/// <inheritdoc/> public async Task <KeyHandle> ImportKeyAsync(string name, Key key, KeyStoreProperties store, CancellationToken ct) { var document = new KeyDocument { Id = name, KeyJson = _serializer.FromObject(key), IsDisabled = false, IsExportable = store?.Exportable ?? false, }; var result = await _keys.AddAsync(document, ct, name); return(new KeyId(result.Id)); }
/// <inheritdoc/> public async Task <KeyHandle> ImportKeyAsync(string name, Key key, KeyStoreProperties store, CancellationToken ct) { if (string.IsNullOrEmpty(name)) { throw new ArgumentNullException(nameof(name)); } if (key == null) { throw new ArgumentNullException(nameof(key)); } try { // Import key var keyBundle = await _keyVaultClient.ImportKeyAsync(_vaultBaseUrl, name, key.ToJsonWebKey(), null, new KeyAttributes { Enabled = true, NotBefore = DateTime.UtcNow }, null, ct); if (store?.Exportable ?? false) { // Store key as json web key secret so we can export it var secretBundle = await _keyVaultClient.SetSecretAsync(_vaultBaseUrl, name, JsonConvert.SerializeObject(key.ToJsonWebKey()), null, ContentEncodings.MimeTypeJson, new SecretAttributes { Enabled = true, NotBefore = DateTime.UtcNow }, ct); return(new KeyVaultKeyHandle(keyBundle, secretBundle)); } return(new KeyVaultKeyHandle(keyBundle)); } catch (KeyVaultErrorException kex) { throw new ExternalDependencyException("Failed to import key", kex); } }
/// <inheritdoc/> public async Task <KeyHandle> CreateKeyAsync(string name, CreateKeyParams keyParams, KeyStoreProperties store, CancellationToken ct) { if (string.IsNullOrEmpty(name)) { throw new ArgumentNullException(nameof(name)); } if (keyParams == null) { throw new ArgumentNullException(nameof(keyParams)); } try { if (!(store?.Exportable ?? false)) { // Create key inside key vault var result = await _keyVaultClient.CreateKeyAsync(_vaultBaseUrl, name, new NewKeyParameters { KeySize = (int?)keyParams.KeySize, CurveName = keyParams.Curve?.ToJsonWebKeyCurveName(), Attributes = new KeyAttributes { Enabled = true, NotBefore = DateTime.UtcNow }, Kty = keyParams.Type.ToKty(_keyStoreIsHsm) }, ct); return(new KeyVaultKeyHandle(result)); } // Create key outside and import return(await ImportKeyAsync(name, keyParams.CreateKey(), new KeyStoreProperties { Exportable = true }, ct)); } catch (KeyVaultErrorException kex) { throw new ExternalDependencyException("Failed to create key", kex); } }
/// <inheritdoc/> public async Task <KeyHandle> CreateKeyAsync(string name, CreateKeyParams keyParams, KeyStoreProperties store, CancellationToken ct) { return(await ImportKeyAsync(name, keyParams.CreateKey(), store, ct)); }