@ -44,10 +44,10 @@ authServices = {hmacmd5.HmacMd5.serviceID: hmacmd5.HmacMd5(),
 privServices = {des.Des.serviceID: des.Des(),
                 des3.Des3.serviceID: des3.Des3(),
                 aes.Aes.serviceID: aes.Aes(),
-                aes192.Aes192.serviceID: aes192.Aes192(),
-                aes256.Aes256.serviceID: aes256.Aes256(),
-                aes192.AesReeder192.serviceID: aes192.AesReeder192(),  # non-standard
-                aes256.AesReeder256.serviceID: aes256.AesReeder256(),  # non-standard
+                aes192.AesBlumenthal192.serviceID: aes192.AesBlumenthal192(),
+                aes256.AesBlumenthal256.serviceID: aes256.AesBlumenthal256(),
+                aes192.Aes192.serviceID: aes192.Aes192(),  # non-standard
+                aes256.Aes256.serviceID: aes256.Aes256(),  # non-standard
                 nopriv.NoPriv.serviceID: nopriv.NoPriv()}
 
 
diff --git a/pysnmp/hlapi/__init__.py b/pysnmp/hlapi/__init__.py
index 4680bd85..3670e87e 100644
--- a/pysnmp/hlapi/__init__.py
+++ b/pysnmp/hlapi/__init__.py
@@ -5,6 +5,7 @@
 # License: http://pysnmp.sf.net/license.html
 #
 from pysnmp.proto.rfc1902 import *
+from pysnmp.proto.rfc1905 import NoSuchInstance, NoSuchObject, EndOfMibView
 from pysnmp.smi.rfc1902 import *
 from pysnmp.hlapi.auth import *
 from pysnmp.hlapi.context import *
diff --git a/pysnmp/hlapi/auth.py b/pysnmp/hlapi/auth.py
index baacb00a..4f5bd77a 100644
--- a/pysnmp/hlapi/auth.py
+++ b/pysnmp/hlapi/auth.py
@@ -11,6 +11,7 @@ from pyasn1.compat.octets import null
 __all__ = ['CommunityData', 'UsmUserData',
            'usm3DESEDEPrivProtocol', 'usmAesCfb128Protocol',
            'usmAesCfb192Protocol', 'usmAesCfb256Protocol',
+           'usmAesBlumenthalCfb192Protocol', 'usmAesBlumenthalCfb256Protocol',
            'usmDESPrivProtocol', 'usmHMACMD5AuthProtocol',
            'usmHMACSHAAuthProtocol', 'usmNoAuthProtocol',
            'usmNoPrivProtocol']
@@ -137,10 +138,14 @@ usmDESPrivProtocol = config.usmDESPrivProtocol
 usm3DESEDEPrivProtocol = config.usm3DESEDEPrivProtocol
 #: The CFB128-AES-128 Symmetric Encryption Protocol (:RFC:`3826#section-3`)
 usmAesCfb128Protocol = config.usmAesCfb128Protocol
-#: The CFB128-AES-192 Symmetric Encryption Protocol (`draft-blumenthal-aes-usm-04 <https://tools.ietf.org/html/draft-blumenthal-aes-usm-04#section-3>`_)
+#: The CFB128-AES-192 Symmetric Encryption Protocol (`draft-blumenthal-aes-usm-04 <https://tools.ietf.org/html/draft-blumenthal-aes-usm-04#section-3>`_) with Reeder key localization
 usmAesCfb192Protocol = config.usmAesCfb192Protocol
-#: The CFB128-AES-256 Symmetric Encryption Protocol (`draft-blumenthal-aes-usm-04 <https://tools.ietf.org/html/draft-blumenthal-aes-usm-04#section-3>`_)
+#: The CFB128-AES-256 Symmetric Encryption Protocol (`draft-blumenthal-aes-usm-04 <https://tools.ietf.org/html/draft-blumenthal-aes-usm-04#section-3>`_) with Reeder key localization
 usmAesCfb256Protocol = config.usmAesCfb256Protocol
+#: The CFB128-AES-192 Symmetric Encryption Protocol (`draft-blumenthal-aes-usm-04 <https://tools.ietf.org/html/draft-blumenthal-aes-usm-04#section-3>`_)
+usmAesBlumenthalCfb192Protocol = config.usmAesBlumenthalCfb192Protocol
+#: The CFB128-AES-256 Symmetric Encryption Protocol (`draft-blumenthal-aes-usm-04 <https://tools.ietf.org/html/draft-blumenthal-aes-usm-04#section-3>`_)
+usmAesBlumenthalCfb256Protocol = config.usmAesBlumenthalCfb256Protocol
 
 
 class UsmUserData(object):
diff --git a/pysnmp/proto/secmod/eso/priv/aes192.py b/pysnmp/proto/secmod/eso/priv/aes192.py
index 7ff2fb25..734b8769 100644
--- a/pysnmp/proto/secmod/eso/priv/aes192.py
+++ b/pysnmp/proto/secmod/eso/priv/aes192.py
@@ -7,7 +7,7 @@
 from pysnmp.proto.secmod.eso.priv import aesbase
 
 
-class Aes192(aesbase.AbstractAes):
+class AesBlumenthal192(aesbase.AbstractAesBlumenthal):
     """AES 192 bit encryption (Internet draft)
 
        Reeder AES encryption:
@@ -18,7 +18,7 @@ class Aes192(aesbase.AbstractAes):
     keySize = 24
 
 
-class AesReeder192(aesbase.AbstractAesReeder):
+class Aes192(aesbase.AbstractAesReeder):
     """AES 192 bit encryption (Internet draft)
 
     Reeder AES encryption with non-standard key localization algorithm
@@ -29,5 +29,5 @@ class AesReeder192(aesbase.AbstractAesReeder):
 
     Known to be used by many vendors including Cisco and others.
     """
-    serviceID = (1, 3, 6, 1, 4, 1, 9, 12, 6, 1, 101)  # cusmAESCfb192PrivProtocol (non-standard)
+    serviceID = (1, 3, 6, 1, 4, 1, 9, 12, 6, 1, 101)  # cusmAESCfb192PrivProtocol (non-standard OID)
     keySize = 24
diff --git a/pysnmp/proto/secmod/eso/priv/aes256.py b/pysnmp/proto/secmod/eso/priv/aes256.py
index 6a3885fa..0240441a 100644
--- a/pysnmp/proto/secmod/eso/priv/aes256.py
+++ b/pysnmp/proto/secmod/eso/priv/aes256.py
@@ -7,7 +7,7 @@
 from pysnmp.proto.secmod.eso.priv import aesbase
 
 
-class Aes256(aesbase.AbstractAes):
+class AesBlumenthal256(aesbase.AbstractAesBlumenthal):
     """AES 256 bit encryption (Internet draft)
 
        http://tools.ietf.org/html/draft-blumenthal-aes-usm-04
@@ -16,7 +16,7 @@ class Aes256(aesbase.AbstractAes):
     keySize = 32
 
 
-class AesReeder256(aesbase.AbstractAesReeder):
+class Aes256(aesbase.AbstractAesReeder):
     """AES 256 bit encryption (Internet draft)
 
     Reeder AES encryption with non-standard key localization algorithm
@@ -27,5 +27,5 @@ class AesReeder256(aesbase.AbstractAesReeder):
 
     Known to be used by many vendors including Cisco and others.
     """
-    serviceID = (1, 3, 6, 1, 4, 1, 9, 12, 6, 1, 102)  # cusmAESCfb256PrivProtocol (non-standard)
+    serviceID = (1, 3, 6, 1, 4, 1, 9, 12, 6, 1, 102)  # cusmAESCfb256PrivProtocol (non-standard OID)
     keySize = 32
diff --git a/pysnmp/proto/secmod/eso/priv/aesbase.py b/pysnmp/proto/secmod/eso/priv/aesbase.py
index fd484265..1693064f 100644
--- a/pysnmp/proto/secmod/eso/priv/aesbase.py
+++ b/pysnmp/proto/secmod/eso/priv/aesbase.py
@@ -20,7 +20,7 @@ except ImportError:
     sha1 = sha.new
 
 
-class AbstractAes(aes.Aes):
+class AbstractAesBlumenthal(aes.Aes):
     serviceID = ()
     keySize = 0
 
@@ -43,10 +43,10 @@ class AbstractAes(aes.Aes):
         return localPrivKey[:self.keySize]
 
 
-class AbstractAesReeder(AbstractAes):
+class AbstractAesReeder(aes.Aes):
     """AES encryption with non-standard key localization.
 
-    Cisco devices do not use:
+    Many vendors (including Cisco) do not use:
 
     https://tools.itef.org/pdf/draft_bluementhal-aes-usm-04.txt
 
@@ -58,6 +58,8 @@ class AbstractAesReeder(AbstractAes):
     The difference between the two is that the Reeder draft does key extension by repeating
     the steps in the password to key algorithm (hash phrase, then localize with SNMPEngine ID).
     """
+    serviceID = ()
+    keySize = 0
 
     # 2.1 of https://tools.itef.org/pdf/draft_bluementhal-aes-usm-04.txt
     def localizeKey(self, authProtocol, privKey, snmpEngineID):
diff --git a/pysnmp/proto/secmod/rfc3414/service.py b/pysnmp/proto/secmod/rfc3414/service.py
index 401558f5..9dab7dac 100644
--- a/pysnmp/proto/secmod/rfc3414/service.py
+++ b/pysnmp/proto/secmod/rfc3414/service.py
@@ -44,10 +44,10 @@ class SnmpUSMSecurityModel(AbstractSecurityModel):
     privServices = {des.Des.serviceID: des.Des(),
                     des3.Des3.serviceID: des3.Des3(),
                     aes.Aes.serviceID: aes.Aes(),
-                    aes192.Aes192.serviceID: aes192.Aes192(),
-                    aes256.Aes256.serviceID: aes256.Aes256(),
-                    aes192.AesReeder192.serviceID: aes192.AesReeder192(),  # non-standard
-                    aes256.AesReeder256.serviceID: aes256.AesReeder256(),  # non-standard
+                    aes192.AesBlumenthal192.serviceID: aes192.AesBlumenthal192(),
+                    aes256.AesBlumenthal256.serviceID: aes256.AesBlumenthal256(),
+                    aes192.Aes192.serviceID: aes192.Aes192(),  # non-standard
+                    aes256.Aes256.serviceID: aes256.Aes256(),  # non-standard
                     nopriv.NoPriv.serviceID: nopriv.NoPriv()}
 
     def __init__(self):
diff --git a/pysnmp/smi/mibs/SNMPv2-SMI.py b/pysnmp/smi/mibs/SNMPv2-SMI.py
index b3ec8889..e9486222 100644
--- a/pysnmp/smi/mibs/SNMPv2-SMI.py
+++ b/pysnmp/smi/mibs/SNMPv2-SMI.py
@@ -577,7 +577,7 @@ class MibScalar(MibTree):
 
     def readGetNext(self, name, val, idx, acInfo, oName=None):
         (acFun, acCtx) = acInfo
-        # have to dublicate AC here as *Next code above treats
+        # have to duplicate AC here as *Next code above treats
         # noAccess as a noSuchObject at the Test stage, goes on
         # to Reading
         if acFun:
author	Ilya Etingof <etingof@gmail.com>	2016-08-21 23:24:58 +0200
committer	Ilya Etingof <etingof@gmail.com>	2016-08-21 23:24:58 +0200
commit	236178fac0ab7535c1ff619f4cedd5ebb2338b59 (patch)
tree	36295d79a8e8765437b75be1675f8ce63a46aa08
parent	6eed8eff24910727316a25b6a180822174d2bcab (diff)
download	pysnmp-git-236178fac0ab7535c1ff619f4cedd5ebb2338b59.tar.gz