org.snmp4j.security (SNMP4J 2.8.0)

Interface Summary
Interface	Description
AuthenticationProtocol	The `AuthenticationProtocol` interface defines a common interface for all SNMP authentication protocols.
PrivacyProtocol	The `PrivacyProtocol` interface defines a common interface for all SNMP privacy protocols.
SecurityModel	The `SecurityModel` interface as described in RFC3411 section 4.4 and RFC 5590 section 5.
SecurityParameters	The `SecurityParameters` interface represents the security parameters in a SNMPv3 message.
SecurityProtocol	The `SecurityProtocol` class defines common methods of authentication and privacy protocols.
SecurityStateReference	The `SecurityStateReference` interface is an empty marker interface for security model dependent state references.

Class Summary
Class	Description
AuthGeneric	The abstract class AuthGeneric implements common operations for SNMP authentication protocols, such as MD5 and SHA.
AuthHMAC128SHA224	The class `AuthHMAC128SHA224` implements the usmHMAC128SHA224AuthProtocol defined by RFC 7630.
AuthHMAC192SHA256	The class `AuthHMAC192SHA256` implements the usmHMAC192SHA2256AuthProtocol defined by RFC 7630.
AuthHMAC256SHA384	The class `AuthHMAC256SHA384` implements the usmHMAC256SHA3846AuthProtocol defined by RFC 7630.
AuthHMAC384SHA512	The class `AuthHMAC384SHA512` implements the usmHMAC384SHA5126AuthProtocol defined by RFC 7630.
AuthMD5	The AuthMD5 class implements the MD5 authentication protocol.
AuthSHA	The `SHA` class implements the Secure Hash Authentication.
AuthSHA2	The `SHA-2` class implements the Secure Hash Authentication 2.
ByteArrayWindow	The `ByteArrayWindow` provides windowed access to a subarray of a byte array.
CipherPool	The CipherPool class provides service to share and reuse Cipher instances, across different threads.
DecryptParams	Parameter class for encrypt and decrypt methods of `SecurityProtocol`.
Priv3DES	Privacy protocol class for Triple DES (DESEDE).
PrivacyGeneric	The PrivacyGeneric abstract class implements common functionality of privacy protocols.
PrivAES	Base class for PrivAES128, PrivAES192 and PrivAES256.
PrivAES128	Encryption class for AES 128.
PrivAES192	Encryption class for AES 192.
PrivAES256	Encryption class for AES 256.
PrivDES	Privacy protocol class for DES.
SecurityModels	The `SecurityModels` class is a collection of all supported security models of a SNMP entity.
SecurityProtocols	The `SecurityProtocols` class holds all authentication and privacy protocols for a SNMP entity.
SNMPv3SecurityModel	The abstract class `SNMPv3SecurityModel` implements common methods and fields for security models for the SNMPv3 message processing model.
TSM	The `TSM` (Transport Security Model) implements a `SecurityModel` which uses transport security mechanisms as defined in RFC 5591.
TsmSecurityParameters	`SecurityParameters` implementation for the `TSM` security model.
TsmSecurityStateReference	The `TsmSecurityStateReference` holds cached security data for the `TSM` security model.
USM	The `USM` class implements the User Based Security Model (USM) as defined in RFC 3414.
UsmSecurityParameters
UsmSecurityStateReference	The `UsmSecurityStateReference` holds cached security data for the `USM` security model.
UsmTimeEntry	The `UsmTimeEntry` class represents time synchronization information associated with an engine ID.
UsmTimeTable	The `UsmTimeTable` class is a singleton that stores USM user information as part of the Local Configuration Datastore (LCD).
UsmUser	The `UsmUser` class represents USM user providing information to secure SNMPv3 message exchange.
UsmUserEntry	The `UsmUserEntry` class represents a user in the Local Configuration Datastore (LCD).
UsmUserTable	The `UsmUserTable` class stores USM user information as part of the Local Configuration Datastore (LCD).
UsmUserTable.UsmUserKey

Enum Summary
Enum Description

SecurityLevel
The SecurityLevel interface contains enumerated values for the different security levels.

Enum Summary
Enum	Description
SecurityLevel	The `SecurityLevel` interface contains enumerated values for the different security levels.

Package org.snmp4j.security Description

Provides classes and interfaces for authentication and privacy of SNMP(v3) messages.

The org.snmp4j.security package contains three groups of classes and interfaces:

The authentication protocols group contains interfaces and classes for authentication of SNMP(v3) messages.
The privacy protocols group contains interfaces and classes for encryption and decryption of SNMP(v3) messages.
The security model group combines authentication and privacy protocols to provide security services to message processing models.

Authentication as well as privacy protocols are security protocols and thus both are derived from the common interface SecurityProtocol. In order to be able to use a security protocol with SNMP4J, the protocol implementation class has to be registered with the SecurityProtocols singleton, which provides access to authentication and privacy protocols.

Authentication Protocols

All SNMP4J authentication protocol implementations have to implement the AuthenticationProtocol interface. SNMP4J provides implementation for the following authentication protocols:

MD5, which is implemented by AuthMD5 and
SHA, which is implemented by AuthSHA.

Privacy Protocols

All SNMP4J privacy protocol implementations have to implement the PrivacyProtocol interface. SNMP4J provides implementation for the following privacy protocols:

DES in CBC mode, which is implemented by PrivDES and
AES with 128bit key, which is implemented by PrivAES128.
AES with 192bit key, which is implemented by PrivAES192.
AES with 256bit key, which is implemented by PrivAES256. In order to be able to use 256bit strong encryption, the strong encryption enhancement package has to be downloaded and installed.

Security Models

All SNMP4J security models have to implement the SecurityModel interface. Before a security model can be used with SNMP4J, it has to be registered with the SecurityModels singleton which provides access to security models. SNMP4J implements a single security model, the User Based Security Model (USM).

The USM class uses a user name table (which contains user names) and a user table (which contains localized user information) to store user information. A time table is used to store time information about SNMP engines to protect SNMP communication against replay attacks if the corresponding security level has chosen.

The following UML class diagram shows the most important classes of the org.snmp4j.security package and their relationships (relationships to other packages are not shown):