Class CryptographyClientBuilder

java.lang.Object
com.azure.security.keyvault.keys.cryptography.CryptographyClientBuilder
All Implemented Interfaces:
ConfigurationTrait<CryptographyClientBuilder>, HttpTrait<CryptographyClientBuilder>, TokenCredentialTrait<CryptographyClientBuilder>

This class provides a fluent builder API to help aid the configuration and instantiation of the CryptographyAsyncClient and CryptographyClient, by calling buildAsyncClient() and buildClient() respectively It constructs an instance of the desired client.

The minimal configuration options required by cryptographyClientBuilder to build a CryptographyAsyncClient or a CryptographyClient are a credential and either a JSON Web Key or a Azure Key Vault key identifier.

To ensure correct behavior when performing operations such as Decrypt, Unwrap and Verify, it is recommended to use a CryptographyAsyncClient or CryptographyClient created for the specific key version that was used for the corresponding inverse operation: Encrypt, Wrap, or Sign, respectively.

 CryptographyAsyncClient cryptographyAsyncClient = new CryptographyClientBuilder()
     .keyIdentifier("<your-key-id>")
     .credential(new DefaultAzureCredentialBuilder().build())
     .buildAsyncClient();
 
 JsonWebKey jsonWebKey = new JsonWebKey().setId("SampleJsonWebKey");
 CryptographyAsyncClient cryptographyAsyncClient = new CryptographyClientBuilder()
     .jsonWebKey(jsonWebKey)
     .buildAsyncClient();
 

The log detail level, multiple custom policies and a custom http client can be optionally configured in the CryptographyClientBuilder.

 CryptographyAsyncClient cryptographyAsyncClient = new CryptographyClientBuilder()
     .keyIdentifier("<your-key-id>")
     .httpLogOptions(new HttpLogOptions().setLogLevel(HttpLogDetailLevel.BODY_AND_HEADERS))
     .addPolicy(new KeyVaultCredentialPolicy(new DefaultAzureCredentialBuilder().build()))
     .httpClient(HttpClient.createDefault())
     .buildAsyncClient();
 

Alternatively, a custom http pipeline with custom HttpPipelinePolicy policies can be specified. It provides finer control over the construction of CryptographyAsyncClient and CryptographyClient

 HttpPipeline pipeline = new HttpPipelineBuilder()
     .policies(new KeyVaultCredentialPolicy(new DefaultAzureCredentialBuilder().build()), new RetryPolicy())
     .build();
 CryptographyAsyncClient cryptographyAsyncClient = new CryptographyClientBuilder()
     .pipeline(pipeline)
     .keyIdentifier("<your-key-id>")
     .buildAsyncClient();
 

The minimal configuration options required by cryptographyClientBuilder to build CryptographyClient are jsonWebKey or Azure Key Vault key identifier and credential.

 CryptographyClient cryptographyClient = new CryptographyClientBuilder()
     .keyIdentifier("<your-key-id>")
     .credential(new DefaultAzureCredentialBuilder().build())
     .buildClient();
 
 JsonWebKey jsonWebKey = new JsonWebKey().setId("SampleJsonWebKey");
 CryptographyClient cryptographyClient = new CryptographyClientBuilder()
     .jsonWebKey(jsonWebKey)
     .buildClient();
 
See Also: