diff options
Diffstat (limited to 'pysnmp/proto/secmod/eso/priv/des3.py')
-rw-r--r-- | pysnmp/proto/secmod/eso/priv/des3.py | 43 |
1 files changed, 23 insertions, 20 deletions
diff --git a/pysnmp/proto/secmod/eso/priv/des3.py b/pysnmp/proto/secmod/eso/priv/des3.py index fa6e20b9..bb3f8516 100644 --- a/pysnmp/proto/secmod/eso/priv/des3.py +++ b/pysnmp/proto/secmod/eso/priv/des3.py @@ -5,8 +5,10 @@ # License: http://snmplabs.com/pysnmp/license.html # import random + try: from hashlib import md5, sha1 + except ImportError: import md5 import sha @@ -39,17 +41,18 @@ class Des3(base.AbstractEncryptionService): https://tools.ietf.org/html/draft-reeder-snmpv3-usm-3desede-00 """ - serviceID = (1, 3, 6, 1, 6, 3, 10, 1, 2, 3) # usm3DESEDEPrivProtocol - keySize = 32 - _localInt = random.randrange(0, 0xffffffff) + SERVICE_ID = (1, 3, 6, 1, 6, 3, 10, 1, 2, 3) # usm3DESEDEPrivProtocol + KEY_SIZE = 32 + + local_int = random.randrange(0, 0xffffffff) def hashPassphrase(self, authProtocol, privKey): - if authProtocol == hmacmd5.HmacMd5.serviceID: + if authProtocol == hmacmd5.HmacMd5.SERVICE_ID: hashAlgo = md5 - elif authProtocol == hmacsha.HmacSha.serviceID: + elif authProtocol == hmacsha.HmacSha.SERVICE_ID: hashAlgo = sha1 - elif authProtocol in hmacsha2.HmacSha2.hashAlgorithms: - hashAlgo = hmacsha2.HmacSha2.hashAlgorithms[authProtocol] + elif authProtocol in hmacsha2.HmacSha2.HASH_ALGORITHM: + hashAlgo = hmacsha2.HmacSha2.HASH_ALGORITHM[authProtocol] else: raise error.ProtocolError( 'Unknown auth protocol %s' % (authProtocol,) @@ -58,12 +61,12 @@ class Des3(base.AbstractEncryptionService): # 2.1 def localizeKey(self, authProtocol, privKey, snmpEngineID): - if authProtocol == hmacmd5.HmacMd5.serviceID: + if authProtocol == hmacmd5.HmacMd5.SERVICE_ID: hashAlgo = md5 - elif authProtocol == hmacsha.HmacSha.serviceID: + elif authProtocol == hmacsha.HmacSha.SERVICE_ID: hashAlgo = sha1 - elif authProtocol in hmacsha2.HmacSha2.hashAlgorithms: - hashAlgo = hmacsha2.HmacSha2.hashAlgorithms[authProtocol] + elif authProtocol in hmacsha2.HmacSha2.HASH_ALGORITHM: + hashAlgo = hmacsha2.HmacSha2.HASH_ALGORITHM[authProtocol] else: raise error.ProtocolError( 'Unknown auth protocol %s' % (authProtocol,) @@ -71,12 +74,12 @@ class Des3(base.AbstractEncryptionService): localPrivKey = localkey.localizeKey(privKey, snmpEngineID, hashAlgo) # now extend this key if too short by repeating steps that includes the hashPassphrase step - while len(localPrivKey) < self.keySize: + while len(localPrivKey) < self.KEY_SIZE: # this is the difference between reeder and bluementhal newKey = localkey.hashPassphrase(localPrivKey, hashAlgo) localPrivKey += localkey.localizeKey(newKey, snmpEngineID, hashAlgo) - return localPrivKey[:self.keySize] + return localPrivKey[:self.KEY_SIZE] # 5.1.1.1 def __getEncryptionKey(self, privKey, snmpEngineBoots): @@ -91,15 +94,15 @@ class Des3(base.AbstractEncryptionService): securityEngineBoots >> 16 & 0xff, securityEngineBoots >> 8 & 0xff, securityEngineBoots & 0xff, - self._localInt >> 24 & 0xff, - self._localInt >> 16 & 0xff, - self._localInt >> 8 & 0xff, - self._localInt & 0xff + self.local_int >> 24 & 0xff, + self.local_int >> 16 & 0xff, + self.local_int >> 8 & 0xff, + self.local_int & 0xff ] - if self._localInt == 0xffffffff: - self._localInt = 0 + if self.local_int == 0xffffffff: + self.local_int = 0 else: - self._localInt += 1 + self.local_int += 1 # salt not yet hashed XXX |