public async Task ReleaseImportedKey() { string keyName = Recording.GenerateId(); JsonWebKey jwk = KeyUtilities.CreateRsaKey(includePrivateParameters: true); ImportKeyOptions options = new(keyName, jwk) { Properties = { Exportable = true, ReleasePolicy = GetReleasePolicy(), }, }; // BUGBUG: Remove assert when https://github.com/Azure/azure-sdk-for-net/issues/22750 is resolved. KeyVaultKey key = await AssertRequestSupported(async() => await Client.ImportKeyAsync(options)); RegisterForCleanup(key.Name); // BUGBUG: Remove assert when https://github.com/Azure/azure-sdk-for-net/issues/22750 is resolved. JwtSecurityToken jws = await AssertRequestSupported(async() => await ReleaseKeyAsync(keyName)); Assert.IsTrue(jws.Payload.TryGetValue("response", out object response)); JsonDocument doc = JsonDocument.Parse(response.ToString()); JsonElement keyElement = doc.RootElement.GetProperty("key").GetProperty("key"); Assert.AreEqual(key.Id, keyElement.GetProperty("kid").GetString()); Assert.AreEqual(JsonValueKind.String, keyElement.GetProperty("key_hsm").ValueKind); }
public async Task ReleaseImportedKey() { string keyName = Recording.GenerateId(); JsonWebKey jwk = KeyUtilities.CreateRsaKey(includePrivateParameters: true); ImportKeyOptions options = new(keyName, jwk) { Properties = { Exportable = true, ReleasePolicy = GetReleasePolicy(), }, }; KeyVaultKey key = await Client.ImportKeyAsync(options); RegisterForCleanup(key.Name); JwtSecurityToken jws = await ReleaseKeyAsync(keyName); Assert.IsTrue(jws.Payload.TryGetValue("response", out object response)); JsonDocument doc = JsonDocument.Parse(response.ToString()); JsonElement keyElement = doc.RootElement.GetProperty("key").GetProperty("key"); Assert.AreEqual(key.Id, keyElement.GetProperty("kid").GetString()); Assert.AreEqual(JsonValueKind.String, keyElement.GetProperty("key_hsm").ValueKind); }
private async Task <KeyVaultKey> CreateTestKeyWithKeyMaterial(SignatureAlgorithm algorithm) { string keyName = Recording.GenerateId(); JsonWebKey keyMaterial = null; switch (algorithm.ToString()) { case SignatureAlgorithm.PS256Value: case SignatureAlgorithm.PS384Value: case SignatureAlgorithm.PS512Value: case SignatureAlgorithm.RS256Value: case SignatureAlgorithm.RS384Value: case SignatureAlgorithm.RS512Value: keyMaterial = KeyUtilities.CreateRsaKey(includePrivateParameters: true); break; case SignatureAlgorithm.ES256Value: case SignatureAlgorithm.ES256KValue: case SignatureAlgorithm.ES384Value: case SignatureAlgorithm.ES512Value: #if NET461 Assert.Ignore("Creating JsonWebKey with ECDsa is not supported on net461."); #else KeyCurveName curveName = algorithm.GetEcKeyCurveName(); ECCurve curve = ECCurve.CreateFromOid(curveName.Oid); using (ECDsa ecdsa = ECDsa.Create()) { try { ecdsa.GenerateKey(curve); keyMaterial = new JsonWebKey(ecdsa, includePrivateParameters: true); } catch (NotSupportedException) { Assert.Inconclusive("This platform does not support OID {0}", curveName.Oid); } } #endif break; default: throw new ArgumentException("Invalid Algorithm", nameof(algorithm)); } KeyVaultKey key = await Client.ImportKeyAsync(keyName, keyMaterial); keyMaterial.Id = key.Key.Id; key.Key = keyMaterial; return(key); }