Package org.snmp4j.transport.tls

Class PropertiesTlsTmSecurityCallback

java.lang.Object
org.snmp4j.transport.tls.PropertiesTlsTmSecurityCallback
All Implemented Interfaces:
TlsTmSecurityCallback<X509Certificate>
public class PropertiesTlsTmSecurityCallback extends Object implements TlsTmSecurityCallback<X509Certificate>
The PropertiesTlsTmSecurityCallback resolves the tmSecurityName for incoming requests by using the (system) properties org.snmp4j.arg.securityName org.snmp4j.arg.tlsLocalID org.snmp4j.arg.tlsTrustCA org.snmp4j.arg.tlsPeerID
Since:
2.0
Version:
3.3.0
Author:
Frank Fock

  • Constructor Details

    • PropertiesTlsTmSecurityCallback

      public PropertiesTlsTmSecurityCallback(boolean serverMode)

    • PropertiesTlsTmSecurityCallback

      public PropertiesTlsTmSecurityCallback(Properties properties, boolean serverMode)

  • Method Details

    • getSecurityName

      public OctetString getSecurityName(X509Certificate[] peerCertificateChain)
      Description copied from interface: TlsTmSecurityCallback
      Gets the tmSecurityName (see RFC 5953) from the certificate chain of the communication peer that needs to be authenticated.
      Specified by:
      getSecurityName in interface TlsTmSecurityCallback<X509Certificate>
      Parameters:
      peerCertificateChain - an array of Certificates with the peer's own certificate first followed by any CA authorities.
      Returns:
      the tmSecurityName as defined by RFC 5953.

    • isClientCertificateAccepted

      public boolean isClientCertificateAccepted(X509Certificate peerEndCertificate) throws CertificateException
      Description copied from interface: TlsTmSecurityCallback
      Check if the supplied peer end certificate is accepted as client.
      Specified by:
      isClientCertificateAccepted in interface TlsTmSecurityCallback<X509Certificate>
      Parameters:
      peerEndCertificate - a client Certificate instance to check acceptance for.
      Returns:
      true if the certificate is accepted, false otherwise, i.e. if verification could not performed, i.e. because it was not configured sufficiently.
      Throws:
      CertificateException - if the certificate is rejected.

    • isServerCertificateAccepted

      public boolean isServerCertificateAccepted(X509Certificate[] peerCertificateChain) throws CertificateException
      Description copied from interface: TlsTmSecurityCallback
      Check if the supplied peer certificate chain is accepted as server.
      Specified by:
      isServerCertificateAccepted in interface TlsTmSecurityCallback<X509Certificate>
      Parameters:
      peerCertificateChain - a server Certificate chain to check acceptance for.
      Returns:
      true if the certificate is accepted, false otherwise, i.e. if verification could not performed, i.e. because it was not configured sufficiently.
      Throws:
      CertificateException - if the certificate is rejected.

    • isAcceptedIssuer

      public boolean isAcceptedIssuer(X509Certificate issuerCertificate) throws CertificateException
      Description copied from interface: TlsTmSecurityCallback
      Check if the supplied issuer certificate is accepted as server.
      Specified by:
      isAcceptedIssuer in interface TlsTmSecurityCallback<X509Certificate>
      Parameters:
      issuerCertificate - an issuer Certificate instance to check acceptance for.
      Returns:
      true if the certificate is accepted, false otherwise, i.e. if verification could not performed, i.e. because it was not configured sufficiently.
      Throws:
      CertificateException - if the certificate is rejected.

    • getLocalCertificateAlias

      public String getLocalCertificateAlias(Address targetAddress)
      Description copied from interface: TlsTmSecurityCallback
      Gets the local certificate alias to be used for the supplied target address.
      Specified by:
      getLocalCertificateAlias in interface TlsTmSecurityCallback<X509Certificate>
      Parameters:
      targetAddress - a target address or null if the default local certificate alias needs to be retrieved.
      Returns:
      the requested local certificate alias, if known. Otherwise null is returned which could cause a protocol violation if the local key store contains more than one certificate.