Package jenkins.security
Class ConfidentialStore
- java.lang.Object
- 
- jenkins.security.ConfidentialStore
 
- 
- Direct Known Subclasses:
- DefaultConfidentialStore
 
 public abstract class ConfidentialStore extends Object The actual storage for the data held byConfidentialKeys, and the holder of the master secret.This class is only relevant for the implementers of ConfidentialKeys. Most plugin code should interact withConfidentialKeys.OEM distributions of Jenkins can provide a custom ConfidentialStoreimplementation by writing a subclass, mark it withMetaInfServicesannotation, package it as a Jenkins module, and bundling it with the war file. This doesn't useExtensionbecause some plugins have been found to useSecretbefore we get toInitMilestone.PLUGINS_PREPARED, and thereforeExtensions aren't loaded yet. (Similarly, it's conceivable that some future core code might need this early on during the boot sequence.)- Since:
- 1.498
- Author:
- Kohsuke Kawaguchi
 
- 
- 
Constructor SummaryConstructors Constructor Description ConfidentialStore()
 - 
Method SummaryAll Methods Static Methods Instance Methods Abstract Methods Concrete Methods Modifier and Type Method Description static ConfidentialStoreget()Retrieves the currently active singleton instance ofConfidentialStore.protected abstract byte[]load(ConfidentialKey key)Reverse operation ofstore(ConfidentialKey, byte[])abstract byte[]randomBytes(int size)Works likeSecureRandom.nextBytes(byte[]).protected abstract voidstore(ConfidentialKey key, byte[] payload)Persists the payload ofConfidentialKeyto a persisted storage (such as disk.) The expectation is that the persisted form is secure.
 
- 
- 
- 
Method Detail- 
storeprotected abstract void store(ConfidentialKey key, byte[] payload) throws IOException Persists the payload ofConfidentialKeyto a persisted storage (such as disk.) The expectation is that the persisted form is secure.- Throws:
- IOException
 
 - 
load@CheckForNull protected abstract byte[] load(ConfidentialKey key) throws IOException Reverse operation ofstore(ConfidentialKey, byte[])- Returns:
- null the data has not been previously persisted, or if the data was tampered.
- Throws:
- IOException
 
 - 
randomBytespublic abstract byte[] randomBytes(int size) Works likeSecureRandom.nextBytes(byte[]). This enables implementations to consult other entropy sources, if it's available.
 - 
get@NonNull public static ConfidentialStore get() Retrieves the currently active singleton instance ofConfidentialStore.
 
- 
 
-