[SNMP4J] AES encryption problem

Frank Fock fock at agentpp.com
Sat Mar 19 13:39:06 CET 2005 

Laurent,

It seems that you need to install the strong encryption package from Sun
to enable your Java installation to use keys longer than 128bit.

Best regards,
Frank

laurent.gousenbourger at alcatel.be wrote:

> I want to execute a SNMP V3 GET with Authentication and AES encryption.
> For AES128, it works fine. For AES192 and AES256, it doesn't work.
>
> The only difference between the 3 cases is in the following line:
>
> snmp.getUSM().addUser(new OctetString("noAuthUser"),
>                      new UsmUser(new OctetString("noAuthUser"),
>                                  AuthMD5.ID,
>                                  new OctetString("centerparc"),
>                                  PrivAES192.ID,
>                                  new OctetString("itworksfine")));
>
> In case of AES128, the OID PrivAES128.ID is used.
> In case of AES192, the OID PrivAES192.ID is used.
> In case of AES256, the OID PrivAES256.ID is used.
>
> After some code, the PDU is sent
>
> snmp.send(pdu, target);
>
> where pdu is of the type ScopedPDU
>      target is of the type UserTarget
>
> The characteristics of the variable Target are:
> - address = "127.0.0.1/161",
> - authoritativeEngineID = "",
> - maxSizeRequestPDU = 65535,
> - retries = 1,
> - securityLevel = 3,
> - securitymodel = 0,
> - securityName = "noAuthUser",
> - timeout = 5000,
> - version = 3.
>
> The characteristics of the type pdu are:
> - contextEngineID = "",
> - contextName = "",
> - errorIndex = 0,
> - errorStatus = 0,
> - requestID = 0,
> - type = -96,
> - variableBinding = "[1.3.6.1.2.1.11.30.0 = Null]"
>
> The call of the function snmp.send generates the following exception:
>
> Encrypt Exception java.lang.SecurityException: Unsupported keysize or 
> algorithm parameters Unsupported keysize or algorithm parameters
> PrivAES - Encrypt Exception Unsupported keysize or algorithm parameters
> org.snmp4j.MessageException: Message processing model 3 returned 
> error: 1405
>
> Can someone of you help me. I have really no idea what is that problem?
>
> The GET access works fine with DES and AES128. This problem happens 
> only with AES192 and AES256.
>
> Thanks,
> Laurent GOUSENBOURGER
>
> _______________________________________________
> SNMP4J mailing list
> SNMP4J at agentpp.org
> http://lists.agentpp.org/mailman/listinfo/snmp4j
>

More information about the SNMP4J mailing list