Package org.forgerock.openam.secrets.config

Enum Class PropertyFormat

java.lang.Object
java.lang.Enum<PropertyFormat>
org.forgerock.openam.secrets.config.PropertyFormat
All Implemented Interfaces:
Serializable, Comparable<PropertyFormat>, java.lang.constant.Constable, SecretPropertyFormat, SecretDecoder
@EvolvingAll public enum PropertyFormat extends Enum<PropertyFormat> implements SecretPropertyFormat
Supported property formats for file-based and system/environment variable properties.
Since:
AM 6.5.0

  • Enum Constant Details

    • PLAIN

      public static final PropertyFormat PLAIN
      A plain text value. The UTF-8 bytes of the value are used as the secret.

    • BASE64

      public static final PropertyFormat BASE64
      A base64-encoded binary value.

    • ENCRYPTED_PLAIN

      public static final PropertyFormat ENCRYPTED_PLAIN
      A text value encrypted with AM's server encryption key. The value will be decrypted with DecodeAction and the UTF-8 bytes used as the secret.

    • ENCRYPTED_BASE64

      public static final PropertyFormat ENCRYPTED_BASE64
      A base64-encoded binary value encrypted with AM's server key. The value is decrypted with DecodeAction and then base64-decoded.

    • ENCRYPTED_HMAC_KEY

      @Deprecated public static final PropertyFormat ENCRYPTED_HMAC_KEY
      Deprecated.
      Prefer ENCRYPTED_PEM for keys.
      A base64-encoded binary secret HMAC key encrypted with AM's server key. The values is decrypted with DecodeAction then base64-decoded and passed to SecretKeyPropertyFormat.

    • BASE64_HMAC_KEY

      @Deprecated public static final PropertyFormat BASE64_HMAC_KEY
      Deprecated.
      Prefer PEM for keys.
      A base64-encoded binary secret HMAC key. The values base64-decoded and passed to SecretKeyPropertyFormat.

    • GOOGLE_KMS_ENCRYPTED

      public static final PropertyFormat GOOGLE_KMS_ENCRYPTED
      A base64-encoded value that has been encrypted with Google Cloud Platform Key Management Service. The secret will be decrypted using the KMS key named by the org.forgerock.openam.secrets.googlekms.decryptionkey system property. The GCP SDK will automatically load KMS credentials from the environment.

    • GOOGLE_KMS_ENCRYPTED_HMAC_KEY

      @Deprecated public static final PropertyFormat GOOGLE_KMS_ENCRYPTED_HMAC_KEY
      Deprecated.
      Prefer GOOGLE_KMS_ENCRYPTED_PEM for keys.
      A base64-encoded value that has been encrypted with Google Cloud Platform Key Management Service. The secret will be decrypted using the KMS key named by the org.forgerock.openam.secrets.googlekms.decryptionkey system property. The GCP SDK will automatically load KMS credentials from the environment. The decrypted value will be interpreted as a HMAC key.

    • PEM

      public static final PropertyFormat PEM
      Certificates, keys, and passwords in Privacy Enhanced Mail (PEM) format. This format is widely supported by tools such as OpenSSL. Encrypted private keys can be decrypted using passwords configured for the Labels.PEM_PRIVATE_KEY_DECRYPTION secret ID. This currently only supports loading passwords from global secret stores.

    • ENCRYPTED_PEM

      public static final PropertyFormat ENCRYPTED_PEM
      Certificates, keys, and passwords in Privacy Enhanced Mail (PEM) format that have then been encrypted with AM's password-based encryption. The value is decrypted with ENCRYPTED_PLAIN and then passed to the PEM decoder.

    • GOOGLE_KMS_ENCRYPTED_PEM

      public static final PropertyFormat GOOGLE_KMS_ENCRYPTED_PEM
      Certificates, keys, and passwords in Privacy Enhanced Mail (PEM) format that have then been encrypted with Google KMS. The value is decrypted with GOOGLE_KMS_ENCRYPTED and then passed to the PEM decoder.

    • JWK

      public static final PropertyFormat JWK
      Decodes a JSON Web Key (JWK) as a secret.

  • Method Details

    • values

      public static PropertyFormat[] values()
      Returns an array containing the constants of this enum class, in the order they are declared.
      Returns:
      an array containing the constants of this enum class, in the order they are declared

    • valueOf

      public static PropertyFormat valueOf(String name)
      Returns the enum constant of this class with the specified name. The string must match exactly an identifier used to declare an enum constant in this class. (Extraneous whitespace characters are not permitted.)
      Parameters:
      name - the name of the enum constant to be returned.
      Returns:
      the enum constant with the specified name
      Throws:
      IllegalArgumentException - if this enum class has no constant with the specified name
      NullPointerException - if the argument is null