Module org.snmp4j
Package org.snmp4j.transport.tls

Class TLSTMExtendedTrustManager

  • All Implemented Interfaces:
    javax.net.ssl.TrustManager, javax.net.ssl.X509TrustManager
    public class TLSTMExtendedTrustManager
extends javax.net.ssl.X509ExtendedTrustManager
    TLSTM trust manager that implements the X509ExtendedTrustManager interface.
    Since:
    2.5.7

    • Field Detail

      • trustManager

        javax.net.ssl.X509TrustManager trustManager

      • useClientMode

        private final boolean useClientMode

      • securityCallback

        private final TlsTmSecurityCallback<java.security.cert.X509Certificate> securityCallback

    • Constructor Detail

    • Method Detail

      • checkClientTrusted

        public void checkClientTrusted​(java.security.cert.X509Certificate[] x509Certificates,
                               java.lang.String s)
                        throws java.security.cert.CertificateException
        Throws:
        java.security.cert.CertificateException

      • checkServerTrusted

        public void checkServerTrusted​(java.security.cert.X509Certificate[] x509Certificates,
                               java.lang.String s)
                        throws java.security.cert.CertificateException
        Throws:
        java.security.cert.CertificateException

      • isMatchingFingerprint

        private boolean isMatchingFingerprint​(java.security.cert.X509Certificate[] x509Certificates,
                                      OctetString fingerprint,
                                      boolean useClientMode)
                               throws java.security.cert.CertificateException
        Throws:
        java.security.cert.CertificateException

      • getAcceptedIssuers

        public java.security.cert.X509Certificate[] getAcceptedIssuers()

      • getAcceptedIssuers

        public static java.security.cert.X509Certificate[] getAcceptedIssuers​(javax.net.ssl.X509TrustManager trustManager,
                                                                      TlsTmSecurityCallback<java.security.cert.X509Certificate> securityCallback)
        Gets the accepted X509Certificates from the given X509TrustManager and security callback.
        Parameters:
        trustManager - a X509TrustManager providing the accepted issuers.
        securityCallback - a security callback that is ask to accept any returned issuer.
        Returns:
        a probably empty or null array of accepted issuers.
        Since:
        3.6.0

      • checkClientTrusted

        public void checkClientTrusted​(java.security.cert.X509Certificate[] x509Certificates,
                               java.lang.String s,
                               java.net.Socket socket)
                        throws java.security.cert.CertificateException
        Specified by:
        checkClientTrusted in class javax.net.ssl.X509ExtendedTrustManager
        Throws:
        java.security.cert.CertificateException

      • checkServerTrusted

        public void checkServerTrusted​(java.security.cert.X509Certificate[] x509Certificates,
                               java.lang.String s,
                               java.net.Socket socket)
                        throws java.security.cert.CertificateException
        Specified by:
        checkServerTrusted in class javax.net.ssl.X509ExtendedTrustManager
        Throws:
        java.security.cert.CertificateException

      • checkServerTrustedBySubjectDN

        private boolean checkServerTrustedBySubjectDN​(java.security.cert.X509Certificate[] x509Certificates)
                                       throws java.security.cert.CertificateException
        RFC 6353 page 47, snmpTlstmAddrServerIdentity
        Throws:
        java.security.cert.CertificateException

      • postCheckServerTrusted

        private void postCheckServerTrusted​(java.security.cert.X509Certificate[] x509Certificates)
                             throws java.security.cert.CertificateException
        Throws:
        java.security.cert.CertificateException

      • checkServerTrustedByFingerprint

        private boolean checkServerTrustedByFingerprint​(java.security.cert.X509Certificate[] x509Certificates)
                                         throws java.security.cert.CertificateException
        Throws:
        java.security.cert.CertificateException

      • checkClientTrusted

        public void checkClientTrusted​(java.security.cert.X509Certificate[] x509Certificates,
                               java.lang.String s,
                               javax.net.ssl.SSLEngine sslEngine)
                        throws java.security.cert.CertificateException
        Specified by:
        checkClientTrusted in class javax.net.ssl.X509ExtendedTrustManager
        Throws:
        java.security.cert.CertificateException

      • checkClientTrustedIntern

        private boolean checkClientTrustedIntern​(java.security.cert.X509Certificate[] x509Certificates)
                                  throws java.security.cert.CertificateException
        Throws:
        java.security.cert.CertificateException

      • checkServerTrusted

        public void checkServerTrusted​(java.security.cert.X509Certificate[] x509Certificates,
                               java.lang.String s,
                               javax.net.ssl.SSLEngine sslEngine)
                        throws java.security.cert.CertificateException
        Specified by:
        checkServerTrusted in class javax.net.ssl.X509ExtendedTrustManager
        Throws:
        java.security.cert.CertificateException