From d9c7dfb1e7a8ad4a44b571e3d4b8d87ff3898678 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sat, 11 Jul 2020 17:55:21 +0200 Subject: snmp: T2687: precalculate snmpv3 encrypted keys As of now when adding new credentials for any SNMPv3 user we submit the credential either plaintext or encrypted. A plaintext credential will be hashed by SNMPd in the background and then passed back into the CLI so it's not stored in cleartext. This feels like the wrong way in changing the CLI content with data produced by a 3rd party daemon which implements the service. It feels like the tail wiggles the entire dog. This should be changed in the following way: - After retrieving the plaintext password from CLI, use Python to hash the key in advance - Re-populate the encrypted key into the CLI and drop the plaintext one - Generate service configuration and continue startup of SNMPd This also fixes a race condition when SNMPd started up but not properly provided the hasehd keys in the configuration resulting in a ConfigurationError. Now as we also support binding SNMPd to a VRF this fixes a deadlock situation on bootup as we can only bind late to the VRF and require up to 5 restarts of the service - but the service will never start. --- python/vyos/snmpv3_hashgen.py | 51 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 51 insertions(+) create mode 100644 python/vyos/snmpv3_hashgen.py (limited to 'python') diff --git a/python/vyos/snmpv3_hashgen.py b/python/vyos/snmpv3_hashgen.py new file mode 100644 index 000000000..38eca5314 --- /dev/null +++ b/python/vyos/snmpv3_hashgen.py @@ -0,0 +1,51 @@ +# Imported from https://github.com/TheMysteriousX/SNMPv3-Hash-Generator + +import hashlib +import string +import secrets + +from itertools import repeat + +P_LEN = 32 +E_LEN = 16 + +class Hashgen(object): + @staticmethod + def md5(bytes): + return hashlib.md5(bytes).digest().hex() + + @staticmethod + def sha1(bytes): + return hashlib.sha1(bytes).digest().hex() + + @staticmethod + def expand(s, l): + reps = l // len(s) + 1 # approximation; worst case: overrun = l + len(s) + return ''.join(list(repeat(s, reps)))[:l] + + @classmethod + def kdf(cls, password): + data = cls.expand(password, 1048576).encode('utf-8') + return hashlib.sha1(data).digest() + + @staticmethod + def random_string(len=P_LEN, alphabet=(string.ascii_letters + string.digits)): + return ''.join(secrets.choice(alphabet) for _ in range(len)) + + @staticmethod + def random_engine(len=E_LEN): + return secrets.token_hex(len) + + @classmethod + def derive_msg(cls, passphrase, engine): + # Parameter derivation รก la rfc3414 + Ku = cls.kdf(passphrase) + E = bytearray.fromhex(engine) + + return b''.join([Ku, E, Ku]) + + # Define available hash algorithms + algs = { + 'sha1': sha1, + 'md5': md5, + } -- cgit v1.2.3