java.lang.Object
org.snmp4j.security.AuthGeneric
- All Implemented Interfaces:
Serializable
,AuthenticationProtocol
,SecurityProtocol
The abstract class AuthGeneric implements common operations for SNMP authentication protocols, such as MD5 and SHA.
- Version:
- 1.0
- Author:
- Frank Fock, Jochen Katz
- See Also:
-
Field Summary
-
Constructor Summary
ConstructorDescriptionAuthGeneric
(String protoName, int digestLength) Creates an authentication protocol with the specified name (ID) and digest length and using theDEFAULT_AUTHENTICATION_CODE_LENGTH
default code length.AuthGeneric
(String protoName, int digestLength, int authenticationCodeLength) Creates an authentication protocol with the specified name (ID) and digest length and using theDEFAULT_AUTHENTICATION_CODE_LENGTH
default code length.AuthGeneric
(String protoName, int digestLength, int authenticationCodeLength, int hmacBlockSize) Creates an authentication protocol with the specified name (ID) and digest length and using theDEFAULT_AUTHENTICATION_CODE_LENGTH
default code length. -
Method Summary
Modifier and TypeMethodDescriptionboolean
authenticate
(byte[] authenticationKey, byte[] message, int messageOffset, int messageLength, ByteArrayWindow digest) Authenticates an outgoing message.byte[]
changeDelta
(byte[] oldKey, byte[] newKey, byte[] random) Computes the delta digest needed to remotely change an user's authenitcation key.int
The length of the authentication code (the hashing output length) in octets.int
Gets the length of the message digest used by this authentication protocol.protected MessageDigest
Get a fresh MessageDigest object of the Algorithm specified in the constructor.int
Get the maximum length of the key in bytes for this security protocol.byte[]
hash
(byte[] data) Generates a hash value for the given data.byte[]
hash
(byte[] data, int offset, int length) Generates a hash value for the given data.boolean
isAuthentic
(byte[] authenticationKey, byte[] message, int messageOffset, int messageLength, ByteArrayWindow digest) Authenticates an incoming message.boolean
Checks whether this security protocol is actually supported by this Java runtime environment.byte[]
passwordToKey
(OctetString passwordString, byte[] engineID) Generates the localized key for the given password and engine id.Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
Methods inherited from interface org.snmp4j.security.AuthenticationProtocol
getID
-
Field Details
-
HMAC_BLOCK_SIZE
public static final int HMAC_BLOCK_SIZE- See Also:
-
hmacBlockSize
protected int hmacBlockSize
-
-
Constructor Details
-
AuthGeneric
Creates an authentication protocol with the specified name (ID) and digest length and using theDEFAULT_AUTHENTICATION_CODE_LENGTH
default code length.- Parameters:
protoName
- the name (ID) of the authentication protocol. Only names that are supported by the used security provider can be used.digestLength
- the digest length.
-
AuthGeneric
Creates an authentication protocol with the specified name (ID) and digest length and using theDEFAULT_AUTHENTICATION_CODE_LENGTH
default code length.- Parameters:
protoName
- the name (ID) of the authentication protocol. Only names that are supported by the used security provider can be used.digestLength
- the digest length.authenticationCodeLength
- the length of the hash output (i.e., the authentication code length).- Since:
- 2.4.0
-
AuthGeneric
public AuthGeneric(String protoName, int digestLength, int authenticationCodeLength, int hmacBlockSize) Creates an authentication protocol with the specified name (ID) and digest length and using theDEFAULT_AUTHENTICATION_CODE_LENGTH
default code length.- Parameters:
protoName
- the name (ID) of the authentication protocol. Only names that are supported by the used security provider can be used.digestLength
- the digest length.authenticationCodeLength
- the length of the hash output (i.e., the authentication code length).hmacBlockSize
- the HMAC block size of the authentication protocol.- Since:
- 2.5.4
-
-
Method Details
-
getDigestLength
public int getDigestLength()Gets the length of the message digest used by this authentication protocol.- Specified by:
getDigestLength
in interfaceAuthenticationProtocol
- Returns:
- the number of octets in the digest.
-
getMaxKeyLength
public int getMaxKeyLength()Description copied from interface:SecurityProtocol
Get the maximum length of the key in bytes for this security protocol.- Specified by:
getMaxKeyLength
in interfaceSecurityProtocol
- Returns:
- the (maximum) length of the security protocols key.
-
getAuthenticationCodeLength
public int getAuthenticationCodeLength()The length of the authentication code (the hashing output length) in octets.- Specified by:
getAuthenticationCodeLength
in interfaceAuthenticationProtocol
- Returns:
- the length of the authentication code.
- Since:
- 2.4.0
-
getDigestObject
Get a fresh MessageDigest object of the Algorithm specified in the constructor.- Returns:
- a new, fresh Message Digest object.
-
isSupported
public boolean isSupported()Description copied from interface:SecurityProtocol
Checks whether this security protocol is actually supported by this Java runtime environment.- Specified by:
isSupported
in interfaceSecurityProtocol
- Returns:
true
if this security protocol is supported,false
otherwise.
-
authenticate
public boolean authenticate(byte[] authenticationKey, byte[] message, int messageOffset, int messageLength, ByteArrayWindow digest) Description copied from interface:AuthenticationProtocol
Authenticates an outgoing message. This method fills the authentication parameters field of the given message. The parameterdigestOffset
offset is pointing inside the message buffer and must be zeroed before the authentication value is computed.- Specified by:
authenticate
in interfaceAuthenticationProtocol
- Parameters:
authenticationKey
- the authentication key to be used for authenticating the message.message
- the entire message for which the digest should be determined.messageOffset
- the offset inmessage
where the message actually starts.messageLength
- the actual message length (may be smaller thanmessage.length
).digest
- the offset inmessage
where to store the digest.- Returns:
true
if the message digest has been successfully computed and set,false
otherwise.
-
isAuthentic
public boolean isAuthentic(byte[] authenticationKey, byte[] message, int messageOffset, int messageLength, ByteArrayWindow digest) Description copied from interface:AuthenticationProtocol
Authenticates an incoming message. This method checks if the value in the authentication parameters field of the message is valid. The following procedure is used to verify the authenitcation value- copy the authentication value to a temp buffer
- zero the auth field
- recalculate the authenthication value
- compare the two authentcation values
- write back the received authentication value
- Specified by:
isAuthentic
in interfaceAuthenticationProtocol
- Parameters:
authenticationKey
- the authentication key to be used for authenticating the message.message
- the entire message for which the digest should be determined.messageOffset
- the offset inmessage
where the message actually starts.messageLength
- the actual message length (may be smaller thanmessage.length
).digest
- the digest of themessage
.- Returns:
true
if the message is authentic,false
otherwise.
-
changeDelta
public byte[] changeDelta(byte[] oldKey, byte[] newKey, byte[] random) Description copied from interface:AuthenticationProtocol
Computes the delta digest needed to remotely change an user's authenitcation key. The length of the old key (e.g. 16 for MD5, 20 for SHA) must match the length of the new key.- Specified by:
changeDelta
in interfaceAuthenticationProtocol
- Parameters:
oldKey
- the old authentication/privacy key.newKey
- the new authentication/privacy key.random
- the random 'seed' to be used to produce the digest.- Returns:
- the byte array representing the delta for key change operations.
To obtain the key change value, append this delta to the
random
array.
-
passwordToKey
Description copied from interface:AuthenticationProtocol
Generates the localized key for the given password and engine id.- Specified by:
passwordToKey
in interfaceAuthenticationProtocol
- Parameters:
passwordString
- the authentication pass phrase.engineID
- the engine ID of the authoritative engine.- Returns:
- the localized authentication key.
-
hash
public byte[] hash(byte[] data) Description copied from interface:AuthenticationProtocol
Generates a hash value for the given data.- Specified by:
hash
in interfaceAuthenticationProtocol
- Parameters:
data
- the data- Returns:
- the generated hash.
-
hash
public byte[] hash(byte[] data, int offset, int length) Description copied from interface:AuthenticationProtocol
Generates a hash value for the given data.- Specified by:
hash
in interfaceAuthenticationProtocol
- Parameters:
data
- the dataoffset
- offset into datalength
- length of data to hash- Returns:
- the generated hash.
-