001 /*
002 * CDDL HEADER START
003 *
004 * The contents of this file are subject to the terms of the
005 * Common Development and Distribution License, Version 1.0 only
006 * (the "License"). You may not use this file except in compliance
007 * with the License.
008 *
009 * You can obtain a copy of the license at
010 * trunk/opends/resource/legal-notices/OpenDS.LICENSE
011 * or https://OpenDS.dev.java.net/OpenDS.LICENSE.
012 * See the License for the specific language governing permissions
013 * and limitations under the License.
014 *
015 * When distributing Covered Code, include this CDDL HEADER in each
016 * file and include the License file at
017 * trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
018 * add the following below this CDDL HEADER, with the fields enclosed
019 * by brackets "[]" replaced with your own identifying information:
020 * Portions Copyright [yyyy] [name of copyright owner]
021 *
022 * CDDL HEADER END
023 *
024 *
025 * Copyright 2008 Sun Microsystems, Inc.
026 */
027 package org.opends.server.admin.std.server;
028
029
030
031 import java.util.SortedSet;
032 import org.opends.server.admin.Configuration;
033 import org.opends.server.admin.server.ConfigurationChangeListener;
034
035
036
037 /**
038 * A server-side interface for querying Crypto Manager settings.
039 * <p>
040 * The Crypto Manager provides a common interface for performing
041 * compression, decompression, hashing, encryption and other kinds of
042 * cryptographic operations.
043 */
044 public interface CryptoManagerCfg extends Configuration {
045
046 /**
047 * Gets the configuration class associated with this Crypto Manager.
048 *
049 * @return Returns the configuration class associated with this Crypto Manager.
050 */
051 Class<? extends CryptoManagerCfg> configurationClass();
052
053
054
055 /**
056 * Register to be notified when this Crypto Manager is changed.
057 *
058 * @param listener
059 * The Crypto Manager configuration change listener.
060 */
061 void addChangeListener(ConfigurationChangeListener<CryptoManagerCfg> listener);
062
063
064
065 /**
066 * Deregister an existing Crypto Manager configuration change listener.
067 *
068 * @param listener
069 * The Crypto Manager configuration change listener.
070 */
071 void removeChangeListener(ConfigurationChangeListener<CryptoManagerCfg> listener);
072
073
074
075 /**
076 * Gets the "cipher-key-length" property.
077 * <p>
078 * Specifies the key length in bits for the preferred cipher.
079 *
080 * @return Returns the value of the "cipher-key-length" property.
081 */
082 int getCipherKeyLength();
083
084
085
086 /**
087 * Gets the "cipher-transformation" property.
088 * <p>
089 * Specifies the cipher for the Directory Server using the syntax
090 * algorithm/mode/padding.
091 * <p>
092 * The full transformation is required: specifying only an algorithm
093 * and allowing the cipher provider to supply the default mode and
094 * padding is not supported, because there is no guarantee these
095 * default values are the same among different implementations. Some
096 * cipher algorithms, including RC4 and ARCFOUR, do not have a mode
097 * or padding, and hence must be specified using NONE for the mode
098 * field and NoPadding for the padding field. For example,
099 * RC4/NONE/NoPadding.
100 *
101 * @return Returns the value of the "cipher-transformation" property.
102 */
103 String getCipherTransformation();
104
105
106
107 /**
108 * Gets the "digest-algorithm" property.
109 * <p>
110 * Specifies the preferred message digest algorithm for the
111 * Directory Server.
112 *
113 * @return Returns the value of the "digest-algorithm" property.
114 */
115 String getDigestAlgorithm();
116
117
118
119 /**
120 * Gets the "key-wrapping-transformation" property.
121 * <p>
122 * The preferred key wrapping transformation for the Directory
123 * Server. This value must be the same for all server instances in a
124 * replication topology.
125 *
126 * @return Returns the value of the "key-wrapping-transformation" property.
127 */
128 String getKeyWrappingTransformation();
129
130
131
132 /**
133 * Gets the "mac-algorithm" property.
134 * <p>
135 * Specifies the preferred MAC algorithm for the Directory Server.
136 *
137 * @return Returns the value of the "mac-algorithm" property.
138 */
139 String getMacAlgorithm();
140
141
142
143 /**
144 * Gets the "mac-key-length" property.
145 * <p>
146 * Specifies the key length in bits for the preferred MAC algorithm.
147 *
148 * @return Returns the value of the "mac-key-length" property.
149 */
150 int getMacKeyLength();
151
152
153
154 /**
155 * Gets the "ssl-cert-nickname" property.
156 * <p>
157 * Specifies the nickname (also called the alias) of the certificate
158 * that the Crypto Manager should use when performing SSL
159 * communication.
160 * <p>
161 * This is only applicable when the Crypto Manager is configured to
162 * use SSL.
163 *
164 * @return Returns the value of the "ssl-cert-nickname" property.
165 */
166 String getSSLCertNickname();
167
168
169
170 /**
171 * Gets the "ssl-cipher-suite" property.
172 * <p>
173 * Specifies the names of the SSL cipher suites that are allowed for
174 * use in SSL or TLS communication.
175 *
176 * @return Returns an unmodifiable set containing the values of the "ssl-cipher-suite" property.
177 */
178 SortedSet<String> getSSLCipherSuite();
179
180
181
182 /**
183 * Gets the "ssl-encryption" property.
184 * <p>
185 * Specifies whether SSL/TLS is used to provide encrypted
186 * communication between two OpenDS server components.
187 *
188 * @return Returns the value of the "ssl-encryption" property.
189 */
190 boolean isSSLEncryption();
191
192
193
194 /**
195 * Gets the "ssl-protocol" property.
196 * <p>
197 * Specifies the names of the SSL protocols that are allowed for use
198 * in SSL or TLS communication.
199 *
200 * @return Returns an unmodifiable set containing the values of the "ssl-protocol" property.
201 */
202 SortedSet<String> getSSLProtocol();
203
204 }