[snmp] Use of new crypto interface correctd in manager

Added a common utility function (in the snmp_misc module)
for testing for crypto support (sed both by the manager
and agent code).

OTP-11009

3 files changed, 39 insertions, 33 deletions

diff --git a/lib/snmp/src/agent/snmp_user_based_sm_mib.erl b/lib/snmp/src/agent/snmp_user_based_sm_mib.erl
index e675cf1b83..223d3f7218 100644
--- a/lib/snmp/src/agent/snmp_user_based_sm_mib.erl
+++ b/lib/snmp/src/agent/snmp_user_based_sm_mib.erl
@@ -1219,16 +1219,10 @@ split(N, [H | T], FirstRev) when N > 0 ->
     split(N-1, T, [H | FirstRev]).
 
 
-is_crypto_supported(Algo) ->
-    %% The 'catch' handles the case when 'crypto' is
-    %% not present in the system (or not started).
-    Supported = crypto:supports(),
-    Hashs = proplists:get_value(hashs, Supported),
-    Ciphers = proplists:get_value(ciphers, Supported),
-    case catch lists:member(Algo, Hashs ++ Ciphers) of
-	true -> true;
-	_ -> false
-    end.
+-compile({inline, [{is_crypto_supported,1}]}).
+is_crypto_supported(Func) ->
+    snmp_misc:is_crypto_supported(Func). 
+
 
 inconsistentValue(V) -> throw({inconsistentValue, V}).
 inconsistentName(N)  -> throw({inconsistentName,  N}).
diff --git a/lib/snmp/src/manager/snmpm_config.erl b/lib/snmp/src/manager/snmpm_config.erl
index 5bbf9e5542..9d687f1d31 100644
--- a/lib/snmp/src/manager/snmpm_config.erl
+++ b/lib/snmp/src/manager/snmpm_config.erl
@@ -2028,7 +2028,7 @@ verify_usm_user_auth(usmNoAuthProtocol, AuthKey) ->
     end;
 verify_usm_user_auth(usmHMACMD5AuthProtocol, AuthKey) 
   when is_list(AuthKey) andalso (length(AuthKey) =:= 16) ->
-    case is_crypto_supported(md5_mac_96) of
+    case is_crypto_supported(md5) of
 	true -> 
 	    case snmp_conf:all_integer(AuthKey) of
 		true ->
@@ -2037,7 +2037,7 @@ verify_usm_user_auth(usmHMACMD5AuthProtocol, AuthKey)
 		    error({invalid_auth_key, usmHMACMD5AuthProtocol})
 	    end;
 	false -> 
-	    error({unsupported_crypto, md5_mac_96})
+	    error({unsupported_crypto, md5})
     end;    
 verify_usm_user_auth(usmHMACMD5AuthProtocol, AuthKey) when is_list(AuthKey) ->
     Len = length(AuthKey),
@@ -2046,7 +2046,7 @@ verify_usm_user_auth(usmHMACMD5AuthProtocol, _AuthKey) ->
     error({invalid_auth_key, usmHMACMD5AuthProtocol});
 verify_usm_user_auth(usmHMACSHAAuthProtocol, AuthKey) 
   when is_list(AuthKey) andalso (length(AuthKey) =:= 20) ->
-    case is_crypto_supported(sha_mac_96) of
+    case is_crypto_supported(sha) of
 	true -> 
 	    case snmp_conf:all_integer(AuthKey) of
 		true ->
@@ -2055,7 +2055,7 @@ verify_usm_user_auth(usmHMACSHAAuthProtocol, AuthKey)
 		    error({invalid_auth_key, usmHMACSHAAuthProtocol})
 	    end;
 	false -> 
-	    error({unsupported_crypto, sha_mac_96})
+	    error({unsupported_crypto, sha})
     end;
 verify_usm_user_auth(usmHMACSHAAuthProtocol, AuthKey) when is_list(AuthKey) ->
     Len = length(AuthKey),
@@ -2074,7 +2074,7 @@ verify_usm_user_priv(usmNoPrivProtocol, PrivKey) ->
     end;
 verify_usm_user_priv(usmDESPrivProtocol, PrivKey) 
   when (length(PrivKey) =:= 16) ->
-    case is_crypto_supported(des_cbc_decrypt) of
+    case is_crypto_supported(des_cbc) of
 	true -> 
 	    case snmp_conf:all_integer(PrivKey) of
 		true ->
@@ -2083,7 +2083,7 @@ verify_usm_user_priv(usmDESPrivProtocol, PrivKey)
 		    error({invalid_priv_key, usmDESPrivProtocol})
 	    end;
 	false -> 
-	    error({unsupported_crypto, des_cbc_decrypt})
+	    error({unsupported_crypto, des_cbc})
     end;
 verify_usm_user_priv(usmDESPrivProtocol, PrivKey) when is_list(PrivKey) ->
     Len = length(PrivKey),
@@ -2092,7 +2092,7 @@ verify_usm_user_priv(usmDESPrivProtocol, _PrivKey) ->
     error({invalid_priv_key, usmDESPrivProtocol});
 verify_usm_user_priv(usmAesCfb128Protocol, PrivKey) 
   when (length(PrivKey) =:= 16) ->
-    case is_crypto_supported(aes_cfb_128_decrypt) of
+    case is_crypto_supported(aes_cfb128) of
 	true -> 
 	    case snmp_conf:all_integer(PrivKey) of
 		true ->
@@ -2101,7 +2101,7 @@ verify_usm_user_priv(usmAesCfb128Protocol, PrivKey)
 		    error({invalid_priv_key, usmAesCfb128Protocol})
 	    end;
 	false -> 
-	    error({unsupported_crypto, aes_cfb_128_decrypt})
+	    error({unsupported_crypto, aes_cfb128})
     end;
 verify_usm_user_priv(usmAesCfb128Protocol, PrivKey) when is_list(PrivKey) ->
     Len = length(PrivKey),
@@ -2111,13 +2111,10 @@ verify_usm_user_priv(usmAesCfb128Protocol, _PrivKey) ->
 verify_usm_user_priv(PrivP, _PrivKey) ->
     error({invalid_priv_protocol, PrivP}).
     
+
+-compile({inline, [{is_crypto_supported,1}]}).
 is_crypto_supported(Func) ->
-    %% The 'catch' handles the case when 'crypto' is
-    %% not present in the system (or not started).
-    case (catch lists:member(Func, crypto:info())) of
-        true -> true;
-        _ -> false
-    end.
+    snmp_misc:is_crypto_supported(Func). 
  
 
 read_manager_config_file(Dir) ->
@@ -2879,11 +2876,11 @@ do_update_usm_user_info(Key,
 			#usm_user{auth = usmHMACMD5AuthProtocol} = User, 
 			auth_key, Val) 
   when length(Val) =:= 16 ->
-    case is_crypto_supported(md5_mac_96) of
+    case is_crypto_supported(md5) of
 	true -> 
 	    do_update_usm_user_info(Key, User#usm_user{auth_key = Val});
 	false -> 
-	    {error, {unsupported_crypto, md5_mac_96}}
+	    {error, {unsupported_crypto, md5}}
     end;    
 do_update_usm_user_info(_Key, 
 			#usm_user{auth = usmHMACMD5AuthProtocol}, 
@@ -2898,11 +2895,11 @@ do_update_usm_user_info(Key,
 			#usm_user{auth = usmHMACSHAAuthProtocol} = User, 
 			auth_key, Val) 
   when length(Val) =:= 20 ->
-    case is_crypto_supported(sha_mac_96) of
+    case is_crypto_supported(sha) of
 	true -> 
 	    do_update_usm_user_info(Key, User#usm_user{auth_key = Val});
 	false -> 
-	    {error, {unsupported_crypto, sha_mac_96}}
+	    {error, {unsupported_crypto, sha}}
     end;    
 do_update_usm_user_info(_Key, 
 			#usm_user{auth = usmHMACSHAAuthProtocol}, 
@@ -2933,21 +2930,21 @@ do_update_usm_user_info(Key,
 			#usm_user{priv = usmDESPrivProtocol} = User, 
 			priv_key, Val) 
   when length(Val) =:= 16 ->
-    case is_crypto_supported(des_cbc_decrypt) of
+    case is_crypto_supported(des_cbc) of
 	true -> 
 	    do_update_usm_user_info(Key, User#usm_user{priv_key = Val});
 	false -> 
-	    {error, {unsupported_crypto, des_cbc_decrypt}}
+	    {error, {unsupported_crypto, des_cbc}}
     end;    
 do_update_usm_user_info(Key, 
 			#usm_user{priv = usmAesCfb128Protocoll} = User, 
 			priv_key, Val) 
   when length(Val) =:= 16 ->
-    case is_crypto_supported(aes_cfb_128_decrypt) of
+    case is_crypto_supported(aes_cfb128) of
 	true -> 
 	    do_update_usm_user_info(Key, User#usm_user{priv_key = Val});
 	false -> 
-	    {error, {unsupported_crypto, aes_cfb_128_decrypt}}
+	    {error, {unsupported_crypto, aes_cfb128}}
     end;    
 do_update_usm_user_info(_Key, 
 			#usm_user{auth = usmHMACSHAAuthProtocol}, 
diff --git a/lib/snmp/src/misc/snmp_misc.erl b/lib/snmp/src/misc/snmp_misc.erl
index a061dcd97c..293b22991b 100644
--- a/lib/snmp/src/misc/snmp_misc.erl
+++ b/lib/snmp/src/misc/snmp_misc.erl
@@ -43,6 +43,7 @@
 	 ip/1, ip/2, 
 	 is_auth/1,
 	 is_BitString/1,
+	 is_crypto_supported/1, 
 	 is_oid/1,
 	 is_priv/1,
 	 is_reportable/1,
@@ -117,13 +118,27 @@ now(sec) ->
 	(element(3,Now) div 1000000).
     
 
+is_crypto_supported(Alg) ->
+    %% The 'try catch' handles the case when 'crypto' is
+    %% not present in the system (or not started).
+    try
+	begin
+	    Supported = crypto:supports(),
+	    Hashs     = proplists:get_value(hashs,   Supported),
+	    Ciphers   = proplists:get_value(ciphers, Supported),
+	    lists:member(Alg, Hashs ++ Ciphers)
+	end
+    catch
+	_:_ ->
+	    false
+    end.
+
 is_string([]) -> true;
 is_string([Tkn | Str]) 
   when is_integer(Tkn) andalso (Tkn >= 0) andalso (Tkn =< 255) ->
     is_string(Str);
 is_string(_) -> false.
 
-
 is_oid([E1, E2| Rest]) 
   when (length(Rest) =< 126) andalso (E1 *40 + E2 =< 255) ->
     is_oid2(Rest);