Source code

001/*
002 * CDDL HEADER START
003 *
004 * The contents of this file are subject to the terms of the
005 * Common Development and Distribution License, Version 1.0 only
006 * (the "License").  You may not use this file except in compliance
007 * with the License.
008 *
009 * You can obtain a copy of the license at legal-notices/CDDLv1_0.txt
010 * or http://forgerock.org/license/CDDLv1.0.html.
011 * See the License for the specific language governing permissions
012 * and limitations under the License.
013 *
014 * When distributing Covered Code, include this CDDL HEADER in each
015 * file and include the License file at legal-notices/CDDLv1_0.txt.
016 * If applicable, add the following below this CDDL HEADER, with the
017 * fields enclosed by brackets "[]" replaced with your own identifying
018 * information:
019 *      Portions Copyright [yyyy] [name of copyright owner]
020 *
021 * CDDL HEADER END
022 *
023 *
024 *      Copyright 2008 Sun Microsystems, Inc.
025 */
026package org.opends.server.admin.std.client;
027
028
029
030import java.util.Collection;
031import java.util.SortedSet;
032import org.opends.server.admin.ConfigurationClient;
033import org.opends.server.admin.ManagedObjectDefinition;
034import org.opends.server.admin.PropertyException;
035import org.opends.server.admin.std.server.CryptoManagerCfg;
036
037
038
039/**
040 * A client-side interface for reading and modifying Crypto Manager
041 * settings.
042 * <p>
043 * The Crypto Manager provides a common interface for performing
044 * compression, decompression, hashing, encryption and other kinds of
045 * cryptographic operations.
046 */
047public interface CryptoManagerCfgClient extends ConfigurationClient {
048
049  /**
050   * Get the configuration definition associated with this Crypto Manager.
051   *
052   * @return Returns the configuration definition associated with this Crypto Manager.
053   */
054  ManagedObjectDefinition<? extends CryptoManagerCfgClient, ? extends CryptoManagerCfg> definition();
055
056
057
058  /**
059   * Gets the "cipher-key-length" property.
060   * <p>
061   * Specifies the key length in bits for the preferred cipher.
062   *
063   * @return Returns the value of the "cipher-key-length" property.
064   */
065  int getCipherKeyLength();
066
067
068
069  /**
070   * Sets the "cipher-key-length" property.
071   * <p>
072   * Specifies the key length in bits for the preferred cipher.
073   *
074   * @param value The value of the "cipher-key-length" property.
075   * @throws PropertyException
076   *           If the new value is invalid.
077   */
078  void setCipherKeyLength(Integer value) throws PropertyException;
079
080
081
082  /**
083   * Gets the "cipher-transformation" property.
084   * <p>
085   * Specifies the cipher for the directory server using the syntax
086   * algorithm/mode/padding.
087   * <p>
088   * The full transformation is required: specifying only an algorithm
089   * and allowing the cipher provider to supply the default mode and
090   * padding is not supported, because there is no guarantee these
091   * default values are the same among different implementations. Some
092   * cipher algorithms, including RC4 and ARCFOUR, do not have a mode
093   * or padding, and hence must be specified using NONE for the mode
094   * field and NoPadding for the padding field. For example,
095   * RC4/NONE/NoPadding.
096   *
097   * @return Returns the value of the "cipher-transformation" property.
098   */
099  String getCipherTransformation();
100
101
102
103  /**
104   * Sets the "cipher-transformation" property.
105   * <p>
106   * Specifies the cipher for the directory server using the syntax
107   * algorithm/mode/padding.
108   * <p>
109   * The full transformation is required: specifying only an algorithm
110   * and allowing the cipher provider to supply the default mode and
111   * padding is not supported, because there is no guarantee these
112   * default values are the same among different implementations. Some
113   * cipher algorithms, including RC4 and ARCFOUR, do not have a mode
114   * or padding, and hence must be specified using NONE for the mode
115   * field and NoPadding for the padding field. For example,
116   * RC4/NONE/NoPadding.
117   *
118   * @param value The value of the "cipher-transformation" property.
119   * @throws PropertyException
120   *           If the new value is invalid.
121   */
122  void setCipherTransformation(String value) throws PropertyException;
123
124
125
126  /**
127   * Gets the "digest-algorithm" property.
128   * <p>
129   * Specifies the preferred message digest algorithm for the
130   * directory server.
131   *
132   * @return Returns the value of the "digest-algorithm" property.
133   */
134  String getDigestAlgorithm();
135
136
137
138  /**
139   * Sets the "digest-algorithm" property.
140   * <p>
141   * Specifies the preferred message digest algorithm for the
142   * directory server.
143   *
144   * @param value The value of the "digest-algorithm" property.
145   * @throws PropertyException
146   *           If the new value is invalid.
147   */
148  void setDigestAlgorithm(String value) throws PropertyException;
149
150
151
152  /**
153   * Gets the "key-wrapping-transformation" property.
154   * <p>
155   * The preferred key wrapping transformation for the directory
156   * server. This value must be the same for all server instances in a
157   * replication topology.
158   *
159   * @return Returns the value of the "key-wrapping-transformation" property.
160   */
161  String getKeyWrappingTransformation();
162
163
164
165  /**
166   * Sets the "key-wrapping-transformation" property.
167   * <p>
168   * The preferred key wrapping transformation for the directory
169   * server. This value must be the same for all server instances in a
170   * replication topology.
171   *
172   * @param value The value of the "key-wrapping-transformation" property.
173   * @throws PropertyException
174   *           If the new value is invalid.
175   */
176  void setKeyWrappingTransformation(String value) throws PropertyException;
177
178
179
180  /**
181   * Gets the "mac-algorithm" property.
182   * <p>
183   * Specifies the preferred MAC algorithm for the directory server.
184   *
185   * @return Returns the value of the "mac-algorithm" property.
186   */
187  String getMacAlgorithm();
188
189
190
191  /**
192   * Sets the "mac-algorithm" property.
193   * <p>
194   * Specifies the preferred MAC algorithm for the directory server.
195   *
196   * @param value The value of the "mac-algorithm" property.
197   * @throws PropertyException
198   *           If the new value is invalid.
199   */
200  void setMacAlgorithm(String value) throws PropertyException;
201
202
203
204  /**
205   * Gets the "mac-key-length" property.
206   * <p>
207   * Specifies the key length in bits for the preferred MAC algorithm.
208   *
209   * @return Returns the value of the "mac-key-length" property.
210   */
211  int getMacKeyLength();
212
213
214
215  /**
216   * Sets the "mac-key-length" property.
217   * <p>
218   * Specifies the key length in bits for the preferred MAC algorithm.
219   *
220   * @param value The value of the "mac-key-length" property.
221   * @throws PropertyException
222   *           If the new value is invalid.
223   */
224  void setMacKeyLength(Integer value) throws PropertyException;
225
226
227
228  /**
229   * Gets the "ssl-cert-nickname" property.
230   * <p>
231   * Specifies the nicknames (also called the aliases) of the
232   * certificates that the Crypto Manager should use when performing
233   * SSL communication. The property can be used multiple times
234   * (referencing different nicknames) when an RSA, a DSA, and an ECC
235   * based server certificate is used in parallel.
236   * <p>
237   * This is only applicable when the Crypto Manager is configured to
238   * use SSL.
239   *
240   * @return Returns the values of the "ssl-cert-nickname" property.
241   */
242  SortedSet<String> getSSLCertNickname();
243
244
245
246  /**
247   * Sets the "ssl-cert-nickname" property.
248   * <p>
249   * Specifies the nicknames (also called the aliases) of the
250   * certificates that the Crypto Manager should use when performing
251   * SSL communication. The property can be used multiple times
252   * (referencing different nicknames) when an RSA, a DSA, and an ECC
253   * based server certificate is used in parallel.
254   * <p>
255   * This is only applicable when the Crypto Manager is configured to
256   * use SSL.
257   *
258   * @param values The values of the "ssl-cert-nickname" property.
259   * @throws PropertyException
260   *           If one or more of the new values are invalid.
261   */
262  void setSSLCertNickname(Collection<String> values) throws PropertyException;
263
264
265
266  /**
267   * Gets the "ssl-cipher-suite" property.
268   * <p>
269   * Specifies the names of the SSL cipher suites that are allowed for
270   * use in SSL or TLS communication.
271   *
272   * @return Returns the values of the "ssl-cipher-suite" property.
273   */
274  SortedSet<String> getSSLCipherSuite();
275
276
277
278  /**
279   * Sets the "ssl-cipher-suite" property.
280   * <p>
281   * Specifies the names of the SSL cipher suites that are allowed for
282   * use in SSL or TLS communication.
283   *
284   * @param values The values of the "ssl-cipher-suite" property.
285   * @throws PropertyException
286   *           If one or more of the new values are invalid.
287   */
288  void setSSLCipherSuite(Collection<String> values) throws PropertyException;
289
290
291
292  /**
293   * Gets the "ssl-encryption" property.
294   * <p>
295   * Specifies whether SSL/TLS is used to provide encrypted
296   * communication between two OpenDJ server components.
297   *
298   * @return Returns the value of the "ssl-encryption" property.
299   */
300  boolean isSSLEncryption();
301
302
303
304  /**
305   * Sets the "ssl-encryption" property.
306   * <p>
307   * Specifies whether SSL/TLS is used to provide encrypted
308   * communication between two OpenDJ server components.
309   *
310   * @param value The value of the "ssl-encryption" property.
311   * @throws PropertyException
312   *           If the new value is invalid.
313   */
314  void setSSLEncryption(Boolean value) throws PropertyException;
315
316
317
318  /**
319   * Gets the "ssl-protocol" property.
320   * <p>
321   * Specifies the names of the SSL protocols that are allowed for use
322   * in SSL or TLS communication.
323   *
324   * @return Returns the values of the "ssl-protocol" property.
325   */
326  SortedSet<String> getSSLProtocol();
327
328
329
330  /**
331   * Sets the "ssl-protocol" property.
332   * <p>
333   * Specifies the names of the SSL protocols that are allowed for use
334   * in SSL or TLS communication.
335   *
336   * @param values The values of the "ssl-protocol" property.
337   * @throws PropertyException
338   *           If one or more of the new values are invalid.
339   */
340  void setSSLProtocol(Collection<String> values) throws PropertyException;
341
342}