From ef50c789d61e47789f342837a3479fccef23c64b Mon Sep 17 00:00:00 2001
From: coulbeck <coulbeck@localhost>
Date: Wed, 10 Oct 2007 20:29:24 +0000
Subject: [PATCH] Add configuration properties for the crypto manager's preferred digest algorithm, its preferred cipher and mac algorithms and the associated key lengths.
---
opends/src/admin/defn/org/opends/server/admin/std/CryptoManagerConfiguration.xml | 162 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
1 files changed, 162 insertions(+), 0 deletions(-)
diff --git a/opends/src/admin/defn/org/opends/server/admin/std/CryptoManagerConfiguration.xml b/opends/src/admin/defn/org/opends/server/admin/std/CryptoManagerConfiguration.xml
index e997077..64b3c46 100644
--- a/opends/src/admin/defn/org/opends/server/admin/std/CryptoManagerConfiguration.xml
+++ b/opends/src/admin/defn/org/opends/server/admin/std/CryptoManagerConfiguration.xml
@@ -44,6 +44,168 @@
<ldap:superior>top</ldap:superior>
</ldap:object-class>
</adm:profile>
+ <adm:property name="digest-algorithm" multi-valued="false" advanced="false">
+ <adm:synopsis>
+ The preferred message digest algorithm for the Directory Server.
+ </adm:synopsis>
+ <adm:requires-admin-action>
+ <adm:none>
+ <adm:synopsis>
+ Changes to this property will take effect immediately but will
+ only affect cryptographic operations performed after the
+ change.
+ </adm:synopsis>
+ </adm:none>
+ </adm:requires-admin-action>
+ <adm:default-behavior>
+ <adm:defined>
+ <adm:value>SHA-1</adm:value>
+ </adm:defined>
+ </adm:default-behavior>
+ <adm:syntax>
+ <adm:string />
+ </adm:syntax>
+ <adm:profile name="ldap">
+ <ldap:attribute>
+ <ldap:name>ds-cfg-digest-algorithm</ldap:name>
+ </ldap:attribute>
+ </adm:profile>
+ </adm:property>
+ <adm:property name="mac-algorithm" multi-valued="false" advanced="false">
+ <adm:synopsis>
+ The preferred MAC algorithm for the Directory Server.
+ </adm:synopsis>
+ <adm:requires-admin-action>
+ <adm:none>
+ <adm:synopsis>
+ Changes to this property will take effect immediately but will
+ only affect cryptographic operations performed after the
+ change.
+ </adm:synopsis>
+ </adm:none>
+ </adm:requires-admin-action>
+ <adm:default-behavior>
+ <adm:defined>
+ <adm:value>HmacSHA1</adm:value>
+ </adm:defined>
+ </adm:default-behavior>
+ <adm:syntax>
+ <adm:string />
+ </adm:syntax>
+ <adm:profile name="ldap">
+ <ldap:attribute>
+ <ldap:name>ds-cfg-mac-algorithm</ldap:name>
+ </ldap:attribute>
+ </adm:profile>
+ </adm:property>
+ <adm:property name="mac-key-length" multi-valued="false" advanced="false">
+ <adm:synopsis>
+ The preferred key length in bits for the preferred MAC algorithm.
+ </adm:synopsis>
+ <adm:requires-admin-action>
+ <adm:none>
+ <adm:synopsis>
+ Changes to this property will take effect immediately but will
+ only affect cryptographic operations performed after the
+ change.
+ </adm:synopsis>
+ </adm:none>
+ </adm:requires-admin-action>
+ <adm:default-behavior>
+ <adm:defined>
+ <adm:value>128</adm:value>
+ </adm:defined>
+ </adm:default-behavior>
+ <adm:syntax>
+ <adm:integer />
+ </adm:syntax>
+ <adm:profile name="ldap">
+ <ldap:attribute>
+ <ldap:name>ds-cfg-mac-key-length</ldap:name>
+ </ldap:attribute>
+ </adm:profile>
+ </adm:property>
+ <adm:property name="cipher-transformation" multi-valued="false" advanced="false">
+ <adm:synopsis>
+ The preferred cipher for the Directory Server.
+ </adm:synopsis>
+ <adm:requires-admin-action>
+ <adm:none>
+ <adm:synopsis>
+ Changes to this property will take effect immediately but will
+ only affect cryptographic operations performed after the
+ change.
+ </adm:synopsis>
+ </adm:none>
+ </adm:requires-admin-action>
+ <adm:default-behavior>
+ <adm:defined>
+ <adm:value>AES/CBC/PKCS5Padding</adm:value>
+ </adm:defined>
+ </adm:default-behavior>
+ <adm:syntax>
+ <adm:string />
+ </adm:syntax>
+ <adm:profile name="ldap">
+ <ldap:attribute>
+ <ldap:name>ds-cfg-cipher-transformation</ldap:name>
+ </ldap:attribute>
+ </adm:profile>
+ </adm:property>
+ <adm:property name="cipher-key-length" multi-valued="false" advanced="false">
+ <adm:synopsis>
+ The preferred key length in bits for the preferred cipher.
+ </adm:synopsis>
+ <adm:requires-admin-action>
+ <adm:none>
+ <adm:synopsis>
+ Changes to this property will take effect immediately but will
+ only affect cryptographic operations performed after the
+ change.
+ </adm:synopsis>
+ </adm:none>
+ </adm:requires-admin-action>
+ <adm:default-behavior>
+ <adm:defined>
+ <adm:value>128</adm:value>
+ </adm:defined>
+ </adm:default-behavior>
+ <adm:syntax>
+ <adm:integer />
+ </adm:syntax>
+ <adm:profile name="ldap">
+ <ldap:attribute>
+ <ldap:name>ds-cfg-cipher-key-length</ldap:name>
+ </ldap:attribute>
+ </adm:profile>
+ </adm:property>
+ <adm:property name="key-wrapping-transformation" multi-valued="false" advanced="false">
+ <adm:synopsis>
+ The preferred key wrapping transformation for the Directory Server.
+ </adm:synopsis>
+ <adm:requires-admin-action>
+ <adm:none>
+ <adm:synopsis>
+ Changes to this property will take effect immediately but will
+ only affect cryptographic operations performed after the
+ change.
+ </adm:synopsis>
+ </adm:none>
+ </adm:requires-admin-action>
+ <adm:default-behavior>
+ <adm:defined>
+ <adm:value>RSA/ECB/OAEPWITHSHA-1ANDMGF1PADDING</adm:value>
+ </adm:defined>
+ </adm:default-behavior>
+ <adm:syntax>
+ <adm:string />
+ </adm:syntax>
+ <adm:profile name="ldap">
+ <ldap:attribute>
+ <ldap:name>ds-cfg-key-wrapping-transformation</ldap:name>
+ </ldap:attribute>
+ </adm:profile>
+ </adm:property>
<adm:property name="ssl-protocol" multi-valued="true">
<adm:synopsis>
Specifies the names of the SSL protocols that will be allowed for
--
Gitblit v1.10.0