Exemplo n.º 1
0
        public async Task <string> Encrypt(string data, string serviceAccountId, bool createKeyIfMissing = true)
        {
            var hash = KeyIdCreator.Create(serviceAccountId);

            var keyId = $"https://{mKeyVaultName}.vault.azure.net/keys/{hash}";

            try
            {
                await mKeyVaultClient.GetKeyAsync(keyId);
            }
            catch (KeyVaultErrorException e) when(e.Response.StatusCode == HttpStatusCode.NotFound && createKeyIfMissing)
            {
                mLogger.Information(
                    "KeyVault key was not found for service account id {serviceAccount}, creating new one.",
                    serviceAccountId);

                await mKeyVaultClient.CreateKeyAsync($"https://{mKeyVaultName}.vault.azure.net", hash, mKeyType, mKeyLength);
            }

            var encryptionResult = await mKeyVaultClient.EncryptAsync(keyId, "RSA-OAEP", Encoding.UTF8.GetBytes(data));

            return(Convert.ToBase64String(encryptionResult.Result));
        }
Exemplo n.º 2
0
 public Task <KeyBundle> CreateKey(CreateKeyData createKeyData)
 => _keyVaultClient.CreateKeyAsync(_config.KeyVaultUrl, createKeyData.KeyName, createKeyData.KeyType.MapKeyType(), createKeyData.KeySize, null, createKeyData.CreateAttributes(), createKeyData.Tags, createKeyData.KeyCurve.MapKeyCurve());