| Package | Description |
|---|---|
| org.forgerock.openam.secrets |
The AM supporting classes for centrally configuring secrets.
|
| org.forgerock.secrets |
Provides a unified API for accessing secrets of various kinds.
|
| org.forgerock.secrets.keys |
Contains cryptographic key related API objects.
|
| org.forgerock.secrets.keystore |
Implementations of
SecretStore for accessing keys stored in Java KeyStores, such as
PKCS#11 Hardware Security Modules (HSMs) and PKCS#12 file-based encrypted key stores. |
| org.forgerock.secrets.propertyresolver |
Provides a
SecretStore implementation that loads secrets from a Common Configuration
PropertyResolver and then decodes it with a
SecretPropertyFormat. |
| Modifier and Type | Class and Description |
|---|---|
class |
DefaultingPurpose<S extends Secret>
A purpose that can fallback to a default secret ID if the first - more specific - secret ID could not be found
in the secrets provider.
|
| Modifier and Type | Method and Description |
|---|---|
SecretStore<? extends Secret> |
SimpleSecretStoreProvider.getStore()
Get the commons
SecretStore instance for this instance. |
SecretStore<? extends Secret> |
LockedSecretStoreProvider.getStore(SecretsReferenceProvider secrets)
Get the commons
SecretStore instance for this instance. |
| Modifier and Type | Class and Description |
|---|---|
class |
Purpose<T extends Secret>
A purpose encapsulates both a name for a function that requires access to secrets, together with a hint as
to the intended usage of those secrets.
|
class |
SecretReference<T extends Secret>
A long-lived reference to an active secret.
|
interface |
SecretStore<T extends Secret>
A backend storage mechanism for certain kinds of secrets.
|
class |
ThreadPoolSecretStore<T extends Secret>
A secret store that wraps another secret store and performs all query operations in a background thread using a
thread pool.
|
| Modifier and Type | Class and Description |
|---|---|
class |
GenericSecret
A generic secret represented as an opaque blob of bytes, such as a password or API key.
|
| Modifier and Type | Method and Description |
|---|---|
<T extends Secret> |
SecretBuilder.build(Class<T> secretType)
Builds a secret of the given type.
|
static <T extends Secret> |
SecretReference.constant(T secret)
Create a constant
SecretReference for the given secret, that will never expire. |
<S extends Secret> |
SecretsProvider.getActiveSecret(Purpose<S> purpose)
Gets the currently active secret for the given purpose.
|
<S extends Secret> |
SecretsProvider.getNamedOrValidSecrets(Purpose<S> purpose,
String id)
If the given id is not null, then this returns the single named secret that corresponds to that stable id (or
a stream of valid secrets for the given
purpose if no such secret exists), otherwise it returns all
valid secrets for the given purpose. |
<S extends Secret> |
SecretsProvider.getNamedSecret(Purpose<S> purpose,
String id)
Gets the secret for the given purpose with the given stable secret id.
|
<S extends Secret> |
SecretsProvider.getValidSecrets(Purpose<S> purpose)
Returns all secrets for the given purpose which have not yet expired.
|
static <T extends Secret> |
Purpose.purpose(String label,
Class<T> type)
Constructs a purpose object.
|
<T extends Secret> |
SecretsProvider.setActiveStore(SecretStore<? super T> store,
Purpose<? extends T>... purposes)
Sets the active store to use for the given purpose.
|
protected <T extends Secret> |
SecretsProvider.setActiveStore(SecretStore<? super T> store,
Purpose<? extends T> purpose)
Sets the active store to use for the given purpose.
|
static <S extends Secret> |
ThreadPoolSecretStore.wrap(SecretStore<S> store)
Wraps the given store in an asynchronous thread-pool executor using the system
ForkJoinPool.commonPool(). |
static <S extends Secret> |
ThreadPoolSecretStore.wrap(SecretStore<S> store,
ExecutorService executor)
Wraps the given store in an asynchronous thread-pool executor using the given thread pool.
|
| Modifier and Type | Class and Description |
|---|---|
class |
CryptoKey
Base class for all secrets that are used as keys for cryptographic operations.
|
class |
DataDecryptionKey
A key that is used for decrypting confidential data.
|
class |
DataEncryptionKey
A key that is used for encrypting confidential data.
|
class |
KeyAgreementKey
A key that is used in a key-agreement protocol (such as Diffie-Hellman) to agree another key.
|
class |
KeyDecryptionKey
A key that is used to decrypt (or "unwrap") other keys that have been encrypted with a
KeyEncryptionKey. |
class |
KeyEncryptionKey
A key that is used to encrypt ("wrap") other keys.
|
class |
SigningKey
A key that is used for signing digital signatures.
|
class |
VerificationKey
A key used for verifying digital signatures.
|
| Modifier and Type | Method and Description |
|---|---|
String |
KeyStoreSecretStore.StableIdProvider.stableIdFor(KeyStoreSecretStore.KeyDetails keyDetails,
Class<? extends Secret> secretType)
Produce the secret's stable ID.
|
| Modifier and Type | Method and Description |
|---|---|
<S extends Secret> |
PropertyResolverSecretStore.getActive(Purpose<S> purpose) |
<S extends Secret> |
PropertyResolverSecretStore.getNamed(Purpose<S> purpose,
String name) |
<S extends Secret> |
PropertyResolverSecretStore.getValid(Purpose<S> purpose) |
| Modifier and Type | Method and Description |
|---|---|
Class<Secret> |
PropertyResolverSecretStore.getStoredType() |
Copyright © 2010-2018, ForgeRock All Rights Reserved.