From a7a83f2fdcc1647611bf9cf09e75ea434b546b5d Mon Sep 17 00:00:00 2001
From: david_page <david_page@localhost>
Date: Mon, 17 Sep 2007 17:31:38 +0000
Subject: [PATCH] Add support for MAC key entry type. Similar to Cipher key entry; however, caller must maintain key identifier (string), e.g., in backup directory, in order to verify signature. TODO: investigate prefixing MAC signed data with key identifier, and suffixing with signature, for both byte[] and stream. This enhancement will require wrapping the Mac API.

---
 opends/src/server/org/opends/server/util/ServerConstants.java |    7 ++++---
 1 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/opends/src/server/org/opends/server/util/ServerConstants.java b/opends/src/server/org/opends/server/util/ServerConstants.java
index cb9efc5..a202534 100644
--- a/opends/src/server/org/opends/server/util/ServerConstants.java
+++ b/opends/src/server/org/opends/server/util/ServerConstants.java
@@ -2235,10 +2235,11 @@
 
 
   /**
-   * The name of the backup property that holds the name of the MAC algorithm
-   * used to generate the signed hash of a backup.
+   * The name of the backup property that holds the identifer of the key entry
+   * that contains the MAC algorithm and shared secret key used to generate
+   * the signed hash of a backup.
    */
-  public static final String BACKUP_PROPERTY_MAC_ALGORITHM = "mac_algorithm";
+  public static final String BACKUP_PROPERTY_MAC_KEY_ID = "mac_key_id";
 
 
 

--
Gitblit v1.10.0