java.lang.Object

io.helidon.integrations.vault.secrets.transit.TransitSecurityProvider.TransitDigestConfig.Builder

All Implemented Interfaces:: Builder<TransitSecurityProvider.TransitDigestConfig.Builder,TransitSecurityProvider.TransitDigestConfig>, Supplier<TransitSecurityProvider.TransitDigestConfig>

Enclosing class:: TransitSecurityProvider.TransitDigestConfig

public static class TransitSecurityProvider.TransitDigestConfig.Builder extends Object implements Builder<TransitSecurityProvider.TransitDigestConfig.Builder,TransitSecurityProvider.TransitDigestConfig>

Fluent API builder for TransitSecurityProvider.TransitDigestConfig.

Field Summary

Fields

Modifier and Type

Field

Description

static final String

TYPE_HMAC

Digest is an HMAC.

static final String

TYPE_SIGNATURE

Digest is a signature.
Method Summary

Modifier and Type

Method

Description

TransitSecurityProvider.TransitDigestConfig

build()

Build the instance from this builder.

TransitSecurityProvider.TransitDigestConfig.Builder

config(Config config)

Update this builder from configuration.

TransitSecurityProvider.TransitDigestConfig.Builder

context(Base64Value context)

Specifies the context for key derivation.

TransitSecurityProvider.TransitDigestConfig.Builder

hashAlgorithm(String hashAlgorithm)

Specifies the hash algorithm to use for supporting key types (notably, not including ed25519 which specifies its own hash algorithm).

TransitSecurityProvider.TransitDigestConfig.Builder

keyName(String keyName)

Name of the key (Vault server side) used for this digest.

TransitSecurityProvider.TransitDigestConfig.Builder

keyVersion(int keyVersion)

Specifies the version of the key to use for digest.

TransitSecurityProvider.TransitDigestConfig.Builder

marshalingAlgorithm(String marshalingAlgorithm)

Specifies the way in which the signature should be marshaled.

TransitSecurityProvider.TransitDigestConfig.Builder

signatureAlgorithm(String signatureAlgorithm)

When using a RSA key, specifies the RSA signature algorithm to use for signing.

TransitSecurityProvider.TransitDigestConfig.Builder

type(String type)

Type of digest, either TYPE_SIGNATURE or TYPE_HMAC.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface io.helidon.common.Builder
get, identity, update

Field Details
- TYPE_SIGNATURE
  
  public static final String TYPE_SIGNATURE
  
  Digest is a signature.
  See Also:
  
  Constant Field Values
- TYPE_HMAC
  
  public static final String TYPE_HMAC
  
  Digest is an HMAC.
  See Also:
  
  Constant Field Values

Method Details

build

public TransitSecurityProvider.TransitDigestConfig build()

Description copied from interface: Builder

Build the instance from this builder.

Specified by:

build in interface Builder<TransitSecurityProvider.TransitDigestConfig.Builder,TransitSecurityProvider.TransitDigestConfig>

Returns:

instance of the built type

config

public TransitSecurityProvider.TransitDigestConfig.Builder config(Config config)

Update this builder from configuration. Only "key-name" is mandatory. Configuration options:

Secret configuration
key	description	builder method
"key-name"	Name of the key used for this digest operation	`keyName(String)`
`key-version`	Version of the key to use	`keyVersion(int)`
`context`	Context as base64 encoded text.	`context(Base64Value)`
`signature-algorithm`	Signature algorithm.	`signatureAlgorithm(String)`
`marshalling-algorithm`	Marshalling algorithm.	`marshalingAlgorithm(String)`
`hash-algorithm`	Hash algorithm.	`hashAlgorithm(String)`
`type`	Type of digest, defaults to "signature".	`type(String)`

Parameters:: config - config to use
Returns:: updated builder

type

public TransitSecurityProvider.TransitDigestConfig.Builder type(String type)

Type of digest, either TYPE_SIGNATURE or TYPE_HMAC. Defaults to TYPE_SIGNATURE.

Parameters:

type - type to use

Returns:

updated builder
keyName

public TransitSecurityProvider.TransitDigestConfig.Builder keyName(String keyName)

Name of the key (Vault server side) used for this digest. Note that key type must be valid for the type used. Signatures require an asymmetric key, HMAC requires a symmetric key.

Parameters:

keyName - name of the key

Returns:

updated builder
keyVersion

public TransitSecurityProvider.TransitDigestConfig.Builder keyVersion(int keyVersion)

Specifies the version of the key to use for digest. If not set, uses the latest version. Must be greater than or equal to the key's min_encryption_version, if set. Optional.

Parameters:

keyVersion - key version

Returns:

updated request
context

public TransitSecurityProvider.TransitDigestConfig.Builder context(Base64Value context)

Specifies the context for key derivation. This is required if key derivation is enabled for this key; currently only available with ed25519 keys.

Parameters:

context - context

Returns:

updated request
signatureAlgorithm

public TransitSecurityProvider.TransitDigestConfig.Builder signatureAlgorithm(String signatureAlgorithm)

When using a RSA key, specifies the RSA signature algorithm to use for signing. Supported signature types are: pss pkcs1v15 See signature algorithm constants on this class.
Parameters:

signatureAlgorithm - signature algorithm to use

Returns:

updated request

See Also:
- Sign.Request.SIGNATURE_ALGORITHM_PSS
- Sign.Request.SIGNATURE_ALGORITHM_PKCS1_V15
marshalingAlgorithm

public TransitSecurityProvider.TransitDigestConfig.Builder marshalingAlgorithm(String marshalingAlgorithm)

Specifies the way in which the signature should be marshaled. This currently only applies to ECDSA keys. Supported types are: asn1: The default, used by OpenSSL and X.509 jws: The version used by JWS (and thus for JWTs). Selecting this will also change the output encoding to URL-safe Base64 encoding instead of standard Base64-encoding.
Parameters:

marshalingAlgorithm - marshaling algorithm

Returns:

updated request

See Also:
- Sign.Request.MARSHALLING_ALGORITHM_ASN_1
- Sign.Request.MARSHALLING_ALGORITHM_JWS
hashAlgorithm

public TransitSecurityProvider.TransitDigestConfig.Builder hashAlgorithm(String hashAlgorithm)

Specifies the hash algorithm to use for supporting key types (notably, not including ed25519 which specifies its own hash algorithm). See hash algorithm constants on this class.
Parameters:

hashAlgorithm - algorithm to use

Returns:

updated request

See Also:

Class TransitSecurityProvider.TransitDigestConfig.Builder

Field Summary

Method Summary

Methods inherited from class java.lang.Object

Methods inherited from interface io.helidon.common.Builder

Field Details

TYPE_SIGNATURE

TYPE_HMAC

Method Details

build

config

type

keyName

keyVersion

context

signatureAlgorithm

marshalingAlgorithm

hashAlgorithm