SNMP sha/aes decryption

Magnus Fröberg mfroberg@REDACTED
Fri Nov 25 15:18:44 CET 2005


Hi

found an issue while doing snmpwalk with SNMP version 3, SHA as 
authproto and
AES as privproto.
The SNMP agent didn't manage to decrypt the get request.
Fix for R10B-8:

Index: snmpa_usm.erl
===================================================================
RCS file: /home/share/erlang/cvsroot/otp/lib/snmp/src/agent/snmpa_usm.erl,v
retrieving revision 1.3
diff -u -r1.3 snmpa_usm.erl
--- snmpa_usm.erl       12 Nov 2005 22:50:05 -0000      1.3
+++ snmpa_usm.erl       25 Nov 2005 13:54:40 -0000
@@ -268,19 +268,19 @@
            Data
     end.

-do_decrypt(Data, UsmUser,
-          #usmSecurityParameters{msgPrivacyParameters = PrivParms}) ->
-           EncryptedPDU = snmp_pdus:dec_scoped_pdu_data(Data),
-           SecName      = element(?usmUserSecurityName, UsmUser),
-           PrivP        = element(?usmUserPrivProtocol, UsmUser),
-           PrivKey      = element(?usmUserPrivKey,      UsmUser),
-    try_decrypt(PrivP, PrivKey, PrivParms, EncryptedPDU, SecName).
+do_decrypt(Data, UsmUser, UsmSecParams) ->
+    EncryptedPDU = snmp_pdus:dec_scoped_pdu_data(Data),
+    SecName      = element(?usmUserSecurityName, UsmUser),
+    PrivP        = element(?usmUserPrivProtocol, UsmUser),
+    PrivKey      = element(?usmUserPrivKey,      UsmUser),
+    try_decrypt(PrivP, PrivKey, UsmSecParams, EncryptedPDU, SecName).

 try_decrypt(?usmNoPrivProtocol, _, _, _, SecName) -> % 3.2.5
     error(usmStatsUnsupportedSecLevels,
          ?usmStatsUnsupportedSecLevels_instance, SecName); % OTP-5464
 try_decrypt(?usmDESPrivProtocol,
-           PrivKey, MsgPrivParams, EncryptedPDU, SecName) ->
+           PrivKey, UsmSecParams, EncryptedPDU, SecName) ->
+    #usmSecurityParameters{msgPrivacyParameters = MsgPrivParams} = 
UsmSecParams,
     case (catch des_decrypt(PrivKey, MsgPrivParams, EncryptedPDU)) of
        {ok, DecryptedData} ->
            DecryptedData;

/Magnus




More information about the erlang-questions mailing list