Module io.helidon.integrations.vault.secrets.transit
Package io.helidon.integrations.vault.secrets.transit

Class Sign.Request

java.lang.Object
io.helidon.integrations.common.rest.ApiJsonBuilder<Sign.Request>
io.helidon.integrations.common.rest.ApiJsonRequest<Sign.Request>
io.helidon.integrations.vault.VaultRequest<Sign.Request>
io.helidon.integrations.vault.secrets.transit.Sign.Request
All Implemented Interfaces:
ApiRequest<Sign.Request>
Enclosing class:
Sign
public static class Sign.Request extends VaultRequest<Sign.Request>
Request object. Can be configured with additional headers, query parameters etc.

  • Field Details

  • Method Details

    • builder

      public static Sign.Request builder()
      Fluent API builder for configuring a request. The request builder is passed as is, without a build method. The equivalent of a build method is ApiJsonBuilder.toJson(jakarta.json.JsonBuilderFactory) used by the RestApi.
      Returns:
      new request builder

    • signatureKeyName

      public Sign.Request signatureKeyName(String signatureKeyName)
      Specifies the name of the encryption key to sign against. Required.
      Parameters:
      signatureKeyName - name of the key
      Returns:
      updated request

    • signatureKeyVersion

      public Sign.Request signatureKeyVersion(int version)
      Specifies the version of the key to use for signatures. If not set, uses the latest version. Must be greater than or equal to the key's min_encryption_version, if set. Optional.
      Parameters:
      version - key version
      Returns:
      updated request

    • data

      public Sign.Request data(Base64Value value)
      The data to sign.
      Parameters:
      value - value to encrypt
      Returns:
      updated request
      See Also:

    • context

      public Sign.Request context(Base64Value value)
      Specifies the context for key derivation. This is required if key derivation is enabled for this key; currently only available with ed25519 keys.
      Parameters:
      value - context
      Returns:
      updated request

    • preHashed

      public Sign.Request preHashed(boolean preHashed)
      Set to true when the input is already hashed. If the key type is rsa-2048, rsa-3072 or rsa-4096, then the algorithm used to hash the input should be indicated by the hash_algorithm parameter. Just as the value to sign should be the base64-encoded representation of the exact binary data you want signed, when set, input is expected to be base64-encoded binary hashed data, not hex-formatted. (As an example, on the command line, you could generate a suitable input via openssl dgst -sha256 -binary | base64.).
      Parameters:
      preHashed - whether the data is pre hashed or not
      Returns:
      updated erqust

    • signatureAlgorithm

      public Sign.Request signatureAlgorithm(String signatureAlgorithm)
      When using a RSA key, specifies the RSA signature algorithm to use for signing. Supported signature types are: pss pkcs1v15 See signature algorithm constants on this class.
      Parameters:
      signatureAlgorithm - signature algorithm to use
      Returns:
      updated request

    • marshalingAlgorithm

      public Sign.Request marshalingAlgorithm(String marshalingAlgorithm)
      Specifies the way in which the signature should be marshaled. This currently only applies to ECDSA keys. Supported types are: asn1: The default, used by OpenSSL and X.509 jws: The version used by JWS (and thus for JWTs). Selecting this will also change the output encoding to URL-safe Base64 encoding instead of standard Base64-encoding.
      Parameters:
      marshalingAlgorithm - marshaling algorithm
      Returns:
      updated request

    • hashAlgorithm

      public Sign.Request hashAlgorithm(String hashAlgorithm)
      Specifies the hash algorithm to use for supporting key types (notably, not including ed25519 which specifies its own hash algorithm). See hash algorithm constants on this class.
      Parameters:
      hashAlgorithm - algorithm to use
      Returns:
      updated request