TransitSecurityProvider.TransitEncryptionConfig.Builder (Helidon Project 2.6.13 API)

java.lang.Object
- io.helidon.integrations.vault.secrets.transit.TransitSecurityProvider.TransitEncryptionConfig.Builder

All Implemented Interfaces:

Builder<TransitSecurityProvider.TransitEncryptionConfig>, Supplier<TransitSecurityProvider.TransitEncryptionConfig>

Enclosing class:

TransitSecurityProvider.TransitEncryptionConfig
```
public static class TransitSecurityProvider.TransitEncryptionConfig.Builder
extends Object
implements Builder<TransitSecurityProvider.TransitEncryptionConfig>
```
Fluent API builder for TransitSecurityProvider.TransitEncryptionConfig.

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`TransitSecurityProvider.TransitEncryptionConfig`	`build()`	Build the instance from this builder.
`TransitSecurityProvider.TransitEncryptionConfig.Builder`	`config(Config config)`	Update this builder from configuration.
`TransitSecurityProvider.TransitEncryptionConfig.Builder`	`context(Base64Value context)`	Specifies the context for key derivation.
`TransitSecurityProvider.TransitEncryptionConfig.Builder`	`convergent(String convergentEncryption)`	This parameter will only be used when a key is expected to be created.
`TransitSecurityProvider.TransitEncryptionConfig.Builder`	`keyName(String keyName)`	Specifies the name of the encryption key to encrypt/decrypt against.
`TransitSecurityProvider.TransitEncryptionConfig.Builder`	`keyType(String encryptionKeyType)`	This parameter is required when encryption key is expected to be created.
`TransitSecurityProvider.TransitEncryptionConfig.Builder`	`keyVersion(int keyVersion)`	Version of the key used to encrypt the data.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface io.helidon.common.Builder
get

Method Detail

build
```
public TransitSecurityProvider.TransitEncryptionConfig build()
```
Description copied from interface: Builder

Build the instance from this builder.

Specified by:

build in interface Builder<TransitSecurityProvider.TransitEncryptionConfig>

Returns:

instance of the built type

config

public TransitSecurityProvider.TransitEncryptionConfig.Builder config(Config config)

Update this builder from configuration. Only "key-name" is mandatory. Configuration options:

Secret configuration
key	description	builder method
"key-name"	Name of the key used for this digest operation	`keyName(String)`
`context`	Context as base64 encoded text.	`context(Base64Value)`
`key-version`	Version of the key to use	`keyVersion(int)`
`key-type`	Type of the key to use	`keyVersion(int)`
`convergent`	Convergent encryption	`convergent(String)`

Parameters:: config - config to use
Returns:: updated builder

keyName
```
public TransitSecurityProvider.TransitEncryptionConfig.Builder keyName(String keyName)
```
Specifies the name of the encryption key to encrypt/decrypt against. Required.

Parameters:

keyName - name of the key

Returns:

updated request

context
```
public TransitSecurityProvider.TransitEncryptionConfig.Builder context(Base64Value context)
```
Specifies the context for key derivation. This is required if key derivation is enabled for this key.

Parameters:

context - context

Returns:

updated request

keyVersion
```
public TransitSecurityProvider.TransitEncryptionConfig.Builder keyVersion(int keyVersion)
```
Version of the key used to encrypt the data.

Parameters:

keyVersion - version of the key

Returns:

updated builder

keyType
```
public TransitSecurityProvider.TransitEncryptionConfig.Builder keyType(String encryptionKeyType)
```
This parameter is required when encryption key is expected to be created. When performing an upsert operation, the type of key to create.
Defaults to aes256-gcm96.

Parameters:

encryptionKeyType - type of the encryption key

Returns:

updated request

convergent
```
public TransitSecurityProvider.TransitEncryptionConfig.Builder convergent(String convergentEncryption)
```
This parameter will only be used when a key is expected to be created. Whether to support convergent encryption. This is only supported when using a key with key derivation enabled and will require all requests to carry both a context and 96-bit (12-byte) nonce. The given nonce will be used in place of a randomly generated nonce. As a result, when the same context and nonce are supplied, the same ciphertext is generated. It is very important when using this mode that you ensure that all nonces are unique for a given context. Failing to do so will severely impact the ciphertext's security.

Parameters:

convergentEncryption - convergent encryption

Returns:

updated request