Source code

001/*
002 * CDDL HEADER START
003 *
004 * The contents of this file are subject to the terms of the
005 * Common Development and Distribution License, Version 1.0 only
006 * (the "License").  You may not use this file except in compliance
007 * with the License.
008 *
009 * You can obtain a copy of the license at legal-notices/CDDLv1_0.txt
010 * or http://forgerock.org/license/CDDLv1.0.html.
011 * See the License for the specific language governing permissions
012 * and limitations under the License.
013 *
014 * When distributing Covered Code, include this CDDL HEADER in each
015 * file and include the License file at legal-notices/CDDLv1_0.txt.
016 * If applicable, add the following below this CDDL HEADER, with the
017 * fields enclosed by brackets "[]" replaced with your own identifying
018 * information:
019 *      Portions Copyright [yyyy] [name of copyright owner]
020 *
021 * CDDL HEADER END
022 *
023 *
024 *      Copyright 2006-2008 Sun Microsystems, Inc.
025 *      Portions Copyright 2015 ForgeRock AS
026 */
027package org.opends.server.api;
028import org.forgerock.i18n.LocalizableMessage;
029
030
031
032import java.util.List;
033import javax.net.ssl.KeyManager;
034
035import org.opends.server.admin.std.server.KeyManagerProviderCfg;
036import org.forgerock.opendj.config.server.ConfigException;
037import org.opends.server.types.DirectoryException;
038import org.opends.server.types.InitializationException;
039
040
041
042/**
043 * This class defines an API that may be used to obtain a set of
044 * {@code javax.net.ssl.KeyManager} objects for use when performing
045 * SSL communication.
046 *
047 * @param <T>
048 *          The type of key manager provider configuration handled by
049 *          this key manager provider implementation.
050 */
051@org.opends.server.types.PublicAPI(
052     stability=org.opends.server.types.StabilityLevel.VOLATILE,
053     mayInstantiate=false,
054     mayExtend=true,
055     mayInvoke=true)
056public abstract class KeyManagerProvider
057    <T extends KeyManagerProviderCfg>
058{
059  /**
060   * Initializes this key manager provider based on the information in
061   * the provided key manager provider configuration.
062   *
063   * @param configuration
064   *          The key manager provider configuration that contains the
065   *          information to use to initialize this key manager
066   *          provider.
067   * @throws ConfigException
068   *           If an unrecoverable problem arises in the process of
069   *           performing the initialization as a result of the server
070   *           configuration.
071   * @throws InitializationException
072   *           If a problem occurs during initialization that is not
073   *           related to the server configuration.
074   */
075  public abstract void initializeKeyManagerProvider(T configuration)
076      throws ConfigException, InitializationException;
077
078
079  /**
080   *
081   * Verifies that an alias is defined in the scope of this Key Manager.
082   *
083   * @param alias
084   *          The alias to check.
085   * @return true if the alias exists, false otherwise
086   */
087  public boolean containsKeyWithAlias(String alias)
088  {
089    return true;
090  }
091
092  /**
093   *
094   * Verifies that the keystore has at least one usable key.
095   *
096   * @return true if the keystore has at least one usable key, false otherwise
097   */
098  public boolean containsAtLeastOneKey()
099  {
100    return true;
101  }
102
103  /**
104   * Indicates whether the provided configuration is acceptable for
105   * this key manager provider.  It should be possible to call this
106   * method on an uninitialized key manager provider instance in order
107   * to determine whether the key manager provider would be able to
108   * use the provided configuration.
109   * <BR><BR>
110   * Note that implementations which use a subclass of the provided
111   * configuration class will likely need to cast the configuration
112   * to the appropriate subclass type.
113   *
114   * @param  configuration        The key manager provider
115   *                              configuration for which to make the
116   *                              determination.
117   * @param  unacceptableReasons  A list that may be used to hold the
118   *                              reasons that the provided
119   *                              configuration is not acceptable.
120   *
121   * @return  {@code true} if the provided configuration is acceptable
122   *          for this key manager provider, or {@code false} if not.
123   */
124  public boolean isConfigurationAcceptable(
125                      T configuration,
126                      List<LocalizableMessage> unacceptableReasons)
127  {
128    // This default implementation does not perform any special
129    // validation.  It should be overridden by key manager provider
130    // implementations that wish to perform more detailed validation.
131    return true;
132  }
133
134
135
136  /**
137   * Performs any finalization that may be necessary for this key
138   * manager provider.
139   */
140  public abstract void finalizeKeyManagerProvider();
141
142
143
144  /**
145   * Retrieves a set of {@code KeyManager} objects that may be used
146   * for interactions requiring access to a key manager.
147   *
148   * @return  A set of {@code KeyManager} objects that may be used for
149   *          interactions requiring access to a key manager.
150   *
151   * @throws  DirectoryException  If a problem occurs while attempting
152   *                              to obtain the set of key managers.
153   */
154  public abstract KeyManager[] getKeyManagers()
155         throws DirectoryException;
156}
157