<html>

  <head>

    <meta http-equiv="Content-Type" content="text/html; charset=utf-8">

  </head>

  <body text="#000000" bgcolor="#FFFFFF">

    Hello Alex,<br>

    This looks similar to:<br>

<a class="moz-txt-link-freetext" href="http://erlang.org/pipermail/erlang-questions/2016-September/090132.html">http://erlang.org/pipermail/erlang-questions/2016-September/090132.html</a><br>

    <br>

    Basically, there was a bug for AES encryption in snmp library

    (exactly what you are pointing in your mail). You can fix it by

    applying a patch that is attached in the above post.<br>

    <br>

    Best,<br>

    Dominik Pawlak<br>

    <br>

    <div class="moz-cite-prefix">On 31.05.2017 10:10, Alex Anto Navis

      Lawrence wrote:<br>

    </div>

    <blockquote type="cite"

cite="mid:CAMsDG5qEh7Nrpjs2mmvNCFEXTpMnUTLMKuZuZfUU1iZVRO_j+w@mail.gmail.com">

      <div dir="ltr">

        <div class="gmail_quote">

          <div dir="ltr">Hello friends,

            <div><br>

            </div>

            <div>I have been trying to make the SNMP v3 work with AES,

              but couldn't. Please find the code in the below gist.</div>

            <div><br>

            </div>

            <div>Erlang/OTP 19<br clear="all">

              <div>Elixir: 1.4.2</div>

              <div><br>

              </div>

              <div><a

href="https://gist.github.com/alexnavis/8eec113cabc47a43a5a6d1eb870352fb"

                  target="_blank" moz-do-not-send="true">https://gist.github.com/<wbr>alexnavis/<wbr>8eec113cabc47a43a5a6d1eb870352<wbr>fb</a><br>

              </div>

              <div><br>

              </div>

              <div><b>Problem:</b></div>

              <div>SNMP packet is sent out but there is no response from

                the server. Code gist has the working Net-SNMP shell

                utility working command.</div>

              <div>It fails in the receive block timeout since no packet

                is received (I verified with wireshark). The same code

                works if it is the DES algorithm.</div>

              <div><br>

              </div>

              <div><b>Code:</b></div>

              <div>

                <p

style="box-sizing:border-box;margin-top:0px;margin-bottom:16px;color:rgb(36,41,46);font-family:-apple-system,system-ui,"Segoe

                  UI",Helvetica,Arial,sans-serif,"Apple Color

                  Emoji","Segoe UI Emoji","Segoe UI

                  Symbol"">From the erlang code for AES, it uses

                  Local EngineBoots and EngineTime to create the IV.

                  SaltFun() is a incremental value which is sent as part

                  of the authorizationParameters in the UDP headers. I

                  feel using local engineBoots and engineTime might be

                  wrong since the remote agent will not have any idea

                  about our snmp_manager boots and engine time. Any

                  thoughts on this ?</p>

                <pre style="box-sizing:border-box;font-family:SFMono-Regular,Consolas,"Liberation Mono",Menlo,Courier,monospace;font-size:11.9px;margin-top:0px;margin-bottom:16px;font-stretch:normal;line-height:1.45;word-wrap:normal;padding:16px;overflow:auto;background-color:rgb(246,248,250);border-radius:3px;color:rgb(36,41,46)"><code style="box-sizing:border-box;font-family:SFMono-Regular,Consolas,"Liberation Mono",Menlo,Courier,monospace;font-size:11.9px;padding:0px;margin:0px;background:transparent;border-radius:3px;word-break:normal;border:0px;display:inline;overflow:visible;line-height:inherit;word-wrap:normal">snmp_usm.erl.

aes_encrypt(PrivKey, Data, SaltFun, EngineBoots, EngineTime) ->

    AesKey = PrivKey,

    Salt = SaltFun(),

    IV = list_to_binary([?i32(<wbr>EngineBoots), ?i32(EngineTime) | Salt]),

    EncData = crypto:block_encrypt(?BLOCK_<wbr>CIPHER_AES, 

                                   AesKey, IV, Data),

    {ok, binary_to_list(EncData), Salt}.</code></pre>

                <p

style="box-sizing:border-box;margin-top:0px;color:rgb(36,41,46);font-family:-apple-system,system-ui,"Segoe

                  UI",Helvetica,Arial,sans-serif,"Apple Color

                  Emoji","Segoe UI Emoji","Segoe UI

                  Symbol";font-size:14px;margin-bottom:0px">Any

                  pointers will be really helpful. Thanks.</p>

                <span class="HOEnZb"><font color="#888888">

                    <p

style="box-sizing:border-box;margin-top:0px;color:rgb(36,41,46);font-family:-apple-system,system-ui,"Segoe

                      UI",Helvetica,Arial,sans-serif,"Apple

                      Color Emoji","Segoe UI

                      Emoji","Segoe UI

                      Symbol";font-size:14px;margin-bottom:0px"><br>

                    </p>

                  </font></span></div>

            </div>

          </div>

        </div>

        -- <br>

        <div class="gmail_signature" data-smartmail="gmail_signature">

          <div dir="ltr">Thanks,

            <div>Alex Anto Navis. L</div>

          </div>

        </div>

      </div>

      <br>

      <fieldset class="mimeAttachmentHeader"></fieldset>

      <br>

      <pre wrap="">_______________________________________________

erlang-questions mailing list

<a class="moz-txt-link-abbreviated" href="mailto:erlang-questions@erlang.org">erlang-questions@erlang.org</a>

<a class="moz-txt-link-freetext" href="http://erlang.org/mailman/listinfo/erlang-questions">http://erlang.org/mailman/listinfo/erlang-questions</a>

</pre>

    </blockquote>

    <br>

  </body>

</html>