ConfidentialStore (Jenkins core 2.356 API)

java.lang.Object
- jenkins.security.ConfidentialStore

Direct Known Subclasses:

DefaultConfidentialStore
```
public abstract class ConfidentialStore
extends Object
```
The actual storage for the data held by ConfidentialKeys, and the holder of the master secret.
This class is only relevant for the implementers of ConfidentialKeys. Most plugin code should interact with ConfidentialKeys.
OEM distributions of Jenkins can provide a custom ConfidentialStore implementation by writing a subclass, mark it with MetaInfServices annotation, package it as a Jenkins module, and bundling it with the war file. This doesn't use Extension because some plugins have been found to use Secret before we get to InitMilestone.PLUGINS_PREPARED, and therefore Extensions aren't loaded yet. (Similarly, it's conceivable that some future core code might need this early on during the boot sequence.)

Since:

1.498

Author:

Kohsuke Kawaguchi

Constructor Summary

Constructors
Constructor Description

ConfidentialStore()

Method Summary

All Methods Static Methods Instance Methods Abstract Methods Concrete Methods
Modifier and Type	Method	Description
`static ConfidentialStore`	`get()`	Retrieves the currently active singleton instance of `ConfidentialStore`.
`protected abstract byte[]`	`load(ConfidentialKey key)`	Reverse operation of `store(ConfidentialKey, byte[])`
`abstract byte[]`	`randomBytes(int size)`	Works like `SecureRandom.nextBytes(byte[])`.
`protected abstract void`	`store(ConfidentialKey key, byte[] payload)`	Persists the payload of `ConfidentialKey` to a persisted storage (such as disk.) The expectation is that the persisted form is secure.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - ConfidentialStore
```
public ConfidentialStore()
```
- Method Detail
  - store
```
protected abstract void store(ConfidentialKey key,
                              byte[] payload)
                       throws IOException
```
    Persists the payload of ConfidentialKey to a persisted storage (such as disk.) The expectation is that the persisted form is secure.
    
    Throws:
    
    IOException
  - load
```
@CheckForNull
protected abstract byte[] load(ConfidentialKey key)
                        throws IOException
```
    Reverse operation of store(ConfidentialKey, byte[])
    
    Returns:
    
    null the data has not been previously persisted, or if the data was tampered.
    
    Throws:
    
    IOException
  - randomBytes
```
public abstract byte[] randomBytes(int size)
```
    Works like SecureRandom.nextBytes(byte[]). This enables implementations to consult other entropy sources, if it's available.
  - get
```
@NonNull
public static ConfidentialStore get()
```
    Retrieves the currently active singleton instance of ConfidentialStore.