private void ValidateEcParameters()
{
if (JwkHelper.IsEC(KeyType) && string.IsNullOrEmpty(CurveName))
{
throw new AzPSArgumentException(Resources.EcButNoCurveName, nameof(CurveName));
}
if (!string.IsNullOrEmpty(CurveName) && !JwkHelper.IsEC(KeyType))
{
throw new AzPSArgumentException(Resources.CurveNameButNotEc, nameof(KeyType));
}
}
private void DownloadKey(JsonWebKey jwk, string path)
{
if (CanDownloadKey(jwk, out string reason))
{
var pem = JwkHelper.ExportPublicKeyToPem(jwk);
AzureSession.Instance.DataStore.WriteFile(path, pem);
WriteDebug(string.Format(Resources.PublicKeySavedAt, path));
}
else
{
WriteWarning(reason);
}
}
internal PSDeletedKeyVaultKey(Azure.KeyVault.Models.DeletedKeyBundle deletedKeyBundle, VaultUriHelper vaultUriHelper, bool isHsm = false)
{
if (deletedKeyBundle == null)
{
throw new ArgumentNullException("keyItem");
}
if (deletedKeyBundle.Attributes == null)
{
throw new ArgumentException(Resources.InvalidKeyAttributes);
}
if (deletedKeyBundle.KeyIdentifier == null)
{
throw new ArgumentException(Resources.InvalidKeyIdentifier);
}
SetObjectIdentifier(vaultUriHelper, deletedKeyBundle.KeyIdentifier);
Key = deletedKeyBundle.Key;
KeySize = JwkHelper.ConvertToRSAKey(Key)?.KeySize;
Attributes = new PSKeyVaultKeyAttributes(
deletedKeyBundle.Attributes.Enabled,
deletedKeyBundle.Attributes.Expires,
deletedKeyBundle.Attributes.NotBefore,
deletedKeyBundle.Key.Kty,
deletedKeyBundle.Key.KeyOps.ToArray(),
deletedKeyBundle.Attributes.Created,
deletedKeyBundle.Attributes.Updated,
deletedKeyBundle.Attributes.RecoveryLevel,
deletedKeyBundle.Tags);
Enabled = deletedKeyBundle.Attributes.Enabled;
Expires = deletedKeyBundle.Attributes.Expires;
NotBefore = deletedKeyBundle.Attributes.NotBefore;
Created = deletedKeyBundle.Attributes.Created;
Updated = deletedKeyBundle.Attributes.Updated;
RecoveryLevel = deletedKeyBundle.Attributes.RecoveryLevel;
Tags = (deletedKeyBundle.Tags == null) ? null : deletedKeyBundle.Tags.ConvertToHashtable();
ScheduledPurgeDate = deletedKeyBundle.ScheduledPurgeDate;
DeletedDate = deletedKeyBundle.DeletedDate;
IsHsm = isHsm;
}
internal PSDeletedKeyVaultKey(DeletedKey deletedKey, VaultUriHelper vaultUriHelper, bool isHsm = false)
{
if (deletedKey == null)
{
throw new ArgumentNullException("deletedKey");
}
if (deletedKey.Key == null || deletedKey.Properties == null)
{
throw new ArgumentException(Resources.InvalidKeyBundle);
}
SetObjectIdentifier(vaultUriHelper, new Microsoft.Azure.KeyVault.KeyIdentifier(deletedKey.Id.ToString()));
Key = deletedKey.Key.ToTrack1JsonWebKey();
KeySize = JwkHelper.ConvertToRSAKey(Key)?.KeySize;
Attributes = new PSKeyVaultKeyAttributes(
deletedKey.Properties.Enabled,
// see https://docs.microsoft.com/en-us/dotnet/standard/datetime/converting-between-datetime-and-offset#conversions-from-datetimeoffset-to-datetime
deletedKey.Properties.ExpiresOn?.UtcDateTime, // time returned by key vault are UTC
deletedKey.Properties.NotBefore?.UtcDateTime,
deletedKey.KeyType.ToString(),
deletedKey.KeyOperations.Select(op => op.ToString()).ToArray(),
deletedKey.Properties.CreatedOn?.UtcDateTime,
deletedKey.Properties.UpdatedOn?.UtcDateTime,
deletedKey.Properties.RecoveryLevel,
deletedKey.Properties.Tags
);
Enabled = deletedKey.Properties.Enabled;
Expires = deletedKey.Properties.ExpiresOn?.UtcDateTime;
NotBefore = deletedKey.Properties.NotBefore?.UtcDateTime;
Created = deletedKey.Properties.CreatedOn?.UtcDateTime;
Updated = deletedKey.Properties.UpdatedOn?.UtcDateTime;
RecoveryLevel = deletedKey.Properties.RecoveryLevel;
Tags = deletedKey.Properties.Tags.ConvertToHashtable();
ScheduledPurgeDate = deletedKey.ScheduledPurgeDate?.UtcDateTime;
DeletedDate = deletedKey.DeletedOn?.UtcDateTime;
IsHsm = isHsm;
}
internal PSKeyVaultKey(Microsoft.Azure.KeyVault.Models.KeyBundle keyBundle, VaultUriHelper vaultUriHelper, bool isHsm = false)
{
if (keyBundle == null)
{
throw new ArgumentNullException("keyBundle");
}
if (keyBundle.Key == null || keyBundle.Attributes == null)
{
throw new ArgumentException(KeyVaultProperties.Resources.InvalidKeyBundle);
}
SetObjectIdentifier(vaultUriHelper, keyBundle.KeyIdentifier);
Key = keyBundle.Key;
KeySize = JwkHelper.ConvertToRSAKey(Key)?.KeySize;
Attributes = new PSKeyVaultKeyAttributes(
keyBundle.Attributes.Enabled,
keyBundle.Attributes.Expires,
keyBundle.Attributes.NotBefore,
keyBundle.Key.Kty,
keyBundle.Key.KeyOps.ToArray(),
keyBundle.Attributes.Created,
keyBundle.Attributes.Updated,
keyBundle.Attributes.RecoveryLevel,
keyBundle.Tags);
Enabled = keyBundle.Attributes.Enabled;
Expires = keyBundle.Attributes.Expires;
NotBefore = keyBundle.Attributes.NotBefore;
Created = keyBundle.Attributes.Created;
Updated = keyBundle.Attributes.Updated;
RecoveryLevel = keyBundle.Attributes.RecoveryLevel;
Tags = (keyBundle.Tags == null) ? null : keyBundle.Tags.ConvertToHashtable();
IsHsm = isHsm;
}
public Track1Sdk.JsonWebKey ConvertKeyFromFile(FileInfo fileInfo, SecureString password, WebKeyConverterExtraInfo extraInfo = null)
{
if (CanProcess(fileInfo))
{
var jwk = Convert(fileInfo.FullName);
if (JwkHelper.IsEC(extraInfo?.KeyType))
{
jwk.Kty = JsonWebKeyType.EllipticCurveHsm; // byok -> hsm
jwk.CurveName = extraInfo.CurveName;
}
return(jwk);
}
else if (next != null)
{
return(next.ConvertKeyFromFile(fileInfo, password, extraInfo));
}
else
{
throw new ArgumentException(string.Format(KeyVaultProperties.Resources.UnsupportedFileFormat, fileInfo.Name));
}
}
internal PSKeyVaultKey(Track1Sdk.KeyBundle keyBundle, VaultUriHelper vaultUriHelper, bool isHsm = false)
: base(keyBundle, isHsm)
{
if (keyBundle == null)
{
throw new ArgumentNullException("keyBundle");
}
if (keyBundle.Key == null || keyBundle.Attributes == null)
{
throw new ArgumentException(KeyVaultProperties.Resources.InvalidKeyBundle);
}
SetObjectIdentifier(vaultUriHelper, keyBundle.KeyIdentifier);
// Key properties
Key = keyBundle.Key;
// Quick access for key properties
KeySize = JwkHelper.ConvertToRSAKey(Key)?.KeySize;
// Key additional properties
Attributes = new PSKeyVaultKeyAttributes(keyBundle);
}
internal PSKeyVaultKey(Track2Sdk.KeyVaultKey key, VaultUriHelper vaultUriHelper, bool isHsm)
: base(key?.Properties, null, isHsm)
{
if (key == null)
{
throw new ArgumentNullException("key");
}
if (key.Key == null || key.Properties == null)
{
throw new ArgumentException(KeyVaultProperties.Resources.InvalidKeyBundle);
}
// Set Id, Name, Version and VaultName
SetObjectIdentifier(vaultUriHelper, new Microsoft.Azure.KeyVault.KeyIdentifier(key.Id.ToString()));
// Key properties
Key = key.Key.ToTrack1JsonWebKey();
// Quick access for key properties
KeySize = JwkHelper.ConvertToRSAKey(Key)?.KeySize;
// Key additional properties
Attributes = new PSKeyVaultKeyAttributes(key);
}
