Package org.snmp4j.security
Interface AuthenticationProtocol
- All Superinterfaces:
SecurityProtocol
,Serializable
- All Known Implementing Classes:
AuthGeneric
,AuthHMAC128SHA224
,AuthHMAC192SHA256
,AuthHMAC256SHA384
,AuthHMAC384SHA512
,AuthMD5
,AuthSHA
,AuthSHA2
The
AuthenticationProtocol
interface defines a common
interface for all SNMP authentication protocols.- Version:
- 2.4.0
- Author:
- Frank Fock
-
Method Summary
Modifier and TypeMethodDescriptionboolean
authenticate
(byte[] authenticationKey, byte[] message, int messageOffset, int messageLength, ByteArrayWindow digest) Authenticates an outgoing message.byte[]
changeDelta
(byte[] oldKey, byte[] newKey, byte[] random) Computes the delta digest needed to remotely change an user's authenitcation key.int
The length of the authentication code (the hashing output length) in octets.int
Gets the length of the digest generated by this authentication protocol.getID()
Gets the OID uniquely identifying the authentication protocol.byte[]
hash
(byte[] data) Generates a hash value for the given data.byte[]
hash
(byte[] data, int offset, int length) Generates a hash value for the given data.boolean
isAuthentic
(byte[] authenticationKey, byte[] message, int messageOffset, int messageLength, ByteArrayWindow digest) Authenticates an incoming message.byte[]
passwordToKey
(OctetString passwordString, byte[] engineID) Generates the localized key for the given password and engine id.Methods inherited from interface org.snmp4j.security.SecurityProtocol
getMaxKeyLength, isSupported
-
Method Details
-
authenticate
boolean authenticate(byte[] authenticationKey, byte[] message, int messageOffset, int messageLength, ByteArrayWindow digest) Authenticates an outgoing message. This method fills the authentication parameters field of the given message. The parameterdigestOffset
offset is pointing inside the message buffer and must be zeroed before the authentication value is computed.- Parameters:
authenticationKey
- the authentication key to be used for authenticating the message.message
- the entire message for which the digest should be determined.messageOffset
- the offset inmessage
where the message actually starts.messageLength
- the actual message length (may be smaller thanmessage.length
).digest
- the offset inmessage
where to store the digest.- Returns:
true
if the message digest has been successfully computed and set,false
otherwise.
-
isAuthentic
boolean isAuthentic(byte[] authenticationKey, byte[] message, int messageOffset, int messageLength, ByteArrayWindow digest) Authenticates an incoming message. This method checks if the value in the authentication parameters field of the message is valid. The following procedure is used to verify the authenitcation value- copy the authentication value to a temp buffer
- zero the auth field
- recalculate the authenthication value
- compare the two authentcation values
- write back the received authentication value
- Parameters:
authenticationKey
- the authentication key to be used for authenticating the message.message
- the entire message for which the digest should be determined.messageOffset
- the offset inmessage
where the message actually starts.messageLength
- the actual message length (may be smaller thanmessage.length
).digest
- the digest of themessage
.- Returns:
true
if the message is authentic,false
otherwise.
-
changeDelta
byte[] changeDelta(byte[] oldKey, byte[] newKey, byte[] random) Computes the delta digest needed to remotely change an user's authenitcation key. The length of the old key (e.g. 16 for MD5, 20 for SHA) must match the length of the new key.- Parameters:
oldKey
- the old authentication/privacy key.newKey
- the new authentication/privacy key.random
- the random 'seed' to be used to produce the digest.- Returns:
- the byte array representing the delta for key change operations.
To obtain the key change value, append this delta to the
random
array.
-
getID
OID getID()Gets the OID uniquely identifying the authentication protocol.- Specified by:
getID
in interfaceSecurityProtocol
- Returns:
- an
OID
instance.
-
passwordToKey
Generates the localized key for the given password and engine id.- Parameters:
passwordString
- the authentication pass phrase.engineID
- the engine ID of the authoritative engine.- Returns:
- the localized authentication key.
-
hash
byte[] hash(byte[] data) Generates a hash value for the given data.- Parameters:
data
- the data- Returns:
- the generated hash.
-
hash
byte[] hash(byte[] data, int offset, int length) Generates a hash value for the given data.- Parameters:
data
- the dataoffset
- offset into datalength
- length of data to hash- Returns:
- the generated hash.
-
getDigestLength
int getDigestLength()Gets the length of the digest generated by this authentication protocol. This value can be used to compute the BER encoded length of the security parameters for authentication.- Returns:
- the number of bytes of digests generated by this authentication protocol.
-
getAuthenticationCodeLength
int getAuthenticationCodeLength()The length of the authentication code (the hashing output length) in octets.- Returns:
- the length of the authentication code.
- Since:
- 2.4.0
-