public async Task ReleaseImportedKey()
{
string keyName = Recording.GenerateId();
JsonWebKey jwk = KeyUtilities.CreateRsaKey(includePrivateParameters: true);
ImportKeyOptions options = new(keyName, jwk)
{
Properties =
{
Exportable = true,
ReleasePolicy = GetReleasePolicy(),
},
};
// BUGBUG: Remove assert when https://github.com/Azure/azure-sdk-for-net/issues/22750 is resolved.
KeyVaultKey key = await AssertRequestSupported(async() => await Client.ImportKeyAsync(options));
RegisterForCleanup(key.Name);
// BUGBUG: Remove assert when https://github.com/Azure/azure-sdk-for-net/issues/22750 is resolved.
JwtSecurityToken jws = await AssertRequestSupported(async() => await ReleaseKeyAsync(keyName));
Assert.IsTrue(jws.Payload.TryGetValue("response", out object response));
JsonDocument doc = JsonDocument.Parse(response.ToString());
JsonElement keyElement = doc.RootElement.GetProperty("key").GetProperty("key");
Assert.AreEqual(key.Id, keyElement.GetProperty("kid").GetString());
Assert.AreEqual(JsonValueKind.String, keyElement.GetProperty("key_hsm").ValueKind);
}
public async Task ReleaseImportedKey()
{
string keyName = Recording.GenerateId();
JsonWebKey jwk = KeyUtilities.CreateRsaKey(includePrivateParameters: true);
ImportKeyOptions options = new(keyName, jwk)
{
Properties =
{
Exportable = true,
ReleasePolicy = GetReleasePolicy(),
},
};
KeyVaultKey key = await Client.ImportKeyAsync(options);
RegisterForCleanup(key.Name);
JwtSecurityToken jws = await ReleaseKeyAsync(keyName);
Assert.IsTrue(jws.Payload.TryGetValue("response", out object response));
JsonDocument doc = JsonDocument.Parse(response.ToString());
JsonElement keyElement = doc.RootElement.GetProperty("key").GetProperty("key");
Assert.AreEqual(key.Id, keyElement.GetProperty("kid").GetString());
Assert.AreEqual(JsonValueKind.String, keyElement.GetProperty("key_hsm").ValueKind);
}
private async Task <KeyVaultKey> CreateTestKeyWithKeyMaterial(SignatureAlgorithm algorithm)
{
string keyName = Recording.GenerateId();
JsonWebKey keyMaterial = null;
switch (algorithm.ToString())
{
case SignatureAlgorithm.PS256Value:
case SignatureAlgorithm.PS384Value:
case SignatureAlgorithm.PS512Value:
case SignatureAlgorithm.RS256Value:
case SignatureAlgorithm.RS384Value:
case SignatureAlgorithm.RS512Value:
keyMaterial = KeyUtilities.CreateRsaKey(includePrivateParameters: true);
break;
case SignatureAlgorithm.ES256Value:
case SignatureAlgorithm.ES256KValue:
case SignatureAlgorithm.ES384Value:
case SignatureAlgorithm.ES512Value:
#if NET461
Assert.Ignore("Creating JsonWebKey with ECDsa is not supported on net461.");
#else
KeyCurveName curveName = algorithm.GetEcKeyCurveName();
ECCurve curve = ECCurve.CreateFromOid(curveName.Oid);
using (ECDsa ecdsa = ECDsa.Create())
{
try
{
ecdsa.GenerateKey(curve);
keyMaterial = new JsonWebKey(ecdsa, includePrivateParameters: true);
}
catch (NotSupportedException)
{
Assert.Inconclusive("This platform does not support OID {0}", curveName.Oid);
}
}
#endif
break;
default:
throw new ArgumentException("Invalid Algorithm", nameof(algorithm));
}
KeyVaultKey key = await Client.ImportKeyAsync(keyName, keyMaterial);
keyMaterial.Id = key.Key.Id;
key.Key = keyMaterial;
return(key);
}