AuthenticationProtocol


1   /*_############################################################################
2     _## 
3     _##  SNMP4J - AuthenticationProtocol.java  
4     _## 
5     _##  Copyright 2003-2007  Frank Fock and Jochen Katz (SNMP4J.org)
6     _##  
7     _##  Licensed under the Apache License, Version 2.0 (the "License");
8     _##  you may not use this file except in compliance with the License.
9     _##  You may obtain a copy of the License at
10    _##  
11    _##      http://www.apache.org/licenses/LICENSE-2.0
12    _##  
13    _##  Unless required by applicable law or agreed to in writing, software
14    _##  distributed under the License is distributed on an "AS IS" BASIS,
15    _##  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16    _##  See the License for the specific language governing permissions and
17    _##  limitations under the License.
18    _##  
19    _##########################################################################*/
20  
21  
22  
23  
24  
25  package org.snmp4j.security;
26  
27  import org.snmp4j.smi.OID;
28  import org.snmp4j.smi.OctetString;
29  
30  /**
31   * The <code>AuthenticationProtocol</code> interface defines a common
32   * interface for all SNMP authentication protocols.
33   *
34   * @author Frank Fock
35   * @version 1.0
36   */
37  public interface AuthenticationProtocol extends SecurityProtocol {
38  
39    int MESSAGE_AUTHENTICATION_CODE_LENGTH = 12;
40  
41    /**
42     * Authenticates an outgoing message.
43     *
44     * This method fills the authentication parameters field of the
45     * given message. The parameter <code>digestOffset</code> offset is pointing
46     * inside the message buffer and must be zeroed before the authentication
47     * value is computed.
48     *
49     * @param authenticationKey
50     *    the authentication key to be used for authenticating the message.
51     * @param message
52     *    the entire message for which the digest should be determined.
53     * @param messageOffset
54     *    the offset in <code>message</code> where the message actually starts.
55     * @param messageLength
56     *    the actual message length (may be smaller than
57     *    <code>message.length</code>).
58     * @param digest
59     *    the offset in <code>message</code> where to store the digest.
60     * @return
61     *    <code>true</code> if the message digest has been successfully computed
62     *    and set, <code>false</code> otherwise.
63     */
64    boolean authenticate(byte[] authenticationKey,
65                         byte[] message,
66                         int messageOffset,
67                         int messageLength,
68                         ByteArrayWindow digest);
69  
70    /**
71     * Authenticates an incoming message.
72     *
73     * This method checks if the value in the authentication parameters
74     * field of the message is valid.
75     *
76     * The following procedure is used to verify the authenitcation value
77     * <UL>
78     * <LI> copy the authentication value to a temp buffer
79     * <LI> zero the auth field
80     * <LI> recalculate the authenthication value
81     * <LI> compare the two authentcation values
82     * <LI> write back the received authentication value
83     * </UL>
84     *
85     * @param authenticationKey
86     *    the authentication key to be used for authenticating the message.
87     * @param message
88     *    the entire message for which the digest should be determined.
89     * @param messageOffset
90     *    the offset in <code>message</code> where the message actually starts.
91     * @param messageLength
92     *    the actual message length (may be smaller than
93     *    <code>message.length</code>).
94     * @param digest
95     *    the digest of the <code>message</code>.
96     * @return
97     *    <code>true</code> if the message is authentic, <code>false</code>
98     *   otherwise.
99     */
100   boolean isAuthentic(byte[] authenticationKey,
101                       byte[] message,
102                       int messageOffset,
103                       int messageLength,
104                       ByteArrayWindow digest);
105 
106 
107   /**
108    * Computes the delta digest needed to remotely change an user's
109    * authenitcation key. The length of the old key (e.g. 16 for MD5,
110    * 20 for SHA) must match the length of the new key.
111    *
112    * @param oldKey
113    *    the old authentication/privacy key.
114    * @param newKey
115    *    the new authentication/privacy key.
116    * @param random
117    *    the random 'seed' to be used to produce the digest.
118    * @return
119    *   the byte array representing the delta for key change operations.
120    *   To obtain the key change value, append this delta to the
121    *   <code>random</code> array.
122    */
123   byte[] changeDelta(byte[] oldKey,
124                      byte[] newKey,
125                      byte[] random);
126 
127   /**
128    * Gets the OID uniquely identifying the authentication protocol.
129    * @return
130    *    an <code>OID</code> instance.
131    */
132   OID getID();
133 
134   /**
135    * Generates the localized key for the given password and engine id.
136    *
137    * @param passwordString
138    *    the authentication pass phrase.
139    * @param engineID
140    *    the engine ID of the authoritative engine.
141    * @return
142    *    the localized authentication key.
143    */
144   byte[] passwordToKey(OctetString passwordString, byte[] engineID);
145 
146   /**
147    * Generates a hash value for the given data.
148    *
149    * @param data
150    *    the data
151    * @return
152    *    the generated hash.
153    */
154   byte[] hash(byte[] data);
155 
156   /**
157    * Generates a hash value for the given data.
158    *
159    * @param data
160    *    the data
161    * @param offset
162    *     offset into data
163    *  @param length
164    *     length of data to hash
165    * @return
166    *    the generated hash.
167    */
168   byte[] hash(byte[] data, int offset, int length);
169 
170   /**
171    * Gets the length of the digest generated by this authentication protocol.
172    * This value can be used to compute the BER encoded length of the security
173    * parameters for authentication.
174    *
175    * @return
176    *    the number of bytes of digests generated by this authentication
177    *    procotol.
178    */
179   int getDigestLength();
180 }
181 
182
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags