Enum PropertyFormat
- java.lang.Object
-
- java.lang.Enum<PropertyFormat>
-
- org.forgerock.openam.secrets.config.PropertyFormat
-
- All Implemented Interfaces:
Serializable
,Comparable<PropertyFormat>
,SecretPropertyFormat
,SecretDecoder
@EvolvingAll public enum PropertyFormat extends Enum<PropertyFormat> implements SecretPropertyFormat
Supported property formats for file-based and system/environment variable properties.- Since:
- AM 6.5.0
-
-
Enum Constant Summary
Enum Constants Enum Constant Description BASE64
A base64-encoded binary value.BASE64_HMAC_KEY
Deprecated.PreferPEM
for keys.ENCRYPTED_BASE64
A base64-encoded binary value encrypted with AM's server key.ENCRYPTED_HMAC_KEY
Deprecated.PreferENCRYPTED_PEM
for keys.ENCRYPTED_PEM
Certificates, keys, and passwords in Privacy Enhanced Mail (PEM) format that have then been encrypted with AM's password-based encryption.ENCRYPTED_PLAIN
A text value encrypted with AM's server encryption key.GOOGLE_KMS_ENCRYPTED
A base64-encoded value that has been encrypted with Google Cloud Platform Key Management Service.GOOGLE_KMS_ENCRYPTED_HMAC_KEY
Deprecated.PreferGOOGLE_KMS_ENCRYPTED_PEM
for keys.GOOGLE_KMS_ENCRYPTED_PEM
Certificates, keys, and passwords in Privacy Enhanced Mail (PEM) format that have then been encrypted with Google KMS.PEM
Certificates, keys, and passwords in Privacy Enhanced Mail (PEM) format.PLAIN
A plain text value.
-
Field Summary
-
Fields inherited from interface org.forgerock.secrets.SecretDecoder
RAW
-
Fields inherited from interface org.forgerock.secrets.propertyresolver.SecretPropertyFormat
PLAIN
-
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static PropertyFormat
valueOf(String name)
Returns the enum constant of this type with the specified name.static PropertyFormat[]
values()
Returns an array containing the constants of this enum type, in the order they are declared.-
Methods inherited from class java.lang.Enum
clone, compareTo, equals, finalize, getDeclaringClass, hashCode, name, ordinal, toString, valueOf
-
Methods inherited from interface org.forgerock.secrets.propertyresolver.SecretPropertyFormat
decode, decodeToPromise, decodeToPromise
-
-
-
-
Enum Constant Detail
-
PLAIN
public static final PropertyFormat PLAIN
A plain text value. The UTF-8 bytes of the value are used as the secret.
-
BASE64
public static final PropertyFormat BASE64
A base64-encoded binary value.
-
ENCRYPTED_PLAIN
public static final PropertyFormat ENCRYPTED_PLAIN
A text value encrypted with AM's server encryption key. The value will be decrypted withDecodeAction
and the UTF-8 bytes used as the secret.
-
ENCRYPTED_BASE64
public static final PropertyFormat ENCRYPTED_BASE64
A base64-encoded binary value encrypted with AM's server key. The value is decrypted withDecodeAction
and then base64-decoded.
-
ENCRYPTED_HMAC_KEY
@Deprecated public static final PropertyFormat ENCRYPTED_HMAC_KEY
Deprecated.PreferENCRYPTED_PEM
for keys.A base64-encoded binary secret HMAC key encrypted with AM's server key. The values is decrypted withDecodeAction
then base64-decoded and passed toSecretKeyPropertyFormat
.
-
BASE64_HMAC_KEY
@Deprecated public static final PropertyFormat BASE64_HMAC_KEY
Deprecated.PreferPEM
for keys.A base64-encoded binary secret HMAC key. The values base64-decoded and passed toSecretKeyPropertyFormat
.
-
GOOGLE_KMS_ENCRYPTED
public static final PropertyFormat GOOGLE_KMS_ENCRYPTED
A base64-encoded value that has been encrypted with Google Cloud Platform Key Management Service. The secret will be decrypted using the KMS key named by theorg.forgerock.openam.secrets.googlekms.decryptionkey
system property. The GCP SDK will automatically load KMS credentials from the environment.
-
GOOGLE_KMS_ENCRYPTED_HMAC_KEY
@Deprecated public static final PropertyFormat GOOGLE_KMS_ENCRYPTED_HMAC_KEY
Deprecated.PreferGOOGLE_KMS_ENCRYPTED_PEM
for keys.A base64-encoded value that has been encrypted with Google Cloud Platform Key Management Service. The secret will be decrypted using the KMS key named by theorg.forgerock.openam.secrets.googlekms.decryptionkey
system property. The GCP SDK will automatically load KMS credentials from the environment. The decrypted value will be interpreted as a HMAC key.
-
PEM
public static final PropertyFormat PEM
Certificates, keys, and passwords in Privacy Enhanced Mail (PEM) format. This format is widely supported by tools such as OpenSSL. Encrypted private keys can be decrypted using passwords configured for theLabels.PEM_PRIVATE_KEY_DECRYPTION
secret ID. This currently only supports loading passwords from global secret stores.
-
ENCRYPTED_PEM
public static final PropertyFormat ENCRYPTED_PEM
Certificates, keys, and passwords in Privacy Enhanced Mail (PEM) format that have then been encrypted with AM's password-based encryption. The value is decrypted withENCRYPTED_PLAIN
and then passed to thePEM
decoder.
-
GOOGLE_KMS_ENCRYPTED_PEM
public static final PropertyFormat GOOGLE_KMS_ENCRYPTED_PEM
Certificates, keys, and passwords in Privacy Enhanced Mail (PEM) format that have then been encrypted with Google KMS. The value is decrypted withGOOGLE_KMS_ENCRYPTED
and then passed to thePEM
decoder.
-
-
Method Detail
-
values
public static PropertyFormat[] values()
Returns an array containing the constants of this enum type, in the order they are declared. This method may be used to iterate over the constants as follows:for (PropertyFormat c : PropertyFormat.values()) System.out.println(c);
- Returns:
- an array containing the constants of this enum type, in the order they are declared
-
valueOf
public static PropertyFormat valueOf(String name)
Returns the enum constant of this type with the specified name. The string must match exactly an identifier used to declare an enum constant in this type. (Extraneous whitespace characters are not permitted.)- Parameters:
name
- the name of the enum constant to be returned.- Returns:
- the enum constant with the specified name
- Throws:
IllegalArgumentException
- if this enum type has no constant with the specified nameNullPointerException
- if the argument is null
-
-