diff --git a/sdk/keyvault/azure-security-keyvault-keys/CMakeLists.txt b/sdk/keyvault/azure-security-keyvault-keys/CMakeLists.txt index f336c75fb..1706a8b20 100644 --- a/sdk/keyvault/azure-security-keyvault-keys/CMakeLists.txt +++ b/sdk/keyvault/azure-security-keyvault-keys/CMakeLists.txt @@ -32,13 +32,12 @@ set( inc/azure/keyvault/keys/deleted_key.hpp inc/azure/keyvault/keys/json_web_key.hpp inc/azure/keyvault/keys/key_client.hpp - inc/azure/keyvault/keys/key_constants.hpp + inc/azure/keyvault/keys/details/key_constants.hpp inc/azure/keyvault/keys/key_create_options.hpp inc/azure/keyvault/keys/key_client_options.hpp inc/azure/keyvault/keys/key_operation.hpp inc/azure/keyvault/keys/key_properties.hpp - inc/azure/keyvault/keys/key_release_policy.hpp - inc/azure/keyvault/keys/key_request_parameters.hpp + inc/azure/keyvault/keys/details/key_request_parameters.hpp inc/azure/keyvault/keys/key_type.hpp inc/azure/keyvault/keys/key_vault_key.hpp inc/azure/keyvault/keys/version.hpp diff --git a/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/key_vault.hpp b/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/key_vault.hpp index d0c69e380..39413d4ae 100644 --- a/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/key_vault.hpp +++ b/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/key_vault.hpp @@ -16,6 +16,5 @@ #include "azure/keyvault/keys/key_client_options.hpp" #include "azure/keyvault/keys/key_operation.hpp" #include "azure/keyvault/keys/key_properties.hpp" -#include "azure/keyvault/keys/key_release_policy.hpp" #include "azure/keyvault/keys/key_type.hpp" #include "azure/keyvault/keys/key_vault_key.hpp" diff --git a/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/delete_key_operation.hpp b/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/delete_key_operation.hpp index b52e1261b..62c25ec3a 100644 --- a/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/delete_key_operation.hpp +++ b/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/delete_key_operation.hpp @@ -2,6 +2,7 @@ // SPDX-License-Identifier: MIT /** + * @file * @brief A long-running operation for deleting a Key. * */ @@ -73,33 +74,7 @@ namespace Azure { namespace Security { namespace KeyVault { namespace Keys { DeleteKeyOperation( std::shared_ptr keyvaultPipeline, - Azure::Core::Response response) - : m_pipeline(keyvaultPipeline) - { - if (!response.HasValue()) - { - throw Azure::Security::KeyVault::Common::KeyVaultException( - "The response does not contain a value."); - } - // The response becomes useless and the value and rawResponse are now owned by the - // DeleteKeyOperation. This is fine because the DeleteKeyOperation is what the delete key api - // will return. - m_value = response.ExtractValue(); - m_rawResponse = response.ExtractRawResponse(); - - // Build the full url for continuation token. It is only used in case customers wants to use - // it on their own. The Operation uses the KeyVaultPipeline from the client which knows how to - // build this url. - m_continuationToken = m_pipeline->GetVaultUrl() + "/" + std::string(Details::DeletedKeysPath) - + "/" + m_value.Name(); - - // The recoveryId is only returned if soft-delete is enabled. - // The LRO is considered completed for non soft-delete (key will be eventually removed). - if (m_value.RecoveryId.empty()) - { - m_status = Azure::Core::OperationStatus::Succeeded; - } - } + Azure::Core::Response response); public: /** diff --git a/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/deleted_key.hpp b/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/deleted_key.hpp index abc78ae3c..aa897cd97 100644 --- a/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/deleted_key.hpp +++ b/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/deleted_key.hpp @@ -2,6 +2,7 @@ // SPDX-License-Identifier: MIT /** + * @file * @brief Represents a Key Vault key that has been deleted, allowing it to be recovered, if needed. * */ @@ -10,7 +11,6 @@ #include -#include "azure/keyvault/keys/key_constants.hpp" #include "azure/keyvault/keys/key_vault_key.hpp" namespace Azure { namespace Security { namespace KeyVault { namespace Keys { diff --git a/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/key_constants.hpp b/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/details/key_constants.hpp similarity index 99% rename from sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/key_constants.hpp rename to sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/details/key_constants.hpp index f626b525e..e8be2c862 100644 --- a/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/key_constants.hpp +++ b/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/details/key_constants.hpp @@ -2,6 +2,7 @@ // SPDX-License-Identifier: MIT /** + * @file * @brief Centralize the string constants used by Key Vault Keys Client. * */ diff --git a/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/key_request_parameters.hpp b/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/details/key_request_parameters.hpp similarity index 86% rename from sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/key_request_parameters.hpp rename to sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/details/key_request_parameters.hpp index 1567019dc..fb78dba49 100644 --- a/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/key_request_parameters.hpp +++ b/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/details/key_request_parameters.hpp @@ -2,6 +2,7 @@ // SPDX-License-Identifier: MIT /** + * @file * @brief Internal implementation for sending the HTTP request. * */ @@ -23,11 +24,11 @@ namespace Azure { namespace Security { namespace KeyVault { namespace Keys { nam class KeyRequestParameters : public Azure::Core::Internal::Json::JsonSerializable { private: - KeyTypeEnum m_keyType; + JsonWebKeyType m_keyType; CreateKeyOptions const& m_options; public: - explicit KeyRequestParameters(KeyTypeEnum keyType, CreateKeyOptions const& options) + explicit KeyRequestParameters(JsonWebKeyType keyType, CreateKeyOptions const& options) : m_keyType(keyType), m_options(options) { } diff --git a/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/json_web_key.hpp b/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/json_web_key.hpp index dc693b8f4..b64370607 100644 --- a/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/json_web_key.hpp +++ b/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/json_web_key.hpp @@ -2,13 +2,13 @@ // SPDX-License-Identifier: MIT /** + * @file * @brief Defines the JsonWebKey. * */ #pragma once -#include "azure/keyvault/keys/key_constants.hpp" #include "azure/keyvault/keys/key_operation.hpp" #include "azure/keyvault/keys/key_type.hpp" @@ -17,6 +17,10 @@ namespace Azure { namespace Security { namespace KeyVault { namespace Keys { + /** + * @brief Represents a JSON Web Key as defined in http://tools.ietf.org/html/rfc7517. + * + */ struct JsonWebKey { /** @@ -24,14 +28,34 @@ namespace Azure { namespace Security { namespace KeyVault { namespace Keys { * */ std::string Id; - KeyTypeEnum KeyType; - JsonWebKey() {} + /** + * @brief They type of the key. + * + */ + JsonWebKeyType KeyType; + /** + * @brief Construct a new Json Web Key object. + * + */ + JsonWebKey() = default; + + /** + * @brief Set the Key Operations object based on a list of operations. + * + * @param keyOperations The list of key operations. + */ void SetKeyOperations(std::vector const& keyOperations) { m_keyOps = keyOperations; } + + /** + * @brief Get the list of operations from the JsonWebKey. + * + * @return std::vector const& + */ std::vector const& KeyOperations() const { return m_keyOps; } private: diff --git a/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/key_client.hpp b/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/key_client.hpp index f63298b90..50ee2d039 100644 --- a/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/key_client.hpp +++ b/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/key_client.hpp @@ -2,23 +2,18 @@ // SPDX-License-Identifier: MIT /** + * @file * @brief Defines the Key Vault Keys client. * */ #pragma once -#include -#include -#include - #include #include "azure/keyvault/keys/delete_key_operation.hpp" #include "azure/keyvault/keys/key_client_options.hpp" -#include "azure/keyvault/keys/key_constants.hpp" #include "azure/keyvault/keys/key_create_options.hpp" -#include "azure/keyvault/keys/key_request_parameters.hpp" #include "azure/keyvault/keys/key_type.hpp" #include "azure/keyvault/keys/key_vault_key.hpp" @@ -81,16 +76,7 @@ namespace Azure { namespace Security { namespace KeyVault { namespace Keys { Azure::Core::Response GetKey( std::string const& name, GetKeyOptions const& options = GetKeyOptions(), - Azure::Core::Context const& context = Azure::Core::Context()) const - { - return m_pipeline->SendRequest( - context, - Azure::Core::Http::HttpMethod::Get, - [&name](Azure::Core::Http::RawResponse const& rawResponse) { - return Details::KeyVaultKeyDeserialize(name, rawResponse); - }, - {Details::KeysPath, name, options.Version}); - } + Azure::Core::Context const& context = Azure::Core::Context()) const; /** * @brief Creates and stores a new key in Key Vault. The create key operation can be used to @@ -98,7 +84,8 @@ namespace Azure { namespace Security { namespace KeyVault { namespace Keys { * creates a new version of the key. It requires the keys/create permission. * * @param name The name of the key. - * @param keyType The type of key to create. See #Azure::Security::KeyVault::Keys::KeyTypeEnum. + * @param keyType The type of key to create. See + * #Azure::Security::KeyVault::Keys::JsonWebKeyType. * @param options Optional parameters for this operation. See * #Azure::Security::KeyVault::Keys::CreateKeyOptions. * @param context The context for the operation can be used for request cancellation. @@ -106,19 +93,9 @@ namespace Azure { namespace Security { namespace KeyVault { namespace Keys { */ Azure::Core::Response CreateKey( std::string const& name, - KeyTypeEnum keyType, + JsonWebKeyType keyType, CreateKeyOptions const& options = CreateKeyOptions(), - Azure::Core::Context const& context = Azure::Core::Context()) const - { - return m_pipeline->SendRequest( - context, - Azure::Core::Http::HttpMethod::Post, - Details::KeyRequestParameters(keyType, options), - [&name](Azure::Core::Http::RawResponse const& rawResponse) { - return Details::KeyVaultKeyDeserialize(name, rawResponse); - }, - {Details::KeysPath, name, "create"}); - } + Azure::Core::Context const& context = Azure::Core::Context()) const; /** * @brief Deletes a key of any type from storage in Azure Key Vault. @@ -137,17 +114,6 @@ namespace Azure { namespace Security { namespace KeyVault { namespace Keys { */ Azure::Security::KeyVault::Keys::DeleteKeyOperation StartDeleteKey( std::string const& name, - Azure::Core::Context const& context = Azure::Core::Context()) const - { - return Azure::Security::KeyVault::Keys::DeleteKeyOperation( - m_pipeline, - m_pipeline->SendRequest( - context, - Azure::Core::Http::HttpMethod::Delete, - [&name](Azure::Core::Http::RawResponse const& rawResponse) { - return Details::DeletedKeyDeserialize(name, rawResponse); - }, - {Details::KeysPath, name})); - } + Azure::Core::Context const& context = Azure::Core::Context()) const; }; }}}} // namespace Azure::Security::KeyVault::Keys diff --git a/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/key_client_options.hpp b/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/key_client_options.hpp index 130dfff07..dab2e4593 100644 --- a/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/key_client_options.hpp +++ b/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/key_client_options.hpp @@ -2,6 +2,7 @@ // SPDX-License-Identifier: MIT /** + * @file * @brief Defines the supported options to create a Key Vault Keys client. * */ @@ -15,6 +16,10 @@ namespace Azure { namespace Security { namespace KeyVault { namespace Keys { + /** + * @brief Available and supported service versions. + * + */ enum class ServiceVersion { V7_0, @@ -22,13 +27,43 @@ namespace Azure { namespace Security { namespace KeyVault { namespace Keys { V7_2 }; + /** + * @brief Define the options to create an SDK Keys client. + * + */ struct KeyClientOptions { + /** + * @brief The service version. All request are created with this version. + * + */ ServiceVersion Version; + + /** + * @brief Define the options to retry the Http requests. + * + */ Azure::Core::Http::RetryOptions RetryOptions; + + /** + * @brief Define the Http client options. + * + * @remark Use this options to set an specific Http client. + * + */ Azure::Core::Http::TransportPolicyOptions TransportPolicyOptions; + + /** + * @brief Define the information to be used for reporting telemetry data. + * + */ Azure::Core::Http::TelemetryPolicyOptions TelemetryPolicyOptions; + /** + * @brief Construct a new Key Client Options object. + * + * @param version Optional version for the client. + */ KeyClientOptions(ServiceVersion version = ServiceVersion::V7_2) : Version(version) {} std::string GetVersionString() diff --git a/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/key_create_options.hpp b/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/key_create_options.hpp index 89ea492b8..781bb8f24 100644 --- a/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/key_create_options.hpp +++ b/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/key_create_options.hpp @@ -2,6 +2,7 @@ // SPDX-License-Identifier: MIT /** + * @file * @brief Defines the supported options to create a Key Vault Key. * */ @@ -20,16 +21,40 @@ namespace Azure { namespace Security { namespace KeyVault { namespace Keys { + /** + * @brief Define the specific options for the #CreateKey operaion. + * + */ struct CreateKeyOptions { + /** + * @brief Define the supported operations for the key. + * + */ std::list KeyOperations; + /** + * @brief Indicates when the key will be valid and can be used for cryptographic operations. + * + */ Azure::Core::Nullable NotBefore; + /** + * @brief Indicates when the key will expire and cannot be used for cryptographic operations. + * + */ Azure::Core::Nullable ExpiresOn; + /** + * @brief whether the key is enabled and useable for cryptographic operations. + * + */ Azure::Core::Nullable Enabled; + /** + * @brief Specific metadata about the key. + * + */ std::unordered_map Tags; }; diff --git a/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/key_operation.hpp b/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/key_operation.hpp index 2b1e0a6bf..9fde6985f 100644 --- a/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/key_operation.hpp +++ b/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/key_operation.hpp @@ -2,6 +2,7 @@ // SPDX-License-Identifier: MIT /** + * @file * @brief Defines the Key Vault KeyOperation. * */ @@ -12,22 +13,84 @@ namespace Azure { namespace Security { namespace KeyVault { namespace Keys { + /** + * @brief An operation that can be performed with the key. + * + */ class KeyOperation { + private: std::string m_operation; public: + /** + * @brief Construct a new Key Operation object. + * + * @param operation The operation for the key as string. + */ KeyOperation(std::string const& operation) : m_operation(operation) {} + /** + * @brief Returns the fully qualified type name of this instance. + * + * @return The operation represented as string. + */ std::string const& ToString() const { return m_operation; } + /** + * @brief The key can be used to encrypt with the #Encrypt(EncryptionAlgorithm, Byte[], + * CancellationToken) method. + * + * @return Encrypt KeyOperation. + */ static KeyOperation Encrypt() { return KeyOperation("encrypt"); } + + /** + * @brief The key can be used to decrypt with the #Decrypt(EncryptionAlgorithm, Byte[], + * CancellationToken) method. + * + * @return Decrypt KeyOperation. + */ static KeyOperation Decrypt() { return KeyOperation("decrypt"); } + + /** + * @brief The key can be used to sign with the Sign(SignatureAlgorithm, Byte[], + * CancellationToken) method. + * + * @return Sign KeyOperation. + */ static KeyOperation Sign() { return KeyOperation("sign"); } + + /** + * @brief The key can be used to verify with the Verify(SignatureAlgorithm, Byte[], Byte[], + * CancellationToken) method. + * + * @return Verify KeyOperation. + */ static KeyOperation Verify() { return KeyOperation("verify"); } + + /** + * @brief The key can be used to wrap another key with the WrapKey(KeyWrapAlgorithm, Byte[], + * CancellationToken) method. + * + * @return WrapKey KeyOperation. + */ static KeyOperation WrapKey() { return KeyOperation("wrapKey"); } + + /** + * @brief The key can be used to unwrap another key with the UnwrapKey(KeyWrapAlgorithm, Byte[], + * CancellationToken) method. + * + * @return UnwrapKey KeyOperation. + */ static KeyOperation UnwrapKey() { return KeyOperation("unwrapKey"); } + + /** + * @brief The key can be imported during creation using the ImportKey(ImportKeyOptions, + * CancellationToken) method. + * + * @return Import KeyOperation. + */ static KeyOperation Import() { return KeyOperation("import"); } - static KeyOperation Export() { return KeyOperation("export"); } }; }}}} // namespace Azure::Security::KeyVault::Keys diff --git a/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/key_properties.hpp b/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/key_properties.hpp index 637c70f4c..4a511d068 100644 --- a/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/key_properties.hpp +++ b/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/key_properties.hpp @@ -2,6 +2,7 @@ // SPDX-License-Identifier: MIT /** + * @file * @brief Defines the Key Vault Key properties. * */ @@ -11,32 +12,112 @@ #include #include -#include "azure/keyvault/keys/key_release_policy.hpp" - #include #include namespace Azure { namespace Security { namespace KeyVault { namespace Keys { + /** + * @brief The resource containing all the properties of the KeyVaultKey except JsonWebKey + * properties. + * + */ struct KeyProperties { + /** + * @brief The name of the key. + * + */ std::string Name; - std::string Id; - std::string VaultUrl; - std::string Version; - bool Managed; - std::unordered_map Tags; - Azure::Core::Nullable Enabled; - Azure::Core::Nullable NotBefore; - Azure::Core::Nullable ExpiresOn; - Azure::Core::Nullable CreatedOn; - Azure::Core::Nullable UpdatedOn; - Azure::Core::Nullable RecoverableDays; - std::string RecoveryLevel; - Azure::Core::Nullable Exportable; - KeyReleasePolicy ReleasePolicy; - KeyProperties() {} + /** + * @brief The key identifier. + * + */ + std::string Id; + + /** + * @brief The Key Vault base Url. + * + */ + std::string VaultUrl; + + /** + * @brief The version of the key. + * + */ + std::string Version; + + /** + * @brief Indicate whether the key's lifetime is managed by Key Vault. If this key is backing a + * Key Vault certificate, the value will be true. + * + */ + bool Managed; + + /** + * @brief Dictionary of tags with specific metadata about the key. + * + */ + std::unordered_map Tags; + + /** + * @brief Indicate whether the key is enabled and useable for cryptographic operations. + * + */ + Azure::Core::Nullable Enabled; + + /** + * @brief Indicate when the key will be valid and can be used for cryptographic operations. + * + */ + Azure::Core::Nullable NotBefore; + + /** + * @brief Indicate when the key will expire and cannot be used for cryptographic operations. + * + */ + Azure::Core::Nullable ExpiresOn; + + /** + * @brief Indicate when the key was created. + * + */ + Azure::Core::Nullable CreatedOn; + + /** + * @brief Indicate when the key was updated. + * + */ + Azure::Core::Nullable UpdatedOn; + + /** + * @brief The number of days a key is retained before being deleted for a soft delete-enabled + * Key Vault. + * + */ + Azure::Core::Nullable RecoverableDays; + + /** + * @brief The recovery level currently in effect for keys in the Key Vault. + * + * @remark If Purgeable, the key can be permanently deleted by an authorized user; otherwise, + * only the service can purge the keys at the end of the retention interval. + * + */ + std::string RecoveryLevel; + + /** + * @brief Construct a new Key Properties object. + * + */ + KeyProperties() = default; + + /** + * @brief Construct a new Key Properties object. + * + * @param name The name of the key. + */ KeyProperties(std::string name) : Name(std::move(name)) {} }; diff --git a/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/key_release_policy.hpp b/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/key_release_policy.hpp deleted file mode 100644 index 74698888c..000000000 --- a/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/key_release_policy.hpp +++ /dev/null @@ -1,31 +0,0 @@ -// Copyright (c) Microsoft Corporation. All rights reserved. -// SPDX-License-Identifier: MIT - -/** - * @brief Defines the KeyReleasePolicy. - * - */ - -#pragma once - -#include -#include - -namespace Azure { namespace Security { namespace KeyVault { namespace Keys { - - namespace Details { - constexpr static const char* ContentTypePropertyName = "contentType"; - constexpr static const char* DataPropertyName = "data"; - } // namespace Details - - struct KeyReleasePolicy - { - std::string ContentType; - std::vector Data; - - KeyReleasePolicy() {} - - KeyReleasePolicy(std::vector data) : Data(std::move(data)) {} - }; - -}}}} // namespace Azure::Security::KeyVault::Keys diff --git a/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/key_type.hpp b/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/key_type.hpp index ef96dbd1a..94dbb6ce5 100644 --- a/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/key_type.hpp +++ b/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/key_type.hpp @@ -2,7 +2,8 @@ // SPDX-License-Identifier: MIT /** - * @brief Defines the KeyTypeEnum. + * @file + * @brief Defines the JsonWebKey types. * */ @@ -12,19 +13,48 @@ namespace Azure { namespace Security { namespace KeyVault { namespace Keys { - enum class KeyTypeEnum + /** + * @brief The JsonWebKey types. + * + */ + enum class JsonWebKeyType { + /** + * @brief An Elliptic Curve Cryptographic (ECC) algorithm. + * + */ Ec, + /** + * @brief An Elliptic Curve Cryptographic (ECC) algorithm backed by a Hardware Security Module + * (HSM). + * + */ EcHsm, + /** + * @brief An RSA cryptographic algorithm. + * + */ Rsa, + /** + * @brief An RSA cryptographic algorithm backed by a Hardware Security Module (HSM). + * + */ RsaHsm, + /** + * @brief An AES cryptographic algorithm. + * + */ Oct, + /** + * @brief An AES cryptographic algorithm backed by a Hardware Security Module (HSM). + * + */ OctHsm, }; namespace Details { - KeyTypeEnum KeyTypeFromString(std::string const& name); - std::string KeyTypeToString(KeyTypeEnum kty); + JsonWebKeyType KeyTypeFromString(std::string const& name); + std::string KeyTypeToString(JsonWebKeyType kty); } // namespace Details }}}} // namespace Azure::Security::KeyVault::Keys diff --git a/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/key_vault_key.hpp b/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/key_vault_key.hpp index 909c9a74d..dbeacec40 100644 --- a/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/key_vault_key.hpp +++ b/sdk/keyvault/azure-security-keyvault-keys/inc/azure/keyvault/keys/key_vault_key.hpp @@ -2,6 +2,7 @@ // SPDX-License-Identifier: MIT /** + * @file * @brief Defines the Key Vault Key. * */ @@ -9,7 +10,6 @@ #pragma once #include "azure/keyvault/keys/json_web_key.hpp" -#include "azure/keyvault/keys/key_constants.hpp" #include "azure/keyvault/keys/key_operation.hpp" #include "azure/keyvault/keys/key_properties.hpp" @@ -69,7 +69,7 @@ namespace Azure { namespace Security { namespace KeyVault { namespace Keys { * * @return The type of the key. */ - KeyTypeEnum const& GetKeyType() const { return Key.KeyType; } + JsonWebKeyType const& GetKeyType() const { return Key.KeyType; } /** * @brief Gets the operations you can perform using the key. diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/delete_key_operation.cpp b/sdk/keyvault/azure-security-keyvault-keys/src/delete_key_operation.cpp index 38ca26881..0daa967d4 100644 --- a/sdk/keyvault/azure-security-keyvault-keys/src/delete_key_operation.cpp +++ b/sdk/keyvault/azure-security-keyvault-keys/src/delete_key_operation.cpp @@ -2,6 +2,7 @@ // SPDX-License-Identifier: MIT #include "azure/keyvault/keys/delete_key_operation.hpp" +#include "azure/keyvault/keys/details/key_constants.hpp" using namespace Azure::Security::KeyVault::Keys; @@ -41,3 +42,33 @@ Azure::Security::KeyVault::Keys::DeleteKeyOperation::PollInternal(Azure::Core::C // response inside the Operation. return std::make_unique(*m_rawResponse); } + +Azure::Security::KeyVault::Keys::DeleteKeyOperation::DeleteKeyOperation( + std::shared_ptr keyvaultPipeline, + Azure::Core::Response response) + : m_pipeline(keyvaultPipeline) +{ + if (!response.HasValue()) + { + throw Azure::Security::KeyVault::Common::KeyVaultException( + "The response does not contain a value."); + } + // The response becomes useless and the value and rawResponse are now owned by the + // DeleteKeyOperation. This is fine because the DeleteKeyOperation is what the delete key api + // will return. + m_value = response.ExtractValue(); + m_rawResponse = response.ExtractRawResponse(); + + // Build the full url for continuation token. It is only used in case customers wants to use + // it on their own. The Operation uses the KeyVaultPipeline from the client which knows how to + // build this url. + m_continuationToken = m_pipeline->GetVaultUrl() + "/" + std::string(Details::DeletedKeysPath) + + "/" + m_value.Name(); + + // The recoveryId is only returned if soft-delete is enabled. + // The LRO is considered completed for non soft-delete (key will be eventually removed). + if (m_value.RecoveryId.empty()) + { + m_status = Azure::Core::OperationStatus::Succeeded; + } +} diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/deleted_key.cpp b/sdk/keyvault/azure-security-keyvault-keys/src/deleted_key.cpp index 746a8f783..6264cece0 100644 --- a/sdk/keyvault/azure-security-keyvault-keys/src/deleted_key.cpp +++ b/sdk/keyvault/azure-security-keyvault-keys/src/deleted_key.cpp @@ -2,7 +2,7 @@ // SPDX-License-Identifier: MIT #include "azure/keyvault/keys/deleted_key.hpp" -#include "azure/keyvault/keys/key_constants.hpp" +#include "azure/keyvault/keys/details/key_constants.hpp" #include "azure/keyvault/keys/key_vault_key.hpp" #include diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/key_client.cpp b/sdk/keyvault/azure-security-keyvault-keys/src/key_client.cpp index b77efd7e1..e672853e0 100644 --- a/sdk/keyvault/azure-security-keyvault-keys/src/key_client.cpp +++ b/sdk/keyvault/azure-security-keyvault-keys/src/key_client.cpp @@ -5,6 +5,8 @@ #include #include +#include "azure/keyvault/keys/details/key_constants.hpp" +#include "azure/keyvault/keys/details/key_request_parameters.hpp" #include "azure/keyvault/keys/key_client.hpp" #include @@ -44,3 +46,48 @@ KeyClient::KeyClient( m_pipeline = std::make_shared( url, apiVersion, std::move(policies)); } + +Azure::Core::Response KeyClient::GetKey( + std::string const& name, + GetKeyOptions const& options, + Azure::Core::Context const& context) const +{ + return m_pipeline->SendRequest( + context, + Azure::Core::Http::HttpMethod::Get, + [&name](Azure::Core::Http::RawResponse const& rawResponse) { + return Details::KeyVaultKeyDeserialize(name, rawResponse); + }, + {Details::KeysPath, name, options.Version}); +} + +Azure::Core::Response KeyClient::CreateKey( + std::string const& name, + JsonWebKeyType keyType, + CreateKeyOptions const& options, + Azure::Core::Context const& context) const +{ + return m_pipeline->SendRequest( + context, + Azure::Core::Http::HttpMethod::Post, + Details::KeyRequestParameters(keyType, options), + [&name](Azure::Core::Http::RawResponse const& rawResponse) { + return Details::KeyVaultKeyDeserialize(name, rawResponse); + }, + {Details::KeysPath, name, "create"}); +} + +Azure::Security::KeyVault::Keys::DeleteKeyOperation KeyClient::StartDeleteKey( + std::string const& name, + Azure::Core::Context const& context) const +{ + return Azure::Security::KeyVault::Keys::DeleteKeyOperation( + m_pipeline, + m_pipeline->SendRequest( + context, + Azure::Core::Http::HttpMethod::Delete, + [&name](Azure::Core::Http::RawResponse const& rawResponse) { + return Details::DeletedKeyDeserialize(name, rawResponse); + }, + {Details::KeysPath, name})); +} diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/key_request_parameters.cpp b/sdk/keyvault/azure-security-keyvault-keys/src/key_request_parameters.cpp index 5a131d53e..4b9aac035 100644 --- a/sdk/keyvault/azure-security-keyvault-keys/src/key_request_parameters.cpp +++ b/sdk/keyvault/azure-security-keyvault-keys/src/key_request_parameters.cpp @@ -3,8 +3,8 @@ #include -#include "azure/keyvault/keys/key_constants.hpp" -#include "azure/keyvault/keys/key_request_parameters.hpp" +#include "azure/keyvault/keys/details/key_constants.hpp" +#include "azure/keyvault/keys/details/key_request_parameters.hpp" #include diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/key_type.cpp b/sdk/keyvault/azure-security-keyvault-keys/src/key_type.cpp index 217cc2f3b..e113b386f 100644 --- a/sdk/keyvault/azure-security-keyvault-keys/src/key_type.cpp +++ b/sdk/keyvault/azure-security-keyvault-keys/src/key_type.cpp @@ -2,64 +2,64 @@ // SPDX-License-Identifier: MIT #include "azure/keyvault/keys/key_type.hpp" -#include "azure/keyvault/keys/key_constants.hpp" +#include "azure/keyvault/keys/details/key_constants.hpp" #include using namespace Azure::Security::KeyVault::Keys; -KeyTypeEnum Details::KeyTypeFromString(std::string const& name) +JsonWebKeyType Details::KeyTypeFromString(std::string const& name) { if (name == EcValue) { - return KeyTypeEnum::Ec; + return JsonWebKeyType::Ec; } if (name == EcHsmValue) { - return KeyTypeEnum::EcHsm; + return JsonWebKeyType::EcHsm; } if (name == OctValue) { - return KeyTypeEnum::Oct; + return JsonWebKeyType::Oct; } if (name == OctHsmValue) { - return KeyTypeEnum::OctHsm; + return JsonWebKeyType::OctHsm; } if (name == RsaValue) { - return KeyTypeEnum::Rsa; + return JsonWebKeyType::Rsa; } if (name == RsaHsmValue) { - return KeyTypeEnum::RsaHsm; + return JsonWebKeyType::RsaHsm; } throw std::runtime_error("cannot convert " + name + " to key type (kty)"); } -std::string Details::KeyTypeToString(KeyTypeEnum kty) +std::string Details::KeyTypeToString(JsonWebKeyType kty) { - if (kty == KeyTypeEnum::Ec) + if (kty == JsonWebKeyType::Ec) { return EcValue; } - if (kty == KeyTypeEnum::EcHsm) + if (kty == JsonWebKeyType::EcHsm) { return EcHsmValue; } - if (kty == KeyTypeEnum::Oct) + if (kty == JsonWebKeyType::Oct) { return OctValue; } - if (kty == KeyTypeEnum::OctHsm) + if (kty == JsonWebKeyType::OctHsm) { return OctHsmValue; } - if (kty == KeyTypeEnum::Rsa) + if (kty == JsonWebKeyType::Rsa) { return RsaValue; } - if (kty == KeyTypeEnum::RsaHsm) + if (kty == JsonWebKeyType::RsaHsm) { return RsaHsmValue; } diff --git a/sdk/keyvault/azure-security-keyvault-keys/src/key_vault_key.cpp b/sdk/keyvault/azure-security-keyvault-keys/src/key_vault_key.cpp index c1074470e..05ff1bd04 100644 --- a/sdk/keyvault/azure-security-keyvault-keys/src/key_vault_key.cpp +++ b/sdk/keyvault/azure-security-keyvault-keys/src/key_vault_key.cpp @@ -2,7 +2,7 @@ // SPDX-License-Identifier: MIT #include "azure/keyvault/keys/key_vault_key.hpp" -#include "azure/keyvault/keys/key_constants.hpp" +#include "azure/keyvault/keys/details/key_constants.hpp" #include diff --git a/sdk/keyvault/azure-security-keyvault-keys/test/key_client_test_live.cpp b/sdk/keyvault/azure-security-keyvault-keys/test/key_client_test_live.cpp index ca311ed76..35e176c6d 100644 --- a/sdk/keyvault/azure-security-keyvault-keys/test/key_client_test_live.cpp +++ b/sdk/keyvault/azure-security-keyvault-keys/test/key_client_test_live.cpp @@ -10,7 +10,7 @@ #include "key_client_base_test.hpp" #include -#include +#include #include @@ -58,7 +58,7 @@ TEST_F(KeyVaultClientTest, GetKey) auto key = keyResponse.ExtractValue(); EXPECT_EQ(key.Name(), keyName); - EXPECT_EQ(key.GetKeyType(), Azure::Security::KeyVault::Keys::KeyTypeEnum::Rsa); + EXPECT_EQ(key.GetKeyType(), Azure::Security::KeyVault::Keys::JsonWebKeyType::Rsa); } TEST_F(KeyVaultClientTest, CreateKey) @@ -68,7 +68,7 @@ TEST_F(KeyVaultClientTest, CreateKey) { auto keyResponse - = keyClient.CreateKey(keyName, Azure::Security::KeyVault::Keys::KeyTypeEnum::Ec); + = keyClient.CreateKey(keyName, Azure::Security::KeyVault::Keys::JsonWebKeyType::Ec); CheckValidResponse(keyResponse); auto keyVaultKey = keyResponse.ExtractValue(); EXPECT_EQ(keyVaultKey.Name(), keyName); @@ -91,13 +91,13 @@ TEST_F(KeyVaultClientTest, CreateKeyWithOptions) options.KeyOperations.push_back(Azure::Security::KeyVault::Keys::KeyOperation::Sign()); options.KeyOperations.push_back(Azure::Security::KeyVault::Keys::KeyOperation::Verify()); { - auto keyResponse - = keyClient.CreateKey(keyName, Azure::Security::KeyVault::Keys::KeyTypeEnum::Ec, options); + auto keyResponse = keyClient.CreateKey( + keyName, Azure::Security::KeyVault::Keys::JsonWebKeyType::Ec, options); CheckValidResponse(keyResponse); auto keyVaultKey = keyResponse.ExtractValue(); EXPECT_EQ(keyVaultKey.Name(), keyName); - EXPECT_EQ(keyVaultKey.GetKeyType(), Azure::Security::KeyVault::Keys::KeyTypeEnum::Ec); + EXPECT_EQ(keyVaultKey.GetKeyType(), Azure::Security::KeyVault::Keys::JsonWebKeyType::Ec); auto& keyOperations = keyVaultKey.KeyOperations(); uint16_t expectedSize = 2; EXPECT_EQ(keyOperations.size(), expectedSize); @@ -127,13 +127,13 @@ TEST_F(KeyVaultClientTest, CreateKeyWithTags) options.Tags.emplace("two", "value=2"); { - auto keyResponse - = keyClient.CreateKey(keyName, Azure::Security::KeyVault::Keys::KeyTypeEnum::Rsa, options); + auto keyResponse = keyClient.CreateKey( + keyName, Azure::Security::KeyVault::Keys::JsonWebKeyType::Rsa, options); CheckValidResponse(keyResponse); auto keyVaultKey = keyResponse.ExtractValue(); EXPECT_EQ(keyVaultKey.Name(), keyName); - EXPECT_EQ(keyVaultKey.GetKeyType(), Azure::Security::KeyVault::Keys::KeyTypeEnum::Rsa); + EXPECT_EQ(keyVaultKey.GetKeyType(), Azure::Security::KeyVault::Keys::JsonWebKeyType::Rsa); auto findTag = [keyVaultKey](std::string key, std::string value) { // Will throw if key is not found @@ -153,7 +153,7 @@ TEST_F(KeyVaultClientTest, DeleteKey) { auto keyResponse - = keyClient.CreateKey(keyName, Azure::Security::KeyVault::Keys::KeyTypeEnum::Ec); + = keyClient.CreateKey(keyName, Azure::Security::KeyVault::Keys::JsonWebKeyType::Ec); CheckValidResponse(keyResponse); auto keyVaultKey = keyResponse.ExtractValue(); EXPECT_EQ(keyVaultKey.Name(), keyName); @@ -183,7 +183,7 @@ TEST_F(KeyVaultClientTest, DeleteKeyOperationPoll) { auto keyResponse - = keyClient.CreateKey(keyName, Azure::Security::KeyVault::Keys::KeyTypeEnum::Ec); + = keyClient.CreateKey(keyName, Azure::Security::KeyVault::Keys::JsonWebKeyType::Ec); CheckValidResponse(keyResponse); auto keyVaultKey = keyResponse.ExtractValue(); EXPECT_EQ(keyVaultKey.Name(), keyName); @@ -234,7 +234,7 @@ TEST_F(KeyVaultClientTest, DoubleDelete) { auto keyResponse - = keyClient.CreateKey(keyName, Azure::Security::KeyVault::Keys::KeyTypeEnum::Ec); + = keyClient.CreateKey(keyName, Azure::Security::KeyVault::Keys::JsonWebKeyType::Ec); } { auto duration = std::chrono::system_clock::now() + std::chrono::minutes(3); @@ -272,7 +272,7 @@ TEST_F(KeyVaultClientTest, DoubleDeleteBeforePollComplete) { auto keyResponse - = keyClient.CreateKey(keyName, Azure::Security::KeyVault::Keys::KeyTypeEnum::Ec); + = keyClient.CreateKey(keyName, Azure::Security::KeyVault::Keys::JsonWebKeyType::Ec); } { auto keyResponseLRO = keyClient.StartDeleteKey(keyName); @@ -308,7 +308,7 @@ TEST_F(KeyVaultClientTest, CreateDeletedKey) { auto keyResponse - = keyClient.CreateKey(keyName, Azure::Security::KeyVault::Keys::KeyTypeEnum::Ec); + = keyClient.CreateKey(keyName, Azure::Security::KeyVault::Keys::JsonWebKeyType::Ec); } { auto duration = std::chrono::system_clock::now() + std::chrono::minutes(3); @@ -321,7 +321,7 @@ TEST_F(KeyVaultClientTest, CreateDeletedKey) try { auto keyResponse - = keyClient.CreateKey(keyName, Azure::Security::KeyVault::Keys::KeyTypeEnum::Ec); + = keyClient.CreateKey(keyName, Azure::Security::KeyVault::Keys::JsonWebKeyType::Ec); } catch (Azure::Security::KeyVault::Common::KeyVaultException const& error) { @@ -348,7 +348,7 @@ TEST_F(KeyVaultClientTest, CreateDeletedKeyBeforePollComplete) { auto keyResponse - = keyClient.CreateKey(keyName, Azure::Security::KeyVault::Keys::KeyTypeEnum::Ec); + = keyClient.CreateKey(keyName, Azure::Security::KeyVault::Keys::JsonWebKeyType::Ec); } { auto keyResponseLRO = keyClient.StartDeleteKey(keyName); @@ -358,7 +358,7 @@ TEST_F(KeyVaultClientTest, CreateDeletedKeyBeforePollComplete) try { auto keyResponse - = keyClient.CreateKey(keyName, Azure::Security::KeyVault::Keys::KeyTypeEnum::Ec); + = keyClient.CreateKey(keyName, Azure::Security::KeyVault::Keys::JsonWebKeyType::Ec); } catch (Azure::Security::KeyVault::Common::KeyVaultException const& error) {