Options
All
  • Public
  • Public/Protected
  • All
Menu

@azure/keyvault-keys

Package version

Index

Enumerations

Classes

Interfaces

Type aliases

Variables

Functions

Object literals

Type aliases

AesCbcEncryptionAlgorithm

AesCbcEncryptionAlgorithm: "A128CBC" | "A192CBC" | "A256CBC" | "A128CBCPAD" | "A192CBCPAD" | "A256CBCPAD"

A union type representing all supported AES-CBC encryption algorithms.

AesGcmEncryptionAlgorithm

AesGcmEncryptionAlgorithm: "A128GCM" | "A192GCM" | "A256GCM"

A union type representing all supported AES-GCM encryption algorithms.

CryptographyClientKey

CryptographyClientKey: { kind: "identifier"; value: string } | { kind: "KeyVaultKey"; value: KeyVaultKey } | { kind: "JsonWebKey"; value: JsonWebKey }

The various key types a CryptographyClient can hold. The key may be an identifier (URL) to a KeyVault key, the actual KeyVault key, or a local-only JsonWebKey.

If an identifier is used, it will be exchanged for a KeyVaultKey during the first operation call.

CryptographyProviderOperation

CryptographyProviderOperation: "encrypt" | "decrypt" | "wrapKey" | "unwrapKey" | "sign" | "signData" | "verify" | "verifyData"

The set of operations a CryptographyProvider supports.

This corresponds to every single method on the interface so that providers can declare whether they support this method or not.

Purposely more granular than KnownKeyOperations because some providers support verifyData but not verify.

internal

DecryptParameters

A type representing all currently supported decryption parameters as they apply to different encryption algorithms.

EncryptParameters

A type representing all currently supported encryption parameters as they apply to different encryption algorithms.

KeyExportEncryptionAlgorithm

KeyExportEncryptionAlgorithm: string

Defines values for KeyEncryptionAlgorithm. KnownKeyExportEncryptionAlgorithm can be used interchangeably with KeyEncryptionAlgorithm, this enum contains the known values that the service supports.

Known values supported by the service

CKM_RSA_AES_KEY_WRAP
RSA_AES_KEY_WRAP_256
RSA_AES_KEY_WRAP_384

KeyRotationPolicyAction

KeyRotationPolicyAction: "Rotate" | "Notify"

The action that will be executed.

KeyWrapAlgorithm

KeyWrapAlgorithm: "A128KW" | "A192KW" | "A256KW" | "RSA-OAEP" | "RSA-OAEP-256" | "RSA1_5"

Supported algorithms for key wrapping/unwrapping

ParsedWWWAuthenticate

ParsedWWWAuthenticate: {}
internal

Holds the known WWWAuthenticate keys and their values as a result of parsing a WWW-Authenticate header.

Type declaration

RsaEncryptionAlgorithm

RsaEncryptionAlgorithm: "RSA1_5" | "RSA-OAEP" | "RSA-OAEP-256"

A union type representing all supported RSA encryption algorithms.

ValidParsedWWWAuthenticateProperties

ValidParsedWWWAuthenticateProperties: typeof validParsedWWWAuthenticateProperties[number]
internal

A union type representing all valid key names in WWW-Authenticate header.

Variables

Const LATEST_API_VERSION

LATEST_API_VERSION: "7.3-preview" = "7.3-preview"

The latest supported Key Vault service API version

Const SDK_VERSION

SDK_VERSION: string = "4.4.0-beta.3"

Const logger

logger: any = createClientLogger("keyvault-keys")

The @azure/logger configuration for this package.

Const validParsedWWWAuthenticateProperties

validParsedWWWAuthenticateProperties: ["authorization", "authorization_url", "resource", "scope", "tenantId"] = ["authorization","authorization_url","resource","scope","tenantId"] as const
internal

Valid key names in WWW-Authenticate header.

Const withTrace

withTrace: TracedFunction = createTraceFunction("Azure.KeyVault.Keys.KeyClient")
internal
internal

Functions

challengeBasedAuthenticationPolicy

  • challengeBasedAuthenticationPolicy(credential: TokenCredential): RequestPolicyFactory

convertJWKtoPEM

createHash

  • createHash(algorithm: string, data: Uint8Array): Promise<Buffer>

createTraceFunction

  • Returns a function that can be used for tracing options.

    example

    const withTrace = createTraceFunction("Azure.KeyVault.Certificates.CertificateClient")

    internal

    Parameters

    • prefix: string

      The prefix to use, likely the name of the class / client.

    Returns TracedFunction

createVerify

  • createVerify(algorithm: string, data: Uint8Array): Verify

encodeBuffer

  • encodeBuffer(buffer: Uint8Array, bufferId: number): Uint8Array

encodeLength

  • encodeLength(length: number): Uint8Array

formatBase64Sequence

  • formatBase64Sequence(base64Sequence: string): string
  • Fill in the PEM with 64 character lines as per RFC:

    "To represent the encapsulated text of a PEM message, the encoding function's output is delimited into text lines (using local conventions), with each line except the last containing exactly 64 printable characters and the final line containing 64 or fewer printable characters."

    Parameters

    • base64Sequence: string

    Returns string

getDeletedKeyFromDeletedKeyItem

  • getDeletedKeyFromDeletedKeyItem(keyItem: DeletedKeyItem): DeletedKey

getKeyFromKeyBundle

getKeyPropertiesFromKeyItem

getOrInitializeClient

  • getOrInitializeClient(credential: TokenCredential, options: CryptographyClientOptions & { generatedClient?: KeyVaultClient }): KeyVaultClient
  • A helper method to either get the passed down generated client or initialize a new one. An already constructed generated client may be passed down from KeyClient in which case we should reuse it.

    internal

    Parameters

    • credential: TokenCredential

      The credential to use when initializing a new client.

    • options: CryptographyClientOptions & { generatedClient?: KeyVaultClient }

      The options for constructing a client or the underlying client if one already exists.

    Returns KeyVaultClient

    • A generated client instance

makeSequence

  • makeSequence(encodedParts: Uint8Array[]): string

parseKeyVaultKeyIdentifier

  • Parses the given Key Vault Key Id. An example is:

    https://.vault.azure.net/keys//

    On parsing the above Id, this function returns:

      {
         sourceId: "https://<keyvault-name>.vault.azure.net/keys/<key-name>/<unique-version-id>",
         vaultUrl: "https://<keyvault-name>.vault.azure.net",
         version: "<unique-version-id>",
         name: "<key-name>"
      }

    Parameters

    • id: string

      The Id of the Key Vault Key.

    Returns KeyVaultKeyIdentifier

parseKeyvaultIdentifier

parseWWWAuthenticate

  • Parses an WWW-Authenticate response. This transforms a string value like: Bearer authorization="https://some.url/tenantId", resource="https://some.url" into an object like: { authorization: "https://some.url/tenantId", resource: "https://some.url" }

    Parameters

    • wwwAuthenticate: string

      String value in the WWW-Authenticate header

    Returns ParsedWWWAuthenticate

randomBytes

  • randomBytes(length: number): Uint8Array

Object literals

Const algorithmToHashAlgorithm

algorithmToHashAlgorithm: object
internal

Mapping between signature algorithms and their corresponding hash algorithms. Externally used for testing.

ES256

ES256: string = "SHA256"

ES256K

ES256K: string = "SHA256"

ES384

ES384: string = "SHA384"

ES512

ES512: string = "SHA512"

PS256

PS256: string = "SHA256"

PS384

PS384: string = "SHA384"

PS512

PS512: string = "SHA512"

RS256

RS256: string = "SHA256"

RS384

RS384: string = "SHA384"

RS512

RS512: string = "SHA512"

Const keyRotationTransformations

keyRotationTransformations: object
internal

generatedToPublic

propertiesToGenerated

Generated using TypeDoc