def hashPassphrase(self, authProtocol, privKey):
if authProtocol == hmacmd5.HmacMd5.serviceID:
return localkey.hashPassphraseMD5(privKey)
elif authProtocol == hmacsha.HmacSha.serviceID:
return localkey.hashPassphraseSHA(privKey)
else:
raise error.ProtocolError('Unknown auth protocol %s' %
(authProtocol, ))
def hashPassphrase(self, authProtocol, privKey):
if authProtocol == hmacmd5.HmacMd5.serviceID:
return localkey.hashPassphraseMD5(privKey)
elif authProtocol == hmacsha.HmacSha.serviceID:
return localkey.hashPassphraseSHA(privKey)
else:
raise error.ProtocolError(
'Unknown auth protocol %s' % (authProtocol,)
)
def localizeKey(self, authProtocol, privKey, snmpEngineID):
if authProtocol == hmacmd5.HmacMd5.serviceID:
localPrivKey = localkey.localizeKeyMD5(privKey, snmpEngineID)
# now extend this key if too short by repeating steps that includes the hashPassphrase step
while len(localPrivKey) < self.keySize:
newKey = localkey.hashPassphraseMD5(localPrivKey)
localPrivKey += localkey.localizeKeyMD5(newKey, snmpEngineID)
elif authProtocol == hmacsha.HmacSha.serviceID:
localPrivKey = localkey.localizeKeySHA(privKey, snmpEngineID)
while len(localPrivKey) < self.keySize:
newKey = localkey.hashPassphraseSHA(localPrivKey)
localPrivKey += localkey.localizeKeySHA(newKey, snmpEngineID)
else:
raise error.ProtocolError('Unknown auth protocol %s' %
(authProtocol, ))
return localPrivKey[:self.keySize]
def addV3User(snmpEngine,
securityName,
authProtocol=usmNoAuthProtocol,
authKey=None,
privProtocol=usmNoPrivProtocol,
privKey=None,
contextEngineId=None):
(snmpEngineID, usmUserEntry, tblIdx1, pysnmpUsmSecretEntry,
tblIdx2) = __cookV3UserInfo(snmpEngine, securityName, contextEngineId)
# Load augmenting table before creating new row in base one
pysnmpUsmKeyEntry, = snmpEngine.msgAndPduDsp.mibInstrumController.mibBuilder.importSymbols(
'PYSNMP-USM-MIB', 'pysnmpUsmKeyEntry')
# Load clone-from (may not be needed)
zeroDotZero, = snmpEngine.msgAndPduDsp.mibInstrumController.mibBuilder.importSymbols(
'SNMPv2-SMI', 'zeroDotZero')
snmpEngine.msgAndPduDsp.mibInstrumController.writeVars(
((usmUserEntry.name + (13, ) + tblIdx1, 'destroy'), ))
snmpEngine.msgAndPduDsp.mibInstrumController.writeVars(
((usmUserEntry.name + (13, ) + tblIdx1,
'createAndGo'), (usmUserEntry.name + (3, ) + tblIdx1, securityName),
(usmUserEntry.name + (4, ) + tblIdx1, zeroDotZero.name),
(usmUserEntry.name + (5, ) + tblIdx1,
authProtocol), (usmUserEntry.name + (8, ) + tblIdx1, privProtocol)))
# Localize keys
if authProtocol == usmHMACMD5AuthProtocol:
hashedAuthPassphrase = localkey.hashPassphraseMD5(authKey and authKey
or '')
localAuthKey = localkey.localizeKeyMD5(hashedAuthPassphrase,
snmpEngineID)
elif authProtocol == usmHMACSHAAuthProtocol:
hashedAuthPassphrase = localkey.hashPassphraseSHA(authKey and authKey
or '')
localAuthKey = localkey.localizeKeySHA(hashedAuthPassphrase,
snmpEngineID)
elif authProtocol == usmNoAuthProtocol:
hashedAuthPassphrase = localAuthKey = None
else:
raise error.PySnmpError('Unknown auth protocol %s' % (authProtocol, ))
if privProtocol == usmDESPrivProtocol or \
privProtocol == usmAesCfb128Protocol:
if authProtocol == usmHMACMD5AuthProtocol:
hashedPrivPassphrase = localkey.hashPassphraseMD5(
privKey and privKey or '')
localPrivKey = localkey.localizeKeyMD5(hashedPrivPassphrase,
snmpEngineID)
elif authProtocol == usmHMACSHAAuthProtocol:
hashedPrivPassphrase = localkey.hashPassphraseSHA(
privKey and privKey or '')
localPrivKey = localkey.localizeKeySHA(hashedPrivPassphrase,
snmpEngineID)
else:
raise error.PySnmpError('Unknown auth protocol %s' %
(authProtocol, ))
elif privProtocol == usmNoPrivProtocol:
hashedPrivPassphrase = localPrivKey = None
else:
raise error.PySnmpError('Unknown priv protocol %s' % (privProtocol, ))
# Commit localized keys
snmpEngine.msgAndPduDsp.mibInstrumController.writeVars(
((pysnmpUsmKeyEntry.name + (1, ) + tblIdx1, localAuthKey),
(pysnmpUsmKeyEntry.name + (2, ) + tblIdx1, localPrivKey),
(pysnmpUsmKeyEntry.name + (3, ) + tblIdx1, hashedAuthPassphrase),
(pysnmpUsmKeyEntry.name + (4, ) + tblIdx1, hashedPrivPassphrase)))
# Commit passphrases
snmpEngine.msgAndPduDsp.mibInstrumController.writeVars(
((pysnmpUsmSecretEntry.name + (4, ) + tblIdx2, 'destroy'), ))
snmpEngine.msgAndPduDsp.mibInstrumController.writeVars((
(pysnmpUsmSecretEntry.name + (4, ) + tblIdx2, 'createAndGo'),
(pysnmpUsmSecretEntry.name + (2, ) + tblIdx2, authKey),
(pysnmpUsmSecretEntry.name + (3, ) + tblIdx2, privKey),
))
def hashPassphrase(self, authKey):
return localkey.hashPassphraseSHA(authKey)
def hashPassphrase(self, authKey):
return localkey.hashPassphraseSHA(authKey)
def addV3User(snmpEngine, securityName,
authProtocol=usmNoAuthProtocol, authKey=None,
privProtocol=usmNoPrivProtocol, privKey=None,
contextEngineId=None):
( snmpEngineID, usmUserEntry, tblIdx1,
pysnmpUsmSecretEntry, tblIdx2 ) = __cookV3UserInfo(
snmpEngine, securityName, contextEngineId
)
# Load augmenting table before creating new row in base one
pysnmpUsmKeyEntry, = snmpEngine.msgAndPduDsp.mibInstrumController.mibBuilder.importSymbols('PYSNMP-USM-MIB', 'pysnmpUsmKeyEntry')
# Load clone-from (may not be needed)
zeroDotZero, = snmpEngine.msgAndPduDsp.mibInstrumController.mibBuilder.importSymbols('SNMPv2-SMI', 'zeroDotZero')
snmpEngine.msgAndPduDsp.mibInstrumController.writeVars(
((usmUserEntry.name + (13,) + tblIdx1, 'destroy'),)
)
snmpEngine.msgAndPduDsp.mibInstrumController.writeVars(
((usmUserEntry.name + (13,) + tblIdx1, 'createAndGo'),
(usmUserEntry.name + (3,) + tblIdx1, securityName),
(usmUserEntry.name + (4,) + tblIdx1, zeroDotZero.name),
(usmUserEntry.name + (5,) + tblIdx1, authProtocol),
(usmUserEntry.name + (8,) + tblIdx1, privProtocol))
)
# Localize keys
if authProtocol == usmHMACMD5AuthProtocol:
hashedAuthPassphrase = localkey.hashPassphraseMD5(
authKey and authKey or ''
)
localAuthKey = localkey.localizeKeyMD5(
hashedAuthPassphrase, snmpEngineID
)
elif authProtocol == usmHMACSHAAuthProtocol:
hashedAuthPassphrase = localkey.hashPassphraseSHA(
authKey and authKey or ''
)
localAuthKey = localkey.localizeKeySHA(
hashedAuthPassphrase, snmpEngineID
)
elif authProtocol == usmNoAuthProtocol:
hashedAuthPassphrase = localAuthKey = None
else:
raise error.PySnmpError('Unknown auth protocol %s' % (authProtocol,))
if privProtocol == usmDESPrivProtocol or \
privProtocol == usmAesCfb128Protocol:
if authProtocol == usmHMACMD5AuthProtocol:
hashedPrivPassphrase = localkey.hashPassphraseMD5(
privKey and privKey or ''
)
localPrivKey = localkey.localizeKeyMD5(
hashedPrivPassphrase, snmpEngineID
)
elif authProtocol == usmHMACSHAAuthProtocol:
hashedPrivPassphrase = localkey.hashPassphraseSHA(
privKey and privKey or ''
)
localPrivKey = localkey.localizeKeySHA(
hashedPrivPassphrase, snmpEngineID
)
else:
raise error.PySnmpError(
'Unknown auth protocol %s' % (authProtocol,)
)
elif privProtocol == usmNoPrivProtocol:
hashedPrivPassphrase = localPrivKey = None
else:
raise error.PySnmpError(
'Unknown priv protocol %s' % (privProtocol,)
)
# Commit localized keys
snmpEngine.msgAndPduDsp.mibInstrumController.writeVars(
((pysnmpUsmKeyEntry.name + (1,) + tblIdx1, localAuthKey),
(pysnmpUsmKeyEntry.name + (2,) + tblIdx1, localPrivKey),
(pysnmpUsmKeyEntry.name + (3,) + tblIdx1, hashedAuthPassphrase),
(pysnmpUsmKeyEntry.name + (4,) + tblIdx1, hashedPrivPassphrase))
)
# Commit passphrases
snmpEngine.msgAndPduDsp.mibInstrumController.writeVars(
((pysnmpUsmSecretEntry.name + (4,) + tblIdx2, 'destroy'),)
)
snmpEngine.msgAndPduDsp.mibInstrumController.writeVars(
((pysnmpUsmSecretEntry.name + (4,) + tblIdx2, 'createAndGo'),
(pysnmpUsmSecretEntry.name + (2,) + tblIdx2, authKey),
(pysnmpUsmSecretEntry.name + (3,) + tblIdx2, privKey),)
)