...
Code Block | ||||
---|---|---|---|---|
| ||||
private int usmDHKickstartRun() { OctetString dhKickstart = new OctetString(DHOperations.DH_KICKSTART_SEC_NAME); target.setSecurityName(dhKickstart); snmp.getUSM().addUser(dhKickstart, new UsmUser(dhKickstart, SnmpConstants.usmNoAuthProtocol, null, SnmpConstants.usmNoPrivProtocol, null)); String dhParametersValArg = (String) ArgumentParser.getValue(settings, "dhp", 0); OctetString dhParametersVal = OctetString.fromHexString(dhParametersValArg); List<Object> userNames = settings.get("user"); String privateKeysFilename = (String) ArgumentParser.getValue(settings, "privateKeysFile", 0); File privateKeysFile = new File(privateKeysFilename); if (!privateKeysFile.exists()) { System.err.println("Private key file '"+privateKeysFile+"' does not exist"); return 1; } else if (!privateKeysFile.canRead()) { System.err.println("Private key file '"+privateKeysFile+"' cannot be read"); return 2; } String dhPropertiesPrefix = (String) ArgumentParser.getValue(settings, "dhx", 0); if (dhPropertiesPrefix == null) { System.err.println("Mandatory parameter 'dhx' with DH properties prefix is not set for DH kickstart run"); return 3; } Properties privateKeysProps = new Properties(); Map<OctetString, OctetString[]> privateKeyMap = new HashMap<>(); try { DHParameters dhParameters = DHParameters.getDHParametersFromBER(dhParametersVal); FileInputStream privateKeysIS = new FileInputStream(privateKeysFile); privateKeysProps.load(privateKeysIS); for (Object key : privateKeysProps.keySet()) { if (key.toString().startsWith(dhPropertiesPrefix+DHOperations.DH_PRIVATE_KEY_PROPERTY)) { String userName = key.toString().substring(dhPropertiesPrefix.length()+ DHOperations.DH_PRIVATE_KEY_PROPERTY.length()); if (userName.length() > 0 && (userNames.contains(userName) || (userNames.size() == 0))) { String privateKeyHexString = privateKeysProps.getProperty(key.toString()); OctetString privateKeyOctets = OctetString.fromString(privateKeyHexString,16); String publicKeyHexString = privateKeysProps.getProperty(dhPropertiesPrefix+ DHOperations.DH_PUBLIC_KEY_PROPERTY +userName); String authProto = privateKeysProps.getProperty(dhPropertiesPrefix+ DHOperations.DH_AUTH_PROTOCOL_PROPERTY +userName); String privProto = privateKeysProps.getProperty(dhPropertiesPrefix+ DHOperations.DH_AUTHPRIV_PROTOCOL_PROPERTY +userName); OctetString publicKeyOctets = OctetString.fromString(publicKeyHexString, 16); privateKeyMap.put(publicKeyOctets, new OctetString[] { privateKeyOctets, new OctetString(userName), (authProto == null) ? null : new OctetString(authProto), (privProto == null) ? null : new OctetString(privProto) }); } } } Map<OctetString, OctetString[]> publicKeysMap = DHOperations.getDHKickstartPublicKeys(snmp, pduFactory, target, privateKeyMap.keySet()); for (Entry<OctetString, OctetString[]> publicKeyEntry : publicKeysMap.entrySet()) { OctetString[] privateKeyInfo = privateKeyMap.get(publicKeyEntry.getKey()); OctetString publicKeyOctets = publicKeyEntry.getValue()[0]; if (privateKeyInfo != null) { KeyPair keyPair = DHOperations.createKeyPair(publicKeyEntry.getKey(), privateKeyInfo[0], dhParameters); KeyAgreement keyAgreement = DHOperations.getInitializedKeyAgreement(keyPair); byte[] sharedKey = DHOperations.computeSharedKey(keyAgreement, publicKeyOctets.getValue(), dhParameters); OID authProto = new OID(SnmpConstants.usmHMACMD5AuthProtocol); if (privateKeyInfo[2] != null) { authProto = new OID(privateKeyInfo[2].toString()); } OID privProto = new OID(SnmpConstants.usmDESPrivProtocol); if (privateKeyInfo[3] != null) { privProto = new OID(privateKeyInfo[3].toString()); } System.out.println(privateKeyInfo[1]+":="+new OctetString(sharedKey).toString(16)+"["+ authProto+";"+privProto+"]"); } } return 0; } catch (FileNotFoundException e) { e.printStackTrace(); // should not happen return 1; } catch (IOException e) { e.printStackTrace(); return 3; } } |
...