public void OctEncryptDecryptSync() { TestEnvironment.AssertManagedHsm(); string managedHsmUrl = TestEnvironment.ManagedHsmUrl; #region Snippet:OctKeysSample4CreateKey var managedHsmClient = new KeyClient(new Uri(managedHsmUrl), new DefaultAzureCredential()); var octKeyOptions = new CreateOctKeyOptions($"CloudOctKey-{Guid.NewGuid()}") { KeySize = 256, }; KeyVaultKey cloudOctKey = managedHsmClient.CreateOctKey(octKeyOptions); #endregion #region Snippet:OctKeySample4Encrypt var cryptoClient = new CryptographyClient(cloudOctKey.Id, new DefaultAzureCredential()); byte[] plaintext = Encoding.UTF8.GetBytes("A single block of plaintext"); byte[] aad = Encoding.UTF8.GetBytes("additional authenticated data"); EncryptParameters encryptParams = EncryptParameters.A256GcmParameters(plaintext, aad); EncryptResult encryptResult = cryptoClient.Encrypt(encryptParams); #endregion #region Snippet:OctKeySample4Decrypt DecryptParameters decryptParams = DecryptParameters.A256GcmParameters( encryptResult.Ciphertext, encryptResult.Iv, encryptResult.AuthenticationTag, encryptResult.AdditionalAuthenticatedData); DecryptResult decryptResult = cryptoClient.Decrypt(decryptParams); #endregion Assert.AreEqual(plaintext, decryptResult.Plaintext); // Delete and purge the key. DeleteKeyOperation operation = managedHsmClient.StartDeleteKey(octKeyOptions.Name); // You only need to wait for completion if you want to purge or recover the key. while (!operation.HasCompleted) { Thread.Sleep(2000); operation.UpdateStatus(); } managedHsmClient.PurgeDeletedKey(operation.Value.Name); }
public async Task CreateOctKey() { string keyName = Recording.GenerateId(); CreateOctKeyOptions ecKey = new CreateOctKeyOptions(keyName, hardwareProtected: false); KeyVaultKey keyNoHsm = await Client.CreateOctKeyAsync(ecKey); RegisterForCleanup(keyNoHsm.Name); KeyVaultKey keyReturned = await Client.GetKeyAsync(keyNoHsm.Name); AssertKeyVaultKeysEqual(keyNoHsm, keyReturned); }
public async Task CreateOctHsmKey() { string keyName = Recording.GenerateId(); CreateOctKeyOptions options = new CreateOctKeyOptions(keyName, hardwareProtected: true); KeyVaultKey ecHsmkey = await Client.CreateOctKeyAsync(options); RegisterForCleanup(keyName); KeyVaultKey keyReturned = await Client.GetKeyAsync(keyName); AssertKeyVaultKeysEqual(ecHsmkey, keyReturned); }
public async Task OctEncryptDecryptAsync() { TestEnvironment.AssertManagedHsm(); string managedHsmUrl = TestEnvironment.ManagedHsmUrl; var managedHsmClient = new KeyClient(new Uri(managedHsmUrl), new DefaultAzureCredential()); var octKeyOptions = new CreateOctKeyOptions($"CloudOctKey-{Guid.NewGuid()}") { KeySize = 256, }; KeyVaultKey cloudOctKey = await managedHsmClient.CreateOctKeyAsync(octKeyOptions); var cryptoClient = new CryptographyClient(cloudOctKey.Id, new DefaultAzureCredential()); byte[] plaintext = Encoding.UTF8.GetBytes("A single block of plaintext"); byte[] aad = Encoding.UTF8.GetBytes("additional authenticated data"); EncryptParameters encryptParams = EncryptParameters.A256GcmParameters(plaintext, aad); EncryptResult encryptResult = await cryptoClient.EncryptAsync(encryptParams); DecryptParameters decryptParams = DecryptParameters.A256GcmParameters( encryptResult.Ciphertext, encryptResult.Iv, encryptResult.AuthenticationTag, encryptResult.AdditionalAuthenticatedData); DecryptResult decryptResult = await cryptoClient.DecryptAsync(decryptParams); Assert.AreEqual(plaintext, decryptResult.Plaintext); // Delete and purge the key. DeleteKeyOperation operation = await managedHsmClient.StartDeleteKeyAsync(octKeyOptions.Name); // You only need to wait for completion if you want to purge or recover the key. await operation.WaitForCompletionAsync(); managedHsmClient.PurgeDeletedKey(operation.Value.Name); }