Module io.helidon.integrations.vault.secrets.transit
Package io.helidon.integrations.vault.secrets.transit

Class Sign.Request

    • Method Detail

      • signatureKeyName

        public Sign.Request signatureKeyName​(String signatureKeyName)
        Specifies the name of the encryption key to sign against. Required.
        Parameters:
        signatureKeyName - name of the key
        Returns:
        updated request

      • signatureKeyVersion

        public Sign.Request signatureKeyVersion​(int version)
        Specifies the version of the key to use for signatures. If not set, uses the latest version. Must be greater than or equal to the key's min_encryption_version, if set. Optional.
        Parameters:
        version - key version
        Returns:
        updated request

      • context

        public Sign.Request context​(Base64Value value)
        Specifies the context for key derivation. This is required if key derivation is enabled for this key; currently only available with ed25519 keys.
        Parameters:
        value - context
        Returns:
        updated request

      • preHashed

        public Sign.Request preHashed​(boolean preHashed)
        Set to true when the input is already hashed. If the key type is rsa-2048, rsa-3072 or rsa-4096, then the algorithm used to hash the input should be indicated by the hash_algorithm parameter. Just as the value to sign should be the base64-encoded representation of the exact binary data you want signed, when set, input is expected to be base64-encoded binary hashed data, not hex-formatted. (As an example, on the command line, you could generate a suitable input via openssl dgst -sha256 -binary | base64.).
        Parameters:
        preHashed - whether the data is pre hashed or not
        Returns:
        updated erqust

      • signatureAlgorithm

        public Sign.Request signatureAlgorithm​(String signatureAlgorithm)
        When using a RSA key, specifies the RSA signature algorithm to use for signing. Supported signature types are: pss pkcs1v15 See signature algorithm constants on this class.
        Parameters:
        signatureAlgorithm - signature algorithm to use
        Returns:
        updated request

      • marshalingAlgorithm

        public Sign.Request marshalingAlgorithm​(String marshalingAlgorithm)
        Specifies the way in which the signature should be marshaled. This currently only applies to ECDSA keys. Supported types are: asn1: The default, used by OpenSSL and X.509 jws: The version used by JWS (and thus for JWTs). Selecting this will also change the output encoding to URL-safe Base64 encoding instead of standard Base64-encoding.
        Parameters:
        marshalingAlgorithm - marshaling algorithm
        Returns:
        updated request

      • hashAlgorithm

        public Sign.Request hashAlgorithm​(String hashAlgorithm)
        Specifies the hash algorithm to use for supporting key types (notably, not including ed25519 which specifies its own hash algorithm). See hash algorithm constants on this class.
        Parameters:
        hashAlgorithm - algorithm to use
        Returns:
        updated request