org.snmp4j.security

Class TSM

java.lang.Object

org.snmp4j.security.SNMPv3SecurityModel

org.snmp4j.security.TSM

All Implemented Interfaces:

SecurityModel

public class TSM
extends SNMPv3SecurityModel

The TSM (Transport Security Model) implements a SecurityModel which uses transport security mechanisms as defined in RFC 5591.

Since:

2.0

Version:

2.0

Author:

Frank Fock

Field Summary

Fields inherited from class org.snmp4j.security.SNMPv3SecurityModel

localEngineID

Fields inherited from interface org.snmp4j.security.SecurityModel

SECURITY_MODEL_ANY, SECURITY_MODEL_SNMPv1, SECURITY_MODEL_SNMPv2c, SECURITY_MODEL_TSM, SECURITY_MODEL_USM

Constructor Summary

Constructors

Constructor and Description
TSM()
TSM(OctetString localEngineID, boolean usePrefix)

Method Summary

Modifier and Type	Method and Description
protected void	fireIncrementCounter(CounterEvent e)
int	generateRequestMessage(int messageProcessingModel, byte[] globalData, int maxMessageSize, int securityModel, byte[] securityEngineID, byte[] securityName, int securityLevel, BERInputStream scopedPDU, SecurityParameters securityParameters, BEROutputStream wholeMsg, TransportStateReference tmStateReference) Generate a request message.
int	generateResponseMessage(int messageProcessingModel, byte[] globalData, int maxMessageSize, int securityModel, byte[] securityEngineID, byte[] securityName, int securityLevel, BERInputStream scopedPDU, SecurityStateReference securityStateReference, SecurityParameters securityParameters, BEROutputStream wholeMsg) Generates a response message.
CounterSupport	getCounterSupport()
int	getID() Gets the ID of the security model.
protected String	getSecurityNamePrefix(byte[] securityName)
protected String	getTransportDomainPrefix(Address address)
boolean	hasAuthoritativeEngineID() Checks whether this SecurityModel has an authoritative engine ID.
boolean	isUsePrefix() Returns whether the transport domain prefix is prepended to the securityName.
SecurityParameters	newSecurityParametersInstance() Creates a new SecurityParameters instance that corresponds to this security model.
SecurityStateReference	newSecurityStateReference() Creates a new SecurityStateReference instance that corresponds to this security model.
int	processIncomingMsg(int messageProcessingModel, int maxMessageSize, SecurityParameters securityParameters, SecurityModel securityModel, int securityLevel, BERInputStream wholeMsg, TransportStateReference tmStateReference, OctetString securityEngineID, OctetString securityName, BEROutputStream scopedPDU, Integer32 maxSizeResponseScopedPDU, SecurityStateReference securityStateReference, StatusInformation statusInfo) Processes an incoming message and returns its plaintext payload.
void	setLocalEngineID(OctetString localEngineID)
void	setUsePrefix(boolean usePrefix) Sets the flag that controls whether the transport domain prefix is prepended to the securityName.
boolean	supportsEngineIdDiscovery() Checks whether this SecurityModel supports authoritative engine ID discovery.

Methods inherited from class org.snmp4j.security.SNMPv3SecurityModel

buildMessageBuffer, buildWholeMessage, getLocalEngineID

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

TSM

public TSM()

TSM

public TSM(OctetString localEngineID,
           boolean usePrefix)

Method Detail

setLocalEngineID

public void setLocalEngineID(OctetString localEngineID)

fireIncrementCounter

protected void fireIncrementCounter(CounterEvent e)

getID

public int getID()

Description copied from interface: SecurityModel

Gets the ID of the security model.

Returns:

one of the integer constants defined in the SecurityModel interface.

See Also:

SecurityModel.SECURITY_MODEL_ANY, SecurityModel.SECURITY_MODEL_SNMPv1, SecurityModel.SECURITY_MODEL_SNMPv2c, SecurityModel.SECURITY_MODEL_USM

supportsEngineIdDiscovery

public boolean supportsEngineIdDiscovery()

Description copied from interface: SecurityModel

Checks whether this SecurityModel supports authoritative engine ID discovery. The USM for instance, returns true whereas TSM returns false. See also RFC 5343 3.2 for details.

Returns:

true if this security model has its own authoritative engine ID discovery mechanism.

hasAuthoritativeEngineID

public boolean hasAuthoritativeEngineID()

Description copied from interface: SecurityModel

Checks whether this SecurityModel has an authoritative engine ID.

Returns:

true if an authoritative engine ID is exchanged between command sender and responder using this security model, false otherwise.

newSecurityParametersInstance

public SecurityParameters newSecurityParametersInstance()

Description copied from interface: SecurityModel

Creates a new SecurityParameters instance that corresponds to this security model.

Returns:

a new SecurityParameters instance.

newSecurityStateReference

public SecurityStateReference newSecurityStateReference()

Description copied from interface: SecurityModel

Creates a new SecurityStateReference instance that corresponds to this security model.

Returns:

a new SecurityStateReference instance.

generateRequestMessage

public int generateRequestMessage(int messageProcessingModel,
                                  byte[] globalData,
                                  int maxMessageSize,
                                  int securityModel,
                                  byte[] securityEngineID,
                                  byte[] securityName,
                                  int securityLevel,
                                  BERInputStream scopedPDU,
                                  SecurityParameters securityParameters,
                                  BEROutputStream wholeMsg,
                                  TransportStateReference tmStateReference)
                           throws IOException

Description copied from interface: SecurityModel

Generate a request message.

Parameters:

messageProcessingModel - the ID of the message processing model (SNMP version) to use.

globalData - the message header and admin data.

maxMessageSize - the maximum message size of the sending (this) SNMP entity for the selected transport mapping (determined by the message processing model).

securityModel - the security model for the outgoing message.

securityEngineID - the authoritative SNMP entity.

securityName - the principal on behalf of this message is generated.

securityLevel - the requested SecurityLevel.

scopedPDU - a BERInputStream containing the message (plain text) payload.

securityParameters - returns the SecurityParameters filled by the security model.

wholeMsg - returns the complete generated message in a BEROutputStream. The buffer of wholeMsg is set to null by the caller and must be set by the implementation of this method.

tmStateReference - the transport model state reference as defined by RFC 5590.

Returns:

the error status of the message generation. On success SnmpConstants.SNMPv3_USM_OK is returned, otherwise one of the other SnmpConstants.SNMPv3_USM_* values is returned.

Throws:

IOException - if generation of the message fails because of an internal or an resource error.

getCounterSupport

public CounterSupport getCounterSupport()

getSecurityNamePrefix

protected String getSecurityNamePrefix(byte[] securityName)

getTransportDomainPrefix

protected String getTransportDomainPrefix(Address address)

generateResponseMessage

public int generateResponseMessage(int messageProcessingModel,
                                   byte[] globalData,
                                   int maxMessageSize,
                                   int securityModel,
                                   byte[] securityEngineID,
                                   byte[] securityName,
                                   int securityLevel,
                                   BERInputStream scopedPDU,
                                   SecurityStateReference securityStateReference,
                                   SecurityParameters securityParameters,
                                   BEROutputStream wholeMsg)
                            throws IOException

Description copied from interface: SecurityModel

Generates a response message.

Parameters:

messageProcessingModel - the ID of the message processing model (SNMP version) to use.

globalData - the message header and admin data.

maxMessageSize - the maximum message size of the sending (this) SNMP entity for the selected transport mapping (determined by the message processing model).

securityModel - the security model for the outgoing message.

securityEngineID - the authoritative SNMP entity.

securityName - the principal on behalf of this message is generated.

securityLevel - the requested SecurityLevel.

scopedPDU - a BERInputStream containing the message (plain text) payload.

securityStateReference - a SecurityStateReference instance providing information from original request.

securityParameters - returns the SecurityParameters filled by the security model.

wholeMsg - returns the complete generated message in a BEROutputStream. The buffer of wholeMsg is set to null by the caller and must be set by the implementation of this method.

Returns:

the error status of the message generation. On success SnmpConstants.SNMPv3_USM_OK is returned, otherwise one of the other SnmpConstants.SNMPv3_USM_* values is returned.

Throws:

IOException - if generation of the message fails because of an internal or an resource error.

processIncomingMsg

public int processIncomingMsg(int messageProcessingModel,
                              int maxMessageSize,
                              SecurityParameters securityParameters,
                              SecurityModel securityModel,
                              int securityLevel,
                              BERInputStream wholeMsg,
                              TransportStateReference tmStateReference,
                              OctetString securityEngineID,
                              OctetString securityName,
                              BEROutputStream scopedPDU,
                              Integer32 maxSizeResponseScopedPDU,
                              SecurityStateReference securityStateReference,
                              StatusInformation statusInfo)
                       throws IOException

Description copied from interface: SecurityModel

Processes an incoming message and returns its plaintext payload.

Parameters:

messageProcessingModel - the ID of the message processing model (SNMP version) to use.

maxMessageSize - the maximum message size of the message processing model for the transport mapping associated with this message's source address less the length of the maximum header length of the message processing model. This value is used by the security model to determine the maxSizeResponseScopedPDU value.

securityParameters - the SecurityParameters for the received message.

securityModel - the SecurityModel instance for the received message.

securityLevel - the SecurityLevel ID.

wholeMsg - the BERInputStream containing the whole message as received on the wire.

tmStateReference - the transport model state reference as defined by RFC 5590.

securityEngineID - the authoritative SNMP entity.

securityName - the identification of the principal.

scopedPDU - returns the message (plaintext) payload into the supplied BEROutputStream. The buffer of scopedPDU is set to null by the caller and must be set by the implementation of this method.

maxSizeResponseScopedPDU - the determined maximum size for a response PDU.

securityStateReference - the SecurityStateReference information needed for a response.

statusInfo - the StatusInformation needed to generate reports if processing of the incoming message failed.

Returns:

the error status of the message processing. On success SnmpConstants.SNMPv3_USM_OK is returned, otherwise one of the other SnmpConstants.SNMPv3_USM_* values is returned.

Throws:

IOException - if an unexpected (internal) or an resource error occurred.

isUsePrefix

public boolean isUsePrefix()

Returns whether the transport domain prefix is prepended to the securityName.

Returns:

true if the transport domain prefix is prepended to the securityName.

setUsePrefix

public void setUsePrefix(boolean usePrefix)

Sets the flag that controls whether the transport domain prefix is prepended to the securityName.

Parameters:

usePrefix - if true the transport domain prefix is prepended to the securityName.