001/* 002 * CDDL HEADER START 003 * 004 * The contents of this file are subject to the terms of the 005 * Common Development and Distribution License, Version 1.0 only 006 * (the "License"). You may not use this file except in compliance 007 * with the License. 008 * 009 * You can obtain a copy of the license at legal-notices/CDDLv1_0.txt 010 * or http://forgerock.org/license/CDDLv1.0.html. 011 * See the License for the specific language governing permissions 012 * and limitations under the License. 013 * 014 * When distributing Covered Code, include this CDDL HEADER in each 015 * file and include the License file at legal-notices/CDDLv1_0.txt. 016 * If applicable, add the following below this CDDL HEADER, with the 017 * fields enclosed by brackets "[]" replaced with your own identifying 018 * information: 019 * Portions Copyright [yyyy] [name of copyright owner] 020 * 021 * CDDL HEADER END 022 * 023 * 024 * Copyright 2008 Sun Microsystems, Inc. 025 */ 026package org.opends.server.admin.std.client; 027 028 029 030import java.util.Collection; 031import java.util.SortedSet; 032import org.opends.server.admin.ConfigurationClient; 033import org.opends.server.admin.ManagedObjectDefinition; 034import org.opends.server.admin.PropertyException; 035import org.opends.server.admin.std.server.CryptoManagerCfg; 036 037 038 039/** 040 * A client-side interface for reading and modifying Crypto Manager 041 * settings. 042 * <p> 043 * The Crypto Manager provides a common interface for performing 044 * compression, decompression, hashing, encryption and other kinds of 045 * cryptographic operations. 046 */ 047public interface CryptoManagerCfgClient extends ConfigurationClient { 048 049 /** 050 * Get the configuration definition associated with this Crypto Manager. 051 * 052 * @return Returns the configuration definition associated with this Crypto Manager. 053 */ 054 ManagedObjectDefinition<? extends CryptoManagerCfgClient, ? extends CryptoManagerCfg> definition(); 055 056 057 058 /** 059 * Gets the "cipher-key-length" property. 060 * <p> 061 * Specifies the key length in bits for the preferred cipher. 062 * 063 * @return Returns the value of the "cipher-key-length" property. 064 */ 065 int getCipherKeyLength(); 066 067 068 069 /** 070 * Sets the "cipher-key-length" property. 071 * <p> 072 * Specifies the key length in bits for the preferred cipher. 073 * 074 * @param value The value of the "cipher-key-length" property. 075 * @throws PropertyException 076 * If the new value is invalid. 077 */ 078 void setCipherKeyLength(Integer value) throws PropertyException; 079 080 081 082 /** 083 * Gets the "cipher-transformation" property. 084 * <p> 085 * Specifies the cipher for the directory server using the syntax 086 * algorithm/mode/padding. 087 * <p> 088 * The full transformation is required: specifying only an algorithm 089 * and allowing the cipher provider to supply the default mode and 090 * padding is not supported, because there is no guarantee these 091 * default values are the same among different implementations. Some 092 * cipher algorithms, including RC4 and ARCFOUR, do not have a mode 093 * or padding, and hence must be specified using NONE for the mode 094 * field and NoPadding for the padding field. For example, 095 * RC4/NONE/NoPadding. 096 * 097 * @return Returns the value of the "cipher-transformation" property. 098 */ 099 String getCipherTransformation(); 100 101 102 103 /** 104 * Sets the "cipher-transformation" property. 105 * <p> 106 * Specifies the cipher for the directory server using the syntax 107 * algorithm/mode/padding. 108 * <p> 109 * The full transformation is required: specifying only an algorithm 110 * and allowing the cipher provider to supply the default mode and 111 * padding is not supported, because there is no guarantee these 112 * default values are the same among different implementations. Some 113 * cipher algorithms, including RC4 and ARCFOUR, do not have a mode 114 * or padding, and hence must be specified using NONE for the mode 115 * field and NoPadding for the padding field. For example, 116 * RC4/NONE/NoPadding. 117 * 118 * @param value The value of the "cipher-transformation" property. 119 * @throws PropertyException 120 * If the new value is invalid. 121 */ 122 void setCipherTransformation(String value) throws PropertyException; 123 124 125 126 /** 127 * Gets the "digest-algorithm" property. 128 * <p> 129 * Specifies the preferred message digest algorithm for the 130 * directory server. 131 * 132 * @return Returns the value of the "digest-algorithm" property. 133 */ 134 String getDigestAlgorithm(); 135 136 137 138 /** 139 * Sets the "digest-algorithm" property. 140 * <p> 141 * Specifies the preferred message digest algorithm for the 142 * directory server. 143 * 144 * @param value The value of the "digest-algorithm" property. 145 * @throws PropertyException 146 * If the new value is invalid. 147 */ 148 void setDigestAlgorithm(String value) throws PropertyException; 149 150 151 152 /** 153 * Gets the "key-wrapping-transformation" property. 154 * <p> 155 * The preferred key wrapping transformation for the directory 156 * server. This value must be the same for all server instances in a 157 * replication topology. 158 * 159 * @return Returns the value of the "key-wrapping-transformation" property. 160 */ 161 String getKeyWrappingTransformation(); 162 163 164 165 /** 166 * Sets the "key-wrapping-transformation" property. 167 * <p> 168 * The preferred key wrapping transformation for the directory 169 * server. This value must be the same for all server instances in a 170 * replication topology. 171 * 172 * @param value The value of the "key-wrapping-transformation" property. 173 * @throws PropertyException 174 * If the new value is invalid. 175 */ 176 void setKeyWrappingTransformation(String value) throws PropertyException; 177 178 179 180 /** 181 * Gets the "mac-algorithm" property. 182 * <p> 183 * Specifies the preferred MAC algorithm for the directory server. 184 * 185 * @return Returns the value of the "mac-algorithm" property. 186 */ 187 String getMacAlgorithm(); 188 189 190 191 /** 192 * Sets the "mac-algorithm" property. 193 * <p> 194 * Specifies the preferred MAC algorithm for the directory server. 195 * 196 * @param value The value of the "mac-algorithm" property. 197 * @throws PropertyException 198 * If the new value is invalid. 199 */ 200 void setMacAlgorithm(String value) throws PropertyException; 201 202 203 204 /** 205 * Gets the "mac-key-length" property. 206 * <p> 207 * Specifies the key length in bits for the preferred MAC algorithm. 208 * 209 * @return Returns the value of the "mac-key-length" property. 210 */ 211 int getMacKeyLength(); 212 213 214 215 /** 216 * Sets the "mac-key-length" property. 217 * <p> 218 * Specifies the key length in bits for the preferred MAC algorithm. 219 * 220 * @param value The value of the "mac-key-length" property. 221 * @throws PropertyException 222 * If the new value is invalid. 223 */ 224 void setMacKeyLength(Integer value) throws PropertyException; 225 226 227 228 /** 229 * Gets the "ssl-cert-nickname" property. 230 * <p> 231 * Specifies the nickname (also called the alias) of the certificate 232 * that the Crypto Manager should use when performing SSL 233 * communication. 234 * <p> 235 * This is only applicable when the Crypto Manager is configured to 236 * use SSL. 237 * 238 * @return Returns the value of the "ssl-cert-nickname" property. 239 */ 240 String getSSLCertNickname(); 241 242 243 244 /** 245 * Sets the "ssl-cert-nickname" property. 246 * <p> 247 * Specifies the nickname (also called the alias) of the certificate 248 * that the Crypto Manager should use when performing SSL 249 * communication. 250 * <p> 251 * This is only applicable when the Crypto Manager is configured to 252 * use SSL. 253 * 254 * @param value The value of the "ssl-cert-nickname" property. 255 * @throws PropertyException 256 * If the new value is invalid. 257 */ 258 void setSSLCertNickname(String value) throws PropertyException; 259 260 261 262 /** 263 * Gets the "ssl-cipher-suite" property. 264 * <p> 265 * Specifies the names of the SSL cipher suites that are allowed for 266 * use in SSL or TLS communication. 267 * 268 * @return Returns the values of the "ssl-cipher-suite" property. 269 */ 270 SortedSet<String> getSSLCipherSuite(); 271 272 273 274 /** 275 * Sets the "ssl-cipher-suite" property. 276 * <p> 277 * Specifies the names of the SSL cipher suites that are allowed for 278 * use in SSL or TLS communication. 279 * 280 * @param values The values of the "ssl-cipher-suite" property. 281 * @throws PropertyException 282 * If one or more of the new values are invalid. 283 */ 284 void setSSLCipherSuite(Collection<String> values) throws PropertyException; 285 286 287 288 /** 289 * Gets the "ssl-encryption" property. 290 * <p> 291 * Specifies whether SSL/TLS is used to provide encrypted 292 * communication between two OpenDJ server components. 293 * 294 * @return Returns the value of the "ssl-encryption" property. 295 */ 296 boolean isSSLEncryption(); 297 298 299 300 /** 301 * Sets the "ssl-encryption" property. 302 * <p> 303 * Specifies whether SSL/TLS is used to provide encrypted 304 * communication between two OpenDJ server components. 305 * 306 * @param value The value of the "ssl-encryption" property. 307 * @throws PropertyException 308 * If the new value is invalid. 309 */ 310 void setSSLEncryption(Boolean value) throws PropertyException; 311 312 313 314 /** 315 * Gets the "ssl-protocol" property. 316 * <p> 317 * Specifies the names of the SSL protocols that are allowed for use 318 * in SSL or TLS communication. 319 * 320 * @return Returns the values of the "ssl-protocol" property. 321 */ 322 SortedSet<String> getSSLProtocol(); 323 324 325 326 /** 327 * Sets the "ssl-protocol" property. 328 * <p> 329 * Specifies the names of the SSL protocols that are allowed for use 330 * in SSL or TLS communication. 331 * 332 * @param values The values of the "ssl-protocol" property. 333 * @throws PropertyException 334 * If one or more of the new values are invalid. 335 */ 336 void setSSLProtocol(Collection<String> values) throws PropertyException; 337 338}