Class TransitSecurityProvider.TransitEncryptionConfig.Builder
java.lang.Object
io.helidon.integrations.vault.secrets.transit.TransitSecurityProvider.TransitEncryptionConfig.Builder
- All Implemented Interfaces:
Builder<TransitSecurityProvider.TransitEncryptionConfig.Builder,,TransitSecurityProvider.TransitEncryptionConfig> Supplier<TransitSecurityProvider.TransitEncryptionConfig>
- Enclosing class:
TransitSecurityProvider.TransitEncryptionConfig
public static class TransitSecurityProvider.TransitEncryptionConfig.Builder
extends Object
implements Builder<TransitSecurityProvider.TransitEncryptionConfig.Builder,TransitSecurityProvider.TransitEncryptionConfig>
Fluent API builder for
TransitSecurityProvider.TransitEncryptionConfig.-
Method Summary
Modifier and TypeMethodDescriptionbuild()Build the instance from this builder.Update this builder from configuration.context(Base64Value context) Specifies the context for key derivation.convergent(String convergentEncryption) This parameter will only be used when a key is expected to be created.Specifies the name of the encryption key to encrypt/decrypt against.This parameter is required when encryption key is expected to be created.keyVersion(int keyVersion) Version of the key used to encrypt the data.
-
Method Details
-
build
Description copied from interface:BuilderBuild the instance from this builder.- Specified by:
buildin interfaceBuilder<TransitSecurityProvider.TransitEncryptionConfig.Builder,TransitSecurityProvider.TransitEncryptionConfig> - Returns:
- instance of the built type
-
config
Update this builder from configuration. Only "key-name" is mandatory.Configuration options:
Secret configuration key description builder method "key-name" Name of the key used for this digest operation keyName(String)contextContext as base64 encoded text. context(Base64Value)key-versionVersion of the key to use keyVersion(int)key-typeType of the key to use keyVersion(int)convergentConvergent encryption convergent(String)- Parameters:
config- config to use- Returns:
- updated builder
-
keyName
Specifies the name of the encryption key to encrypt/decrypt against. Required.- Parameters:
keyName- name of the key- Returns:
- updated request
-
context
Specifies the context for key derivation. This is required if key derivation is enabled for this key.- Parameters:
context- context- Returns:
- updated request
-
keyVersion
Version of the key used to encrypt the data.- Parameters:
keyVersion- version of the key- Returns:
- updated builder
-
keyType
This parameter is required when encryption key is expected to be created. When performing an upsert operation, the type of key to create.Defaults to
aes256-gcm96.- Parameters:
encryptionKeyType- type of the encryption key- Returns:
- updated request
-
convergent
public TransitSecurityProvider.TransitEncryptionConfig.Builder convergent(String convergentEncryption) This parameter will only be used when a key is expected to be created. Whether to support convergent encryption. This is only supported when using a key with key derivation enabled and will require all requests to carry both a context and 96-bit (12-byte) nonce. The given nonce will be used in place of a randomly generated nonce. As a result, when the same context and nonce are supplied, the same ciphertext is generated. It is very important when using this mode that you ensure that all nonces are unique for a given context. Failing to do so will severely impact the ciphertext's security.- Parameters:
convergentEncryption- convergent encryption- Returns:
- updated request
-