github/azure-sdk-for-cpp
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Samples (#2986)

Browse Source 
* two samples

* samples

* typas, types, typis .... typos

* PR comments
This commit is contained in:
George Arama 2021-10-25 18:30:43 -07:00 committed by GitHub
parent a4f2e510e5
commit a9094d0933
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
13 changed files with 898 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
sdk/keyvault/azure-security-keyvault-certificates/CMakeLists.txt
View File

@ -86,9 +86,9 @@ endif()
# add_subdirectory(test/perf)
# endif()
# if(BUILD_SAMPLES)
# add_subdirectory(test/samples)
# endif()
if(BUILD_SAMPLES)
add_subdirectory(samples)
endif()
az_vcpkg_export(
azure-security-keyvault-certificates

2
sdk/keyvault/azure-security-keyvault-certificates/inc/azure/keyvault/certificates/certificate_client.hpp
View File

@ -365,7 +365,7 @@ namespace Azure { namespace Security { namespace KeyVault { namespace Certificat
* page of certificates.
*/
CertificatePropertiesPagedResponse GetPropertiesOfCertificates(
GetPropertiesOfCertificatesOptions const& options,
GetPropertiesOfCertificatesOptions const& options = GetPropertiesOfCertificatesOptions(),
Azure::Core::Context const& context = Azure::Core::Context()) const;
/**

8
sdk/keyvault/azure-security-keyvault-certificates/samples/CMakeLists.txt Normal file
View File

@ -0,0 +1,8 @@
# Copyright (c) Microsoft Corporation. All rights reserved.
# SPDX-License-Identifier: MIT
cmake_minimum_required (VERSION 3.13)
add_subdirectory(certificate-basic-operations)
add_subdirectory(certificate-GetCertificates)
add_subdirectory(certificate-ImportCertificate)

15
sdk/keyvault/azure-security-keyvault-certificates/samples/certificate-GetCertificates/CMakeLists.txt Normal file
View File

@ -0,0 +1,15 @@
# Copyright (c) Microsoft Corporation. All rights reserved.
# SPDX-License-Identifier: MIT
cmake_minimum_required (VERSION 3.13)
project (certificate-GetCertificates LANGUAGES CXX)
set(CMAKE_CXX_STANDARD 14)
set(CMAKE_CXX_STANDARD_REQUIRED True)
add_executable (
certificate-GetCertificates
certificate-GetCertificates.cpp
)
target_link_libraries(certificate-GetCertificates PRIVATE azure-security-keyvault-certificates azure-identity )

139
sdk/keyvault/azure-security-keyvault-certificates/samples/certificate-GetCertificates/README.md Normal file
View File

@ -0,0 +1,139 @@
# Creating, get properties, get versions, delete, get deleted and purge certificates
This sample demonstrates how to:
* create certificates
* get properties of certificates
* get properties of certificate versions
* delete a certificate
* get deleted certificates
* purge
in Azure Key Vault.
To get started, you'll need a URI to an Azure Key Vault.
### Creating a CertificateClient
To create a new `CertificateClient` to create, get, update, or delete certificates, you need the endpoint to an Azure Key Vault and credentials.
Key Vault Certificate client for C++ currently supports the `ClientSecretCredential` for authenticating.
In the sample below, you can create a credential by setting the Tenant ID, Client ID and Client Secret as environment variables.
```cpp Snippet:CertificateSample2CreateCredential
auto tenantId = std::getenv("AZURE_TENANT_ID");
auto clientId = std::getenv("AZURE_CLIENT_ID");
auto clientSecret = std::getenv("AZURE_CLIENT_SECRET");
auto credential = std::make_shared<Azure::Identity::ClientSecretCredential>(tenantId, clientId, clientSecret);
```
Then, in the sample below, you can set `keyVaultUrl` based on an environment variable, configuration setting, or any way that works for your application.
```cpp Snippet:CertificateSample2Client
CertificateClient certificateClient(std::getenv("AZURE_KEYVAULT_URL"), credential);
```
## Creating a Certificate
Call StartCreateCertificate to create a new certificate, with specified properties and policy.
```cpp Snippet:CertificateSample2Create
std::string certificateName = "Sample1";
auto params = CertificateCreateParameters();
...
// start the create process
auto response = certificateClient.StartCreateCertificate(certificateName, params);
auto result = response.PollUntilDone(defaultWait);
// check that the operation completed
while (!response.IsCompleted())
{
response.UpdateProperties();
std::this_thread::sleep_for(defaultWait);
}
```
## Getting properties of Certificates
Call GetPropertiesOfCertificates to retrieve information about certificates from Key Vault.
```cpp Snippet:CertificateSample2GetProperties
// get properties of certificates
for (auto certificates = certificateClient.GetPropertiesOfCertificates();
certificates.HasPage();
certificates.MoveToNextPage())
{
// go through every certificate of each page returned
// the number of results returned for in a page is not guaranteed
// it can be anywhere from 0 to 25
std::cout << "Found " << certificates.Items.size() << " certificates.";
for (auto oneCertificate : certificates.Items)
{
std::cout << "Certificate name : " << oneCertificate.Name;
}
}
```
## Creating a new certificate version
Repeat the create certificate procedure, for an existing certificate it will create a new version of it.
## Getting the versions of a certificate
To get information about certificate versions call GetPropertiesOfCertificateVersions.
```cpp Snippet:CertificateSample2GetProperties
// get properties of all the versions of a certificate
for (auto certificateVersions
= certificateClient.GetPropertiesOfCertificateVersions(certificateName1);
certificateVersions.HasPage();
certificateVersions.MoveToNextPage())
{
// go through every certificate of each page returned
// the number of results returned for in a page is not guaranteed
// it can be anywhere from 0 to 25
std::cout << "Found " << certificateVersions.Items.size()
<< " certificate versions for certificate " << certificateName1;
}
```
## Deleting the certificates
Now we will delete the certificates. Since this is a long running operation we need to wait for the operation to finish
```cpp Snippet:CertificateSample2Delete
// delete the certificates
auto response1 = certificateClient.StartDeleteCertificate(certificateName1);
auto response2 = certificateClient.StartDeleteCertificate(certificateName2);
response1.PollUntilDone(defaultWait);
response2.PollUntilDone(defaultWait);
```
## Getting the deleted certificates
After the certificates are deleted , but not yet purged we can call GetDeletedCertificates
```cpp Snippet:CertificatesSample2GetDeleted
// get properties of deleted certificates
for (auto deletedCertificates = certificateClient.GetDeletedCertificates();
deletedCertificates.HasPage();
deletedCertificates.MoveToNextPage())
{
// go through every certificate of each page returned
// the number of results returned for in a page is not guaranteed
// it can be anywhere from 0 to 25
std::cout << "Found " << deletedCertificates.Items.size() << " deleted certificates.";
}
```
## Purging the deleted certificates
If the Azure Key Vault is soft delete-enabled and you want to permanently delete the certificate before its `ScheduledPurgeDate`, the certificate needs to be purged.
```cpp Snippet:certificateSample2Purge
// purge the certificates
{
certificateClient.PurgeDeletedCertificate(certificateName1);
certificateClient.PurgeDeletedCertificate(certificateName2);
}
```

175
sdk/keyvault/azure-security-keyvault-certificates/samples/certificate-GetCertificates/certificate-GetCertificates.cpp Normal file
View File

@ -0,0 +1,175 @@
// Copyright (c) Microsoft Corporation. All rights reserved.
// SPDX-License-Identifier: MIT
/**
*
* @brief This sample provides explamles of handling paged operations.
* @details This sample provides the code implementation to use the Key Vault Certificates SDK
* client for C++ to create, get properties of certificates, get properties of certificate versions,
* delete , get deleted certificates, purge
*
* @remark The following environment variables must be set before running the sample.
* - AZURE_KEYVAULT_URL: To the Key Vault account URL.
* - AZURE_TENANT_ID: Tenant ID for the Azure account.
* - AZURE_CLIENT_ID: The Client ID to authenticate the request.
* - AZURE_CLIENT_SECRET: The client secret.
*
*/
#if defined(_MSC_VER)
#define _CRT_SECURE_NO_WARNINGS
#endif
#include <azure/identity.hpp>
#include <azure/keyvault/keyvault_certificates.hpp>
#include <chrono>
#include <iostream>
using namespace Azure::Security::KeyVault::Certificates;
using namespace std::chrono_literals;
KeyVaultCertificateWithPolicy CreateCertificate(
std::string const& certificateName,
CertificateClient const& certificateClient);
int main()
{
auto tenantId = std::getenv("AZURE_TENANT_ID");
auto clientId = std::getenv("AZURE_CLIENT_ID");
auto clientSecret = std::getenv("AZURE_CLIENT_SECRET");
auto credential
= std::make_shared<Azure::Identity::ClientSecretCredential>(tenantId, clientId, clientSecret);
std::chrono::milliseconds defaultWait(10s);
// create client
CertificateClient certificateClient(std::getenv("AZURE_KEYVAULT_URL"), credential);
try
{
std::string certificateName1 = "Sample1";
std::string certificateName2 = "Sample2";
KeyVaultCertificateWithPolicy certificate1;
KeyVaultCertificateWithPolicy certificate2;
// create and get two certificates
{
// create certificates
certificate1 = CreateCertificate(certificateName1, certificateClient);
certificate2 = CreateCertificate(certificateName2, certificateClient);
// get properties of certificates
for (auto certificates = certificateClient.GetPropertiesOfCertificates();
certificates.HasPage();
certificates.MoveToNextPage())
{ // go through every certificate of each page returned
// the number of results returned for in a page is not guaranteed
// it can be anywhere from 0 to 25
std::cout << "Found " << certificates.Items.size() << " certificates.";
for (auto oneCertificate : certificates.Items)
{
std::cout << "Certificate name : " << oneCertificate.Name;
}
}
}
// certificate versions, and get versions
{
// create new version of certificate
CreateCertificate(certificateName1, certificateClient);
// get properties of all the versions of a certificate
for (auto certificateVersions
= certificateClient.GetPropertiesOfCertificateVersions(certificateName1);
certificateVersions.HasPage();
certificateVersions.MoveToNextPage())
{ // go through every certificate of each page returned
// the number of results returned for in a page is not guaranteed
// it can be anywhere from 0 to 25
std::cout << "Found " << certificateVersions.Items.size()
<< " certificate versions for certificate " << certificateName1;
}
}
// delete the certificates, and get deleted
{
// delete the certificates
auto response1 = certificateClient.StartDeleteCertificate(certificateName1);
auto response2 = certificateClient.StartDeleteCertificate(certificateName2);
response1.PollUntilDone(defaultWait);
response2.PollUntilDone(defaultWait);
// get properties of deleted certificates
for (auto deletedCertificates = certificateClient.GetDeletedCertificates();
deletedCertificates.HasPage();
deletedCertificates.MoveToNextPage())
{ // go through every certificate of each page returned
// the number of results returned for in a page is not guaranteed
// it can be anywhere from 0 to 25
std::cout << "Found " << deletedCertificates.Items.size() << " deleted certificates.";
}
}
// purge the certificates
{
certificateClient.PurgeDeletedCertificate(certificateName1);
certificateClient.PurgeDeletedCertificate(certificateName2);
}
}
catch (Azure::Core::Credentials::AuthenticationException const& e)
{
std::cout << "Authentication Exception happened:" << std::endl << e.what() << std::endl;
return 1;
}
catch (Azure::Core::RequestFailedException const& e)
{
std::cout << "Key Vault Certificate Client Exception happened:" << std::endl
<< e.Message << std::endl;
return 1;
}
return 0;
}
KeyVaultCertificateWithPolicy CreateCertificate(
std::string const& certificateName,
CertificateClient const& certificateClient)
{
CertificateCreateParameters params;
std::chrono::milliseconds defaultWait(10s);
// setup certificate create properties/policy
{
// create a lifetime action
LifetimeAction action;
action.LifetimePercentage = 80;
action.Action = CertificatePolicyAction::AutoRenew;
// setup properties
params.Properties.Enabled = true;
// setup policy
params.Policy.Subject = "CN=sample1";
params.Policy.ValidityInMonths = 12;
params.Policy.Enabled = true;
params.Policy.ContentType = CertificateContentType::Pkcs12;
params.Policy.IssuerName = "Self";
// add a lifetime action
params.Policy.LifetimeActions.emplace_back(action);
}
// create a certificate
{
params.Properties.Name = certificateName;
// start the create process
auto response = certificateClient.StartCreateCertificate(certificateName, params);
auto result = response.PollUntilDone(defaultWait);
// check that the operation completed
while (!response.IsCompleted())
{
response.UpdateProperties();
std::this_thread::sleep_for(defaultWait);
}
// get the certificate
auto certificate = certificateClient.GetCertificate(certificateName).Value;
std::cout << "Created certificate with policy. Certificate name : " << certificate.Name();
return certificate;
}
}

15
sdk/keyvault/azure-security-keyvault-certificates/samples/certificate-ImportCertificate/CMakeLists.txt Normal file
View File

@ -0,0 +1,15 @@
# Copyright (c) Microsoft Corporation. All rights reserved.
# SPDX-License-Identifier: MIT
cmake_minimum_required (VERSION 3.13)
project (certificate-ImportCertificate LANGUAGES CXX)
set(CMAKE_CXX_STANDARD 14)
set(CMAKE_CXX_STANDARD_REQUIRED True)
add_executable (
certificate-ImportCertificate
certificate-ImportCertificate.cpp
)
target_link_libraries(certificate-ImportCertificate PRIVATE azure-security-keyvault-certificates azure-identity )

92
sdk/keyvault/azure-security-keyvault-certificates/samples/certificate-ImportCertificate/README.md Normal file
View File

@ -0,0 +1,92 @@
# Importing certificates
This sample demonstrates how to import a certificate in Azure Key Vault.
To get started, you'll need a URI to an Azure Key Vault.
### Creating a CertificateClient
To create a new `CertificateClient` to create, get, update, or delete certificates, you need the endpoint to an Azure Key Vault and credentials.
Key Vault Certificate client for C++ currently supports the `ClientSecretCredential` for authenticating.
In the sample below, you can create a credential by setting the Tenant ID, Client ID and Client Secret as environment variables.
```cpp Snippet:CertificateSample3CreateCredential
auto tenantId = std::getenv("AZURE_TENANT_ID");
auto clientId = std::getenv("AZURE_CLIENT_ID");
auto clientSecret = std::getenv("AZURE_CLIENT_SECRET");
auto credential = std::make_shared<Azure::Identity::ClientSecretCredential>(tenantId, clientId, clientSecret);
```
Then, in the sample below, you can set `keyVaultUrl` based on an environment variable, configuration setting, or any way that works for your application.
```cpp Snippet:CertificateSample3Client
CertificateClient certificateClient(std::getenv("AZURE_KEYVAULT_URL"), credential);
```
## Importing a PEM certificate
You will need the certificate content in PEM format to perform this operation. One sample is provided in certificate-ImportCertificate.hpp as the pemCertificate string.
Once the import parameters are setup we can call Import certificate and get back the newly imported certificate.
```cpp Snippet:CertificateSample3ImportPEM
// prepare the parameters
ImportCertificateOptions params;
params.Value = pemCertificate;
params.Policy.Enabled = true;
params.Policy.KeyType = CertificateKeyType::Rsa;
params.Policy.KeySize = 2048;
params.Policy.ContentType = CertificateContentType::Pem;
params.Policy.Exportable = true;
// call import API
auto imported = certificateClient.ImportCertificate(pemName, params).Value;
// get some value from the certificate
std::cout << "Imported pem certificate with name " << imported.Name();
```
## Importing a PKCS certificate
You will need the certificate content in PKCS format to perform this operation. One sample is provided in certificate-ImportCertificate.hpp as the pkcsBase64 string.
Once the import parameters are setup we can call Import certificate and get back the newly imported certificate
```cpp Snippet:CertificateSample3ImportPKCS
// prepare the parameters
ImportCertificateOptions params;
params.Value = pkcsBase64;
params.Policy.Enabled = true;
params.Policy.KeyType = CertificateKeyType::Rsa;
params.Policy.KeySize = 2048;
params.Policy.ContentType = CertificateContentType::Pkcs12;
params.Policy.Exportable = true;
// call the import API
auto imported = certificateClient.ImportCertificate(pkcsName, params).Value;
// read something from the certificate
std::cout << "Imported pkcs certificate with name " << imported.Name();
```
## Deleting the certificates
Call StartDeleteCertificate to delete a certificate. This is a long running operation.
```cpp Snippet:CertificateSample1Delete
// delete the certificates
auto response1 = certificateClient.StartDeleteCertificate(pemName);
auto response2 = certificateClient.StartDeleteCertificate(pkcsName);
```
## Purging the deleted certificates
If the Azure Key Vault is soft delete-enabled and you want to permanently delete the certificate before its `ScheduledPurgeDate`, the certificate needs to be purged.
```cpp Snippet:CertificateSample3PurgeCertificate
response1.PollUntilDone(defaultWait);
response2.PollUntilDone(defaultWait);
// purge the certificates
certificateClient.PurgeDeletedCertificate(pkcsName);
certificateClient.PurgeDeletedCertificate(pemName);
```

222
sdk/keyvault/azure-security-keyvault-certificates/samples/certificate-ImportCertificate/certificate-ImportCertificate.cpp Normal file
View File

@ -0,0 +1,222 @@
// Copyright (c) Microsoft Corporation. All rights reserved.
// SPDX-License-Identifier: MIT
/**
* @brief This sample provides the code implementation to use the Key Vault Certificates SDK client
* for C++ to import a certificate.
*
* @remark The following environment variables must be set before running the sample.
* - AZURE_KEYVAULT_URL: To the Key Vault account URL.
* - AZURE_TENANT_ID: Tenant ID for the Azure account.
* - AZURE_CLIENT_ID: The Client ID to authenticate the request.
* - AZURE_CLIENT_SECRET: The client secret.
*
*/
#if defined(_MSC_VER)
#define _CRT_SECURE_NO_WARNINGS
#endif
#include <azure/core.hpp>
#include <azure/identity.hpp>
#include <azure/keyvault/keyvault_certificates.hpp>
#include <chrono>
#include <iostream>
using namespace Azure::Security::KeyVault::Certificates;
using namespace std::chrono_literals;
std::string GetPemCertificate();
std::string GetPkcsCertificate();
int main()
{
auto tenantId = std::getenv("AZURE_TENANT_ID");
auto clientId = std::getenv("AZURE_CLIENT_ID");
auto clientSecret = std::getenv("AZURE_CLIENT_SECRET");
auto credential
= std::make_shared<Azure::Identity::ClientSecretCredential>(tenantId, clientId, clientSecret);
std::chrono::milliseconds defaultWait(10s);
// create client
CertificateClient certificateClient(std::getenv("AZURE_KEYVAULT_URL"), credential);
try
{
// certificate names
std::string const pemName = "Pem1";
std::string const pkcsName = "Pkcs1";
// import pem certificate
{
// prepare the parameters
ImportCertificateOptions params;
params.Value = GetPemCertificate();
params.Policy.Enabled = true;
params.Policy.KeyType = CertificateKeyType::Rsa;
params.Policy.KeySize = 2048;
params.Policy.ContentType = CertificateContentType::Pem;
params.Policy.Exportable = true;
// call import API
auto imported = certificateClient.ImportCertificate(pemName, params).Value;
// get some value from the certificate
std::cout << "Imported pem certificate with name " << imported.Name();
}
// import pkcs certificate
{
// prepare the parameters
ImportCertificateOptions params;
params.Value = GetPkcsCertificate();
params.Policy.Enabled = true;
params.Policy.KeyType = CertificateKeyType::Rsa;
params.Policy.KeySize = 2048;
params.Policy.ContentType = CertificateContentType::Pkcs12;
params.Policy.Exportable = true;
// call the import API
auto imported = certificateClient.ImportCertificate(pkcsName, params).Value;
// read something from the certificate
std::cout << "Imported pkcs certificate with name " << imported.Name();
}
// delete the certificates, and get deleted
{
// delete the certificates
auto response1 = certificateClient.StartDeleteCertificate(pemName);
auto response2 = certificateClient.StartDeleteCertificate(pkcsName);
response1.PollUntilDone(defaultWait);
response2.PollUntilDone(defaultWait);
// purge the certificates
certificateClient.PurgeDeletedCertificate(pkcsName);
certificateClient.PurgeDeletedCertificate(pemName);
}
}
catch (Azure::Core::Credentials::AuthenticationException const& e)
{
std::cout << "Authentication Exception happened:" << std::endl << e.what() << std::endl;
return 1;
}
catch (Azure::Core::RequestFailedException const& e)
{
std::cout << "Key Vault Certificate Client Exception happened:" << std::endl
<< e.Message << std::endl;
return 1;
}
return 0;
}
/* cSpell:disable */
std::string GetPemCertificate()
{
static std::string pemCertificate
= "-----BEGIN CERTIFICATE-----\n"
"MIIDqzCCApMCFC+MROpib4t03Wqzgkcod1lad6JtMA0GCSqGSIb3DQEBCwUAMIGR\n"
"MQswCQYDVQQGEwJVUzELMAkGA1UECAwCV0ExEDAOBgNVBAcMB1JlZG1vbmQxEjAQ\n"
"BgNVBAoMCU1pY3Jvc29mdDESMBAGA1UECwwJQXp1cmUgU0RLMRIwEAYDVQQDDAlB\n"
"enVyZSBTREsxJzAlBgkqhkiG9w0BCQEWGG9wZW5zb3VyY2VAbWljcm9zb2Z0LmNv\n"
"bTAeFw0yMDAyMTQyMzE3MTZaFw0yNTAyMTIyMzE3MTZaMIGRMQswCQYDVQQGEwJV\n"
"UzELMAkGA1UECAwCV0ExEDAOBgNVBAcMB1JlZG1vbmQxEjAQBgNVBAoMCU1pY3Jv\n"
"c29mdDESMBAGA1UECwwJQXp1cmUgU0RLMRIwEAYDVQQDDAlBenVyZSBTREsxJzAl\n"
"BgkqhkiG9w0BCQEWGG9wZW5zb3VyY2VAbWljcm9zb2Z0LmNvbTCCASIwDQYJKoZI\n"
"hvcNAQEBBQADggEPADCCAQoCggEBANwCTuK0OnFc8UytzzCIB5pUWqWCMZA8kWO1\n"
"Es84wOVupPTZHNDWKI57prj0CB5JP2yU8BkIFjhkV/9wc2KLjKwu7xaJTwBZF/i0\n"
"t8dPBbgiEUmK6xdbJsLXoef/XZ5AmvCKb0mimEMvL8KgeF5OHuZJuYO0zCiRNVtp\n"
"ZYSx2R73qhgy5klDHh346qQd5T+KbsdK3DArilT86QO1GrpBWl1GPvHJ3VZ1OO33\n"
"iFWfyEVgwdAtMAkWXH8Eh1/MpPE8WQk5X5pdVEu+RJLLrVbgr+cnlVzfirSVLRar\n"
"KZROAB3e2x8JdSqylnar/WWK11NERdiKaZr3WxAkceuVkTsKmRkCAwEAATANBgkq\n"
"hkiG9w0BAQsFAAOCAQEAYLfk2dBcW1mJbkVYx80ogDUy/xX3d+uuop2gZwUXuzWY\n"
"I4uXzSEsY37/+NKzOX6PtET3X6xENDW7AuJhTuWmTGZtPB1AjiVKLIgRwugV3Ovr\n"
"1DoPBIvS7iCHGGcsr7tAgYxiVATlIcczCxQG1KPhrrLSUDxkbiyUHpyroExHGBeC\n"
"UflT2BIO+TZ+44aYfO7vuwpu0ajfB6Rs0s/DM+uUTWCfsVvyPenObHz5HF2vxf75\n"
"y8pr3fYKuUvpJ45T0ZjiXyRpkBTDudU3vuYuyAP3PwO6F/ic7Rm9D1uzEI38Va+o\n"
"6CUh4NJnpIZIBs7T+rPwhKrUuM7BEO0CL7VTh37UzA==\n"
"-----END CERTIFICATE-----\n"
"-----BEGIN PRIVATE KEY-----\n"
"MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDcAk7itDpxXPFM\n"
"rc8wiAeaVFqlgjGQPJFjtRLPOMDlbqT02RzQ1iiOe6a49AgeST9slPAZCBY4ZFf/\n"
"cHNii4ysLu8WiU8AWRf4tLfHTwW4IhFJiusXWybC16Hn/12eQJrwim9JophDLy/C\n"
"oHheTh7mSbmDtMwokTVbaWWEsdke96oYMuZJQx4d+OqkHeU/im7HStwwK4pU/OkD\n"
"tRq6QVpdRj7xyd1WdTjt94hVn8hFYMHQLTAJFlx/BIdfzKTxPFkJOV+aXVRLvkSS\n"
"y61W4K/nJ5Vc34q0lS0WqymUTgAd3tsfCXUqspZ2q/1litdTREXYimma91sQJHHr\n"
"lZE7CpkZAgMBAAECggEAMRfSwoO1BtbWgWXHdezkxWtNTuFebfEWAEnHiLYBVTD7\n"
"XieUZoVjR2gQK/VIWnm9zVzutqc3Th4WBMny9WpuWX2fnEfHeSxoTPcGi1L207/G\n"
"W8LD8tJEM/YqCrrRCR8hc8twSd4eW9+LqMJmGaUVAA4zd1BAvkyou10pahLFgEMZ\n"
"nlYxOzz0KrniNIdQxhwfaXZYUzX5ooJYtgY74vnSOHQhepRt5HY9B7iZ6jm/3ulA\n"
"aJnfNbQ8YDYTS0R+OGv8RXU/jLCm5+TPwx0XFwZ6vRtWwWUUxhLV77Re9GP1xIx9\n"
"VnYm9W3RyOm/KD9keQMTWKT0bLGB8fC6kj2mvbjgAQKBgQDzh5sy7q9RA+GqprC8\n"
"8aUmkaTMXNahPPPJoLOflJ/+QlOt6YZUIn55vmicVsvFzr9hbxdTW7aQS91iAu05\n"
"swEyltsR0my7FXsHZnN4SBct2FimAzMLTWQr10vLLRoSR5CNpUdoXGWFOAa3LKrZ\n"
"aPJEM1hA3h2XDfZ7Gtxjg4ypIQKBgQDnRl9pGwd83MkoxT4CiZvNbvdBg4lXlHcA\n"
"JoZ9OfoOey+7WRsOFsMvQapXf+JlvixP0ldECXZyxifswvfmiR2oqYTeRbITderg\n"
"mwjDjN571Ui0ls5HwCBE+/iZoNmQI5INAPqsQMXwW0rx4YNXHblsJ0qT+3yFNWOF\n"
"m6STMH8Y+QKBgFai8JivB1nICrleMdQWF43gFIPLp2OXPpeFf0GPa1fWGtTtFifK\n"
"WbpP/gFYc4f8pGMyVVcHcqxlAO5EYka7ovpvZqIxfRMVcj5QuVWaN/zMUcVFsBwe\n"
"PTvHjSRL+FF2ejuaCAxdipRZOTJjRqivyDhxF72EB3zcr8pd5PfWLe1hAoGASJRO\n"
"JvcDj4zeWDwmLLewvHTBhb7Y4DJIcjSk6jHCpr7ECQB6vB4qnO73nUQV8aYP0/EH\n"
"z+NEV9qV9vhswd1wAFlKyFKJAxBzaI9e3becrrINghb9n4jM17lXmCbhgBmZoRkY\n"
"kew18itERspl5HYAlc9y2SQIPOm3VNu2dza1/EkCgYEAlTMyL6arbtJJsygzVn8l\n"
"gKHuURwp1cxf6hUuXKJ56xI/I1OZjMidZM0bYSznmK9SGNxlfNbIV8vNhQfiwR6t\n"
"HyGypSRP+h9MS9E66boXyINaOClZqiCn0pI9aiIpl3D6EbT6e7+zKljT0XmZJduK\n"
"BkRGMfUngiT8oVyaMtZWYPM=\n"
"-----END PRIVATE KEY-----\n";
return pemCertificate;
};
std::string GetPkcsCertificate()
{
static std::string pkcsCertificate
= "MIIJ6QIBAzCCCa8GCSqGSIb3DQEHAaCCCaAEggmcMIIJmDCCBE8GCSqGSIb3DQEH"
"BqCCBEAwggQ8AgEAMIIENQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQInrFy"
"DDX+drkCAggAgIIECDizLZeRFCOm1yTGv/gIOK/4X4QMZ8zFt5shTfwVgMNTDFHh"
"pKz+lLBGMuu7eGzRG9RMB/OBp/83ZD4CppSwcLcDeh46OOXKpLzVmuVX6mYNd4oZ"
"Jq97Yl5V82jObDdirkFDXdl13duYgjgfVnBqZgSAGWc3Dv1j/xn4hq56bpn4z1Lh"
"P7Q6DhfQREWdRbSn5ce+cGzkm2k6m0H8gQs6biSB3R+TN5aXqsr/6lwHEcYkmZp8"
"MAGX42dM3nHvAVUuMtD08cbX5u0m5O8z5wV5K7E60s4SuWW5eCNKPJrEMV2DLtdo"
"afqTPdPqgs2SbZTEhy8ui8WiBQ71HyxOzGSuBDoBI/DyAd7EkAQ0tZ1DHnqIo//h"
"MISo7Yy2D7QOjiqrHdxuHyLL1J7pA944+egEXLplGHFNgVX5CLsY/LzuJPFNnJFk"
"rrGakRc5p25wp4mXrBom5N+O6GYVFz7PD2t0HCrfpFyxJsestE4SPjokqqcd/HGU"
"bR/jJCpvRdTHd882lnHBWroiSRM1ZxvNuit8dAAbm0LzollQJ2hyNhuygV3nnhM1"
"mmQTFpFzGrBwoH/FIDQesmzhJ/pY7cjQ2D1yP5/uvPwMhfaaU6T18YzsKzCKzyut"
"HpjFZqBedbc+dsE+x+DVEN1ojzuxsZPnyAZF1ysIt/2GswgcJXeGTt6WtRyEWum/"
"wVbNegIU+HCNr4P1L7F7QHg5gVNkCXhJ26OXKaw/t+VOG6etXL96FLElfonKle/6"
"9qn2xEnen+AhtCKLfcTzQn/Qo1VryVAn4bMJL3C+dzCcM03TvFkT0YXGb9zyCcIm"
"TTQ3OqooLNexnQn9W7zjCZHQ6YdoD99/phsGUmb15HJ2Bmjahat59SqePQXiGdsk"
"qeVokLmh1L64gparSJkFUh+qGPSf1m7h9yc9cmJvNM+YjsODMpPj9OpujnfdoAqz"
"u4LYogaPZUn5KrmPj+PjkdQEBUyhkHO9o3b1/r3O9YFaQWf/kiQm6XsoRh3qBYxE"
"UtH1Wf2iQ5v/Nt7Wx6gRlLZm3CCvFPl7khewcO2b1+3ZqxonNJZo9grBVNZ20vK3"
"ILXavV+ABUNCBkX9wXE4ti0qsQ0U7aKnt+G0mmxGQsOuadwn+7F6MRie1JIBaKSk"
"PkKAzYzfwkHgMIGAkAbdw7qb7RM7XKGweap1gHkHIFHeFKLySyWt+G4R8d85+rzv"
"uaiFGA16u9RGe05a5kt8HwcbbzSRcn6b1K1MuH15rOKh6SvnQQ0yZ44EuRSd84vc"
"MauUTgy0O5Oiiw/ghYqTlZqkOkhctV6MYYFj9EXNZKXGvabdmnMYblUOVbY/eUYZ"
"jUcSV8WnjPnJIBJGaWQJYRonE9TDQPH8vXCjRH+ru0Au8FtVQTCCBUEGCSqGSIb3"
"DQEHAaCCBTIEggUuMIIFKjCCBSYGCyqGSIb3DQEMCgECoIIE7jCCBOowHAYKKoZI"
"hvcNAQwBAzAOBAgDqOgfpHm8awICCAAEggTIENB9bGkEkYaFta5ON6TfDhx56Nha"
"KYDApwiGYYPbsJWAxkcGnpF31015stlArwYMfocaXUWnWrI+dqDsvWzUX4Vmhqgv"
"XeHpCG6JCoXhVt6jzhmmzMGwABjw8Bo2rHJN2LFTQ4A4On/3t5W0wXxohC+iyYJK"
"YBk+OTWWM2ctyCMTklyJxHSTDPjUomhGJ3f5DwdnogZiggwXD8IMsSDZXqzNrr4y"
"B7gQiniYBDe7imPWkuipsTzeN196wpr9krcgjTxQ8h1R2Dsh4gmMHVYQPZErrZCz"
"Xxv/gf7sJL4ARPBo5LOEv2oyPc8EYdFXotuxzqdjSQ96i5ZMf627r4HMCZqofvjH"
"tO3SItBxk9In75ljBlDeXH2TvWvGkhEGc/AUfYH/D2flP1u4DQSXAqwv/uPRD5/I"
"472l6MNZaUNWMzWLzfs8bb+pvKdXDRRpucLfK3JMSKgSNKVMmcPHkfmHKgzFsEWY"
"M+PcxtkaFUdR1WSW2ib5Qmbzr2BJDyZ5CAAYE/B37/FnaiOy6r/nuBBm7M+4OQd2"
"vII9KfkRvUHQ1xwZKc4jTE+iU2Jvheqlx4h/7mn64lq1WHHfeu9/jF/GN+B8IQiL"
"hnSVra73lCe6cgp6jWN0lFSHJxBkryB9Y9BrGBIk3/MPsS650Y5ouFbv1LTkCwk5"
"Lkw97ksAksUe0qXX5wc+iKWqwTal/DZ0yoj6iBKGu/jsx8l/V0XLNUG3O9Xm0G3n"
"Ca2iASIra+nAAUHCZSm8+2UJcXEC04swbG55Z5H78nH24FRhcbYLKfZNS8/7yGAX"
"+ZgutnKsgArk/pPoKJSYQ2ZBR1dSi20n5bO3alZd95ImL40Ul+c8IWVQiQuegkuk"
"qdnAK/xG+chi/BP1+cmoehCPy1xtc+B3wbR8GF3qdpZKsIXaujCa3/CMdFQ0oSNH"
"2DMbYUGFHSvxpfXCLkwilzrL5QotBm66L6JXeuC0ryB9uTxUwUUWT66Iwj0a9ywZ"
"e/Z+5IL8n2FvPyGQeXPgYtrZHunZDDHP8kNs39+zrBi/xB8DyYUI/XNlbKyLszkv"
"kX6oIvD3t+qbsmT4TasEGdKD7F1uA1QDSUgT3q7IYWJNDCp8WgIoi/Ywt1Z48yYA"
"s6mHYKwd6uMAm9tKB+4hm5Bo4vKxYKqXP3kTsthy1uGii+4e45rNDW2hdqk7Fb11"
"WbYfQn5JZO95HiC8qvcxbNTIabFBQIsfcVTvcIhGvphbR3xI3GAD45CxSqYAm18L"
"SHIxuE1mpz0Y/kG45ie4ImpJLC90vtFEpDM8Esg6ASBXEUVERMH8d20pqPA0YvAF"
"Py1tuZy2QF+uUYt9Tg4FmbMRsWtZwgtKWd6AeZH4lIO+47dcYw/qGut5LidXY5bC"
"rQuZ/vdncZwCgRBtzye95WJj1NSJVo61AbOHerSQEzqfjy2VqvDLACQJn8Zz8DmY"
"lqS56PVXQHmnsOwOA37c+vQT55HyEBBXyKOLU2zsGHUiZ3rKl/8e0mmjvdpUFNOo"
"jpzdtv9qGuifnqtjp/1BlJOYTtzgAbq7YIoNw74oWS2j9qf4N+MdxIQIWp5EUmKc"
"PLn+J1KhHwtkO3hqPBKPV5lA0xL1s/OCUCP1oPnhz+VKCm2tj9lRhzmLbRdntbLv"
"D8ZsMSUwIwYJKoZIhvcNAQkVMRYEFBbpBK9fRSneUhgx9SL/t04nnPfiMDEwITAJ"
"BgUrDgMCGgUABBQ3xckfQUCgNMIXxUvrEUKgdeV8lQQIAPCuS/4UMrICAggA";
return pkcsCertificate;
};
/* cSpell:enable */

15
sdk/keyvault/azure-security-keyvault-certificates/samples/certificate-basic-operations/CMakeLists.txt Normal file
View File

@ -0,0 +1,15 @@
# Copyright (c) Microsoft Corporation. All rights reserved.
# SPDX-License-Identifier: MIT
cmake_minimum_required (VERSION 3.13)
project (certificate-basic-operations LANGUAGES CXX)
set(CMAKE_CXX_STANDARD 14)
set(CMAKE_CXX_STANDARD_REQUIRED True)
add_executable (
certificate-basic-operations
certificate-basic-operations.cpp
)
target_link_libraries(certificate-basic-operations PRIVATE azure-security-keyvault-certificates azure-identity )

97
sdk/keyvault/azure-security-keyvault-certificates/samples/certificate-basic-operations/README.md Normal file
View File

@ -0,0 +1,97 @@
# Creating, getting, updating, and deleting certificates
This sample demonstrates how to :
* create a certificate
* get a certificate
* update a certificate
* delete a certificate
* purge a certificate
in Azure Key Vault.
To get started, you'll need a URI to an Azure Key Vault.
## Creating a CertificateClient
To create a new `CertificateClient` to create, get, update, or delete certificates, you need the endpoint to an Azure Key Vault and credentials.
Key Vault Certificate client for C++ currently supports the `ClientSecretCredential` for authenticating.
In the sample below, you can create a credential by setting the Tenant ID, Client ID and Client Secret as environment variables.
```cpp Snippet:CertificateSample1CreateCredential
auto tenantId = std::getenv("AZURE_TENANT_ID");
auto clientId = std::getenv("AZURE_CLIENT_ID");
auto clientSecret = std::getenv("AZURE_CLIENT_SECRET");
auto credential = std::make_shared<Azure::Identity::ClientSecretCredential>(tenantId, clientId, clientSecret);
```
Then, in the sample below, you can set `keyVaultUrl` based on an environment variable, configuration setting, or any way that works for your application.
```cpp Snippet:CertificateSample1Client
CertificateClient certificateClient(std::getenv("AZURE_KEYVAULT_URL"), credential);
```
## Creating a Certificate
Call StartCreateCertificate to create a new certificate, with specified properties and policy.
```cpp Snippet:CertificateSample1Create
std::string certificateName = "Sample1";
CertificateCreateParameters params;
...
// start the create process
auto response = certificateClient.StartCreateCertificate(certificateName, params);
auto result = response.PollUntilDone(defaultWait);
// check that the operation completed
while (!response.IsCompleted())
{
response.UpdateProperties();
std::this_thread::sleep_for(defaultWait);
}
```
## Getting a Certificate
Call GetCertificate to retrieve a certificate from Key Vault.
```cpp Snippet:CertificateSample1Get
// get the certificate
certificate = certificateClient.GetCertificate(certificateName).Value;
std::cout << "Created certificate with policy. Certificate name : " << certificate.Name();
```
## Updating certificate properties
Call UpdateCertificateProperties to change one of the certificate properties.
```cpp Snippet:CertificateSample1UpdateCertificateProperties
CertificateUpdateOptions updateOptions;
updateOptions.Properties = certificate.Properties;
updateOptions.Properties.Enabled = false;
auto updatedCertificate = certificateClient.UpdateCertificateProperties(updateOptions).Value;
std::cout << "After update certificate is enabled : "
<< (updatedCertificate.Properties.Enabled.Value() ? "true" : "false");
```
## Deleting a Certificate
Call StartDeleteCertificate to delete a certificate. This is a long running operation.
```cpp Snippet:CertificateSample1Delete
auto response = certificateClient.StartDeleteCertificate(certificateName);
```
## Purging a deleted certificate
If the Azure Key Vault is soft delete-enabled and you want to permanently delete the certificate before its `ScheduledPurgeDate`, the certificate needs to be purged.
```cpp Snippet:CertificateSample1Purge
auto result = response.PollUntilDone(defaultWait);
certificateClient.PurgeDeletedCertificate(certificateName);
```

115
sdk/keyvault/azure-security-keyvault-certificates/samples/certificate-basic-operations/certificate-basic-operations.cpp Normal file
View File

@ -0,0 +1,115 @@
// Copyright (c) Microsoft Corporation. All rights reserved.
// SPDX-License-Identifier: MIT
/**
* @brief This sample provides the code implementation to use the Key Vault Certificates SDK client
* for C++ to create, get, update, delete and purge a certificate.
*
* @remark The following environment variables must be set before running the sample.
* - AZURE_KEYVAULT_URL: To the Key Vault account URL.
* - AZURE_TENANT_ID: Tenant ID for the Azure account.
* - AZURE_CLIENT_ID: The Client ID to authenticate the request.
* - AZURE_CLIENT_SECRET: The client secret.
*
*/
#if defined(_MSC_VER)
#define _CRT_SECURE_NO_WARNINGS
#endif
#include <azure/identity.hpp>
#include <azure/keyvault/keyvault_certificates.hpp>
#include <chrono>
#include <iostream>
using namespace Azure::Security::KeyVault::Certificates;
using namespace std::chrono_literals;
int main()
{
auto tenantId = std::getenv("AZURE_TENANT_ID");
auto clientId = std::getenv("AZURE_CLIENT_ID");
auto clientSecret = std::getenv("AZURE_CLIENT_SECRET");
auto credential
= std::make_shared<Azure::Identity::ClientSecretCredential>(tenantId, clientId, clientSecret);
std::chrono::milliseconds defaultWait(10s);
// create client
CertificateClient certificateClient(std::getenv("AZURE_KEYVAULT_URL"), credential);
try
{
std::string certificateName = "Sample1";
KeyVaultCertificateWithPolicy certificate;
CertificateCreateParameters params;
// setup certificate create properties/policy
{
// create a lifetime action
LifetimeAction action;
action.LifetimePercentage = 80;
action.Action = CertificatePolicyAction::AutoRenew;
// etu properties
params.Properties.Enabled = true;
params.Properties.Name = certificateName;
// setup policy
params.Policy.Subject = "CN=sample1";
params.Policy.ValidityInMonths = 12;
params.Policy.Enabled = true;
params.Policy.ContentType = CertificateContentType::Pkcs12;
params.Policy.IssuerName = "Self";
// add a lifetime action
params.Policy.LifetimeActions.emplace_back(action);
}
// create a certificate
{
// start the create process
auto response = certificateClient.StartCreateCertificate(certificateName, params);
auto result = response.PollUntilDone(defaultWait);
// check that the operation completed
while (!response.IsCompleted())
{
response.UpdateProperties();
std::this_thread::sleep_for(defaultWait);
}
// get the certificate
certificate = certificateClient.GetCertificate(certificateName).Value;
std::cout << "Created certificate with policy. Certificate name : " << certificate.Name();
}
// update certificate
{
std::cout << "Certificate is enabled : "
<< (certificate.Properties.Enabled.Value() ? "true" : "false");
CertificateUpdateOptions updateOptions;
updateOptions.Properties = certificate.Properties;
updateOptions.Properties.Enabled = false;
auto updatedCertificate = certificateClient.UpdateCertificateProperties(updateOptions).Value;
std::cout << "After update certificate is enabled : "
<< (updatedCertificate.Properties.Enabled.Value() ? "true" : "false");
}
// delete the certificate
{
auto response = certificateClient.StartDeleteCertificate(certificateName);
auto result = response.PollUntilDone(defaultWait);
certificateClient.PurgeDeletedCertificate(certificateName);
}
}
catch (Azure::Core::Credentials::AuthenticationException const& e)
{
std::cout << "Authentication Exception happened:" << std::endl << e.what() << std::endl;
return 1;
}
catch (Azure::Core::RequestFailedException const& e)
{
std::cout << "Key Vault Certificate Client Exception happened:" << std::endl
<< e.Message << std::endl;
return 1;
}
return 0;
}

2
sdk/keyvault/azure-security-keyvault-certificates/vcpkg/vcpkg.json
View File

@ -15,7 +15,7 @@
{
"name": "azure-core-cpp",
"default-features": false,
"version>=": "1.1.0"
"version>=": "1.2.0"
},
{
"name": "vcpkg-cmake",