Module org.snmp4j
Package org.snmp4j.transport.tls
Interface TlsTmSecurityCallback<C extends java.security.cert.Certificate>
-
- Type Parameters:
C
- The certificate type supported by this callback.
- All Known Implementing Classes:
DefaultTlsTmSecurityCallback
,PropertiesTlsTmSecurityCallback
,TlsTmSecurityCallbackProxy
public interface TlsTmSecurityCallback<C extends java.security.cert.Certificate>
TheTlsTmSecurityCallback
is implemented by the SnmpTlsMib (of SNMP4J-Agent), for example, to resolve (lookup) thetmSecurityName
for incoming requests.- Since:
- 2.0
- Version:
- 3.3
-
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description java.lang.String
getLocalCertificateAlias(Address targetAddress)
Gets the local certificate alias to be used for the supplied target address.OctetString
getSecurityName(C[] peerCertificateChain)
Gets the tmSecurityName (see RFC 5953) from the certificate chain of the communication peer that needs to be authenticated.boolean
isAcceptedIssuer(C issuerCertificate)
Check if the supplied issuer certificate is accepted as server.boolean
isClientCertificateAccepted(C peerEndCertificate)
Check if the supplied peer end certificate is accepted as client.boolean
isServerCertificateAccepted(C[] peerCertificateChain)
Check if the supplied peer certificate chain is accepted as server.
-
-
-
Method Detail
-
getSecurityName
OctetString getSecurityName(C[] peerCertificateChain)
Gets the tmSecurityName (see RFC 5953) from the certificate chain of the communication peer that needs to be authenticated.- Parameters:
peerCertificateChain
- an array ofCertificate
s with the peer's own certificate first followed by any CA authorities.- Returns:
- the tmSecurityName as defined by RFC 5953.
-
isClientCertificateAccepted
boolean isClientCertificateAccepted(C peerEndCertificate) throws java.security.cert.CertificateException
Check if the supplied peer end certificate is accepted as client.- Parameters:
peerEndCertificate
- a client Certificate instance to check acceptance for.- Returns:
true
if the certificate is accepted,false
otherwise, i.e. if verification could not performed, i.e. because it was not configured sufficiently.- Throws:
java.security.cert.CertificateException
- if the certificate is rejected.
-
isServerCertificateAccepted
boolean isServerCertificateAccepted(C[] peerCertificateChain) throws java.security.cert.CertificateException
Check if the supplied peer certificate chain is accepted as server.- Parameters:
peerCertificateChain
- a server Certificate chain to check acceptance for.- Returns:
true
if the certificate is accepted,false
otherwise, i.e. if verification could not performed, i.e. because it was not configured sufficiently.- Throws:
java.security.cert.CertificateException
- if the certificate is rejected.
-
isAcceptedIssuer
boolean isAcceptedIssuer(C issuerCertificate) throws java.security.cert.CertificateException
Check if the supplied issuer certificate is accepted as server.- Parameters:
issuerCertificate
- an issuer Certificate instance to check acceptance for.- Returns:
true
if the certificate is accepted,false
otherwise, i.e. if verification could not performed, i.e. because it was not configured sufficiently.- Throws:
java.security.cert.CertificateException
- if the certificate is rejected.
-
getLocalCertificateAlias
java.lang.String getLocalCertificateAlias(Address targetAddress)
Gets the local certificate alias to be used for the supplied target address.- Parameters:
targetAddress
- a target address ornull
if the default local certificate alias needs to be retrieved.- Returns:
- the requested local certificate alias, if known. Otherwise
null
is returned which could cause a protocol violation if the local key store contains more than one certificate.
-
-