001    /*
002     * CDDL HEADER START
003     *
004     * The contents of this file are subject to the terms of the
005     * Common Development and Distribution License, Version 1.0 only
006     * (the "License").  You may not use this file except in compliance
007     * with the License.
008     *
009     * You can obtain a copy of the license at
010     * trunk/opends/resource/legal-notices/OpenDS.LICENSE
011     * or https://OpenDS.dev.java.net/OpenDS.LICENSE.
012     * See the License for the specific language governing permissions
013     * and limitations under the License.
014     *
015     * When distributing Covered Code, include this CDDL HEADER in each
016     * file and include the License file at
017     * trunk/opends/resource/legal-notices/OpenDS.LICENSE.  If applicable,
018     * add the following below this CDDL HEADER, with the fields enclosed
019     * by brackets "[]" replaced with your own identifying information:
020     *      Portions Copyright [yyyy] [name of copyright owner]
021     *
022     * CDDL HEADER END
023     *
024     *
025     *      Copyright 2008 Sun Microsystems, Inc.
026     */
027    package org.opends.server.admin.std.client;
028    
029    
030    
031    import java.util.Collection;
032    import java.util.SortedSet;
033    import org.opends.server.admin.ConfigurationClient;
034    import org.opends.server.admin.IllegalPropertyValueException;
035    import org.opends.server.admin.ManagedObjectDefinition;
036    import org.opends.server.admin.std.server.CryptoManagerCfg;
037    
038    
039    
040    /**
041     * A client-side interface for reading and modifying Crypto Manager
042     * settings.
043     * <p>
044     * The Crypto Manager provides a common interface for performing
045     * compression, decompression, hashing, encryption and other kinds of
046     * cryptographic operations.
047     */
048    public interface CryptoManagerCfgClient extends ConfigurationClient {
049    
050      /**
051       * Get the configuration definition associated with this Crypto Manager.
052       *
053       * @return Returns the configuration definition associated with this Crypto Manager.
054       */
055      ManagedObjectDefinition<? extends CryptoManagerCfgClient, ? extends CryptoManagerCfg> definition();
056    
057    
058    
059      /**
060       * Gets the "cipher-key-length" property.
061       * <p>
062       * Specifies the key length in bits for the preferred cipher.
063       *
064       * @return Returns the value of the "cipher-key-length" property.
065       */
066      int getCipherKeyLength();
067    
068    
069    
070      /**
071       * Sets the "cipher-key-length" property.
072       * <p>
073       * Specifies the key length in bits for the preferred cipher.
074       *
075       * @param value The value of the "cipher-key-length" property.
076       * @throws IllegalPropertyValueException
077       *           If the new value is invalid.
078       */
079      void setCipherKeyLength(Integer value) throws IllegalPropertyValueException;
080    
081    
082    
083      /**
084       * Gets the "cipher-transformation" property.
085       * <p>
086       * Specifies the cipher for the Directory Server using the syntax
087       * algorithm/mode/padding.
088       * <p>
089       * The full transformation is required: specifying only an algorithm
090       * and allowing the cipher provider to supply the default mode and
091       * padding is not supported, because there is no guarantee these
092       * default values are the same among different implementations. Some
093       * cipher algorithms, including RC4 and ARCFOUR, do not have a mode
094       * or padding, and hence must be specified using NONE for the mode
095       * field and NoPadding for the padding field. For example,
096       * RC4/NONE/NoPadding.
097       *
098       * @return Returns the value of the "cipher-transformation" property.
099       */
100      String getCipherTransformation();
101    
102    
103    
104      /**
105       * Sets the "cipher-transformation" property.
106       * <p>
107       * Specifies the cipher for the Directory Server using the syntax
108       * algorithm/mode/padding.
109       * <p>
110       * The full transformation is required: specifying only an algorithm
111       * and allowing the cipher provider to supply the default mode and
112       * padding is not supported, because there is no guarantee these
113       * default values are the same among different implementations. Some
114       * cipher algorithms, including RC4 and ARCFOUR, do not have a mode
115       * or padding, and hence must be specified using NONE for the mode
116       * field and NoPadding for the padding field. For example,
117       * RC4/NONE/NoPadding.
118       *
119       * @param value The value of the "cipher-transformation" property.
120       * @throws IllegalPropertyValueException
121       *           If the new value is invalid.
122       */
123      void setCipherTransformation(String value) throws IllegalPropertyValueException;
124    
125    
126    
127      /**
128       * Gets the "digest-algorithm" property.
129       * <p>
130       * Specifies the preferred message digest algorithm for the
131       * Directory Server.
132       *
133       * @return Returns the value of the "digest-algorithm" property.
134       */
135      String getDigestAlgorithm();
136    
137    
138    
139      /**
140       * Sets the "digest-algorithm" property.
141       * <p>
142       * Specifies the preferred message digest algorithm for the
143       * Directory Server.
144       *
145       * @param value The value of the "digest-algorithm" property.
146       * @throws IllegalPropertyValueException
147       *           If the new value is invalid.
148       */
149      void setDigestAlgorithm(String value) throws IllegalPropertyValueException;
150    
151    
152    
153      /**
154       * Gets the "key-wrapping-transformation" property.
155       * <p>
156       * The preferred key wrapping transformation for the Directory
157       * Server. This value must be the same for all server instances in a
158       * replication topology.
159       *
160       * @return Returns the value of the "key-wrapping-transformation" property.
161       */
162      String getKeyWrappingTransformation();
163    
164    
165    
166      /**
167       * Sets the "key-wrapping-transformation" property.
168       * <p>
169       * The preferred key wrapping transformation for the Directory
170       * Server. This value must be the same for all server instances in a
171       * replication topology.
172       *
173       * @param value The value of the "key-wrapping-transformation" property.
174       * @throws IllegalPropertyValueException
175       *           If the new value is invalid.
176       */
177      void setKeyWrappingTransformation(String value) throws IllegalPropertyValueException;
178    
179    
180    
181      /**
182       * Gets the "mac-algorithm" property.
183       * <p>
184       * Specifies the preferred MAC algorithm for the Directory Server.
185       *
186       * @return Returns the value of the "mac-algorithm" property.
187       */
188      String getMacAlgorithm();
189    
190    
191    
192      /**
193       * Sets the "mac-algorithm" property.
194       * <p>
195       * Specifies the preferred MAC algorithm for the Directory Server.
196       *
197       * @param value The value of the "mac-algorithm" property.
198       * @throws IllegalPropertyValueException
199       *           If the new value is invalid.
200       */
201      void setMacAlgorithm(String value) throws IllegalPropertyValueException;
202    
203    
204    
205      /**
206       * Gets the "mac-key-length" property.
207       * <p>
208       * Specifies the key length in bits for the preferred MAC algorithm.
209       *
210       * @return Returns the value of the "mac-key-length" property.
211       */
212      int getMacKeyLength();
213    
214    
215    
216      /**
217       * Sets the "mac-key-length" property.
218       * <p>
219       * Specifies the key length in bits for the preferred MAC algorithm.
220       *
221       * @param value The value of the "mac-key-length" property.
222       * @throws IllegalPropertyValueException
223       *           If the new value is invalid.
224       */
225      void setMacKeyLength(Integer value) throws IllegalPropertyValueException;
226    
227    
228    
229      /**
230       * Gets the "ssl-cert-nickname" property.
231       * <p>
232       * Specifies the nickname (also called the alias) of the certificate
233       * that the Crypto Manager should use when performing SSL
234       * communication.
235       * <p>
236       * This is only applicable when the Crypto Manager is configured to
237       * use SSL.
238       *
239       * @return Returns the value of the "ssl-cert-nickname" property.
240       */
241      String getSSLCertNickname();
242    
243    
244    
245      /**
246       * Sets the "ssl-cert-nickname" property.
247       * <p>
248       * Specifies the nickname (also called the alias) of the certificate
249       * that the Crypto Manager should use when performing SSL
250       * communication.
251       * <p>
252       * This is only applicable when the Crypto Manager is configured to
253       * use SSL.
254       *
255       * @param value The value of the "ssl-cert-nickname" property.
256       * @throws IllegalPropertyValueException
257       *           If the new value is invalid.
258       */
259      void setSSLCertNickname(String value) throws IllegalPropertyValueException;
260    
261    
262    
263      /**
264       * Gets the "ssl-cipher-suite" property.
265       * <p>
266       * Specifies the names of the SSL cipher suites that are allowed for
267       * use in SSL or TLS communication.
268       *
269       * @return Returns the values of the "ssl-cipher-suite" property.
270       */
271      SortedSet<String> getSSLCipherSuite();
272    
273    
274    
275      /**
276       * Sets the "ssl-cipher-suite" property.
277       * <p>
278       * Specifies the names of the SSL cipher suites that are allowed for
279       * use in SSL or TLS communication.
280       *
281       * @param values The values of the "ssl-cipher-suite" property.
282       * @throws IllegalPropertyValueException
283       *           If one or more of the new values are invalid.
284       */
285      void setSSLCipherSuite(Collection<String> values) throws IllegalPropertyValueException;
286    
287    
288    
289      /**
290       * Gets the "ssl-encryption" property.
291       * <p>
292       * Specifies whether SSL/TLS is used to provide encrypted
293       * communication between two OpenDS server components.
294       *
295       * @return Returns the value of the "ssl-encryption" property.
296       */
297      boolean isSSLEncryption();
298    
299    
300    
301      /**
302       * Sets the "ssl-encryption" property.
303       * <p>
304       * Specifies whether SSL/TLS is used to provide encrypted
305       * communication between two OpenDS server components.
306       *
307       * @param value The value of the "ssl-encryption" property.
308       * @throws IllegalPropertyValueException
309       *           If the new value is invalid.
310       */
311      void setSSLEncryption(Boolean value) throws IllegalPropertyValueException;
312    
313    
314    
315      /**
316       * Gets the "ssl-protocol" property.
317       * <p>
318       * Specifies the names of the SSL protocols that are allowed for use
319       * in SSL or TLS communication.
320       *
321       * @return Returns the values of the "ssl-protocol" property.
322       */
323      SortedSet<String> getSSLProtocol();
324    
325    
326    
327      /**
328       * Sets the "ssl-protocol" property.
329       * <p>
330       * Specifies the names of the SSL protocols that are allowed for use
331       * in SSL or TLS communication.
332       *
333       * @param values The values of the "ssl-protocol" property.
334       * @throws IllegalPropertyValueException
335       *           If one or more of the new values are invalid.
336       */
337      void setSSLProtocol(Collection<String> values) throws IllegalPropertyValueException;
338    
339    }