001/*
002 * CDDL HEADER START
003 *
004 * The contents of this file are subject to the terms of the
005 * Common Development and Distribution License, Version 1.0 only
006 * (the "License").  You may not use this file except in compliance
007 * with the License.
008 *
009 * You can obtain a copy of the license at legal-notices/CDDLv1_0.txt
010 * or http://forgerock.org/license/CDDLv1.0.html.
011 * See the License for the specific language governing permissions
012 * and limitations under the License.
013 *
014 * When distributing Covered Code, include this CDDL HEADER in each
015 * file and include the License file at legal-notices/CDDLv1_0.txt.
016 * If applicable, add the following below this CDDL HEADER, with the
017 * fields enclosed by brackets "[]" replaced with your own identifying
018 * information:
019 *      Portions Copyright [yyyy] [name of copyright owner]
020 *
021 * CDDL HEADER END
022 *
023 *
024 *      Copyright 2010 Sun Microsystems, Inc.
025 *      Portions Copyright 2012-2014 ForgeRock AS.
026 */
027
028package org.forgerock.opendj.ldap;
029
030/**
031 * An interface for providing additional connection security to a connection.
032 */
033public interface ConnectionSecurityLayer {
034
035    /**
036     * Disposes of any system resources or security-sensitive information that
037     * this connection security layer might be using. Invoking this method
038     * invalidates this instance.
039     */
040    void dispose();
041
042    /**
043     * Unwraps a byte array received from the peer.
044     *
045     * @param incoming
046     *            A non-{@code null} byte array containing the encoded bytes
047     *            from the peer.
048     * @param offset
049     *            The starting position in {@code incoming} of the bytes to be
050     *            unwrapped.
051     * @param len
052     *            The number of bytes from {@code incoming} to be unwrapped.
053     * @return A non-{@code null} byte array containing the unwrapped bytes.
054     * @throws LdapException
055     *             If {@code incoming} cannot be successfully unwrapped.
056     */
057    byte[] unwrap(byte[] incoming, int offset, int len) throws LdapException;
058
059    /**
060     * Wraps a byte array to be sent to the peer.
061     *
062     * @param outgoing
063     *            A non-{@code null} byte array containing the unencoded bytes
064     *            to be sent to the peer.
065     * @param offset
066     *            The starting position in {@code outgoing} of the bytes to be
067     *            wrapped.
068     * @param len
069     *            The number of bytes from {@code outgoing} to be wrapped.
070     * @return A non-{@code null} byte array containing the wrapped bytes.
071     * @throws LdapException
072     *             If {@code outgoing} cannot be successfully wrapped.
073     */
074    byte[] wrap(byte[] outgoing, int offset, int len) throws LdapException;
075}