Class ConfidentialKey
- java.lang.Object
-
- jenkins.security.ConfidentialKey
-
- Direct Known Subclasses:
CryptoConfidentialKey,HexStringConfidentialKey,HMACConfidentialKey,RSAConfidentialKey
public abstract class ConfidentialKey extends Object
Confidential information that gets stored as a singleton in Jenkins, mostly some random token value.The actual value is persisted via
ConfidentialStore, but each use case that requires a secret like this should use a separateConfidentialKeyinstance so that one compromisedConfidentialKey(say through incorrect usage and failure to protect it) shouldn't compromise all the others.ConfidentialKeyis ultimately a sequence of bytes, but for convenience, a family of subclasses are provided to represent the secret in different formats. SeeHexStringConfidentialKeyandHMACConfidentialKeyfor example. In addition to the programming ease, these use case specific subtypes make it harder for vulnerability to creep in by making it harder for the secret to leak.The
ConfidentialKeysubtypes are expected to be used as a singleton, likeJnlpAgentReceiver.SLAVE_SECRET. For code that relies on XStream for persistence (such asBuilders,SCMs, and other fragment objects around builds and jobs),Secretprovides more convenient way of storing secrets.- Since:
- 1.498
- Author:
- Kohsuke Kawaguchi
- See Also:
Secret
-
-
Constructor Summary
Constructors Modifier Constructor Description protectedConfidentialKey(String id)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description StringgetId()protected byte[]load()protected voidstore(byte[] payload)
-
-
-
Constructor Detail
-
ConfidentialKey
protected ConfidentialKey(String id)
-
-
Method Detail
-
load
@CheckForNull protected byte[] load() throws IOException- Throws:
IOException
-
store
protected void store(byte[] payload) throws IOException- Throws:
IOException
-
getId
public String getId()
-
-