001 /* 002 * CDDL HEADER START 003 * 004 * The contents of this file are subject to the terms of the 005 * Common Development and Distribution License, Version 1.0 only 006 * (the "License"). You may not use this file except in compliance 007 * with the License. 008 * 009 * You can obtain a copy of the license at 010 * trunk/opends/resource/legal-notices/OpenDS.LICENSE 011 * or https://OpenDS.dev.java.net/OpenDS.LICENSE. 012 * See the License for the specific language governing permissions 013 * and limitations under the License. 014 * 015 * When distributing Covered Code, include this CDDL HEADER in each 016 * file and include the License file at 017 * trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable, 018 * add the following below this CDDL HEADER, with the fields enclosed 019 * by brackets "[]" replaced with your own identifying information: 020 * Portions Copyright [yyyy] [name of copyright owner] 021 * 022 * CDDL HEADER END 023 * 024 * 025 * Copyright 2008 Sun Microsystems, Inc. 026 */ 027 package org.opends.server.admin.std.server; 028 029 030 031 import java.util.SortedSet; 032 import org.opends.server.admin.Configuration; 033 import org.opends.server.admin.server.ConfigurationChangeListener; 034 035 036 037 /** 038 * A server-side interface for querying Crypto Manager settings. 039 * <p> 040 * The Crypto Manager provides a common interface for performing 041 * compression, decompression, hashing, encryption and other kinds of 042 * cryptographic operations. 043 */ 044 public interface CryptoManagerCfg extends Configuration { 045 046 /** 047 * Gets the configuration class associated with this Crypto Manager. 048 * 049 * @return Returns the configuration class associated with this Crypto Manager. 050 */ 051 Class<? extends CryptoManagerCfg> configurationClass(); 052 053 054 055 /** 056 * Register to be notified when this Crypto Manager is changed. 057 * 058 * @param listener 059 * The Crypto Manager configuration change listener. 060 */ 061 void addChangeListener(ConfigurationChangeListener<CryptoManagerCfg> listener); 062 063 064 065 /** 066 * Deregister an existing Crypto Manager configuration change listener. 067 * 068 * @param listener 069 * The Crypto Manager configuration change listener. 070 */ 071 void removeChangeListener(ConfigurationChangeListener<CryptoManagerCfg> listener); 072 073 074 075 /** 076 * Gets the "cipher-key-length" property. 077 * <p> 078 * Specifies the key length in bits for the preferred cipher. 079 * 080 * @return Returns the value of the "cipher-key-length" property. 081 */ 082 int getCipherKeyLength(); 083 084 085 086 /** 087 * Gets the "cipher-transformation" property. 088 * <p> 089 * Specifies the cipher for the Directory Server using the syntax 090 * algorithm/mode/padding. 091 * <p> 092 * The full transformation is required: specifying only an algorithm 093 * and allowing the cipher provider to supply the default mode and 094 * padding is not supported, because there is no guarantee these 095 * default values are the same among different implementations. Some 096 * cipher algorithms, including RC4 and ARCFOUR, do not have a mode 097 * or padding, and hence must be specified using NONE for the mode 098 * field and NoPadding for the padding field. For example, 099 * RC4/NONE/NoPadding. 100 * 101 * @return Returns the value of the "cipher-transformation" property. 102 */ 103 String getCipherTransformation(); 104 105 106 107 /** 108 * Gets the "digest-algorithm" property. 109 * <p> 110 * Specifies the preferred message digest algorithm for the 111 * Directory Server. 112 * 113 * @return Returns the value of the "digest-algorithm" property. 114 */ 115 String getDigestAlgorithm(); 116 117 118 119 /** 120 * Gets the "key-wrapping-transformation" property. 121 * <p> 122 * The preferred key wrapping transformation for the Directory 123 * Server. This value must be the same for all server instances in a 124 * replication topology. 125 * 126 * @return Returns the value of the "key-wrapping-transformation" property. 127 */ 128 String getKeyWrappingTransformation(); 129 130 131 132 /** 133 * Gets the "mac-algorithm" property. 134 * <p> 135 * Specifies the preferred MAC algorithm for the Directory Server. 136 * 137 * @return Returns the value of the "mac-algorithm" property. 138 */ 139 String getMacAlgorithm(); 140 141 142 143 /** 144 * Gets the "mac-key-length" property. 145 * <p> 146 * Specifies the key length in bits for the preferred MAC algorithm. 147 * 148 * @return Returns the value of the "mac-key-length" property. 149 */ 150 int getMacKeyLength(); 151 152 153 154 /** 155 * Gets the "ssl-cert-nickname" property. 156 * <p> 157 * Specifies the nickname (also called the alias) of the certificate 158 * that the Crypto Manager should use when performing SSL 159 * communication. 160 * <p> 161 * This is only applicable when the Crypto Manager is configured to 162 * use SSL. 163 * 164 * @return Returns the value of the "ssl-cert-nickname" property. 165 */ 166 String getSSLCertNickname(); 167 168 169 170 /** 171 * Gets the "ssl-cipher-suite" property. 172 * <p> 173 * Specifies the names of the SSL cipher suites that are allowed for 174 * use in SSL or TLS communication. 175 * 176 * @return Returns an unmodifiable set containing the values of the "ssl-cipher-suite" property. 177 */ 178 SortedSet<String> getSSLCipherSuite(); 179 180 181 182 /** 183 * Gets the "ssl-encryption" property. 184 * <p> 185 * Specifies whether SSL/TLS is used to provide encrypted 186 * communication between two OpenDS server components. 187 * 188 * @return Returns the value of the "ssl-encryption" property. 189 */ 190 boolean isSSLEncryption(); 191 192 193 194 /** 195 * Gets the "ssl-protocol" property. 196 * <p> 197 * Specifies the names of the SSL protocols that are allowed for use 198 * in SSL or TLS communication. 199 * 200 * @return Returns an unmodifiable set containing the values of the "ssl-protocol" property. 201 */ 202 SortedSet<String> getSSLProtocol(); 203 204 }