You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by er...@apache.org on 2007/10/03 05:37:35 UTC
svn commit: r581484 - in
/directory/sandbox/erodriguez/kerberos-pkinit/src/main/java/org/apache/directory/server/kerberos/pkinit:
ClientConfiguration.java ServerConfiguration.java
Author: erodriguez
Date: Tue Oct 2 20:37:30 2007
New Revision: 581484
URL: http://svn.apache.org/viewvc?rev=581484&view=rev
Log:
Added beans to hold current thinking regarding possible configuration options for PKINIT.
Added:
directory/sandbox/erodriguez/kerberos-pkinit/src/main/java/org/apache/directory/server/kerberos/pkinit/ClientConfiguration.java (with props)
directory/sandbox/erodriguez/kerberos-pkinit/src/main/java/org/apache/directory/server/kerberos/pkinit/ServerConfiguration.java (with props)
Added: directory/sandbox/erodriguez/kerberos-pkinit/src/main/java/org/apache/directory/server/kerberos/pkinit/ClientConfiguration.java
URL: http://svn.apache.org/viewvc/directory/sandbox/erodriguez/kerberos-pkinit/src/main/java/org/apache/directory/server/kerberos/pkinit/ClientConfiguration.java?rev=581484&view=auto
==============================================================================
--- directory/sandbox/erodriguez/kerberos-pkinit/src/main/java/org/apache/directory/server/kerberos/pkinit/ClientConfiguration.java (added)
+++ directory/sandbox/erodriguez/kerberos-pkinit/src/main/java/org/apache/directory/server/kerberos/pkinit/ClientConfiguration.java Tue Oct 2 20:37:30 2007
@@ -0,0 +1,149 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.kerberos.pkinit;
+
+
+import javax.crypto.spec.DHParameterSpec;
+
+
+/**
+ * Client configuration settings.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class ClientConfiguration
+{
+ /**
+ * The location of the user certificate.
+ */
+ private String certificatePath;
+
+ /**
+ * The CMS types to use.
+ */
+ private String cmsType;
+
+ /**
+ * Whether or not to use Diffie-Hellman. The alternative is the "public key"
+ * method.
+ */
+ private boolean isDhUsed = true;
+
+ /**
+ * The Diffie-Hellman group to use.
+ */
+ private DHParameterSpec dhGroup = DhGroup.MODP_GROUP2;
+
+ /**
+ * Whether or not to reuse Diffie-Hellman keys.
+ */
+ private boolean isDhKeysReused;
+
+
+ /**
+ * @return the certificatePath
+ */
+ public String getCertificatePath()
+ {
+ return certificatePath;
+ }
+
+
+ /**
+ * @param certificatePath the certificatePath to set
+ */
+ public void setCertificatePath( String certificatePath )
+ {
+ this.certificatePath = certificatePath;
+ }
+
+
+ /**
+ * @return the cmsType
+ */
+ public String getCmsType()
+ {
+ return cmsType;
+ }
+
+
+ /**
+ * @param cmsType the cmsType to set
+ */
+ public void setCmsType( String cmsType )
+ {
+ this.cmsType = cmsType;
+ }
+
+
+ /**
+ * @return the isDhUsed
+ */
+ public boolean isDhUsed()
+ {
+ return isDhUsed;
+ }
+
+
+ /**
+ * @param isDhUsed the isDhUsed to set
+ */
+ public void setDhUsed( boolean isDhUsed )
+ {
+ this.isDhUsed = isDhUsed;
+ }
+
+
+ /**
+ * @return the dhGroup
+ */
+ public DHParameterSpec getDhGroup()
+ {
+ return dhGroup;
+ }
+
+
+ /**
+ * @param dhGroup the dhGroup to set
+ */
+ public void setDhGroup( DHParameterSpec dhGroup )
+ {
+ this.dhGroup = dhGroup;
+ }
+
+
+ /**
+ * @return the isDhKeysReused
+ */
+ public boolean isDhKeysReused()
+ {
+ return isDhKeysReused;
+ }
+
+
+ /**
+ * @param isDhKeysReused the isDhKeysReused to set
+ */
+ public void setDhKeysReused( boolean isDhKeysReused )
+ {
+ this.isDhKeysReused = isDhKeysReused;
+ }
+}
Propchange: directory/sandbox/erodriguez/kerberos-pkinit/src/main/java/org/apache/directory/server/kerberos/pkinit/ClientConfiguration.java
------------------------------------------------------------------------------
svn:eol-style = native
Added: directory/sandbox/erodriguez/kerberos-pkinit/src/main/java/org/apache/directory/server/kerberos/pkinit/ServerConfiguration.java
URL: http://svn.apache.org/viewvc/directory/sandbox/erodriguez/kerberos-pkinit/src/main/java/org/apache/directory/server/kerberos/pkinit/ServerConfiguration.java?rev=581484&view=auto
==============================================================================
--- directory/sandbox/erodriguez/kerberos-pkinit/src/main/java/org/apache/directory/server/kerberos/pkinit/ServerConfiguration.java (added)
+++ directory/sandbox/erodriguez/kerberos-pkinit/src/main/java/org/apache/directory/server/kerberos/pkinit/ServerConfiguration.java Tue Oct 2 20:37:30 2007
@@ -0,0 +1,155 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.kerberos.pkinit;
+
+
+import javax.crypto.spec.DHParameterSpec;
+
+import org.apache.directory.server.kerberos.shared.messages.value.KerberosTime;
+
+
+/**
+ * Server configuration settings.
+ *
+ * TODO - Whether to use user cert vs. SAN binding.
+ * TODO - What trusted roots to use.
+ * TODO - The minimum allowed enc_types.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class ServerConfiguration
+{
+ /**
+ * Whether or not to use Diffie-Hellman. The alternative is the "public key"
+ * method.
+ */
+ private boolean isDhUsed;
+
+ /**
+ * The Diffie-Hellman group to use.
+ */
+ private DHParameterSpec dhGroup = DhGroup.MODP_GROUP2;
+
+ /**
+ * Whether or not to reuse Diffie-Hellman keys.
+ */
+ private boolean isDhKeysReused;
+
+ /**
+ * The length of time Diffie-Hellman keys can be reused.
+ */
+ private long dhKeyExpiration = KerberosTime.DAY;
+
+ /**
+ * The length of the Diffie-Hellman nonces.
+ */
+ private int dhNonceLength = 32;
+
+
+ /**
+ * @return the isDhUsed
+ */
+ public boolean isDhUsed()
+ {
+ return isDhUsed;
+ }
+
+
+ /**
+ * @param isDhUsed the isDhUsed to set
+ */
+ public void setDhUsed( boolean isDhUsed )
+ {
+ this.isDhUsed = isDhUsed;
+ }
+
+
+ /**
+ * @return the dhGroup
+ */
+ public DHParameterSpec getDhGroup()
+ {
+ return dhGroup;
+ }
+
+
+ /**
+ * @param dhGroup the dhGroup to set
+ */
+ public void setDhGroup( DHParameterSpec dhGroup )
+ {
+ this.dhGroup = dhGroup;
+ }
+
+
+ /**
+ * @return the isDhKeysReused
+ */
+ public boolean isDhKeysReused()
+ {
+ return isDhKeysReused;
+ }
+
+
+ /**
+ * @param isDhKeysReused the isDhKeysReused to set
+ */
+ public void setDhKeysReused( boolean isDhKeysReused )
+ {
+ this.isDhKeysReused = isDhKeysReused;
+ }
+
+
+ /**
+ * @return the dhKeyExpiration
+ */
+ public long getDhKeyExpiration()
+ {
+ return dhKeyExpiration;
+ }
+
+
+ /**
+ * @param dhKeyExpiration the dhKeyExpiration to set
+ */
+ public void setDhKeyExpiration( long dhKeyExpiration )
+ {
+ this.dhKeyExpiration = dhKeyExpiration;
+ }
+
+
+ /**
+ * @return the dhNonceLength
+ */
+ public int getDhNonceLength()
+ {
+ return dhNonceLength;
+ }
+
+
+ /**
+ * @param dhNonceLength the dhNonceLength to set
+ */
+ public void setDhNonceLength( int dhNonceLength )
+ {
+ this.dhNonceLength = dhNonceLength;
+ }
+}
Propchange: directory/sandbox/erodriguez/kerberos-pkinit/src/main/java/org/apache/directory/server/kerberos/pkinit/ServerConfiguration.java
------------------------------------------------------------------------------
svn:eol-style = native