Package org.snmp4j.security
The org.snmp4j.security package contains three groups of
classes and interfaces:
- The authentication protocols group contains interfaces and classes for authentication of SNMP(v3) messages.
- The privacy protocols group contains interfaces and classes for encryption and decryption of SNMP(v3) messages.
- The security model group combines authentication and privacy protocols to provide security services to message processing models.
Authentication as well as privacy protocols are security protocols and
thus both are derived from the common interface SecurityProtocol.
In order to be able to use a security protocol with SNMP4J, the protocol
implementation class has to be registered with the
SecurityProtocols singleton, which provides access to
authentication and privacy protocols.
Authentication Protocols
All SNMP4J authentication protocol implementations have to implement the
AuthenticationProtocol interface. SNMP4J provides implementation
for the following authentication protocols:
- MD5, which is implemented by
AuthMD5and - SHA, which is implemented by
AuthSHA.
Privacy Protocols
All SNMP4J privacy protocol implementations have to implement the
PrivacyProtocol interface. SNMP4J provides implementation
for the following privacy protocols:
- DES in CBC mode, which is implemented by
PrivDESand - AES with 128bit key, which is implemented by
PrivAES128. - AES with 192bit key, which is implemented by
PrivAES192. - AES with 256bit key, which is implemented by
PrivAES256. In order to be able to use 256bit strong encryption, the strong encryption enhancement package has to be downloaded and installed.
Security Models
All SNMP4J security models have to implement the SecurityModel
interface. Before a security model can be used with SNMP4J, it has to be
registered with the SecurityModels singleton which provides
access to security models. SNMP4J implements a single security model, the
User Based Security Model (USM).
The USM class uses a user name table (which contains
user names) and a user table (which contains localized user information) to
store user information. A time table is used to store time information
about SNMP engines to protect SNMP communication against replay attacks
if the corresponding security level has chosen.
The following UML class diagram shows the most important classes of the
org.snmp4j.security package and their relationships
(relationships to other packages are not shown):

-
Interface Summary Interface Description AuthenticationProtocol TheAuthenticationProtocolinterface defines a common interface for all SNMP authentication protocols.PrivacyProtocol ThePrivacyProtocolinterface defines a common interface for all SNMP privacy protocols.SecurityModel TheSecurityModelinterface as described in RFC3411 section 4.4 and RFC 5590 section 5.SecurityParameters TheSecurityParametersinterface represents the security parameters in a SNMPv3 message.SecurityProtocol TheSecurityProtocolclass defines common methods of authentication and privacy protocols.SecurityStateReference TheSecurityStateReferenceinterface is an empty marker interface for security model dependent state references. -
Class Summary Class Description AuthGeneric The abstract class AuthGeneric implements common operations for SNMP authentication protocols, such as MD5 and SHA.AuthHMAC128SHA224 The classAuthHMAC128SHA224implements the usmHMAC128SHA224AuthProtocol defined by RFC 7630.AuthHMAC192SHA256 The classAuthHMAC192SHA256implements the usmHMAC192SHA2256AuthProtocol defined by RFC 7630.AuthHMAC256SHA384 The classAuthHMAC256SHA384implements the usmHMAC256SHA3846AuthProtocol defined by RFC 7630.AuthHMAC384SHA512 The classAuthHMAC384SHA512implements the usmHMAC384SHA5126AuthProtocol defined by RFC 7630.AuthMD5 The AuthMD5 class implements the MD5 authentication protocol.AuthSHA TheSHAclass implements the Secure Hash Authentication.AuthSHA2 TheSHA-2class implements the Secure Hash Authentication 2.ByteArrayWindow TheByteArrayWindowprovides windowed access to a subarray of a byte array.CipherPool The CipherPool class provides service to share and reuse Cipher instances, across different threads.DecryptParams Parameter class for encrypt and decrypt methods ofSecurityProtocol.Priv3DES Privacy protocol class for Triple DES (DESEDE).PrivacyGeneric The PrivacyGeneric abstract class implements common functionality of privacy protocols.PrivAES Base class for PrivAES128, PrivAES192 and PrivAES256.PrivAES128 Encryption class for AES 128.PrivAES192 Encryption class for AES 192.PrivAES256 Encryption class for AES 256.PrivDES Privacy protocol class for DES.Salt Class that holds a 64 bit salt value for crypto operations.SecurityModels TheSecurityModelsclass is a collection of all supported security models of a SNMP entity.SecurityProtocols TheSecurityProtocolsclass holds all authentication and privacy protocols for a SNMP entity.SNMPv3SecurityModel The abstract classSNMPv3SecurityModelimplements common methods and fields for security models for the SNMPv3 message processing model.TSM TheTSM(Transport Security Model) implements aSecurityModelwhich uses transport security mechanisms as defined in RFC 5591.TsmSecurityParameters SecurityParametersimplementation for theTSMsecurity model.TsmSecurityStateReference TheTsmSecurityStateReferenceholds cached security data for theTSMsecurity model.USM TheUSMclass implements the User Based Security Model (USM) as defined in RFC 3414.UsmSecurityParameters UsmSecurityStateReference TheUsmSecurityStateReferenceholds cached security data for theUSMsecurity model.UsmTimeEntry TheUsmTimeEntryclass represents time synchronization information associated with an engine ID.UsmTimeTable TheUsmTimeTableclass is a singleton that stores USM user information as part of the Local Configuration Datastore (LCD).UsmUser TheUsmUserclass represents USM user providing information to secure SNMPv3 message exchange.UsmUserEntry TheUsmUserEntryclass represents a user in the Local Configuration Datastore (LCD).UsmUserTable TheUsmUserTableclass stores USM user information as part of the Local Configuration Datastore (LCD).UsmUserTable.UsmUserKey -
Enum Summary Enum Description SecurityLevel TheSecurityLevelinterface contains enumerated values for the different security levels.SecurityProtocols.SecurityProtocolType