java.lang.Object
org.snmp4j.security.PrivacyGeneric
org.snmp4j.security.PrivAES
- All Implemented Interfaces:
Serializable
,PrivacyProtocol
,SecurityProtocol
- Direct Known Subclasses:
PrivAES128
,PrivAES192
,PrivAES256
,PrivAESWith3DESKeyExtension
Base class for PrivAES128, PrivAES192 and PrivAES256.
This class uses AES in CFB mode to encrypt the data. The protocol is defined in draft-blumenthal-aes-usm-08.txt (AES128) and draft-blumenthal-aes-usm-04.txt (AES192 and AES256).
- Version:
- 2.5.0
- Author:
- Jochen Katz
- See Also:
-
Field Summary
Fields inherited from class org.snmp4j.security.PrivacyGeneric
cipherPool, initVectorLength, keyBytes, protocolClass, protocolId
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionstatic String
asHex
(byte[] buf) Turns array of bytes into stringbyte[]
decrypt
(byte[] cryptedData, int offset, int length, byte[] decryptionKey, long engineBoots, long engineTime, DecryptParams decryptParams) Decrypts a message using a given decryption key, engine boots count, and engine ID.byte[]
encrypt
(byte[] unencryptedData, int offset, int length, byte[] encryptionKey, long engineBoots, long engineTime, DecryptParams decryptParams) Encrypts a message using a given encryption key, engine boots count, and engine ID.byte[]
extendShortKey
(byte[] shortKey, OctetString password, byte[] engineID, AuthenticationProtocol authProtocol) Extend a localized key that is too short.int
Gets the length of the decryption parameters used by this security protocol.int
getEncryptedLength
(int scopedPDULength) Gets the length of a scoped PDU when encrypted with this security protocol.int
Gets the maximum key size for this privacy protocol.int
Gets the minimum key size for this privacy protocol.Methods inherited from class org.snmp4j.security.PrivacyGeneric
doDecrypt, doFinal, doFinalWithPadding, doInit, isSupported
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
Methods inherited from interface org.snmp4j.security.PrivacyProtocol
getID
Methods inherited from interface org.snmp4j.security.SecurityProtocol
isSupported
-
Field Details
-
salt
-
-
Constructor Details
-
PrivAES
public PrivAES(int keyBytes) Constructor.- Parameters:
keyBytes
- Length of key, must be 16, 24 or 32.- Throws:
IllegalArgumentException
- if keyBytes is illegal
-
-
Method Details
-
encrypt
public byte[] encrypt(byte[] unencryptedData, int offset, int length, byte[] encryptionKey, long engineBoots, long engineTime, DecryptParams decryptParams) Description copied from interface:PrivacyProtocol
Encrypts a message using a given encryption key, engine boots count, and engine ID.- Specified by:
encrypt
in interfacePrivacyProtocol
- Parameters:
unencryptedData
- the unencrypted data. This byte array may contain leading and trailing bytes that will not be encrypted.offset
- the offset into theunencryptedData
where to start encryption.length
- the length of the substring starting atoffset
to encrypt.encryptionKey
- the key to be used for encryption.engineBoots
- the engine boots counter to use.engineTime
- the engine time to use.decryptParams
- returns the decryption parameters needed to decrypt the data that has been encrypted by this method.- Returns:
- the encrypted copy of
unencryptedData
.
-
decrypt
public byte[] decrypt(byte[] cryptedData, int offset, int length, byte[] decryptionKey, long engineBoots, long engineTime, DecryptParams decryptParams) Description copied from interface:PrivacyProtocol
Decrypts a message using a given decryption key, engine boots count, and engine ID.- Specified by:
decrypt
in interfacePrivacyProtocol
- Parameters:
cryptedData
- the crypted data. This byte array may contain leading and trailing bytes that will not be decrypted.offset
- the offset into thecryptedData
where to start encryption.length
- the length of the substring starting atoffset
to decrypt.decryptionKey
- the key to be used for decryption.engineBoots
- the engine boots counter to use.engineTime
- the engine time to use.decryptParams
- contains the decryption parameters.- Returns:
- the decrypted data, or
null
if decryption failed.
-
getEncryptedLength
public int getEncryptedLength(int scopedPDULength) Description copied from interface:PrivacyProtocol
Gets the length of a scoped PDU when encrypted with this security protocol.- Specified by:
getEncryptedLength
in interfacePrivacyProtocol
- Parameters:
scopedPDULength
- the length of the (unencrypted) scoped PDU.- Returns:
- the length of the encrypted scoped PDU.
-
asHex
Turns array of bytes into string- Parameters:
buf
- Array of bytes to convert to hex string- Returns:
- Generated hex string
-
getMinKeyLength
public int getMinKeyLength()Description copied from interface:PrivacyProtocol
Gets the minimum key size for this privacy protocol.- Specified by:
getMinKeyLength
in interfacePrivacyProtocol
- Returns:
- the minimum key size for this privacy protocol.
-
getMaxKeyLength
public int getMaxKeyLength()Description copied from interface:PrivacyProtocol
Gets the maximum key size for this privacy protocol.- Specified by:
getMaxKeyLength
in interfacePrivacyProtocol
- Specified by:
getMaxKeyLength
in interfaceSecurityProtocol
- Returns:
- the minimum key size for this privacy protocol.
-
getDecryptParamsLength
public int getDecryptParamsLength()Description copied from interface:PrivacyProtocol
Gets the length of the decryption parameters used by this security protocol.- Specified by:
getDecryptParamsLength
in interfacePrivacyProtocol
- Returns:
- a positive integer denoting the length of decryption parameters returned by this security protocol.
-
extendShortKey
public byte[] extendShortKey(byte[] shortKey, OctetString password, byte[] engineID, AuthenticationProtocol authProtocol) Description copied from interface:PrivacyProtocol
Extend a localized key that is too short. Some privacy protocols require a key that is longer than the key generated by the password-to-key algorithm of the authentication protocol. This function extends a short key to the required length.- Specified by:
extendShortKey
in interfacePrivacyProtocol
- Parameters:
shortKey
- the short key that was generated usingAuthenticationProtocol.passwordToKey(org.snmp4j.smi.OctetString, byte[])
function.password
- the password to use for key extension.engineID
- the SNMP engine ID of the authoritative engine.authProtocol
- the authentication protocol that should be used.- Returns:
- the extended key or
shortKey
if no extension is needed.
-