001/* 002 * The contents of this file are subject to the terms of the Common Development and 003 * Distribution License (the License). You may not use this file except in compliance with the 004 * License. 005 * 006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the 007 * specific language governing permission and limitations under the License. 008 * 009 * When distributing Covered Software, include this CDDL Header Notice in each file and include 010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL 011 * Header, with the fields enclosed by brackets [] replaced by your own identifying 012 * information: "Portions Copyright [year] [name of copyright owner]". 013 * 014 * Copyright 2006-2008 Sun Microsystems, Inc. 015 * Portions copyright 2013-2016 ForgeRock AS. 016 */ 017package org.opends.server.extensions; 018 019 020 021/** 022 * This class defines a number of constants that may be used by Directory Server 023 * extensions. 024 */ 025public class ExtensionsConstants 026{ 027 /** 028 * The authentication password scheme name for use with passwords encoded in a 029 * salted MD5 representation. 030 */ 031 public static final String AUTH_PASSWORD_SCHEME_NAME_SALTED_MD5 = "MD5"; 032 033 034 035 /** 036 * The authentication password scheme name for use with passwords encoded in a 037 * salted SHA-1 representation. 038 */ 039 public static final String AUTH_PASSWORD_SCHEME_NAME_SALTED_SHA_1 = "SHA1"; 040 041 042 043 /** 044 * The authentication password scheme name for use with passwords encoded in a 045 * salted SHA-256 representation. 046 */ 047 public static final String AUTH_PASSWORD_SCHEME_NAME_SALTED_SHA_256 = 048 "SHA256"; 049 050 051 052 /** 053 * The authentication password scheme name for use with passwords encoded in a 054 * salted SHA-384 representation. 055 */ 056 public static final String AUTH_PASSWORD_SCHEME_NAME_SALTED_SHA_384 = 057 "SHA384"; 058 059 060 061 /** 062 * The authentication password scheme name for use with passwords encoded in a 063 * salted SHA-512 representation. 064 */ 065 public static final String AUTH_PASSWORD_SCHEME_NAME_SALTED_SHA_512 = 066 "SHA512"; 067 068 069 070 /** 071 * The authentication password scheme name for use with passwords encoded in a 072 * PBKDF2 representation. 073 */ 074 public static final String AUTH_PASSWORD_SCHEME_NAME_PBKDF2 = "PBKDF2"; 075 076 077 /** 078 * The authentication password scheme name for use with passwords encoded in a 079 * PKCS5S2 representation. 080 */ 081 public static final String AUTH_PASSWORD_SCHEME_NAME_PKCS5S2 = "PKCS5S2"; 082 083 084 /** 085 * The name of the message digest algorithm that should be used to generate 086 * MD5 hashes. 087 */ 088 public static final String MESSAGE_DIGEST_ALGORITHM_MD5 = "MD5"; 089 090 091 092 /** 093 * The name of the message digest algorithm that should be used to generate 094 * SHA-1 hashes. 095 */ 096 public static final String MESSAGE_DIGEST_ALGORITHM_SHA_1 = "SHA-1"; 097 098 099 100 /** 101 * The name of the message digest algorithm that should be used to generate 102 * 256-bit SHA-2 hashes. 103 */ 104 public static final String MESSAGE_DIGEST_ALGORITHM_SHA_256 = "SHA-256"; 105 106 107 108 /** 109 * The name of the message digest algorithm that should be used to generate 110 * 384-bit SHA-2 hashes. 111 */ 112 public static final String MESSAGE_DIGEST_ALGORITHM_SHA_384 = "SHA-384"; 113 114 115 116 /** 117 * The name of the message digest algorithm that should be used to generate 118 * 512-bit SHA-2 hashes. 119 */ 120 public static final String MESSAGE_DIGEST_ALGORITHM_SHA_512 = "SHA-512"; 121 122 123 124 /** 125 * The name of the message digest algorithm that should be used to generate 126 * PBKDF2 hashes. 127 */ 128 public static final String MESSAGE_DIGEST_ALGORITHM_PBKDF2 = 129 "PBKDF2WithHmacSHA1"; 130 131 132 133 /** 134 * The name of the pseudo-random number generator using SHA-1. 135 */ 136 public static final String SECURE_PRNG_SHA1 = "SHA1PRNG"; 137 138 139 140 /** 141 * The cipher transformation that should be used when performing 3DES 142 * encryption/decription. 143 */ 144 public static final String CIPHER_TRANSFORMATION_3DES = 145 "DESede/CFB/NoPadding"; 146 147 148 149 /** 150 * The cipher transformation that should be used when performing AES 151 * encryption/decription. 152 */ 153 public static final String CIPHER_TRANSFORMATION_AES = "AES/CFB/NoPadding"; 154 155 156 157 /** 158 * The cipher transformation that should be used when performing blowfish 159 * encryption/decription. 160 */ 161 public static final String CIPHER_TRANSFORMATION_BLOWFISH = 162 "Blowfish/CFB/NoPadding"; 163 164 165 166 /** 167 * The cipher transformation that should be used when performing RC4 168 * encryption/decription. 169 * 170 * TODO: https://opends.dev.java.net/issues/show_bug.cgi?id=2471 171 */ 172 public static final String CIPHER_TRANSFORMATION_RC4 = "RC4/NONE/NoPadding"; 173 174 175 176 /** 177 * The key size (in bits) that should be used for the encryption key when 178 * using the 3DES cipher. 179 */ 180 public static final int KEY_SIZE_3DES = 168; 181 182 183 184 /** 185 * The key size (in bits) that should be used for the encryption key when 186 * using the AES cipher. 187 * TODO: https://opends.dev.java.net/issues/show_bug.cgi?id=2475 188 */ 189 public static final int KEY_SIZE_AES = 128; 190 191 192 193 /** 194 * The key size (in bits) that should be used for the encryption key when 195 * using the Blowfish cipher. 196 * TODO: https://opends.dev.java.net/issues/show_bug.cgi?id=2475 197 */ 198 public static final int KEY_SIZE_BLOWFISH = 128; 199 200 201 202 /** 203 * The key size (in bits) that should be used for the encryption key when 204 * using the RC4 cipher. 205 * TODO: https://opends.dev.java.net/issues/show_bug.cgi?id=2475 206 */ 207 public static final int KEY_SIZE_RC4 = 128; 208 209 210 211 /** 212 * The password storage scheme name that will be used for passwords that are 213 * stored in 3DES-encrypted form. 214 */ 215 public static final String STORAGE_SCHEME_NAME_3DES = "3DES"; 216 217 218 219 /** 220 * The password storage scheme name that will be used for passwords that are 221 * stored in AES-encrypted form. 222 */ 223 public static final String STORAGE_SCHEME_NAME_AES = "AES"; 224 225 226 227 /** 228 * The password storage scheme name that will be used for passwords that are 229 * stored in base64-encoded form (virtually no protection, but the value is 230 * reversible). 231 */ 232 public static final String STORAGE_SCHEME_NAME_BASE64 = "BASE64"; 233 234 235 236 /** 237 * The password storage scheme name that will be used for passwords that are 238 * stored in base64-encoded form (virtually no protection, but the value is 239 * reversible). 240 */ 241 public static final String STORAGE_SCHEME_NAME_BCRYPT = "BCRYPT"; 242 243 244 245 /** 246 * The password storage scheme name that will be used for passwords that are 247 * stored in Blowfish-encrypted form. 248 */ 249 public static final String STORAGE_SCHEME_NAME_BLOWFISH = "BLOWFISH"; 250 251 252 253 /** 254 * The password storage scheme name that will be used for passwords that are 255 * not encoded or obscured in any way. 256 */ 257 public static final String STORAGE_SCHEME_NAME_CLEAR = "CLEAR"; 258 259 260 261 /** 262 * The password storage scheme name that will be used for passwords stored in 263 * an MD5 representation. 264 */ 265 public static final String STORAGE_SCHEME_NAME_MD5 = "MD5"; 266 267 268 269 /** 270 * The password storage scheme name that will be used for passwords that are 271 * stored in RC4-encrypted form. 272 */ 273 public static final String STORAGE_SCHEME_NAME_RC4 = "RC4"; 274 275 276 277 /** 278 * The password storage scheme name that will be used for passwords stored in 279 * a salted MD5 representation. 280 */ 281 public static final String STORAGE_SCHEME_NAME_SALTED_MD5 = "SMD5"; 282 283 284 285 /** 286 * The password storage scheme name that will be used for passwords stored in 287 * a SHA-1 representation. 288 */ 289 public static final String STORAGE_SCHEME_NAME_SHA_1 = "SHA"; 290 291 292 293 /** 294 * The password storage scheme name that will be used for passwords stored in 295 * a salted SHA-1 representation. 296 */ 297 public static final String STORAGE_SCHEME_NAME_SALTED_SHA_1 = "SSHA"; 298 299 300 301 /** 302 * The password storage scheme name that will be used for passwords stored in 303 * a salted SHA-256 representation. 304 */ 305 public static final String STORAGE_SCHEME_NAME_SALTED_SHA_256 = "SSHA256"; 306 307 308 309 /** 310 * The password storage scheme name that will be used for passwords stored in 311 * a salted SHA-384 representation. 312 */ 313 public static final String STORAGE_SCHEME_NAME_SALTED_SHA_384 = "SSHA384"; 314 315 316 317 /** 318 * The password storage scheme name that will be used for passwords stored in 319 * a salted SHA-512 representation. 320 */ 321 public static final String STORAGE_SCHEME_NAME_SALTED_SHA_512 = "SSHA512"; 322 323 324 325 /** 326 * The password storage scheme name that will be used for passwords stored in 327 * a PBKDF2 representation. 328 */ 329 public static final String STORAGE_SCHEME_NAME_PBKDF2 = "PBKDF2"; 330 331 332 /** 333 * The password storage scheme name that will be used for passwords stored in 334 * a PKCS5S2 representation. 335 */ 336 public static final String STORAGE_SCHEME_NAME_PKCS5S2 = "PKCS5S2"; 337 338 339 340 /** 341 * The password storage scheme name that will be used for passwords stored in 342 * a UNIX crypt representation. 343 */ 344 public static final String STORAGE_SCHEME_NAME_CRYPT = "CRYPT"; 345 346 347 348 /** 349 * The string that will appear before the name of the password storage scheme 350 * in an encoded password. 351 */ 352 public static final String STORAGE_SCHEME_PREFIX = "{"; 353 354 355 356 /** 357 * The string that will appear after the name of the password storage scheme 358 * in an encoded password. 359 */ 360 public static final String STORAGE_SCHEME_SUFFIX = "}"; 361 362 363 364 /** 365 * The ASN.1 element type that will be used to encode the userIdentity 366 * component in a password modify extended request. 367 */ 368 public static final byte TYPE_PASSWORD_MODIFY_USER_ID = (byte) 0x80; 369 370 371 372 /** 373 * The ASN.1 element type that will be used to encode the oldPasswd component 374 * in a password modify extended request. 375 */ 376 public static final byte TYPE_PASSWORD_MODIFY_OLD_PASSWORD = (byte) 0x81; 377 378 379 380 /** 381 * The ASN.1 element type that will be used to encode the newPasswd component 382 * in a password modify extended request. 383 */ 384 public static final byte TYPE_PASSWORD_MODIFY_NEW_PASSWORD = (byte) 0x82; 385 386 387 388 /** 389 * The ASN.1 element type that will be used to encode the genPasswd component 390 * in a password modify extended response. 391 */ 392 public static final byte TYPE_PASSWORD_MODIFY_GENERATED_PASSWORD = 393 (byte) 0x80; 394} 395