<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
I guess not that many people are using snmp in erlang. I should have
made the PR a long time ago, but I never had the time. If you want,
go ahead and use the patch as base for a PR.<br>
<br>
Best,<br>
Dominik<br>
<br>
<div class="moz-cite-prefix">On 31.05.2017 18:42, Alex Anto Navis
Lawrence wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CAMsDG5pOT5zPiD4qzFuHuGVVxq-KnaSTHim+drCxU9NU8CWT_Q@mail.gmail.com">
<div dir="ltr">Hi Dominik,
<div><br>
</div>
<div>Thanks a lot for the help. I was on the same line of fix
based on <a href="https://www.ietf.org/rfc/rfc3826.txt"
moz-do-not-send="true">RFC-3826</a> (3.1.2.1. AES Encryption
Key and IV) where I got the response and got stuck with
decryption problem.</div>
<div><br>
</div>
<div>Now I saw the patch and applied the remaining changes(<a
href="https://github.com/alexnavis/otp/tree/fix_snmp_v3_aes"
moz-do-not-send="true">git</a>) on decryption got the whole
thing workings. Thanks a lot for your help, you saved a lot
for me. 👍</div>
<div><br>
</div>
<div>Any idea on this why this is not fixed in latest erlang
code. ?. Can i be any help to make this to raise for a PR for
the same. ?</div>
<div><br>
</div>
<div>Thanks,</div>
<div>Alex</div>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On Wed, May 31, 2017 at 7:41 PM,
Dominik Pawlak <span dir="ltr"><<a
href="mailto:dominik_pawlak@yahoo.co.uk" target="_blank"
moz-do-not-send="true">dominik_pawlak@yahoo.co.uk</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div text="#000000" bgcolor="#FFFFFF"> Hello Alex,<br>
This looks similar to:<br>
<a class="m_4988979721684751569moz-txt-link-freetext"
href="http://erlang.org/pipermail/erlang-questions/2016-September/090132.html"
target="_blank" moz-do-not-send="true">http://erlang.org/pipermail/<wbr>erlang-questions/2016-<wbr>September/090132.html</a><br>
<br>
Basically, there was a bug for AES encryption in snmp
library (exactly what you are pointing in your mail). You
can fix it by applying a patch that is attached in the
above post.<br>
<br>
Best,<br>
Dominik Pawlak
<div>
<div class="h5"><br>
<br>
<div class="m_4988979721684751569moz-cite-prefix">On
31.05.2017 10:10, Alex Anto Navis Lawrence wrote:<br>
</div>
</div>
</div>
<blockquote type="cite">
<div>
<div class="h5">
<div dir="ltr">
<div class="gmail_quote">
<div dir="ltr">Hello friends,
<div><br>
</div>
<div>I have been trying to make the SNMP v3
work with AES, but couldn't. Please find the
code in the below gist.</div>
<div><br>
</div>
<div>Erlang/OTP 19<br clear="all">
<div>Elixir: 1.4.2</div>
<div><br>
</div>
<div><a
href="https://gist.github.com/alexnavis/8eec113cabc47a43a5a6d1eb870352fb"
target="_blank" moz-do-not-send="true">https://gist.github.com/alexna<wbr>vis/8eec113cabc47a43a5a6d1eb87<wbr>0352fb</a><br>
</div>
<div><br>
</div>
<div><b>Problem:</b></div>
<div>SNMP packet is sent out but there is no
response from the server. Code gist has
the working Net-SNMP shell utility working
command.</div>
<div>It fails in the receive block timeout
since no packet is received (I verified
with wireshark). The same code works if it
is the DES algorithm.</div>
<div><br>
</div>
<div><b>Code:</b></div>
<div>
<p>From the erlang code for AES, it uses
Local EngineBoots and EngineTime to
create the IV. SaltFun() is a
incremental value which is sent as part
of the authorizationParameters in the
UDP headers. I feel using local
engineBoots and engineTime might be
wrong since the remote agent will not
have any idea about our snmp_manager
boots and engine time. Any thoughts on
this ?</p>
<pre style="box-sizing:border-box;font-family:SFMono-Regular,Consolas,"Liberation Mono",Menlo,Courier,monospace;font-size:11.9px;margin-top:0px;margin-bottom:16px;font-stretch:normal;line-height:1.45;word-wrap:normal;padding:16px;overflow:auto;background-color:rgb(246,248,250);border-radius:3px;color:rgb(36,41,46)"><code style="box-sizing:border-box;font-family:SFMono-Regular,Consolas,"Liberation Mono",Menlo,Courier,monospace;font-size:11.9px;padding:0px;margin:0px;background:transparent;border-radius:3px;word-break:normal;border:0px;display:inline;overflow:visible;line-height:inherit;word-wrap:normal">snmp_usm.erl.
aes_encrypt(PrivKey, Data, SaltFun, EngineBoots, EngineTime) ->
AesKey = PrivKey,
Salt = SaltFun(),
IV = list_to_binary([?i32(EngineBoo<wbr>ts), ?i32(EngineTime) | Salt]),
EncData = crypto:block_encrypt(?BLOCK_CI<wbr>PHER_AES,
AesKey, IV, Data),
{ok, binary_to_list(EncData), Salt}.</code></pre>
<p>Any pointers will be really helpful.
Thanks.</p>
<span class="m_4988979721684751569HOEnZb"><font
color="#888888">
<p><br>
</p>
</font></span></div>
</div>
</div>
</div>
-- <br>
<div class="m_4988979721684751569gmail_signature"
data-smartmail="gmail_signature">
<div dir="ltr">Thanks,
<div>Alex Anto Navis. L</div>
</div>
</div>
</div>
<br>
<fieldset
class="m_4988979721684751569mimeAttachmentHeader"></fieldset>
<br>
</div>
</div>
<pre>______________________________<wbr>_________________
erlang-questions mailing list
<a class="m_4988979721684751569moz-txt-link-abbreviated" href="mailto:erlang-questions@erlang.org" target="_blank" moz-do-not-send="true">erlang-questions@erlang.org</a>
<a class="m_4988979721684751569moz-txt-link-freetext" href="http://erlang.org/mailman/listinfo/erlang-questions" target="_blank" moz-do-not-send="true">http://erlang.org/mailman/<wbr>listinfo/erlang-questions</a>
</pre>
</blockquote>
<br>
</div>
</blockquote>
</div>
<br>
<br clear="all">
<div><br>
</div>
-- <br>
<div class="gmail_signature" data-smartmail="gmail_signature">
<div dir="ltr">Thanks,
<div>Alex Anto Navis. L</div>
</div>
</div>
</div>
</blockquote>
<br>
</body>
</html>