001 /* 002 * CDDL HEADER START 003 * 004 * The contents of this file are subject to the terms of the 005 * Common Development and Distribution License, Version 1.0 only 006 * (the "License"). You may not use this file except in compliance 007 * with the License. 008 * 009 * You can obtain a copy of the license at 010 * trunk/opends/resource/legal-notices/OpenDS.LICENSE 011 * or https://OpenDS.dev.java.net/OpenDS.LICENSE. 012 * See the License for the specific language governing permissions 013 * and limitations under the License. 014 * 015 * When distributing Covered Code, include this CDDL HEADER in each 016 * file and include the License file at 017 * trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable, 018 * add the following below this CDDL HEADER, with the fields enclosed 019 * by brackets "[]" replaced with your own identifying information: 020 * Portions Copyright [yyyy] [name of copyright owner] 021 * 022 * CDDL HEADER END 023 * 024 * 025 * Copyright 2008 Sun Microsystems, Inc. 026 */ 027 package org.opends.server.admin.std.meta; 028 029 030 031 import org.opends.server.admin.AdministratorAction; 032 import org.opends.server.admin.BooleanPropertyDefinition; 033 import org.opends.server.admin.ClassPropertyDefinition; 034 import org.opends.server.admin.client.AuthorizationException; 035 import org.opends.server.admin.client.CommunicationException; 036 import org.opends.server.admin.client.ConcurrentModificationException; 037 import org.opends.server.admin.client.ManagedObject; 038 import org.opends.server.admin.client.MissingMandatoryPropertiesException; 039 import org.opends.server.admin.client.OperationRejectedException; 040 import org.opends.server.admin.condition.Conditions; 041 import org.opends.server.admin.DefaultBehaviorProvider; 042 import org.opends.server.admin.DefinedDefaultBehaviorProvider; 043 import org.opends.server.admin.GenericConstraint; 044 import org.opends.server.admin.ManagedObjectAlreadyExistsException; 045 import org.opends.server.admin.ManagedObjectDefinition; 046 import org.opends.server.admin.PropertyOption; 047 import org.opends.server.admin.PropertyProvider; 048 import org.opends.server.admin.server.ConfigurationChangeListener; 049 import org.opends.server.admin.server.ServerManagedObject; 050 import org.opends.server.admin.std.client.PKCS11KeyManagerProviderCfgClient; 051 import org.opends.server.admin.std.server.KeyManagerProviderCfg; 052 import org.opends.server.admin.std.server.PKCS11KeyManagerProviderCfg; 053 import org.opends.server.admin.StringPropertyDefinition; 054 import org.opends.server.admin.Tag; 055 import org.opends.server.admin.UndefinedDefaultBehaviorProvider; 056 import org.opends.server.types.DN; 057 058 059 060 /** 061 * An interface for querying the PKCS11 Key Manager Provider managed 062 * object definition meta information. 063 * <p> 064 * The PKCS11 Key Manager Provider enables the server to access the 065 * private key information through the PKCS11 interface. 066 */ 067 public final class PKCS11KeyManagerProviderCfgDefn extends ManagedObjectDefinition<PKCS11KeyManagerProviderCfgClient, PKCS11KeyManagerProviderCfg> { 068 069 // The singleton configuration definition instance. 070 private static final PKCS11KeyManagerProviderCfgDefn INSTANCE = new PKCS11KeyManagerProviderCfgDefn(); 071 072 073 074 // The "java-class" property definition. 075 private static final ClassPropertyDefinition PD_JAVA_CLASS; 076 077 078 079 // The "key-store-pin" property definition. 080 private static final StringPropertyDefinition PD_KEY_STORE_PIN; 081 082 083 084 // The "key-store-pin-environment-variable" property definition. 085 private static final StringPropertyDefinition PD_KEY_STORE_PIN_ENVIRONMENT_VARIABLE; 086 087 088 089 // The "key-store-pin-file" property definition. 090 private static final StringPropertyDefinition PD_KEY_STORE_PIN_FILE; 091 092 093 094 // The "key-store-pin-property" property definition. 095 private static final StringPropertyDefinition PD_KEY_STORE_PIN_PROPERTY; 096 097 098 099 // Build the "java-class" property definition. 100 static { 101 ClassPropertyDefinition.Builder builder = ClassPropertyDefinition.createBuilder(INSTANCE, "java-class"); 102 builder.setOption(PropertyOption.MANDATORY); 103 builder.setOption(PropertyOption.ADVANCED); 104 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.COMPONENT_RESTART, INSTANCE, "java-class")); 105 DefaultBehaviorProvider<String> provider = new DefinedDefaultBehaviorProvider<String>("org.opends.server.extensions.PKCS11KeyManagerProvider"); 106 builder.setDefaultBehaviorProvider(provider); 107 builder.addInstanceOf("org.opends.server.api.KeyManagerProvider"); 108 PD_JAVA_CLASS = builder.getInstance(); 109 INSTANCE.registerPropertyDefinition(PD_JAVA_CLASS); 110 } 111 112 113 114 // Build the "key-store-pin" property definition. 115 static { 116 StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "key-store-pin"); 117 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "key-store-pin")); 118 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>()); 119 PD_KEY_STORE_PIN = builder.getInstance(); 120 INSTANCE.registerPropertyDefinition(PD_KEY_STORE_PIN); 121 } 122 123 124 125 // Build the "key-store-pin-environment-variable" property definition. 126 static { 127 StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "key-store-pin-environment-variable"); 128 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "key-store-pin-environment-variable")); 129 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>()); 130 builder.setPattern(".*", "STRING"); 131 PD_KEY_STORE_PIN_ENVIRONMENT_VARIABLE = builder.getInstance(); 132 INSTANCE.registerPropertyDefinition(PD_KEY_STORE_PIN_ENVIRONMENT_VARIABLE); 133 } 134 135 136 137 // Build the "key-store-pin-file" property definition. 138 static { 139 StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "key-store-pin-file"); 140 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "key-store-pin-file")); 141 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>()); 142 builder.setPattern(".*", "FILE"); 143 PD_KEY_STORE_PIN_FILE = builder.getInstance(); 144 INSTANCE.registerPropertyDefinition(PD_KEY_STORE_PIN_FILE); 145 } 146 147 148 149 // Build the "key-store-pin-property" property definition. 150 static { 151 StringPropertyDefinition.Builder builder = StringPropertyDefinition.createBuilder(INSTANCE, "key-store-pin-property"); 152 builder.setAdministratorAction(new AdministratorAction(AdministratorAction.Type.NONE, INSTANCE, "key-store-pin-property")); 153 builder.setDefaultBehaviorProvider(new UndefinedDefaultBehaviorProvider<String>()); 154 builder.setPattern(".*", "STRING"); 155 PD_KEY_STORE_PIN_PROPERTY = builder.getInstance(); 156 INSTANCE.registerPropertyDefinition(PD_KEY_STORE_PIN_PROPERTY); 157 } 158 159 160 161 // Register the tags associated with this managed object definition. 162 static { 163 INSTANCE.registerTag(Tag.valueOf("security")); 164 } 165 166 167 168 // Register the constraints associated with this managed object definition. 169 static { 170 INSTANCE.registerConstraint(new GenericConstraint(INSTANCE, 1, Conditions.implies(Conditions.contains("enabled", "true"), Conditions.or(Conditions.isPresent("key-store-pin-property"), Conditions.isPresent("key-store-pin-environment-variable"), Conditions.isPresent("key-store-pin-file"), Conditions.isPresent("key-store-pin"))))); 171 } 172 173 174 175 /** 176 * Get the PKCS11 Key Manager Provider configuration definition 177 * singleton. 178 * 179 * @return Returns the PKCS11 Key Manager Provider configuration 180 * definition singleton. 181 */ 182 public static PKCS11KeyManagerProviderCfgDefn getInstance() { 183 return INSTANCE; 184 } 185 186 187 188 /** 189 * Private constructor. 190 */ 191 private PKCS11KeyManagerProviderCfgDefn() { 192 super("pkcs11-key-manager-provider", KeyManagerProviderCfgDefn.getInstance()); 193 } 194 195 196 197 /** 198 * {@inheritDoc} 199 */ 200 public PKCS11KeyManagerProviderCfgClient createClientConfiguration( 201 ManagedObject<? extends PKCS11KeyManagerProviderCfgClient> impl) { 202 return new PKCS11KeyManagerProviderCfgClientImpl(impl); 203 } 204 205 206 207 /** 208 * {@inheritDoc} 209 */ 210 public PKCS11KeyManagerProviderCfg createServerConfiguration( 211 ServerManagedObject<? extends PKCS11KeyManagerProviderCfg> impl) { 212 return new PKCS11KeyManagerProviderCfgServerImpl(impl); 213 } 214 215 216 217 /** 218 * {@inheritDoc} 219 */ 220 public Class<PKCS11KeyManagerProviderCfg> getServerConfigurationClass() { 221 return PKCS11KeyManagerProviderCfg.class; 222 } 223 224 225 226 /** 227 * Get the "enabled" property definition. 228 * <p> 229 * Indicates whether the PKCS11 Key Manager Provider is enabled for 230 * use. 231 * 232 * @return Returns the "enabled" property definition. 233 */ 234 public BooleanPropertyDefinition getEnabledPropertyDefinition() { 235 return KeyManagerProviderCfgDefn.getInstance().getEnabledPropertyDefinition(); 236 } 237 238 239 240 /** 241 * Get the "java-class" property definition. 242 * <p> 243 * The fully-qualified name of the Java class that provides the 244 * PKCS11 Key Manager Provider implementation. 245 * 246 * @return Returns the "java-class" property definition. 247 */ 248 public ClassPropertyDefinition getJavaClassPropertyDefinition() { 249 return PD_JAVA_CLASS; 250 } 251 252 253 254 /** 255 * Get the "key-store-pin" property definition. 256 * <p> 257 * Specifies the clear-text PIN needed to access the PKCS11 Key 258 * Manager Provider . 259 * 260 * @return Returns the "key-store-pin" property definition. 261 */ 262 public StringPropertyDefinition getKeyStorePinPropertyDefinition() { 263 return PD_KEY_STORE_PIN; 264 } 265 266 267 268 /** 269 * Get the "key-store-pin-environment-variable" property definition. 270 * <p> 271 * Specifies the name of the environment variable that contains the 272 * clear-text PIN needed to access the PKCS11 Key Manager Provider . 273 * 274 * @return Returns the "key-store-pin-environment-variable" property definition. 275 */ 276 public StringPropertyDefinition getKeyStorePinEnvironmentVariablePropertyDefinition() { 277 return PD_KEY_STORE_PIN_ENVIRONMENT_VARIABLE; 278 } 279 280 281 282 /** 283 * Get the "key-store-pin-file" property definition. 284 * <p> 285 * Specifies the path to the text file whose only contents should be 286 * a single line containing the clear-text PIN needed to access the 287 * PKCS11 Key Manager Provider . 288 * 289 * @return Returns the "key-store-pin-file" property definition. 290 */ 291 public StringPropertyDefinition getKeyStorePinFilePropertyDefinition() { 292 return PD_KEY_STORE_PIN_FILE; 293 } 294 295 296 297 /** 298 * Get the "key-store-pin-property" property definition. 299 * <p> 300 * Specifies the name of the Java property that contains the 301 * clear-text PIN needed to access the PKCS11 Key Manager Provider . 302 * 303 * @return Returns the "key-store-pin-property" property definition. 304 */ 305 public StringPropertyDefinition getKeyStorePinPropertyPropertyDefinition() { 306 return PD_KEY_STORE_PIN_PROPERTY; 307 } 308 309 310 311 /** 312 * Managed object client implementation. 313 */ 314 private static class PKCS11KeyManagerProviderCfgClientImpl implements 315 PKCS11KeyManagerProviderCfgClient { 316 317 // Private implementation. 318 private ManagedObject<? extends PKCS11KeyManagerProviderCfgClient> impl; 319 320 321 322 // Private constructor. 323 private PKCS11KeyManagerProviderCfgClientImpl( 324 ManagedObject<? extends PKCS11KeyManagerProviderCfgClient> impl) { 325 this.impl = impl; 326 } 327 328 329 330 /** 331 * {@inheritDoc} 332 */ 333 public Boolean isEnabled() { 334 return impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 335 } 336 337 338 339 /** 340 * {@inheritDoc} 341 */ 342 public void setEnabled(boolean value) { 343 impl.setPropertyValue(INSTANCE.getEnabledPropertyDefinition(), value); 344 } 345 346 347 348 /** 349 * {@inheritDoc} 350 */ 351 public String getJavaClass() { 352 return impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 353 } 354 355 356 357 /** 358 * {@inheritDoc} 359 */ 360 public void setJavaClass(String value) { 361 impl.setPropertyValue(INSTANCE.getJavaClassPropertyDefinition(), value); 362 } 363 364 365 366 /** 367 * {@inheritDoc} 368 */ 369 public String getKeyStorePin() { 370 return impl.getPropertyValue(INSTANCE.getKeyStorePinPropertyDefinition()); 371 } 372 373 374 375 /** 376 * {@inheritDoc} 377 */ 378 public void setKeyStorePin(String value) { 379 impl.setPropertyValue(INSTANCE.getKeyStorePinPropertyDefinition(), value); 380 } 381 382 383 384 /** 385 * {@inheritDoc} 386 */ 387 public String getKeyStorePinEnvironmentVariable() { 388 return impl.getPropertyValue(INSTANCE.getKeyStorePinEnvironmentVariablePropertyDefinition()); 389 } 390 391 392 393 /** 394 * {@inheritDoc} 395 */ 396 public void setKeyStorePinEnvironmentVariable(String value) { 397 impl.setPropertyValue(INSTANCE.getKeyStorePinEnvironmentVariablePropertyDefinition(), value); 398 } 399 400 401 402 /** 403 * {@inheritDoc} 404 */ 405 public String getKeyStorePinFile() { 406 return impl.getPropertyValue(INSTANCE.getKeyStorePinFilePropertyDefinition()); 407 } 408 409 410 411 /** 412 * {@inheritDoc} 413 */ 414 public void setKeyStorePinFile(String value) { 415 impl.setPropertyValue(INSTANCE.getKeyStorePinFilePropertyDefinition(), value); 416 } 417 418 419 420 /** 421 * {@inheritDoc} 422 */ 423 public String getKeyStorePinProperty() { 424 return impl.getPropertyValue(INSTANCE.getKeyStorePinPropertyPropertyDefinition()); 425 } 426 427 428 429 /** 430 * {@inheritDoc} 431 */ 432 public void setKeyStorePinProperty(String value) { 433 impl.setPropertyValue(INSTANCE.getKeyStorePinPropertyPropertyDefinition(), value); 434 } 435 436 437 438 /** 439 * {@inheritDoc} 440 */ 441 public ManagedObjectDefinition<? extends PKCS11KeyManagerProviderCfgClient, ? extends PKCS11KeyManagerProviderCfg> definition() { 442 return INSTANCE; 443 } 444 445 446 447 /** 448 * {@inheritDoc} 449 */ 450 public PropertyProvider properties() { 451 return impl; 452 } 453 454 455 456 /** 457 * {@inheritDoc} 458 */ 459 public void commit() throws ManagedObjectAlreadyExistsException, 460 MissingMandatoryPropertiesException, ConcurrentModificationException, 461 OperationRejectedException, AuthorizationException, 462 CommunicationException { 463 impl.commit(); 464 } 465 466 } 467 468 469 470 /** 471 * Managed object server implementation. 472 */ 473 private static class PKCS11KeyManagerProviderCfgServerImpl implements 474 PKCS11KeyManagerProviderCfg { 475 476 // Private implementation. 477 private ServerManagedObject<? extends PKCS11KeyManagerProviderCfg> impl; 478 479 // The value of the "enabled" property. 480 private final boolean pEnabled; 481 482 // The value of the "java-class" property. 483 private final String pJavaClass; 484 485 // The value of the "key-store-pin" property. 486 private final String pKeyStorePin; 487 488 // The value of the "key-store-pin-environment-variable" property. 489 private final String pKeyStorePinEnvironmentVariable; 490 491 // The value of the "key-store-pin-file" property. 492 private final String pKeyStorePinFile; 493 494 // The value of the "key-store-pin-property" property. 495 private final String pKeyStorePinProperty; 496 497 498 499 // Private constructor. 500 private PKCS11KeyManagerProviderCfgServerImpl(ServerManagedObject<? extends PKCS11KeyManagerProviderCfg> impl) { 501 this.impl = impl; 502 this.pEnabled = impl.getPropertyValue(INSTANCE.getEnabledPropertyDefinition()); 503 this.pJavaClass = impl.getPropertyValue(INSTANCE.getJavaClassPropertyDefinition()); 504 this.pKeyStorePin = impl.getPropertyValue(INSTANCE.getKeyStorePinPropertyDefinition()); 505 this.pKeyStorePinEnvironmentVariable = impl.getPropertyValue(INSTANCE.getKeyStorePinEnvironmentVariablePropertyDefinition()); 506 this.pKeyStorePinFile = impl.getPropertyValue(INSTANCE.getKeyStorePinFilePropertyDefinition()); 507 this.pKeyStorePinProperty = impl.getPropertyValue(INSTANCE.getKeyStorePinPropertyPropertyDefinition()); 508 } 509 510 511 512 /** 513 * {@inheritDoc} 514 */ 515 public void addPKCS11ChangeListener( 516 ConfigurationChangeListener<PKCS11KeyManagerProviderCfg> listener) { 517 impl.registerChangeListener(listener); 518 } 519 520 521 522 /** 523 * {@inheritDoc} 524 */ 525 public void removePKCS11ChangeListener( 526 ConfigurationChangeListener<PKCS11KeyManagerProviderCfg> listener) { 527 impl.deregisterChangeListener(listener); 528 } 529 /** 530 * {@inheritDoc} 531 */ 532 public void addChangeListener( 533 ConfigurationChangeListener<KeyManagerProviderCfg> listener) { 534 impl.registerChangeListener(listener); 535 } 536 537 538 539 /** 540 * {@inheritDoc} 541 */ 542 public void removeChangeListener( 543 ConfigurationChangeListener<KeyManagerProviderCfg> listener) { 544 impl.deregisterChangeListener(listener); 545 } 546 547 548 549 /** 550 * {@inheritDoc} 551 */ 552 public boolean isEnabled() { 553 return pEnabled; 554 } 555 556 557 558 /** 559 * {@inheritDoc} 560 */ 561 public String getJavaClass() { 562 return pJavaClass; 563 } 564 565 566 567 /** 568 * {@inheritDoc} 569 */ 570 public String getKeyStorePin() { 571 return pKeyStorePin; 572 } 573 574 575 576 /** 577 * {@inheritDoc} 578 */ 579 public String getKeyStorePinEnvironmentVariable() { 580 return pKeyStorePinEnvironmentVariable; 581 } 582 583 584 585 /** 586 * {@inheritDoc} 587 */ 588 public String getKeyStorePinFile() { 589 return pKeyStorePinFile; 590 } 591 592 593 594 /** 595 * {@inheritDoc} 596 */ 597 public String getKeyStorePinProperty() { 598 return pKeyStorePinProperty; 599 } 600 601 602 603 /** 604 * {@inheritDoc} 605 */ 606 public Class<? extends PKCS11KeyManagerProviderCfg> configurationClass() { 607 return PKCS11KeyManagerProviderCfg.class; 608 } 609 610 611 612 /** 613 * {@inheritDoc} 614 */ 615 public DN dn() { 616 return impl.getDN(); 617 } 618 619 } 620 }