Module org.snmp4j
Package org.snmp4j.security

Class AuthGeneric

java.lang.Object
org.snmp4j.security.AuthGeneric
All Implemented Interfaces:
Serializable, AuthenticationProtocol, SecurityProtocol
Direct Known Subclasses:
AuthMD5, AuthSHA, AuthSHA2
public abstract class AuthGeneric extends Object implements AuthenticationProtocol
The abstract class AuthGeneric implements common operations for SNMP authentication protocols, such as MD5 and SHA.
Version:
1.0
See Also:

  • Field Details

    • logger

      private static final LogAdapter logger

    • serialVersionUID

      private static final long serialVersionUID
      See Also:

    • HMAC_BUFFER_SIZE

      private static final int HMAC_BUFFER_SIZE
      See Also:

    • HMAC_BLOCK_SIZE

      public static final int HMAC_BLOCK_SIZE
      See Also:

    • DEFAULT_AUTHENTICATION_CODE_LENGTH

      private static final int DEFAULT_AUTHENTICATION_CODE_LENGTH
      See Also:

    • hmacBlockSize

      protected int hmacBlockSize

    • authenticationCodeLength

      private int authenticationCodeLength

    • digestLength

      private final int digestLength

    • protoName

      private final String protoName

  • Constructor Details

    • AuthGeneric

      public AuthGeneric(String protoName, int digestLength)
      Creates an authentication protocol with the specified name (ID) and digest length and using the DEFAULT_AUTHENTICATION_CODE_LENGTH default code length.
      Parameters:
      protoName - the name (ID) of the authentication protocol. Only names that are supported by the used security provider can be used.
      digestLength - the digest length.

    • AuthGeneric

      public AuthGeneric(String protoName, int digestLength, int authenticationCodeLength)
      Creates an authentication protocol with the specified name (ID) and digest length and using the DEFAULT_AUTHENTICATION_CODE_LENGTH default code length.
      Parameters:
      protoName - the name (ID) of the authentication protocol. Only names that are supported by the used security provider can be used.
      digestLength - the digest length.
      authenticationCodeLength - the length of the hash output (i.e., the authentication code length).
      Since:
      2.4.0

    • AuthGeneric

      public AuthGeneric(String protoName, int digestLength, int authenticationCodeLength, int hmacBlockSize)
      Creates an authentication protocol with the specified name (ID) and digest length and using the DEFAULT_AUTHENTICATION_CODE_LENGTH default code length.
      Parameters:
      protoName - the name (ID) of the authentication protocol. Only names that are supported by the used security provider can be used.
      digestLength - the digest length.
      authenticationCodeLength - the length of the hash output (i.e., the authentication code length).
      hmacBlockSize - the HMAC block size of the authentication protocol.
      Since:
      2.5.4

  • Method Details

    • getDigestLength

      public int getDigestLength()
      Gets the length of the message digest used by this authentication protocol.
      Specified by:
      getDigestLength in interface AuthenticationProtocol
      Returns:
      the number of octets in the digest.

    • getMaxKeyLength

      public int getMaxKeyLength()
      Description copied from interface: SecurityProtocol
      Get the maximum length of the key in bytes for this security protocol.
      Specified by:
      getMaxKeyLength in interface SecurityProtocol
      Returns:
      the (maximum) length of the security protocols key.

    • getAuthenticationCodeLength

      public int getAuthenticationCodeLength()
      The length of the authentication code (the hashing output length) in octets.
      Specified by:
      getAuthenticationCodeLength in interface AuthenticationProtocol
      Returns:
      the length of the authentication code.
      Since:
      2.4.0

    • getDigestObject

      protected MessageDigest getDigestObject()
      Get a fresh MessageDigest object of the Algorithm specified in the constructor.
      Returns:
      a new, fresh Message Digest object.

    • isSupported

      public boolean isSupported()
      Description copied from interface: SecurityProtocol
      Checks whether this security protocol is actually supported by this Java runtime environment.
      Specified by:
      isSupported in interface SecurityProtocol
      Returns:
      true if this security protocol is supported, false otherwise.

    • authenticate

      public boolean authenticate(byte[] authenticationKey, byte[] message, int messageOffset, int messageLength, ByteArrayWindow digest)
      Description copied from interface: AuthenticationProtocol
      Authenticates an outgoing message. This method fills the authentication parameters field of the given message. The parameter digestOffset offset is pointing inside the message buffer and must be zeroed before the authentication value is computed.
      Specified by:
      authenticate in interface AuthenticationProtocol
      Parameters:
      authenticationKey - the authentication key to be used for authenticating the message.
      message - the entire message for which the digest should be determined.
      messageOffset - the offset in message where the message actually starts.
      messageLength - the actual message length (may be smaller than message.length).
      digest - the offset in message where to store the digest.
      Returns:
      true if the message digest has been successfully computed and set, false otherwise.

    • isAuthentic

      public boolean isAuthentic(byte[] authenticationKey, byte[] message, int messageOffset, int messageLength, ByteArrayWindow digest)
      Description copied from interface: AuthenticationProtocol
      Authenticates an incoming message. This method checks if the value in the authentication parameters field of the message is valid. The following procedure is used to verify the authenitcation value
      • copy the authentication value to a temp buffer
      • zero the auth field
      • recalculate the authenthication value
      • compare the two authentcation values
      • write back the received authentication value
      Specified by:
      isAuthentic in interface AuthenticationProtocol
      Parameters:
      authenticationKey - the authentication key to be used for authenticating the message.
      message - the entire message for which the digest should be determined.
      messageOffset - the offset in message where the message actually starts.
      messageLength - the actual message length (may be smaller than message.length).
      digest - the digest of the message.
      Returns:
      true if the message is authentic, false otherwise.

    • changeDelta

      public byte[] changeDelta(byte[] oldKey, byte[] newKey, byte[] random)
      Description copied from interface: AuthenticationProtocol
      Computes the delta digest needed to remotely change an user's authenitcation key. The length of the old key (e.g. 16 for MD5, 20 for SHA) must match the length of the new key.
      Specified by:
      changeDelta in interface AuthenticationProtocol
      Parameters:
      oldKey - the old authentication/privacy key.
      newKey - the new authentication/privacy key.
      random - the random 'seed' to be used to produce the digest.
      Returns:
      the byte array representing the delta for key change operations. To obtain the key change value, append this delta to the random array.

    • passwordToKey

      public byte[] passwordToKey(OctetString passwordString, byte[] engineID)
      Description copied from interface: AuthenticationProtocol
      Generates the localized key for the given password and engine id.
      Specified by:
      passwordToKey in interface AuthenticationProtocol
      Parameters:
      passwordString - the authentication pass phrase.
      engineID - the engine ID of the authoritative engine.
      Returns:
      the localized authentication key.

    • hash

      public byte[] hash(byte[] data)
      Description copied from interface: AuthenticationProtocol
      Generates a hash value for the given data.
      Specified by:
      hash in interface AuthenticationProtocol
      Parameters:
      data - the data
      Returns:
      the generated hash.

    • hash

      public byte[] hash(byte[] data, int offset, int length)
      Description copied from interface: AuthenticationProtocol
      Generates a hash value for the given data.
      Specified by:
      hash in interface AuthenticationProtocol
      Parameters:
      data - the data
      offset - offset into data
      length - length of data to hash
      Returns:
      the generated hash.