Thanks for the explanation...it makes sense to me now that
I understand (a modicum) of the request flow...

--daulat

p.s.The question was raised because of the following code
in keytools.c: when I ran in debugger mode, I saw that my
request was returned with an error here...but the secapi.c
code has a different logic path... my problem was that I
didn't know how the encryption processing/flow worked
and allowed myself to be confused...
----------
/*
* Setup for the transform type.
*/
#ifdef USE_OPENSSL

#ifndef DISABLE_MD5
if (ISTRANSFORM(hashtype, HMACMD5Auth))
EVP_DigestInit(ctx, EVP_md5());
else
#endif
if (ISTRANSFORM(hashtype, HMACSHA1Auth))
EVP_DigestInit(ctx, EVP_sha1());
else {
free(ctx);
return (SNMPERR_GENERR);
}
#else
MDbegin(&MD);
#endif /* USE_OPENSSL */


-----Original Message-----
From: net-snmp-coders-admin@lists.sourceforge.net
[mailto:net-snmp-coders-admin@lists.sourceforge.net] On Behalf Of Wes
Hardaker
Sent: Friday, April 21, 2006 1:33 PM
To: daulat@esita.com
Cc: net-snmp-coders@lists.sourceforge.net
Subject: Re: are there any plans to sync API capabilities with command line
capabilities?

>>>>> On Thu, 20 Apr 2006 23:35:09 -0700, "M.Daulat Rai"

said:

M> I finally figured out why my call to generate_ku for authPriv is
M> failing:

Um... I'm confused by the question.

generate_ku takes a hashing algorithm as an argument and uses *that* to
generate a key which can then be used for either the authentication key or
the encryption key (or both). You can't generate keys using an encryption
algorithm....

Example: lets say you have a user "fred" with SHA1 and AES protocols defined
for that user. The authentication key is calculated using
SHA1 of a pass-phrase, and the AES key is calculated using SHA1 of a
potentially different pass-phrase. They key is then used by AES to actually
do the encryption.
--
Wes Hardaker
Sparta, Inc.


-------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job
easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=...057&dat=121642
_______________________________________________
Net-snmp-coders mailing list
Net-snmp-coders@lists.sourceforge.net
https://lists.sourceforge.net/lists/...et-snmp-coders




-------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=...057&dat=121642
_______________________________________________
Net-snmp-coders mailing list
Net-snmp-coders@lists.sourceforge.net
https://lists.sourceforge.net/lists/...et-snmp-coders