Package com.oracle.bmc.keymanagement

Interface KmsCrypto

  • All Superinterfaces:
    AutoCloseable
    All Known Implementing Classes:
    KmsCryptoClient
    @Generated(value="OracleSDKGenerator",
           comments="API Version: release")
public interface KmsCrypto
extends AutoCloseable
    Use the Key Management API to manage vaults and keys.

    For more information, see Managing Vaults and Managing Keys.

    This service client uses CircuitBreakerUtils.DEFAULT_CIRCUIT_BREAKER for all the operations by default if no circuit breaker configuration is defined by the user.

    • Method Detail

      • refreshClient

        void refreshClient()
        Rebuilds the client from scratch.

        Useful to refresh certificates.

      • setEndpoint

        void setEndpoint​(String endpoint)
        Sets the endpoint to call (ex, https://www.example.com).
        Parameters:
        endpoint - The endpoint of the service.

      • getEndpoint

        String getEndpoint()
        Gets the set endpoint for REST call (ex, https://www.example.com)

      • decrypt

        DecryptResponse decrypt​(DecryptRequest request)
        Decrypts data using the given DecryptDataDetails resource.
        Parameters:
        request - The request object containing the details to send
        Returns:
        A response object containing details about the completed operation
        Throws:
        BmcException - when an error occurs. This operation will not retry by default, users can also use RetryConfiguration.SDK_DEFAULT_RETRY_CONFIGURATION provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/javasdkconcepts.htm#javasdkconcepts_topic_Retries

        Example: Click <a href=“https://docs.oracle.com/en-us/iaas/tools/java-sdk-examples/3.63.0/keymanagement/DecryptExample.java.html"target=”_blank"rel=“noopener noreferrer”>here to see how to use Decrypt API.

      • encrypt

        EncryptResponse encrypt​(EncryptRequest request)
        Encrypts data using the given EncryptDataDetails resource.

        Plaintext included in the example request is a base64-encoded value of a UTF-8 string.

        Parameters:
        request - The request object containing the details to send
        Returns:
        A response object containing details about the completed operation
        Throws:
        BmcException - when an error occurs. This operation will not retry by default, users can also use RetryConfiguration.SDK_DEFAULT_RETRY_CONFIGURATION provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/javasdkconcepts.htm#javasdkconcepts_topic_Retries

        Example: Click <a href=“https://docs.oracle.com/en-us/iaas/tools/java-sdk-examples/3.63.0/keymanagement/EncryptExample.java.html"target=”_blank"rel=“noopener noreferrer”>here to see how to use Encrypt API.

      • exportKey

        ExportKeyResponse exportKey​(ExportKeyRequest request)
        Exports a specific version of a master encryption key according to the details of the request.

        For their protection, keys that you create and store on a hardware security module (HSM) can never leave the HSM. You can only export keys stored on the server. For export, the key version is encrypted by an RSA public key that you provide. This operation is not supported for keys having protection mode EXTERNAL.

        Parameters:
        request - The request object containing the details to send
        Returns:
        A response object containing details about the completed operation
        Throws:
        BmcException - when an error occurs. This operation will not retry by default, users can also use RetryConfiguration.SDK_DEFAULT_RETRY_CONFIGURATION provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/javasdkconcepts.htm#javasdkconcepts_topic_Retries

        Example: Click <a href=“https://docs.oracle.com/en-us/iaas/tools/java-sdk-examples/3.63.0/keymanagement/ExportKeyExample.java.html"target=”_blank"rel=“noopener noreferrer”>here to see how to use ExportKey API.

      • generateDataEncryptionKey

        GenerateDataEncryptionKeyResponse generateDataEncryptionKey​(GenerateDataEncryptionKeyRequest request)
        Generates a key that you can use to encrypt or decrypt data.
        Parameters:
        request - The request object containing the details to send
        Returns:
        A response object containing details about the completed operation
        Throws:
        BmcException - when an error occurs. This operation will not retry by default, users can also use RetryConfiguration.SDK_DEFAULT_RETRY_CONFIGURATION provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/javasdkconcepts.htm#javasdkconcepts_topic_Retries

        Example: Click <a href=“https://docs.oracle.com/en-us/iaas/tools/java-sdk-examples/3.63.0/keymanagement/GenerateDataEncryptionKeyExample.java.html"target=”_blank"rel=“noopener noreferrer”>here to see how to use GenerateDataEncryptionKey API.

      • sign

        SignResponse sign​(SignRequest request)
        Creates a digital signature for a message or message digest by using the private key of a public-private key pair, also known as an asymmetric key.

        To verify the generated signature, you can use the Verify operation. Or, if you want to validate the signature outside of the service, you can do so by using the public key of the same asymmetric key. This operation is not supported for keys having protection mode EXTERNAL.

        Parameters:
        request - The request object containing the details to send
        Returns:
        A response object containing details about the completed operation
        Throws:
        BmcException - when an error occurs. This operation will not retry by default, users can also use RetryConfiguration.SDK_DEFAULT_RETRY_CONFIGURATION provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/javasdkconcepts.htm#javasdkconcepts_topic_Retries

        Example: Click <a href=“https://docs.oracle.com/en-us/iaas/tools/java-sdk-examples/3.63.0/keymanagement/SignExample.java.html"target=”_blank"rel=“noopener noreferrer”>here to see how to use Sign API.

      • verify

        VerifyResponse verify​(VerifyRequest request)
        Verifies a digital signature that was generated by the Sign operation by using the public key of the same asymmetric key that was used to sign the data.

        If you want to validate the digital signature outside of the service, you can do so by using the public key of the asymmetric key. This operation is not supported for keys having protection mode EXTERNAL.

        Parameters:
        request - The request object containing the details to send
        Returns:
        A response object containing details about the completed operation
        Throws:
        BmcException - when an error occurs. This operation will not retry by default, users can also use RetryConfiguration.SDK_DEFAULT_RETRY_CONFIGURATION provided by the SDK to enable retries for it. The specifics of the default retry strategy are described here https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/javasdkconcepts.htm#javasdkconcepts_topic_Retries

        Example: Click <a href=“https://docs.oracle.com/en-us/iaas/tools/java-sdk-examples/3.63.0/keymanagement/VerifyExample.java.html"target=”_blank"rel=“noopener noreferrer”>here to see how to use Verify API.