Module org.snmp4j

Class TLSTMExtendedTrustManager

  • All Implemented Interfaces:
    javax.net.ssl.TrustManager, javax.net.ssl.X509TrustManager

    public class TLSTMExtendedTrustManager
    extends javax.net.ssl.X509ExtendedTrustManager
    TLSTM trust manager that implements the X509ExtendedTrustManager interface.
    Since:
    2.5.7
    • Field Detail

      • trustManager

        javax.net.ssl.X509TrustManager trustManager
      • useClientMode

        private final boolean useClientMode
      • securityCallback

        private final TlsTmSecurityCallback<java.security.cert.X509Certificate> securityCallback
    • Constructor Detail

    • Method Detail

      • checkClientTrusted

        public void checkClientTrusted​(java.security.cert.X509Certificate[] x509Certificates,
                                       java.lang.String s)
                                throws java.security.cert.CertificateException
        Throws:
        java.security.cert.CertificateException
      • checkServerTrusted

        public void checkServerTrusted​(java.security.cert.X509Certificate[] x509Certificates,
                                       java.lang.String s)
                                throws java.security.cert.CertificateException
        Throws:
        java.security.cert.CertificateException
      • isMatchingFingerprint

        private boolean isMatchingFingerprint​(java.security.cert.X509Certificate[] x509Certificates,
                                              OctetString fingerprint,
                                              boolean useClientMode)
                                       throws java.security.cert.CertificateException
        Throws:
        java.security.cert.CertificateException
      • getAcceptedIssuers

        public java.security.cert.X509Certificate[] getAcceptedIssuers()
      • getAcceptedIssuers

        public static java.security.cert.X509Certificate[] getAcceptedIssuers​(javax.net.ssl.X509TrustManager trustManager,
                                                                              TlsTmSecurityCallback<java.security.cert.X509Certificate> securityCallback)
        Gets the accepted X509Certificates from the given X509TrustManager and security callback.
        Parameters:
        trustManager - a X509TrustManager providing the accepted issuers.
        securityCallback - a security callback that is ask to accept any returned issuer.
        Returns:
        a probably empty or null array of accepted issuers.
        Since:
        3.6.0
      • checkClientTrusted

        public void checkClientTrusted​(java.security.cert.X509Certificate[] x509Certificates,
                                       java.lang.String s,
                                       java.net.Socket socket)
                                throws java.security.cert.CertificateException
        Specified by:
        checkClientTrusted in class javax.net.ssl.X509ExtendedTrustManager
        Throws:
        java.security.cert.CertificateException
      • checkServerTrusted

        public void checkServerTrusted​(java.security.cert.X509Certificate[] x509Certificates,
                                       java.lang.String s,
                                       java.net.Socket socket)
                                throws java.security.cert.CertificateException
        Specified by:
        checkServerTrusted in class javax.net.ssl.X509ExtendedTrustManager
        Throws:
        java.security.cert.CertificateException
      • checkServerTrustedBySubjectDN

        private boolean checkServerTrustedBySubjectDN​(java.security.cert.X509Certificate[] x509Certificates)
                                               throws java.security.cert.CertificateException
        RFC 6353 page 47, snmpTlstmAddrServerIdentity
        Throws:
        java.security.cert.CertificateException
      • postCheckServerTrusted

        private void postCheckServerTrusted​(java.security.cert.X509Certificate[] x509Certificates)
                                     throws java.security.cert.CertificateException
        Throws:
        java.security.cert.CertificateException
      • checkServerTrustedByFingerprint

        private boolean checkServerTrustedByFingerprint​(java.security.cert.X509Certificate[] x509Certificates)
                                                 throws java.security.cert.CertificateException
        Throws:
        java.security.cert.CertificateException
      • checkClientTrusted

        public void checkClientTrusted​(java.security.cert.X509Certificate[] x509Certificates,
                                       java.lang.String s,
                                       javax.net.ssl.SSLEngine sslEngine)
                                throws java.security.cert.CertificateException
        Specified by:
        checkClientTrusted in class javax.net.ssl.X509ExtendedTrustManager
        Throws:
        java.security.cert.CertificateException
      • checkClientTrustedIntern

        private boolean checkClientTrustedIntern​(java.security.cert.X509Certificate[] x509Certificates)
                                          throws java.security.cert.CertificateException
        Throws:
        java.security.cert.CertificateException
      • checkServerTrusted

        public void checkServerTrusted​(java.security.cert.X509Certificate[] x509Certificates,
                                       java.lang.String s,
                                       javax.net.ssl.SSLEngine sslEngine)
                                throws java.security.cert.CertificateException
        Specified by:
        checkServerTrusted in class javax.net.ssl.X509ExtendedTrustManager
        Throws:
        java.security.cert.CertificateException