Cleaned up AAA app now it's in the ONOS core.
Moved packets into the packet library, minor app cleanups and javadoc.
Change-Id: I7ee04d09f82051fdb2a9bcfe577cb163661d5055
diff --git a/utils/misc/src/main/java/org/onlab/packet/EAP.java b/utils/misc/src/main/java/org/onlab/packet/EAP.java
new file mode 100644
index 0000000..3fba4c9
--- /dev/null
+++ b/utils/misc/src/main/java/org/onlab/packet/EAP.java
@@ -0,0 +1,264 @@
+/*
+ *
+ * * Copyright 2015 AT&T Foundry
+ * *
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ *
+ */
+
+package org.onlab.packet;
+
+import java.nio.ByteBuffer;
+
+import static org.onlab.packet.PacketUtils.checkHeaderLength;
+import static org.onlab.packet.PacketUtils.checkInput;
+
+/**
+ * EAP (Extensible Authentication Protocol) packet.
+ */
+public class EAP extends BasePacket {
+ private static final int HEADER_LENGTH = 4;
+
+ public static final short MIN_LEN = 0x4;
+ public static final short EAP_HDR_LEN_REQ_RESP = 5;
+ public static final short EAP_HDR_LEN_SUC_FAIL = 4;
+
+ // EAP Code
+ public static final byte REQUEST = 0x1;
+ public static final byte RESPONSE = 0x2;
+ public static final byte SUCCESS = 0x3;
+ public static final byte FAILURE = 0x4;
+
+ // EAP Attribute Type
+ public static final byte ATTR_IDENTITY = 0x1;
+ public static final byte ATTR_NOTIFICATION = 0x2;
+ public static final byte ATTR_NAK = 0x3;
+ public static final byte ATTR_MD5 = 0x4;
+ public static final byte ATTR_OTP = 0x5;
+ public static final byte ATTR_GTC = 0x6;
+ public static final byte ATTR_TLS = 0xd;
+
+ protected byte code;
+ protected byte identifier;
+ protected short length;
+ protected byte type;
+ protected byte[] data;
+
+
+ /**
+ * Gets the EAP code.
+ *
+ * @return EAP code
+ */
+ public byte getCode() {
+ return this.code;
+ }
+
+
+ /**
+ * Sets the EAP code.
+ *
+ * @param code EAP code
+ * @return this
+ */
+ public EAP setCode(final byte code) {
+ this.code = code;
+ return this;
+ }
+
+ /**
+ * Gets the EAP identifier.
+ *
+ * @return EAP identifier
+ */
+ public byte getIdentifier() {
+ return this.identifier;
+ }
+
+ /**
+ * Sets the EAP identifier.
+ *
+ * @param identifier
+ * @return this
+ */
+ public EAP setIdentifier(final byte identifier) {
+ this.identifier = identifier;
+ return this;
+ }
+
+ /**
+ * Gets the get packet length.
+ *
+ * @return packet length
+ */
+ public short getLength() {
+ return this.length;
+ }
+
+ /**
+ * Sets the packet length.
+ *
+ * @param length packet length
+ * @return this
+ */
+ public EAP setLength(final short length) {
+ this.length = length;
+ return this;
+ }
+
+ /**
+ * Gets the data type.
+ *
+ * @return data type
+ */
+ public byte getDataType() {
+ return this.type;
+ }
+
+ /**
+ * Sets the data type.
+ *
+ * @param type data type
+ * @return this
+ */
+ public EAP setDataType(final byte type) {
+ this.type = type;
+ return this;
+ }
+
+ /**
+ * Gets the EAP data.
+ *
+ * @return EAP data
+ */
+ public byte[] getData() {
+ return this.data;
+ }
+
+ /**
+ * Sets the EAP data.
+ *
+ * @param data EAP data to be set
+ * @return this
+ */
+ public EAP setData(final byte[] data) {
+ this.data = data;
+ return this;
+ }
+
+ /**
+ * Default EAP constructor that sets the EAP code to 0.
+ */
+ public EAP() {
+ this.code = 0;
+ }
+
+ /**
+ * EAP constructor that initially sets all fields.
+ *
+ * @param code EAP code
+ * @param identifier EAP identifier
+ * @param type packet type
+ * @param data EAP data
+ */
+ public EAP(byte code, byte identifier, byte type, byte[] data) {
+ this.code = code;
+ this.identifier = identifier;
+ if (this.code == REQUEST || this.code == RESPONSE) {
+ this.length = (short) (5 + (data == null ? 0 : data.length));
+ this.type = type;
+ } else {
+ this.length = (short) (4 + (data == null ? 0 : data.length));
+ }
+ this.data = data;
+ }
+
+ /**
+ * Deserializer for EAP packets.
+ *
+ * @return deserializer
+ */
+ public static Deserializer<EAP> deserializer() {
+ return (data, offset, length) -> {
+ checkInput(data, offset, length, HEADER_LENGTH);
+
+ EAP eap = new EAP();
+ final ByteBuffer bb = ByteBuffer.wrap(data, offset, length);
+ eap.code = bb.get();
+ eap.identifier = bb.get();
+ eap.length = bb.getShort();
+
+ checkHeaderLength(length, HEADER_LENGTH + eap.length);
+
+ int dataLength;
+ if (eap.code == REQUEST || eap.code == RESPONSE) {
+ eap.type = bb.get();
+ dataLength = eap.length - 5;
+ } else {
+ dataLength = eap.length - 4;
+ }
+
+ eap.data = new byte[dataLength];
+ bb.get(eap.data);
+ return eap;
+ };
+ }
+
+ @Override
+ public byte[] serialize() {
+ final byte[] data = new byte[this.length];
+
+ final ByteBuffer bb = ByteBuffer.wrap(data);
+ bb.put(this.code);
+ bb.put(this.identifier);
+ bb.putShort(this.length);
+ if (this.code == REQUEST || this.code == RESPONSE) {
+ bb.put(this.type);
+ }
+ if (this.data != null) {
+ bb.put(this.data);
+ }
+ return data;
+ }
+
+ @Override
+ public IPacket deserialize(final byte[] data, final int offset,
+ final int length) {
+ final ByteBuffer bb = ByteBuffer.wrap(data, offset, length);
+ this.code = bb.get();
+ this.identifier = bb.get();
+ this.length = bb.getShort();
+
+ int dataLength;
+ if (this.code == REQUEST || this.code == RESPONSE) {
+ this.type = bb.get();
+ dataLength = this.length - 5;
+ } else {
+ dataLength = this.length - 4;
+ }
+ this.data = new byte[dataLength];
+ bb.get(this.data);
+ return this;
+ }
+
+ @Override
+ public int hashCode() {
+ final int prime = 3889;
+ int result = super.hashCode();
+ result = prime * result + this.code;
+ result = prime * result + this.identifier;
+ result = prime * result + this.length;
+ result = prime * result + this.type;
+ return result;
+ }
+}
diff --git a/utils/misc/src/main/java/org/onlab/packet/EAPOL.java b/utils/misc/src/main/java/org/onlab/packet/EAPOL.java
new file mode 100644
index 0000000..1820cc3
--- /dev/null
+++ b/utils/misc/src/main/java/org/onlab/packet/EAPOL.java
@@ -0,0 +1,199 @@
+/*
+ *
+ * * Copyright 2015 AT&T Foundry
+ * *
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ *
+ */
+
+package org.onlab.packet;
+
+import java.nio.ByteBuffer;
+
+import static org.onlab.packet.PacketUtils.checkHeaderLength;
+import static org.onlab.packet.PacketUtils.checkInput;
+
+/**
+ * EAPOL (Extensible Authentication Protocol over LAN) header.
+ */
+public class EAPOL extends BasePacket {
+
+ private byte version = 0x01;
+ private byte eapolType;
+ private short packetLength;
+
+ private static final int HEADER_LENGTH = 4;
+
+ // EAPOL Packet Type
+ public static final byte EAPOL_PACKET = 0x0;
+ public static final byte EAPOL_START = 0x1;
+ public static final byte EAPOL_LOGOFF = 0x2;
+ public static final byte EAPOL_KEY = 0x3;
+ public static final byte EAPOL_ASF = 0x4;
+
+ public static final MacAddress PAE_GROUP_ADDR = MacAddress.valueOf(new byte[] {
+ (byte) 0x01, (byte) 0x80, (byte) 0xc2, (byte) 0x00, (byte) 0x00, (byte) 0x03
+ });
+
+ /**
+ * Gets the version.
+ *
+ * @return version
+ */
+ public byte getVersion() {
+ return this.version;
+ }
+
+ /**
+ * Sets the version.
+ *
+ * @param version EAPOL version
+ * @return this
+ */
+ public EAPOL setVersion(final byte version) {
+ this.version = version;
+ return this;
+ }
+
+ /**
+ * Gets the type.
+ *
+ * @return EAPOL type
+ */
+ public byte getEapolType() {
+ return this.eapolType;
+ }
+
+ /**
+ * Sets the EAPOL type.
+ *
+ * @param eapolType EAPOL type
+ * @return this
+ */
+ public EAPOL setEapolType(final byte eapolType) {
+ this.eapolType = eapolType;
+ return this;
+ }
+
+ /**
+ * Gets the packet length.
+ *
+ * @return packet length
+ */
+ public short getPacketLength() {
+ return this.packetLength;
+ }
+
+ /**
+ * Sets the packet length.
+ *
+ * @param packetLen packet length
+ * @return this
+ */
+ public EAPOL setPacketLength(final short packetLen) {
+ this.packetLength = packetLen;
+ return this;
+ }
+
+ /**
+ * Serializes the packet, based on the code/type using the payload
+ * to compute its length.
+ *
+ * @return this
+ */
+ @Override
+ public byte[] serialize() {
+ byte[] payloadData = null;
+
+ if (this.payload != null) {
+ this.payload.setParent(this);
+ payloadData = this.payload.serialize();
+ }
+
+ // prepare the buffer to hold the version (1), packet type (1),
+ // packet length (2) and the eap payload.
+ // if there is no payload, packet length is 0
+ byte[] data = new byte[4 + this.packetLength];
+ final ByteBuffer bb = ByteBuffer.wrap(data);
+ bb.put(this.version);
+ bb.put(this.eapolType);
+ bb.putShort(this.packetLength);
+
+ // put the EAP payload
+ if (payloadData != null) {
+ bb.put(payloadData);
+ }
+
+ return data;
+ }
+
+ @Override
+ public int hashCode() {
+ final int prime = 3889;
+ int result = super.hashCode();
+ result = prime * result + this.version;
+ result = prime * result + this.eapolType;
+ result = prime * result + this.packetLength;
+ return result;
+ }
+
+ /**
+ * Deserializer for EAPOL packets.
+ *
+ * @return deserializer
+ */
+ public static Deserializer<EAPOL> deserializer() {
+ return (data, offset, length) -> {
+ checkInput(data, offset, length, HEADER_LENGTH);
+
+ EAPOL eapol = new EAPOL();
+ final ByteBuffer bb = ByteBuffer.wrap(data, offset, length);
+ eapol.setVersion(bb.get());
+ eapol.setEapolType(bb.get());
+ eapol.setPacketLength(bb.getShort());
+
+ if (eapol.packetLength > 0) {
+ checkHeaderLength(length, HEADER_LENGTH + eapol.packetLength);
+ // deserialize the EAP Payload
+ eapol.payload = EAP.deserializer().deserialize(data,
+ bb.position(), bb.limit() - bb.position());
+
+ eapol.payload.setParent(eapol);
+ }
+
+ return eapol;
+ };
+ }
+
+ @Override
+ public IPacket deserialize(final byte[] data, final int offset,
+ final int length) {
+ final ByteBuffer bb = ByteBuffer.wrap(data, offset, length);
+
+ // deserialize the EAPOL header
+ this.version = bb.get();
+ this.eapolType = bb.get();
+ this.packetLength = bb.getShort();
+
+ if (this.packetLength > 0) {
+ // deserialize the EAP Payload
+ this.payload = new EAP();
+
+ this.payload = this.payload.deserialize(data, bb.position(), length - 4);
+ this.payload.setParent(this);
+ }
+
+ return this;
+ }
+}
+
diff --git a/utils/misc/src/main/java/org/onlab/packet/EthType.java b/utils/misc/src/main/java/org/onlab/packet/EthType.java
index 90439eb..561c930 100644
--- a/utils/misc/src/main/java/org/onlab/packet/EthType.java
+++ b/utils/misc/src/main/java/org/onlab/packet/EthType.java
@@ -35,8 +35,9 @@
VLAN(0x8100, "vlan", null),
BDDP(0x8942, "bddp", org.onlab.packet.LLDP.deserializer()),
MPLS_UNICAST(0x8847, "mpls_unicast", org.onlab.packet.MPLS.deserializer()),
- MPLS_MULTICAST(0x8848, "mpls_unicast", org.onlab.packet.MPLS.deserializer());
-
+ MPLS_MULTICAST(0x8848, "mpls_unicast", org.onlab.packet.MPLS.deserializer()),
+ EAPOL(0x888e, "eapol", org.onlab.packet.EAPOL.deserializer()),
+ UNKNOWN(0, "unknown", null);
private final EthType etherType;
@@ -69,6 +70,15 @@
return deserializer;
}
+ public static EtherType lookup(short etherType) {
+ for (EtherType ethType : EtherType.values()) {
+ if (ethType.ethType().toShort() == etherType) {
+ return ethType;
+ }
+ }
+ return UNKNOWN;
+ }
+
}
diff --git a/utils/misc/src/main/java/org/onlab/packet/RADIUS.java b/utils/misc/src/main/java/org/onlab/packet/RADIUS.java
new file mode 100644
index 0000000..297fee7
--- /dev/null
+++ b/utils/misc/src/main/java/org/onlab/packet/RADIUS.java
@@ -0,0 +1,423 @@
+/*
+ *
+ * * Copyright 2015 AT&T Foundry
+ * *
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ *
+ */
+
+package org.onlab.packet;
+
+import org.slf4j.Logger;
+
+import javax.crypto.Mac;
+import javax.crypto.spec.SecretKeySpec;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.nio.ByteBuffer;
+import java.security.SecureRandom;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.List;
+
+import static org.onlab.packet.PacketUtils.checkHeaderLength;
+import static org.onlab.packet.PacketUtils.checkInput;
+import static org.slf4j.LoggerFactory.getLogger;
+
+/**
+ * RADIUS packet.
+ */
+public class RADIUS extends BasePacket {
+ protected byte code;
+ protected byte identifier;
+ protected short length = RADIUS_MIN_LENGTH;
+ protected byte[] authenticator = new byte[16];
+ protected List<RADIUSAttribute> attributes = new ArrayList<>();
+
+ // RADIUS parameters
+ public static final short RADIUS_MIN_LENGTH = 20;
+ public static final short MAX_ATTR_VALUE_LENGTH = 253;
+ public static final short RADIUS_MAX_LENGTH = 4096;
+
+ // RADIUS packet types
+ public static final byte RADIUS_CODE_ACCESS_REQUEST = 0x01;
+ public static final byte RADIUS_CODE_ACCESS_ACCEPT = 0x02;
+ public static final byte RADIUS_CODE_ACCESS_REJECT = 0x03;
+ public static final byte RADIUS_CODE_ACCOUNTING_REQUEST = 0x04;
+ public static final byte RADIUS_CODE_ACCOUNTING_RESPONSE = 0x05;
+ public static final byte RADIUS_CODE_ACCESS_CHALLENGE = 0x0b;
+
+ private final Logger log = getLogger(getClass());
+
+ /**
+ * Default constructor.
+ */
+ public RADIUS() {
+ }
+
+ /**
+ * Constructs a RADIUS packet with the given code and identifier.
+ *
+ * @param code code
+ * @param identifier identifier
+ */
+ public RADIUS(byte code, byte identifier) {
+ this.code = code;
+ this.identifier = identifier;
+ }
+
+ /**
+ * Gets the code.
+ *
+ * @return code
+ */
+ public byte getCode() {
+ return this.code;
+ }
+
+ /**
+ * Sets the code.
+ *
+ * @param code code
+ */
+ public void setCode(byte code) {
+ this.code = code;
+ }
+
+ /**
+ * Gets the identifier.
+ *
+ * @return identifier
+ */
+ public byte getIdentifier() {
+ return this.identifier;
+ }
+
+ /**
+ * Sets the identifier.
+ *
+ * @param identifier identifier
+ */
+ public void setIdentifier(byte identifier) {
+ this.identifier = identifier;
+ }
+
+ /**
+ * Gets the authenticator.
+ *
+ * @return authenticator
+ */
+ public byte[] getAuthenticator() {
+ return this.authenticator;
+ }
+
+ /**
+ * Sets the authenticator.
+ *
+ * @param authenticator authenticator
+ */
+ public void setAuthenticator(byte[] authenticator) {
+ this.authenticator = authenticator;
+ }
+
+ /**
+ * Generates an authenticator code.
+ *
+ * @return the authenticator
+ */
+ public byte[] generateAuthCode() {
+ new SecureRandom().nextBytes(this.authenticator);
+ return this.authenticator;
+ }
+
+ /**
+ * Checks if the packet's code field is valid.
+ *
+ * @return whether the code is valid
+ */
+ public boolean isValidCode() {
+ return this.code == RADIUS_CODE_ACCESS_REQUEST ||
+ this.code == RADIUS_CODE_ACCESS_ACCEPT ||
+ this.code == RADIUS_CODE_ACCESS_REJECT ||
+ this.code == RADIUS_CODE_ACCOUNTING_REQUEST ||
+ this.code == RADIUS_CODE_ACCOUNTING_RESPONSE ||
+ this.code == RADIUS_CODE_ACCESS_CHALLENGE;
+ }
+
+ /**
+ * Adds a message authenticator to the packet based on the given key.
+ *
+ * @param key key to generate message authenticator
+ * @return the messgae authenticator RADIUS attribute
+ */
+ public RADIUSAttribute addMessageAuthenticator(String key) {
+ // Message-Authenticator = HMAC-MD5 (Type, Identifier, Length,
+ // Request Authenticator, Attributes)
+ // When the message integrity check is calculated the signature string
+ // should be considered to be sixteen octets of zero.
+ byte[] hashOutput = new byte[16];
+ Arrays.fill(hashOutput, (byte) 0);
+
+ RADIUSAttribute authAttribute = this.getAttribute(RADIUSAttribute.RADIUS_ATTR_MESSAGE_AUTH);
+ if (authAttribute != null) {
+ // If Message-Authenticator was already present, override it
+ this.log.warn("Attempted to add duplicate Message-Authenticator");
+ authAttribute = this.updateAttribute(RADIUSAttribute.RADIUS_ATTR_MESSAGE_AUTH, hashOutput);
+ } else {
+ // Else generate a new attribute padded with zeroes
+ authAttribute = this.setAttribute(RADIUSAttribute.RADIUS_ATTR_MESSAGE_AUTH, hashOutput);
+ }
+ // Calculate the MD5 HMAC based on the message
+ try {
+ SecretKeySpec keySpec = new SecretKeySpec(key.getBytes(), "HmacMD5");
+ Mac mac = Mac.getInstance("HmacMD5");
+ mac.init(keySpec);
+ hashOutput = mac.doFinal(this.serialize());
+ // Update HMAC in Message-Authenticator
+ authAttribute = this.updateAttribute(RADIUSAttribute.RADIUS_ATTR_MESSAGE_AUTH, hashOutput);
+ } catch (Exception e) {
+ this.log.error("Failed to generate message authenticator: {}", e.getMessage());
+ }
+
+ return authAttribute;
+ }
+
+ /**
+ * Checks the message authenticator in the packet with one generated from
+ * the given key.
+ *
+ * @param key key to generate message authenticator
+ * @return whether the message authenticators match or not
+ */
+ public boolean checkMessageAuthenticator(String key) {
+ byte[] newHash = new byte[16];
+ Arrays.fill(newHash, (byte) 0);
+ byte[] messageAuthenticator = this.getAttribute(RADIUSAttribute.RADIUS_ATTR_MESSAGE_AUTH).getValue();
+ this.updateAttribute(RADIUSAttribute.RADIUS_ATTR_MESSAGE_AUTH, newHash);
+ // Calculate the MD5 HMAC based on the message
+ try {
+ SecretKeySpec keySpec = new SecretKeySpec(key.getBytes(), "HmacMD5");
+ Mac mac = Mac.getInstance("HmacMD5");
+ mac.init(keySpec);
+ newHash = mac.doFinal(this.serialize());
+ } catch (Exception e) {
+ log.error("Failed to generate message authenticator: {}", e.getMessage());
+ }
+ this.updateAttribute(RADIUSAttribute.RADIUS_ATTR_MESSAGE_AUTH, messageAuthenticator);
+ // Compare the calculated Message-Authenticator with the one in the message
+ return Arrays.equals(newHash, messageAuthenticator);
+ }
+
+ /**
+ * Encapsulates an EAP packet in this RADIUS packet.
+ *
+ * @param message EAP message object to be embedded in the RADIUS
+ * EAP-Message attributed
+ */
+ public void encapsulateMessage(EAP message) {
+ if (message.length <= MAX_ATTR_VALUE_LENGTH) {
+ // Use the regular serialization method as it fits into one EAP-Message attribute
+ this.setAttribute(RADIUSAttribute.RADIUS_ATTR_EAP_MESSAGE,
+ message.serialize());
+ } else {
+ // Segment the message into chucks and embed them in several EAP-Message attributes
+ short remainingLength = message.length;
+ byte[] messageBuffer = message.serialize();
+ final ByteBuffer bb = ByteBuffer.wrap(messageBuffer);
+ while (bb.hasRemaining()) {
+ byte[] messageAttributeData;
+ if (remainingLength > MAX_ATTR_VALUE_LENGTH) {
+ // The remaining data is still too long to fit into one attribute, keep going
+ messageAttributeData = new byte[MAX_ATTR_VALUE_LENGTH];
+ bb.get(messageAttributeData, 0, MAX_ATTR_VALUE_LENGTH);
+ remainingLength -= MAX_ATTR_VALUE_LENGTH;
+ } else {
+ // The remaining data fits, this will be the last chunk
+ messageAttributeData = new byte[remainingLength];
+ bb.get(messageAttributeData, 0, remainingLength);
+ }
+ this.attributes.add(new RADIUSAttribute(RADIUSAttribute.RADIUS_ATTR_EAP_MESSAGE,
+ (byte) (messageAttributeData.length + 2), messageAttributeData));
+
+ // Adding the size of the data to the total RADIUS length
+ this.length += (short) (messageAttributeData.length & 0xFF);
+ // Adding the size of the overhead attribute type and length
+ this.length += 2;
+ }
+ }
+ }
+
+ /**
+ * Decapsulates an EAP packet from the RADIUS packet.
+ *
+ * @return An EAP object containing the reassembled EAP message
+ */
+ public EAP decapsulateMessage() {
+ EAP message = new EAP();
+ ByteArrayOutputStream messageStream = new ByteArrayOutputStream();
+ // Iterating through EAP-Message attributes to concatenate their value
+ for (RADIUSAttribute ra : this.getAttributeList(RADIUSAttribute.RADIUS_ATTR_EAP_MESSAGE)) {
+ try {
+ messageStream.write(ra.getValue());
+ } catch (IOException e) {
+ log.error("Error while reassembling EAP message: {}", e.getMessage());
+ }
+ }
+ // Assembling EAP object from the concatenated stream
+ message.deserialize(messageStream.toByteArray(), 0, messageStream.size());
+ return message;
+ }
+
+ /**
+ * Gets a list of attributes from the RADIUS packet.
+ *
+ * @param attrType the type field of the required attributes
+ * @return List of the attributes that matches the type or an empty list if there is none
+ */
+ public ArrayList<RADIUSAttribute> getAttributeList(byte attrType) {
+ ArrayList<RADIUSAttribute> attrList = new ArrayList<>();
+ for (int i = 0; i < this.attributes.size(); i++) {
+ if (this.attributes.get(i).getType() == attrType) {
+ attrList.add(this.attributes.get(i));
+ }
+ }
+ return attrList;
+ }
+
+ /**
+ * Gets an attribute from the RADIUS packet.
+ *
+ * @param attrType the type field of the required attribute
+ * @return the first attribute that matches the type or null if does not exist
+ */
+ public RADIUSAttribute getAttribute(byte attrType) {
+ for (int i = 0; i < this.attributes.size(); i++) {
+ if (this.attributes.get(i).getType() == attrType) {
+ return this.attributes.get(i);
+ }
+ }
+ return null;
+ }
+
+ /**
+ * Sets an attribute in the RADIUS packet.
+ *
+ * @param attrType the type field of the attribute to set
+ * @param value value to be set
+ * @return reference to the attribute object
+ */
+ public RADIUSAttribute setAttribute(byte attrType, byte[] value) {
+ byte attrLength = (byte) (value.length + 2);
+ RADIUSAttribute newAttribute = new RADIUSAttribute(attrType, attrLength, value);
+ this.attributes.add(newAttribute);
+ this.length += (short) (attrLength & 0xFF);
+ return newAttribute;
+ }
+
+ /**
+ * Updates an attribute in the RADIUS packet.
+ *
+ * @param attrType the type field of the attribute to update
+ * @param value the value to update to
+ * @return reference to the attribute object
+ */
+ public RADIUSAttribute updateAttribute(byte attrType, byte[] value) {
+ for (int i = 0; i < this.attributes.size(); i++) {
+ if (this.attributes.get(i).getType() == attrType) {
+ this.length -= (short) (this.attributes.get(i).getLength() & 0xFF);
+ RADIUSAttribute newAttr = new RADIUSAttribute(attrType, (byte) (value.length + 2), value);
+ this.attributes.set(i, newAttr);
+ this.length += (short) (newAttr.getLength() & 0xFF);
+ return newAttr;
+ }
+ }
+ return null;
+ }
+
+ /**
+ * Deserializer for RADIUS packets.
+ *
+ * @return deserializer
+ */
+ public static Deserializer<RADIUS> deserializer() {
+ return (data, offset, length) -> {
+ checkInput(data, offset, length, RADIUS_MIN_LENGTH);
+
+ final ByteBuffer bb = ByteBuffer.wrap(data, offset, length);
+ RADIUS radius = new RADIUS();
+ radius.code = bb.get();
+ radius.identifier = bb.get();
+ radius.length = bb.getShort();
+ bb.get(radius.authenticator, 0, 16);
+
+ checkHeaderLength(length, radius.length);
+
+ int remainingLength = radius.length - RADIUS_MIN_LENGTH;
+ while (remainingLength > 0 && bb.hasRemaining()) {
+
+ RADIUSAttribute attr = new RADIUSAttribute();
+ attr.setType(bb.get());
+ attr.setLength(bb.get());
+ short attrLength = (short) (attr.length & 0xff);
+ attr.value = new byte[attrLength - 2];
+ bb.get(attr.value, 0, attrLength - 2);
+ radius.attributes.add(attr);
+ remainingLength -= attr.length;
+ }
+ return radius;
+ };
+ }
+
+ @Override
+ public byte[] serialize() {
+ final byte[] data = new byte[this.length];
+ final ByteBuffer bb = ByteBuffer.wrap(data);
+
+ bb.put(this.code);
+ bb.put(this.identifier);
+ bb.putShort(this.length);
+ bb.put(this.authenticator);
+ for (int i = 0; i < this.attributes.size(); i++) {
+ RADIUSAttribute attr = this.attributes.get(i);
+ bb.put(attr.getType());
+ bb.put(attr.getLength());
+ bb.put(attr.getValue());
+ }
+
+ return data;
+ }
+
+ @Override
+ public IPacket deserialize(final byte[] data, final int offset,
+ final int length) {
+ final ByteBuffer bb = ByteBuffer.wrap(data, offset, length);
+ this.code = bb.get();
+ this.identifier = bb.get();
+ this.length = bb.getShort();
+ bb.get(this.authenticator, 0, 16);
+
+ int remainingLength = this.length - RADIUS_MIN_LENGTH;
+ while (remainingLength > 0 && bb.hasRemaining()) {
+ RADIUSAttribute attr = new RADIUSAttribute();
+ attr.setType(bb.get());
+ attr.setLength(bb.get());
+ short attrLength = (short) (attr.length & 0xff);
+ attr.value = new byte[attrLength - 2];
+ bb.get(attr.value, 0, attrLength - 2);
+ this.attributes.add(attr);
+ remainingLength -= attr.length;
+ }
+ return this;
+ }
+
+}
diff --git a/utils/misc/src/main/java/org/onlab/packet/RADIUSAttribute.java b/utils/misc/src/main/java/org/onlab/packet/RADIUSAttribute.java
new file mode 100644
index 0000000..9687e37
--- /dev/null
+++ b/utils/misc/src/main/java/org/onlab/packet/RADIUSAttribute.java
@@ -0,0 +1,142 @@
+/*
+ *
+ * * Copyright 2015 AT&T Foundry
+ * *
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ *
+ */
+
+package org.onlab.packet;
+
+/**
+ * An attribute in a RADIUS packet.
+ */
+public class RADIUSAttribute {
+ protected byte type;
+ protected byte length;
+ protected byte[] value;
+
+ // RADIUS attribute types
+ public static final byte RADIUS_ATTR_USERNAME = 1;
+ public static final byte RADIUS_ATTR_NAS_IP = 4;
+ public static final byte RADIUS_ATTR_NAS_PORT = 5;
+ public static final byte RADIUS_ATTR_FRAMED_MTU = 12;
+ public static final byte RADIUS_ATTR_STATE = 24;
+ public static final byte RADIUS_ATTR_VENDOR_SPECIFIC = 26;
+ public static final byte RADIUS_ATTR_CALLING_STATION_ID = 31;
+ public static final byte RADIUS_ATTR_NAS_ID = 32;
+ public static final byte RADIUS_ATTR_ACCT_SESSION_ID = 44;
+ public static final byte RADIUS_ATTR_NAS_PORT_TYPE = 61;
+ public static final byte RADIUS_ATTR_EAP_MESSAGE = 79;
+ public static final byte RADIUS_ATTR_MESSAGE_AUTH = 80;
+ public static final byte RADIUS_ATTR_NAS_PORT_ID = 87;
+
+ /**
+ * Default constructor.
+ */
+ public RADIUSAttribute() {
+ }
+
+ /**
+ * Constructs a RADIUS attribute with the give type, length and value.
+ *
+ * @param type type
+ * @param length length
+ * @param value value
+ */
+ public RADIUSAttribute(final byte type, final byte length, final byte[] value) {
+ this.type = type;
+ this.length = length;
+ this.value = value;
+ }
+
+ /**
+ * Checks if the attribute type is valid.
+ *
+ * @return whether the type is valid or not
+ */
+ public boolean isValidType() {
+ return this.type == RADIUS_ATTR_USERNAME ||
+ this.type == RADIUS_ATTR_NAS_IP ||
+ this.type == RADIUS_ATTR_NAS_PORT ||
+ this.type == RADIUS_ATTR_VENDOR_SPECIFIC ||
+ this.type == RADIUS_ATTR_CALLING_STATION_ID ||
+ this.type == RADIUS_ATTR_NAS_ID ||
+ this.type == RADIUS_ATTR_ACCT_SESSION_ID ||
+ this.type == RADIUS_ATTR_NAS_PORT_TYPE ||
+ this.type == RADIUS_ATTR_EAP_MESSAGE ||
+ this.type == RADIUS_ATTR_MESSAGE_AUTH ||
+ this.type == RADIUS_ATTR_NAS_PORT_ID;
+ }
+
+ /**
+ * Gets the attribute type.
+ *
+ * @return the type
+ */
+ public byte getType() {
+ return this.type;
+ }
+
+ /**
+ * Sets the attribute type.
+ *
+ * @param type the code to set
+ * @return this
+ */
+ public RADIUSAttribute setType(final byte type) {
+ this.type = type;
+ return this;
+ }
+
+ /**
+ * Gets the attribute length.
+ *
+ * @return the length
+ */
+ public byte getLength() {
+ return this.length;
+ }
+
+ /**
+ * Sets the attribute length.
+ *
+ * @param length the length to set
+ * @return this
+ */
+ public RADIUSAttribute setLength(final byte length) {
+ this.length = length;
+ return this;
+ }
+
+ /**
+ * Gets the attribute value.
+ *
+ * @return the value
+ */
+ public byte[] getValue() {
+ return this.value;
+ }
+
+ /**
+ * Sets the attribute value.
+ *
+ * @param value the data to set
+ * @return this
+ */
+ public RADIUSAttribute setValue(final byte[] value) {
+ this.value = value;
+ return this;
+ }
+
+}