private bool AzureKeyVaultVerifySignature(
byte[] dataToVerify,
byte[] signature,
string masterKeyPath)
{
return(Task.Run <bool>((Func <Task <bool> >)(() => KeyVaultClientExtensions.VerifyAsync((IKeyVaultClient)this.KeyVaultClient, masterKeyPath, "RS256", dataToVerify, signature, new CancellationToken()))).Result);
}
public ValuesController(ISecrets secrets)
{
var keyvault = secrets.GetKeyVault();
secret1 = KeyVaultClientExtensions.GetSecretAsync(keyvault, secrets.Value1Endpoint).Result.Value;
secret2 = KeyVaultClientExtensions.GetSecretAsync(keyvault, secrets.Value2Endpoint).Result.Value;
}
private int GetAKVKeySize(string masterKeyPath)
{
KeyBundle result = Task.Run <KeyBundle>((Func <Task <KeyBundle> >)(() => KeyVaultClientExtensions.GetKeyAsync((IKeyVaultClient)this.KeyVaultClient, masterKeyPath, new CancellationToken()))).Result;
if (!string.Equals(result.Key.Kty, "RSA", StringComparison.InvariantCultureIgnoreCase) && !string.Equals(result.Key.Kty, "RSA-HSM", StringComparison.InvariantCultureIgnoreCase))
{
throw new Exception(string.Format((IFormatProvider)CultureInfo.InvariantCulture, ">Cannot use a non-RSA key: '{0}'.", (object)result.Key.Kty));
}
return(result.Key.N.Length);
}
public async Task <string> UnwrapKey(string key, byte[] wrappedKey)
{
var unwrappedKey = await KeyVaultClientExtensions.UnwrapKeyAsync(kvc, key, ALGORITHM, wrappedKey);
return(unwrappedKey.Kid);
}
private byte[] AzureKeyVaultSignHashedData(byte[] dataToSign, string masterKeyPath)
{
return(Task.Run <KeyOperationResult>((Func <Task <KeyOperationResult> >)(() => KeyVaultClientExtensions.SignAsync((IKeyVaultClient)this.KeyVaultClient, masterKeyPath, "RS256", dataToSign, new CancellationToken()))).Result.Result);
}
private byte[] AzureKeyVaultUnWrap(
string masterKeyPath,
string encryptionAlgorithm,
byte[] encryptedColumnEncryptionKey)
{
if (encryptedColumnEncryptionKey == null)
{
throw new ArgumentNullException(nameof(encryptedColumnEncryptionKey));
}
if (encryptedColumnEncryptionKey.Length == 0)
{
throw new ArgumentException("encryptedColumnEncryptionKey length should not be zero.");
}
return(Task.Run <KeyOperationResult>((Func <Task <KeyOperationResult> >)(() => KeyVaultClientExtensions.UnwrapKeyAsync((IKeyVaultClient)this.KeyVaultClient, masterKeyPath, encryptionAlgorithm, encryptedColumnEncryptionKey, new CancellationToken()))).Result.Result);
}
private byte[] AzureKeyVaultWrap(
string masterKeyPath,
string encryptionAlgorithm,
byte[] columnEncryptionKey)
{
if (columnEncryptionKey == null)
{
throw new ArgumentNullException(nameof(columnEncryptionKey));
}
return(Task.Run <KeyOperationResult>((Func <Task <KeyOperationResult> >)(() => KeyVaultClientExtensions.WrapKeyAsync((IKeyVaultClient)this.KeyVaultClient, masterKeyPath, encryptionAlgorithm, columnEncryptionKey, new CancellationToken()))).Result.Result);
}
