org.snmp4j.transport.tls
Interface TlsTmSecurityCallback<C extends java.security.cert.Certificate>

All Known Implementing Classes:
DefaultTlsTmSecurityCallback, PropertiesTlsTmSecurityCallback

public interface TlsTmSecurityCallback<C extends java.security.cert.Certificate>

The TlsTmSecurityCallback is implemented by the SnmpTlsMib (of SNMP4J-Agent), for example, to resolve (lookup) the tmSecurityName for incoming requests.

Since:
2.0
Version:
2.0
Author:
Frank Fock

Method Summary
 java.lang.String getLocalCertificateAlias(Address targetAddress)
          Gets the local certificate alias to be used for the supplied target address.
 OctetString getSecurityName(C[] peerCertificateChain)
          Gets the tmSecurityName (see RFC 5953) from the certificate chain of the communication peer that needs to be authenticated.
 boolean isAcceptedIssuer(C issuerCertificate)
          Check if the supplied issuer certificate is accepted as server.
 boolean isClientCertificateAccepted(C peerEndCertificate)
          Check if the supplied peer end certificate is accepted as client.
 boolean isServerCertificateAccepted(C[] peerCertificateChain)
          Check if the supplied peer certificate chain is accepted as server.
 

Method Detail

getSecurityName

OctetString getSecurityName(C[] peerCertificateChain)
Gets the tmSecurityName (see RFC 5953) from the certificate chain of the communication peer that needs to be authenticated.

Parameters:
peerCertificateChain - an array of Certificates with the peer's own certificate first followed by any CA authorities.
Returns:
the tmSecurityName as defined by RFC 5953.

isClientCertificateAccepted

boolean isClientCertificateAccepted(C peerEndCertificate)
Check if the supplied peer end certificate is accepted as client.

Parameters:
peerEndCertificate - a client Certificate instance to check acceptance for.
Returns:
true if the certificate is accepted.

isServerCertificateAccepted

boolean isServerCertificateAccepted(C[] peerCertificateChain)
Check if the supplied peer certificate chain is accepted as server.

Parameters:
peerCertificateChain - a server Certificate chain to check acceptance for.
Returns:
true if the certificate chain is accepted.

isAcceptedIssuer

boolean isAcceptedIssuer(C issuerCertificate)
Check if the supplied issuer certificate is accepted as server.

Parameters:
issuerCertificate - an issuer Certificate instance to check acceptance for.
Returns:
true if the certificate is accepted.

getLocalCertificateAlias

java.lang.String getLocalCertificateAlias(Address targetAddress)
Gets the local certificate alias to be used for the supplied target address.

Parameters:
targetAddress - a target address or null if the default local certificate alias needs to be retrieved.
Returns:
the requested local certificate alias, if known. Otherwise null is returned which could cause a protocol violation if the local key store contains more than one certificate.

Copyright 2005-2011 Frank Fock (SNMP4J.org)

Copyright © 2011 SNMP4J.org. All Rights Reserved.