- java.lang.Object
-
- org.snmp4j.transport.tls.PropertiesTlsTmSecurityCallback
-
- All Implemented Interfaces:
TlsTmSecurityCallback<java.security.cert.X509Certificate>
public class PropertiesTlsTmSecurityCallback extends java.lang.Object implements TlsTmSecurityCallback<java.security.cert.X509Certificate>
ThePropertiesTlsTmSecurityCallbackresolves thetmSecurityNamefor incoming requests by using the (system) propertiesorg.snmp4j.arg.securityNameorg.snmp4j.arg.tlsLocalIDorg.snmp4j.arg.tlsTrustCAorg.snmp4j.arg.tlsPeerID- Since:
- 2.0
- Version:
- 3.3.0
- Author:
- Frank Fock
-
-
Constructor Summary
Constructors Constructor Description PropertiesTlsTmSecurityCallback(boolean serverMode)PropertiesTlsTmSecurityCallback(java.util.Properties properties, boolean serverMode)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description java.lang.StringgetLocalCertificateAlias(Address targetAddress)Gets the local certificate alias to be used for the supplied target address.OctetStringgetSecurityName(java.security.cert.X509Certificate[] peerCertificateChain)Gets the tmSecurityName (see RFC 5953) from the certificate chain of the communication peer that needs to be authenticated.booleanisAcceptedIssuer(java.security.cert.X509Certificate issuerCertificate)Check if the supplied issuer certificate is accepted as server.booleanisClientCertificateAccepted(java.security.cert.X509Certificate peerEndCertificate)Check if the supplied peer end certificate is accepted as client.booleanisServerCertificateAccepted(java.security.cert.X509Certificate[] peerCertificateChain)Check if the supplied peer certificate chain is accepted as server.
-
-
-
Method Detail
-
getSecurityName
public OctetString getSecurityName(java.security.cert.X509Certificate[] peerCertificateChain)
Description copied from interface:TlsTmSecurityCallbackGets the tmSecurityName (see RFC 5953) from the certificate chain of the communication peer that needs to be authenticated.- Specified by:
getSecurityNamein interfaceTlsTmSecurityCallback<java.security.cert.X509Certificate>- Parameters:
peerCertificateChain- an array ofCertificates with the peer's own certificate first followed by any CA authorities.- Returns:
- the tmSecurityName as defined by RFC 5953.
-
isClientCertificateAccepted
public boolean isClientCertificateAccepted(java.security.cert.X509Certificate peerEndCertificate) throws java.security.cert.CertificateExceptionDescription copied from interface:TlsTmSecurityCallbackCheck if the supplied peer end certificate is accepted as client.- Specified by:
isClientCertificateAcceptedin interfaceTlsTmSecurityCallback<java.security.cert.X509Certificate>- Parameters:
peerEndCertificate- a client Certificate instance to check acceptance for.- Returns:
trueif the certificate is accepted,falseotherwise, i.e. if verification could not performed, i.e. because it was not configured sufficiently.- Throws:
java.security.cert.CertificateException- if the certificate is rejected.
-
isServerCertificateAccepted
public boolean isServerCertificateAccepted(java.security.cert.X509Certificate[] peerCertificateChain) throws java.security.cert.CertificateExceptionDescription copied from interface:TlsTmSecurityCallbackCheck if the supplied peer certificate chain is accepted as server.- Specified by:
isServerCertificateAcceptedin interfaceTlsTmSecurityCallback<java.security.cert.X509Certificate>- Parameters:
peerCertificateChain- a server Certificate chain to check acceptance for.- Returns:
trueif the certificate is accepted,falseotherwise, i.e. if verification could not performed, i.e. because it was not configured sufficiently.- Throws:
java.security.cert.CertificateException- if the certificate is rejected.
-
isAcceptedIssuer
public boolean isAcceptedIssuer(java.security.cert.X509Certificate issuerCertificate) throws java.security.cert.CertificateExceptionDescription copied from interface:TlsTmSecurityCallbackCheck if the supplied issuer certificate is accepted as server.- Specified by:
isAcceptedIssuerin interfaceTlsTmSecurityCallback<java.security.cert.X509Certificate>- Parameters:
issuerCertificate- an issuer Certificate instance to check acceptance for.- Returns:
trueif the certificate is accepted,falseotherwise, i.e. if verification could not performed, i.e. because it was not configured sufficiently.- Throws:
java.security.cert.CertificateException- if the certificate is rejected.
-
getLocalCertificateAlias
public java.lang.String getLocalCertificateAlias(Address targetAddress)
Description copied from interface:TlsTmSecurityCallbackGets the local certificate alias to be used for the supplied target address.- Specified by:
getLocalCertificateAliasin interfaceTlsTmSecurityCallback<java.security.cert.X509Certificate>- Parameters:
targetAddress- a target address ornullif the default local certificate alias needs to be retrieved.- Returns:
- the requested local certificate alias, if known. Otherwise
nullis returned which could cause a protocol violation if the local key store contains more than one certificate.
-
-