This is a multi-part message in MIME format.

--===============1294586311==
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_0024_01C6E14A.649C4430"

This is a multi-part message in MIME format.

------=_NextPart_000_0024_01C6E14A.649C4430
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: 7bit

Hi,

I try to setup an snmp agent that supports AES192 and AES256



- First, I want to talk about snmpd.

In usr\etc\snmp\snmpd.conf, I create 11 users:



createUser dkduy0

createUser dkduy MD5 123456789

createUser dkduy1 SHA 123456789

createUser dkduy2 MD5 123456789 DES 123456789

createUser dkduy3 MD5 123456789 AES128 123456789

createUser dkduy4 SHA 123456789 DES 123456789

createUser dkduy5 SHA 123456789 AES192 123456789

createUser dkduy6 SHA 123456789 AES256 123456789

createUser dkduy7 SHA 123456789 AES128 123456789

createUser dkduy8 MD5 123456789 AES192 123456789

createUser dkduy9 MD5 123456789 AES256 123456789



snmpd.exe will read usr\etc\snmp\snmpd.conf and creates
\usr\snmp\persist\snmpd.conf with the following lines:



usmUser 1 3 <.> <.> NULL .1.3.6.1.6.3.10.1.1.2
0xf7d8214f6298df87d3b2eedc737c31c1 .1.3.6.1.6.3.10.1.2.1 "" ""

usmUser 1 3 <.> <.> NULL .1.3.6.1.6.3.10.1.1.1 ""
..1.3.6.1.6.3.10.1.2.1 "" ""

usmUser 1 3 <.> <.> NULL .1.3.6.1.6.3.10.1.1.3
0xdb5bcb03fc456a5f5ab6472b0fdb0e405b5f49f2 .1.3.6.1.6.3.10.1.2.1 "" ""

usmUser 1 3 <.> <.> NULL .1.3.6.1.6.3.10.1.1.2
0xf7d8214f6298df87d3b2eedc737c31c1 .1.3.6.1.6.3.10.1.2.2
0xf7d8214f6298df87d3b2eedc737c31c1 ""

usmUser 1 3 <.> <.> NULL .1.3.6.1.6.3.10.1.1.2
0xf7d8214f6298df87d3b2eedc737c31c1 .1.3.6.1.6.3.10.1.2.4
0xf7d8214f6298df87d3b2eedc737c31c1 ""

usmUser 1 3 <.> <.> NULL .1.3.6.1.6.3.10.1.1.3
0xdb5bcb03fc456a5f5ab6472b0fdb0e405b5f49f2 .1.3.6.1.6.3.10.1.2.2
0xdb5bcb03fc456a5f5ab6472b0fdb0e405b5f49f2 ""



usmUser 1 3 <.> <.> NULL
0xdb5bcb03fc456a5f5ab6472b0fdb0e405b5f49f2 .1.3.6.1.4.1.8072.876.876.192
0xdb5bcb03fc456a5f5ab6472b0fdb0e405b5f49f2 ""

usmUser 1 3 <.> <.> NULL
0xdb5bcb03fc456a5f5ab6472b0fdb0e405b5f49f2 .1.3.6.1.4.1.8072.876.876.256
0xdb5bcb03fc456a5f5ab6472b0fdb0e405b5f49f2 ""

usmUser 1 3 <.> <.> NULL
0xdb5bcb03fc456a5f5ab6472b0fdb0e405b5f49f2 .1.3.6.1.6.3.10.1.2.4
0xdb5bcb03fc456a5f5ab6472b0fdb0e405b5f49f2 ""



usmUser 1 3 <.> <.> NULL .1.3.6.1.6.3.10.1.1.2
0xf7d8214f6298df87d3b2eedc737c31c1 .1.3.6.1.4.1.8072.876.876.192
0xf7d8214f6298df87d3b2eedc737c31c1 ""

usmUser 1 3 <.> <.> NULL .1.3.6.1.6.3.10.1.1.2
0xf7d8214f6298df87d3b2eedc737c31c1 .1.3.6.1.4.1.8072.876.876.256
0xf7d8214f6298df87d3b2eedc737c31c1 ""



I want to focus on the color lines, as you can see, with the same password
for authenticate and privacy, it create the same encrypted password, no
matter what the privacy protocol is. These encrypted password depends only
authenticate protocol.



- Next, about snmpget.

Build snmpget from net-snmp-5.1.4, I debug snmpget with the following
parameters:

-v 3 -l authpriv -u dkduy5 -a SHA -A 123456789 -x AES192 -X 123456789
192.168.98.31 sysName.0



I see the following:

\snmplib\snmp_parse_args.c, generate_Ku function, password of authenticate
and privacy protocol will be encrypted by one protocol, that is authenticate
protocol.



securityAuthKey encrypting:

generate_Ku(session->securityAuthProto,

session->securityAuthProtoLen,

(u_char *) Apsz, strlen(Apsz),

session->securityAuthKey,

&session->securityAuthKeyLen) != SNMPERR_SUCCESS);



securityPrivKey encrypting:

generate_Ku(session->securityAuthProto,

session->securityAuthProtoLen,

(u_char *) Xpsz, strlen(Xpsz),

session->securityPrivKey,

&session->securityPrivKeyLen) != SNMPERR_SUCCESS);



So, securityAuthKey and securityPrivKey will be the same, securityAuthKeyLen
and securityPrivKeyLen will be the same.

If we used MD5 protocol, securityAuthKeyLen and securityPrivKeyLen will be
16 bytes length, and 20 bytes length for SHA protocol.



Next, in function create_user_from_session() (snmplib\snmp_api.c),

v3 user will be create with

generate_kul(user->authProtocol, user->authProtocolLen,

session->securityEngineID,

session->securityEngineIDLen,

session->securityAuthKey,

session->securityAuthKeyLen, user->authKey,

&user->authKeyLen) != SNMPERR_SUCCESS)

for securityAuthKey and

generate_kul(user->authProtocol, user->authProtocolLen,

session->securityEngineID,

session->securityEngineIDLen,

session->securityPrivKey,

session->securityPrivKeyLen, user->privKey,

&user->privKeyLen) != SNMPERR_SUCCESS)

for securityPrivKey.

They also use the same protocol for two cases, securityAuthKeyLen and
securityPrivKeyLen will be the same, user->authKey and user->privKey will be
the same.



Next, in \snmplib\scapi.c, sc_encrypt() function,



if (ISTRANSFORM(privtype, DESPriv)) {

properlength = BYTESIZE(SNMP_TRANS_PRIVLEN_1DES);

properlength_iv = BYTESIZE(SNMP_TRANS_PRIVLEN_1DES_IV);

pad_size = properlength;

#ifdef HAVE_AES

} else if (ISTRANSFORM(privtype, AES128Priv)) {

properlength = BYTESIZE(SNMP_TRANS_PRIVLEN_AES128);

properlength_iv = BYTESIZE(SNMP_TRANS_PRIVLEN_AES128_IV);

} else if (ISTRANSFORM(privtype, AES192Priv)) {

properlength = BYTESIZE(SNMP_TRANS_PRIVLEN_AES192);

properlength_iv = BYTESIZE(SNMP_TRANS_PRIVLEN_AES192_IV);

} else if (ISTRANSFORM(privtype, AES256Priv)) {

properlength = BYTESIZE(SNMP_TRANS_PRIVLEN_AES256);

properlength_iv = BYTESIZE(SNMP_TRANS_PRIVLEN_AES256_IV);

#endif



if privtype = AES192, properlength = 24 bytes,
properlength_iv = 24 bytes.



if ((keylen < properlength) || (ivlen < properlength_iv)) {

QUITFUN(SNMPERR_GENERR, sc_encrypt_quit);

}



keylen = thePrivKeyLength = user->privKeyLen

ivlen = BYTESIZE(USM_AES_SALT_LENGTH) = 16 bytes



so, QUITFUN(SNMPERR_GENERR, sc_encrypt_quit) function will be called if we
use AES192 or AES256 privacy prototols.





I don't think net-snmp-5.1.4 supports AES192 and AES256 protocols. Can you
help me ?




------=_NextPart_000_0024_01C6E14A.649C4430
Content-Type: text/html;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

xmlns=3D"urn:schemas-microsoft-comfficeffice" =
xmlns:w=3D"urn:schemas-microsoft-comffice:word" =
xmlns:x=3D"urn:schemas-microsoft-comffice:excel" =
xmlns=3D"http://www.w3.org/TR/REC-html40">


charset=3Dus-ascii">









style=3D'font-size:12.0pt;
font-family:Arial'>Hi,>>



style=3D'font-size:12.0pt;
font-family:Arial'>I try to setup an snmp agent that supports AES192 and =
AES256
>>



style=3D'font-size:12.0pt;
font-family:Arial'>>



style=3D'font-size:12.0pt;
font-family:Arial'>- First, I want to talk about =
snmpd.>>



style=3D'font-size:12.0pt;
font-family:Arial'>In usr\etc\snmp\snmpd.conf, I create 11 =
users:>>



style=3D'font-size:
10.0pt'>>



style=3D'font-size:
10.0pt'>createUser dkduy0>>



style=3D'font-size:
10.0pt'>createUser dkduy MD5 123456789>>



style=3D'font-size:
10.0pt'>createUser dkduy1 SHA 123456789>>



style=3D'font-size:
10.0pt'>createUser dkduy2 MD5 123456789 DES =
123456789>>



style=3D'font-size:
10.0pt'>createUser dkduy3 MD5 123456789 AES128 =
123456789>>



style=3D'font-size:
10.0pt'>createUser dkduy4 SHA 123456789 DES =
123456789>>



New"> style=3D'font-size:10.0pt;color:blue'>createUser dkduy5 SHA 123456789 =
AES192
123456789>>



New"> style=3D'font-size:10.0pt;color:blue'>createUser dkduy6 SHA 123456789 =
AES256
123456789>>



New"> style=3D'font-size:10.0pt;color:blue'>createUser dkduy7 SHA 123456789 =
AES128
123456789>>



style=3D'font-size:
10.0pt'>createUser dkduy8 MD5 123456789 AES192 =
123456789>>



style=3D'font-size:
10.0pt'>createUser dkduy9 MD5 123456789 AES256 =
123456789>>



style=3D'font-size:10.0pt;
font-family:Arial'>>



style=3D'font-size:12.0pt;
font-family:Arial'>snmpd.exe will read
size=3D3> style=3D'font-size:12.0pt'>usr\etc\snmp\snmpd.conf size=3D3
face=3DArial>and =
creates
size=3D3> style=3D'font-size:12.0pt'>\usr\snmp\persist\snmpd.conf t
size=3D3 face=3DArial> style=3D'font-size:12.0pt;font-family:Arial'> with the
following lines:>>



style=3D'font-size:
10.0pt'>>



style=3D'font-size:
10.0pt'>usmUser 1 3 <engine> <…> <…> NULL
..1.3.6.1.6.3.10.1.1.2 0xf7d8214f6298df87d3b2eedc737c31c1 =
..1.3.6.1.6.3.10.1.2.1
"" "">>



style=3D'font-size:
10.0pt'>usmUser 1 3 <engine> <…> <…> NULL
..1.3.6.1.6.3.10.1.1.1 "" .1.3.6.1.6.3.10.1.2.1 "" =
"">>



style=3D'font-size:
10.0pt'>usmUser 1 3 <engine> <…> <…> NULL
..1.3.6.1.6.3.10.1.1.3 0xdb5bcb03fc456a5f5ab6472b0fdb0e405b5f49f2
..1.3.6.1.6.3.10.1.2.1 "" =
"">>



style=3D'font-size:
10.0pt'>usmUser 1 3 <engine> <…> <…> NULL
..1.3.6.1.6.3.10.1.1.2 0xf7d8214f6298df87d3b2eedc737c31c1 =
..1.3.6.1.6.3.10.1.2.2
0xf7d8214f6298df87d3b2eedc737c31c1 =
"">>



style=3D'font-size:
10.0pt'>usmUser 1 3 <engine> <…> <…> NULL
..1.3.6.1.6.3.10.1.1.2 0xf7d8214f6298df87d3b2eedc737c31c1 =
..1.3.6.1.6.3.10.1.2.4
0xf7d8214f6298df87d3b2eedc737c31c1 =
"">>



style=3D'font-size:
10.0pt'>usmUser 1 3 <engine> <…> <…> NULL
..1.3.6.1.6.3.10.1.1.3 0xdb5bcb03fc456a5f5ab6472b0fdb0e405b5f49f2
..1.3.6.1.6.3.10.1.2.2 0xdb5bcb03fc456a5f5ab6472b0fdb0e405b5f49f2 =
"">>



style=3D'font-size:
10.0pt'>>



style=3D'font-size:
10.0pt'>usmUser 1 3 <engine> <…> <…> NULL
<SHAOID> style=3D'color:blue'>0xdb5bcb03fc456a5f5ab6472b0fdb0e405b5f49f2 ont>
..1.3.6.1.4.1.8072.876.876.192 style=3D'color:blue'>0xdb5bcb03fc456a5f5ab6472b0fdb0e405b5f49f2 ont>
"">>



style=3D'font-size:
10.0pt'>usmUser 1 3 <engine> <…> <…> NULL
<SHAOID> style=3D'color:blue'>0xdb5bcb03fc456a5f5ab6472b0fdb0e405b5f49f2 ont>
..1.3.6.1.4.1.8072.876.876.256 style=3D'color:blue'>0xdb5bcb03fc456a5f5ab6472b0fdb0e405b5f49f2 ont>
"">>



style=3D'font-size:
10.0pt'>usmUser 1 3 <engine> <…> <…> NULL
<SHAOID> style=3D'color:blue'>0xdb5bcb03fc456a5f5ab6472b0fdb0e405b5f49f2 ont>
..1.3.6.1.6.3.10.1.2.4 style=3D'color:blue'>0xdb5bcb03fc456a5f5ab6472b0fdb0e405b5f49f2 ont>
"">>



style=3D'font-size:
10.0pt'>>



style=3D'font-size:
10.0pt'>usmUser 1 3 <engine> <…> <…> NULL
..1.3.6.1.6.3.10.1.1.2 0xf7d8214f6298df87d3b2eedc737c31c1
..1.3.6.1.4.1.8072.876.876.192 0xf7d8214f6298df87d3b2eedc737c31c1 =
"">>



style=3D'font-size:
10.0pt'>usmUser 1 3 <engine> <…> <…> NULL
..1.3.6.1.6.3.10.1.1.2 0xf7d8214f6298df87d3b2eedc737c31c1
..1.3.6.1.4.1.8072.876.876.256 0xf7d8214f6298df87d3b2eedc737c31c1 =
"">>



style=3D'font-size:
10.0pt'>>



style=3D'font-size:12.0pt;
font-family:Arial'>I want to focus on the color lines, as you can see, =
with the
same password for authenticate and privacy, it create the same encrypted =
password,
no matter what the privacy protocol is. These encrypted password depends =
only
authenticate protocol.>>



style=3D'font-size:
10.0pt'>>



style=3D'font-size:12.0pt;
font-family:Arial'>- Next, about snmpget.>>



style=3D'font-size:12.0pt;
font-family:Arial'>Build snmpget from net-snmp-5.1.4, I debug snmpget =
with the
following parameters: >>



style=3D'font-size:12.0pt;
font-family:Arial'>      -v 3 -l authpriv -u =
dkduy5 -a
SHA -A 123456789 -x AES192 -X 123456789 192.168.98.31 =
sysName.0>>



style=3D'font-size:12.0pt;
font-family:Arial'>>



style=3D'font-size:12.0pt;
font-family:Arial'>I see the following:>>



face=3D"Courier New"> style=3D'font-size:12.0pt'>\snmplib\snmp_parse_args.c size=3D3
face=3DArial>,  =
size=3D3>generate_Ku
size=3D3
face=3DArial> =
function, password
of authenticate and privacy protocol will be encrypted by one protocol, =
that is
authenticate protocol. >>



style=3D'font-size:
12.0pt'>>



face=3DArial> style=3D'font-size:12.0pt;font-family:Arial'>securityAuthKey =
encrypting:>>



face=3D"Courier New"> style=3D'font-size:10.0pt'>generate_Ku(session->securityAuthProto,=
>
>



style=3D'font-size:
10.0pt'>          &nbsp=
;            =

session->securityAuthProtoLen,>>



style=3D'font-size:
10.0pt'>          &nbsp=
;            =

(u_char *) Apsz, strlen(Apsz),>>



style=3D'font-size:
10.0pt'>          &nbsp=
;            =

session-> style=3D'color:blue;font-style:italic'>securityAuthKey,=
>>



style=3D'font-size:
10.0pt'>          &nbsp=
;            =

&session-> style=3D'color:blue;font-style:italic'>securityAuthKeyLen i>)
!=3D SNMPERR_SUCCESS);>>



style=3D'font-size:
10.0pt'>>



style=3D'font-size:12.0pt;
font-family:Arial'>     securityPrivKey =
encrypting:>>



style=3D'font-size:
10.0pt'>   =
generate_Ku(session->securityAuthProto,>>



style=3D'font-size:
10.0pt'>          &nbsp=
;            =

session->securityAuthProtoLen,>>



style=3D'font-size:
10.0pt'>          &nbsp=
;            =

(u_char *) Xpsz, strlen(Xpsz),>>



style=3D'font-size:
10.0pt'>          &nbsp=
;            =

session-> style=3D'color:blue;font-style:italic'>securityPrivKey,=
>>



style=3D'font-size:
10.0pt'>          &nbsp=
;            =

&session-> style=3D'color:blue;font-style:italic'>securityPrivKeyLen i>)
!=3D SNMPERR_SUCCESS);>>



style=3D'font-size:
10.0pt'>>



style=3D'font-size:12.0pt;
font-family:Arial'>So,
style=3D'color:blue;font-style:italic'>securityAuthKey =
size=3D3 face=3DArial> style=3D'font-size:12.0pt;font-family:Arial'>and
color=3Dblue> style=3D'font-style:italic'>securityPrivKey
style=3D'font-size:12.0pt;
font-family:Arial'>will be the same
color=3Dblue> style=3D'color:blue'>, style=3D'font-style:italic'>securityAuthKeyLen =
size=3D3 face=3DArial> style=3D'font-size:12.0pt;font-family:Arial'>and
color=3Dblue> style=3D'font-style:italic'>securityPrivKeyLen
style=3D'font-size:12.0pt;
font-family:Arial'>will be the same
color=3Dblue> style=3D'color:blue'>.>>



style=3D'font-size:12.0pt;
font-family:Arial'>If we used MD5 protocol
, color=3Dblue> style=3D'color:blue;font-style:italic'>securityAuthKeyLen =
size=3D3 face=3DArial> style=3D'font-size:12.0pt;font-family:Arial'>and color=3Dblue> =
securityPrivKeyLen will
size=3D3 face=3DArial> style=3D'font-size:12.0pt;font-family:Arial'>be 16 bytes
length, and 20 bytes length for SHA =
protocol
.>>



style=3D'font-size:
10.0pt'>>



style=3D'font-size:12.0pt;
font-family:Arial'>Next, in function
=
create_user_from_session()
(snmplib\snmp_api.c),>>



style=3D'font-size:12.0pt;
font-family:Arial'>v3 user will be create with =
>>



face=3D"Courier New"> style=3D'font-size:10.0pt'>generate_kul(user->authProtocol, =
user->authProtocolLen,>>



style=3D'font-size:
10.0pt'>     
           
session->securityEngineID,>>



style=3D'font-size:
10.0pt'>          &nbsp=
;      
session->securityEngineIDLen,>>



style=3D'font-size:
10.0pt'>          &nbsp=
;      
session-> style=3D'color:blue;font-style:italic'>securityAuthKey,=
>>



style=3D'font-size:
10.0pt'>          &nbsp=
;      
session-> style=3D'color:blue;font-style:italic'>securityAuthKeyLen i>,
user-> style=3D'color:blue;font-style:italic'>authKey,> >



style=3D'font-size:
10.0pt'>          &nbsp=
;      
&user-> style=3D'color:blue'>authKeyLen)
!=3D SNMPERR_SUCCESS)>>



style=3D'font-size:12.0pt;
font-family:Arial'>for securityAuthKey and >>



face=3D"Courier New"> style=3D'font-size:10.0pt'>generate_kul(user->authProtocol,
user->authProtocolLen,>>



style=3D'font-size:
10.0pt'>          &nbsp=
;            =
 
session->securityEngineID,>>



style=3D'font-size:
10.0pt'>          &nbsp=
;            =
 
session->securityEngineIDLen,>>



style=3D'font-size:
10.0pt'>          &nbsp=
;            =
 
session-> style=3D'color:blue;font-style:italic'>securityPrivKey,=
>>



style=3D'font-size:
10.0pt'>          &nbsp=
;            =
 
session-> style=3D'color:blue;font-style:italic'>securityPrivKeyLen i>,
user-> style=3D'color:blue;font-style:italic'>privKey,> >



style=3D'font-size:
10.0pt'>          &nbsp=
;       
      &user-> color=3Dblue> style=3D'color:blue'>privKeyLen
) !=3D =
SNMPERR_SUCCESS)>>



style=3D'font-size:12.0pt;
font-family:Arial'>for securityPrivKey.>>



style=3D'font-size:12.0pt;
font-family:Arial'>They also use the same protocol for two =
cases,

style=3D'color:blue;font-style:italic'>securityAuthKeyLen
style=3D'font-size:12.0pt;
font-family:Arial;font-style:italic'>and
color=3Dblue> style=3D'color:blue'> securityPrivKeyLen
size=3D3
face=3DArial> style=3D'font-size:12.0pt;font-family:Arial;font-style:italic'>will
be the same
, =
user-> color=3Dblue>authKey =
size=3D3 face=3DArial> style=3D'font-size:12.0pt;font-family:Arial;font-style:
italic'>and
=
user-> size=3D3 face=3DArial> style=3D'font-size:12.0pt;font-family:Arial;font-style:
italic'>privKey will be the same.
style=3D'color:blue'>>>



New"> style=3D'font-size:10.0pt;color:blue;font-style:italic'>>=



style=3D'font-size:12.0pt;
font-family:Arial'>Next, in
\snmplib\scapi.c, sc_encrypt() =
size=3D3 face=3DArial> style=3D'font-size:12.0pt;font-family:Arial'>function,
>>



style=3D'font-size:
10.0pt'>>



New"> style=3D'font-size:10.0pt;color:blue'>    =
if
( color=3Dpurple> style=3D'colorurple'>ISTRANSFORM(privtype,
DESPriv)) {>>



style=3D'font-size:
10.0pt'>        properlength =3D =
color=3Dpurple>urple'>BYTESIZE
( color=3Dpurple> style=3D'colorurple'>SNMP_TRANS_PRIVLEN_1DES);>>=



style=3D'font-size:
10.0pt'>        properlength_iv =3D =
color=3Dpurple>urple'>BYTESIZE
( color=3Dpurple> style=3D'colorurple'>SNMP_TRANS_PRIVLEN_1DES_IV);> >



style=3D'font-size:
10.0pt'>        pad_size =3D =
properlength;>>



New"> style=3D'font-size:10.0pt;color:blue'>#ifdef color=3Dpurple> style=3D'colorurple'>HAVE_AES>>



style=3D'font-size:
10.0pt'>    } style=3D'color:blue'>else if
( style=3D'colorurple'>ISTRANSFORM(privtype,
AES128Priv)) {>>



style=3D'font-size:
10.0pt'>        properlength =3D =
color=3Dpurple>urple'>BYTESIZE
( color=3Dpurple> style=3D'colorurple'>SNMP_TRANS_PRIVLEN_AES128);> p>



style=3D'font-size:
10.0pt'>        properlength_iv =3D =
color=3Dpurple>urple'>BYTESIZE
( color=3Dpurple> style=3D'colorurple'>SNMP_TRANS_PRIVLEN_AES128_IV);><=
/o>



style=3D'font-size:
10.0pt'>    } style=3D'color:blue'>else if
( style=3D'colorurple'>ISTRANSFORM(privtype,
AES192Priv)) {>>



style=3D'font-size:
10.0pt'>        properlength =3D =
color=3Dpurple>urple'>BYTESIZE
( color=3Dpurple> style=3D'colorurple'>SNMP_TRANS_PRIVLEN_AES192);> p>



style=3D'font-size:
10.0pt'>        properlength_iv =3D =
color=3Dpurple>urple'>BYTESIZE
( color=3Dpurple> style=3D'colorurple'>SNMP_TRANS_PRIVLEN_AES192_IV);><=
/o>



style=3D'font-size:
10.0pt'>    } style=3D'color:blue'>else if
( style=3D'colorurple'>ISTRANSFORM(privtype,
AES256Priv)) {>>



style=3D'font-size:
10.0pt'>        properlength =3D =
color=3Dpurple>urple'>BYTESIZE
( color=3Dpurple> style=3D'colorurple'>SNMP_TRANS_PRIVLEN_AES256);> p>



style=3D'font-size:
10.0pt'>        properlength_iv =3D =
color=3Dpurple>urple'>BYTESIZE
( color=3Dpurple> style=3D'colorurple'>SNMP_TRANS_PRIVLEN_AES256_IV);><=
/o>



New"> style=3D'font-size:10.0pt;color:blue'>#endif>>

=


style=3D'font-size:
10.0pt'>      >>



style=3D'font-size:10.0pt;font-family:"Times New =
Roman"'>          &nbsp=
;    
style=3D'font-size:12.0pt;font-family:
Arial'>if privtype =3D AES192, properlength =3D 24 bytes, =
properlength_iv =3D 24
bytes.>>



style=3D'font-size:
10.0pt'>>



style=3D'font-size:
10.0pt'>    style=3D'color:blue'>if
((keylen < properlength) || (ivlen < properlength_iv)) =
{>>



style=3D'font-size:
10.0pt'>         color=3Dpurple> style=3D'colorurple'>QUITFUN
( style=3D'colorurple'>SNMPERR_GENERR, =
sc_encrypt_quit);>>



style=3D'font-size:
10.0pt'>    }>>



style=3D'font-size:
10.0pt'>>



style=3D'font-size:
10.0pt'>      keylen =3D thePrivKeyLength =3D
user->privKeyLen>>



style=3D'font-size:
10.0pt'>      ivlen =3D color=3Dpurple> style=3D'colorurple'>BYTESIZE
( style=3D'colorurple'>USM_AES_SALT_LENGTH) =3D 16 =
bytes>>



style=3D'font-size:
10.0pt'>>



style=3D'font-size:12.0pt;
font-family:Arial'>so,
style=3D'color:
purple'>QUITFUN
( style=3D'colorurple'>SNMPERR_GENERR,
sc_encrypt_quit style=3D'font-size:12.0pt;
font-family:Arial'>) function will be called if we use AES192 or AES256 =
privacy
prototols.
>>



style=3D'font-size:
10.0pt'>>



style=3D'font-size:
10.0pt'>>



style=3D'font-size:12.0pt;
font-family:Arial'>I don’t think net-snmp-5.1.4 supports AES192 =
and
AES256 protocols. Can you help me ?>>



style=3D'font-size:
10.0pt'>>









------=_NextPart_000_0024_01C6E14A.649C4430--



--===============1294586311==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys -- and earn cash
http://www.techsay.com/default.php?p...rge&CID=DEVDEV
--===============1294586311==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
Net-snmp-coders mailing list
Net-snmp-coders@lists.sourceforge.net
https://lists.sourceforge.net/lists/...et-snmp-coders

--===============1294586311==--