1 files changed, 11 insertions, 11 deletions

diff --git a/pysnmp/proto/secmod/eso/priv/des3.py b/pysnmp/proto/secmod/eso/priv/des3.py
index 07e48151..16d770e9 100644
--- a/pysnmp/proto/secmod/eso/priv/des3.py
+++ b/pysnmp/proto/secmod/eso/priv/des3.py
@@ -8,6 +8,7 @@ import random
 from pysnmp.proto.secmod.rfc3414.priv import base
 from pysnmp.proto.secmod.rfc3414.auth import hmacmd5, hmacsha
 from pysnmp.proto.secmod.rfc3414 import localkey
+from pysnmp.proto.secmod.rfc7860.auth import hmacsha2
 from pysnmp.proto import errind, error
 from pyasn1.type import univ
 from pyasn1.compat.octets import null
@@ -43,31 +44,30 @@ class Des3(base.AbstractEncryptionService):
 
     def hashPassphrase(self, authProtocol, privKey):
         if authProtocol == hmacmd5.HmacMd5.serviceID:
-            return localkey.hashPassphraseMD5(privKey)
+            hashAlgo = md5
         elif authProtocol == hmacsha.HmacSha.serviceID:
-            return localkey.hashPassphraseSHA(privKey)
+            hashAlgo = sha1
+        elif authProtocol in hmacsha2.HmacSha2.hashAlgo:
+            hashAlgo = hmacsha2.HmacSha2.hashAlgo[authProtocol]
         else:
             raise error.ProtocolError(
                 'Unknown auth protocol %s' % (authProtocol,)
             )
+        return localkey.hashPassphrase(privKey, hashAlgo)
 
     # 2.1
     def localizeKey(self, authProtocol, privKey, snmpEngineID):
         if authProtocol == hmacmd5.HmacMd5.serviceID:
-            localPrivKey = localkey.localizeKeyMD5(privKey, snmpEngineID)
-            # now extend this key if too short by repeating steps that includes the hashPassphrase step
-            while len(localPrivKey) < self.keySize:
-                newKey = localkey.hashPassphraseMD5(localPrivKey)
-                localPrivKey += localkey.localizeKeyMD5(newKey, snmpEngineID)
+            hashAlgo = md5
         elif authProtocol == hmacsha.HmacSha.serviceID:
-            localPrivKey = localkey.localizeKeySHA(privKey, snmpEngineID)
-            while len(localPrivKey) < self.keySize:
-                newKey = localkey.hashPassphraseSHA(localPrivKey)
-                localPrivKey += localkey.localizeKeySHA(newKey, snmpEngineID)
+            hashAlgo = sha1
+        elif authProtocol in hmacsha2.HmacSha2.hashAlgo:
+            hashAlgo = hmacsha2.HmacSha2.hashAlgo[authProtocol]
         else:
             raise error.ProtocolError(
                 'Unknown auth protocol %s' % (authProtocol,)
             )
+        localPrivKey = localkey.localizeKey(privKey, snmpEngineID, hashAlgo)
         return localPrivKey[:self.keySize]
 
     # 5.1.1.1