From a7a83f2fdcc1647611bf9cf09e75ea434b546b5d Mon Sep 17 00:00:00 2001
From: david_page <david_page@localhost>
Date: Mon, 17 Sep 2007 17:31:38 +0000
Subject: [PATCH] Add support for MAC key entry type. Similar to Cipher key entry; however, caller must maintain key identifier (string), e.g., in backup directory, in order to verify signature. TODO: investigate prefixing MAC signed data with key identifier, and suffixing with signature, for both byte[] and stream. This enhancement will require wrapping the Mac API.

---
 opends/src/server/org/opends/server/backends/jeb/BackupManager.java |   20 ++++++++++----------
 1 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/opends/src/server/org/opends/server/backends/jeb/BackupManager.java b/opends/src/server/org/opends/server/backends/jeb/BackupManager.java
index c2eca97..9b8f9c7 100644
--- a/opends/src/server/org/opends/server/backends/jeb/BackupManager.java
+++ b/opends/src/server/org/opends/server/backends/jeb/BackupManager.java
@@ -168,18 +168,18 @@
     Mac           mac             = null;
     MessageDigest digest          = null;
     String        digestAlgorithm = null;
-    String        macAlgorithm    = null;
+    String        macKeyID    = null;
 
     if (hash)
     {
       if (signHash)
       {
-        macAlgorithm = cryptoManager.getPreferredMACAlgorithm();
-        backupProperties.put(BACKUP_PROPERTY_MAC_ALGORITHM, macAlgorithm);
-
         try
         {
-          mac = cryptoManager.getPreferredMACProvider();
+          macKeyID = cryptoManager.getMacEngineKeyEntryID();
+          backupProperties.put(BACKUP_PROPERTY_MAC_KEY_ID, macKeyID);
+
+          mac = cryptoManager.getMacEngine(macKeyID);
         }
         catch (Exception e)
         {
@@ -189,7 +189,7 @@
           }
 
           Message message = ERR_JEB_BACKUP_CANNOT_GET_MAC.get(
-              macAlgorithm, stackTraceToSingleLineString(e));
+              macKeyID, stackTraceToSingleLineString(e));
           throw new DirectoryException(
                DirectoryServer.getServerErrorResultCode(), message, e);
         }
@@ -924,15 +924,15 @@
     Mac           mac             = null;
     MessageDigest digest          = null;
     String        digestAlgorithm = null;
-    String        macAlgorithm    = null;
+    String        macKeyID        = null;
 
     if (signHash != null)
     {
-      macAlgorithm = backupProperties.get(BACKUP_PROPERTY_MAC_ALGORITHM);
+      macKeyID = backupProperties.get(BACKUP_PROPERTY_MAC_KEY_ID);
 
       try
       {
-        mac = cryptoManager.getMACProvider(macAlgorithm);
+        mac = cryptoManager.getMacEngine(macKeyID);
       }
       catch (Exception e)
       {
@@ -942,7 +942,7 @@
         }
 
         Message message = ERR_JEB_BACKUP_CANNOT_GET_MAC.get(
-            macAlgorithm, stackTraceToSingleLineString(e));
+            macKeyID, stackTraceToSingleLineString(e));
         throw new DirectoryException(DirectoryServer.getServerErrorResultCode(),
                                      message, e);
       }

--
Gitblit v1.10.0