Module org.snmp4j

Class PropertiesTlsTmSecurityCallback

  • All Implemented Interfaces:
    TlsTmSecurityCallback<java.security.cert.X509Certificate>

    public class PropertiesTlsTmSecurityCallback
    extends java.lang.Object
    implements TlsTmSecurityCallback<java.security.cert.X509Certificate>
    The PropertiesTlsTmSecurityCallback resolves the tmSecurityName for incoming requests by using the (system) properties org.snmp4j.arg.securityName org.snmp4j.arg.tlsLocalID org.snmp4j.arg.tlsTrustCA org.snmp4j.arg.tlsPeerID
    Since:
    2.0
    Author:
    Frank Fock
    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      java.lang.String getLocalCertificateAlias​(Address targetAddress)
      Gets the local certificate alias to be used for the supplied target address.
      OctetString getSecurityName​(java.security.cert.X509Certificate[] peerCertificateChain)
      Gets the tmSecurityName (see RFC 5953) from the certificate chain of the communication peer that needs to be authenticated.
      boolean isAcceptedIssuer​(java.security.cert.X509Certificate issuerCertificate)
      Check if the supplied issuer certificate is accepted as server.
      boolean isClientCertificateAccepted​(java.security.cert.X509Certificate peerEndCertificate)
      Check if the supplied peer end certificate is accepted as client.
      boolean isServerCertificateAccepted​(java.security.cert.X509Certificate[] peerCertificateChain)
      Check if the supplied peer certificate chain is accepted as server.
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Constructor Detail

      • PropertiesTlsTmSecurityCallback

        public PropertiesTlsTmSecurityCallback​(boolean serverMode)
      • PropertiesTlsTmSecurityCallback

        public PropertiesTlsTmSecurityCallback​(java.util.Properties properties,
                                               boolean serverMode)
    • Method Detail

      • getSecurityName

        public OctetString getSecurityName​(java.security.cert.X509Certificate[] peerCertificateChain)
        Description copied from interface: TlsTmSecurityCallback
        Gets the tmSecurityName (see RFC 5953) from the certificate chain of the communication peer that needs to be authenticated.
        Specified by:
        getSecurityName in interface TlsTmSecurityCallback<java.security.cert.X509Certificate>
        Parameters:
        peerCertificateChain - an array of Certificates with the peer's own certificate first followed by any CA authorities.
        Returns:
        the tmSecurityName as defined by RFC 5953.
      • isClientCertificateAccepted

        public boolean isClientCertificateAccepted​(java.security.cert.X509Certificate peerEndCertificate)
        Description copied from interface: TlsTmSecurityCallback
        Check if the supplied peer end certificate is accepted as client.
        Specified by:
        isClientCertificateAccepted in interface TlsTmSecurityCallback<java.security.cert.X509Certificate>
        Parameters:
        peerEndCertificate - a client Certificate instance to check acceptance for.
        Returns:
        true if the certificate is accepted.
      • isServerCertificateAccepted

        public boolean isServerCertificateAccepted​(java.security.cert.X509Certificate[] peerCertificateChain)
        Description copied from interface: TlsTmSecurityCallback
        Check if the supplied peer certificate chain is accepted as server.
        Specified by:
        isServerCertificateAccepted in interface TlsTmSecurityCallback<java.security.cert.X509Certificate>
        Parameters:
        peerCertificateChain - a server Certificate chain to check acceptance for.
        Returns:
        true if the certificate chain is accepted.
      • isAcceptedIssuer

        public boolean isAcceptedIssuer​(java.security.cert.X509Certificate issuerCertificate)
        Description copied from interface: TlsTmSecurityCallback
        Check if the supplied issuer certificate is accepted as server.
        Specified by:
        isAcceptedIssuer in interface TlsTmSecurityCallback<java.security.cert.X509Certificate>
        Parameters:
        issuerCertificate - an issuer Certificate instance to check acceptance for.
        Returns:
        true if the certificate is accepted.
      • getLocalCertificateAlias

        public java.lang.String getLocalCertificateAlias​(Address targetAddress)
        Description copied from interface: TlsTmSecurityCallback
        Gets the local certificate alias to be used for the supplied target address.
        Specified by:
        getLocalCertificateAlias in interface TlsTmSecurityCallback<java.security.cert.X509Certificate>
        Parameters:
        targetAddress - a target address or null if the default local certificate alias needs to be retrieved.
        Returns:
        the requested local certificate alias, if known. Otherwise null is returned which could cause a protocol violation if the local key store contains more than one certificate.