Module org.snmp4j
Package org.snmp4j.transport.tls
Class TlsTmSecurityCallbackProxy<C extends java.security.cert.Certificate>
- java.lang.Object
-
- org.snmp4j.transport.tls.TlsTmSecurityCallbackProxy<C>
-
- Type Parameters:
C
- the certificate class supported by this security callback.
- All Implemented Interfaces:
TlsTmSecurityCallback<C>
public class TlsTmSecurityCallbackProxy<C extends java.security.cert.Certificate> extends java.lang.Object implements TlsTmSecurityCallback<C>
TheTlsTmSecurityCallbackProxy
class implements aTlsTmSecurityCallback
by using an internal reference to anotherTlsTmSecurityCallback
instance. It can be used to defer the creation of the backing security callback to a later time.- Since:
- 3.2.0
- Version:
- 3.3.0
- Author:
- Frank Fock
-
-
Constructor Summary
Constructors Constructor Description TlsTmSecurityCallbackProxy()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description java.lang.String
getLocalCertificateAlias(Address targetAddress)
Gets the local certificate alias to be used for the supplied target address.OctetString
getSecurityName(C[] peerCertificateChain)
Gets the tmSecurityName (see RFC 5953) from the certificate chain of the communication peer that needs to be authenticated.TlsTmSecurityCallback<C>
getTlsTmSecurityCallback()
boolean
isAcceptedIssuer(C issuerCertificate)
Check if the supplied issuer certificate is accepted as server.boolean
isClientCertificateAccepted(C peerEndCertificate)
Check if the supplied peer end certificate is accepted as client.boolean
isServerCertificateAccepted(C[] peerCertificateChain)
Check if the supplied peer certificate chain is accepted as server.void
setTlsTmSecurityCallback(TlsTmSecurityCallback<C> tlsTmSecurityCallback)
Sets the security callback to be used when this proxy is being called.
-
-
-
Method Detail
-
getTlsTmSecurityCallback
public TlsTmSecurityCallback<C> getTlsTmSecurityCallback()
-
setTlsTmSecurityCallback
public void setTlsTmSecurityCallback(TlsTmSecurityCallback<C> tlsTmSecurityCallback)
Sets the security callback to be used when this proxy is being called.- Parameters:
tlsTmSecurityCallback
- the actually used security callback. Ifnull
, then the security callback methods will always returnfalse
andnull
respectively.
-
getSecurityName
public OctetString getSecurityName(C[] peerCertificateChain)
Description copied from interface:TlsTmSecurityCallback
Gets the tmSecurityName (see RFC 5953) from the certificate chain of the communication peer that needs to be authenticated.- Specified by:
getSecurityName
in interfaceTlsTmSecurityCallback<C extends java.security.cert.Certificate>
- Parameters:
peerCertificateChain
- an array ofCertificate
s with the peer's own certificate first followed by any CA authorities.- Returns:
- the tmSecurityName as defined by RFC 5953.
-
isClientCertificateAccepted
public boolean isClientCertificateAccepted(C peerEndCertificate) throws java.security.cert.CertificateException
Description copied from interface:TlsTmSecurityCallback
Check if the supplied peer end certificate is accepted as client.- Specified by:
isClientCertificateAccepted
in interfaceTlsTmSecurityCallback<C extends java.security.cert.Certificate>
- Parameters:
peerEndCertificate
- a client Certificate instance to check acceptance for.- Returns:
true
if the certificate is accepted,false
otherwise, i.e. if verification could not performed, i.e. because it was not configured sufficiently.- Throws:
java.security.cert.CertificateException
- if the certificate is rejected.
-
isServerCertificateAccepted
public boolean isServerCertificateAccepted(C[] peerCertificateChain) throws java.security.cert.CertificateException
Description copied from interface:TlsTmSecurityCallback
Check if the supplied peer certificate chain is accepted as server.- Specified by:
isServerCertificateAccepted
in interfaceTlsTmSecurityCallback<C extends java.security.cert.Certificate>
- Parameters:
peerCertificateChain
- a server Certificate chain to check acceptance for.- Returns:
true
if the certificate is accepted,false
otherwise, i.e. if verification could not performed, i.e. because it was not configured sufficiently.- Throws:
java.security.cert.CertificateException
- if the certificate is rejected.
-
isAcceptedIssuer
public boolean isAcceptedIssuer(C issuerCertificate) throws java.security.cert.CertificateException
Description copied from interface:TlsTmSecurityCallback
Check if the supplied issuer certificate is accepted as server.- Specified by:
isAcceptedIssuer
in interfaceTlsTmSecurityCallback<C extends java.security.cert.Certificate>
- Parameters:
issuerCertificate
- an issuer Certificate instance to check acceptance for.- Returns:
true
if the certificate is accepted,false
otherwise, i.e. if verification could not performed, i.e. because it was not configured sufficiently.- Throws:
java.security.cert.CertificateException
- if the certificate is rejected.
-
getLocalCertificateAlias
public java.lang.String getLocalCertificateAlias(Address targetAddress)
Description copied from interface:TlsTmSecurityCallback
Gets the local certificate alias to be used for the supplied target address.- Specified by:
getLocalCertificateAlias
in interfaceTlsTmSecurityCallback<C extends java.security.cert.Certificate>
- Parameters:
targetAddress
- a target address ornull
if the default local certificate alias needs to be retrieved.- Returns:
- the requested local certificate alias, if known. Otherwise
null
is returned which could cause a protocol violation if the local key store contains more than one certificate.
-
-