diff options
-rw-r--r-- | CHANGES.txt | 2 | ||||
-rw-r--r-- | THANKS.txt | 1 | ||||
-rw-r--r-- | pysnmp/proto/secmod/eso/priv/des3.py | 7 |
3 files changed, 5 insertions, 5 deletions
diff --git a/CHANGES.txt b/CHANGES.txt index 3c2c975c..7f6977e9 100644 --- a/CHANGES.txt +++ b/CHANGES.txt @@ -14,7 +14,7 @@ Github `repo <https://github.com/etingof/pysnmp>`_ - Fix to SNMP engine boots counter persistence on Python 3. - Fix to Pythonized MIBs loading when only .pyc files are present (e.g. py2exe/cx_freeze environments). -- Fix to key localization for 3DES-based encryption. +- Fix broken 3DES key localization and encryption procedures. - Updated IP address for demo.snmplabs.com in examples. Revision 4.3.2, released 2016-02-12 @@ -27,5 +27,6 @@ Matt Hooks Zachary Lorusso Floris Bruynooghe Laurelin of Middle Earth +Robert Reese Thanks to Python Software Foundation for granting financial support for the project. diff --git a/pysnmp/proto/secmod/eso/priv/des3.py b/pysnmp/proto/secmod/eso/priv/des3.py index b4d2af2a..3339f22a 100644 --- a/pysnmp/proto/secmod/eso/priv/des3.py +++ b/pysnmp/proto/secmod/eso/priv/des3.py @@ -35,7 +35,7 @@ random.seed() class Des3(base.AbstractEncryptionService): """Reeder 3DES-EDE for USM (Internet draft). - http://www.snmp.com/eso/draft-reeder-snmpv3-usm-3desede-00.txt + https://tools.ietf.org/html/draft-reeder-snmpv3-usm-3desede-00 """ serviceID = (1, 3, 6, 1, 6, 3, 10, 1, 2, 3) # usm3DESEDEPrivProtocol keySize = 32 @@ -51,11 +51,11 @@ class Des3(base.AbstractEncryptionService): 'Unknown auth protocol %s' % (authProtocol,) ) - #key localization as per https://tools.ietf.org/html/draft-reeder-snmpv3-usm-3desede-00 + # 2.1 def localizeKey(self, authProtocol, privKey, snmpEngineID): if authProtocol == hmacmd5.HmacMd5.serviceID: localPrivKey = localkey.localizeKeyMD5(privKey, snmpEngineID) - #now extend this key if too short by repeating steps that includes the hashPassphrase step + # now extend this key if too short by repeating steps that includes the hashPassphrase step while len(localPrivKey) < self.keySize: newKey = localkey.hashPassphraseMD5(localPrivKey) localPrivKey += localkey.localizeKeyMD5(newKey, snmpEngineID) @@ -148,7 +148,6 @@ class Des3(base.AbstractEncryptionService): des3Obj = DES3.new(des3Key, DES3.MODE_CBC, iv) - plaintext = null ciphertext = encryptedData.asOctets() plaintext = des3Obj.decrypt(ciphertext) |