org.snmp4j.transport.tls

Class TlsTrustManager

java.lang.Object

org.snmp4j.transport.tls.TlsTrustManager

All Implemented Interfaces:

TrustManager, X509TrustManager

public class TlsTrustManager
extends Object
implements X509TrustManager

The TlsTrustManager verifies the trust for clients and servers connected based on the certificates, and fingerprints provided.

Version:

3.3.0

Author:

Frank Fock

Constructor Summary

Constructors

Constructor and Description
TlsTrustManager(X509TrustManager trustManager, boolean useClientMode, TransportStateReference tmStateReference, CounterSupport tlstmCounters, TlsTmSecurityCallback<X509Certificate> securityCallback) Creates a new TlsTrustManager.

Method Summary

Modifier and Type	Method and Description
void	checkClientTrusted(X509Certificate[] x509Certificates, String s)
void	checkServerTrusted(X509Certificate[] x509Certificates, String s)
X509Certificate[]	getAcceptedIssuers()
static X509Certificate[]	getAcceptedIssuers(X509TrustManager trustManager, TlsTmSecurityCallback<X509Certificate> securityCallback) Gets the accepted X509Certificates from the given X509TrustManager and security callback.
protected TlsTmSecurityCallback<X509Certificate>	getSecurityCallback()

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

TlsTrustManager

public TlsTrustManager(X509TrustManager trustManager,
                       boolean useClientMode,
                       TransportStateReference tmStateReference,
                       CounterSupport tlstmCounters,
                       TlsTmSecurityCallback<X509Certificate> securityCallback)

Creates a new TlsTrustManager.

Parameters:

trustManager - the X509 trust manager to be used to validate certificates.

useClientMode - determines if the trust is established as client (true) or server (false).

tmStateReference - the TransportStateReference that optionally contains a TlsTmSecurityCallback which will then take precedence over the TlsTmSecurityCallback provided as parameter (which could then be null).

tlstmCounters - the CounterSupport for recording events created by this trust manager.

securityCallback - the TlsTmSecurityCallback to be used (if tmStateReference does not provide some) to validate peers.

Method Detail

checkClientTrusted

public void checkClientTrusted(X509Certificate[] x509Certificates,
                               String s)
                        throws CertificateException

Specified by:

checkClientTrusted in interface X509TrustManager

Throws:

CertificateException

checkServerTrusted

public void checkServerTrusted(X509Certificate[] x509Certificates,
                               String s)
                        throws CertificateException

Specified by:

checkServerTrusted in interface X509TrustManager

Throws:

CertificateException

getAcceptedIssuers

public X509Certificate[] getAcceptedIssuers()

Specified by:

getAcceptedIssuers in interface X509TrustManager

getAcceptedIssuers

public static X509Certificate[] getAcceptedIssuers(X509TrustManager trustManager,
                                                   TlsTmSecurityCallback<X509Certificate> securityCallback)

Gets the accepted X509Certificates from the given X509TrustManager and security callback.

Parameters:

trustManager - a X509TrustManager providing the accepted issuers.

securityCallback - a security callback that is ask to accept any returned issuer.

Returns:

a probably empty or null array of accepted issuers.

Since:

3.1.1

getSecurityCallback

protected TlsTmSecurityCallback<X509Certificate> getSecurityCallback()