Package org.snmp4j.transport.tls

Class TlsTmSecurityCallbackProxy<C extends Certificate>

java.lang.Object

org.snmp4j.transport.tls.TlsTmSecurityCallbackProxy<C>

Type Parameters:

C - the certificate class supported by this security callback.

All Implemented Interfaces:

TlsTmSecurityCallback<C>

public class TlsTmSecurityCallbackProxy<C extends Certificate>
extends Object
implements TlsTmSecurityCallback<C>

The TlsTmSecurityCallbackProxy class implements a TlsTmSecurityCallback by using an internal reference to another TlsTmSecurityCallback instance. It can be used to defer the creation of the backing security callback to a later time.

Since:

3.2.0

Version:

3.3.0

Author:

Frank Fock

Constructor Summary

Constructors

Constructor	Description
TlsTmSecurityCallbackProxy()

Method Summary

Modifier and Type	Method	Description
String	getLocalCertificateAlias(Address targetAddress)	Gets the local certificate alias to be used for the supplied target address.
OctetString	getSecurityName(C[] peerCertificateChain)	Gets the tmSecurityName (see RFC 5953) from the certificate chain of the communication peer that needs to be authenticated.
TlsTmSecurityCallback<C>	getTlsTmSecurityCallback()
boolean	isAcceptedIssuer(C issuerCertificate)	Check if the supplied issuer certificate is accepted as server.
boolean	isClientCertificateAccepted(C peerEndCertificate)	Check if the supplied peer end certificate is accepted as client.
boolean	isServerCertificateAccepted(C[] peerCertificateChain)	Check if the supplied peer certificate chain is accepted as server.
void	setTlsTmSecurityCallback(TlsTmSecurityCallback<C> tlsTmSecurityCallback)	Sets the security callback to be used when this proxy is being called.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

TlsTmSecurityCallbackProxy

public TlsTmSecurityCallbackProxy()

Method Details

getTlsTmSecurityCallback

public TlsTmSecurityCallback<C> getTlsTmSecurityCallback()

setTlsTmSecurityCallback

public void setTlsTmSecurityCallback(TlsTmSecurityCallback<C> tlsTmSecurityCallback)

Sets the security callback to be used when this proxy is being called.

Parameters:

tlsTmSecurityCallback - the actually used security callback. If null, then the security callback methods will always return false and null respectively.

getSecurityName

public OctetString getSecurityName(C[] peerCertificateChain)

Description copied from interface: TlsTmSecurityCallback

Gets the tmSecurityName (see RFC 5953) from the certificate chain of the communication peer that needs to be authenticated.

Specified by:

getSecurityName in interface TlsTmSecurityCallback<C extends Certificate>

Parameters:

peerCertificateChain - an array of Certificates with the peer's own certificate first followed by any CA authorities.

Returns:

the tmSecurityName as defined by RFC 5953.

isClientCertificateAccepted

public boolean isClientCertificateAccepted(C peerEndCertificate)
                                    throws CertificateException

Description copied from interface: TlsTmSecurityCallback

Check if the supplied peer end certificate is accepted as client.

Specified by:

isClientCertificateAccepted in interface TlsTmSecurityCallback<C extends Certificate>

Parameters:

peerEndCertificate - a client Certificate instance to check acceptance for.

Returns:

true if the certificate is accepted, false otherwise, i.e. if verification could not performed, i.e. because it was not configured sufficiently.

Throws:

CertificateException - if the certificate is rejected.

isServerCertificateAccepted

public boolean isServerCertificateAccepted(C[] peerCertificateChain)
                                    throws CertificateException

Description copied from interface: TlsTmSecurityCallback

Check if the supplied peer certificate chain is accepted as server.

Specified by:

isServerCertificateAccepted in interface TlsTmSecurityCallback<C extends Certificate>

Parameters:

peerCertificateChain - a server Certificate chain to check acceptance for.

Returns:

true if the certificate is accepted, false otherwise, i.e. if verification could not performed, i.e. because it was not configured sufficiently.

Throws:

CertificateException - if the certificate is rejected.

isAcceptedIssuer

public boolean isAcceptedIssuer(C issuerCertificate)
                         throws CertificateException

Description copied from interface: TlsTmSecurityCallback

Check if the supplied issuer certificate is accepted as server.

Specified by:

isAcceptedIssuer in interface TlsTmSecurityCallback<C extends Certificate>

Parameters:

issuerCertificate - an issuer Certificate instance to check acceptance for.

Returns:

true if the certificate is accepted, false otherwise, i.e. if verification could not performed, i.e. because it was not configured sufficiently.

Throws:

CertificateException - if the certificate is rejected.

getLocalCertificateAlias

public String getLocalCertificateAlias(Address targetAddress)

Description copied from interface: TlsTmSecurityCallback

Gets the local certificate alias to be used for the supplied target address.

Specified by:

getLocalCertificateAlias in interface TlsTmSecurityCallback<C extends Certificate>

Parameters:

targetAddress - a target address or null if the default local certificate alias needs to be retrieved.

Returns:

the requested local certificate alias, if known. Otherwise null is returned which could cause a protocol violation if the local key store contains more than one certificate.