在使用SNMP4J创建的陷阱发送器中,对于privProtocol 3DES,AES192和AES256的V3陷阱发送失败。发生异常的情况如下:

org.snmp4j.MessageException: Message processing model 3 returned error: Unsupported security level
at org.snmp4j.MessageDispatcherImpl.sendPdu(MessageDispatcherImpl.java:501)
at org.snmp4j.Snmp.sendMessage(Snmp.java:1005)
at org.snmp4j.Snmp.send(Snmp.java:885)
at org.snmp4j.Snmp.send(Snmp.java:878)
at org.snmp4j.Snmp.send(Snmp.java:843)


相同的代码适用于privProtocol DES和AES128以及所有authProtocol。

代码如下:

    USM usm = new USM(SecurityProtocols.getInstance(), new OctetString(
                MPv3.createLocalEngineID()),0);
        SecurityModels.getInstance().addSecurityModel(usm);
        Snmp snmp = new Snmp(transport);

        //Creating USM user according to Security level

        //Security Level: noAuthNoPriv
        if(trapDetails.getSecurityLevel()==1){
            snmp.getUSM().addUser(
                    new OctetString(trapDetails.getUserName()),
                    new UsmUser(new OctetString(trapDetails.getUserName()), null, null,
                            null,null));
            }

        //Security Level:AuthNoPriv
        if(trapDetails.getSecurityLevel()==2){
            snmp.getUSM().addUser(
                    new OctetString(trapDetails.getUserName()),
                    new UsmUser(new OctetString(trapDetails.getUserName()), new OID(
                            trapDetails.getAuthProtocol()), new OctetString(trapDetails.getAuthPassword()),
                            null,null));
            }

        //Security Level:AuthPriv
        if(trapDetails.getSecurityLevel()==3){
        snmp.getUSM().addUser(
                new OctetString(trapDetails.getUserName()),
                new UsmUser(new OctetString(trapDetails.getUserName()), new OID(
                        trapDetails.getAuthProtocol()), new OctetString(trapDetails.getAuthPassword()),
                        new OID (trapDetails.getPrivProtocol()),new OctetString(trapDetails.getPrivPassword())));
        }


......

//Creating PDU

        ScopedPDU pdu= new ScopedPDU();
        pdu.setType(PDU.NOTIFICATION);
        pdu.setRequestID(new Integer32(200));
        pdu.setErrorIndex(0);
        pdu.setErrorStatus(SnmpConstants.SNMP_ERROR_BAD_VALUE);
        pdu.add(new VariableBinding(SnmpConstants.sysUpTime,new TimeTicks(255)));
        pdu.add(new VariableBinding(SnmpConstants.snmpTrapOID, new OID(trapDetails
                .getTrapOID())));
        pdu.add(new VariableBinding(SnmpConstants.snmpTrapEnterprise,new OID(SnmpConstants.snmpTrapEnterprise)));



//Creating target to send trap

        UserTarget uTarget= new UserTarget();
        ArrayList<String> destinationList = new ArrayList<String>(trapDetails.getDestinationIP());
        Iterator<String> itr= destinationList.iterator();
        String element;
        while(itr.hasNext()){
        uTarget = new UserTarget();
        element= itr.next().toString();
        uTarget.setAddress(new UdpAddress(InetAddress.getByName(element),trapDetails.getPort()));
        uTarget.setRetries(2);
        uTarget.setTimeout(5000);
        uTarget.setVersion(SnmpConstants.version3);
        uTarget.setSecurityLevel(trapDetails.getSecurityLevel());
        uTarget.setSecurityName(new OctetString(trapDetails.getUserName()));
        snmp.send(pdu, uTarget);

        }

最佳答案

检查SecurityProtocols是否已添加PrivacyProtocols。如果没有,你可以添加像

SecurityProtocols.getInstance()。addPrivacyProtocol(new Priv3DES());

同样,要使用任何大于128位的加密,请确保使用适当的JCE,例如SunJCE。请参阅http://docs.oracle.com/javase/7/docs/technotes/guides/security/SunProviders.html

10-06 05:40