Package org.snmp4j.security

Interface AuthenticationProtocol

All Superinterfaces:
SecurityProtocol, Serializable
All Known Implementing Classes:
AuthGeneric, AuthHMAC128SHA224, AuthHMAC192SHA256, AuthHMAC256SHA384, AuthHMAC384SHA512, AuthMD5, AuthSHA, AuthSHA2
public interface AuthenticationProtocol extends SecurityProtocol
The AuthenticationProtocol interface defines a common interface for all SNMP authentication protocols.
Version:
2.4.0
Author:
Frank Fock

  • Method Summary

    Modifier and Type
    Method
    Description
    boolean
    authenticate(byte[] authenticationKey, byte[] message, int messageOffset, int messageLength, ByteArrayWindow digest)
    Authenticates an outgoing message.
    byte[]
    changeDelta(byte[] oldKey, byte[] newKey, byte[] random)
    Computes the delta digest needed to remotely change an user's authenitcation key.
    int
    getAuthenticationCodeLength()
    The length of the authentication code (the hashing output length) in octets.
    int
    getDigestLength()
    Gets the length of the digest generated by this authentication protocol.
    OID
    getID()
    Gets the OID uniquely identifying the authentication protocol.
    byte[]
    hash(byte[] data)
    Generates a hash value for the given data.
    byte[]
    hash(byte[] data, int offset, int length)
    Generates a hash value for the given data.
    boolean
    isAuthentic(byte[] authenticationKey, byte[] message, int messageOffset, int messageLength, ByteArrayWindow digest)
    Authenticates an incoming message.
    byte[]
    passwordToKey(OctetString passwordString, byte[] engineID)
    Generates the localized key for the given password and engine id.

    Methods inherited from interface org.snmp4j.security.SecurityProtocol

    getMaxKeyLength, isSupported

  • Method Details

    • authenticate

      boolean authenticate(byte[] authenticationKey, byte[] message, int messageOffset, int messageLength, ByteArrayWindow digest)
      Authenticates an outgoing message. This method fills the authentication parameters field of the given message. The parameter digestOffset offset is pointing inside the message buffer and must be zeroed before the authentication value is computed.
      Parameters:
      authenticationKey - the authentication key to be used for authenticating the message.
      message - the entire message for which the digest should be determined.
      messageOffset - the offset in message where the message actually starts.
      messageLength - the actual message length (may be smaller than message.length).
      digest - the offset in message where to store the digest.
      Returns:
      true if the message digest has been successfully computed and set, false otherwise.

    • isAuthentic

      boolean isAuthentic(byte[] authenticationKey, byte[] message, int messageOffset, int messageLength, ByteArrayWindow digest)
      Authenticates an incoming message. This method checks if the value in the authentication parameters field of the message is valid. The following procedure is used to verify the authenitcation value
      • copy the authentication value to a temp buffer
      • zero the auth field
      • recalculate the authenthication value
      • compare the two authentcation values
      • write back the received authentication value
      Parameters:
      authenticationKey - the authentication key to be used for authenticating the message.
      message - the entire message for which the digest should be determined.
      messageOffset - the offset in message where the message actually starts.
      messageLength - the actual message length (may be smaller than message.length).
      digest - the digest of the message.
      Returns:
      true if the message is authentic, false otherwise.

    • changeDelta

      byte[] changeDelta(byte[] oldKey, byte[] newKey, byte[] random)
      Computes the delta digest needed to remotely change an user's authenitcation key. The length of the old key (e.g. 16 for MD5, 20 for SHA) must match the length of the new key.
      Parameters:
      oldKey - the old authentication/privacy key.
      newKey - the new authentication/privacy key.
      random - the random 'seed' to be used to produce the digest.
      Returns:
      the byte array representing the delta for key change operations. To obtain the key change value, append this delta to the random array.

    • getID

      OID getID()
      Gets the OID uniquely identifying the authentication protocol.
      Specified by:
      getID in interface SecurityProtocol
      Returns:
      an OID instance.

    • passwordToKey

      byte[] passwordToKey(OctetString passwordString, byte[] engineID)
      Generates the localized key for the given password and engine id.
      Parameters:
      passwordString - the authentication pass phrase.
      engineID - the engine ID of the authoritative engine.
      Returns:
      the localized authentication key.

    • hash

      byte[] hash(byte[] data)
      Generates a hash value for the given data.
      Parameters:
      data - the data
      Returns:
      the generated hash.

    • hash

      byte[] hash(byte[] data, int offset, int length)
      Generates a hash value for the given data.
      Parameters:
      data - the data
      offset - offset into data
      length - length of data to hash
      Returns:
      the generated hash.

    • getDigestLength

      int getDigestLength()
      Gets the length of the digest generated by this authentication protocol. This value can be used to compute the BER encoded length of the security parameters for authentication.
      Returns:
      the number of bytes of digests generated by this authentication protocol.

    • getAuthenticationCodeLength

      int getAuthenticationCodeLength()
      The length of the authentication code (the hashing output length) in octets.
      Returns:
      the length of the authentication code.
      Since:
      2.4.0