在使用SNMP4J创建的陷阱发送器中,对于privProtocol 3DES,AES192和AES256的V3陷阱发送失败。发生异常的情况如下:
org.snmp4j.MessageException: Message processing model 3 returned error: Unsupported security level
at org.snmp4j.MessageDispatcherImpl.sendPdu(MessageDispatcherImpl.java:501)
at org.snmp4j.Snmp.sendMessage(Snmp.java:1005)
at org.snmp4j.Snmp.send(Snmp.java:885)
at org.snmp4j.Snmp.send(Snmp.java:878)
at org.snmp4j.Snmp.send(Snmp.java:843)
相同的代码适用于privProtocol DES和AES128以及所有authProtocol。
代码如下:
USM usm = new USM(SecurityProtocols.getInstance(), new OctetString(
MPv3.createLocalEngineID()),0);
SecurityModels.getInstance().addSecurityModel(usm);
Snmp snmp = new Snmp(transport);
//Creating USM user according to Security level
//Security Level: noAuthNoPriv
if(trapDetails.getSecurityLevel()==1){
snmp.getUSM().addUser(
new OctetString(trapDetails.getUserName()),
new UsmUser(new OctetString(trapDetails.getUserName()), null, null,
null,null));
}
//Security Level:AuthNoPriv
if(trapDetails.getSecurityLevel()==2){
snmp.getUSM().addUser(
new OctetString(trapDetails.getUserName()),
new UsmUser(new OctetString(trapDetails.getUserName()), new OID(
trapDetails.getAuthProtocol()), new OctetString(trapDetails.getAuthPassword()),
null,null));
}
//Security Level:AuthPriv
if(trapDetails.getSecurityLevel()==3){
snmp.getUSM().addUser(
new OctetString(trapDetails.getUserName()),
new UsmUser(new OctetString(trapDetails.getUserName()), new OID(
trapDetails.getAuthProtocol()), new OctetString(trapDetails.getAuthPassword()),
new OID (trapDetails.getPrivProtocol()),new OctetString(trapDetails.getPrivPassword())));
}
......
//Creating PDU
ScopedPDU pdu= new ScopedPDU();
pdu.setType(PDU.NOTIFICATION);
pdu.setRequestID(new Integer32(200));
pdu.setErrorIndex(0);
pdu.setErrorStatus(SnmpConstants.SNMP_ERROR_BAD_VALUE);
pdu.add(new VariableBinding(SnmpConstants.sysUpTime,new TimeTicks(255)));
pdu.add(new VariableBinding(SnmpConstants.snmpTrapOID, new OID(trapDetails
.getTrapOID())));
pdu.add(new VariableBinding(SnmpConstants.snmpTrapEnterprise,new OID(SnmpConstants.snmpTrapEnterprise)));
//Creating target to send trap
UserTarget uTarget= new UserTarget();
ArrayList<String> destinationList = new ArrayList<String>(trapDetails.getDestinationIP());
Iterator<String> itr= destinationList.iterator();
String element;
while(itr.hasNext()){
uTarget = new UserTarget();
element= itr.next().toString();
uTarget.setAddress(new UdpAddress(InetAddress.getByName(element),trapDetails.getPort()));
uTarget.setRetries(2);
uTarget.setTimeout(5000);
uTarget.setVersion(SnmpConstants.version3);
uTarget.setSecurityLevel(trapDetails.getSecurityLevel());
uTarget.setSecurityName(new OctetString(trapDetails.getUserName()));
snmp.send(pdu, uTarget);
}
最佳答案
检查SecurityProtocols是否已添加PrivacyProtocols。如果没有,你可以添加像
SecurityProtocols.getInstance()。addPrivacyProtocol(new Priv3DES());
同样,要使用任何大于128位的加密,请确保使用适当的JCE,例如SunJCE。请参阅http://docs.oracle.com/javase/7/docs/technotes/guides/security/SunProviders.html