On 2021/06/20 12:46, Martijn van Duren wrote:
> And here's the diff to change the crypto defaults.
>
> Currently snmp(1) and snmpd(8) don't match up by default since snmp(1)
> uses md5/des as per RFC3414 (sha-1 is a should, md5 is a must) and
> net-snmpd's defaults, where snmpd(8) uses sha-1/des.
>
> While I haven't heard that md5 and/or sha1 are broken in HMAC context;
> I'd argue that using them is bad practice in general and setting them as
> defaults isn't done anymore. RFC7860 states that
> usmHMAC192SHA256AuthProtocol is a must and usmHMAC384SHA512AuthProtocol
> a should. So I'd guess it's best to stick with SHA256 as default, even
> though the resulting HMAC is truncated to 192 bits.
>
> As for the encryption bit, I guess I don't have to explain why changing
> from DES to AES-128 (RFC3826) by default would be a good decision.
>
> Diff should be able to apply stand alone and on previous diff.
>
> I want to commit this one at the same time as the previous diff.
>
> OK?
OK.
I'm not sure what was up with my hmac-sha256 tests earlier but I'm
unable to reproduce the problem now.
> Index: usr.sbin/snmpd/snmpd.conf.5
> ===================================================================
> RCS file: /cvs/src/usr.sbin/snmpd/snmpd.conf.5,v
> retrieving revision 1.48
> diff -u -p -r1.48 snmpd.conf.5
> --- usr.sbin/snmpd/snmpd.conf.5 14 Jun 2021 12:28:58 -0000 1.48
> +++ usr.sbin/snmpd/snmpd.conf.5 20 Jun 2021 10:37:50 -0000
> @@ -276,7 +276,7 @@ must be either
> or
> .Ic hmac-sha512 .
> If omitted the default is
> -.Ic hmac-sha1 .
> +.Ic hmac-sha256 .
> .Pp
> With
> .Ic enckey
> @@ -292,7 +292,7 @@ algorithm can be either
> or
> .Ic aes
> and defaults to
> -.Ic des .
> +.Ic aes .
> .Pp
> Any user account that has encryption enabled requires authentication to
> be enabled too.
> @@ -350,7 +350,7 @@ algorithm.
> seclevel enc
>
> user "hans" authkey "password123" enc aes enckey "321drowssap"
> -user "sophie" authkey "password456" enckey "654drowssap"
> +user "sophie" authkey "password456" enc des enckey "654drowssap"
> .Ed
> .Sh SEE ALSO
> .Xr snmp 1 ,
> Index: usr.sbin/snmpd/snmpd.h
> ===================================================================
> RCS file: /cvs/src/usr.sbin/snmpd/snmpd.h,v
> retrieving revision 1.95
> diff -u -p -r1.95 snmpd.h
> --- usr.sbin/snmpd/snmpd.h 20 May 2021 08:53:12 -0000 1.95
> +++ usr.sbin/snmpd/snmpd.h 20 Jun 2021 10:37:51 -0000
> @@ -522,7 +522,7 @@ enum usmauth {
> AUTH_SHA512 /* usmHMAC384SHA512AuthProtocol. RFC7860 */
> };
>
> -#define AUTH_DEFAULT AUTH_SHA1 /* Default digest */
> +#define AUTH_DEFAULT AUTH_SHA256 /* Default digest */
>
> enum usmpriv {
> PRIV_NONE = 0,
> @@ -530,7 +530,7 @@ enum usmpriv {
> PRIV_AES /* CFB128-AES-128, RFC3826 */
> };
>
> -#define PRIV_DEFAULT PRIV_DES /* Default cipher */
> +#define PRIV_DEFAULT PRIV_AES /* Default cipher */
>
> struct usmuser {
> char *uu_name;
> Index: usr.bin/snmp/snmp.1
> ===================================================================
> RCS file: /cvs/src/usr.bin/snmp/snmp.1,v
> retrieving revision 1.17
> diff -u -p -r1.17 snmp.1
> --- usr.bin/snmp/snmp.1 23 Mar 2021 22:07:36 -0000 1.17
> +++ usr.bin/snmp/snmp.1 20 Jun 2021 10:37:51 -0000
> @@ -197,7 +197,7 @@ Options are
> or
> .Cm SHA-512 .
> This option defaults to
> -.Cm MD5 .
> +.Cm SHA-256 .
> This option is only used by
> .Fl v Cm 3 .
> .It Fl C Ar appopt
> @@ -439,6 +439,8 @@ protocol.
> Options are
> .Cm DES
> and
> +.Cm AES .
> +This option defaults to
> .Cm AES .
> This option is only used by
> .Fl v Cm 3 .
> Index: usr.bin/snmp/snmpc.c
> ===================================================================
> RCS file: /cvs/src/usr.bin/snmp/snmpc.c,v
> retrieving revision 1.33
> diff -u -p -r1.33 snmpc.c
> --- usr.bin/snmp/snmpc.c 23 Mar 2021 22:07:36 -0000 1.33
> +++ usr.bin/snmp/snmpc.c 20 Jun 2021 10:37:51 -0000
> @@ -476,7 +476,7 @@ main(int argc, char *argv[])
> err(1, "usm_init");
> if (seclevel & SNMP_MSGFLAG_AUTH) {
> if (md == NULL)
> - md = EVP_md5();
> + md = EVP_sha256();
> if (authkey == NULL)
> errx(1, "No authKey or authPassword specified");
> if (usm_setauth(sec, md, authkey, authkeylen,
> @@ -485,7 +485,7 @@ main(int argc, char *argv[])
> }
> if (seclevel & SNMP_MSGFLAG_PRIV) {
> if (cipher == NULL)
> - cipher = EVP_des_cbc();
> + cipher = EVP_aes_128_cfb128();
> if (privkey == NULL)
> errx(1, "No privKey or privPassword specified");
> if (usm_setpriv(sec, cipher, privkey, privkeylen,
>
>
