Module org.snmp4j
Package org.snmp4j.security

Class PrivAES

java.lang.Object
org.snmp4j.security.PrivacyGeneric
org.snmp4j.security.PrivAES
All Implemented Interfaces:
Serializable, PrivacyProtocol, SecurityProtocol
Direct Known Subclasses:
PrivAES128, PrivAES192, PrivAES256, PrivAESWith3DESKeyExtension
public abstract class PrivAES extends PrivacyGeneric implements PrivacyProtocol
Base class for PrivAES128, PrivAES192 and PrivAES256.

This class uses AES in CFB mode to encrypt the data. The protocol is defined in draft-blumenthal-aes-usm-08.txt (AES128) and draft-blumenthal-aes-usm-04.txt (AES192 and AES256).

Version:
2.5.0
Author:
Jochen Katz
See Also:

  • Field Details

    • salt

      protected Salt salt

  • Constructor Details

    • PrivAES

      public PrivAES(int keyBytes)
      Constructor.
      Parameters:
      keyBytes - Length of key, must be 16, 24 or 32.
      Throws:
      IllegalArgumentException - if keyBytes is illegal

  • Method Details

    • encrypt

      public byte[] encrypt(byte[] unencryptedData, int offset, int length, byte[] encryptionKey, long engineBoots, long engineTime, DecryptParams decryptParams)
      Description copied from interface: PrivacyProtocol
      Encrypts a message using a given encryption key, engine boots count, and engine ID.
      Specified by:
      encrypt in interface PrivacyProtocol
      Parameters:
      unencryptedData - the unencrypted data. This byte array may contain leading and trailing bytes that will not be encrypted.
      offset - the offset into the unencryptedData where to start encryption.
      length - the length of the substring starting at offset to encrypt.
      encryptionKey - the key to be used for encryption.
      engineBoots - the engine boots counter to use.
      engineTime - the engine time to use.
      decryptParams - returns the decryption parameters needed to decrypt the data that has been encrypted by this method.
      Returns:
      the encrypted copy of unencryptedData.

    • decrypt

      public byte[] decrypt(byte[] cryptedData, int offset, int length, byte[] decryptionKey, long engineBoots, long engineTime, DecryptParams decryptParams)
      Description copied from interface: PrivacyProtocol
      Decrypts a message using a given decryption key, engine boots count, and engine ID.
      Specified by:
      decrypt in interface PrivacyProtocol
      Parameters:
      cryptedData - the crypted data. This byte array may contain leading and trailing bytes that will not be decrypted.
      offset - the offset into the cryptedData where to start encryption.
      length - the length of the substring starting at offset to decrypt.
      decryptionKey - the key to be used for decryption.
      engineBoots - the engine boots counter to use.
      engineTime - the engine time to use.
      decryptParams - contains the decryption parameters.
      Returns:
      the decrypted data, or null if decryption failed.

    • getEncryptedLength

      public int getEncryptedLength(int scopedPDULength)
      Description copied from interface: PrivacyProtocol
      Gets the length of a scoped PDU when encrypted with this security protocol.
      Specified by:
      getEncryptedLength in interface PrivacyProtocol
      Parameters:
      scopedPDULength - the length of the (unencrypted) scoped PDU.
      Returns:
      the length of the encrypted scoped PDU.

    • asHex

      public static String asHex(byte[] buf)
      Turns array of bytes into string
      Parameters:
      buf - Array of bytes to convert to hex string
      Returns:
      Generated hex string

    • getMinKeyLength

      public int getMinKeyLength()
      Description copied from interface: PrivacyProtocol
      Gets the minimum key size for this privacy protocol.
      Specified by:
      getMinKeyLength in interface PrivacyProtocol
      Returns:
      the minimum key size for this privacy protocol.

    • getMaxKeyLength

      public int getMaxKeyLength()
      Description copied from interface: PrivacyProtocol
      Gets the maximum key size for this privacy protocol.
      Specified by:
      getMaxKeyLength in interface PrivacyProtocol
      Specified by:
      getMaxKeyLength in interface SecurityProtocol
      Returns:
      the minimum key size for this privacy protocol.

    • getDecryptParamsLength

      public int getDecryptParamsLength()
      Description copied from interface: PrivacyProtocol
      Gets the length of the decryption parameters used by this security protocol.
      Specified by:
      getDecryptParamsLength in interface PrivacyProtocol
      Returns:
      a positive integer denoting the length of decryption parameters returned by this security protocol.

    • extendShortKey

      public byte[] extendShortKey(byte[] shortKey, OctetString password, byte[] engineID, AuthenticationProtocol authProtocol)
      Description copied from interface: PrivacyProtocol
      Extend a localized key that is too short. Some privacy protocols require a key that is longer than the key generated by the password-to-key algorithm of the authentication protocol. This function extends a short key to the required length.
      Specified by:
      extendShortKey in interface PrivacyProtocol
      Parameters:
      shortKey - the short key that was generated using AuthenticationProtocol.passwordToKey(org.snmp4j.smi.OctetString, byte[]) function.
      password - the password to use for key extension.
      engineID - the SNMP engine ID of the authoritative engine.
      authProtocol - the authentication protocol that should be used.
      Returns:
      the extended key or shortKey if no extension is needed.