org.snmp4j.transport.tls
Class PropertiesTlsTmSecurityCallback

java.lang.Object
  extended by org.snmp4j.transport.tls.PropertiesTlsTmSecurityCallback
All Implemented Interfaces:
TlsTmSecurityCallback<java.security.cert.X509Certificate>

public class PropertiesTlsTmSecurityCallback
extends java.lang.Object
implements TlsTmSecurityCallback<java.security.cert.X509Certificate>

The PropertiesTlsTmSecurityCallback resolves the tmSecurityName for incoming requests by using the (system) properties org.snmp4j.arg.tlsPeerID and org.snmp4j.arg.tlsLocalCA.

Since:
2.0
Author:
Frank Fock

Constructor Summary
PropertiesTlsTmSecurityCallback(boolean serverMode)
           
PropertiesTlsTmSecurityCallback(java.util.Properties properties, boolean serverMode)
           
 
Method Summary
 java.lang.String getLocalCertificateAlias(Address targetAddress)
          Gets the local certificate alias to be used for the supplied target address.
 OctetString getSecurityName(java.security.cert.X509Certificate[] peerCertificateChain)
          Gets the tmSecurityName (see RFC 5953) from the certificate chain of the communication peer that needs to be authenticated.
 boolean isAcceptedIssuer(java.security.cert.X509Certificate issuerCertificate)
          Check if the supplied issuer certificate is accepted as server.
 boolean isClientCertificateAccepted(java.security.cert.X509Certificate peerEndCertificate)
          Check if the supplied peer end certificate is accepted as client.
 boolean isServerCertificateAccepted(java.security.cert.X509Certificate[] peerCertificateChain)
          Check if the supplied peer certificate chain is accepted as server.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

PropertiesTlsTmSecurityCallback

public PropertiesTlsTmSecurityCallback(boolean serverMode)

PropertiesTlsTmSecurityCallback

public PropertiesTlsTmSecurityCallback(java.util.Properties properties,
                                       boolean serverMode)
Method Detail

getSecurityName

public OctetString getSecurityName(java.security.cert.X509Certificate[] peerCertificateChain)
Description copied from interface: TlsTmSecurityCallback
Gets the tmSecurityName (see RFC 5953) from the certificate chain of the communication peer that needs to be authenticated.

Specified by:
getSecurityName in interface TlsTmSecurityCallback<java.security.cert.X509Certificate>
Parameters:
peerCertificateChain - an array of Certificates with the peer's own certificate first followed by any CA authorities.
Returns:
the tmSecurityName as defined by RFC 5953.

isClientCertificateAccepted

public boolean isClientCertificateAccepted(java.security.cert.X509Certificate peerEndCertificate)
Description copied from interface: TlsTmSecurityCallback
Check if the supplied peer end certificate is accepted as client.

Specified by:
isClientCertificateAccepted in interface TlsTmSecurityCallback<java.security.cert.X509Certificate>
Parameters:
peerEndCertificate - a client Certificate instance to check acceptance for.
Returns:
true if the certificate is accepted.

isServerCertificateAccepted

public boolean isServerCertificateAccepted(java.security.cert.X509Certificate[] peerCertificateChain)
Description copied from interface: TlsTmSecurityCallback
Check if the supplied peer certificate chain is accepted as server.

Specified by:
isServerCertificateAccepted in interface TlsTmSecurityCallback<java.security.cert.X509Certificate>
Parameters:
peerCertificateChain - a server Certificate chain to check acceptance for.
Returns:
true if the certificate chain is accepted.

isAcceptedIssuer

public boolean isAcceptedIssuer(java.security.cert.X509Certificate issuerCertificate)
Description copied from interface: TlsTmSecurityCallback
Check if the supplied issuer certificate is accepted as server.

Specified by:
isAcceptedIssuer in interface TlsTmSecurityCallback<java.security.cert.X509Certificate>
Parameters:
issuerCertificate - an issuer Certificate instance to check acceptance for.
Returns:
true if the certificate is accepted.

getLocalCertificateAlias

public java.lang.String getLocalCertificateAlias(Address targetAddress)
Description copied from interface: TlsTmSecurityCallback
Gets the local certificate alias to be used for the supplied target address.

Specified by:
getLocalCertificateAlias in interface TlsTmSecurityCallback<java.security.cert.X509Certificate>
Parameters:
targetAddress - a target address or null if the default local certificate alias needs to be retrieved.
Returns:
the requested local certificate alias, if known. Otherwise null is returned which could cause a protocol violation if the local key store contains more than one certificate.

Copyright 2005-2011 Frank Fock (SNMP4J.org)

Copyright © 2011 SNMP4J.org. All Rights Reserved.