Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Key Vault Keys] Add new algorithms #11380

Merged
merged 10 commits into from
Sep 24, 2020
Merged

[Key Vault Keys] Add new algorithms #11380

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
d3f9360
[Key Vault Keys] Add new algorithms
sadasant Sep 21, 2020
e363ffd
seems like this was necessary. Not sure how I didnt catch it before
sadasant Sep 22, 2020
8e6d77b
Renamed aad as additionalAuthenticatedData
sadasant Sep 22, 2020
f296714
formatting
sadasant Sep 22, 2020
d437ff9
this seems better
sadasant Sep 22, 2020
359a578
API changes after recent feedback
sadasant Sep 22, 2020
9fb0ab1
lint fix
sadasant Sep 23, 2020
e155811
swagger property rename WIP
sadasant Sep 24, 2020
872e597
generated changes
sadasant Sep 24, 2020
57e2019
removed console.log
sadasant Sep 24, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
17 changes: 12 additions & 5 deletions sdk/keyvault/keyvault-keys/review/keyvault-keys.api.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -71,7 +71,7 @@ export interface CryptographyOptions extends coreHttp.OperationOptions {
}

// @public
export interface DecryptOptions extends CryptographyOptions {
export interface DecryptOptions extends KeyOperationsOptions {
}

// @public
Expand Down Expand Up @@ -99,10 +99,10 @@ export interface DeletedKey {
export type DeletionRecoveryLevel = 'Purgeable' | 'Recoverable+Purgeable' | 'Recoverable' | 'Recoverable+ProtectedSubscription' | 'CustomizedRecoverable+Purgeable' | 'CustomizedRecoverable' | 'CustomizedRecoverable+ProtectedSubscription';

// @public
export type EncryptionAlgorithm = "RSA-OAEP" | "RSA-OAEP-256" | "RSA1_5";
export type EncryptionAlgorithm = "RSA-OAEP" | "RSA-OAEP-256" | "RSA1_5" | "A128GCM" | "A192GCM" | "A256GCM" | "A128KW" | "A192KW" | "A256KW" | "A128CBC" | "A192CBC" | "A256CBC" | "A128CBCPAD" | "A192CBCPAD" | "A256CBCPAD";

// @public
export interface EncryptOptions extends CryptographyOptions {
export interface EncryptOptions extends KeyOperationsOptions {
}

// @public
Expand Down Expand Up @@ -184,6 +184,13 @@ export type KeyCurveName = "P-256" | "P-384" | "P-521" | "P-256K";
// @public
export type KeyOperation = "encrypt" | "decrypt" | "sign" | "verify" | "wrapKey" | "unwrapKey" | "import";

// @public
export interface KeyOperationsOptions extends CryptographyOptions {
additionalAuthenticatedData?: Uint8Array;
iv?: Uint8Array;
tag?: Uint8Array;
}

// @public
export interface KeyPollerOptions extends coreHttp.OperationOptions {
intervalInMs?: number;
Expand Down Expand Up @@ -295,7 +302,7 @@ export interface SignResult {
}

// @public
export interface UnwrapKeyOptions extends CryptographyOptions {
export interface UnwrapKeyOptions extends KeyOperationsOptions {
}

// @public
Expand Down Expand Up @@ -326,7 +333,7 @@ export interface VerifyResult {
}

// @public
export interface WrapKeyOptions extends CryptographyOptions {
export interface WrapKeyOptions extends KeyOperationsOptions {
}

// @public
Expand Down
55 changes: 15 additions & 40 deletions sdk/keyvault/keyvault-keys/src/cryptographyClient.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,6 @@ import {
GetKeyOptions,
KeyVaultKey,
LATEST_API_VERSION,
CryptographyOptions,
CryptographyClientOptions,
KeyOperation
} from "./keysModels";
Expand All @@ -46,7 +45,13 @@ import {
SignatureAlgorithm,
SignResult,
VerifyResult,
EncryptResult
EncryptResult,
EncryptOptions,
DecryptOptions,
WrapKeyOptions,
UnwrapKeyOptions,
SignOptions,
VerifyOptions
} from "./cryptographyClientModels";
import { KeyBundle } from "./generated/models";
import { parseKeyVaultKeyId } from "./identifier";
Expand All @@ -55,7 +60,7 @@ import { parseKeyVaultKeyId } from "./identifier";
* Checks whether a key can be used at that specific moment,
* by comparing the current date with the bundle's notBefore and expires values.
*/
export function checkKeyValidity(keyId?: string, keyBundle?: KeyBundle) {
export function checkKeyValidity(keyId?: string, keyBundle?: KeyBundle): void {
const attributes = keyBundle?.attributes || {};
const { notBefore, expires } = attributes;
const now = new Date();
Expand Down Expand Up @@ -177,7 +182,7 @@ export class CryptographyClient {
* ```
* @param {EncryptionAlgorithm} algorithm The algorithm to use.
* @param {Uint8Array} ciphertext The text to decrypt.
* @param {EncryptOptions} [options] Additional options.
* @param {DecryptOptions} [options] Additional options.
*/

public async decrypt(
Expand Down Expand Up @@ -221,7 +226,7 @@ export class CryptographyClient {
* ```
* @param {KeyWrapAlgorithm} algorithm The encryption algorithm to use to wrap the given key.
* @param {Uint8Array} key The key to wrap.
* @param {EncryptOptions} [options] Additional options.
* @param {WrapKeyOptions} [options] Additional options.
*/
public async wrapKey(
algorithm: KeyWrapAlgorithm,
Expand Down Expand Up @@ -276,7 +281,7 @@ export class CryptographyClient {
* ```
* @param {KeyWrapAlgorithm} algorithm The decryption algorithm to use to unwrap the key.
* @param {Uint8Array} encryptedKey The encrypted key to unwrap.
* @param {EncryptOptions} [options] Additional options.
* @param {UnwrapKeyOptions} [options] Additional options.
*/
public async unwrapKey(
algorithm: KeyWrapAlgorithm,
Expand Down Expand Up @@ -319,7 +324,7 @@ export class CryptographyClient {
* ```
* @param {KeySignatureAlgorithm} algorithm The signing algorithm to use.
* @param {Uint8Array} digest The digest of the data to sign.
* @param {EncryptOptions} [options] Additional options.
* @param {SignOptions} [options] Additional options.
*/
public async sign(
algorithm: SignatureAlgorithm,
Expand Down Expand Up @@ -361,7 +366,7 @@ export class CryptographyClient {
* @param {KeySignatureAlgorithm} algorithm The signing algorithm to use to verify with.
* @param {Uint8Array} digest The digest to verify.
* @param {Uint8Array} signature The signature to verify the digest against.
* @param {EncryptOptions} [options] Additional options.
* @param {VerifyOptions} [options] Additional options.
*/
public async verify(
algorithm: SignatureAlgorithm,
Expand Down Expand Up @@ -404,7 +409,7 @@ export class CryptographyClient {
* ```
* @param {KeySignatureAlgorithm} algorithm The signing algorithm to use.
* @param {Uint8Array} data The data to sign.
* @param {EncryptOptions} [options] Additional options.
* @param {SignOptions} [options] Additional options.
*/
public async signData(
algorithm: SignatureAlgorithm,
Expand Down Expand Up @@ -459,7 +464,7 @@ export class CryptographyClient {
* @param {KeySignatureAlgorithm} algorithm The algorithm to use to verify with.
* @param {Uint8Array} data The signed block of data to verify.
* @param {Uint8Array} signature The signature to verify the block against.
* @param {EncryptOptions} [options] Additional options.
* @param {VerifyOptions} [options] Additional options.
*/
public async verifyData(
algorithm: SignatureAlgorithm,
Expand Down Expand Up @@ -737,33 +742,3 @@ export class CryptographyClient {
}
}
}

/**
* Options for {@link encrypt}.
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I moved these from this file to the models file. It made more sense to me.

*/
export interface EncryptOptions extends CryptographyOptions {}

/**
* Options for {@link decrypt}.
*/
export interface DecryptOptions extends CryptographyOptions {}

/**
* Options for {@link sign}.
*/
export interface SignOptions extends CryptographyOptions {}

/**
* Options for {@link verify}.
*/
export interface VerifyOptions extends CryptographyOptions {}

/**
* Options for {@link wrapKey}.
*/
export interface WrapKeyOptions extends CryptographyOptions {}

/**
* Options for {@link unwrapKey}.
*/
export interface UnwrapKeyOptions extends CryptographyOptions {}
70 changes: 68 additions & 2 deletions sdk/keyvault/keyvault-keys/src/cryptographyClientModels.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,8 @@
// Copyright (c) Microsoft Corporation.
// Licensed under the MIT license.

import { CryptographyOptions } from "./keysModels";

/**
* Defines values for SignatureAlgorithm.
* @readonly
Expand All @@ -20,11 +22,26 @@ export type SignatureAlgorithm =

/**
* Defines values for EncryptionAlgorithm.
* Possible values include: 'RSA-OAEP', 'RSA-OAEP-256', 'RSA1_5'
* Possible values include: 'RSA-OAEP', 'RSA-OAEP-256', 'RSA1_5', 'A128GCM', 'A192GCM', 'A256GCM', 'A128KW', 'A192KW', 'A256KW', 'A128CBC', 'A192CBC', 'A256CBC', 'A128CBCPAD', 'A192CBCPAD', 'A256CBCPAD'
* @readonly
* @enum {string}
*/
export type EncryptionAlgorithm = "RSA-OAEP" | "RSA-OAEP-256" | "RSA1_5";
export type EncryptionAlgorithm =
| "RSA-OAEP"
| "RSA-OAEP-256"
| "RSA1_5"
| "A128GCM"
| "A192GCM"
| "A256GCM"
| "A128KW"
| "A192KW"
| "A256KW"
| "A128CBC"
| "A192CBC"
| "A256CBC"
| "A128CBCPAD"
| "A192CBCPAD"
| "A256CBCPAD";

/**
* Defines values for KeyCurveName.
Expand Down Expand Up @@ -137,3 +154,52 @@ export interface VerifyResult {
*/
keyID?: string;
}

/**
* Common optional properties for encrypt, decrypt, wrap and unwrap.
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I moved these from this file to the models file. It made more sense to me.

*/
export interface KeyOperationsOptions extends CryptographyOptions {
/**
* Initialization vector for symmetric algorithms.
*/
iv?: Uint8Array;
/**
* Additional data to authenticate but not encrypt/decrypt when using authenticated crypto
* algorithms.
*/
additionalAuthenticatedData?: Uint8Array;
/**
* The tag to authenticate when performing decryption with an authenticated algorithm.
*/
tag?: Uint8Array;
}

/**
* Options for {@link encrypt}.
*/
export interface EncryptOptions extends KeyOperationsOptions {}

/**
* Options for {@link decrypt}.
*/
export interface DecryptOptions extends KeyOperationsOptions {}

/**
* Options for {@link sign}.
*/
export interface SignOptions extends CryptographyOptions {}

/**
* Options for {@link verify}.
*/
export interface VerifyOptions extends CryptographyOptions {}

/**
* Options for {@link wrapKey}.
*/
export interface WrapKeyOptions extends KeyOperationsOptions {}

/**
* Options for {@link unwrapKey}.
*/
export interface UnwrapKeyOptions extends KeyOperationsOptions {}
16 changes: 8 additions & 8 deletions sdk/keyvault/keyvault-keys/src/generated/keyVaultClient.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1204,9 +1204,9 @@ const encryptOperationSpec: coreHttp.OperationSpec = {
"options",
"iv"
],
aad: [
additionalAuthenticatedData: [
"options",
"aad"
"additionalAuthenticatedData"
],
tag: [
"options",
Expand Down Expand Up @@ -1248,9 +1248,9 @@ const decryptOperationSpec: coreHttp.OperationSpec = {
"options",
"iv"
],
aad: [
additionalAuthenticatedData: [
"options",
"aad"
"additionalAuthenticatedData"
],
tag: [
"options",
Expand Down Expand Up @@ -1357,9 +1357,9 @@ const wrapKeyOperationSpec: coreHttp.OperationSpec = {
"options",
"iv"
],
aad: [
additionalAuthenticatedData: [
"options",
"aad"
"additionalAuthenticatedData"
],
tag: [
"options",
Expand Down Expand Up @@ -1401,9 +1401,9 @@ const unwrapKeyOperationSpec: coreHttp.OperationSpec = {
"options",
"iv"
],
aad: [
additionalAuthenticatedData: [
"options",
"aad"
"additionalAuthenticatedData"
],
tag: [
"options",
Expand Down
10 changes: 5 additions & 5 deletions sdk/keyvault/keyvault-keys/src/generated/models/index.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -379,7 +379,7 @@ export interface KeyOperationsParameters {
* Additional data to authenticate but not encrypt/decrypt when using authenticated crypto
* algorithms.
*/
aad?: Uint8Array;
additionalAuthenticatedData?: Uint8Array;
/**
* The tag to authenticate when performing decryption with an authenticated algorithm.
*/
Expand Down Expand Up @@ -655,7 +655,7 @@ export interface KeyVaultClientEncryptOptionalParams extends coreHttp.RequestOpt
* Additional data to authenticate but not encrypt/decrypt when using authenticated crypto
* algorithms.
*/
aad?: Uint8Array;
additionalAuthenticatedData?: Uint8Array;
/**
* The tag to authenticate when performing decryption with an authenticated algorithm.
*/
Expand All @@ -674,7 +674,7 @@ export interface KeyVaultClientDecryptOptionalParams extends coreHttp.RequestOpt
* Additional data to authenticate but not encrypt/decrypt when using authenticated crypto
* algorithms.
*/
aad?: Uint8Array;
additionalAuthenticatedData?: Uint8Array;
/**
* The tag to authenticate when performing decryption with an authenticated algorithm.
*/
Expand All @@ -693,7 +693,7 @@ export interface KeyVaultClientWrapKeyOptionalParams extends coreHttp.RequestOpt
* Additional data to authenticate but not encrypt/decrypt when using authenticated crypto
* algorithms.
*/
aad?: Uint8Array;
additionalAuthenticatedData?: Uint8Array;
/**
* The tag to authenticate when performing decryption with an authenticated algorithm.
*/
Expand All @@ -712,7 +712,7 @@ export interface KeyVaultClientUnwrapKeyOptionalParams extends coreHttp.RequestO
* Additional data to authenticate but not encrypt/decrypt when using authenticated crypto
* algorithms.
*/
aad?: Uint8Array;
additionalAuthenticatedData?: Uint8Array;
/**
* The tag to authenticate when performing decryption with an authenticated algorithm.
*/
Expand Down
2 changes: 1 addition & 1 deletion sdk/keyvault/keyvault-keys/src/generated/models/mappers.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -651,7 +651,7 @@ export const KeyOperationsParameters: coreHttp.CompositeMapper = {
name: "Base64Url"
}
},
aad: {
additionalAuthenticatedData: {
serializedName: "aad",
type: {
name: "Base64Url"
Expand Down
Loading