java.lang.Object
org.snmp4j.security.dh.DHOperations
Implementation of Diffie Hellman operations for SNMP as defined by RFC 2786.
- Since:
- 2.6.0
- Author:
- Frank Fock
-
Nested Class Summary
Modifier and TypeClassDescriptionstatic class
TheDHSharedKeyInfo
provides DH key exchange information that associates a user name with a key (private or shared) and authentication and privacy protocol OIDs necessary to create anUSM
user during a DH kick-start operation.static enum
-
Field Summary
Modifier and TypeFieldDescriptionstatic final String
Property name for authentication protocol OID of the kickstart user entry.static final String
static final String
static final String
Property name with theDHParameters
used for the kickstart.static final String
Property name for privacy protocol OID of the kickstart user entry.static final String
Property name for private keys of Diffie Hellman key exchange property files.static final String
Property name for public keys of Diffie Hellman key exchange property files.static final String
Property name to reset an USM user with a kickstart user entry.static final String
Property name for VACM role of the kickstart user entry.static final String
static final OID
static final OID
static final OID
static final String
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionstatic BigInteger
bytesToBigInteger
(byte[] bytes) Convert a byte array to aBigInteger
.static byte[]
computeSharedKey
(KeyAgreement keyAgreement, byte[] publicKey, DHParameters dhParameters) static KeyPair
createKeyPair
(OctetString publicKeyOctets, OctetString privateKeyOctets, DHParameters dhParameters) static byte[]
deriveKey
(byte[] sharedKey, int keyLength) Derive the USM key from the Diffie Hellman key exchange.static byte[]
deriveKeyPBKDF2
(byte[] shareKey, int keyLength, SecurityProtocols.SecurityProtocolType securityProtocolType) static OctetString
derivePrivateKey
(KeyPair keyPair) static OctetString
derivePublicKey
(KeyPair keyPair) static KeyPair
generatePublicKey
(DHParameters dhParameters) static Map
<OctetString, OctetString[]> getDHKickstartPublicKeys
(Session session, PDUFactory pduFactory, Target<?> target, Set<OctetString> managerPublic) Get the public keys of the agent's kickstart table that match the local public keys provided from a remote agent.static KeyAgreement
getInitializedKeyAgreement
(KeyPair keyPair) static byte[]
keyToBytes
(Key key) Convert aKey
to a byte array.
-
Field Details
-
DIFFIE_HELLMAN
- See Also:
-
PBKDF2
- See Also:
-
DH_KICKSTART_SEC_NAME
- See Also:
-
DH_KICKSTART_VIEW_NAME
- See Also:
-
oidUsmDHKickstartMyPublic
-
oidUsmDHKickstartMgrPublic
-
oidUsmDHKickstartSecurityName
-
DH_PRIVATE_KEY_PROPERTY
Property name for private keys of Diffie Hellman key exchange property files.- See Also:
-
DH_PUBLIC_KEY_PROPERTY
Property name for public keys of Diffie Hellman key exchange property files.- See Also:
-
DH_AUTH_PROTOCOL_PROPERTY
Property name for authentication protocol OID of the kickstart user entry.- See Also:
-
DH_PRIV_PROTOCOL_PROPERTY
Property name for privacy protocol OID of the kickstart user entry.- See Also:
-
DH_VACM_ROLE_PROPERTY
Property name for VACM role of the kickstart user entry.- See Also:
-
DH_RESET_PROPERTY
Property name to reset an USM user with a kickstart user entry.- See Also:
-
DH_PARAMS_PROPERTY
Property name with theDHParameters
used for the kickstart.- See Also:
-
-
Constructor Details
-
DHOperations
public DHOperations()
-
-
Method Details
-
bytesToBigInteger
Convert a byte array to aBigInteger
. Adds a leading zero-byte to ensure a positiveBigInteger
.- Parameters:
bytes
- The byte array to convert.- Returns:
- the
BigInteger
containing the provided bytes as unsigned integer.
-
keyToBytes
Convert aKey
to a byte array. Uses X or Y values of a key depending on key type (private or public). Cut off a leading zero-byte if key length is not divisible by 8.- Parameters:
key
- TheKey
to convert.- Returns:
- the byte array representation of the key or
null
.
-
createKeyPair
public static KeyPair createKeyPair(OctetString publicKeyOctets, OctetString privateKeyOctets, DHParameters dhParameters) -
derivePublicKey
-
derivePrivateKey
-
generatePublicKey
public static KeyPair generatePublicKey(DHParameters dhParameters) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException -
getInitializedKeyAgreement
-
deriveKey
public static byte[] deriveKey(byte[] sharedKey, int keyLength) Derive the USM key from the Diffie Hellman key exchange.- Parameters:
sharedKey
- the shared key (z).keyLength
- the key length of the resulting key in bytes.- Returns:
- the USM key as byte array of length
keyLength
.
-
deriveKeyPBKDF2
public static byte[] deriveKeyPBKDF2(byte[] shareKey, int keyLength, SecurityProtocols.SecurityProtocolType securityProtocolType) -
getDHKickstartPublicKeys
public static Map<OctetString,OctetString[]> getDHKickstartPublicKeys(Session session, PDUFactory pduFactory, Target<?> target, Set<OctetString> managerPublic) throws IOException Get the public keys of the agent's kickstart table that match the local public keys provided from a remote agent.- Parameters:
session
- the SNMPSession
to use.pduFactory
- thePDUFactory
to be used to create SNMP PDUs for requesting the data.target
- the SNMP agent target.managerPublic
- a set of public keys of this manager for which public keys of the agent should be retrieved.- Returns:
- a map that maps the manager's public keys for which an agent public key has been found, to a two-element array with the first element being the agent public key and the second the associated user/security name.
- Throws:
IOException
- if the SNMP communication fails.