001/*
002 * The contents of this file are subject to the terms of the Common Development and
003 * Distribution License (the License). You may not use this file except in compliance with the
004 * License.
005 *
006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
007 * specific language governing permission and limitations under the License.
008 *
009 * When distributing Covered Software, include this CDDL Header Notice in each file and include
010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
011 * Header, with the fields enclosed by brackets [] replaced by your own identifying
012 * information: "Portions Copyright [year] [name of copyright owner]".
013 *
014 * Copyright 2006-2008 Sun Microsystems, Inc.
015 * Portions copyright 2013-2016 ForgeRock AS.
016 */
017package org.opends.server.extensions;
018
019
020
021/**
022 * This class defines a number of constants that may be used by Directory Server
023 * extensions.
024 */
025public class ExtensionsConstants
026{
027  /**
028   * The authentication password scheme name for use with passwords encoded in a
029   * salted MD5 representation.
030   */
031  public static final String AUTH_PASSWORD_SCHEME_NAME_SALTED_MD5 = "MD5";
032
033
034
035  /**
036   * The authentication password scheme name for use with passwords encoded in a
037   * salted SHA-1 representation.
038   */
039  public static final String AUTH_PASSWORD_SCHEME_NAME_SALTED_SHA_1 = "SHA1";
040
041
042
043  /**
044   * The authentication password scheme name for use with passwords encoded in a
045   * salted SHA-256 representation.
046   */
047  public static final String AUTH_PASSWORD_SCHEME_NAME_SALTED_SHA_256 =
048       "SHA256";
049
050
051
052  /**
053   * The authentication password scheme name for use with passwords encoded in a
054   * salted SHA-384 representation.
055   */
056  public static final String AUTH_PASSWORD_SCHEME_NAME_SALTED_SHA_384 =
057       "SHA384";
058
059
060
061  /**
062   * The authentication password scheme name for use with passwords encoded in a
063   * salted SHA-512 representation.
064   */
065  public static final String AUTH_PASSWORD_SCHEME_NAME_SALTED_SHA_512 =
066       "SHA512";
067
068
069
070  /**
071   * The authentication password scheme name for use with passwords encoded in a
072   * PBKDF2 representation.
073   */
074  public static final String AUTH_PASSWORD_SCHEME_NAME_PBKDF2 = "PBKDF2";
075
076
077  /**
078   * The authentication password scheme name for use with passwords encoded in a
079   * PKCS5S2 representation.
080   */
081  public static final String AUTH_PASSWORD_SCHEME_NAME_PKCS5S2 = "PKCS5S2";
082
083
084  /**
085   * The name of the message digest algorithm that should be used to generate
086   * MD5 hashes.
087   */
088  public static final String MESSAGE_DIGEST_ALGORITHM_MD5 = "MD5";
089
090
091
092  /**
093   * The name of the message digest algorithm that should be used to generate
094   * SHA-1 hashes.
095   */
096  public static final String MESSAGE_DIGEST_ALGORITHM_SHA_1 = "SHA-1";
097
098
099
100  /**
101   * The name of the message digest algorithm that should be used to generate
102   * 256-bit SHA-2 hashes.
103   */
104  public static final String MESSAGE_DIGEST_ALGORITHM_SHA_256 = "SHA-256";
105
106
107
108  /**
109   * The name of the message digest algorithm that should be used to generate
110   * 384-bit SHA-2 hashes.
111   */
112  public static final String MESSAGE_DIGEST_ALGORITHM_SHA_384 = "SHA-384";
113
114
115
116  /**
117   * The name of the message digest algorithm that should be used to generate
118   * 512-bit SHA-2 hashes.
119   */
120  public static final String MESSAGE_DIGEST_ALGORITHM_SHA_512 = "SHA-512";
121
122
123
124  /**
125   * The name of the message digest algorithm that should be used to generate
126   * PBKDF2 hashes.
127   */
128  public static final String MESSAGE_DIGEST_ALGORITHM_PBKDF2 =
129       "PBKDF2WithHmacSHA1";
130
131
132
133  /**
134   * The name of the pseudo-random number generator using SHA-1.
135   */
136  public static final String SECURE_PRNG_SHA1 = "SHA1PRNG";
137
138
139
140  /**
141   * The cipher transformation that should be used when performing 3DES
142   * encryption/decription.
143   */
144  public static final String CIPHER_TRANSFORMATION_3DES =
145       "DESede/CFB/NoPadding";
146
147
148
149  /**
150   * The cipher transformation that should be used when performing AES
151   * encryption/decription.
152   */
153  public static final String CIPHER_TRANSFORMATION_AES = "AES/CFB/NoPadding";
154
155
156
157  /**
158   * The cipher transformation that should be used when performing blowfish
159   * encryption/decription.
160   */
161  public static final String CIPHER_TRANSFORMATION_BLOWFISH =
162       "Blowfish/CFB/NoPadding";
163
164
165
166  /**
167   * The cipher transformation that should be used when performing RC4
168   * encryption/decription.
169   *
170   * TODO: https://opends.dev.java.net/issues/show_bug.cgi?id=2471
171   */
172  public static final String CIPHER_TRANSFORMATION_RC4 = "RC4/NONE/NoPadding";
173
174
175
176  /**
177   * The key size (in bits) that should be used for the encryption key when
178   * using the 3DES cipher.
179   */
180  public static final int KEY_SIZE_3DES = 168;
181
182
183
184  /**
185   * The key size (in bits) that should be used for the encryption key when
186   * using the AES cipher.
187   * TODO: https://opends.dev.java.net/issues/show_bug.cgi?id=2475
188   */
189  public static final int KEY_SIZE_AES = 128;
190
191
192
193  /**
194   * The key size (in bits) that should be used for the encryption key when
195   * using the Blowfish cipher.
196   * TODO: https://opends.dev.java.net/issues/show_bug.cgi?id=2475
197   */
198  public static final int KEY_SIZE_BLOWFISH = 128;
199
200
201
202  /**
203   * The key size (in bits) that should be used for the encryption key when
204   * using the RC4 cipher.
205   * TODO: https://opends.dev.java.net/issues/show_bug.cgi?id=2475
206   */
207  public static final int KEY_SIZE_RC4 = 128;
208
209
210
211  /**
212   * The password storage scheme name that will be used for passwords that are
213   * stored in 3DES-encrypted form.
214   */
215  public static final String STORAGE_SCHEME_NAME_3DES = "3DES";
216
217
218
219  /**
220   * The password storage scheme name that will be used for passwords that are
221   * stored in AES-encrypted form.
222   */
223  public static final String STORAGE_SCHEME_NAME_AES = "AES";
224
225
226
227  /**
228   * The password storage scheme name that will be used for passwords that are
229   * stored in base64-encoded form (virtually no protection, but the value is
230   * reversible).
231   */
232  public static final String STORAGE_SCHEME_NAME_BASE64 = "BASE64";
233
234
235
236  /**
237   * The password storage scheme name that will be used for passwords that are
238   * stored in base64-encoded form (virtually no protection, but the value is
239   * reversible).
240   */
241  public static final String STORAGE_SCHEME_NAME_BCRYPT = "BCRYPT";
242
243
244
245  /**
246   * The password storage scheme name that will be used for passwords that are
247   * stored in Blowfish-encrypted form.
248   */
249  public static final String STORAGE_SCHEME_NAME_BLOWFISH = "BLOWFISH";
250
251
252
253  /**
254   * The password storage scheme name that will be used for passwords that are
255   * not encoded or obscured in any way.
256   */
257  public static final String STORAGE_SCHEME_NAME_CLEAR = "CLEAR";
258
259
260
261  /**
262   * The password storage scheme name that will be used for passwords stored in
263   * an MD5 representation.
264   */
265  public static final String STORAGE_SCHEME_NAME_MD5 = "MD5";
266
267
268
269  /**
270   * The password storage scheme name that will be used for passwords that are
271   * stored in RC4-encrypted form.
272   */
273  public static final String STORAGE_SCHEME_NAME_RC4 = "RC4";
274
275
276
277  /**
278   * The password storage scheme name that will be used for passwords stored in
279   * a salted MD5 representation.
280   */
281  public static final String STORAGE_SCHEME_NAME_SALTED_MD5 = "SMD5";
282
283
284
285  /**
286   * The password storage scheme name that will be used for passwords stored in
287   * a SHA-1 representation.
288   */
289  public static final String STORAGE_SCHEME_NAME_SHA_1 = "SHA";
290
291
292
293  /**
294   * The password storage scheme name that will be used for passwords stored in
295   * a salted SHA-1 representation.
296   */
297  public static final String STORAGE_SCHEME_NAME_SALTED_SHA_1 = "SSHA";
298
299
300
301  /**
302   * The password storage scheme name that will be used for passwords stored in
303   * a salted SHA-256 representation.
304   */
305  public static final String STORAGE_SCHEME_NAME_SALTED_SHA_256 = "SSHA256";
306
307
308
309  /**
310   * The password storage scheme name that will be used for passwords stored in
311   * a salted SHA-384 representation.
312   */
313  public static final String STORAGE_SCHEME_NAME_SALTED_SHA_384 = "SSHA384";
314
315
316
317  /**
318   * The password storage scheme name that will be used for passwords stored in
319   * a salted SHA-512 representation.
320   */
321  public static final String STORAGE_SCHEME_NAME_SALTED_SHA_512 = "SSHA512";
322
323
324
325  /**
326   * The password storage scheme name that will be used for passwords stored in
327   * a PBKDF2 representation.
328   */
329  public static final String STORAGE_SCHEME_NAME_PBKDF2 = "PBKDF2";
330
331
332  /**
333   * The password storage scheme name that will be used for passwords stored in
334   * a PKCS5S2 representation.
335   */
336  public static final String STORAGE_SCHEME_NAME_PKCS5S2 = "PKCS5S2";
337
338
339
340  /**
341   * The password storage scheme name that will be used for passwords stored in
342   * a UNIX crypt representation.
343   */
344  public static final String STORAGE_SCHEME_NAME_CRYPT = "CRYPT";
345
346
347
348  /**
349   * The string that will appear before the name of the password storage scheme
350   * in an encoded password.
351   */
352  public static final String STORAGE_SCHEME_PREFIX = "{";
353
354
355
356  /**
357   * The string that will appear after the name of the password storage scheme
358   * in an encoded password.
359   */
360  public static final String STORAGE_SCHEME_SUFFIX = "}";
361
362
363
364  /**
365   * The ASN.1 element type that will be used to encode the userIdentity
366   * component in a password modify extended request.
367   */
368  public static final byte TYPE_PASSWORD_MODIFY_USER_ID = (byte) 0x80;
369
370
371
372  /**
373   * The ASN.1 element type that will be used to encode the oldPasswd component
374   * in a password modify extended request.
375   */
376  public static final byte TYPE_PASSWORD_MODIFY_OLD_PASSWORD = (byte) 0x81;
377
378
379
380  /**
381   * The ASN.1 element type that will be used to encode the newPasswd component
382   * in a password modify extended request.
383   */
384  public static final byte TYPE_PASSWORD_MODIFY_NEW_PASSWORD = (byte) 0x82;
385
386
387
388  /**
389   * The ASN.1 element type that will be used to encode the genPasswd component
390   * in a password modify extended response.
391   */
392  public static final byte TYPE_PASSWORD_MODIFY_GENERATED_PASSWORD =
393       (byte) 0x80;
394}
395