- java.lang.Object
-
- org.snmp4j.security.dh.DHOperations
-
public class DHOperations extends java.lang.Object
Implementation of Diffie Hellman operations for SNMP as defined by RFC 2786.- Since:
- 2.6.0
- Author:
- Frank Fock
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static class
DHOperations.DHKeyInfo
TheDHSharedKeyInfo
provides DH key exchange information that associates a user name with a key (private or shared) and authentication and privacy protocol OIDs necessary to create anUSM
user during a DH kick-start operation.static class
DHOperations.KeyType
-
Field Summary
Fields Modifier and Type Field Description static java.lang.String
DH_AUTH_PROTOCOL_PROPERTY
Property name for authentication protocol OID of the kickstart user entry.static java.lang.String
DH_KICKSTART_SEC_NAME
static java.lang.String
DH_KICKSTART_VIEW_NAME
static java.lang.String
DH_PARAMS_PROPERTY
Property name with theDHParameters
used for the kickstart.static java.lang.String
DH_PRIV_PROTOCOL_PROPERTY
Property name for privacy protocol OID of the kickstart user entry.static java.lang.String
DH_PRIVATE_KEY_PROPERTY
Property name for private keys of Diffie Hellman key exchange property files.static java.lang.String
DH_PUBLIC_KEY_PROPERTY
Property name for public keys of Diffie Hellman key exchange property files.static java.lang.String
DH_RESET_PROPERTY
Property name to reset an USM user with a kickstart user entry.static java.lang.String
DH_VACM_ROLE_PROPERTY
Property name for VACM role of the kickstart user entry.static java.lang.String
DIFFIE_HELLMAN
static OID
oidUsmDHKickstartMgrPublic
static OID
oidUsmDHKickstartMyPublic
static OID
oidUsmDHKickstartSecurityName
static java.lang.String
PBKDF2
-
Constructor Summary
Constructors Constructor Description DHOperations()
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static java.math.BigInteger
bytesToBigInteger(byte[] bytes)
Convert a byte array to aBigInteger
.static byte[]
computeSharedKey(javax.crypto.KeyAgreement keyAgreement, byte[] publicKey, DHParameters dhParameters)
static java.security.KeyPair
createKeyPair(OctetString publicKeyOctets, OctetString privateKeyOctets, DHParameters dhParameters)
static byte[]
deriveKey(byte[] sharedKey, int keyLength)
Derive the USM key from the Diffie Hellman key exchange.static byte[]
deriveKeyPBKDF2(byte[] shareKey, int keyLength, SecurityProtocols.SecurityProtocolType securityProtocolType)
static OctetString
derivePrivateKey(java.security.KeyPair keyPair)
static OctetString
derivePublicKey(java.security.KeyPair keyPair)
static java.security.KeyPair
generatePublicKey(DHParameters dhParameters)
static java.util.Map<OctetString,OctetString[]>
getDHKickstartPublicKeys(Session session, PDUFactory pduFactory, Target<?> target, java.util.Set<OctetString> managerPublic)
Get the public keys of the agent's kickstart table that match the local public keys provided from a remote agent.static javax.crypto.KeyAgreement
getInitializedKeyAgreement(java.security.KeyPair keyPair)
static byte[]
keyToBytes(java.security.Key key)
Convert aKey
to a byte array.
-
-
-
Field Detail
-
DIFFIE_HELLMAN
public static final java.lang.String DIFFIE_HELLMAN
- See Also:
- Constant Field Values
-
PBKDF2
public static final java.lang.String PBKDF2
- See Also:
- Constant Field Values
-
DH_KICKSTART_SEC_NAME
public static final java.lang.String DH_KICKSTART_SEC_NAME
- See Also:
- Constant Field Values
-
DH_KICKSTART_VIEW_NAME
public static final java.lang.String DH_KICKSTART_VIEW_NAME
- See Also:
- Constant Field Values
-
oidUsmDHKickstartMyPublic
public static final OID oidUsmDHKickstartMyPublic
-
oidUsmDHKickstartMgrPublic
public static final OID oidUsmDHKickstartMgrPublic
-
oidUsmDHKickstartSecurityName
public static final OID oidUsmDHKickstartSecurityName
-
DH_PRIVATE_KEY_PROPERTY
public static final java.lang.String DH_PRIVATE_KEY_PROPERTY
Property name for private keys of Diffie Hellman key exchange property files.- See Also:
- Constant Field Values
-
DH_PUBLIC_KEY_PROPERTY
public static final java.lang.String DH_PUBLIC_KEY_PROPERTY
Property name for public keys of Diffie Hellman key exchange property files.- See Also:
- Constant Field Values
-
DH_AUTH_PROTOCOL_PROPERTY
public static final java.lang.String DH_AUTH_PROTOCOL_PROPERTY
Property name for authentication protocol OID of the kickstart user entry.- See Also:
- Constant Field Values
-
DH_PRIV_PROTOCOL_PROPERTY
public static final java.lang.String DH_PRIV_PROTOCOL_PROPERTY
Property name for privacy protocol OID of the kickstart user entry.- See Also:
- Constant Field Values
-
DH_VACM_ROLE_PROPERTY
public static final java.lang.String DH_VACM_ROLE_PROPERTY
Property name for VACM role of the kickstart user entry.- See Also:
- Constant Field Values
-
DH_RESET_PROPERTY
public static final java.lang.String DH_RESET_PROPERTY
Property name to reset an USM user with a kickstart user entry.- See Also:
- Constant Field Values
-
DH_PARAMS_PROPERTY
public static final java.lang.String DH_PARAMS_PROPERTY
Property name with theDHParameters
used for the kickstart.- See Also:
- Constant Field Values
-
-
Method Detail
-
computeSharedKey
public static byte[] computeSharedKey(javax.crypto.KeyAgreement keyAgreement, byte[] publicKey, DHParameters dhParameters)
-
bytesToBigInteger
public static java.math.BigInteger bytesToBigInteger(byte[] bytes)
Convert a byte array to aBigInteger
. Adds a leading zero-byte to ensure a positiveBigInteger
.- Parameters:
bytes
- The byte array to convert.- Returns:
- the
BigInteger
containing the provided bytes as unsigned integer.
-
keyToBytes
public static byte[] keyToBytes(java.security.Key key)
Convert aKey
to a byte array. Uses X or Y values of a key depending on key type (private or public). Cut off a leading zero-byte if key length is not divisible by 8.- Parameters:
key
- TheKey
to convert.- Returns:
- the byte array representation of the key or
null
.
-
createKeyPair
public static java.security.KeyPair createKeyPair(OctetString publicKeyOctets, OctetString privateKeyOctets, DHParameters dhParameters)
-
derivePublicKey
public static OctetString derivePublicKey(java.security.KeyPair keyPair)
-
derivePrivateKey
public static OctetString derivePrivateKey(java.security.KeyPair keyPair)
-
generatePublicKey
public static java.security.KeyPair generatePublicKey(DHParameters dhParameters) throws java.security.NoSuchAlgorithmException, java.security.InvalidAlgorithmParameterException
- Throws:
java.security.NoSuchAlgorithmException
java.security.InvalidAlgorithmParameterException
-
getInitializedKeyAgreement
public static javax.crypto.KeyAgreement getInitializedKeyAgreement(java.security.KeyPair keyPair)
-
deriveKey
public static byte[] deriveKey(byte[] sharedKey, int keyLength)
Derive the USM key from the Diffie Hellman key exchange.- Parameters:
sharedKey
- the shared key (z).keyLength
- the key length of the resulting key in bytes.- Returns:
- the USM key as byte array of length
keyLength
.
-
deriveKeyPBKDF2
public static byte[] deriveKeyPBKDF2(byte[] shareKey, int keyLength, SecurityProtocols.SecurityProtocolType securityProtocolType)
-
getDHKickstartPublicKeys
public static java.util.Map<OctetString,OctetString[]> getDHKickstartPublicKeys(Session session, PDUFactory pduFactory, Target<?> target, java.util.Set<OctetString> managerPublic) throws java.io.IOException
Get the public keys of the agent's kickstart table that match the local public keys provided from a remote agent.- Parameters:
session
- the SNMPSession
to use.pduFactory
- thePDUFactory
to be used to create SNMP PDUs for requesting the data.target
- the SNMP agent target.managerPublic
- a set of public keys of this manager for which public keys of the agent should be retrieved.- Returns:
- a map that maps the manager's public keys for which an agent public key has been found, to a two-element array with the first element being the agent public key and the second the associated user/security name.
- Throws:
java.io.IOException
- if the SNMP communication fails.
-
-