From a168e0ef0f2e2cd32b958f58b6b1618383fa90f4 Mon Sep 17 00:00:00 2001 From: George Arama <50641385+gearama@users.noreply.github.com> Date: Wed, 1 May 2024 08:19:57 -0700 Subject: [PATCH] Update samples credentials and add notes to crypto client (#5587) * Update samples credentials and add notes to crypto client * put back missing urls --- .../azure-security-keyvault-certificates/README.md | 4 +++- .../certificate_basic_operations.cpp | 12 +++--------- .../certificate_get_certificates.cpp | 12 +++--------- .../certificate_import_certificate.cpp | 12 +++--------- .../samples/certificate_basic_operations.md | 6 ++++-- .../samples/certificate_get_certificates.md | 4 +++- .../samples/certificate_import_certificate.md | 6 ++++-- sdk/keyvault/azure-security-keyvault-keys/README.md | 10 +++++++++- .../sample1-hello-world/sample1_hello_world.cpp | 9 +-------- .../samples/sample1_hello_world.md | 6 ++++-- .../sample2_backup_and_restore.cpp | 12 +++--------- .../samples/sample2_backup_and_restore.md | 6 ++++-- .../samples/sample3-get-keys/sample3_get_keys.cpp | 12 +++--------- .../samples/sample3_get_keys.md | 6 ++++-- .../sample4_encrypt_decrypt.cpp | 12 +++--------- .../samples/sample4_encrypt_decrypt.md | 9 +++++++-- .../sample5-sign-verify/sample5_sign_verify.cpp | 13 +++---------- .../samples/sample5_sign_verify.md | 9 +++++++-- .../sample6-wrap-unwrap/sample6_wrap_unwrap.cpp | 12 +++--------- .../samples/sample6_wrap_unwrap.md | 6 ++++-- .../sample7-key-rotation/sample7_key_rotation.cpp | 12 +++--------- .../samples/sample7_key_rotation.md | 4 +++- .../azure-security-keyvault-secrets/README.md | 4 ++-- .../sample1_basic_operations.cpp | 3 ++- .../samples/sample1_basic_operations.md | 5 ++++- .../sample2_backup_restore.cpp | 3 ++- .../samples/sample2_backup_restore.md | 5 ++++- .../sample3_delete_recover.cpp | 4 ++-- .../samples/sample3_delete_recover.md | 5 ++++- .../sample4_get_secrets_deleted.cpp | 4 ++-- .../samples/sample4_get_secrets_deleted.md | 5 ++++- 31 files changed, 110 insertions(+), 122 deletions(-) diff --git a/sdk/keyvault/azure-security-keyvault-certificates/README.md b/sdk/keyvault/azure-security-keyvault-certificates/README.md index a39826fd2..2b82d6918 100644 --- a/sdk/keyvault/azure-security-keyvault-certificates/README.md +++ b/sdk/keyvault/azure-security-keyvault-certificates/README.md @@ -62,7 +62,9 @@ Key Vault Certificate client for C++ currently supports any `TokenCredential` fo Then, in the sample below, you can set `keyVaultUrl` based on an environment variable, configuration setting, or any way that works for your application. ```cpp Snippet:CertificateSample1Client -CertificateClient certificateClient(std::getenv("AZURE_KEYVAULT_URL"), credential); +auto const keyVaultUrl = std::getenv("AZURE_KEYVAULT_URL"); +... + CertificateClient certificateClient(keyVaultUrl, credential); ``` ### Start creating a Certificate diff --git a/sdk/keyvault/azure-security-keyvault-certificates/samples/certificate-basic-operations/certificate_basic_operations.cpp b/sdk/keyvault/azure-security-keyvault-certificates/samples/certificate-basic-operations/certificate_basic_operations.cpp index a5b50a783..8eb556811 100644 --- a/sdk/keyvault/azure-security-keyvault-certificates/samples/certificate-basic-operations/certificate_basic_operations.cpp +++ b/sdk/keyvault/azure-security-keyvault-certificates/samples/certificate-basic-operations/certificate_basic_operations.cpp @@ -7,9 +7,6 @@ * * @remark The following environment variables must be set before running the sample. * - AZURE_KEYVAULT_URL: To the Key Vault account URL. - * - AZURE_TENANT_ID: Tenant ID for the Azure account. - * - AZURE_CLIENT_ID: The Client ID to authenticate the request. - * - AZURE_CLIENT_SECRET: The client secret. * */ @@ -25,14 +22,11 @@ using namespace std::chrono_literals; int main() { - auto tenantId = std::getenv("AZURE_TENANT_ID"); - auto clientId = std::getenv("AZURE_CLIENT_ID"); - auto clientSecret = std::getenv("AZURE_CLIENT_SECRET"); - auto credential - = std::make_shared(tenantId, clientId, clientSecret); + auto const keyVaultUrl = std::getenv("AZURE_KEYVAULT_URL"); + auto credential = std::make_shared(); std::chrono::milliseconds defaultWait(10s); // create client - CertificateClient certificateClient(std::getenv("AZURE_KEYVAULT_URL"), credential); + CertificateClient certificateClient(keyVaultUrl, credential); try { diff --git a/sdk/keyvault/azure-security-keyvault-certificates/samples/certificate-get-certificates/certificate_get_certificates.cpp b/sdk/keyvault/azure-security-keyvault-certificates/samples/certificate-get-certificates/certificate_get_certificates.cpp index 6028d999a..dc668099e 100644 --- a/sdk/keyvault/azure-security-keyvault-certificates/samples/certificate-get-certificates/certificate_get_certificates.cpp +++ b/sdk/keyvault/azure-security-keyvault-certificates/samples/certificate-get-certificates/certificate_get_certificates.cpp @@ -10,9 +10,6 @@ * * @remark The following environment variables must be set before running the sample. * - AZURE_KEYVAULT_URL: To the Key Vault account URL. - * - AZURE_TENANT_ID: Tenant ID for the Azure account. - * - AZURE_CLIENT_ID: The Client ID to authenticate the request. - * - AZURE_CLIENT_SECRET: The client secret. * */ @@ -32,14 +29,11 @@ KeyVaultCertificateWithPolicy CreateCertificate( int main() { - auto tenantId = std::getenv("AZURE_TENANT_ID"); - auto clientId = std::getenv("AZURE_CLIENT_ID"); - auto clientSecret = std::getenv("AZURE_CLIENT_SECRET"); - auto credential - = std::make_shared(tenantId, clientId, clientSecret); + auto const keyVaultUrl = std::getenv("AZURE_KEYVAULT_URL"); + auto credential = std::make_shared(); std::chrono::milliseconds defaultWait(10s); // create client - CertificateClient certificateClient(std::getenv("AZURE_KEYVAULT_URL"), credential); + CertificateClient certificateClient(keyVaultUrl, credential); try { diff --git a/sdk/keyvault/azure-security-keyvault-certificates/samples/certificate-import-certificate/certificate_import_certificate.cpp b/sdk/keyvault/azure-security-keyvault-certificates/samples/certificate-import-certificate/certificate_import_certificate.cpp index 30416899a..077eb241e 100644 --- a/sdk/keyvault/azure-security-keyvault-certificates/samples/certificate-import-certificate/certificate_import_certificate.cpp +++ b/sdk/keyvault/azure-security-keyvault-certificates/samples/certificate-import-certificate/certificate_import_certificate.cpp @@ -7,9 +7,6 @@ * * @remark The following environment variables must be set before running the sample. * - AZURE_KEYVAULT_URL: To the Key Vault account URL. - * - AZURE_TENANT_ID: Tenant ID for the Azure account. - * - AZURE_CLIENT_ID: The Client ID to authenticate the request. - * - AZURE_CLIENT_SECRET: The client secret. * */ @@ -28,14 +25,11 @@ std::string GetPkcsCertificate(); int main() { - auto tenantId = std::getenv("AZURE_TENANT_ID"); - auto clientId = std::getenv("AZURE_CLIENT_ID"); - auto clientSecret = std::getenv("AZURE_CLIENT_SECRET"); - auto credential - = std::make_shared(tenantId, clientId, clientSecret); + auto const keyVaultUrl = std::getenv("AZURE_KEYVAULT_URL"); + auto credential = std::make_shared(); std::chrono::milliseconds defaultWait(10s); // create client - CertificateClient certificateClient(std::getenv("AZURE_KEYVAULT_URL"), credential); + CertificateClient certificateClient(keyVaultUrl, credential); try { diff --git a/sdk/keyvault/azure-security-keyvault-certificates/samples/certificate_basic_operations.md b/sdk/keyvault/azure-security-keyvault-certificates/samples/certificate_basic_operations.md index ba437238e..fa9199c22 100644 --- a/sdk/keyvault/azure-security-keyvault-certificates/samples/certificate_basic_operations.md +++ b/sdk/keyvault/azure-security-keyvault-certificates/samples/certificate_basic_operations.md @@ -17,13 +17,15 @@ To create a new `CertificateClient` to create, get, update, or delete certificat Key Vault Certificate client for C++ currently supports any `TokenCredential` for authenticating. ```cpp Snippet:CertificateSample1CreateCredential - auto credential = std::make_shared(); +auto credential = std::make_shared(); ``` Then, in the sample below, you can set `keyVaultUrl` based on an environment variable, configuration setting, or any way that works for your application. ```cpp Snippet:CertificateSample1Client -CertificateClient certificateClient(std::getenv("AZURE_KEYVAULT_URL"), credential); +auto const keyVaultUrl = std::getenv("AZURE_KEYVAULT_URL"); +... +CertificateClient certificateClient(keyVaultUrl, credential); ``` ## Creating a Certificate diff --git a/sdk/keyvault/azure-security-keyvault-certificates/samples/certificate_get_certificates.md b/sdk/keyvault/azure-security-keyvault-certificates/samples/certificate_get_certificates.md index 293b8cad9..a14b99fd5 100644 --- a/sdk/keyvault/azure-security-keyvault-certificates/samples/certificate_get_certificates.md +++ b/sdk/keyvault/azure-security-keyvault-certificates/samples/certificate_get_certificates.md @@ -24,7 +24,9 @@ Key Vault Certificate client for C++ currently supports any `TokenCredential` fo Then, in the sample below, you can set `keyVaultUrl` based on an environment variable, configuration setting, or any way that works for your application. ```cpp Snippet:CertificateSample2Client -CertificateClient certificateClient(std::getenv("AZURE_KEYVAULT_URL"), credential); +auto const keyVaultUrl = std::getenv("AZURE_KEYVAULT_URL"); +... +CertificateClient certificateClient(keyVaultUrl, credential); ``` ## Creating a Certificate diff --git a/sdk/keyvault/azure-security-keyvault-certificates/samples/certificate_import_certificate.md b/sdk/keyvault/azure-security-keyvault-certificates/samples/certificate_import_certificate.md index 66df98b5f..110f819bb 100644 --- a/sdk/keyvault/azure-security-keyvault-certificates/samples/certificate_import_certificate.md +++ b/sdk/keyvault/azure-security-keyvault-certificates/samples/certificate_import_certificate.md @@ -10,13 +10,15 @@ To create a new `CertificateClient` to create, get, update, or delete certificat Key Vault Certificate client for C++ currently supports any `TokenCredential` for authenticating. ```cpp Snippet:CertificateSample3CreateCredential - auto credential = std::make_shared(); +auto credential = std::make_shared(); ``` Then, in the sample below, you can set `keyVaultUrl` based on an environment variable, configuration setting, or any way that works for your application. ```cpp Snippet:CertificateSample3Client -CertificateClient certificateClient(std::getenv("AZURE_KEYVAULT_URL"), credential); +auto const keyVaultUrl = std::getenv("AZURE_KEYVAULT_URL"); +... +CertificateClient certificateClient(keyVaultUrl, credential); ``` ## Importing a PEM certificate diff --git a/sdk/keyvault/azure-security-keyvault-keys/README.md b/sdk/keyvault/azure-security-keyvault-keys/README.md index 92e15c219..9a4344fc0 100644 --- a/sdk/keyvault/azure-security-keyvault-keys/README.md +++ b/sdk/keyvault/azure-security-keyvault-keys/README.md @@ -154,9 +154,11 @@ az keyvault security-domain download --hsm-name --sd-wrapp Once you've replaced **your-vault-url** with the above returned URI, you can create the [KeyClient][key_client_class]: ```cpp +auto const keyVaultUrl = std::getenv("AZURE_KEYVAULT_URL"); // Create a new key client using the default credential from Azure Identity. auto credential = std::make_shared(); -KeyClient client("AZURE_KEYVAULT_URL", credential); + +KeyClient keyClient(keyVaultUrl, credential);; // Create a new key using the key client. client.CreateKey("key-name", KeyVaultKeyType::Rsa); @@ -189,6 +191,12 @@ A `KeyClient` providing synchronous operations exists in the SDK. Once you've in A `CryptographyClient` providing synchronous operations exists in the SDK. Once you've initialized a `CryptographyClient`, you can use it to perform cryptographic operations with keys stored in Azure Key Vault. +#### Note +Microsoft recommends you not use CBC without first ensuring the integrity of the cipher text using an HMAC, for example. See https://docs.microsoft.com/dotnet/standard/security/vulnerabilities-cbc-mode for more information. + +Optional initialization vector (IV). If you pass your own IV, make sure you use a cryptographically random, non-repeating IV. If null, a cryptographically random IV will be choosing using {RandomNumberGenerator | whatever cryptorng your language provides}. + + ### Thread safety We guarantee that all client instance methods are thread-safe and independent of each other ([guideline](https://azure.github.io/azure-sdk/cpp_introduction.html#thread-safety)). This ensures that the recommendation of reusing client instances is always safe, even across threads. diff --git a/sdk/keyvault/azure-security-keyvault-keys/samples/sample1-hello-world/sample1_hello_world.cpp b/sdk/keyvault/azure-security-keyvault-keys/samples/sample1-hello-world/sample1_hello_world.cpp index cc2da76f4..b98e05905 100644 --- a/sdk/keyvault/azure-security-keyvault-keys/samples/sample1-hello-world/sample1_hello_world.cpp +++ b/sdk/keyvault/azure-security-keyvault-keys/samples/sample1-hello-world/sample1_hello_world.cpp @@ -7,9 +7,6 @@ * * @remark The following environment variables must be set before running the sample. * - AZURE_KEYVAULT_URL: To the Key Vault account URL. - * - AZURE_TENANT_ID: Tenant ID for the Azure account. - * - AZURE_CLIENT_ID: The Client ID to authenticate the request. - * - AZURE_CLIENT_SECRET: The client secret. * */ @@ -26,12 +23,8 @@ using namespace Azure::Security::KeyVault::Keys; int main() { - auto const tenantId = std::getenv("AZURE_TENANT_ID"); - auto const clientId = std::getenv("AZURE_CLIENT_ID"); - auto const clientSecret = std::getenv("AZURE_CLIENT_SECRET"); auto const keyVaultUrl = std::getenv("AZURE_KEYVAULT_URL"); - auto credential - = std::make_shared(tenantId, clientId, clientSecret); + auto credential = std::make_shared(); KeyClient keyClient(keyVaultUrl, credential); diff --git a/sdk/keyvault/azure-security-keyvault-keys/samples/sample1_hello_world.md b/sdk/keyvault/azure-security-keyvault-keys/samples/sample1_hello_world.md index 195533243..61c6d0d56 100644 --- a/sdk/keyvault/azure-security-keyvault-keys/samples/sample1_hello_world.md +++ b/sdk/keyvault/azure-security-keyvault-keys/samples/sample1_hello_world.md @@ -10,13 +10,15 @@ To create a new `KeyClient` to create, get, update, or delete keys, you need the Key Vault Keys client for C++ currently supports any `TokenCredential` for authenticating. ```cpp Snippet:KeysSample1CreateCredential - auto credential = std::make_shared(); +auto credential = std::make_shared(); ``` Then, in the sample below, you can set `keyVaultUrl` based on an environment variable, configuration setting, or any way that works for your application. ```cpp Snippet:KeysSample1KeyClient -KeyClient keyClient(std::getenv("AZURE_KEYVAULT_URL"), credential); +auto const keyVaultUrl = std::getenv("AZURE_KEYVAULT_URL"); +... +KeyClient keyClient(keyVaultUrl, credential); ``` ## Creating a key diff --git a/sdk/keyvault/azure-security-keyvault-keys/samples/sample2-backup-and-restore/sample2_backup_and_restore.cpp b/sdk/keyvault/azure-security-keyvault-keys/samples/sample2-backup-and-restore/sample2_backup_and_restore.cpp index 6939b92a3..0501814ba 100644 --- a/sdk/keyvault/azure-security-keyvault-keys/samples/sample2-backup-and-restore/sample2_backup_and_restore.cpp +++ b/sdk/keyvault/azure-security-keyvault-keys/samples/sample2-backup-and-restore/sample2_backup_and_restore.cpp @@ -7,9 +7,6 @@ * * @remark The following environment variables must be set before running the sample. * - AZURE_KEYVAULT_URL: To the Key Vault account URL. - * - AZURE_TENANT_ID: Tenant ID for the Azure account. - * - AZURE_CLIENT_ID: The Client ID to authenticate the request. - * - AZURE_CLIENT_SECRET: The client secret. * */ @@ -30,13 +27,10 @@ static void AssertKeysEqual(KeyProperties const& expected, KeyProperties const& int main() { - auto tenantId = std::getenv("AZURE_TENANT_ID"); - auto clientId = std::getenv("AZURE_CLIENT_ID"); - auto clientSecret = std::getenv("AZURE_CLIENT_SECRET"); - auto credential - = std::make_shared(tenantId, clientId, clientSecret); + auto const keyVaultUrl = std::getenv("AZURE_KEYVAULT_URL"); + auto credential = std::make_shared(); - KeyClient keyClient(std::getenv("AZURE_KEYVAULT_URL"), credential); + KeyClient keyClient(keyVaultUrl, credential); std::string rsaKeyName("CloudRsaKey" + Azure::Core::Uuid::CreateUuid().ToString()); try diff --git a/sdk/keyvault/azure-security-keyvault-keys/samples/sample2_backup_and_restore.md b/sdk/keyvault/azure-security-keyvault-keys/samples/sample2_backup_and_restore.md index 76c089d3b..86ab7d0d1 100644 --- a/sdk/keyvault/azure-security-keyvault-keys/samples/sample2_backup_and_restore.md +++ b/sdk/keyvault/azure-security-keyvault-keys/samples/sample2_backup_and_restore.md @@ -12,13 +12,15 @@ Key Vault Keys client for C++ currently supports any `TokenCredential` for authe In the sample below, you can create a credential by setting the Tenant ID, Client ID and client secret as environment variables. ```cpp Snippet:KeysSample1CreateCredential - auto credential = std::make_shared(); +auto credential = std::make_shared(); ``` Then, in the sample below, you can set `keyVaultUrl` based on an environment variable, configuration setting, or any way that works for your application. ```cpp Snippet:KeysSample1KeyClient -KeyClient keyClient(std::getenv("AZURE_KEYVAULT_URL"), credential); +auto const keyVaultUrl = std::getenv("AZURE_KEYVAULT_URL"); +... +KeyClient keyClient(keyVaultUrl, credential); ``` ## Creating a key diff --git a/sdk/keyvault/azure-security-keyvault-keys/samples/sample3-get-keys/sample3_get_keys.cpp b/sdk/keyvault/azure-security-keyvault-keys/samples/sample3-get-keys/sample3_get_keys.cpp index 54bcb8383..e71dd3c1e 100644 --- a/sdk/keyvault/azure-security-keyvault-keys/samples/sample3-get-keys/sample3_get_keys.cpp +++ b/sdk/keyvault/azure-security-keyvault-keys/samples/sample3-get-keys/sample3_get_keys.cpp @@ -8,9 +8,6 @@ * * @remark The following environment variables must be set before running the sample. * - AZURE_KEYVAULT_URL: To the Key Vault account URL. - * - AZURE_TENANT_ID: Tenant ID for the Azure account. - * - AZURE_CLIENT_ID: The Client ID to authenticate the request. - * - AZURE_CLIENT_SECRET: The client secret. * */ @@ -28,13 +25,10 @@ using namespace Azure::Security::KeyVault::Keys; int main() { - auto tenantId = std::getenv("AZURE_TENANT_ID"); - auto clientId = std::getenv("AZURE_CLIENT_ID"); - auto clientSecret = std::getenv("AZURE_CLIENT_SECRET"); - auto credential - = std::make_shared(tenantId, clientId, clientSecret); + auto const keyVaultUrl = std::getenv("AZURE_KEYVAULT_URL"); + auto credential = std::make_shared(); - KeyClient keyClient(std::getenv("AZURE_KEYVAULT_URL"), credential); + KeyClient keyClient(keyVaultUrl, credential); try { diff --git a/sdk/keyvault/azure-security-keyvault-keys/samples/sample3_get_keys.md b/sdk/keyvault/azure-security-keyvault-keys/samples/sample3_get_keys.md index 527f2a03c..519644fdb 100644 --- a/sdk/keyvault/azure-security-keyvault-keys/samples/sample3_get_keys.md +++ b/sdk/keyvault/azure-security-keyvault-keys/samples/sample3_get_keys.md @@ -12,13 +12,15 @@ Key Vault Keys client for C++ currently supports any `TokenCredential` for authe In the sample below, you can create a credential by setting the Tenant ID, Client ID and client secret as environment variables. ```cpp Snippet:KeysSample1CreateCredential - auto credential = std::make_shared(); +auto credential = std::make_shared(); ``` Then, in the sample below, you can set `keyVaultUrl` based on an environment variable, configuration setting, or any way that works for your application. ```cpp Snippet:KeysSample1KeyClient -KeyClient keyClient(std::getenv("AZURE_KEYVAULT_URL"), credential); +auto const keyVaultUrl = std::getenv("AZURE_KEYVAULT_URL"); +... +KeyClient keyClient(keyVaultUrl, credential); ``` ## Creating a key diff --git a/sdk/keyvault/azure-security-keyvault-keys/samples/sample4-encrypt-decrypt/sample4_encrypt_decrypt.cpp b/sdk/keyvault/azure-security-keyvault-keys/samples/sample4-encrypt-decrypt/sample4_encrypt_decrypt.cpp index a8565d6f8..ac3973378 100644 --- a/sdk/keyvault/azure-security-keyvault-keys/samples/sample4-encrypt-decrypt/sample4_encrypt_decrypt.cpp +++ b/sdk/keyvault/azure-security-keyvault-keys/samples/sample4-encrypt-decrypt/sample4_encrypt_decrypt.cpp @@ -7,9 +7,6 @@ * * @remark The following environment variables must be set before running the sample. * - AZURE_KEYVAULT_URL: To the Key Vault account URL. - * - AZURE_TENANT_ID: Tenant ID for the Azure account. - * - AZURE_CLIENT_ID: The Client ID to authenticate the request. - * - AZURE_CLIENT_SECRET: The client secret. * */ @@ -27,13 +24,10 @@ using namespace std::chrono_literals; int main() { - auto tenantId = std::getenv("AZURE_TENANT_ID"); - auto clientId = std::getenv("AZURE_CLIENT_ID"); - auto clientSecret = std::getenv("AZURE_CLIENT_SECRET"); - auto credential - = std::make_shared(tenantId, clientId, clientSecret); + auto const keyVaultUrl = std::getenv("AZURE_KEYVAULT_URL"); + auto credential = std::make_shared(); - KeyClient keyClient(std::getenv("AZURE_KEYVAULT_URL"), credential); + KeyClient keyClient(keyVaultUrl, credential); // Let's create a RSA key which will be used to encrypt and decrypt auto rsaKeyName = "CloudRsaKey-" + Azure::Core::Uuid::CreateUuid().ToString(); diff --git a/sdk/keyvault/azure-security-keyvault-keys/samples/sample4_encrypt_decrypt.md b/sdk/keyvault/azure-security-keyvault-keys/samples/sample4_encrypt_decrypt.md index 95e01b03f..5b3c44fd9 100644 --- a/sdk/keyvault/azure-security-keyvault-keys/samples/sample4_encrypt_decrypt.md +++ b/sdk/keyvault/azure-security-keyvault-keys/samples/sample4_encrypt_decrypt.md @@ -12,13 +12,15 @@ Key Vault Keys client for C++ currently supports any `TokenCredential` for authe In the sample below, you can create a credential by setting the Tenant ID, Client ID and client secret as environment variables. ```cpp Snippet:KeysSample1CreateCredential - auto credential = std::make_shared(); +auto credential = std::make_shared(); ``` Then, in the sample below, you can set `keyVaultUrl` based on an environment variable, configuration setting, or any way that works for your application. ```cpp Snippet:KeysSample1KeyClient -KeyClient keyClient(std::getenv("AZURE_KEYVAULT_URL"), credential); +auto const keyVaultUrl = std::getenv("AZURE_KEYVAULT_URL"); +... +KeyClient keyClient(keyVaultUrl, credential); ``` ## Creating a key @@ -71,5 +73,8 @@ std::cout << " - Decrypted data using the algorithm " << decryptResult.Algorithm ``` ## Source +To see the full example source, see: + +- [sample4_encrypt_decrypt.cpp](https://github.com/Azure/azure-sdk-for-cpp/blob/main/sdk/keyvault/azure-security-keyvault-keys/samples/sample4-encrypt-decrypt/sample4_encrypt_decrypt.cpp) [defaultazurecredential]: https://github.com/Azure/azure-sdk-for-cpp/blob/main/sdk/identity/azure-identity/README.md diff --git a/sdk/keyvault/azure-security-keyvault-keys/samples/sample5-sign-verify/sample5_sign_verify.cpp b/sdk/keyvault/azure-security-keyvault-keys/samples/sample5-sign-verify/sample5_sign_verify.cpp index 92e76cd43..867369d81 100644 --- a/sdk/keyvault/azure-security-keyvault-keys/samples/sample5-sign-verify/sample5_sign_verify.cpp +++ b/sdk/keyvault/azure-security-keyvault-keys/samples/sample5-sign-verify/sample5_sign_verify.cpp @@ -7,9 +7,6 @@ * * @remark The following environment variables must be set before running the sample. * - AZURE_KEYVAULT_URL: To the Key Vault account URL. - * - AZURE_TENANT_ID: Tenant ID for the Azure account. - * - AZURE_CLIENT_ID: The Client ID to authenticate the request. - * - AZURE_CLIENT_SECRET: The client secret. * */ @@ -27,14 +24,10 @@ using namespace std::chrono_literals; int main() { + auto const keyVaultUrl = std::getenv("AZURE_KEYVAULT_URL"); + auto credential = std::make_shared(); - auto tenantId = std::getenv("AZURE_TENANT_ID"); - auto clientId = std::getenv("AZURE_CLIENT_ID"); - auto clientSecret = std::getenv("AZURE_CLIENT_SECRET"); - auto credential - = std::make_shared(tenantId, clientId, clientSecret); - - KeyClient keyClient(std::getenv("AZURE_KEYVAULT_URL"), credential); + KeyClient keyClient(keyVaultUrl, credential); auto rsaKeyName = "CloudRsaKey-" + Azure::Core::Uuid::CreateUuid().ToString(); auto keyOptions = CreateRsaKeyOptions(rsaKeyName, false); diff --git a/sdk/keyvault/azure-security-keyvault-keys/samples/sample5_sign_verify.md b/sdk/keyvault/azure-security-keyvault-keys/samples/sample5_sign_verify.md index a41f531b8..bb8d38a4b 100644 --- a/sdk/keyvault/azure-security-keyvault-keys/samples/sample5_sign_verify.md +++ b/sdk/keyvault/azure-security-keyvault-keys/samples/sample5_sign_verify.md @@ -12,13 +12,15 @@ Key Vault Keys client for C++ currently supports any `TokenCredential` for authe In the sample below, you can create a credential by setting the Tenant ID, Client ID and client secret as environment variables. ```cpp Snippet:KeysSample1CreateCredential - auto credential = std::make_shared(); +auto credential = std::make_shared(); ``` Then, in the sample below, you can set `keyVaultUrl` based on an environment variable, configuration setting, or any way that works for your application. ```cpp Snippet:KeysSample1KeyClient -KeyClient keyClient(std::getenv("AZURE_KEYVAULT_URL"), credential); +auto const keyVaultUrl = std::getenv("AZURE_KEYVAULT_URL"); +... +KeyClient keyClient(keyVaultUrl, credential); ``` ## Creating keys @@ -137,5 +139,8 @@ std::cout << " - Verified the signature using the algorithm " ``` ## Source +To see the full example source, see: + +- [sample5_sign_verify.cpp](https://github.com/Azure/azure-sdk-for-cpp/blob/main/sdk/keyvault/azure-security-keyvault-keys/samples/sample5-sign-verify/sample5_sign_verify.cpp) [defaultazurecredential]: https://github.com/Azure/azure-sdk-for-cpp/blob/main/sdk/identity/azure-identity/README.md diff --git a/sdk/keyvault/azure-security-keyvault-keys/samples/sample6-wrap-unwrap/sample6_wrap_unwrap.cpp b/sdk/keyvault/azure-security-keyvault-keys/samples/sample6-wrap-unwrap/sample6_wrap_unwrap.cpp index 262bf8ea0..bbaee389e 100644 --- a/sdk/keyvault/azure-security-keyvault-keys/samples/sample6-wrap-unwrap/sample6_wrap_unwrap.cpp +++ b/sdk/keyvault/azure-security-keyvault-keys/samples/sample6-wrap-unwrap/sample6_wrap_unwrap.cpp @@ -7,9 +7,6 @@ * * @remark The following environment variables must be set before running the sample. * - AZURE_KEYVAULT_URL: To the Key Vault account URL. - * - AZURE_TENANT_ID: Tenant ID for the Azure account. - * - AZURE_CLIENT_ID: The Client ID to authenticate the request. - * - AZURE_CLIENT_SECRET: The client secret. * */ @@ -27,13 +24,10 @@ using namespace std::chrono_literals; int main() { - auto tenantId = std::getenv("AZURE_TENANT_ID"); - auto clientId = std::getenv("AZURE_CLIENT_ID"); - auto clientSecret = std::getenv("AZURE_CLIENT_SECRET"); - auto credential - = std::make_shared(tenantId, clientId, clientSecret); + auto const keyVaultUrl = std::getenv("AZURE_KEYVAULT_URL"); + auto credential = std::make_shared(); - KeyClient keyClient(std::getenv("AZURE_KEYVAULT_URL"), credential); + KeyClient keyClient(keyVaultUrl, credential); auto rsaKeyName = "CloudRsaKey-" + Azure::Core::Uuid::CreateUuid().ToString(); auto keyOptions = CreateRsaKeyOptions(rsaKeyName, false); diff --git a/sdk/keyvault/azure-security-keyvault-keys/samples/sample6_wrap_unwrap.md b/sdk/keyvault/azure-security-keyvault-keys/samples/sample6_wrap_unwrap.md index ddef45c3f..5889b0f78 100644 --- a/sdk/keyvault/azure-security-keyvault-keys/samples/sample6_wrap_unwrap.md +++ b/sdk/keyvault/azure-security-keyvault-keys/samples/sample6_wrap_unwrap.md @@ -12,13 +12,15 @@ Key Vault Keys client for C++ currently supports any `TokenCredential` for authe In the sample below, you can create a credential by setting the Tenant ID, Client ID and client secret as environment variables. ```cpp Snippet:KeysSample6CreateCredential - auto credential = std::make_shared(); +auto credential = std::make_shared(); ``` Then, in the sample below, you can set `keyVaultUrl` based on an environment variable, configuration setting, or any way that works for your application. ```cpp Snippet:KeysSample6KeyClient -KeyClient keyClient(std::getenv("AZURE_KEYVAULT_URL"), credential); +auto const keyVaultUrl = std::getenv("AZURE_KEYVAULT_URL"); +... +KeyClient keyClient(keyVaultUrl, credential); ``` ## Creating a key diff --git a/sdk/keyvault/azure-security-keyvault-keys/samples/sample7-key-rotation/sample7_key_rotation.cpp b/sdk/keyvault/azure-security-keyvault-keys/samples/sample7-key-rotation/sample7_key_rotation.cpp index 86d9a9cb6..ce4327569 100644 --- a/sdk/keyvault/azure-security-keyvault-keys/samples/sample7-key-rotation/sample7_key_rotation.cpp +++ b/sdk/keyvault/azure-security-keyvault-keys/samples/sample7-key-rotation/sample7_key_rotation.cpp @@ -7,9 +7,6 @@ * * @remark The following environment variables must be set before running the sample. * - AZURE_KEYVAULT_URL: To the Key Vault account URL. - * - AZURE_TENANT_ID: Tenant ID for the Azure account. - * - AZURE_CLIENT_ID: The Client ID to authenticate the request. - * - AZURE_CLIENT_SECRET: The client secret. * */ @@ -27,13 +24,10 @@ using namespace std::chrono_literals; int main() { - auto tenantId = std::getenv("AZURE_TENANT_ID"); - auto clientId = std::getenv("AZURE_CLIENT_ID"); - auto clientSecret = std::getenv("AZURE_CLIENT_SECRET"); - auto credential - = std::make_shared(tenantId, clientId, clientSecret); + auto const keyVaultUrl = std::getenv("AZURE_KEYVAULT_URL"); + auto credential = std::make_shared(); - KeyClient keyClient(std::getenv("AZURE_KEYVAULT_URL"), credential); + KeyClient keyClient(keyVaultUrl, credential); auto keyName = "RotateKey-" + Azure::Core::Uuid::CreateUuid().ToString(); auto createKeyResponse = keyClient.CreateEcKey(CreateEcKeyOptions(keyName)); diff --git a/sdk/keyvault/azure-security-keyvault-keys/samples/sample7_key_rotation.md b/sdk/keyvault/azure-security-keyvault-keys/samples/sample7_key_rotation.md index 90a68dd05..621578b2e 100644 --- a/sdk/keyvault/azure-security-keyvault-keys/samples/sample7_key_rotation.md +++ b/sdk/keyvault/azure-security-keyvault-keys/samples/sample7_key_rotation.md @@ -18,7 +18,9 @@ auto credential = std::make_shared(); Then, in the sample below, you can set `keyVaultUrl` based on an environment variable, configuration setting, or any way that works for your application. ```cpp Snippet:KeysSample7KeyClient -KeyClient keyClient(std::getenv("AZURE_KEYVAULT_URL"), credential); +auto const keyVaultUrl = std::getenv("AZURE_KEYVAULT_URL"); +... +KeyClient keyClient(keyVaultUrl, credential); ``` ## Creating a key diff --git a/sdk/keyvault/azure-security-keyvault-secrets/README.md b/sdk/keyvault/azure-security-keyvault-secrets/README.md index 6eec2031a..1048d0ab4 100644 --- a/sdk/keyvault/azure-security-keyvault-secrets/README.md +++ b/sdk/keyvault/azure-security-keyvault-secrets/README.md @@ -52,10 +52,10 @@ For detailed samples please review the samples provided. First step is to create a SecretClient. ```cpp +auto const keyVaultUrl = std::getenv("AZURE_KEYVAULT_URL"); auto credential = std::make_shared(); - // create client -SecretClient secretClient(std::getenv("AZURE_KEYVAULT_URL"), credential); +SecretClient secretClient(keyVaultUrl, credential); ``` ### Create a secret diff --git a/sdk/keyvault/azure-security-keyvault-secrets/samples/sample1-basic-operations/sample1_basic_operations.cpp b/sdk/keyvault/azure-security-keyvault-secrets/samples/sample1-basic-operations/sample1_basic_operations.cpp index 86446e33f..dd55a2ba0 100644 --- a/sdk/keyvault/azure-security-keyvault-secrets/samples/sample1-basic-operations/sample1_basic_operations.cpp +++ b/sdk/keyvault/azure-security-keyvault-secrets/samples/sample1-basic-operations/sample1_basic_operations.cpp @@ -21,11 +21,12 @@ using namespace std::chrono_literals; int main() { + auto const keyVaultUrl = std::getenv("AZURE_KEYVAULT_URL"); // @begin_snippet: SecretSample1CreateCredential auto credential = std::make_shared(); // create client - SecretClient secretClient(std::getenv("AZURE_KEYVAULT_URL"), credential); + SecretClient secretClient(keyVaultUrl, credential); // @end_snippet try diff --git a/sdk/keyvault/azure-security-keyvault-secrets/samples/sample1_basic_operations.md b/sdk/keyvault/azure-security-keyvault-secrets/samples/sample1_basic_operations.md index 1e40868d9..273b17035 100644 --- a/sdk/keyvault/azure-security-keyvault-secrets/samples/sample1_basic_operations.md +++ b/sdk/keyvault/azure-security-keyvault-secrets/samples/sample1_basic_operations.md @@ -18,7 +18,10 @@ auto credential = std::make_shared(); Then, in the sample below, you can set `keyVaultUrl` based on an environment variable, configuration setting, or any way that works for your application. ```cpp Snippet:SecretSample1SecretClient -SecretClient secretClient(std::getenv("AZURE_KEYVAULT_URL"), credential); +auto const keyVaultUrl = std::getenv("AZURE_KEYVAULT_URL"); +... +// create client +SecretClient secretClient(keyVaultUrl, credential); ``` ## Creating a Secret diff --git a/sdk/keyvault/azure-security-keyvault-secrets/samples/sample2-backup-restore/sample2_backup_restore.cpp b/sdk/keyvault/azure-security-keyvault-secrets/samples/sample2-backup-restore/sample2_backup_restore.cpp index b766a3280..1d599ee56 100644 --- a/sdk/keyvault/azure-security-keyvault-secrets/samples/sample2-backup-restore/sample2_backup_restore.cpp +++ b/sdk/keyvault/azure-security-keyvault-secrets/samples/sample2-backup-restore/sample2_backup_restore.cpp @@ -24,10 +24,11 @@ void AssertSecretsEqual(KeyVaultSecret const& expected, KeyVaultSecret const& ac int main() { + auto const keyVaultUrl = std::getenv("AZURE_KEYVAULT_URL"); auto credential = std::make_shared(); // create client - SecretClient secretClient(std::getenv("AZURE_KEYVAULT_URL"), credential); + SecretClient secretClient(keyVaultUrl, credential); std::string secretName("MySampleSecret2"); std::string secretValue("my secret value"); diff --git a/sdk/keyvault/azure-security-keyvault-secrets/samples/sample2_backup_restore.md b/sdk/keyvault/azure-security-keyvault-secrets/samples/sample2_backup_restore.md index de43d7bc6..fb5e17ae6 100644 --- a/sdk/keyvault/azure-security-keyvault-secrets/samples/sample2_backup_restore.md +++ b/sdk/keyvault/azure-security-keyvault-secrets/samples/sample2_backup_restore.md @@ -18,7 +18,10 @@ auto credential = std::make_shared(); Then, in the sample below, you can set `keyVaultUrl` based on an environment variable, configuration setting, or any way that works for your application. ```cpp Snippet:SecretSample2SecretClient -SecretClient secretClient(std::getenv("AZURE_KEYVAULT_URL"), credential); +auto const keyVaultUrl = std::getenv("AZURE_KEYVAULT_URL"); +... +// create client +SecretClient secretClient(keyVaultUrl, credential); ``` ## Creating a Secret diff --git a/sdk/keyvault/azure-security-keyvault-secrets/samples/sample3-delete-recover/sample3_delete_recover.cpp b/sdk/keyvault/azure-security-keyvault-secrets/samples/sample3-delete-recover/sample3_delete_recover.cpp index 9a851bbe5..977ccf4dd 100644 --- a/sdk/keyvault/azure-security-keyvault-secrets/samples/sample3-delete-recover/sample3_delete_recover.cpp +++ b/sdk/keyvault/azure-security-keyvault-secrets/samples/sample3-delete-recover/sample3_delete_recover.cpp @@ -23,10 +23,10 @@ void AssertSecretsEqual(KeyVaultSecret const& expected, KeyVaultSecret const& ac int main() { + auto const keyVaultUrl = std::getenv("AZURE_KEYVAULT_URL"); auto credential = std::make_shared(); - // create client - SecretClient secretClient(std::getenv("AZURE_KEYVAULT_URL"), credential); + SecretClient secretClient(keyVaultUrl, credential); std::string secretName("MySampleSecret"); std::string secretValue("my secret value"); diff --git a/sdk/keyvault/azure-security-keyvault-secrets/samples/sample3_delete_recover.md b/sdk/keyvault/azure-security-keyvault-secrets/samples/sample3_delete_recover.md index 902bc4dc4..5e7d19079 100644 --- a/sdk/keyvault/azure-security-keyvault-secrets/samples/sample3_delete_recover.md +++ b/sdk/keyvault/azure-security-keyvault-secrets/samples/sample3_delete_recover.md @@ -17,7 +17,10 @@ auto credential = std::make_shared(); Then, in the sample below, you can set `keyVaultUrl` based on an environment variable, configuration setting, or any way that works for your application. ```cpp Snippet:SecretSample3SecretClient -SecretClient secretClient(std::getenv("AZURE_KEYVAULT_URL"), credential); +auto const keyVaultUrl = std::getenv("AZURE_KEYVAULT_URL"); +... +// create client +SecretClient secretClient(keyVaultUrl, credential); ``` ## Creating a Secret diff --git a/sdk/keyvault/azure-security-keyvault-secrets/samples/sample4-get-secrets-deleted/sample4_get_secrets_deleted.cpp b/sdk/keyvault/azure-security-keyvault-secrets/samples/sample4-get-secrets-deleted/sample4_get_secrets_deleted.cpp index f7be828f7..b47025299 100644 --- a/sdk/keyvault/azure-security-keyvault-secrets/samples/sample4-get-secrets-deleted/sample4_get_secrets_deleted.cpp +++ b/sdk/keyvault/azure-security-keyvault-secrets/samples/sample4-get-secrets-deleted/sample4_get_secrets_deleted.cpp @@ -21,10 +21,10 @@ using namespace std::chrono_literals; int main() { + auto const keyVaultUrl = std::getenv("AZURE_KEYVAULT_URL"); auto credential = std::make_shared(); - // create client - SecretClient secretClient(std::getenv("AZURE_KEYVAULT_URL"), credential); + SecretClient secretClient(keyVaultUrl, credential); std::string secretName("Secret1"); std::string secretName2("Secret2"); diff --git a/sdk/keyvault/azure-security-keyvault-secrets/samples/sample4_get_secrets_deleted.md b/sdk/keyvault/azure-security-keyvault-secrets/samples/sample4_get_secrets_deleted.md index ee442fc8d..69f8623fe 100644 --- a/sdk/keyvault/azure-security-keyvault-secrets/samples/sample4_get_secrets_deleted.md +++ b/sdk/keyvault/azure-security-keyvault-secrets/samples/sample4_get_secrets_deleted.md @@ -17,7 +17,10 @@ auto credential = std::make_shared(); Then, in the sample below, you can set `keyVaultUrl` based on an environment variable, configuration setting, or any way that works for your application. ```cpp -SecretClient secretClient(std::getenv("AZURE_KEYVAULT_URL"), credential); +auto const keyVaultUrl = std::getenv("AZURE_KEYVAULT_URL"); +... +// create client +SecretClient secretClient(keyVaultUrl, credential); ``` ## Creating a couple of Secrets