Module io.helidon.integrations.vault.secrets.transit
Package io.helidon.integrations.vault.secrets.transit

Interface TransitSecrets

  • All Superinterfaces:
    Secrets
    public interface TransitSecrets
extends Secrets
    API operations for Vault's Transit Secrets Engine.

    • Method Detail

      • create

        static TransitSecrets create​(TransitSecretsRx reactive)
        Create blocking transit secrets from its reactive counterpart. This method should not be used when injection is available, as an instance of this class can be injected. This method should never be used in reactive environment, unless running in an executor service (use the TransitSecretsRx operations in reactive environment).
        Parameters:
        reactive - reactive transit secrets
        Returns:
        blocking transit secrets

      • createKey

        CreateKey.Response createKey​(CreateKey.Request request)
        Creates a new named encryption key of the specified type.
        Parameters:
        request - create key request
        Returns:
        future with response

      • encrypt

        Encrypt.Response encrypt​(Encrypt.Request request)
        Encrypts the provided plaintext using the named key. This path supports the create and update policy capabilities as follows: if the user has the create capability for this endpoint in their policies, and the key does not exist, it will be upserted with default values (whether the key requires derivation depends on whether the context parameter is empty or not). If the user only has update capability and the key does not exist, an error will be returned.
        Parameters:
        request - encrypt request
        Returns:
        future with response

      • encrypt

        EncryptBatch.Response encrypt​(EncryptBatch.Request request)
        Encrypts the provided batch of plaintext strings using the named key. This path supports the create and update policy capabilities as follows: if the user has the create capability for this endpoint in their policies, and the key does not exist, it will be upserted with default values (whether the key requires derivation depends on whether the context parameter is empty or not). If the user only has update capability and the key does not exist, an error will be returned.
        Parameters:
        request - encrypt request
        Returns:
        future with response

      • decrypt

        Decrypt.Response decrypt​(Decrypt.Request request)
        Decrypts the provided ciphertext using the named key.
        Parameters:
        request - decrypt request
        Returns:
        future with response

      • decrypt

        DecryptBatch.Response decrypt​(DecryptBatch.Request request)
        Decrypts the provided batch of ciphertext strings using the named key.
        Parameters:
        request - decrypt request
        Returns:
        future with response

      • hmac

        Hmac.Response hmac​(Hmac.Request request)
        Hmac of a message. Equivalent of a signature when using symmetric keys.
        Parameters:
        request - hmac request
        Returns:
        hmac response

      • sign

        Sign.Response sign​(Sign.Request request)
        Sign a message.
        Parameters:
        request - signature request
        Returns:
        signature response

      • verify

        Verify.Response verify​(Verify.Request request)
        Verify a message signature.
        Parameters:
        request - verification request
        Returns:
        verification response