org.snmp4j.transport.tls

Class PropertiesTlsTmSecurityCallback

java.lang.Object

org.snmp4j.transport.tls.PropertiesTlsTmSecurityCallback

All Implemented Interfaces:

TlsTmSecurityCallback<X509Certificate>

public class PropertiesTlsTmSecurityCallback
extends Object
implements TlsTmSecurityCallback<X509Certificate>

The PropertiesTlsTmSecurityCallback resolves the tmSecurityName for incoming requests by using the (system) properties org.snmp4j.arg.securityName org.snmp4j.arg.tlsLocalID org.snmp4j.arg.tlsTrustCA org.snmp4j.arg.tlsPeerID

Since:

2.0

Author:

Frank Fock

Constructor Summary

Constructors

Constructor and Description
PropertiesTlsTmSecurityCallback(boolean serverMode)
PropertiesTlsTmSecurityCallback(Properties properties, boolean serverMode)

Method Summary

Methods

Modifier and Type	Method and Description
String	getLocalCertificateAlias(Address targetAddress) Gets the local certificate alias to be used for the supplied target address.
OctetString	getSecurityName(X509Certificate[] peerCertificateChain) Gets the tmSecurityName (see RFC 5953) from the certificate chain of the communication peer that needs to be authenticated.
boolean	isAcceptedIssuer(X509Certificate issuerCertificate) Check if the supplied issuer certificate is accepted as server.
boolean	isClientCertificateAccepted(X509Certificate peerEndCertificate) Check if the supplied peer end certificate is accepted as client.
boolean	isServerCertificateAccepted(X509Certificate[] peerCertificateChain) Check if the supplied peer certificate chain is accepted as server.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

PropertiesTlsTmSecurityCallback

public PropertiesTlsTmSecurityCallback(boolean serverMode)

PropertiesTlsTmSecurityCallback

public PropertiesTlsTmSecurityCallback(Properties properties,
                               boolean serverMode)

Method Detail

getSecurityName

public OctetString getSecurityName(X509Certificate[] peerCertificateChain)

Description copied from interface: TlsTmSecurityCallback

Gets the tmSecurityName (see RFC 5953) from the certificate chain of the communication peer that needs to be authenticated.

Specified by:

getSecurityName in interface TlsTmSecurityCallback<X509Certificate>

Parameters:

peerCertificateChain - an array of Certificates with the peer's own certificate first followed by any CA authorities.

Returns:

the tmSecurityName as defined by RFC 5953.

isClientCertificateAccepted

public boolean isClientCertificateAccepted(X509Certificate peerEndCertificate)

Description copied from interface: TlsTmSecurityCallback

Check if the supplied peer end certificate is accepted as client.

Specified by:

isClientCertificateAccepted in interface TlsTmSecurityCallback<X509Certificate>

Parameters:

peerEndCertificate - a client Certificate instance to check acceptance for.

Returns:

true if the certificate is accepted.

isServerCertificateAccepted

public boolean isServerCertificateAccepted(X509Certificate[] peerCertificateChain)

Description copied from interface: TlsTmSecurityCallback

Check if the supplied peer certificate chain is accepted as server.

Specified by:

isServerCertificateAccepted in interface TlsTmSecurityCallback<X509Certificate>

Parameters:

peerCertificateChain - a server Certificate chain to check acceptance for.

Returns:

true if the certificate chain is accepted.

isAcceptedIssuer

public boolean isAcceptedIssuer(X509Certificate issuerCertificate)

Description copied from interface: TlsTmSecurityCallback

Check if the supplied issuer certificate is accepted as server.

Specified by:

isAcceptedIssuer in interface TlsTmSecurityCallback<X509Certificate>

Parameters:

issuerCertificate - an issuer Certificate instance to check acceptance for.

Returns:

true if the certificate is accepted.

getLocalCertificateAlias

public String getLocalCertificateAlias(Address targetAddress)

Description copied from interface: TlsTmSecurityCallback

Gets the local certificate alias to be used for the supplied target address.

Specified by:

getLocalCertificateAlias in interface TlsTmSecurityCallback<X509Certificate>

Parameters:

targetAddress - a target address or null if the default local certificate alias needs to be retrieved.

Returns:

the requested local certificate alias, if known. Otherwise null is returned which could cause a protocol violation if the local key store contains more than one certificate.