001: /*_############################################################################
002: _##
003: _## SNMP4J - UsmSecurityParameters.java
004: _##
005: _## Copyright (C) 2003-2008 Frank Fock and Jochen Katz (SNMP4J.org)
006: _##
007: _## Licensed under the Apache License, Version 2.0 (the "License");
008: _## you may not use this file except in compliance with the License.
009: _## You may obtain a copy of the License at
010: _##
011: _## http://www.apache.org/licenses/LICENSE-2.0
012: _##
013: _## Unless required by applicable law or agreed to in writing, software
014: _## distributed under the License is distributed on an "AS IS" BASIS,
015: _## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
016: _## See the License for the specific language governing permissions and
017: _## limitations under the License.
018: _##
019: _##########################################################################*/
020:
021: package org.snmp4j.security;
022:
023: import java.io.*;
024: import org.snmp4j.asn1.*;
025: import org.snmp4j.asn1.BER.*;
026: import org.snmp4j.smi.*;
027: import org.snmp4j.security.SecurityLevel;
028: import org.snmp4j.log.LogFactory;
029: import org.snmp4j.log.LogAdapter;
030:
031: public class UsmSecurityParameters implements SecurityParameters {
032:
033: private static final LogAdapter logger = LogFactory
034: .getLogger(UsmSecurityParameters.class);
035:
036: private static final int MAX_BER_LENGTH_WITHOU_SEC_PARAMS = 32 + 2
037: + 6 + 6 + 32 + 2;
038:
039: private OctetString authoritativeEngineID = new OctetString();
040: private Integer32 authoritativeEngineBoots = new Integer32();
041: private Integer32 authoritativeEngineTime = new Integer32();
042: private OctetString userName = new OctetString();
043: private AuthenticationProtocol authenticationProtocol = null;
044: private PrivacyProtocol privacyProtocol = null;
045: private byte[] authenticationKey;
046: private byte[] privacyKey;
047: private OctetString privacyParameters = new OctetString();
048: private OctetString authenticationParameters = new OctetString();
049: private int securityParametersPosition = -1;
050: private int authParametersPosition = -1;
051: private int decodedLength = -1;
052:
053: public UsmSecurityParameters() {
054: }
055:
056: public UsmSecurityParameters(OctetString authoritativeEngineID,
057: Integer32 authoritativeEngineBoots,
058: Integer32 authoritativeEngineTime, OctetString userName,
059: AuthenticationProtocol authenticationProtocol,
060: PrivacyProtocol privacyProtocol) {
061: this .authoritativeEngineID = authoritativeEngineID;
062: this .authoritativeEngineBoots = authoritativeEngineBoots;
063: this .authoritativeEngineTime = authoritativeEngineTime;
064: this .privacyProtocol = privacyProtocol;
065: this .userName = userName;
066: this .authenticationProtocol = authenticationProtocol;
067: }
068:
069: public byte[] getAuthoritativeEngineID() {
070: return authoritativeEngineID.getValue();
071: }
072:
073: public void setAuthoritativeEngineID(byte[] authoritativeEngineID) {
074: if (authoritativeEngineID == null) {
075: throw new NullPointerException(
076: "Authoritative engine ID must not be null");
077: }
078: this .authoritativeEngineID.setValue(authoritativeEngineID);
079: }
080:
081: public void setAuthoritativeEngineBoots(int authoritativeEngineBoots) {
082: this .authoritativeEngineBoots
083: .setValue(authoritativeEngineBoots);
084: }
085:
086: public int getAuthoritativeEngineBoots() {
087: return authoritativeEngineBoots.getValue();
088: }
089:
090: public void setAuthoritativeEngineTime(int authoritativeEngineTime) {
091: this .authoritativeEngineTime.setValue(authoritativeEngineTime);
092: }
093:
094: public int getAuthoritativeEngineTime() {
095: return authoritativeEngineTime.getValue();
096: }
097:
098: public void setUserName(org.snmp4j.smi.OctetString userName) {
099: this .userName = userName;
100: }
101:
102: public org.snmp4j.smi.OctetString getUserName() {
103: return userName;
104: }
105:
106: public void setAuthenticationProtocol(
107: AuthenticationProtocol authenticationProtocol) {
108: this .authenticationProtocol = authenticationProtocol;
109: }
110:
111: public AuthenticationProtocol getAuthenticationProtocol() {
112: return authenticationProtocol;
113: }
114:
115: public void setPrivacyProtocol(PrivacyProtocol privacyProtocol) {
116: this .privacyProtocol = privacyProtocol;
117: }
118:
119: public PrivacyProtocol getPrivacyProtocol() {
120: return privacyProtocol;
121: }
122:
123: public int getBERLength() {
124: int length = getBERPayloadLength();
125: return length + BER.getBERLengthOfLength(length) + 1;
126: }
127:
128: public int getBERPayloadLength() {
129: int length = getBERUsmPayloadLength();
130: length += BER.getBERLengthOfLength(length) + 1;
131: return length;
132: }
133:
134: public void decodeBER(BERInputStream inputStream)
135: throws IOException {
136: int pos = (int) inputStream.getPosition();
137: this .decodedLength = pos;
138: MutableByte mutableByte = new MutableByte();
139: int octetLength = BER.decodeHeader(inputStream, mutableByte);
140: long startPos = inputStream.getPosition();
141: if (mutableByte.getValue() != BER.OCTETSTRING) {
142: String txt = "BER decoding error: Expected BER OCTETSTRING but found: "
143: + mutableByte.getValue();
144: logger.warn(txt);
145: throw new IOException(txt);
146: }
147: int length = BER.decodeHeader(inputStream, mutableByte);
148: long startPosSeq = inputStream.getPosition();
149: if (mutableByte.getValue() != BER.SEQUENCE) {
150: String txt = "BER decoding error: Expected BER SEQUENCE but found: "
151: + mutableByte.getValue();
152: logger.warn(txt);
153: throw new IOException(txt);
154: }
155: authoritativeEngineID.decodeBER(inputStream);
156: authoritativeEngineBoots.decodeBER(inputStream);
157: authoritativeEngineTime.decodeBER(inputStream);
158: userName.decodeBER(inputStream);
159: this .authParametersPosition = (int) (inputStream.getPosition() - pos);
160: pos = (int) inputStream.getPosition();
161: authenticationParameters.decodeBER(inputStream);
162: this .authParametersPosition += (inputStream.getPosition() - pos)
163: - authenticationParameters.getBERPayloadLength();
164:
165: privacyParameters.decodeBER(inputStream);
166: this .decodedLength = (int) (inputStream.getPosition() - decodedLength);
167: if (BER.isCheckSequenceLength()) {
168: // check length
169: BER.checkSequenceLength(length, (int) (inputStream
170: .getPosition() - startPosSeq), this );
171: BER.checkSequenceLength(octetLength, (int) (inputStream
172: .getPosition() - startPos), this );
173: }
174: }
175:
176: private int getBEREncodedAuthParamsPosition() {
177: int length = getBERLength()
178: - (authenticationParameters.getBERPayloadLength() + privacyParameters
179: .getBERLength());
180: return length;
181: }
182:
183: public void encodeBER(OutputStream outputStream) throws IOException {
184: BER.encodeHeader(outputStream, BER.OCTETSTRING,
185: getBERPayloadLength());
186: BER.encodeHeader(outputStream, BER.SEQUENCE,
187: getBERUsmPayloadLength());
188: authoritativeEngineID.encodeBER(outputStream);
189: authoritativeEngineBoots.encodeBER(outputStream);
190: authoritativeEngineTime.encodeBER(outputStream);
191: userName.encodeBER(outputStream);
192: authenticationParameters.encodeBER(outputStream);
193: privacyParameters.encodeBER(outputStream);
194: }
195:
196: /**
197: * getBERUsmPayloadLength
198: *
199: * @return int
200: */
201: public int getBERUsmPayloadLength() {
202: int length = authoritativeEngineID.getBERLength();
203: length += authoritativeEngineBoots.getBERLength();
204: length += authoritativeEngineTime.getBERLength();
205: length += userName.getBERLength();
206: length += authenticationParameters.getBERLength();
207: length += privacyParameters.getBERLength();
208: return length;
209: }
210:
211: public int getBERMaxLength(int securityLevel) {
212: SecurityProtocols secProtocol = SecurityProtocols.getInstance();
213: int securityParamsLength = 2;
214: if (securityLevel > SecurityLevel.NOAUTH_NOPRIV) {
215: securityParamsLength = secProtocol.getMaxAuthDigestLength()
216: + BER.getBERLengthOfLength(secProtocol
217: .getMaxAuthDigestLength()) + 1;
218:
219: if (securityLevel == SecurityLevel.AUTH_PRIV) {
220: securityParamsLength += secProtocol
221: .getMaxPrivDecryptParamsLength()
222: + BER.getBERLengthOfLength(secProtocol
223: .getMaxPrivDecryptParamsLength()) + 1;
224: }
225: }
226: return MAX_BER_LENGTH_WITHOU_SEC_PARAMS
227: + securityParamsLength
228: + BER
229: .getBERLengthOfLength(MAX_BER_LENGTH_WITHOU_SEC_PARAMS
230: + securityParamsLength) + 1;
231: }
232:
233: public byte[] getAuthenticationKey() {
234: return authenticationKey;
235: }
236:
237: public void setAuthenticationKey(byte[] authenticationKey) {
238: this .authenticationKey = authenticationKey;
239: }
240:
241: public byte[] getPrivacyKey() {
242: return privacyKey;
243: }
244:
245: public void setPrivacyKey(byte[] privacyKey) {
246: this .privacyKey = privacyKey;
247: }
248:
249: public org.snmp4j.smi.OctetString getPrivacyParameters() {
250: return privacyParameters;
251: }
252:
253: public void setPrivacyParameters(
254: org.snmp4j.smi.OctetString privacyParameters) {
255: this .privacyParameters = privacyParameters;
256: }
257:
258: public org.snmp4j.smi.OctetString getAuthenticationParameters() {
259: return authenticationParameters;
260: }
261:
262: public void setAuthenticationParameters(
263: org.snmp4j.smi.OctetString authenticationParameters) {
264: this .authenticationParameters = authenticationParameters;
265: }
266:
267: public int getSecurityParametersPosition() {
268: return securityParametersPosition;
269: }
270:
271: public void setSecurityParametersPosition(
272: int securityParametersPosition) {
273: this .securityParametersPosition = securityParametersPosition;
274: }
275:
276: public int getAuthParametersPosition() {
277: if (authParametersPosition >= 0) {
278: return authParametersPosition;
279: } else {
280: return getBEREncodedAuthParamsPosition();
281: }
282: }
283:
284: /**
285: * getScopedPduPosition
286: *
287: * @return int
288: */
289: public int getScopedPduPosition() {
290: if (decodedLength >= 0) {
291: return decodedLength + getSecurityParametersPosition();
292: } else {
293: return getSecurityParametersPosition() + getBERLength();
294: }
295: }
296:
297: }
|