📄 usm.java
字号:
securityEngineID,
securityName,
securityLevel,
scopedPDU,
null,
securityParameters,
wholeMsg);
}
public UsmUserEntry getUser(OctetString engineID, OctetString securityName) {
if (logger.isDebugEnabled()) {
logger.debug("getUser(engineID="+engineID.toHexString()+
", securityName="+securityName.toString()+")");
}
UsmUserEntry entry = userTable.getUser(engineID, securityName);
if (entry == null) {
entry = userTable.getUser(securityName);
if ((entry == null) && (securityName.length() > 0)) {
if (logger.isDebugEnabled()) {
logger.debug("USM.getUser - User '"+securityName+"' unknown");
}
return null;
}
else {
if ((entry == null) || (engineID.length() == 0)) {
// do not add user
entry = new UsmUserEntry();
entry.setUserName(securityName);
entry.setUsmUser(new UsmUser(securityName, null, null, null, null));
return entry;
}
else {
// add a new user
OID authProtocolOID = entry.getUsmUser().getAuthenticationProtocol();
OID privProtocolOID = entry.getUsmUser().getPrivacyProtocol();
if (authProtocolOID != null) {
byte[] authKey;
if (entry.getUsmUser().isLocalized()) {
authKey =
entry.getUsmUser().getAuthenticationPassphrase().getValue();
}
else {
authKey = securityProtocols.passwordToKey(authProtocolOID,
entry.getUsmUser().getAuthenticationPassphrase(),
engineID.getValue());
}
byte[] privKey = null;
if (privProtocolOID != null) {
if (entry.getUsmUser().isLocalized()) {
privKey = entry.getUsmUser().getPrivacyPassphrase().getValue();
}
else {
privKey = securityProtocols.passwordToKey(privProtocolOID,
authProtocolOID,
entry.getUsmUser().getPrivacyPassphrase(),
engineID.getValue());
}
}
entry = addLocalizedUser(engineID.getValue(), securityName,
authProtocolOID, authKey,
privProtocolOID, privKey);
}
}
}
}
return entry;
}
public int generateResponseMessage(int snmpVersion,
byte[] globalData,
int maxMessageSize,
int securityModel,
byte[] securityEngineID,
byte[] securityName,
int securityLevel,
BERInputStream scopedPDU,
SecurityStateReference
securityStateReference,
SecurityParameters securityParameters,
BEROutputStream wholeMsg) throws IOException {
UsmSecurityParameters usmSecurityParams =
(UsmSecurityParameters) securityParameters;
if (securityStateReference != null) {
// this is a response or report
UsmSecurityStateReference usmSecurityStateReference =
(UsmSecurityStateReference) securityStateReference;
if (usmSecurityStateReference.getSecurityEngineID() == null) {
usmSecurityParams.setAuthoritativeEngineID(securityEngineID);
usmSecurityStateReference.setSecurityEngineID(securityEngineID);
}
if (usmSecurityStateReference.getSecurityName() == null) {
OctetString userName = new OctetString(securityName);
usmSecurityStateReference.setSecurityName(userName.getValue());
usmSecurityParams.setUserName(userName);
OctetString secName =
getSecurityName(new OctetString(securityEngineID), userName);
if ((secName != null) &&
(secName.length() <= MAXLEN_USMUSERNAME)) {
usmSecurityParams.setUserName(secName);
}
}
else {
usmSecurityParams.setUserName(new OctetString(usmSecurityStateReference.getSecurityName()));
}
usmSecurityParams.setAuthenticationProtocol(usmSecurityStateReference.
getAuthenticationProtocol());
usmSecurityParams.setPrivacyProtocol(usmSecurityStateReference.
getPrivacyProtocol());
usmSecurityParams.setAuthenticationKey(usmSecurityStateReference.
getAuthenticationKey());
usmSecurityParams.setPrivacyKey(usmSecurityStateReference.getPrivacyKey());
}
else {
OctetString secEngineID = new OctetString();
if (securityEngineID != null) {
secEngineID.setValue(securityEngineID);
}
OctetString secName = new OctetString(securityName);
UsmUserEntry user;
if (secEngineID.length() == 0) {
if (isEngineDiscoveryEnabled()) {
user = new UsmUserEntry();
}
else {
if (logger.isDebugEnabled()) {
logger.debug("Engine ID unknown and discovery disabled");
}
return SnmpConstants.SNMPv3_USM_UNKNOWN_ENGINEID;
}
}
else {
user = getUser(secEngineID, secName);
}
if (user == null) {
if (logger.isDebugEnabled()) {
logger.debug("Security name not found for engineID=" +
secEngineID.toHexString() + ", securityName=" +
secName.toHexString());
}
return SnmpConstants.SNMPv3_USM_UNKNOWN_SECURITY_NAME;
}
AuthenticationProtocol auth =
securityProtocols.getAuthenticationProtocol(user.getUsmUser().getAuthenticationProtocol());
PrivacyProtocol priv =
securityProtocols.getPrivacyProtocol(user.getUsmUser().getPrivacyProtocol());
usmSecurityParams.setAuthenticationProtocol(auth);
usmSecurityParams.setPrivacyProtocol(priv);
usmSecurityParams.setAuthenticationKey(user.getAuthenticationKey());
usmSecurityParams.setPrivacyKey(user.getPrivacyKey());
usmSecurityParams.setUserName(user.getUsmUser().getSecurityName());
usmSecurityParams.setAuthoritativeEngineID(secEngineID.getValue());
}
// Check length of userName and engineID
if (usmSecurityParams.getAuthoritativeEngineID().length > MPv3.MAXLEN_ENGINE_ID) {
logger.error("Engine ID too long: "+
usmSecurityParams.getAuthoritativeEngineID().length+">"+
MPv3.MAXLEN_ENGINE_ID+ " for "+
new OctetString(usmSecurityParams.getAuthoritativeEngineID())
.toHexString());
return SnmpConstants.SNMPv3_USM_ERROR;
}
if (securityName.length > MAXLEN_USMUSERNAME) {
logger.error("Security name too long: "+
usmSecurityParams.getAuthoritativeEngineID().length+">"+
MAXLEN_USMUSERNAME+ " for "+
new OctetString(securityName).toHexString());
return SnmpConstants.SNMPv3_USM_ERROR;
}
if (securityLevel >= SecurityLevel.AUTH_NOPRIV) {
if (securityStateReference != null) {
// request or response
usmSecurityParams.setAuthoritativeEngineBoots(getEngineBoots());
usmSecurityParams.setAuthoritativeEngineTime(getEngineTime());
}
else {
// get engineBoots, engineTime
OctetString secEngineID = new OctetString(securityEngineID);
UsmTimeEntry entry = timeTable.getTime(secEngineID);
if (entry == null) {
entry =
new UsmTimeEntry(secEngineID,
usmSecurityParams.getAuthoritativeEngineBoots(),
usmSecurityParams.
getAuthoritativeEngineTime());
timeTable.addEntry(entry);
}
else {
usmSecurityParams.setAuthoritativeEngineBoots(entry.getEngineBoots());
usmSecurityParams.setAuthoritativeEngineTime(entry.
getLatestReceivedTime());
}
}
}
if ((securityLevel >= SecurityLevel.AUTH_NOPRIV) &&
(usmSecurityParams.getAuthenticationProtocol() == null)) {
return SnmpConstants.SNMPv3_USM_UNSUPPORTED_SECURITY_LEVEL;
}
byte[] scopedPduBytes = buildMessageBuffer(scopedPDU);
if (securityLevel == SecurityLevel.AUTH_PRIV) {
if (usmSecurityParams.getPrivacyProtocol() == null) {
if (logger.isDebugEnabled()) {
logger.debug("Unsupported security level (missing or unsupported privacy protocol)");
}
return SnmpConstants.SNMPv3_USM_UNSUPPORTED_SECURITY_LEVEL;
}
logger.debug("RFC3414 ⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -