diff options
Diffstat (limited to 'pysnmp/proto/secmod/rfc3414/auth')
-rw-r--r-- | pysnmp/proto/secmod/rfc3414/auth/base.py | 2 | ||||
-rw-r--r-- | pysnmp/proto/secmod/rfc3414/auth/hmacmd5.py | 29 | ||||
-rw-r--r-- | pysnmp/proto/secmod/rfc3414/auth/hmacsha.py | 28 | ||||
-rw-r--r-- | pysnmp/proto/secmod/rfc3414/auth/noauth.py | 2 |
4 files changed, 33 insertions, 28 deletions
diff --git a/pysnmp/proto/secmod/rfc3414/auth/base.py b/pysnmp/proto/secmod/rfc3414/auth/base.py index 3ff8778f..1c019aea 100644 --- a/pysnmp/proto/secmod/rfc3414/auth/base.py +++ b/pysnmp/proto/secmod/rfc3414/auth/base.py @@ -8,7 +8,7 @@ from pysnmp.proto import errind, error class AbstractAuthenticationService(object): - serviceID = None + SERVICE_ID = None def hashPassphrase(self, authKey): raise error.ProtocolError(errind.noAuthentication) diff --git a/pysnmp/proto/secmod/rfc3414/auth/hmacmd5.py b/pysnmp/proto/secmod/rfc3414/auth/hmacmd5.py index 761bf3d9..3ce12da2 100644 --- a/pysnmp/proto/secmod/rfc3414/auth/hmacmd5.py +++ b/pysnmp/proto/secmod/rfc3414/auth/hmacmd5.py @@ -6,25 +6,28 @@ # try: from hashlib import md5 + except ImportError: import md5 md5 = md5.new + from pyasn1.type import univ from pysnmp.proto.secmod.rfc3414.auth import base from pysnmp.proto.secmod.rfc3414 import localkey from pysnmp.proto import errind, error -_twelveZeros = univ.OctetString((0,) * 12).asOctets() -_fortyEightZeros = (0,) * 48 +TWELVE_ZEROS = univ.OctetString((0,) * 12).asOctets() +FORTY_EIGHT_ZEROS = (0,) * 48 # rfc3414: 6.2.4 class HmacMd5(base.AbstractAuthenticationService): - serviceID = (1, 3, 6, 1, 6, 3, 10, 1, 1, 2) # usmHMACMD5AuthProtocol - __ipad = [0x36] * 64 - __opad = [0x5C] * 64 + SERVICE_ID = (1, 3, 6, 1, 6, 3, 10, 1, 1, 2) # usmHMACMD5AuthProtocol + + IPAD = [0x36] * 64 + OPAD = [0x5C] * 64 def hashPassphrase(self, authKey): return localkey.hashPassphraseMD5(authKey) @@ -42,7 +45,7 @@ class HmacMd5(base.AbstractAuthenticationService): # should be in the substrate. Also, it pre-sets digest placeholder # so we hash wholeMsg out of the box. # Yes, that's ugly but that's rfc... - l = wholeMsg.find(_twelveZeros) + l = wholeMsg.find(TWELVE_ZEROS) if l == -1: raise error.ProtocolError('Cant locate digest placeholder') wholeHead = wholeMsg[:l] @@ -51,20 +54,20 @@ class HmacMd5(base.AbstractAuthenticationService): # 6.3.1.1 # 6.3.1.2a - extendedAuthKey = authKey.asNumbers() + _fortyEightZeros + extendedAuthKey = authKey.asNumbers() + FORTY_EIGHT_ZEROS # 6.3.1.2b --> no-op # 6.3.1.2c k1 = univ.OctetString( - map(lambda x, y: x ^ y, extendedAuthKey, self.__ipad) + map(lambda x, y: x ^ y, extendedAuthKey, self.IPAD) ) # 6.3.1.2d --> no-op # 6.3.1.2e k2 = univ.OctetString( - map(lambda x, y: x ^ y, extendedAuthKey, self.__opad) + map(lambda x, y: x ^ y, extendedAuthKey, self.OPAD) ) # 6.3.1.3 @@ -93,23 +96,23 @@ class HmacMd5(base.AbstractAuthenticationService): raise error.ProtocolError('Cant locate digest in wholeMsg') wholeHead = wholeMsg[:l] wholeTail = wholeMsg[l + 12:] - authenticatedWholeMsg = wholeHead + _twelveZeros + wholeTail + authenticatedWholeMsg = wholeHead + TWELVE_ZEROS + wholeTail # 6.3.2.4a - extendedAuthKey = authKey.asNumbers() + _fortyEightZeros + extendedAuthKey = authKey.asNumbers() + FORTY_EIGHT_ZEROS # 6.3.2.4b --> no-op # 6.3.2.4c k1 = univ.OctetString( - map(lambda x, y: x ^ y, extendedAuthKey, self.__ipad) + map(lambda x, y: x ^ y, extendedAuthKey, self.IPAD) ) # 6.3.2.4d --> no-op # 6.3.2.4e k2 = univ.OctetString( - map(lambda x, y: x ^ y, extendedAuthKey, self.__opad) + map(lambda x, y: x ^ y, extendedAuthKey, self.OPAD) ) # 6.3.2.5a diff --git a/pysnmp/proto/secmod/rfc3414/auth/hmacsha.py b/pysnmp/proto/secmod/rfc3414/auth/hmacsha.py index 3efe9c49..8776f6fb 100644 --- a/pysnmp/proto/secmod/rfc3414/auth/hmacsha.py +++ b/pysnmp/proto/secmod/rfc3414/auth/hmacsha.py @@ -10,21 +10,23 @@ except ImportError: import sha sha1 = sha.new + from pyasn1.type import univ from pysnmp.proto.secmod.rfc3414.auth import base from pysnmp.proto.secmod.rfc3414 import localkey from pysnmp.proto import errind, error -_twelveZeros = univ.OctetString((0,) * 12).asOctets() -_fortyFourZeros = (0,) * 44 +TWELVE_ZEROS = univ.OctetString((0,) * 12).asOctets() +FORTY_FOUR_ZEROS = (0,) * 44 # 7.2.4 class HmacSha(base.AbstractAuthenticationService): - serviceID = (1, 3, 6, 1, 6, 3, 10, 1, 1, 3) # usmHMACSHAAuthProtocol - __ipad = [0x36] * 64 - __opad = [0x5C] * 64 + SERVICE_ID = (1, 3, 6, 1, 6, 3, 10, 1, 1, 3) # usmHMACSHAAuthProtocol + + IPAD = [0x36] * 64 + OPAD = [0x5C] * 64 def hashPassphrase(self, authKey): return localkey.hashPassphraseSHA(authKey) @@ -43,27 +45,27 @@ class HmacSha(base.AbstractAuthenticationService): # should be in the substrate. Also, it pre-sets digest placeholder # so we hash wholeMsg out of the box. # Yes, that's ugly but that's rfc... - l = wholeMsg.find(_twelveZeros) + l = wholeMsg.find(TWELVE_ZEROS) if l == -1: raise error.ProtocolError('Cant locate digest placeholder') wholeHead = wholeMsg[:l] wholeTail = wholeMsg[l + 12:] # 7.3.1.2a - extendedAuthKey = authKey.asNumbers() + _fortyFourZeros + extendedAuthKey = authKey.asNumbers() + FORTY_FOUR_ZEROS # 7.3.1.2b -- no-op # 7.3.1.2c k1 = univ.OctetString( - map(lambda x, y: x ^ y, extendedAuthKey, self.__ipad) + map(lambda x, y: x ^ y, extendedAuthKey, self.IPAD) ) # 7.3.1.2d -- no-op # 7.3.1.2e k2 = univ.OctetString( - map(lambda x, y: x ^ y, extendedAuthKey, self.__opad) + map(lambda x, y: x ^ y, extendedAuthKey, self.OPAD) ) # 7.3.1.3 @@ -90,23 +92,23 @@ class HmacSha(base.AbstractAuthenticationService): raise error.ProtocolError('Cant locate digest in wholeMsg') wholeHead = wholeMsg[:l] wholeTail = wholeMsg[l + 12:] - authenticatedWholeMsg = wholeHead + _twelveZeros + wholeTail + authenticatedWholeMsg = wholeHead + TWELVE_ZEROS + wholeTail # 7.3.2.4a - extendedAuthKey = authKey.asNumbers() + _fortyFourZeros + extendedAuthKey = authKey.asNumbers() + FORTY_FOUR_ZEROS # 7.3.2.4b --> no-op # 7.3.2.4c k1 = univ.OctetString( - map(lambda x, y: x ^ y, extendedAuthKey, self.__ipad) + map(lambda x, y: x ^ y, extendedAuthKey, self.IPAD) ) # 7.3.2.4d --> no-op # 7.3.2.4e k2 = univ.OctetString( - map(lambda x, y: x ^ y, extendedAuthKey, self.__opad) + map(lambda x, y: x ^ y, extendedAuthKey, self.OPAD) ) # 7.3.2.5a diff --git a/pysnmp/proto/secmod/rfc3414/auth/noauth.py b/pysnmp/proto/secmod/rfc3414/auth/noauth.py index d1dea4f5..d97d4888 100644 --- a/pysnmp/proto/secmod/rfc3414/auth/noauth.py +++ b/pysnmp/proto/secmod/rfc3414/auth/noauth.py @@ -9,7 +9,7 @@ from pysnmp.proto import errind, error class NoAuth(base.AbstractAuthenticationService): - serviceID = (1, 3, 6, 1, 6, 3, 10, 1, 1, 1) # usmNoAuthProtocol + SERVICE_ID = (1, 3, 6, 1, 6, 3, 10, 1, 1, 1) # usmNoAuthProtocol def hashPassphrase(self, authKey): return |