001 /* 002 * CDDL HEADER START 003 * 004 * The contents of this file are subject to the terms of the 005 * Common Development and Distribution License, Version 1.0 only 006 * (the "License"). You may not use this file except in compliance 007 * with the License. 008 * 009 * You can obtain a copy of the license at 010 * trunk/opends/resource/legal-notices/OpenDS.LICENSE 011 * or https://OpenDS.dev.java.net/OpenDS.LICENSE. 012 * See the License for the specific language governing permissions 013 * and limitations under the License. 014 * 015 * When distributing Covered Code, include this CDDL HEADER in each 016 * file and include the License file at 017 * trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable, 018 * add the following below this CDDL HEADER, with the fields enclosed 019 * by brackets "[]" replaced with your own identifying information: 020 * Portions Copyright [yyyy] [name of copyright owner] 021 * 022 * CDDL HEADER END 023 * 024 * 025 * Copyright 2008 Sun Microsystems, Inc. 026 */ 027 package org.opends.server.admin.std.client; 028 029 030 031 import java.util.Collection; 032 import java.util.SortedSet; 033 import org.opends.server.admin.ConfigurationClient; 034 import org.opends.server.admin.IllegalPropertyValueException; 035 import org.opends.server.admin.ManagedObjectDefinition; 036 import org.opends.server.admin.std.server.CryptoManagerCfg; 037 038 039 040 /** 041 * A client-side interface for reading and modifying Crypto Manager 042 * settings. 043 * <p> 044 * The Crypto Manager provides a common interface for performing 045 * compression, decompression, hashing, encryption and other kinds of 046 * cryptographic operations. 047 */ 048 public interface CryptoManagerCfgClient extends ConfigurationClient { 049 050 /** 051 * Get the configuration definition associated with this Crypto Manager. 052 * 053 * @return Returns the configuration definition associated with this Crypto Manager. 054 */ 055 ManagedObjectDefinition<? extends CryptoManagerCfgClient, ? extends CryptoManagerCfg> definition(); 056 057 058 059 /** 060 * Gets the "cipher-key-length" property. 061 * <p> 062 * Specifies the key length in bits for the preferred cipher. 063 * 064 * @return Returns the value of the "cipher-key-length" property. 065 */ 066 int getCipherKeyLength(); 067 068 069 070 /** 071 * Sets the "cipher-key-length" property. 072 * <p> 073 * Specifies the key length in bits for the preferred cipher. 074 * 075 * @param value The value of the "cipher-key-length" property. 076 * @throws IllegalPropertyValueException 077 * If the new value is invalid. 078 */ 079 void setCipherKeyLength(Integer value) throws IllegalPropertyValueException; 080 081 082 083 /** 084 * Gets the "cipher-transformation" property. 085 * <p> 086 * Specifies the cipher for the Directory Server using the syntax 087 * algorithm/mode/padding. 088 * <p> 089 * The full transformation is required: specifying only an algorithm 090 * and allowing the cipher provider to supply the default mode and 091 * padding is not supported, because there is no guarantee these 092 * default values are the same among different implementations. Some 093 * cipher algorithms, including RC4 and ARCFOUR, do not have a mode 094 * or padding, and hence must be specified using NONE for the mode 095 * field and NoPadding for the padding field. For example, 096 * RC4/NONE/NoPadding. 097 * 098 * @return Returns the value of the "cipher-transformation" property. 099 */ 100 String getCipherTransformation(); 101 102 103 104 /** 105 * Sets the "cipher-transformation" property. 106 * <p> 107 * Specifies the cipher for the Directory Server using the syntax 108 * algorithm/mode/padding. 109 * <p> 110 * The full transformation is required: specifying only an algorithm 111 * and allowing the cipher provider to supply the default mode and 112 * padding is not supported, because there is no guarantee these 113 * default values are the same among different implementations. Some 114 * cipher algorithms, including RC4 and ARCFOUR, do not have a mode 115 * or padding, and hence must be specified using NONE for the mode 116 * field and NoPadding for the padding field. For example, 117 * RC4/NONE/NoPadding. 118 * 119 * @param value The value of the "cipher-transformation" property. 120 * @throws IllegalPropertyValueException 121 * If the new value is invalid. 122 */ 123 void setCipherTransformation(String value) throws IllegalPropertyValueException; 124 125 126 127 /** 128 * Gets the "digest-algorithm" property. 129 * <p> 130 * Specifies the preferred message digest algorithm for the 131 * Directory Server. 132 * 133 * @return Returns the value of the "digest-algorithm" property. 134 */ 135 String getDigestAlgorithm(); 136 137 138 139 /** 140 * Sets the "digest-algorithm" property. 141 * <p> 142 * Specifies the preferred message digest algorithm for the 143 * Directory Server. 144 * 145 * @param value The value of the "digest-algorithm" property. 146 * @throws IllegalPropertyValueException 147 * If the new value is invalid. 148 */ 149 void setDigestAlgorithm(String value) throws IllegalPropertyValueException; 150 151 152 153 /** 154 * Gets the "key-wrapping-transformation" property. 155 * <p> 156 * The preferred key wrapping transformation for the Directory 157 * Server. This value must be the same for all server instances in a 158 * replication topology. 159 * 160 * @return Returns the value of the "key-wrapping-transformation" property. 161 */ 162 String getKeyWrappingTransformation(); 163 164 165 166 /** 167 * Sets the "key-wrapping-transformation" property. 168 * <p> 169 * The preferred key wrapping transformation for the Directory 170 * Server. This value must be the same for all server instances in a 171 * replication topology. 172 * 173 * @param value The value of the "key-wrapping-transformation" property. 174 * @throws IllegalPropertyValueException 175 * If the new value is invalid. 176 */ 177 void setKeyWrappingTransformation(String value) throws IllegalPropertyValueException; 178 179 180 181 /** 182 * Gets the "mac-algorithm" property. 183 * <p> 184 * Specifies the preferred MAC algorithm for the Directory Server. 185 * 186 * @return Returns the value of the "mac-algorithm" property. 187 */ 188 String getMacAlgorithm(); 189 190 191 192 /** 193 * Sets the "mac-algorithm" property. 194 * <p> 195 * Specifies the preferred MAC algorithm for the Directory Server. 196 * 197 * @param value The value of the "mac-algorithm" property. 198 * @throws IllegalPropertyValueException 199 * If the new value is invalid. 200 */ 201 void setMacAlgorithm(String value) throws IllegalPropertyValueException; 202 203 204 205 /** 206 * Gets the "mac-key-length" property. 207 * <p> 208 * Specifies the key length in bits for the preferred MAC algorithm. 209 * 210 * @return Returns the value of the "mac-key-length" property. 211 */ 212 int getMacKeyLength(); 213 214 215 216 /** 217 * Sets the "mac-key-length" property. 218 * <p> 219 * Specifies the key length in bits for the preferred MAC algorithm. 220 * 221 * @param value The value of the "mac-key-length" property. 222 * @throws IllegalPropertyValueException 223 * If the new value is invalid. 224 */ 225 void setMacKeyLength(Integer value) throws IllegalPropertyValueException; 226 227 228 229 /** 230 * Gets the "ssl-cert-nickname" property. 231 * <p> 232 * Specifies the nickname (also called the alias) of the certificate 233 * that the Crypto Manager should use when performing SSL 234 * communication. 235 * <p> 236 * This is only applicable when the Crypto Manager is configured to 237 * use SSL. 238 * 239 * @return Returns the value of the "ssl-cert-nickname" property. 240 */ 241 String getSSLCertNickname(); 242 243 244 245 /** 246 * Sets the "ssl-cert-nickname" property. 247 * <p> 248 * Specifies the nickname (also called the alias) of the certificate 249 * that the Crypto Manager should use when performing SSL 250 * communication. 251 * <p> 252 * This is only applicable when the Crypto Manager is configured to 253 * use SSL. 254 * 255 * @param value The value of the "ssl-cert-nickname" property. 256 * @throws IllegalPropertyValueException 257 * If the new value is invalid. 258 */ 259 void setSSLCertNickname(String value) throws IllegalPropertyValueException; 260 261 262 263 /** 264 * Gets the "ssl-cipher-suite" property. 265 * <p> 266 * Specifies the names of the SSL cipher suites that are allowed for 267 * use in SSL or TLS communication. 268 * 269 * @return Returns the values of the "ssl-cipher-suite" property. 270 */ 271 SortedSet<String> getSSLCipherSuite(); 272 273 274 275 /** 276 * Sets the "ssl-cipher-suite" property. 277 * <p> 278 * Specifies the names of the SSL cipher suites that are allowed for 279 * use in SSL or TLS communication. 280 * 281 * @param values The values of the "ssl-cipher-suite" property. 282 * @throws IllegalPropertyValueException 283 * If one or more of the new values are invalid. 284 */ 285 void setSSLCipherSuite(Collection<String> values) throws IllegalPropertyValueException; 286 287 288 289 /** 290 * Gets the "ssl-encryption" property. 291 * <p> 292 * Specifies whether SSL/TLS is used to provide encrypted 293 * communication between two OpenDS server components. 294 * 295 * @return Returns the value of the "ssl-encryption" property. 296 */ 297 boolean isSSLEncryption(); 298 299 300 301 /** 302 * Sets the "ssl-encryption" property. 303 * <p> 304 * Specifies whether SSL/TLS is used to provide encrypted 305 * communication between two OpenDS server components. 306 * 307 * @param value The value of the "ssl-encryption" property. 308 * @throws IllegalPropertyValueException 309 * If the new value is invalid. 310 */ 311 void setSSLEncryption(Boolean value) throws IllegalPropertyValueException; 312 313 314 315 /** 316 * Gets the "ssl-protocol" property. 317 * <p> 318 * Specifies the names of the SSL protocols that are allowed for use 319 * in SSL or TLS communication. 320 * 321 * @return Returns the values of the "ssl-protocol" property. 322 */ 323 SortedSet<String> getSSLProtocol(); 324 325 326 327 /** 328 * Sets the "ssl-protocol" property. 329 * <p> 330 * Specifies the names of the SSL protocols that are allowed for use 331 * in SSL or TLS communication. 332 * 333 * @param values The values of the "ssl-protocol" property. 334 * @throws IllegalPropertyValueException 335 * If one or more of the new values are invalid. 336 */ 337 void setSSLProtocol(Collection<String> values) throws IllegalPropertyValueException; 338 339 }