Adding missing documentation for key vault keys (#1700)
* Adding missing documentation for key vault keys
This commit is contained in:
Victor Vazquez
GitHub
parent
7e22da08b9
commit
f9eea4d22d
@ -32,13 +32,12 @@ set(
|
||||
inc/azure/keyvault/keys/deleted_key.hpp
|
||||
inc/azure/keyvault/keys/json_web_key.hpp
|
||||
inc/azure/keyvault/keys/key_client.hpp
|
||||
inc/azure/keyvault/keys/key_constants.hpp
|
||||
inc/azure/keyvault/keys/details/key_constants.hpp
|
||||
inc/azure/keyvault/keys/key_create_options.hpp
|
||||
inc/azure/keyvault/keys/key_client_options.hpp
|
||||
inc/azure/keyvault/keys/key_operation.hpp
|
||||
inc/azure/keyvault/keys/key_properties.hpp
|
||||
inc/azure/keyvault/keys/key_release_policy.hpp
|
||||
inc/azure/keyvault/keys/key_request_parameters.hpp
|
||||
inc/azure/keyvault/keys/details/key_request_parameters.hpp
|
||||
inc/azure/keyvault/keys/key_type.hpp
|
||||
inc/azure/keyvault/keys/key_vault_key.hpp
|
||||
inc/azure/keyvault/keys/version.hpp
|
||||
|
||||
@ -16,6 +16,5 @@
|
||||
#include "azure/keyvault/keys/key_client_options.hpp"
|
||||
#include "azure/keyvault/keys/key_operation.hpp"
|
||||
#include "azure/keyvault/keys/key_properties.hpp"
|
||||
#include "azure/keyvault/keys/key_release_policy.hpp"
|
||||
#include "azure/keyvault/keys/key_type.hpp"
|
||||
#include "azure/keyvault/keys/key_vault_key.hpp"
|
||||
|
||||
@ -2,6 +2,7 @@
|
||||
// SPDX-License-Identifier: MIT
|
||||
|
||||
/**
|
||||
* @file
|
||||
* @brief A long-running operation for deleting a Key.
|
||||
*
|
||||
*/
|
||||
@ -73,33 +74,7 @@ namespace Azure { namespace Security { namespace KeyVault { namespace Keys {
|
||||
DeleteKeyOperation(
|
||||
std::shared_ptr<Azure::Security::KeyVault::Common::Internal::KeyVaultPipeline>
|
||||
keyvaultPipeline,
|
||||
Azure::Core::Response<Azure::Security::KeyVault::Keys::DeletedKey> response)
|
||||
: m_pipeline(keyvaultPipeline)
|
||||
{
|
||||
if (!response.HasValue())
|
||||
{
|
||||
throw Azure::Security::KeyVault::Common::KeyVaultException(
|
||||
"The response does not contain a value.");
|
||||
}
|
||||
// The response becomes useless and the value and rawResponse are now owned by the
|
||||
// DeleteKeyOperation. This is fine because the DeleteKeyOperation is what the delete key api
|
||||
// will return.
|
||||
m_value = response.ExtractValue();
|
||||
m_rawResponse = response.ExtractRawResponse();
|
||||
|
||||
// Build the full url for continuation token. It is only used in case customers wants to use
|
||||
// it on their own. The Operation uses the KeyVaultPipeline from the client which knows how to
|
||||
// build this url.
|
||||
m_continuationToken = m_pipeline->GetVaultUrl() + "/" + std::string(Details::DeletedKeysPath)
|
||||
+ "/" + m_value.Name();
|
||||
|
||||
// The recoveryId is only returned if soft-delete is enabled.
|
||||
// The LRO is considered completed for non soft-delete (key will be eventually removed).
|
||||
if (m_value.RecoveryId.empty())
|
||||
{
|
||||
m_status = Azure::Core::OperationStatus::Succeeded;
|
||||
}
|
||||
}
|
||||
Azure::Core::Response<Azure::Security::KeyVault::Keys::DeletedKey> response);
|
||||
|
||||
public:
|
||||
/**
|
||||
|
||||
@ -2,6 +2,7 @@
|
||||
// SPDX-License-Identifier: MIT
|
||||
|
||||
/**
|
||||
* @file
|
||||
* @brief Represents a Key Vault key that has been deleted, allowing it to be recovered, if needed.
|
||||
*
|
||||
*/
|
||||
@ -10,7 +11,6 @@
|
||||
|
||||
#include <azure/core/datetime.hpp>
|
||||
|
||||
#include "azure/keyvault/keys/key_constants.hpp"
|
||||
#include "azure/keyvault/keys/key_vault_key.hpp"
|
||||
|
||||
namespace Azure { namespace Security { namespace KeyVault { namespace Keys {
|
||||
|
||||
@ -2,6 +2,7 @@
|
||||
// SPDX-License-Identifier: MIT
|
||||
|
||||
/**
|
||||
* @file
|
||||
* @brief Centralize the string constants used by Key Vault Keys Client.
|
||||
*
|
||||
*/
|
||||
@ -2,6 +2,7 @@
|
||||
// SPDX-License-Identifier: MIT
|
||||
|
||||
/**
|
||||
* @file
|
||||
* @brief Internal implementation for sending the HTTP request.
|
||||
*
|
||||
*/
|
||||
@ -23,11 +24,11 @@ namespace Azure { namespace Security { namespace KeyVault { namespace Keys { nam
|
||||
|
||||
class KeyRequestParameters : public Azure::Core::Internal::Json::JsonSerializable {
|
||||
private:
|
||||
KeyTypeEnum m_keyType;
|
||||
JsonWebKeyType m_keyType;
|
||||
CreateKeyOptions const& m_options;
|
||||
|
||||
public:
|
||||
explicit KeyRequestParameters(KeyTypeEnum keyType, CreateKeyOptions const& options)
|
||||
explicit KeyRequestParameters(JsonWebKeyType keyType, CreateKeyOptions const& options)
|
||||
: m_keyType(keyType), m_options(options)
|
||||
{
|
||||
}
|
||||
@ -2,13 +2,13 @@
|
||||
// SPDX-License-Identifier: MIT
|
||||
|
||||
/**
|
||||
* @file
|
||||
* @brief Defines the JsonWebKey.
|
||||
*
|
||||
*/
|
||||
|
||||
#pragma once
|
||||
|
||||
#include "azure/keyvault/keys/key_constants.hpp"
|
||||
#include "azure/keyvault/keys/key_operation.hpp"
|
||||
#include "azure/keyvault/keys/key_type.hpp"
|
||||
|
||||
@ -17,6 +17,10 @@
|
||||
|
||||
namespace Azure { namespace Security { namespace KeyVault { namespace Keys {
|
||||
|
||||
/**
|
||||
* @brief Represents a JSON Web Key as defined in http://tools.ietf.org/html/rfc7517.
|
||||
*
|
||||
*/
|
||||
struct JsonWebKey
|
||||
{
|
||||
/**
|
||||
@ -24,14 +28,34 @@ namespace Azure { namespace Security { namespace KeyVault { namespace Keys {
|
||||
*
|
||||
*/
|
||||
std::string Id;
|
||||
KeyTypeEnum KeyType;
|
||||
|
||||
JsonWebKey() {}
|
||||
/**
|
||||
* @brief They type of the key.
|
||||
*
|
||||
*/
|
||||
JsonWebKeyType KeyType;
|
||||
|
||||
/**
|
||||
* @brief Construct a new Json Web Key object.
|
||||
*
|
||||
*/
|
||||
JsonWebKey() = default;
|
||||
|
||||
/**
|
||||
* @brief Set the Key Operations object based on a list of operations.
|
||||
*
|
||||
* @param keyOperations The list of key operations.
|
||||
*/
|
||||
void SetKeyOperations(std::vector<KeyOperation> const& keyOperations)
|
||||
{
|
||||
m_keyOps = keyOperations;
|
||||
}
|
||||
|
||||
/**
|
||||
* @brief Get the list of operations from the JsonWebKey.
|
||||
*
|
||||
* @return std::vector<KeyOperation> const&
|
||||
*/
|
||||
std::vector<KeyOperation> const& KeyOperations() const { return m_keyOps; }
|
||||
|
||||
private:
|
||||
|
||||
@ -2,23 +2,18 @@
|
||||
// SPDX-License-Identifier: MIT
|
||||
|
||||
/**
|
||||
* @file
|
||||
* @brief Defines the Key Vault Keys client.
|
||||
*
|
||||
*/
|
||||
|
||||
#pragma once
|
||||
|
||||
#include <azure/core/credentials.hpp>
|
||||
#include <azure/core/http/http.hpp>
|
||||
#include <azure/core/response.hpp>
|
||||
|
||||
#include <azure/keyvault/common/internal/keyvault_pipeline.hpp>
|
||||
|
||||
#include "azure/keyvault/keys/delete_key_operation.hpp"
|
||||
#include "azure/keyvault/keys/key_client_options.hpp"
|
||||
#include "azure/keyvault/keys/key_constants.hpp"
|
||||
#include "azure/keyvault/keys/key_create_options.hpp"
|
||||
#include "azure/keyvault/keys/key_request_parameters.hpp"
|
||||
#include "azure/keyvault/keys/key_type.hpp"
|
||||
#include "azure/keyvault/keys/key_vault_key.hpp"
|
||||
|
||||
@ -81,16 +76,7 @@ namespace Azure { namespace Security { namespace KeyVault { namespace Keys {
|
||||
Azure::Core::Response<KeyVaultKey> GetKey(
|
||||
std::string const& name,
|
||||
GetKeyOptions const& options = GetKeyOptions(),
|
||||
Azure::Core::Context const& context = Azure::Core::Context()) const
|
||||
{
|
||||
return m_pipeline->SendRequest<KeyVaultKey>(
|
||||
context,
|
||||
Azure::Core::Http::HttpMethod::Get,
|
||||
[&name](Azure::Core::Http::RawResponse const& rawResponse) {
|
||||
return Details::KeyVaultKeyDeserialize(name, rawResponse);
|
||||
},
|
||||
{Details::KeysPath, name, options.Version});
|
||||
}
|
||||
Azure::Core::Context const& context = Azure::Core::Context()) const;
|
||||
|
||||
/**
|
||||
* @brief Creates and stores a new key in Key Vault. The create key operation can be used to
|
||||
@ -98,7 +84,8 @@ namespace Azure { namespace Security { namespace KeyVault { namespace Keys {
|
||||
* creates a new version of the key. It requires the keys/create permission.
|
||||
*
|
||||
* @param name The name of the key.
|
||||
* @param keyType The type of key to create. See #Azure::Security::KeyVault::Keys::KeyTypeEnum.
|
||||
* @param keyType The type of key to create. See
|
||||
* #Azure::Security::KeyVault::Keys::JsonWebKeyType.
|
||||
* @param options Optional parameters for this operation. See
|
||||
* #Azure::Security::KeyVault::Keys::CreateKeyOptions.
|
||||
* @param context The context for the operation can be used for request cancellation.
|
||||
@ -106,19 +93,9 @@ namespace Azure { namespace Security { namespace KeyVault { namespace Keys {
|
||||
*/
|
||||
Azure::Core::Response<KeyVaultKey> CreateKey(
|
||||
std::string const& name,
|
||||
KeyTypeEnum keyType,
|
||||
JsonWebKeyType keyType,
|
||||
CreateKeyOptions const& options = CreateKeyOptions(),
|
||||
Azure::Core::Context const& context = Azure::Core::Context()) const
|
||||
{
|
||||
return m_pipeline->SendRequest<KeyVaultKey>(
|
||||
context,
|
||||
Azure::Core::Http::HttpMethod::Post,
|
||||
Details::KeyRequestParameters(keyType, options),
|
||||
[&name](Azure::Core::Http::RawResponse const& rawResponse) {
|
||||
return Details::KeyVaultKeyDeserialize(name, rawResponse);
|
||||
},
|
||||
{Details::KeysPath, name, "create"});
|
||||
}
|
||||
Azure::Core::Context const& context = Azure::Core::Context()) const;
|
||||
|
||||
/**
|
||||
* @brief Deletes a key of any type from storage in Azure Key Vault.
|
||||
@ -137,17 +114,6 @@ namespace Azure { namespace Security { namespace KeyVault { namespace Keys {
|
||||
*/
|
||||
Azure::Security::KeyVault::Keys::DeleteKeyOperation StartDeleteKey(
|
||||
std::string const& name,
|
||||
Azure::Core::Context const& context = Azure::Core::Context()) const
|
||||
{
|
||||
return Azure::Security::KeyVault::Keys::DeleteKeyOperation(
|
||||
m_pipeline,
|
||||
m_pipeline->SendRequest<Azure::Security::KeyVault::Keys::DeletedKey>(
|
||||
context,
|
||||
Azure::Core::Http::HttpMethod::Delete,
|
||||
[&name](Azure::Core::Http::RawResponse const& rawResponse) {
|
||||
return Details::DeletedKeyDeserialize(name, rawResponse);
|
||||
},
|
||||
{Details::KeysPath, name}));
|
||||
}
|
||||
Azure::Core::Context const& context = Azure::Core::Context()) const;
|
||||
};
|
||||
}}}} // namespace Azure::Security::KeyVault::Keys
|
||||
|
||||
@ -2,6 +2,7 @@
|
||||
// SPDX-License-Identifier: MIT
|
||||
|
||||
/**
|
||||
* @file
|
||||
* @brief Defines the supported options to create a Key Vault Keys client.
|
||||
*
|
||||
*/
|
||||
@ -15,6 +16,10 @@
|
||||
|
||||
namespace Azure { namespace Security { namespace KeyVault { namespace Keys {
|
||||
|
||||
/**
|
||||
* @brief Available and supported service versions.
|
||||
*
|
||||
*/
|
||||
enum class ServiceVersion
|
||||
{
|
||||
V7_0,
|
||||
@ -22,13 +27,43 @@ namespace Azure { namespace Security { namespace KeyVault { namespace Keys {
|
||||
V7_2
|
||||
};
|
||||
|
||||
/**
|
||||
* @brief Define the options to create an SDK Keys client.
|
||||
*
|
||||
*/
|
||||
struct KeyClientOptions
|
||||
{
|
||||
/**
|
||||
* @brief The service version. All request are created with this version.
|
||||
*
|
||||
*/
|
||||
ServiceVersion Version;
|
||||
|
||||
/**
|
||||
* @brief Define the options to retry the Http requests.
|
||||
*
|
||||
*/
|
||||
Azure::Core::Http::RetryOptions RetryOptions;
|
||||
|
||||
/**
|
||||
* @brief Define the Http client options.
|
||||
*
|
||||
* @remark Use this options to set an specific Http client.
|
||||
*
|
||||
*/
|
||||
Azure::Core::Http::TransportPolicyOptions TransportPolicyOptions;
|
||||
|
||||
/**
|
||||
* @brief Define the information to be used for reporting telemetry data.
|
||||
*
|
||||
*/
|
||||
Azure::Core::Http::TelemetryPolicyOptions TelemetryPolicyOptions;
|
||||
|
||||
/**
|
||||
* @brief Construct a new Key Client Options object.
|
||||
*
|
||||
* @param version Optional version for the client.
|
||||
*/
|
||||
KeyClientOptions(ServiceVersion version = ServiceVersion::V7_2) : Version(version) {}
|
||||
|
||||
std::string GetVersionString()
|
||||
|
||||
@ -2,6 +2,7 @@
|
||||
// SPDX-License-Identifier: MIT
|
||||
|
||||
/**
|
||||
* @file
|
||||
* @brief Defines the supported options to create a Key Vault Key.
|
||||
*
|
||||
*/
|
||||
@ -20,16 +21,40 @@
|
||||
|
||||
namespace Azure { namespace Security { namespace KeyVault { namespace Keys {
|
||||
|
||||
/**
|
||||
* @brief Define the specific options for the #CreateKey operaion.
|
||||
*
|
||||
*/
|
||||
struct CreateKeyOptions
|
||||
{
|
||||
/**
|
||||
* @brief Define the supported operations for the key.
|
||||
*
|
||||
*/
|
||||
std::list<KeyOperation> KeyOperations;
|
||||
|
||||
/**
|
||||
* @brief Indicates when the key will be valid and can be used for cryptographic operations.
|
||||
*
|
||||
*/
|
||||
Azure::Core::Nullable<Azure::Core::DateTime> NotBefore;
|
||||
|
||||
/**
|
||||
* @brief Indicates when the key will expire and cannot be used for cryptographic operations.
|
||||
*
|
||||
*/
|
||||
Azure::Core::Nullable<Azure::Core::DateTime> ExpiresOn;
|
||||
|
||||
/**
|
||||
* @brief whether the key is enabled and useable for cryptographic operations.
|
||||
*
|
||||
*/
|
||||
Azure::Core::Nullable<bool> Enabled;
|
||||
|
||||
/**
|
||||
* @brief Specific metadata about the key.
|
||||
*
|
||||
*/
|
||||
std::unordered_map<std::string, std::string> Tags;
|
||||
};
|
||||
|
||||
|
||||
@ -2,6 +2,7 @@
|
||||
// SPDX-License-Identifier: MIT
|
||||
|
||||
/**
|
||||
* @file
|
||||
* @brief Defines the Key Vault KeyOperation.
|
||||
*
|
||||
*/
|
||||
@ -12,22 +13,84 @@
|
||||
|
||||
namespace Azure { namespace Security { namespace KeyVault { namespace Keys {
|
||||
|
||||
/**
|
||||
* @brief An operation that can be performed with the key.
|
||||
*
|
||||
*/
|
||||
class KeyOperation {
|
||||
private:
|
||||
std::string m_operation;
|
||||
|
||||
public:
|
||||
/**
|
||||
* @brief Construct a new Key Operation object.
|
||||
*
|
||||
* @param operation The operation for the key as string.
|
||||
*/
|
||||
KeyOperation(std::string const& operation) : m_operation(operation) {}
|
||||
|
||||
/**
|
||||
* @brief Returns the fully qualified type name of this instance.
|
||||
*
|
||||
* @return The operation represented as string.
|
||||
*/
|
||||
std::string const& ToString() const { return m_operation; }
|
||||
|
||||
/**
|
||||
* @brief The key can be used to encrypt with the #Encrypt(EncryptionAlgorithm, Byte[],
|
||||
* CancellationToken) method.
|
||||
*
|
||||
* @return Encrypt KeyOperation.
|
||||
*/
|
||||
static KeyOperation Encrypt() { return KeyOperation("encrypt"); }
|
||||
|
||||
/**
|
||||
* @brief The key can be used to decrypt with the #Decrypt(EncryptionAlgorithm, Byte[],
|
||||
* CancellationToken) method.
|
||||
*
|
||||
* @return Decrypt KeyOperation.
|
||||
*/
|
||||
static KeyOperation Decrypt() { return KeyOperation("decrypt"); }
|
||||
|
||||
/**
|
||||
* @brief The key can be used to sign with the Sign(SignatureAlgorithm, Byte[],
|
||||
* CancellationToken) method.
|
||||
*
|
||||
* @return Sign KeyOperation.
|
||||
*/
|
||||
static KeyOperation Sign() { return KeyOperation("sign"); }
|
||||
|
||||
/**
|
||||
* @brief The key can be used to verify with the Verify(SignatureAlgorithm, Byte[], Byte[],
|
||||
* CancellationToken) method.
|
||||
*
|
||||
* @return Verify KeyOperation.
|
||||
*/
|
||||
static KeyOperation Verify() { return KeyOperation("verify"); }
|
||||
|
||||
/**
|
||||
* @brief The key can be used to wrap another key with the WrapKey(KeyWrapAlgorithm, Byte[],
|
||||
* CancellationToken) method.
|
||||
*
|
||||
* @return WrapKey KeyOperation.
|
||||
*/
|
||||
static KeyOperation WrapKey() { return KeyOperation("wrapKey"); }
|
||||
|
||||
/**
|
||||
* @brief The key can be used to unwrap another key with the UnwrapKey(KeyWrapAlgorithm, Byte[],
|
||||
* CancellationToken) method.
|
||||
*
|
||||
* @return UnwrapKey KeyOperation.
|
||||
*/
|
||||
static KeyOperation UnwrapKey() { return KeyOperation("unwrapKey"); }
|
||||
|
||||
/**
|
||||
* @brief The key can be imported during creation using the ImportKey(ImportKeyOptions,
|
||||
* CancellationToken) method.
|
||||
*
|
||||
* @return Import KeyOperation.
|
||||
*/
|
||||
static KeyOperation Import() { return KeyOperation("import"); }
|
||||
static KeyOperation Export() { return KeyOperation("export"); }
|
||||
};
|
||||
|
||||
}}}} // namespace Azure::Security::KeyVault::Keys
|
||||
|
||||
@ -2,6 +2,7 @@
|
||||
// SPDX-License-Identifier: MIT
|
||||
|
||||
/**
|
||||
* @file
|
||||
* @brief Defines the Key Vault Key properties.
|
||||
*
|
||||
*/
|
||||
@ -11,32 +12,112 @@
|
||||
#include <azure/core/datetime.hpp>
|
||||
#include <azure/core/nullable.hpp>
|
||||
|
||||
#include "azure/keyvault/keys/key_release_policy.hpp"
|
||||
|
||||
#include <string>
|
||||
#include <unordered_map>
|
||||
|
||||
namespace Azure { namespace Security { namespace KeyVault { namespace Keys {
|
||||
|
||||
/**
|
||||
* @brief The resource containing all the properties of the KeyVaultKey except JsonWebKey
|
||||
* properties.
|
||||
*
|
||||
*/
|
||||
struct KeyProperties
|
||||
{
|
||||
/**
|
||||
* @brief The name of the key.
|
||||
*
|
||||
*/
|
||||
std::string Name;
|
||||
std::string Id;
|
||||
std::string VaultUrl;
|
||||
std::string Version;
|
||||
bool Managed;
|
||||
std::unordered_map<std::string, std::string> Tags;
|
||||
Azure::Core::Nullable<bool> Enabled;
|
||||
Azure::Core::Nullable<Azure::Core::DateTime> NotBefore;
|
||||
Azure::Core::Nullable<Azure::Core::DateTime> ExpiresOn;
|
||||
Azure::Core::Nullable<Azure::Core::DateTime> CreatedOn;
|
||||
Azure::Core::Nullable<Azure::Core::DateTime> UpdatedOn;
|
||||
Azure::Core::Nullable<int> RecoverableDays;
|
||||
std::string RecoveryLevel;
|
||||
Azure::Core::Nullable<bool> Exportable;
|
||||
KeyReleasePolicy ReleasePolicy;
|
||||
|
||||
KeyProperties() {}
|
||||
/**
|
||||
* @brief The key identifier.
|
||||
*
|
||||
*/
|
||||
std::string Id;
|
||||
|
||||
/**
|
||||
* @brief The Key Vault base Url.
|
||||
*
|
||||
*/
|
||||
std::string VaultUrl;
|
||||
|
||||
/**
|
||||
* @brief The version of the key.
|
||||
*
|
||||
*/
|
||||
std::string Version;
|
||||
|
||||
/**
|
||||
* @brief Indicate whether the key's lifetime is managed by Key Vault. If this key is backing a
|
||||
* Key Vault certificate, the value will be true.
|
||||
*
|
||||
*/
|
||||
bool Managed;
|
||||
|
||||
/**
|
||||
* @brief Dictionary of tags with specific metadata about the key.
|
||||
*
|
||||
*/
|
||||
std::unordered_map<std::string, std::string> Tags;
|
||||
|
||||
/**
|
||||
* @brief Indicate whether the key is enabled and useable for cryptographic operations.
|
||||
*
|
||||
*/
|
||||
Azure::Core::Nullable<bool> Enabled;
|
||||
|
||||
/**
|
||||
* @brief Indicate when the key will be valid and can be used for cryptographic operations.
|
||||
*
|
||||
*/
|
||||
Azure::Core::Nullable<Azure::Core::DateTime> NotBefore;
|
||||
|
||||
/**
|
||||
* @brief Indicate when the key will expire and cannot be used for cryptographic operations.
|
||||
*
|
||||
*/
|
||||
Azure::Core::Nullable<Azure::Core::DateTime> ExpiresOn;
|
||||
|
||||
/**
|
||||
* @brief Indicate when the key was created.
|
||||
*
|
||||
*/
|
||||
Azure::Core::Nullable<Azure::Core::DateTime> CreatedOn;
|
||||
|
||||
/**
|
||||
* @brief Indicate when the key was updated.
|
||||
*
|
||||
*/
|
||||
Azure::Core::Nullable<Azure::Core::DateTime> UpdatedOn;
|
||||
|
||||
/**
|
||||
* @brief The number of days a key is retained before being deleted for a soft delete-enabled
|
||||
* Key Vault.
|
||||
*
|
||||
*/
|
||||
Azure::Core::Nullable<int> RecoverableDays;
|
||||
|
||||
/**
|
||||
* @brief The recovery level currently in effect for keys in the Key Vault.
|
||||
*
|
||||
* @remark If Purgeable, the key can be permanently deleted by an authorized user; otherwise,
|
||||
* only the service can purge the keys at the end of the retention interval.
|
||||
*
|
||||
*/
|
||||
std::string RecoveryLevel;
|
||||
|
||||
/**
|
||||
* @brief Construct a new Key Properties object.
|
||||
*
|
||||
*/
|
||||
KeyProperties() = default;
|
||||
|
||||
/**
|
||||
* @brief Construct a new Key Properties object.
|
||||
*
|
||||
* @param name The name of the key.
|
||||
*/
|
||||
KeyProperties(std::string name) : Name(std::move(name)) {}
|
||||
};
|
||||
|
||||
|
||||
@ -1,31 +0,0 @@
|
||||
// Copyright (c) Microsoft Corporation. All rights reserved.
|
||||
// SPDX-License-Identifier: MIT
|
||||
|
||||
/**
|
||||
* @brief Defines the KeyReleasePolicy.
|
||||
*
|
||||
*/
|
||||
|
||||
#pragma once
|
||||
|
||||
#include <string>
|
||||
#include <vector>
|
||||
|
||||
namespace Azure { namespace Security { namespace KeyVault { namespace Keys {
|
||||
|
||||
namespace Details {
|
||||
constexpr static const char* ContentTypePropertyName = "contentType";
|
||||
constexpr static const char* DataPropertyName = "data";
|
||||
} // namespace Details
|
||||
|
||||
struct KeyReleasePolicy
|
||||
{
|
||||
std::string ContentType;
|
||||
std::vector<uint8_t> Data;
|
||||
|
||||
KeyReleasePolicy() {}
|
||||
|
||||
KeyReleasePolicy(std::vector<uint8_t> data) : Data(std::move(data)) {}
|
||||
};
|
||||
|
||||
}}}} // namespace Azure::Security::KeyVault::Keys
|
||||
@ -2,7 +2,8 @@
|
||||
// SPDX-License-Identifier: MIT
|
||||
|
||||
/**
|
||||
* @brief Defines the KeyTypeEnum.
|
||||
* @file
|
||||
* @brief Defines the JsonWebKey types.
|
||||
*
|
||||
*/
|
||||
|
||||
@ -12,19 +13,48 @@
|
||||
|
||||
namespace Azure { namespace Security { namespace KeyVault { namespace Keys {
|
||||
|
||||
enum class KeyTypeEnum
|
||||
/**
|
||||
* @brief The JsonWebKey types.
|
||||
*
|
||||
*/
|
||||
enum class JsonWebKeyType
|
||||
{
|
||||
/**
|
||||
* @brief An Elliptic Curve Cryptographic (ECC) algorithm.
|
||||
*
|
||||
*/
|
||||
Ec,
|
||||
/**
|
||||
* @brief An Elliptic Curve Cryptographic (ECC) algorithm backed by a Hardware Security Module
|
||||
* (HSM).
|
||||
*
|
||||
*/
|
||||
EcHsm,
|
||||
/**
|
||||
* @brief An RSA cryptographic algorithm.
|
||||
*
|
||||
*/
|
||||
Rsa,
|
||||
/**
|
||||
* @brief An RSA cryptographic algorithm backed by a Hardware Security Module (HSM).
|
||||
*
|
||||
*/
|
||||
RsaHsm,
|
||||
/**
|
||||
* @brief An AES cryptographic algorithm.
|
||||
*
|
||||
*/
|
||||
Oct,
|
||||
/**
|
||||
* @brief An AES cryptographic algorithm backed by a Hardware Security Module (HSM).
|
||||
*
|
||||
*/
|
||||
OctHsm,
|
||||
};
|
||||
|
||||
namespace Details {
|
||||
KeyTypeEnum KeyTypeFromString(std::string const& name);
|
||||
std::string KeyTypeToString(KeyTypeEnum kty);
|
||||
JsonWebKeyType KeyTypeFromString(std::string const& name);
|
||||
std::string KeyTypeToString(JsonWebKeyType kty);
|
||||
} // namespace Details
|
||||
|
||||
}}}} // namespace Azure::Security::KeyVault::Keys
|
||||
|
||||
@ -2,6 +2,7 @@
|
||||
// SPDX-License-Identifier: MIT
|
||||
|
||||
/**
|
||||
* @file
|
||||
* @brief Defines the Key Vault Key.
|
||||
*
|
||||
*/
|
||||
@ -9,7 +10,6 @@
|
||||
#pragma once
|
||||
|
||||
#include "azure/keyvault/keys/json_web_key.hpp"
|
||||
#include "azure/keyvault/keys/key_constants.hpp"
|
||||
#include "azure/keyvault/keys/key_operation.hpp"
|
||||
#include "azure/keyvault/keys/key_properties.hpp"
|
||||
|
||||
@ -69,7 +69,7 @@ namespace Azure { namespace Security { namespace KeyVault { namespace Keys {
|
||||
*
|
||||
* @return The type of the key.
|
||||
*/
|
||||
KeyTypeEnum const& GetKeyType() const { return Key.KeyType; }
|
||||
JsonWebKeyType const& GetKeyType() const { return Key.KeyType; }
|
||||
|
||||
/**
|
||||
* @brief Gets the operations you can perform using the key.
|
||||
|
||||
@ -2,6 +2,7 @@
|
||||
// SPDX-License-Identifier: MIT
|
||||
|
||||
#include "azure/keyvault/keys/delete_key_operation.hpp"
|
||||
#include "azure/keyvault/keys/details/key_constants.hpp"
|
||||
|
||||
using namespace Azure::Security::KeyVault::Keys;
|
||||
|
||||
@ -41,3 +42,33 @@ Azure::Security::KeyVault::Keys::DeleteKeyOperation::PollInternal(Azure::Core::C
|
||||
// response inside the Operation.
|
||||
return std::make_unique<Azure::Core::Http::RawResponse>(*m_rawResponse);
|
||||
}
|
||||
|
||||
Azure::Security::KeyVault::Keys::DeleteKeyOperation::DeleteKeyOperation(
|
||||
std::shared_ptr<Azure::Security::KeyVault::Common::Internal::KeyVaultPipeline> keyvaultPipeline,
|
||||
Azure::Core::Response<Azure::Security::KeyVault::Keys::DeletedKey> response)
|
||||
: m_pipeline(keyvaultPipeline)
|
||||
{
|
||||
if (!response.HasValue())
|
||||
{
|
||||
throw Azure::Security::KeyVault::Common::KeyVaultException(
|
||||
"The response does not contain a value.");
|
||||
}
|
||||
// The response becomes useless and the value and rawResponse are now owned by the
|
||||
// DeleteKeyOperation. This is fine because the DeleteKeyOperation is what the delete key api
|
||||
// will return.
|
||||
m_value = response.ExtractValue();
|
||||
m_rawResponse = response.ExtractRawResponse();
|
||||
|
||||
// Build the full url for continuation token. It is only used in case customers wants to use
|
||||
// it on their own. The Operation uses the KeyVaultPipeline from the client which knows how to
|
||||
// build this url.
|
||||
m_continuationToken = m_pipeline->GetVaultUrl() + "/" + std::string(Details::DeletedKeysPath)
|
||||
+ "/" + m_value.Name();
|
||||
|
||||
// The recoveryId is only returned if soft-delete is enabled.
|
||||
// The LRO is considered completed for non soft-delete (key will be eventually removed).
|
||||
if (m_value.RecoveryId.empty())
|
||||
{
|
||||
m_status = Azure::Core::OperationStatus::Succeeded;
|
||||
}
|
||||
}
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
// SPDX-License-Identifier: MIT
|
||||
|
||||
#include "azure/keyvault/keys/deleted_key.hpp"
|
||||
#include "azure/keyvault/keys/key_constants.hpp"
|
||||
#include "azure/keyvault/keys/details/key_constants.hpp"
|
||||
#include "azure/keyvault/keys/key_vault_key.hpp"
|
||||
|
||||
#include <azure/keyvault/common/internal/unix_time_helper.hpp>
|
||||
|
||||
@ -5,6 +5,8 @@
|
||||
#include <azure/core/http/http.hpp>
|
||||
#include <azure/core/http/policy.hpp>
|
||||
|
||||
#include "azure/keyvault/keys/details/key_constants.hpp"
|
||||
#include "azure/keyvault/keys/details/key_request_parameters.hpp"
|
||||
#include "azure/keyvault/keys/key_client.hpp"
|
||||
|
||||
#include <memory>
|
||||
@ -44,3 +46,48 @@ KeyClient::KeyClient(
|
||||
m_pipeline = std::make_shared<Azure::Security::KeyVault::Common::Internal::KeyVaultPipeline>(
|
||||
url, apiVersion, std::move(policies));
|
||||
}
|
||||
|
||||
Azure::Core::Response<KeyVaultKey> KeyClient::GetKey(
|
||||
std::string const& name,
|
||||
GetKeyOptions const& options,
|
||||
Azure::Core::Context const& context) const
|
||||
{
|
||||
return m_pipeline->SendRequest<KeyVaultKey>(
|
||||
context,
|
||||
Azure::Core::Http::HttpMethod::Get,
|
||||
[&name](Azure::Core::Http::RawResponse const& rawResponse) {
|
||||
return Details::KeyVaultKeyDeserialize(name, rawResponse);
|
||||
},
|
||||
{Details::KeysPath, name, options.Version});
|
||||
}
|
||||
|
||||
Azure::Core::Response<KeyVaultKey> KeyClient::CreateKey(
|
||||
std::string const& name,
|
||||
JsonWebKeyType keyType,
|
||||
CreateKeyOptions const& options,
|
||||
Azure::Core::Context const& context) const
|
||||
{
|
||||
return m_pipeline->SendRequest<KeyVaultKey>(
|
||||
context,
|
||||
Azure::Core::Http::HttpMethod::Post,
|
||||
Details::KeyRequestParameters(keyType, options),
|
||||
[&name](Azure::Core::Http::RawResponse const& rawResponse) {
|
||||
return Details::KeyVaultKeyDeserialize(name, rawResponse);
|
||||
},
|
||||
{Details::KeysPath, name, "create"});
|
||||
}
|
||||
|
||||
Azure::Security::KeyVault::Keys::DeleteKeyOperation KeyClient::StartDeleteKey(
|
||||
std::string const& name,
|
||||
Azure::Core::Context const& context) const
|
||||
{
|
||||
return Azure::Security::KeyVault::Keys::DeleteKeyOperation(
|
||||
m_pipeline,
|
||||
m_pipeline->SendRequest<Azure::Security::KeyVault::Keys::DeletedKey>(
|
||||
context,
|
||||
Azure::Core::Http::HttpMethod::Delete,
|
||||
[&name](Azure::Core::Http::RawResponse const& rawResponse) {
|
||||
return Details::DeletedKeyDeserialize(name, rawResponse);
|
||||
},
|
||||
{Details::KeysPath, name}));
|
||||
}
|
||||
|
||||
@ -3,8 +3,8 @@
|
||||
|
||||
#include <azure/core/internal/json.hpp>
|
||||
|
||||
#include "azure/keyvault/keys/key_constants.hpp"
|
||||
#include "azure/keyvault/keys/key_request_parameters.hpp"
|
||||
#include "azure/keyvault/keys/details/key_constants.hpp"
|
||||
#include "azure/keyvault/keys/details/key_request_parameters.hpp"
|
||||
|
||||
#include <string>
|
||||
|
||||
|
||||
@ -2,64 +2,64 @@
|
||||
// SPDX-License-Identifier: MIT
|
||||
|
||||
#include "azure/keyvault/keys/key_type.hpp"
|
||||
#include "azure/keyvault/keys/key_constants.hpp"
|
||||
#include "azure/keyvault/keys/details/key_constants.hpp"
|
||||
|
||||
#include <stdexcept>
|
||||
|
||||
using namespace Azure::Security::KeyVault::Keys;
|
||||
|
||||
KeyTypeEnum Details::KeyTypeFromString(std::string const& name)
|
||||
JsonWebKeyType Details::KeyTypeFromString(std::string const& name)
|
||||
{
|
||||
if (name == EcValue)
|
||||
{
|
||||
return KeyTypeEnum::Ec;
|
||||
return JsonWebKeyType::Ec;
|
||||
}
|
||||
if (name == EcHsmValue)
|
||||
{
|
||||
return KeyTypeEnum::EcHsm;
|
||||
return JsonWebKeyType::EcHsm;
|
||||
}
|
||||
if (name == OctValue)
|
||||
{
|
||||
return KeyTypeEnum::Oct;
|
||||
return JsonWebKeyType::Oct;
|
||||
}
|
||||
if (name == OctHsmValue)
|
||||
{
|
||||
return KeyTypeEnum::OctHsm;
|
||||
return JsonWebKeyType::OctHsm;
|
||||
}
|
||||
if (name == RsaValue)
|
||||
{
|
||||
return KeyTypeEnum::Rsa;
|
||||
return JsonWebKeyType::Rsa;
|
||||
}
|
||||
if (name == RsaHsmValue)
|
||||
{
|
||||
return KeyTypeEnum::RsaHsm;
|
||||
return JsonWebKeyType::RsaHsm;
|
||||
}
|
||||
throw std::runtime_error("cannot convert " + name + " to key type (kty)");
|
||||
}
|
||||
|
||||
std::string Details::KeyTypeToString(KeyTypeEnum kty)
|
||||
std::string Details::KeyTypeToString(JsonWebKeyType kty)
|
||||
{
|
||||
if (kty == KeyTypeEnum::Ec)
|
||||
if (kty == JsonWebKeyType::Ec)
|
||||
{
|
||||
return EcValue;
|
||||
}
|
||||
if (kty == KeyTypeEnum::EcHsm)
|
||||
if (kty == JsonWebKeyType::EcHsm)
|
||||
{
|
||||
return EcHsmValue;
|
||||
}
|
||||
if (kty == KeyTypeEnum::Oct)
|
||||
if (kty == JsonWebKeyType::Oct)
|
||||
{
|
||||
return OctValue;
|
||||
}
|
||||
if (kty == KeyTypeEnum::OctHsm)
|
||||
if (kty == JsonWebKeyType::OctHsm)
|
||||
{
|
||||
return OctHsmValue;
|
||||
}
|
||||
if (kty == KeyTypeEnum::Rsa)
|
||||
if (kty == JsonWebKeyType::Rsa)
|
||||
{
|
||||
return RsaValue;
|
||||
}
|
||||
if (kty == KeyTypeEnum::RsaHsm)
|
||||
if (kty == JsonWebKeyType::RsaHsm)
|
||||
{
|
||||
return RsaHsmValue;
|
||||
}
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
// SPDX-License-Identifier: MIT
|
||||
|
||||
#include "azure/keyvault/keys/key_vault_key.hpp"
|
||||
#include "azure/keyvault/keys/key_constants.hpp"
|
||||
#include "azure/keyvault/keys/details/key_constants.hpp"
|
||||
|
||||
#include <azure/keyvault/common/internal/unix_time_helper.hpp>
|
||||
|
||||
|
||||
@ -10,7 +10,7 @@
|
||||
#include "key_client_base_test.hpp"
|
||||
|
||||
#include <azure/keyvault/key_vault.hpp>
|
||||
#include <azure/keyvault/keys/key_constants.hpp>
|
||||
#include <azure/keyvault/keys/details/key_constants.hpp>
|
||||
|
||||
#include <string>
|
||||
|
||||
@ -58,7 +58,7 @@ TEST_F(KeyVaultClientTest, GetKey)
|
||||
auto key = keyResponse.ExtractValue();
|
||||
|
||||
EXPECT_EQ(key.Name(), keyName);
|
||||
EXPECT_EQ(key.GetKeyType(), Azure::Security::KeyVault::Keys::KeyTypeEnum::Rsa);
|
||||
EXPECT_EQ(key.GetKeyType(), Azure::Security::KeyVault::Keys::JsonWebKeyType::Rsa);
|
||||
}
|
||||
|
||||
TEST_F(KeyVaultClientTest, CreateKey)
|
||||
@ -68,7 +68,7 @@ TEST_F(KeyVaultClientTest, CreateKey)
|
||||
|
||||
{
|
||||
auto keyResponse
|
||||
= keyClient.CreateKey(keyName, Azure::Security::KeyVault::Keys::KeyTypeEnum::Ec);
|
||||
= keyClient.CreateKey(keyName, Azure::Security::KeyVault::Keys::JsonWebKeyType::Ec);
|
||||
CheckValidResponse(keyResponse);
|
||||
auto keyVaultKey = keyResponse.ExtractValue();
|
||||
EXPECT_EQ(keyVaultKey.Name(), keyName);
|
||||
@ -91,13 +91,13 @@ TEST_F(KeyVaultClientTest, CreateKeyWithOptions)
|
||||
options.KeyOperations.push_back(Azure::Security::KeyVault::Keys::KeyOperation::Sign());
|
||||
options.KeyOperations.push_back(Azure::Security::KeyVault::Keys::KeyOperation::Verify());
|
||||
{
|
||||
auto keyResponse
|
||||
= keyClient.CreateKey(keyName, Azure::Security::KeyVault::Keys::KeyTypeEnum::Ec, options);
|
||||
auto keyResponse = keyClient.CreateKey(
|
||||
keyName, Azure::Security::KeyVault::Keys::JsonWebKeyType::Ec, options);
|
||||
CheckValidResponse(keyResponse);
|
||||
auto keyVaultKey = keyResponse.ExtractValue();
|
||||
|
||||
EXPECT_EQ(keyVaultKey.Name(), keyName);
|
||||
EXPECT_EQ(keyVaultKey.GetKeyType(), Azure::Security::KeyVault::Keys::KeyTypeEnum::Ec);
|
||||
EXPECT_EQ(keyVaultKey.GetKeyType(), Azure::Security::KeyVault::Keys::JsonWebKeyType::Ec);
|
||||
auto& keyOperations = keyVaultKey.KeyOperations();
|
||||
uint16_t expectedSize = 2;
|
||||
EXPECT_EQ(keyOperations.size(), expectedSize);
|
||||
@ -127,13 +127,13 @@ TEST_F(KeyVaultClientTest, CreateKeyWithTags)
|
||||
options.Tags.emplace("two", "value=2");
|
||||
|
||||
{
|
||||
auto keyResponse
|
||||
= keyClient.CreateKey(keyName, Azure::Security::KeyVault::Keys::KeyTypeEnum::Rsa, options);
|
||||
auto keyResponse = keyClient.CreateKey(
|
||||
keyName, Azure::Security::KeyVault::Keys::JsonWebKeyType::Rsa, options);
|
||||
CheckValidResponse(keyResponse);
|
||||
auto keyVaultKey = keyResponse.ExtractValue();
|
||||
|
||||
EXPECT_EQ(keyVaultKey.Name(), keyName);
|
||||
EXPECT_EQ(keyVaultKey.GetKeyType(), Azure::Security::KeyVault::Keys::KeyTypeEnum::Rsa);
|
||||
EXPECT_EQ(keyVaultKey.GetKeyType(), Azure::Security::KeyVault::Keys::JsonWebKeyType::Rsa);
|
||||
|
||||
auto findTag = [keyVaultKey](std::string key, std::string value) {
|
||||
// Will throw if key is not found
|
||||
@ -153,7 +153,7 @@ TEST_F(KeyVaultClientTest, DeleteKey)
|
||||
|
||||
{
|
||||
auto keyResponse
|
||||
= keyClient.CreateKey(keyName, Azure::Security::KeyVault::Keys::KeyTypeEnum::Ec);
|
||||
= keyClient.CreateKey(keyName, Azure::Security::KeyVault::Keys::JsonWebKeyType::Ec);
|
||||
CheckValidResponse(keyResponse);
|
||||
auto keyVaultKey = keyResponse.ExtractValue();
|
||||
EXPECT_EQ(keyVaultKey.Name(), keyName);
|
||||
@ -183,7 +183,7 @@ TEST_F(KeyVaultClientTest, DeleteKeyOperationPoll)
|
||||
|
||||
{
|
||||
auto keyResponse
|
||||
= keyClient.CreateKey(keyName, Azure::Security::KeyVault::Keys::KeyTypeEnum::Ec);
|
||||
= keyClient.CreateKey(keyName, Azure::Security::KeyVault::Keys::JsonWebKeyType::Ec);
|
||||
CheckValidResponse(keyResponse);
|
||||
auto keyVaultKey = keyResponse.ExtractValue();
|
||||
EXPECT_EQ(keyVaultKey.Name(), keyName);
|
||||
@ -234,7 +234,7 @@ TEST_F(KeyVaultClientTest, DoubleDelete)
|
||||
|
||||
{
|
||||
auto keyResponse
|
||||
= keyClient.CreateKey(keyName, Azure::Security::KeyVault::Keys::KeyTypeEnum::Ec);
|
||||
= keyClient.CreateKey(keyName, Azure::Security::KeyVault::Keys::JsonWebKeyType::Ec);
|
||||
}
|
||||
{
|
||||
auto duration = std::chrono::system_clock::now() + std::chrono::minutes(3);
|
||||
@ -272,7 +272,7 @@ TEST_F(KeyVaultClientTest, DoubleDeleteBeforePollComplete)
|
||||
|
||||
{
|
||||
auto keyResponse
|
||||
= keyClient.CreateKey(keyName, Azure::Security::KeyVault::Keys::KeyTypeEnum::Ec);
|
||||
= keyClient.CreateKey(keyName, Azure::Security::KeyVault::Keys::JsonWebKeyType::Ec);
|
||||
}
|
||||
{
|
||||
auto keyResponseLRO = keyClient.StartDeleteKey(keyName);
|
||||
@ -308,7 +308,7 @@ TEST_F(KeyVaultClientTest, CreateDeletedKey)
|
||||
|
||||
{
|
||||
auto keyResponse
|
||||
= keyClient.CreateKey(keyName, Azure::Security::KeyVault::Keys::KeyTypeEnum::Ec);
|
||||
= keyClient.CreateKey(keyName, Azure::Security::KeyVault::Keys::JsonWebKeyType::Ec);
|
||||
}
|
||||
{
|
||||
auto duration = std::chrono::system_clock::now() + std::chrono::minutes(3);
|
||||
@ -321,7 +321,7 @@ TEST_F(KeyVaultClientTest, CreateDeletedKey)
|
||||
try
|
||||
{
|
||||
auto keyResponse
|
||||
= keyClient.CreateKey(keyName, Azure::Security::KeyVault::Keys::KeyTypeEnum::Ec);
|
||||
= keyClient.CreateKey(keyName, Azure::Security::KeyVault::Keys::JsonWebKeyType::Ec);
|
||||
}
|
||||
catch (Azure::Security::KeyVault::Common::KeyVaultException const& error)
|
||||
{
|
||||
@ -348,7 +348,7 @@ TEST_F(KeyVaultClientTest, CreateDeletedKeyBeforePollComplete)
|
||||
|
||||
{
|
||||
auto keyResponse
|
||||
= keyClient.CreateKey(keyName, Azure::Security::KeyVault::Keys::KeyTypeEnum::Ec);
|
||||
= keyClient.CreateKey(keyName, Azure::Security::KeyVault::Keys::JsonWebKeyType::Ec);
|
||||
}
|
||||
{
|
||||
auto keyResponseLRO = keyClient.StartDeleteKey(keyName);
|
||||
@ -358,7 +358,7 @@ TEST_F(KeyVaultClientTest, CreateDeletedKeyBeforePollComplete)
|
||||
try
|
||||
{
|
||||
auto keyResponse
|
||||
= keyClient.CreateKey(keyName, Azure::Security::KeyVault::Keys::KeyTypeEnum::Ec);
|
||||
= keyClient.CreateKey(keyName, Azure::Security::KeyVault::Keys::JsonWebKeyType::Ec);
|
||||
}
|
||||
catch (Azure::Security::KeyVault::Common::KeyVaultException const& error)
|
||||
{
|
||||
|
||||
Loading…
Reference in New Issue
Block a user