uk.co.westhawk.snmp.util

Class SnmpUtilities

java.lang.Object

uk.co.westhawk.snmp.util.SnmpUtilities

public class SnmpUtilities
extends java.lang.Object

This class contains utilities for key and authentication encoding. See SNMP-USER-BASED-SM-MIB.

Version:

$Revision$ $Date$

Author:

Tim Panton

Constructor Summary

Constructors

Constructor and Description
SnmpUtilities()

Method Summary

Modifier and Type	Method and Description
static byte[]	AESdecrypt(byte[] ciphertext, byte[] secretPrivacyKey, int engineBoots, int engineTime, byte[] salt) Decrypts using AES.
static byte[]	AESencrypt(byte[] plaintext, byte[] secretPrivacyKey, int engineBoots, int engineTime, byte[] salt) Encrypts bytes using AES.
static boolean	areBytesEqual(byte[] array1, byte[] array2) Compaires two byte arrays and returns if they are equal.
static byte[]	DESdecrypt(byte[] encryptedText, byte[] salt, byte[] secretPrivacyKey) Decryptes bytes using DES.
static byte[]	DESencrypt(byte[] plain, byte[] secretPrivacyKey, byte[] salt) Encrypts bytes using DES.
static void	dumpBytes(java.lang.String headerStr, byte[] bytes) Dumps (prints) the byte array.
static byte[]	getAESInitialValue(int engineBoots, int engineTime, byte[] salt) Returns the first 128 bits of the localized key Kul are used as the AES encryption key.
static byte[]	getAESKey(byte[] secretPrivacyKey) Returns the first 128 bits of the localized key Kul are used as the AES encryption key.
static byte[]	getDESInitialValue(byte[] secretPrivacyKey, byte[] salt) Returns the DES initial value.
static byte[]	getDESKey(byte[] secretPrivacyKey) Returns the DES key.
static byte[]	getFingerPrintMD5(byte[] key, byte[] message) Returns the 12 byte MD5 fingerprint.
static byte[]	getFingerPrintSHA1(byte[] key, byte[] message) Returns the 12 byte SHA1 fingerprint.
static byte[]	getLocalizedKeyMD5(byte[] passwKey, java.lang.String engineId) Converts the user's password and the SNMP Engine Id to the localized key using the MD5 protocol.
static byte[]	getLocalizedKeySHA1(byte[] passwKey, java.lang.String engineId) Converts the user's password and the SNMP Engine Id to the localized key using the SHA protocol.
static byte[]	getSaltAES() Returns the AES salt.
static byte[]	getSaltDES(int snmpEngineBoots) Returns the DES salt.
static java.lang.String	getSnmpVersionString(int version) Returns the String representation of the SNMP version number.
static byte	longToByte(long l) Converts one long value to its byte value.
static byte[]	longToByte(long[] l) Converts an array of long values to its array of byte values.
static byte[]	passwordToKeyMD5(java.lang.String password) Converts the user's password to an authentication key using the MD5 protocol.
static byte[]	passwordToKeySHA1(java.lang.String password) Converts the user's password to an authentication key using the SHA1 protocol.
static byte[]	toBytes(java.lang.String hexStr) Converts a hexadecimal ASCII string to a byte array.
static java.lang.String	toHex(int val) Converts one int to a hexadecimal ASCII string.
static java.lang.String	toHexString(byte[] bytes) Converts a byte array to a hexadecimal ASCII string.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

SnmpUtilities

public SnmpUtilities()

Method Detail

getSnmpVersionString

public static java.lang.String getSnmpVersionString(int version)

Returns the String representation of the SNMP version number.

Parameters:

version - The version number

Returns:

The corresponding String.

toBytes

public static byte[] toBytes(java.lang.String hexStr)

Converts a hexadecimal ASCII string to a byte array. The method is case insensitive, so F7 works as well as f7. The string should have the form F7d820 and should omit the '0x'. This method is the reverse of toHexString.

Parameters:

hexStr - The string representing a hexadecimal number

Returns:

the byte array of hexStr

See Also:

toHexString(byte[])

longToByte

public static byte longToByte(long l)
                       throws java.lang.IllegalArgumentException

Converts one long value to its byte value.

Parameters:

l - The long value

Returns:

It's byte value

Throws:

java.lang.IllegalArgumentException - when l is not in between 0 and 255.

Since:

4_14

See Also:

longToByte(long[])

longToByte

public static byte[] longToByte(long[] l)
                         throws java.lang.IllegalArgumentException

Converts an array of long values to its array of byte values.

Parameters:

l - The array of longs

Returns:

The array of bytes

Throws:

java.lang.IllegalArgumentException - when one of the longs is not in between 0 and 255.

Since:

4_14

See Also:

longToByte(long)

dumpBytes

public static void dumpBytes(java.lang.String headerStr,
                             byte[] bytes)

Dumps (prints) the byte array. Debug method.

Parameters:

headerStr - String that will be printed as header

bytes - Bytes to be dumped as hex.

toHexString

public static java.lang.String toHexString(byte[] bytes)

Converts a byte array to a hexadecimal ASCII string. The string will be in upper case and does not start with '0x'. This method is the reverse of toBytes.

Parameters:

bytes - The byte array

Returns:

The string representing the byte array

See Also:

toBytes(String)

toHex

public static java.lang.String toHex(int val)

Converts one int to a hexadecimal ASCII string.

Parameters:

val - The integer

Returns:

The hex string

areBytesEqual

public static boolean areBytesEqual(byte[] array1,
                                    byte[] array2)

Compaires two byte arrays and returns if they are equal.

Parameters:

array1 - the first byte array

array2 - the second byte array

Returns:

whether they are equal of not.

getLocalizedKeyMD5

public static byte[] getLocalizedKeyMD5(byte[] passwKey,
                                        java.lang.String engineId)

Converts the user's password and the SNMP Engine Id to the localized key using the MD5 protocol. Described in SNMP-USER-BASED-SM-MIB.

Parameters:

passwKey - The password key

engineId - The SNMP engine Id

See Also:

SnmpContextv3Basis.setUserAuthenticationPassword(String), passwordToKeyMD5(String)

getLocalizedKeySHA1

public static byte[] getLocalizedKeySHA1(byte[] passwKey,
                                         java.lang.String engineId)

Converts the user's password and the SNMP Engine Id to the localized key using the SHA protocol.

Parameters:

passwKey - The printable user password

engineId - The SNMP engine Id

See Also:

SnmpContextv3Basis.setUserAuthenticationPassword(String)

passwordToKeySHA1

public static byte[] passwordToKeySHA1(java.lang.String password)

Converts the user's password to an authentication key using the SHA1 protocol. Note, this is not the same as generating the localized key as is described in SNMP-USER-BASED-SM-MIB.

Parameters:

password - The printable user password

See Also:

SnmpContextv3Basis.setUserAuthenticationPassword(String), getLocalizedKeyMD5(byte[], java.lang.String)

passwordToKeyMD5

public static byte[] passwordToKeyMD5(java.lang.String password)

Converts the user's password to an authentication key using the MD5 protocol. Note, this is not the same as generating the localized key as is described in SNMP-USER-BASED-SM-MIB.

Parameters:

password - The printable user password

See Also:

SnmpContextv3Basis.setUserAuthenticationPassword(String), getLocalizedKeyMD5(byte[], java.lang.String)

getFingerPrintMD5

public static final byte[] getFingerPrintMD5(byte[] key,
                                             byte[] message)

Returns the 12 byte MD5 fingerprint.

Parameters:

key - The key

message - The message

See Also:

getFingerPrintSHA1(byte[], byte[])

getFingerPrintSHA1

public static final byte[] getFingerPrintSHA1(byte[] key,
                                              byte[] message)

Returns the 12 byte SHA1 fingerprint.

Parameters:

key - The key

message - The message

See Also:

getFingerPrintMD5(byte[], byte[])

getSaltDES

public static final byte[] getSaltDES(int snmpEngineBoots)

Returns the DES salt. The "salt" value is generated by concatenating the 32-bit snmpEngineBoots value with a 32-bit counter value that the encryption engine maintains. This 32-bit counter will be initialised to some arbitrary value at boot time.

See "A Practical Guide to SNMPv3 and Network Management" section 6.8 Privacy, p 194.

Parameters:

snmpEngineBoots - The (estimated) boots of the authoritative engine

Returns:

The salt

getSaltAES

public static byte[] getSaltAES()

Returns the AES salt.

Returns:

The salt

getDESKey

public static final byte[] getDESKey(byte[] secretPrivacyKey)
                              throws PduException

Returns the DES key. The 16-byte secret privacy key is made up of 8 bytes that make up the DES key and 8 bytes used as a preinitialisation vector.

Parameters:

secretPrivacyKey - The secret privacy key

Returns:

The key

Throws:

PduException

getAESKey

public static final byte[] getAESKey(byte[] secretPrivacyKey)
                              throws PduException

Returns the first 128 bits of the localized key Kul are used as the AES encryption key.

Parameters:

secretPrivacyKey - The secret privacy key

Returns:

The key

Throws:

PduException

getDESInitialValue

public static final byte[] getDESInitialValue(byte[] secretPrivacyKey,
                                              byte[] salt)
                                       throws PduException

Returns the DES initial value. The 16-byte secret privacy key is made up of 8 bytes that make up the DES key and 8 bytes used as a preinitialisation vector. The initialization vector that is used by the DES algorithm is the result of the 8-byte preinitialisation vector XOR-ed with the 8-byte "salt".

Parameters:

secretPrivacyKey - The secret privacy key

salt - The salt

Returns:

The initial value

Throws:

PduException

getAESInitialValue

public static byte[] getAESInitialValue(int engineBoots,
                                        int engineTime,
                                        byte[] salt)

Returns the first 128 bits of the localized key Kul are used as the AES encryption key. RFC 3826 3.1.2.1 AES Encryption Key and IV. The 128-bit IV is obtained as the concatenation of the authoritative SNMP engine's 32-bit snmpEngineBoots, the SNMP engine's 32-bit snmpEngineTime, and a local 64-bit integer. The 64-bit integer is initialized to a pseudo-random value at boot time.

AESencrypt

public static byte[] AESencrypt(byte[] plaintext,
                                byte[] secretPrivacyKey,
                                int engineBoots,
                                int engineTime,
                                byte[] salt)
                         throws EncodingException

Encrypts bytes using AES.

Parameters:

plaintext - The plain bytes

secretPrivacyKey - The secret privacy key

engineBoots -

engineTime -

salt - The salt

Returns:

The encrypted bytes

Throws:

EncodingException

DESencrypt

public static final byte[] DESencrypt(byte[] plain,
                                      byte[] secretPrivacyKey,
                                      byte[] salt)
                               throws EncodingException

Encrypts bytes using DES. The plaintext needs to be a multiple of 8 octets. If it isn't, it will be padded at the end. This plaintext will be divided into 64-bit blocks. The plaintext for each block is XOR-ed with the "ciphertext" of the previous block. The result is then encrypted, added to the encrypted PDU portion of the message, and used as the "ciphertext" for the next block. For the first block, the initialization vector is used as the "ciphertext".

Parameters:

plain - The plain bytes

secretPrivacyKey - The secret privacy key

salt - The salt

Returns:

The encrypted bytes

Throws:

EncodingException

DESdecrypt

public static final byte[] DESdecrypt(byte[] encryptedText,
                                      byte[] salt,
                                      byte[] secretPrivacyKey)
                               throws DecodingException

Decryptes bytes using DES.

• If the length of the data portion is not a multiple of 8 bytes, the message is discarded.
• The first encrypted text block is decrypted. The decryption result is XOR-ed with the initialization vector, and the result is the first plaintext block.
• The rest of the encrypted text blocks are treated similarly. They are decrypted, with the results being XOR-ed with the previous encrypted text block to obtain the plaintext block.

Parameters:

encryptedText - The encrypted text

salt - The salt

secretPrivacyKey - The secret privacy key

Returns:

The decrypted bytes

Throws:

DecodingException

AESdecrypt

public static final byte[] AESdecrypt(byte[] ciphertext,
                                      byte[] secretPrivacyKey,
                                      int engineBoots,
                                      int engineTime,
                                      byte[] salt)
                               throws DecodingException

Decrypts using AES. Note that it uses the _forward_ cipher mode.

Parameters:

ciphertext -

secretPrivacyKey - The secret privacy key

engineBoots -

engineTime -

salt - The salt

Returns:

The dencrypted bytes

Throws:

DecodingException