 | 1 | initial version |
SHA1 doesn't provide enough key bits for AES256, so key extension needs to be applied. This isn't standardised, however there's draft-reeder-snmpv3-usm-3desede-00 which goes into this. Wireshark seems to be doing that in the SNMP dissector, although I'm not sure if it exactly follows the algorithm in section 2.1 of this draft. It seems to use "K1 | K2" rather than "K2" in the third round, "K1 | K2 | K3" rather than "K3" in the fourth round, etc. Unfortunately I've no setup to dive into this.
