From 21c5900569eabd9a4817701bc45a67d34f924148 Mon Sep 17 00:00:00 2001 From: gracewilcox <43627800+gracewilcox@users.noreply.github.com> Date: Tue, 6 Jun 2023 10:08:31 -0700 Subject: [PATCH] [keyvault] azkeys renames (#20892) --- sdk/security/keyvault/azkeys/CHANGELOG.md | 29 +- sdk/security/keyvault/azkeys/assets.json | 2 +- sdk/security/keyvault/azkeys/autorest.md | 150 +++++++-- sdk/security/keyvault/azkeys/client.go | 168 +++++---- sdk/security/keyvault/azkeys/client_test.go | 94 +++--- sdk/security/keyvault/azkeys/constants.go | 318 ++++++++---------- sdk/security/keyvault/azkeys/example_test.go | 12 +- sdk/security/keyvault/azkeys/models.go | 131 ++++---- sdk/security/keyvault/azkeys/models_serde.go | 166 ++++----- .../keyvault/azkeys/response_types.go | 22 +- .../keyvault/azkeys/testdata/perf/get_key.go | 7 +- sdk/security/keyvault/azkeys/utils_test.go | 25 ++ sdk/security/keyvault/azkeys/version.go | 2 +- 13 files changed, 600 insertions(+), 526 deletions(-) diff --git a/sdk/security/keyvault/azkeys/CHANGELOG.md b/sdk/security/keyvault/azkeys/CHANGELOG.md index 1bf58ce5eb8d..d44aa77524db 100644 --- a/sdk/security/keyvault/azkeys/CHANGELOG.md +++ b/sdk/security/keyvault/azkeys/CHANGELOG.md @@ -1,6 +1,33 @@ # Release History -## 1.0.0 (2023-05-11) +## 0.12.0 (unreleased) + +### Breaking Changes + +* Renamed `GetRandomBytesRequest` to `GetRandomBytesParameters` +* `ListDeletedKey` to `ListDeletedKeyProperties` +* `ListKeys` to `ListKeyProperties` +* `DeletedKeyBundle` to `DeletedKey` +* `KeyBundle` to `KeyVaultKey` +* `RestoreKeyParameters.KeyBundleBackup` to `RestoreKeyParameters.KeyBackup` +* `DeletedKeyItem` to `DeletedKeyProperties` +* `KeyItem` to `KeyProperties` +* `DeletedKeyListResult` to `DeletedKeyPropertiesListResult` +* `KeyListResult` `KeyPropertiesListResult` +* `KeyOperationsParameters` to `KeyOperationParameters` +* Changed `JSONWebKey.KeyOperations` from type []*string to []*KeyOperation +* `ReleaseParameters.Enc` to `ReleaseParameters.Algorithm` +* `KeyOperationParameters.AAD` to `KeyOperationParameters.AdditionalAuthenticatedData` +* `KeyOperationParameters.Tag` to `KeyOperationParameters.AuthenticationTag` +* `JSONWebKeyOperation` to `KeyOperation` +* `JSONWebKeyCurveName` to `KeyCurveName` +* `JSONWebKeyEncryptionAlgorithm` to `EncryptionAlgorithm` +* `JSONWebKeySignatureAlgorithm` to `SignatureAlgorithm` +* `JSONWebKeyType` to `KeyType` +* Removed `DeletionRecoveryLevel` type +* Removed `SignatureAlgorithmRSNULL` constant +* Removed `KeyOperationExport` constant +* Removed `MaxResults` option ### Other Changes * Updated dependencies diff --git a/sdk/security/keyvault/azkeys/assets.json b/sdk/security/keyvault/azkeys/assets.json index 296d9f1404b4..1da72428681a 100644 --- a/sdk/security/keyvault/azkeys/assets.json +++ b/sdk/security/keyvault/azkeys/assets.json @@ -2,5 +2,5 @@ "AssetsRepo": "Azure/azure-sdk-assets", "AssetsRepoPrefixPath": "go", "TagPrefix": "go/security/keyvault/azkeys", - "Tag": "go/security/keyvault/azkeys_d9ce3682be" + "Tag": "go/security/keyvault/azkeys_afbe036428" } diff --git a/sdk/security/keyvault/azkeys/autorest.md b/sdk/security/keyvault/azkeys/autorest.md index 01fd8d810748..7744bd7c5e5d 100644 --- a/sdk/security/keyvault/azkeys/autorest.md +++ b/sdk/security/keyvault/azkeys/autorest.md @@ -25,30 +25,6 @@ directive: where: $["x-ms-parameterized-host"] transform: $.parameters[0]["x-ms-parameter-location"] = "client" - # capitalize acronyms - - from: swagger-document - where: $.definitions.KeyImportParameters.properties.Hsm - transform: $["x-ms-client-name"] = "HSM" - - from: swagger-document - where: $.definitions..properties..iv - transform: $["x-ms-client-name"] = "IV" - - from: swagger-document - where: $.definitions..properties..kid - transform: $["x-ms-client-name"] = "KID" - - # Maxresults -> MaxResults - - from: swagger-document - where: $.paths..parameters..[?(@.name=='maxresults')] - transform: $["x-ms-client-name"] = "MaxResults" - - # keyName, keyVersion -> name, version - - from: swagger-document - where: $.paths..parameters..[?(@.name=='key-name')] - transform: $["x-ms-client-name"] = "name" - - from: swagger-document - where: $.paths..parameters..[?(@.name=='key-version')] - transform: $["x-ms-client-name"] = "version" - # rename parameter models to match their methods - rename-model: from: KeyCreateParameters @@ -74,17 +50,137 @@ directive: - rename-model: from: KeyVerifyParameters to: VerifyParameters + - rename-model: + from: GetRandomBytesRequest + to: GetRandomBytesParameters # rename paged operations from Get* to List* - rename-operation: from: GetDeletedKeys - to: ListDeletedKeys + to: ListDeletedKeyProperties - rename-operation: from: GetKeys - to: ListKeys + to: ListKeyProperties - rename-operation: from: GetKeyVersions - to: ListKeyVersions + to: ListKeyPropertiesVersions + + # rename KeyItem and KeyBundle + - rename-model: + from: DeletedKeyBundle + to: DeletedKey + - rename-model: + from: KeyItem + to: KeyProperties + - rename-model: + from: DeletedKeyItem + to: DeletedKeyProperties + - rename-model: + from: DeletedKeyListResult + to: DeletedKeyPropertiesListResult + - rename-model: + from: KeyListResult + to: KeyPropertiesListResult + - from: swagger-document + where: $.definitions.RestoreKeyParameters.properties.value + transform: $["x-ms-client-name"] = "KeyBackup" + + # Remove MaxResults parameter + - where: "$.paths..*" + remove-parameter: + in: query + name: maxresults + + # KeyOps updates + - rename-model: + from: KeyOperationsParameters + to: KeyOperationParameters + - from: models.go + where: $ + transform: return $.replace(/KeyOps \[\]\*string/, "KeyOps []*KeyOperation"); + + # fix capitalization + - from: swagger-document + where: $.definitions.ImportKeyParameters.properties.Hsm + transform: $["x-ms-client-name"] = "HSM" + - from: swagger-document + where: $.definitions..properties..iv + transform: $["x-ms-client-name"] = "IV" + - from: swagger-document + where: $.definitions..properties..kid + transform: $["x-ms-client-name"] = "KID" + + # keyName, keyVersion -> name, version + - from: swagger-document + where: $.paths..parameters..[?(@.name=='key-name')] + transform: $["x-ms-client-name"] = "name" + - from: swagger-document + where: $.paths..parameters..[?(@.name=='key-version')] + transform: $["x-ms-client-name"] = "version" + + # KeyEncryptionAlgorithm renames + - from: swagger-document + where: $.definitions.ReleaseParameters.properties.enc + transform: $["x-ms-client-name"] = "algorithm" + + # rename KeyOperationsParameters fields + - from: swagger-document + where: $.definitions.KeyOperationParameters.properties.aad + transform: $["x-ms-client-name"] = "AdditionalAuthenticatedData" + - from: swagger-document + where: $.definitions.KeyOperationParameters.properties.tag + transform: $["x-ms-client-name"] = "AuthenticationTag" + + # remove JSONWeb Prefix + - from: + - models.go + - constants.go + where: $ + transform: return $.replace(/JSONWebKeyOperation/g, "KeyOperation"); + - from: + - models.go + - constants.go + where: $ + transform: return $.replace(/JSONWebKeyCurveName/g, "CurveName"); + - from: + - models.go + - constants.go + where: $ + transform: return $.replace(/JSONWebKeyEncryptionAlgorithm/g, "EncryptionAlgorithm"); + - from: + - models.go + - constants.go + where: $ + transform: return $.replace(/JSONWebKeySignatureAlgorithm/g, "SignatureAlgorithm"); + - from: + - models.go + - constants.go + where: $ + transform: return $.replace(/JSONWebKeyType/g, "KeyType"); + + # remove DeletionRecoveryLevel type + - from: models.go + where: $ + transform: return $.replace(/RecoveryLevel \*DeletionRecoveryLevel/g, "RecoveryLevel *string"); + - from: constants.go + where: $ + transform: return $.replace(/(?:\/\/.*\s)+type DeletionRecoveryLevel string/, ""); + - from: constants.go + where: $ + transform: return $.replace(/(?:\/\/.*\s)+func PossibleDeletionRecovery(?:.+\s)+\}/, ""); + - from: constants.go + where: $ + transform: return $.replace(/const \(\n\s\/\/ DeletionRecoveryLevel(?:.+\s)+\)/, ""); + + # delete SignatureAlgorithmRSNULL + - from: constants.go + where: $ + transform: return $.replace(/.*(\bSignatureAlgorithmRSNULL\b).*/g, ""); + + # delete KeyOperationExport + - from: constants.go + where: $ + transform: return $.replace(/.*(\bKeyOperationExport\b).*/g, ""); # delete unused error models - from: models.go diff --git a/sdk/security/keyvault/azkeys/client.go b/sdk/security/keyvault/azkeys/client.go index 4cc063c69fd0..02ec6c7fd008 100644 --- a/sdk/security/keyvault/azkeys/client.go +++ b/sdk/security/keyvault/azkeys/client.go @@ -17,7 +17,6 @@ import ( "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" "net/http" "net/url" - "strconv" "strings" ) @@ -153,7 +152,7 @@ func (client *Client) createKeyHandleResponse(resp *http.Response) (CreateKeyRes // - version - The version of the key. // - parameters - The parameters for the decryption operation. // - options - DecryptOptions contains the optional parameters for the Client.Decrypt method. -func (client *Client) Decrypt(ctx context.Context, name string, version string, parameters KeyOperationsParameters, options *DecryptOptions) (DecryptResponse, error) { +func (client *Client) Decrypt(ctx context.Context, name string, version string, parameters KeyOperationParameters, options *DecryptOptions) (DecryptResponse, error) { req, err := client.decryptCreateRequest(ctx, name, version, parameters, options) if err != nil { return DecryptResponse{}, err @@ -169,7 +168,7 @@ func (client *Client) Decrypt(ctx context.Context, name string, version string, } // decryptCreateRequest creates the Decrypt request. -func (client *Client) decryptCreateRequest(ctx context.Context, name string, version string, parameters KeyOperationsParameters, options *DecryptOptions) (*policy.Request, error) { +func (client *Client) decryptCreateRequest(ctx context.Context, name string, version string, parameters KeyOperationParameters, options *DecryptOptions) (*policy.Request, error) { urlPath := "/keys/{key-name}/{key-version}/decrypt" if name == "" { return nil, errors.New("parameter name cannot be empty") @@ -240,7 +239,7 @@ func (client *Client) deleteKeyCreateRequest(ctx context.Context, name string, o // deleteKeyHandleResponse handles the DeleteKey response. func (client *Client) deleteKeyHandleResponse(resp *http.Response) (DeleteKeyResponse, error) { result := DeleteKeyResponse{} - if err := runtime.UnmarshalAsJSON(resp, &result.DeletedKeyBundle); err != nil { + if err := runtime.UnmarshalAsJSON(resp, &result.DeletedKey); err != nil { return DeleteKeyResponse{}, err } return result, nil @@ -260,7 +259,7 @@ func (client *Client) deleteKeyHandleResponse(resp *http.Response) (DeleteKeyRes // - version - The version of the key. // - parameters - The parameters for the encryption operation. // - options - EncryptOptions contains the optional parameters for the Client.Encrypt method. -func (client *Client) Encrypt(ctx context.Context, name string, version string, parameters KeyOperationsParameters, options *EncryptOptions) (EncryptResponse, error) { +func (client *Client) Encrypt(ctx context.Context, name string, version string, parameters KeyOperationParameters, options *EncryptOptions) (EncryptResponse, error) { req, err := client.encryptCreateRequest(ctx, name, version, parameters, options) if err != nil { return EncryptResponse{}, err @@ -276,7 +275,7 @@ func (client *Client) Encrypt(ctx context.Context, name string, version string, } // encryptCreateRequest creates the Encrypt request. -func (client *Client) encryptCreateRequest(ctx context.Context, name string, version string, parameters KeyOperationsParameters, options *EncryptOptions) (*policy.Request, error) { +func (client *Client) encryptCreateRequest(ctx context.Context, name string, version string, parameters KeyOperationParameters, options *EncryptOptions) (*policy.Request, error) { urlPath := "/keys/{key-name}/{key-version}/encrypt" if name == "" { return nil, errors.New("parameter name cannot be empty") @@ -347,7 +346,7 @@ func (client *Client) getDeletedKeyCreateRequest(ctx context.Context, name strin // getDeletedKeyHandleResponse handles the GetDeletedKey response. func (client *Client) getDeletedKeyHandleResponse(resp *http.Response) (GetDeletedKeyResponse, error) { result := GetDeletedKeyResponse{} - if err := runtime.UnmarshalAsJSON(resp, &result.DeletedKeyBundle); err != nil { + if err := runtime.UnmarshalAsJSON(resp, &result.DeletedKey); err != nil { return GetDeletedKeyResponse{}, err } return result, nil @@ -460,7 +459,7 @@ func (client *Client) getKeyRotationPolicyHandleResponse(resp *http.Response) (G // Generated from API version 7.4 // - parameters - The request object to get random bytes. // - options - GetRandomBytesOptions contains the optional parameters for the Client.GetRandomBytes method. -func (client *Client) GetRandomBytes(ctx context.Context, parameters GetRandomBytesRequest, options *GetRandomBytesOptions) (GetRandomBytesResponse, error) { +func (client *Client) GetRandomBytes(ctx context.Context, parameters GetRandomBytesParameters, options *GetRandomBytesOptions) (GetRandomBytesResponse, error) { req, err := client.getRandomBytesCreateRequest(ctx, parameters, options) if err != nil { return GetRandomBytesResponse{}, err @@ -476,7 +475,7 @@ func (client *Client) GetRandomBytes(ctx context.Context, parameters GetRandomBy } // getRandomBytesCreateRequest creates the GetRandomBytes request. -func (client *Client) getRandomBytesCreateRequest(ctx context.Context, parameters GetRandomBytesRequest, options *GetRandomBytesOptions) (*policy.Request, error) { +func (client *Client) getRandomBytesCreateRequest(ctx context.Context, parameters GetRandomBytesParameters, options *GetRandomBytesOptions) (*policy.Request, error) { urlPath := "/rng" req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.endpoint, urlPath)) if err != nil { @@ -550,189 +549,182 @@ func (client *Client) importKeyHandleResponse(resp *http.Response) (ImportKeyRes return result, nil } -// NewListDeletedKeysPager - Retrieves a list of the keys in the Key Vault as JSON Web Key structures that contain the public -// part of a deleted key. This operation includes deletion-specific information. The Get Deleted Keys +// NewListDeletedKeyPropertiesPager - Retrieves a list of the keys in the Key Vault as JSON Web Key structures that contain +// the public part of a deleted key. This operation includes deletion-specific information. The Get Deleted Keys // operation is applicable for vaults enabled for soft-delete. While the operation can be invoked on any vault, it will return // an error if invoked on a non soft-delete enabled vault. This operation // requires the keys/list permission. // // Generated from API version 7.4 -// - options - ListDeletedKeysOptions contains the optional parameters for the Client.NewListDeletedKeysPager method. -func (client *Client) NewListDeletedKeysPager(options *ListDeletedKeysOptions) *runtime.Pager[ListDeletedKeysResponse] { - return runtime.NewPager(runtime.PagingHandler[ListDeletedKeysResponse]{ - More: func(page ListDeletedKeysResponse) bool { +// - options - ListDeletedKeyPropertiesOptions contains the optional parameters for the Client.NewListDeletedKeyPropertiesPager +// method. +func (client *Client) NewListDeletedKeyPropertiesPager(options *ListDeletedKeyPropertiesOptions) *runtime.Pager[ListDeletedKeyPropertiesResponse] { + return runtime.NewPager(runtime.PagingHandler[ListDeletedKeyPropertiesResponse]{ + More: func(page ListDeletedKeyPropertiesResponse) bool { return page.NextLink != nil && len(*page.NextLink) > 0 }, - Fetcher: func(ctx context.Context, page *ListDeletedKeysResponse) (ListDeletedKeysResponse, error) { + Fetcher: func(ctx context.Context, page *ListDeletedKeyPropertiesResponse) (ListDeletedKeyPropertiesResponse, error) { var req *policy.Request var err error if page == nil { - req, err = client.listDeletedKeysCreateRequest(ctx, options) + req, err = client.listDeletedKeyPropertiesCreateRequest(ctx, options) } else { req, err = runtime.NewRequest(ctx, http.MethodGet, *page.NextLink) } if err != nil { - return ListDeletedKeysResponse{}, err + return ListDeletedKeyPropertiesResponse{}, err } resp, err := client.internal.Pipeline().Do(req) if err != nil { - return ListDeletedKeysResponse{}, err + return ListDeletedKeyPropertiesResponse{}, err } if !runtime.HasStatusCode(resp, http.StatusOK) { - return ListDeletedKeysResponse{}, runtime.NewResponseError(resp) + return ListDeletedKeyPropertiesResponse{}, runtime.NewResponseError(resp) } - return client.listDeletedKeysHandleResponse(resp) + return client.listDeletedKeyPropertiesHandleResponse(resp) }, }) } -// listDeletedKeysCreateRequest creates the ListDeletedKeys request. -func (client *Client) listDeletedKeysCreateRequest(ctx context.Context, options *ListDeletedKeysOptions) (*policy.Request, error) { +// listDeletedKeyPropertiesCreateRequest creates the ListDeletedKeyProperties request. +func (client *Client) listDeletedKeyPropertiesCreateRequest(ctx context.Context, options *ListDeletedKeyPropertiesOptions) (*policy.Request, error) { urlPath := "/deletedkeys" req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.endpoint, urlPath)) if err != nil { return nil, err } reqQP := req.Raw().URL.Query() - if options != nil && options.MaxResults != nil { - reqQP.Set("maxresults", strconv.FormatInt(int64(*options.MaxResults), 10)) - } reqQP.Set("api-version", "7.4") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil } -// listDeletedKeysHandleResponse handles the ListDeletedKeys response. -func (client *Client) listDeletedKeysHandleResponse(resp *http.Response) (ListDeletedKeysResponse, error) { - result := ListDeletedKeysResponse{} - if err := runtime.UnmarshalAsJSON(resp, &result.DeletedKeyListResult); err != nil { - return ListDeletedKeysResponse{}, err +// listDeletedKeyPropertiesHandleResponse handles the ListDeletedKeyProperties response. +func (client *Client) listDeletedKeyPropertiesHandleResponse(resp *http.Response) (ListDeletedKeyPropertiesResponse, error) { + result := ListDeletedKeyPropertiesResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.DeletedKeyPropertiesListResult); err != nil { + return ListDeletedKeyPropertiesResponse{}, err } return result, nil } -// NewListKeyVersionsPager - The full key identifier, attributes, and tags are provided in the response. This operation requires -// the keys/list permission. +// NewListKeyPropertiesPager - Retrieves a list of the keys in the Key Vault as JSON Web Key structures that contain the public +// part of a stored key. The LIST operation is applicable to all key types, however only the base key +// identifier, attributes, and tags are provided in the response. Individual versions of a key are not listed in the response. +// This operation requires the keys/list permission. // // Generated from API version 7.4 -// - name - The name of the key. -// - options - ListKeyVersionsOptions contains the optional parameters for the Client.NewListKeyVersionsPager method. -func (client *Client) NewListKeyVersionsPager(name string, options *ListKeyVersionsOptions) *runtime.Pager[ListKeyVersionsResponse] { - return runtime.NewPager(runtime.PagingHandler[ListKeyVersionsResponse]{ - More: func(page ListKeyVersionsResponse) bool { +// - options - ListKeyPropertiesOptions contains the optional parameters for the Client.NewListKeyPropertiesPager method. +func (client *Client) NewListKeyPropertiesPager(options *ListKeyPropertiesOptions) *runtime.Pager[ListKeyPropertiesResponse] { + return runtime.NewPager(runtime.PagingHandler[ListKeyPropertiesResponse]{ + More: func(page ListKeyPropertiesResponse) bool { return page.NextLink != nil && len(*page.NextLink) > 0 }, - Fetcher: func(ctx context.Context, page *ListKeyVersionsResponse) (ListKeyVersionsResponse, error) { + Fetcher: func(ctx context.Context, page *ListKeyPropertiesResponse) (ListKeyPropertiesResponse, error) { var req *policy.Request var err error if page == nil { - req, err = client.listKeyVersionsCreateRequest(ctx, name, options) + req, err = client.listKeyPropertiesCreateRequest(ctx, options) } else { req, err = runtime.NewRequest(ctx, http.MethodGet, *page.NextLink) } if err != nil { - return ListKeyVersionsResponse{}, err + return ListKeyPropertiesResponse{}, err } resp, err := client.internal.Pipeline().Do(req) if err != nil { - return ListKeyVersionsResponse{}, err + return ListKeyPropertiesResponse{}, err } if !runtime.HasStatusCode(resp, http.StatusOK) { - return ListKeyVersionsResponse{}, runtime.NewResponseError(resp) + return ListKeyPropertiesResponse{}, runtime.NewResponseError(resp) } - return client.listKeyVersionsHandleResponse(resp) + return client.listKeyPropertiesHandleResponse(resp) }, }) } -// listKeyVersionsCreateRequest creates the ListKeyVersions request. -func (client *Client) listKeyVersionsCreateRequest(ctx context.Context, name string, options *ListKeyVersionsOptions) (*policy.Request, error) { - urlPath := "/keys/{key-name}/versions" - if name == "" { - return nil, errors.New("parameter name cannot be empty") - } - urlPath = strings.ReplaceAll(urlPath, "{key-name}", url.PathEscape(name)) +// listKeyPropertiesCreateRequest creates the ListKeyProperties request. +func (client *Client) listKeyPropertiesCreateRequest(ctx context.Context, options *ListKeyPropertiesOptions) (*policy.Request, error) { + urlPath := "/keys" req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.endpoint, urlPath)) if err != nil { return nil, err } reqQP := req.Raw().URL.Query() - if options != nil && options.MaxResults != nil { - reqQP.Set("maxresults", strconv.FormatInt(int64(*options.MaxResults), 10)) - } reqQP.Set("api-version", "7.4") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil } -// listKeyVersionsHandleResponse handles the ListKeyVersions response. -func (client *Client) listKeyVersionsHandleResponse(resp *http.Response) (ListKeyVersionsResponse, error) { - result := ListKeyVersionsResponse{} - if err := runtime.UnmarshalAsJSON(resp, &result.KeyListResult); err != nil { - return ListKeyVersionsResponse{}, err +// listKeyPropertiesHandleResponse handles the ListKeyProperties response. +func (client *Client) listKeyPropertiesHandleResponse(resp *http.Response) (ListKeyPropertiesResponse, error) { + result := ListKeyPropertiesResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.KeyPropertiesListResult); err != nil { + return ListKeyPropertiesResponse{}, err } return result, nil } -// NewListKeysPager - Retrieves a list of the keys in the Key Vault as JSON Web Key structures that contain the public part -// of a stored key. The LIST operation is applicable to all key types, however only the base key -// identifier, attributes, and tags are provided in the response. Individual versions of a key are not listed in the response. -// This operation requires the keys/list permission. +// NewListKeyPropertiesVersionsPager - The full key identifier, attributes, and tags are provided in the response. This operation +// requires the keys/list permission. // // Generated from API version 7.4 -// - options - ListKeysOptions contains the optional parameters for the Client.NewListKeysPager method. -func (client *Client) NewListKeysPager(options *ListKeysOptions) *runtime.Pager[ListKeysResponse] { - return runtime.NewPager(runtime.PagingHandler[ListKeysResponse]{ - More: func(page ListKeysResponse) bool { +// - name - The name of the key. +// - options - ListKeyPropertiesVersionsOptions contains the optional parameters for the Client.NewListKeyPropertiesVersionsPager +// method. +func (client *Client) NewListKeyPropertiesVersionsPager(name string, options *ListKeyPropertiesVersionsOptions) *runtime.Pager[ListKeyPropertiesVersionsResponse] { + return runtime.NewPager(runtime.PagingHandler[ListKeyPropertiesVersionsResponse]{ + More: func(page ListKeyPropertiesVersionsResponse) bool { return page.NextLink != nil && len(*page.NextLink) > 0 }, - Fetcher: func(ctx context.Context, page *ListKeysResponse) (ListKeysResponse, error) { + Fetcher: func(ctx context.Context, page *ListKeyPropertiesVersionsResponse) (ListKeyPropertiesVersionsResponse, error) { var req *policy.Request var err error if page == nil { - req, err = client.listKeysCreateRequest(ctx, options) + req, err = client.listKeyPropertiesVersionsCreateRequest(ctx, name, options) } else { req, err = runtime.NewRequest(ctx, http.MethodGet, *page.NextLink) } if err != nil { - return ListKeysResponse{}, err + return ListKeyPropertiesVersionsResponse{}, err } resp, err := client.internal.Pipeline().Do(req) if err != nil { - return ListKeysResponse{}, err + return ListKeyPropertiesVersionsResponse{}, err } if !runtime.HasStatusCode(resp, http.StatusOK) { - return ListKeysResponse{}, runtime.NewResponseError(resp) + return ListKeyPropertiesVersionsResponse{}, runtime.NewResponseError(resp) } - return client.listKeysHandleResponse(resp) + return client.listKeyPropertiesVersionsHandleResponse(resp) }, }) } -// listKeysCreateRequest creates the ListKeys request. -func (client *Client) listKeysCreateRequest(ctx context.Context, options *ListKeysOptions) (*policy.Request, error) { - urlPath := "/keys" +// listKeyPropertiesVersionsCreateRequest creates the ListKeyPropertiesVersions request. +func (client *Client) listKeyPropertiesVersionsCreateRequest(ctx context.Context, name string, options *ListKeyPropertiesVersionsOptions) (*policy.Request, error) { + urlPath := "/keys/{key-name}/versions" + if name == "" { + return nil, errors.New("parameter name cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{key-name}", url.PathEscape(name)) req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.endpoint, urlPath)) if err != nil { return nil, err } reqQP := req.Raw().URL.Query() - if options != nil && options.MaxResults != nil { - reqQP.Set("maxresults", strconv.FormatInt(int64(*options.MaxResults), 10)) - } reqQP.Set("api-version", "7.4") req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil } -// listKeysHandleResponse handles the ListKeys response. -func (client *Client) listKeysHandleResponse(resp *http.Response) (ListKeysResponse, error) { - result := ListKeysResponse{} - if err := runtime.UnmarshalAsJSON(resp, &result.KeyListResult); err != nil { - return ListKeysResponse{}, err +// listKeyPropertiesVersionsHandleResponse handles the ListKeyPropertiesVersions response. +func (client *Client) listKeyPropertiesVersionsHandleResponse(resp *http.Response) (ListKeyPropertiesVersionsResponse, error) { + result := ListKeyPropertiesVersionsResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.KeyPropertiesListResult); err != nil { + return ListKeyPropertiesVersionsResponse{}, err } return result, nil } @@ -1044,7 +1036,7 @@ func (client *Client) signHandleResponse(resp *http.Response) (SignResponse, err // - version - The version of the key. // - parameters - The parameters for the key operation. // - options - UnwrapKeyOptions contains the optional parameters for the Client.UnwrapKey method. -func (client *Client) UnwrapKey(ctx context.Context, name string, version string, parameters KeyOperationsParameters, options *UnwrapKeyOptions) (UnwrapKeyResponse, error) { +func (client *Client) UnwrapKey(ctx context.Context, name string, version string, parameters KeyOperationParameters, options *UnwrapKeyOptions) (UnwrapKeyResponse, error) { req, err := client.unwrapKeyCreateRequest(ctx, name, version, parameters, options) if err != nil { return UnwrapKeyResponse{}, err @@ -1060,7 +1052,7 @@ func (client *Client) UnwrapKey(ctx context.Context, name string, version string } // unwrapKeyCreateRequest creates the UnwrapKey request. -func (client *Client) unwrapKeyCreateRequest(ctx context.Context, name string, version string, parameters KeyOperationsParameters, options *UnwrapKeyOptions) (*policy.Request, error) { +func (client *Client) unwrapKeyCreateRequest(ctx context.Context, name string, version string, parameters KeyOperationParameters, options *UnwrapKeyOptions) (*policy.Request, error) { urlPath := "/keys/{key-name}/{key-version}/unwrapkey" if name == "" { return nil, errors.New("parameter name cannot be empty") @@ -1258,7 +1250,7 @@ func (client *Client) verifyHandleResponse(resp *http.Response) (VerifyResponse, // - version - The version of the key. // - parameters - The parameters for wrap operation. // - options - WrapKeyOptions contains the optional parameters for the Client.WrapKey method. -func (client *Client) WrapKey(ctx context.Context, name string, version string, parameters KeyOperationsParameters, options *WrapKeyOptions) (WrapKeyResponse, error) { +func (client *Client) WrapKey(ctx context.Context, name string, version string, parameters KeyOperationParameters, options *WrapKeyOptions) (WrapKeyResponse, error) { req, err := client.wrapKeyCreateRequest(ctx, name, version, parameters, options) if err != nil { return WrapKeyResponse{}, err @@ -1274,7 +1266,7 @@ func (client *Client) WrapKey(ctx context.Context, name string, version string, } // wrapKeyCreateRequest creates the WrapKey request. -func (client *Client) wrapKeyCreateRequest(ctx context.Context, name string, version string, parameters KeyOperationsParameters, options *WrapKeyOptions) (*policy.Request, error) { +func (client *Client) wrapKeyCreateRequest(ctx context.Context, name string, version string, parameters KeyOperationParameters, options *WrapKeyOptions) (*policy.Request, error) { urlPath := "/keys/{key-name}/{key-version}/wrapkey" if name == "" { return nil, errors.New("parameter name cannot be empty") diff --git a/sdk/security/keyvault/azkeys/client_test.go b/sdk/security/keyvault/azkeys/client_test.go index e0c034b68a3f..aaaf94f21011 100644 --- a/sdk/security/keyvault/azkeys/client_test.go +++ b/sdk/security/keyvault/azkeys/client_test.go @@ -58,18 +58,6 @@ func requireEqualAttributes(t *testing.T, a, b *azkeys.KeyAttributes) { require.Equal(t, a.Updated, b.Updated) } -type serdeModel interface { - json.Marshaler - json.Unmarshaler -} - -func testSerde[T serdeModel](t *testing.T, model T) { - data, err := model.MarshalJSON() - require.NoError(t, err) - err = model.UnmarshalJSON(data) - require.NoError(t, err) -} - func TestBackupRestore(t *testing.T) { name := "KV" for _, mhsm := range []bool{false, true} { @@ -80,7 +68,7 @@ func TestBackupRestore(t *testing.T) { client := startTest(t, mhsm) keyName := createRandomName(t, "testbackuprestore") - createResp, err := client.CreateKey(context.Background(), keyName, azkeys.CreateKeyParameters{Kty: to.Ptr(azkeys.JSONWebKeyTypeRSA)}, nil) + createResp, err := client.CreateKey(context.Background(), keyName, azkeys.CreateKeyParameters{Kty: to.Ptr(azkeys.KeyTypeRSA)}, nil) require.NoError(t, err) require.Equal(t, keyName, createResp.Key.KID.Name()) require.NotEmpty(t, createResp.Key.KID.Version()) @@ -108,7 +96,7 @@ func TestBackupRestore(t *testing.T) { require.NoError(t, err) var restoreResp azkeys.RestoreKeyResponse - restoreParams := azkeys.RestoreKeyParameters{KeyBundleBackup: backupResp.Value} + restoreParams := azkeys.RestoreKeyParameters{KeyBackup: backupResp.Value} pollStatus(t, 409, func() error { restoreResp, err = client.RestoreKey(context.Background(), restoreParams, nil) return err @@ -136,13 +124,13 @@ func TestCRUD(t *testing.T) { for _, mhsm := range []bool{false, true} { for _, params := range []azkeys.CreateKeyParameters{ { - Kty: to.Ptr(azkeys.JSONWebKeyTypeEC), - Curve: to.Ptr(azkeys.JSONWebKeyCurveNameP256K), + Kty: to.Ptr(azkeys.KeyTypeEC), + Curve: to.Ptr(azkeys.CurveNameP256K), KeyAttributes: attributes, Tags: tags, }, { - Kty: to.Ptr(azkeys.JSONWebKeyTypeRSA), + Kty: to.Ptr(azkeys.KeyTypeRSA), KeyAttributes: attributes, KeySize: to.Ptr(int32(2048)), PublicExponent: to.Ptr(int32(65537)), @@ -190,7 +178,7 @@ func TestCRUD(t *testing.T) { require.Equal(t, createResp.Key.KID.Name(), deleteResp.Key.KID.Name()) require.Equal(t, createResp.Key.KID.Version(), deleteResp.Key.KID.Version()) requireEqualAttributes(t, updateResp.Attributes, deleteResp.Attributes) - testSerde(t, &deleteResp.DeletedKeyBundle) + testSerde(t, &deleteResp.DeletedKey) pollStatus(t, 404, func() error { _, err := client.GetDeletedKey(context.Background(), keyName, nil) return err @@ -242,7 +230,7 @@ func TestDisableChallengeResourceVerification(t *testing.T) { } client, err := azkeys.NewClient(vaultURL, &FakeCredential{}, options) require.NoError(t, err) - pager := client.NewListKeysPager(nil) + pager := client.NewListKeyPropertiesPager(nil) _, err = pager.NextPage(context.Background()) if test.err { require.Error(t, err) @@ -265,14 +253,14 @@ func TestEncryptDecrypt(t *testing.T) { keyName := createRandomName(t, "key") createParams := azkeys.CreateKeyParameters{ - Kty: to.Ptr(azkeys.JSONWebKeyTypeRSAHSM), - KeyOps: to.SliceOfPtrs(azkeys.JSONWebKeyOperationEncrypt, azkeys.JSONWebKeyOperationDecrypt), + Kty: to.Ptr(azkeys.KeyTypeRSAHSM), + KeyOps: to.SliceOfPtrs(azkeys.KeyOperationEncrypt, azkeys.KeyOperationDecrypt), } createResp, err := client.CreateKey(context.Background(), keyName, createParams, nil) require.NoError(t, err) - encryptParams := azkeys.KeyOperationsParameters{ - Algorithm: to.Ptr(azkeys.JSONWebKeyEncryptionAlgorithmRSAOAEP256), + encryptParams := azkeys.KeyOperationParameters{ + Algorithm: to.Ptr(azkeys.EncryptionAlgorithmRSAOAEP256), Value: []byte("plaintext"), } testSerde(t, &encryptParams) @@ -281,7 +269,7 @@ func TestEncryptDecrypt(t *testing.T) { require.NotEmpty(t, encryptResponse.Result) testSerde(t, &encryptResponse.KeyOperationResult) - decryptParams := azkeys.KeyOperationsParameters{ + decryptParams := azkeys.KeyOperationParameters{ Algorithm: encryptParams.Algorithm, Value: encryptResponse.Result, } @@ -299,15 +287,15 @@ func TestEncryptDecryptSymmetric(t *testing.T) { keyName := createRandomName(t, "key") createParams := azkeys.CreateKeyParameters{ - Kty: to.Ptr(azkeys.JSONWebKeyTypeOct), - KeyOps: to.SliceOfPtrs(azkeys.JSONWebKeyOperationEncrypt, azkeys.JSONWebKeyOperationDecrypt), + Kty: to.Ptr(azkeys.KeyTypeOct), + KeyOps: to.SliceOfPtrs(azkeys.KeyOperationEncrypt, azkeys.KeyOperationDecrypt), KeySize: to.Ptr(int32(256)), } createResp, err := client.CreateKey(context.Background(), keyName, createParams, nil) require.NoError(t, err) - encryptParams := azkeys.KeyOperationsParameters{ - Algorithm: to.Ptr(azkeys.JSONWebKeyEncryptionAlgorithmA256CBCPAD), + encryptParams := azkeys.KeyOperationParameters{ + Algorithm: to.Ptr(azkeys.EncryptionAlgorithmA256CBCPAD), // IV must be random in real usage. This value is static only to ensure it matches in playback. IV: []byte("0123456789ABCDEF"), Value: []byte("plaintext"), @@ -317,7 +305,7 @@ func TestEncryptDecryptSymmetric(t *testing.T) { require.NoError(t, err) require.NotEmpty(t, encryptResponse.Result) - decryptParams := azkeys.KeyOperationsParameters{ + decryptParams := azkeys.KeyOperationParameters{ Algorithm: encryptParams.Algorithm, IV: encryptResponse.IV, Value: encryptResponse.Result, @@ -330,7 +318,7 @@ func TestEncryptDecryptSymmetric(t *testing.T) { func TestGetRandomBytes(t *testing.T) { client := startTest(t, true) - req := azkeys.GetRandomBytesRequest{Count: to.Ptr(int32(100))} + req := azkeys.GetRandomBytesParameters{Count: to.Ptr(int32(100))} testSerde(t, &req) resp, err := client.GetRandomBytes(context.Background(), req, nil) require.NoError(t, err) @@ -360,8 +348,8 @@ func TestImportKey(t *testing.T) { t.Run(name, func(t *testing.T) { client := startTest(t, mhsm) jwk := &azkeys.JSONWebKey{ - KeyOps: to.SliceOfPtrs(string(azkeys.JSONWebKeyOperationEncrypt)), - Kty: to.Ptr(azkeys.JSONWebKeyTypeRSA), + KeyOps: to.SliceOfPtrs(azkeys.KeyOperationEncrypt), + Kty: to.Ptr(azkeys.KeyTypeRSA), N: toBytes("a0914d00234ac683b21b4c15d5bed887bdc959c2e57af54ae734e8f00720d775d275e455207e3784ceeb60a50a4655dd72a7a94d271e8ee8f7959a669ca6e775bf0e23badae991b4529d978528b4bd90521d32dd2656796ba82b6bbfc7668c8f5eeb5053747fd199319d29a8440d08f4412d527ff9311eda71825920b47b1c46b11ab3e91d7316407e89c7f340f7b85a34042ce51743b27d4718403d34c7b438af6181be05e4d11eb985d38253d7fe9bf53fc2f1b002d22d2d793fa79a504b6ab42d0492804d7071d727a06cf3a8893aa542b1503f832b296371b6707d4dc6e372f8fe67d8ded1c908fde45ce03bc086a71487fa75e43aa0e0679aa0d20efe35", t), E: toBytes("10001", t), D: toBytes("627c7d24668148fe2252c7fa649ea8a5a9ed44d75c766cda42b29b660e99404f0e862d4561a6c95af6a83d213e0a2244b03cd28576473215073785fb067f015da19084ade9f475e08b040a9a2c7ba00253bb8125508c9df140b75161d266be347a5e0f6900fe1d8bbf78ccc25eeb37e0c9d188d6e1fc15169ba4fe12276193d77790d2326928bd60d0d01d6ead8d6ac4861abadceec95358fd6689c50a1671a4a936d2376440a41445501da4e74bfb98f823bd19c45b94eb01d98fc0d2f284507f018ebd929b8180dbe6381fdd434bffb7800aaabdd973d55f9eaf9bb88a6ea7b28c2a80231e72de1ad244826d665582c2362761019de2e9f10cb8bcc2625649", t), @@ -394,7 +382,7 @@ func TestListDeletedKeys(t *testing.T) { count := 4 keyNames := make([]string, count) createParams := azkeys.CreateKeyParameters{ - Kty: to.Ptr(azkeys.JSONWebKeyTypeRSA), + Kty: to.Ptr(azkeys.KeyTypeRSA), Tags: map[string]*string{"count-this-key": to.Ptr("yes")}, } for i := 0; i < len(keyNames); i++ { @@ -410,11 +398,11 @@ func TestListDeletedKeys(t *testing.T) { return err }) } - pager := client.NewListDeletedKeysPager(&azkeys.ListDeletedKeysOptions{MaxResults: to.Ptr(int32(1))}) + pager := client.NewListDeletedKeyPropertiesPager(nil) for pager.More() { resp, err := pager.NextPage(context.Background()) require.NoError(t, err) - testSerde(t, &resp.DeletedKeyListResult) + testSerde(t, &resp.DeletedKeyPropertiesListResult) for _, key := range resp.Value { require.NotEmpty(t, key.Attributes) require.NotNil(t, key.DeletedDate) @@ -447,17 +435,17 @@ func TestListKeys(t *testing.T) { keyNamePrefix := "testlistkeys" for i := 0; i < 4; i++ { n := createRandomName(t, fmt.Sprintf("%s-%d", keyNamePrefix, i)) - resp, err := client.CreateKey(context.Background(), n, azkeys.CreateKeyParameters{Kty: to.Ptr(azkeys.JSONWebKeyTypeRSA)}, nil) + resp, err := client.CreateKey(context.Background(), n, azkeys.CreateKeyParameters{Kty: to.Ptr(azkeys.KeyTypeRSA)}, nil) require.NoError(t, err) defer cleanUpKey(t, client, resp.Key.KID) count++ } - pager := client.NewListKeysPager(&azkeys.ListKeysOptions{MaxResults: to.Ptr(int32(1))}) + pager := client.NewListKeyPropertiesPager(nil) for pager.More() { resp, err := pager.NextPage(context.Background()) require.NoError(t, err) - testSerde(t, &resp.KeyListResult) + testSerde(t, &resp.KeyPropertiesListResult) for _, key := range resp.Value { require.NotNil(t, key) require.NotNil(t, key.Attributes) @@ -487,17 +475,17 @@ func TestListKeyVersions(t *testing.T) { keyName := createRandomName(t, "listkeyversions") expectedVersions := make(map[string]struct{}, 4) for i := 0; i < 4; i++ { - createResp, err = client.CreateKey(context.Background(), keyName, azkeys.CreateKeyParameters{Kty: to.Ptr(azkeys.JSONWebKeyTypeRSA)}, nil) + createResp, err = client.CreateKey(context.Background(), keyName, azkeys.CreateKeyParameters{Kty: to.Ptr(azkeys.KeyTypeRSA)}, nil) expectedVersions[createResp.Key.KID.Version()] = struct{}{} require.NoError(t, err) } defer cleanUpKey(t, client, createResp.Key.KID) - pager := client.NewListKeyVersionsPager(keyName, &azkeys.ListKeyVersionsOptions{MaxResults: to.Ptr(int32(1))}) + pager := client.NewListKeyPropertiesVersionsPager(keyName, nil) for pager.More() { resp, err := pager.NextPage(context.Background()) require.NoError(t, err) - testSerde(t, &resp.KeyListResult) + testSerde(t, &resp.KeyPropertiesListResult) for _, key := range resp.Value { testSerde(t, key) require.NotNil(t, key) @@ -525,7 +513,7 @@ func TestRecoverDeletedKey(t *testing.T) { client := startTest(t, mhsm) key := createRandomName(t, "key") - createResp, err := client.CreateKey(context.Background(), key, azkeys.CreateKeyParameters{Kty: to.Ptr(azkeys.JSONWebKeyTypeEC)}, nil) + createResp, err := client.CreateKey(context.Background(), key, azkeys.CreateKeyParameters{Kty: to.Ptr(azkeys.KeyTypeEC)}, nil) require.NoError(t, err) _, err = client.DeleteKey(context.Background(), key, nil) @@ -564,11 +552,11 @@ func TestReleaseKey(t *testing.T) { var err error for i := 0; i < 5; i++ { params := azkeys.CreateKeyParameters{ - Curve: to.Ptr(azkeys.JSONWebKeyCurveNameP256K), + Curve: to.Ptr(azkeys.CurveNameP256K), KeyAttributes: &azkeys.KeyAttributes{ Exportable: to.Ptr(true), }, - Kty: to.Ptr(azkeys.JSONWebKeyTypeECHSM), + Kty: to.Ptr(azkeys.KeyTypeECHSM), ReleasePolicy: &azkeys.KeyReleasePolicy{ EncodedPolicy: getMarshalledReleasePolicy(attestationURL), Immutable: to.Ptr(true), @@ -623,7 +611,7 @@ func TestRotateKey(t *testing.T) { t.Run(name, func(t *testing.T) { client := startTest(t, mhsm) key := createRandomName(t, "testrotatekey") - createResp, err := client.CreateKey(context.Background(), key, azkeys.CreateKeyParameters{Kty: to.Ptr(azkeys.JSONWebKeyTypeECHSM)}, nil) + createResp, err := client.CreateKey(context.Background(), key, azkeys.CreateKeyParameters{Kty: to.Ptr(azkeys.KeyTypeECHSM)}, nil) require.NoError(t, err) defer cleanUpKey(t, client, createResp.Key.KID) @@ -683,9 +671,9 @@ func TestSignVerify(t *testing.T) { keyName := createRandomName(t, "key") createParams := azkeys.CreateKeyParameters{ - Curve: to.Ptr(azkeys.JSONWebKeyCurveNameP256K), - KeyOps: to.SliceOfPtrs(azkeys.JSONWebKeyOperationSign, azkeys.JSONWebKeyOperationVerify), - Kty: to.Ptr(azkeys.JSONWebKeyTypeEC), + Curve: to.Ptr(azkeys.CurveNameP256K), + KeyOps: to.SliceOfPtrs(azkeys.KeyOperationSign, azkeys.KeyOperationVerify), + Kty: to.Ptr(azkeys.KeyTypeEC), } _, err := client.CreateKey(context.Background(), keyName, createParams, nil) require.NoError(t, err) @@ -695,7 +683,7 @@ func TestSignVerify(t *testing.T) { require.NoError(t, err) digest := hasher.Sum(nil) - signParams := azkeys.SignParameters{Algorithm: to.Ptr(azkeys.JSONWebKeySignatureAlgorithmES256K), Value: digest} + signParams := azkeys.SignParameters{Algorithm: to.Ptr(azkeys.SignatureAlgorithmES256K), Value: digest} testSerde(t, &signParams) signResponse, err := client.Sign(context.Background(), keyName, "", signParams, nil) require.NoError(t, err) @@ -723,19 +711,19 @@ func TestWrapUnwrap(t *testing.T) { keyName := createRandomName(t, "key") createParams := azkeys.CreateKeyParameters{ - KeyOps: to.SliceOfPtrs(azkeys.JSONWebKeyOperationWrapKey, azkeys.JSONWebKeyOperationUnwrapKey), - Kty: to.Ptr(azkeys.JSONWebKeyTypeRSA), + KeyOps: to.SliceOfPtrs(azkeys.KeyOperationWrapKey, azkeys.KeyOperationUnwrapKey), + Kty: to.Ptr(azkeys.KeyTypeRSA), } _, err := client.CreateKey(context.Background(), keyName, createParams, nil) require.NoError(t, err) keyBytes := []byte("5063e6aaa845f150200547944fd199679c98ed6f99da0a0b2dafeaf1f4684496fd532c1c229968cb9dee44957fcef7ccef59ceda0b362e56bcd78fd3faee5781c623c0bb22b35beabde0664fd30e0e824aba3dd1b0afffc4a3d955ede20cf6a854d52cfd") - wrapParams := azkeys.KeyOperationsParameters{Algorithm: to.Ptr(azkeys.JSONWebKeyEncryptionAlgorithmRSAOAEP), Value: keyBytes} + wrapParams := azkeys.KeyOperationParameters{Algorithm: to.Ptr(azkeys.EncryptionAlgorithmRSAOAEP), Value: keyBytes} wrapResp, err := client.WrapKey(context.Background(), keyName, "", wrapParams, nil) require.NoError(t, err) - unwrapResp, err := client.UnwrapKey(context.Background(), keyName, "", azkeys.KeyOperationsParameters{Algorithm: wrapParams.Algorithm, Value: wrapResp.Result}, nil) + unwrapResp, err := client.UnwrapKey(context.Background(), keyName, "", azkeys.KeyOperationParameters{Algorithm: wrapParams.Algorithm, Value: wrapResp.Result}, nil) require.NoError(t, err) require.Equal(t, keyBytes, unwrapResp.Result) }) diff --git a/sdk/security/keyvault/azkeys/constants.go b/sdk/security/keyvault/azkeys/constants.go index 464b9a67cebd..64960a4090c6 100644 --- a/sdk/security/keyvault/azkeys/constants.go +++ b/sdk/security/keyvault/azkeys/constants.go @@ -9,226 +9,170 @@ package azkeys -// DeletionRecoveryLevel - Reflects the deletion recovery level currently in effect for keys in the current vault. If it contains -// 'Purgeable' the key can be permanently deleted by a privileged user; otherwise, only the system -// can purge the key, at the end of the retention interval. -type DeletionRecoveryLevel string +// CurveName - Elliptic curve name. For valid values, see JsonWebKeyCurveName. +type CurveName string const ( - // DeletionRecoveryLevelCustomizedRecoverable - Denotes a vault state in which deletion is recoverable without the possibility - // for immediate and permanent deletion (i.e. purge when 7<= SoftDeleteRetentionInDays < 90).This level guarantees the recoverability - // of the deleted entity during the retention interval and while the subscription is still available. - DeletionRecoveryLevelCustomizedRecoverable DeletionRecoveryLevel = "CustomizedRecoverable" - // DeletionRecoveryLevelCustomizedRecoverableProtectedSubscription - Denotes a vault and subscription state in which deletion - // is recoverable, immediate and permanent deletion (i.e. purge) is not permitted, and in which the subscription itself cannot - // be permanently canceled when 7<= SoftDeleteRetentionInDays < 90. This level guarantees the recoverability of the deleted - // entity during the retention interval, and also reflects the fact that the subscription itself cannot be cancelled. - DeletionRecoveryLevelCustomizedRecoverableProtectedSubscription DeletionRecoveryLevel = "CustomizedRecoverable+ProtectedSubscription" - // DeletionRecoveryLevelCustomizedRecoverablePurgeable - Denotes a vault state in which deletion is recoverable, and which - // also permits immediate and permanent deletion (i.e. purge when 7<= SoftDeleteRetentionInDays < 90). This level guarantees - // the recoverability of the deleted entity during the retention interval, unless a Purge operation is requested, or the subscription - // is cancelled. - DeletionRecoveryLevelCustomizedRecoverablePurgeable DeletionRecoveryLevel = "CustomizedRecoverable+Purgeable" - // DeletionRecoveryLevelPurgeable - Denotes a vault state in which deletion is an irreversible operation, without the possibility - // for recovery. This level corresponds to no protection being available against a Delete operation; the data is irretrievably - // lost upon accepting a Delete operation at the entity level or higher (vault, resource group, subscription etc.) - DeletionRecoveryLevelPurgeable DeletionRecoveryLevel = "Purgeable" - // DeletionRecoveryLevelRecoverable - Denotes a vault state in which deletion is recoverable without the possibility for immediate - // and permanent deletion (i.e. purge). This level guarantees the recoverability of the deleted entity during the retention - // interval(90 days) and while the subscription is still available. System wil permanently delete it after 90 days, if not - // recovered - DeletionRecoveryLevelRecoverable DeletionRecoveryLevel = "Recoverable" - // DeletionRecoveryLevelRecoverableProtectedSubscription - Denotes a vault and subscription state in which deletion is recoverable - // within retention interval (90 days), immediate and permanent deletion (i.e. purge) is not permitted, and in which the subscription - // itself cannot be permanently canceled. System wil permanently delete it after 90 days, if not recovered - DeletionRecoveryLevelRecoverableProtectedSubscription DeletionRecoveryLevel = "Recoverable+ProtectedSubscription" - // DeletionRecoveryLevelRecoverablePurgeable - Denotes a vault state in which deletion is recoverable, and which also permits - // immediate and permanent deletion (i.e. purge). This level guarantees the recoverability of the deleted entity during the - // retention interval (90 days), unless a Purge operation is requested, or the subscription is cancelled. System wil permanently - // delete it after 90 days, if not recovered - DeletionRecoveryLevelRecoverablePurgeable DeletionRecoveryLevel = "Recoverable+Purgeable" + // CurveNameP256 - The NIST P-256 elliptic curve, AKA SECG curve SECP256R1. + CurveNameP256 CurveName = "P-256" + // CurveNameP256K - The SECG SECP256K1 elliptic curve. + CurveNameP256K CurveName = "P-256K" + // CurveNameP384 - The NIST P-384 elliptic curve, AKA SECG curve SECP384R1. + CurveNameP384 CurveName = "P-384" + // CurveNameP521 - The NIST P-521 elliptic curve, AKA SECG curve SECP521R1. + CurveNameP521 CurveName = "P-521" ) -// PossibleDeletionRecoveryLevelValues returns the possible values for the DeletionRecoveryLevel const type. -func PossibleDeletionRecoveryLevelValues() []DeletionRecoveryLevel { - return []DeletionRecoveryLevel{ - DeletionRecoveryLevelCustomizedRecoverable, - DeletionRecoveryLevelCustomizedRecoverableProtectedSubscription, - DeletionRecoveryLevelCustomizedRecoverablePurgeable, - DeletionRecoveryLevelPurgeable, - DeletionRecoveryLevelRecoverable, - DeletionRecoveryLevelRecoverableProtectedSubscription, - DeletionRecoveryLevelRecoverablePurgeable, +// PossibleCurveNameValues returns the possible values for the CurveName const type. +func PossibleCurveNameValues() []CurveName { + return []CurveName{ + CurveNameP256, + CurveNameP256K, + CurveNameP384, + CurveNameP521, } } -// JSONWebKeyCurveName - Elliptic curve name. For valid values, see JsonWebKeyCurveName. -type JSONWebKeyCurveName string +// EncryptionAlgorithm - algorithm identifier +type EncryptionAlgorithm string const ( - // JSONWebKeyCurveNameP256 - The NIST P-256 elliptic curve, AKA SECG curve SECP256R1. - JSONWebKeyCurveNameP256 JSONWebKeyCurveName = "P-256" - // JSONWebKeyCurveNameP256K - The SECG SECP256K1 elliptic curve. - JSONWebKeyCurveNameP256K JSONWebKeyCurveName = "P-256K" - // JSONWebKeyCurveNameP384 - The NIST P-384 elliptic curve, AKA SECG curve SECP384R1. - JSONWebKeyCurveNameP384 JSONWebKeyCurveName = "P-384" - // JSONWebKeyCurveNameP521 - The NIST P-521 elliptic curve, AKA SECG curve SECP521R1. - JSONWebKeyCurveNameP521 JSONWebKeyCurveName = "P-521" + EncryptionAlgorithmA128CBC EncryptionAlgorithm = "A128CBC" + EncryptionAlgorithmA128CBCPAD EncryptionAlgorithm = "A128CBCPAD" + EncryptionAlgorithmA128GCM EncryptionAlgorithm = "A128GCM" + EncryptionAlgorithmA128KW EncryptionAlgorithm = "A128KW" + EncryptionAlgorithmA192CBC EncryptionAlgorithm = "A192CBC" + EncryptionAlgorithmA192CBCPAD EncryptionAlgorithm = "A192CBCPAD" + EncryptionAlgorithmA192GCM EncryptionAlgorithm = "A192GCM" + EncryptionAlgorithmA192KW EncryptionAlgorithm = "A192KW" + EncryptionAlgorithmA256CBC EncryptionAlgorithm = "A256CBC" + EncryptionAlgorithmA256CBCPAD EncryptionAlgorithm = "A256CBCPAD" + EncryptionAlgorithmA256GCM EncryptionAlgorithm = "A256GCM" + EncryptionAlgorithmA256KW EncryptionAlgorithm = "A256KW" + EncryptionAlgorithmRSA15 EncryptionAlgorithm = "RSA1_5" + EncryptionAlgorithmRSAOAEP EncryptionAlgorithm = "RSA-OAEP" + EncryptionAlgorithmRSAOAEP256 EncryptionAlgorithm = "RSA-OAEP-256" ) -// PossibleJSONWebKeyCurveNameValues returns the possible values for the JSONWebKeyCurveName const type. -func PossibleJSONWebKeyCurveNameValues() []JSONWebKeyCurveName { - return []JSONWebKeyCurveName{ - JSONWebKeyCurveNameP256, - JSONWebKeyCurveNameP256K, - JSONWebKeyCurveNameP384, - JSONWebKeyCurveNameP521, +// PossibleEncryptionAlgorithmValues returns the possible values for the EncryptionAlgorithm const type. +func PossibleEncryptionAlgorithmValues() []EncryptionAlgorithm { + return []EncryptionAlgorithm{ + EncryptionAlgorithmA128CBC, + EncryptionAlgorithmA128CBCPAD, + EncryptionAlgorithmA128GCM, + EncryptionAlgorithmA128KW, + EncryptionAlgorithmA192CBC, + EncryptionAlgorithmA192CBCPAD, + EncryptionAlgorithmA192GCM, + EncryptionAlgorithmA192KW, + EncryptionAlgorithmA256CBC, + EncryptionAlgorithmA256CBCPAD, + EncryptionAlgorithmA256GCM, + EncryptionAlgorithmA256KW, + EncryptionAlgorithmRSA15, + EncryptionAlgorithmRSAOAEP, + EncryptionAlgorithmRSAOAEP256, } } -// JSONWebKeyEncryptionAlgorithm - algorithm identifier -type JSONWebKeyEncryptionAlgorithm string +// KeyOperation - JSON web key operations. For more information, see JsonWebKeyOperation. +type KeyOperation string const ( - JSONWebKeyEncryptionAlgorithmA128CBC JSONWebKeyEncryptionAlgorithm = "A128CBC" - JSONWebKeyEncryptionAlgorithmA128CBCPAD JSONWebKeyEncryptionAlgorithm = "A128CBCPAD" - JSONWebKeyEncryptionAlgorithmA128GCM JSONWebKeyEncryptionAlgorithm = "A128GCM" - JSONWebKeyEncryptionAlgorithmA128KW JSONWebKeyEncryptionAlgorithm = "A128KW" - JSONWebKeyEncryptionAlgorithmA192CBC JSONWebKeyEncryptionAlgorithm = "A192CBC" - JSONWebKeyEncryptionAlgorithmA192CBCPAD JSONWebKeyEncryptionAlgorithm = "A192CBCPAD" - JSONWebKeyEncryptionAlgorithmA192GCM JSONWebKeyEncryptionAlgorithm = "A192GCM" - JSONWebKeyEncryptionAlgorithmA192KW JSONWebKeyEncryptionAlgorithm = "A192KW" - JSONWebKeyEncryptionAlgorithmA256CBC JSONWebKeyEncryptionAlgorithm = "A256CBC" - JSONWebKeyEncryptionAlgorithmA256CBCPAD JSONWebKeyEncryptionAlgorithm = "A256CBCPAD" - JSONWebKeyEncryptionAlgorithmA256GCM JSONWebKeyEncryptionAlgorithm = "A256GCM" - JSONWebKeyEncryptionAlgorithmA256KW JSONWebKeyEncryptionAlgorithm = "A256KW" - JSONWebKeyEncryptionAlgorithmRSA15 JSONWebKeyEncryptionAlgorithm = "RSA1_5" - JSONWebKeyEncryptionAlgorithmRSAOAEP JSONWebKeyEncryptionAlgorithm = "RSA-OAEP" - JSONWebKeyEncryptionAlgorithmRSAOAEP256 JSONWebKeyEncryptionAlgorithm = "RSA-OAEP-256" + KeyOperationDecrypt KeyOperation = "decrypt" + KeyOperationEncrypt KeyOperation = "encrypt" + + KeyOperationImport KeyOperation = "import" + KeyOperationSign KeyOperation = "sign" + KeyOperationUnwrapKey KeyOperation = "unwrapKey" + KeyOperationVerify KeyOperation = "verify" + KeyOperationWrapKey KeyOperation = "wrapKey" ) -// PossibleJSONWebKeyEncryptionAlgorithmValues returns the possible values for the JSONWebKeyEncryptionAlgorithm const type. -func PossibleJSONWebKeyEncryptionAlgorithmValues() []JSONWebKeyEncryptionAlgorithm { - return []JSONWebKeyEncryptionAlgorithm{ - JSONWebKeyEncryptionAlgorithmA128CBC, - JSONWebKeyEncryptionAlgorithmA128CBCPAD, - JSONWebKeyEncryptionAlgorithmA128GCM, - JSONWebKeyEncryptionAlgorithmA128KW, - JSONWebKeyEncryptionAlgorithmA192CBC, - JSONWebKeyEncryptionAlgorithmA192CBCPAD, - JSONWebKeyEncryptionAlgorithmA192GCM, - JSONWebKeyEncryptionAlgorithmA192KW, - JSONWebKeyEncryptionAlgorithmA256CBC, - JSONWebKeyEncryptionAlgorithmA256CBCPAD, - JSONWebKeyEncryptionAlgorithmA256GCM, - JSONWebKeyEncryptionAlgorithmA256KW, - JSONWebKeyEncryptionAlgorithmRSA15, - JSONWebKeyEncryptionAlgorithmRSAOAEP, - JSONWebKeyEncryptionAlgorithmRSAOAEP256, +// PossibleKeyOperationValues returns the possible values for the KeyOperation const type. +func PossibleKeyOperationValues() []KeyOperation { + return []KeyOperation{ + KeyOperationDecrypt, + KeyOperationEncrypt, + + KeyOperationImport, + KeyOperationSign, + KeyOperationUnwrapKey, + KeyOperationVerify, + KeyOperationWrapKey, } } -// JSONWebKeyOperation - JSON web key operations. For more information, see JsonWebKeyOperation. -type JSONWebKeyOperation string - -const ( - JSONWebKeyOperationDecrypt JSONWebKeyOperation = "decrypt" - JSONWebKeyOperationEncrypt JSONWebKeyOperation = "encrypt" - JSONWebKeyOperationExport JSONWebKeyOperation = "export" - JSONWebKeyOperationImport JSONWebKeyOperation = "import" - JSONWebKeyOperationSign JSONWebKeyOperation = "sign" - JSONWebKeyOperationUnwrapKey JSONWebKeyOperation = "unwrapKey" - JSONWebKeyOperationVerify JSONWebKeyOperation = "verify" - JSONWebKeyOperationWrapKey JSONWebKeyOperation = "wrapKey" -) - -// PossibleJSONWebKeyOperationValues returns the possible values for the JSONWebKeyOperation const type. -func PossibleJSONWebKeyOperationValues() []JSONWebKeyOperation { - return []JSONWebKeyOperation{ - JSONWebKeyOperationDecrypt, - JSONWebKeyOperationEncrypt, - JSONWebKeyOperationExport, - JSONWebKeyOperationImport, - JSONWebKeyOperationSign, - JSONWebKeyOperationUnwrapKey, - JSONWebKeyOperationVerify, - JSONWebKeyOperationWrapKey, - } -} - -// JSONWebKeySignatureAlgorithm - The signing/verification algorithm identifier. For more information on possible algorithm +// SignatureAlgorithm - The signing/verification algorithm identifier. For more information on possible algorithm // types, see JsonWebKeySignatureAlgorithm. -type JSONWebKeySignatureAlgorithm string +type SignatureAlgorithm string const ( - // JSONWebKeySignatureAlgorithmES256 - ECDSA using P-256 and SHA-256, as described in https://tools.ietf.org/html/rfc7518. - JSONWebKeySignatureAlgorithmES256 JSONWebKeySignatureAlgorithm = "ES256" - // JSONWebKeySignatureAlgorithmES256K - ECDSA using P-256K and SHA-256, as described in https://tools.ietf.org/html/rfc7518 - JSONWebKeySignatureAlgorithmES256K JSONWebKeySignatureAlgorithm = "ES256K" - // JSONWebKeySignatureAlgorithmES384 - ECDSA using P-384 and SHA-384, as described in https://tools.ietf.org/html/rfc7518 - JSONWebKeySignatureAlgorithmES384 JSONWebKeySignatureAlgorithm = "ES384" - // JSONWebKeySignatureAlgorithmES512 - ECDSA using P-521 and SHA-512, as described in https://tools.ietf.org/html/rfc7518 - JSONWebKeySignatureAlgorithmES512 JSONWebKeySignatureAlgorithm = "ES512" - // JSONWebKeySignatureAlgorithmPS256 - RSASSA-PSS using SHA-256 and MGF1 with SHA-256, as described in https://tools.ietf.org/html/rfc7518 - JSONWebKeySignatureAlgorithmPS256 JSONWebKeySignatureAlgorithm = "PS256" - // JSONWebKeySignatureAlgorithmPS384 - RSASSA-PSS using SHA-384 and MGF1 with SHA-384, as described in https://tools.ietf.org/html/rfc7518 - JSONWebKeySignatureAlgorithmPS384 JSONWebKeySignatureAlgorithm = "PS384" - // JSONWebKeySignatureAlgorithmPS512 - RSASSA-PSS using SHA-512 and MGF1 with SHA-512, as described in https://tools.ietf.org/html/rfc7518 - JSONWebKeySignatureAlgorithmPS512 JSONWebKeySignatureAlgorithm = "PS512" - // JSONWebKeySignatureAlgorithmRS256 - RSASSA-PKCS1-v1_5 using SHA-256, as described in https://tools.ietf.org/html/rfc7518 - JSONWebKeySignatureAlgorithmRS256 JSONWebKeySignatureAlgorithm = "RS256" - // JSONWebKeySignatureAlgorithmRS384 - RSASSA-PKCS1-v1_5 using SHA-384, as described in https://tools.ietf.org/html/rfc7518 - JSONWebKeySignatureAlgorithmRS384 JSONWebKeySignatureAlgorithm = "RS384" - // JSONWebKeySignatureAlgorithmRS512 - RSASSA-PKCS1-v1_5 using SHA-512, as described in https://tools.ietf.org/html/rfc7518 - JSONWebKeySignatureAlgorithmRS512 JSONWebKeySignatureAlgorithm = "RS512" - // JSONWebKeySignatureAlgorithmRSNULL - Reserved - JSONWebKeySignatureAlgorithmRSNULL JSONWebKeySignatureAlgorithm = "RSNULL" + // SignatureAlgorithmES256 - ECDSA using P-256 and SHA-256, as described in https://tools.ietf.org/html/rfc7518. + SignatureAlgorithmES256 SignatureAlgorithm = "ES256" + // SignatureAlgorithmES256K - ECDSA using P-256K and SHA-256, as described in https://tools.ietf.org/html/rfc7518 + SignatureAlgorithmES256K SignatureAlgorithm = "ES256K" + // SignatureAlgorithmES384 - ECDSA using P-384 and SHA-384, as described in https://tools.ietf.org/html/rfc7518 + SignatureAlgorithmES384 SignatureAlgorithm = "ES384" + // SignatureAlgorithmES512 - ECDSA using P-521 and SHA-512, as described in https://tools.ietf.org/html/rfc7518 + SignatureAlgorithmES512 SignatureAlgorithm = "ES512" + // SignatureAlgorithmPS256 - RSASSA-PSS using SHA-256 and MGF1 with SHA-256, as described in https://tools.ietf.org/html/rfc7518 + SignatureAlgorithmPS256 SignatureAlgorithm = "PS256" + // SignatureAlgorithmPS384 - RSASSA-PSS using SHA-384 and MGF1 with SHA-384, as described in https://tools.ietf.org/html/rfc7518 + SignatureAlgorithmPS384 SignatureAlgorithm = "PS384" + // SignatureAlgorithmPS512 - RSASSA-PSS using SHA-512 and MGF1 with SHA-512, as described in https://tools.ietf.org/html/rfc7518 + SignatureAlgorithmPS512 SignatureAlgorithm = "PS512" + // SignatureAlgorithmRS256 - RSASSA-PKCS1-v1_5 using SHA-256, as described in https://tools.ietf.org/html/rfc7518 + SignatureAlgorithmRS256 SignatureAlgorithm = "RS256" + // SignatureAlgorithmRS384 - RSASSA-PKCS1-v1_5 using SHA-384, as described in https://tools.ietf.org/html/rfc7518 + SignatureAlgorithmRS384 SignatureAlgorithm = "RS384" + // SignatureAlgorithmRS512 - RSASSA-PKCS1-v1_5 using SHA-512, as described in https://tools.ietf.org/html/rfc7518 + SignatureAlgorithmRS512 SignatureAlgorithm = "RS512" ) -// PossibleJSONWebKeySignatureAlgorithmValues returns the possible values for the JSONWebKeySignatureAlgorithm const type. -func PossibleJSONWebKeySignatureAlgorithmValues() []JSONWebKeySignatureAlgorithm { - return []JSONWebKeySignatureAlgorithm{ - JSONWebKeySignatureAlgorithmES256, - JSONWebKeySignatureAlgorithmES256K, - JSONWebKeySignatureAlgorithmES384, - JSONWebKeySignatureAlgorithmES512, - JSONWebKeySignatureAlgorithmPS256, - JSONWebKeySignatureAlgorithmPS384, - JSONWebKeySignatureAlgorithmPS512, - JSONWebKeySignatureAlgorithmRS256, - JSONWebKeySignatureAlgorithmRS384, - JSONWebKeySignatureAlgorithmRS512, - JSONWebKeySignatureAlgorithmRSNULL, +// PossibleSignatureAlgorithmValues returns the possible values for the SignatureAlgorithm const type. +func PossibleSignatureAlgorithmValues() []SignatureAlgorithm { + return []SignatureAlgorithm{ + SignatureAlgorithmES256, + SignatureAlgorithmES256K, + SignatureAlgorithmES384, + SignatureAlgorithmES512, + SignatureAlgorithmPS256, + SignatureAlgorithmPS384, + SignatureAlgorithmPS512, + SignatureAlgorithmRS256, + SignatureAlgorithmRS384, + SignatureAlgorithmRS512, } } -// JSONWebKeyType - JsonWebKey Key Type (kty), as defined in https://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-40. -type JSONWebKeyType string +// KeyType - JsonWebKey Key Type (kty), as defined in https://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-40. +type KeyType string const ( - // JSONWebKeyTypeEC - Elliptic Curve. - JSONWebKeyTypeEC JSONWebKeyType = "EC" - // JSONWebKeyTypeECHSM - Elliptic Curve with a private key which is stored in the HSM. - JSONWebKeyTypeECHSM JSONWebKeyType = "EC-HSM" - // JSONWebKeyTypeOct - Octet sequence (used to represent symmetric keys) - JSONWebKeyTypeOct JSONWebKeyType = "oct" - // JSONWebKeyTypeOctHSM - Octet sequence (used to represent symmetric keys) which is stored the HSM. - JSONWebKeyTypeOctHSM JSONWebKeyType = "oct-HSM" - // JSONWebKeyTypeRSA - RSA (https://tools.ietf.org/html/rfc3447) - JSONWebKeyTypeRSA JSONWebKeyType = "RSA" - // JSONWebKeyTypeRSAHSM - RSA with a private key which is stored in the HSM. - JSONWebKeyTypeRSAHSM JSONWebKeyType = "RSA-HSM" + // KeyTypeEC - Elliptic Curve. + KeyTypeEC KeyType = "EC" + // KeyTypeECHSM - Elliptic Curve with a private key which is stored in the HSM. + KeyTypeECHSM KeyType = "EC-HSM" + // KeyTypeOct - Octet sequence (used to represent symmetric keys) + KeyTypeOct KeyType = "oct" + // KeyTypeOctHSM - Octet sequence (used to represent symmetric keys) which is stored the HSM. + KeyTypeOctHSM KeyType = "oct-HSM" + // KeyTypeRSA - RSA (https://tools.ietf.org/html/rfc3447) + KeyTypeRSA KeyType = "RSA" + // KeyTypeRSAHSM - RSA with a private key which is stored in the HSM. + KeyTypeRSAHSM KeyType = "RSA-HSM" ) -// PossibleJSONWebKeyTypeValues returns the possible values for the JSONWebKeyType const type. -func PossibleJSONWebKeyTypeValues() []JSONWebKeyType { - return []JSONWebKeyType{ - JSONWebKeyTypeEC, - JSONWebKeyTypeECHSM, - JSONWebKeyTypeOct, - JSONWebKeyTypeOctHSM, - JSONWebKeyTypeRSA, - JSONWebKeyTypeRSAHSM, +// PossibleKeyTypeValues returns the possible values for the KeyType const type. +func PossibleKeyTypeValues() []KeyType { + return []KeyType{ + KeyTypeEC, + KeyTypeECHSM, + KeyTypeOct, + KeyTypeOctHSM, + KeyTypeRSA, + KeyTypeRSAHSM, } } diff --git a/sdk/security/keyvault/azkeys/example_test.go b/sdk/security/keyvault/azkeys/example_test.go index e3173a455c20..ef61055b6435 100644 --- a/sdk/security/keyvault/azkeys/example_test.go +++ b/sdk/security/keyvault/azkeys/example_test.go @@ -36,7 +36,7 @@ func ExampleNewClient() { func ExampleClient_CreateKey_rsa() { params := azkeys.CreateKeyParameters{ KeySize: to.Ptr(int32(2048)), - Kty: to.Ptr(azkeys.JSONWebKeyTypeRSA), + Kty: to.Ptr(azkeys.KeyTypeRSA), } // if a key with the same name already exists, a new version of that key is created resp, err := client.CreateKey(context.TODO(), "key-name", params, nil) @@ -48,8 +48,8 @@ func ExampleClient_CreateKey_rsa() { func ExampleClient_CreateKey_ec() { params := azkeys.CreateKeyParameters{ - Curve: to.Ptr(azkeys.JSONWebKeyCurveNameP256K), - Kty: to.Ptr(azkeys.JSONWebKeyTypeEC), + Curve: to.Ptr(azkeys.CurveNameP256K), + Kty: to.Ptr(azkeys.KeyTypeEC), } // if a key with the same name already exists, a new version of that key is created resp, err := client.CreateKey(context.TODO(), "key-name", params, nil) @@ -74,7 +74,7 @@ func ExampleClient_DeleteKey() { func ExampleClient_PurgeDeletedKey() { // this loop purges all the deleted keys in the vault - pager := client.NewListDeletedKeysPager(nil) + pager := client.NewListDeletedKeyPropertiesPager(nil) for pager.More() { page, err := pager.NextPage(context.TODO()) if err != nil { @@ -141,8 +141,8 @@ func ExampleClient_UpdateKeyRotationPolicy() { fmt.Printf("Updated key rotation policy at: %v", resp.Attributes.Updated) } -func ExampleClient_NewListKeysPager() { - pager := client.NewListKeysPager(nil) +func ExampleClient_NewListKeyPropertiesPager() { + pager := client.NewListKeyPropertiesPager(nil) for pager.More() { resp, err := pager.NextPage(context.TODO()) if err != nil { diff --git a/sdk/security/keyvault/azkeys/models.go b/sdk/security/keyvault/azkeys/models.go index 7561561ad087..070332c93fae 100644 --- a/sdk/security/keyvault/azkeys/models.go +++ b/sdk/security/keyvault/azkeys/models.go @@ -67,22 +67,21 @@ type ImportKeyOptions struct { // placeholder for future optional parameters } -// ListDeletedKeysOptions contains the optional parameters for the Client.NewListDeletedKeysPager method. -type ListDeletedKeysOptions struct { - // Maximum number of results to return in a page. If not specified the service will return up to 25 results. - MaxResults *int32 +// ListDeletedKeyPropertiesOptions contains the optional parameters for the Client.NewListDeletedKeyPropertiesPager +// method. +type ListDeletedKeyPropertiesOptions struct { + // placeholder for future optional parameters } -// ListKeyVersionsOptions contains the optional parameters for the Client.NewListKeyVersionsPager method. -type ListKeyVersionsOptions struct { - // Maximum number of results to return in a page. If not specified the service will return up to 25 results. - MaxResults *int32 +// ListKeyPropertiesOptions contains the optional parameters for the Client.NewListKeyPropertiesPager method. +type ListKeyPropertiesOptions struct { + // placeholder for future optional parameters } -// ListKeysOptions contains the optional parameters for the Client.NewListKeysPager method. -type ListKeysOptions struct { - // Maximum number of results to return in a page. If not specified the service will return up to 25 results. - MaxResults *int32 +// ListKeyPropertiesVersionsOptions contains the optional parameters for the Client.NewListKeyPropertiesVersionsPager +// method. +type ListKeyPropertiesVersionsOptions struct { + // placeholder for future optional parameters } // PurgeDeletedKeyOptions contains the optional parameters for the Client.PurgeDeletedKey method. @@ -143,14 +142,14 @@ type WrapKeyOptions struct { // CreateKeyParameters - The key create parameters. type CreateKeyParameters struct { // REQUIRED; The type of key to create. For valid values, see JsonWebKeyType. - Kty *JSONWebKeyType `json:"kty,omitempty"` + Kty *KeyType `json:"kty,omitempty"` // Elliptic curve name. For valid values, see JsonWebKeyCurveName. - Curve *JSONWebKeyCurveName `json:"crv,omitempty"` + Curve *CurveName `json:"crv,omitempty"` // The attributes of a key managed by the key vault service. - KeyAttributes *KeyAttributes `json:"attributes,omitempty"` - KeyOps []*JSONWebKeyOperation `json:"key_ops,omitempty"` + KeyAttributes *KeyAttributes `json:"attributes,omitempty"` + KeyOps []*KeyOperation `json:"key_ops,omitempty"` // The key size in bits. For example: 2048, 3072, or 4096 for RSA. KeySize *int32 `json:"key_size,omitempty"` @@ -165,8 +164,8 @@ type CreateKeyParameters struct { Tags map[string]*string `json:"tags,omitempty"` } -// DeletedKeyBundle - A DeletedKeyBundle consisting of a WebKey plus its Attributes and deletion info -type DeletedKeyBundle struct { +// DeletedKey - A DeletedKeyBundle consisting of a WebKey plus its Attributes and deletion info +type DeletedKey struct { // The key management attributes. Attributes *KeyAttributes `json:"attributes,omitempty"` @@ -193,8 +192,8 @@ type DeletedKeyBundle struct { ScheduledPurgeDate *time.Time `json:"scheduledPurgeDate,omitempty" azure:"ro"` } -// DeletedKeyItem - The deleted key item containing the deleted key metadata and information about deletion. -type DeletedKeyItem struct { +// DeletedKeyProperties - The deleted key item containing the deleted key metadata and information about deletion. +type DeletedKeyProperties struct { // The key management attributes. Attributes *KeyAttributes `json:"attributes,omitempty"` @@ -218,18 +217,18 @@ type DeletedKeyItem struct { ScheduledPurgeDate *time.Time `json:"scheduledPurgeDate,omitempty" azure:"ro"` } -// DeletedKeyListResult - A list of keys that have been deleted in this vault. -type DeletedKeyListResult struct { +// DeletedKeyPropertiesListResult - A list of keys that have been deleted in this vault. +type DeletedKeyPropertiesListResult struct { // READ-ONLY; The URL to get the next set of deleted keys. NextLink *string `json:"nextLink,omitempty" azure:"ro"` // READ-ONLY; A response message containing a list of deleted keys in the vault along with a link to the next page of deleted // keys - Value []*DeletedKeyItem `json:"value,omitempty" azure:"ro"` + Value []*DeletedKeyProperties `json:"value,omitempty" azure:"ro"` } -// GetRandomBytesRequest - The get random bytes request object. -type GetRandomBytesRequest struct { +// GetRandomBytesParameters - The get random bytes request object. +type GetRandomBytesParameters struct { // REQUIRED; The requested number of random bytes. Count *int32 `json:"count,omitempty"` } @@ -255,7 +254,7 @@ type ImportKeyParameters struct { // JSONWebKey - As of http://tools.ietf.org/html/draft-ietf-jose-json-web-key-18 type JSONWebKey struct { // Elliptic curve name. For valid values, see JsonWebKeyCurveName. - Crv *JSONWebKeyCurveName `json:"crv,omitempty"` + Crv *CurveName `json:"crv,omitempty"` // RSA private exponent, or the D component of an EC private key. D []byte `json:"d,omitempty"` @@ -273,11 +272,11 @@ type JSONWebKey struct { K []byte `json:"k,omitempty"` // Key identifier. - KID *ID `json:"kid,omitempty"` - KeyOps []*string `json:"key_ops,omitempty"` + KID *ID `json:"kid,omitempty"` + KeyOps []*KeyOperation `json:"key_ops,omitempty"` // JsonWebKey Key Type (kty), as defined in https://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-40. - Kty *JSONWebKeyType `json:"kty,omitempty"` + Kty *KeyType `json:"kty,omitempty"` // RSA modulus. N []byte `json:"n,omitempty"` @@ -325,7 +324,7 @@ type KeyAttributes struct { // READ-ONLY; Reflects the deletion recovery level currently in effect for keys in the current vault. If it contains 'Purgeable' // the key can be permanently deleted by a privileged user; otherwise, only the system // can purge the key, at the end of the retention interval. - RecoveryLevel *DeletionRecoveryLevel `json:"recoveryLevel,omitempty" azure:"ro"` + RecoveryLevel *string `json:"recoveryLevel,omitempty" azure:"ro"` // READ-ONLY; Last updated time in UTC. Updated *time.Time `json:"updated,omitempty" azure:"ro"` @@ -350,29 +349,22 @@ type KeyBundle struct { Managed *bool `json:"managed,omitempty" azure:"ro"` } -// KeyItem - The key item containing key metadata. -type KeyItem struct { - // The key management attributes. - Attributes *KeyAttributes `json:"attributes,omitempty"` - - // Key identifier. - KID *ID `json:"kid,omitempty"` +// KeyOperationParameters - The key operations parameters. +type KeyOperationParameters struct { + // REQUIRED; algorithm identifier + Algorithm *EncryptionAlgorithm `json:"alg,omitempty"` - // Application specific metadata in the form of key-value pairs. - Tags map[string]*string `json:"tags,omitempty"` + // REQUIRED + Value []byte `json:"value,omitempty"` - // READ-ONLY; True if the key's lifetime is managed by key vault. If this is a key backing a certificate, then managed will - // be true. - Managed *bool `json:"managed,omitempty" azure:"ro"` -} + // Additional data to authenticate but not encrypt/decrypt when using authenticated crypto algorithms. + AdditionalAuthenticatedData []byte `json:"aad,omitempty"` -// KeyListResult - The key list result. -type KeyListResult struct { - // READ-ONLY; The URL to get the next set of keys. - NextLink *string `json:"nextLink,omitempty" azure:"ro"` + // The tag to authenticate when performing decryption with an authenticated algorithm. + AuthenticationTag []byte `json:"tag,omitempty"` - // READ-ONLY; A response message containing a list of keys in the key vault along with a link to the next page of keys. - Value []*KeyItem `json:"value,omitempty" azure:"ro"` + // Cryptographically random, non-repeating initialization vector for symmetric algorithms. + IV []byte `json:"iv,omitempty"` } // KeyOperationResult - The key operation result. @@ -393,22 +385,29 @@ type KeyOperationResult struct { Result []byte `json:"value,omitempty" azure:"ro"` } -// KeyOperationsParameters - The key operations parameters. -type KeyOperationsParameters struct { - // REQUIRED; algorithm identifier - Algorithm *JSONWebKeyEncryptionAlgorithm `json:"alg,omitempty"` +// KeyProperties - The key item containing key metadata. +type KeyProperties struct { + // The key management attributes. + Attributes *KeyAttributes `json:"attributes,omitempty"` - // REQUIRED - Value []byte `json:"value,omitempty"` + // Key identifier. + KID *ID `json:"kid,omitempty"` - // Additional data to authenticate but not encrypt/decrypt when using authenticated crypto algorithms. - AAD []byte `json:"aad,omitempty"` + // Application specific metadata in the form of key-value pairs. + Tags map[string]*string `json:"tags,omitempty"` - // Cryptographically random, non-repeating initialization vector for symmetric algorithms. - IV []byte `json:"iv,omitempty"` + // READ-ONLY; True if the key's lifetime is managed by key vault. If this is a key backing a certificate, then managed will + // be true. + Managed *bool `json:"managed,omitempty" azure:"ro"` +} - // The tag to authenticate when performing decryption with an authenticated algorithm. - Tag []byte `json:"tag,omitempty"` +// KeyPropertiesListResult - The key list result. +type KeyPropertiesListResult struct { + // READ-ONLY; The URL to get the next set of keys. + NextLink *string `json:"nextLink,omitempty" azure:"ro"` + + // READ-ONLY; A response message containing a list of keys in the key vault along with a link to the next page of keys. + Value []*KeyProperties `json:"value,omitempty" azure:"ro"` } // KeyReleasePolicy - The policy rules under which the key can be exported. @@ -500,7 +499,7 @@ type ReleaseParameters struct { TargetAttestationToken *string `json:"target,omitempty"` // The encryption algorithm to use to protected the exported key material - Enc *KeyEncryptionAlgorithm `json:"enc,omitempty"` + Algorithm *KeyEncryptionAlgorithm `json:"enc,omitempty"` // A client provided nonce for freshness. Nonce *string `json:"nonce,omitempty"` @@ -509,13 +508,13 @@ type ReleaseParameters struct { // RestoreKeyParameters - The key restore parameters. type RestoreKeyParameters struct { // REQUIRED; The backup blob associated with a key bundle. - KeyBundleBackup []byte `json:"value,omitempty"` + KeyBackup []byte `json:"value,omitempty"` } // SignParameters - The key operations parameters. type SignParameters struct { // REQUIRED; The signing/verification algorithm identifier. For more information on possible algorithm types, see JsonWebKeySignatureAlgorithm. - Algorithm *JSONWebKeySignatureAlgorithm `json:"alg,omitempty"` + Algorithm *SignatureAlgorithm `json:"alg,omitempty"` // REQUIRED Value []byte `json:"value,omitempty"` @@ -527,7 +526,7 @@ type UpdateKeyParameters struct { KeyAttributes *KeyAttributes `json:"attributes,omitempty"` // Json web key operations. For more information on possible key operations, see JsonWebKeyOperation. - KeyOps []*JSONWebKeyOperation `json:"key_ops,omitempty"` + KeyOps []*KeyOperation `json:"key_ops,omitempty"` // The policy rules under which the key can be exported. ReleasePolicy *KeyReleasePolicy `json:"release_policy,omitempty"` @@ -539,7 +538,7 @@ type UpdateKeyParameters struct { // VerifyParameters - The key verify parameters. type VerifyParameters struct { // REQUIRED; The signing/verification algorithm. For more information on possible algorithm types, see JsonWebKeySignatureAlgorithm. - Algorithm *JSONWebKeySignatureAlgorithm `json:"alg,omitempty"` + Algorithm *SignatureAlgorithm `json:"alg,omitempty"` // REQUIRED; The digest used for signing. Digest []byte `json:"digest,omitempty"` diff --git a/sdk/security/keyvault/azkeys/models_serde.go b/sdk/security/keyvault/azkeys/models_serde.go index dddb1732a677..e62b9b7c2efd 100644 --- a/sdk/security/keyvault/azkeys/models_serde.go +++ b/sdk/security/keyvault/azkeys/models_serde.go @@ -99,8 +99,8 @@ func (c *CreateKeyParameters) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type DeletedKeyBundle. -func (d DeletedKeyBundle) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type DeletedKey. +func (d DeletedKey) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) populate(objectMap, "attributes", d.Attributes) populateTimeUnix(objectMap, "deletedDate", d.DeletedDate) @@ -113,8 +113,8 @@ func (d DeletedKeyBundle) MarshalJSON() ([]byte, error) { return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type DeletedKeyBundle. -func (d *DeletedKeyBundle) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type DeletedKey. +func (d *DeletedKey) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", d, err) @@ -154,8 +154,8 @@ func (d *DeletedKeyBundle) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type DeletedKeyItem. -func (d DeletedKeyItem) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type DeletedKeyProperties. +func (d DeletedKeyProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) populate(objectMap, "attributes", d.Attributes) populateTimeUnix(objectMap, "deletedDate", d.DeletedDate) @@ -167,8 +167,8 @@ func (d DeletedKeyItem) MarshalJSON() ([]byte, error) { return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type DeletedKeyItem. -func (d *DeletedKeyItem) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type DeletedKeyProperties. +func (d *DeletedKeyProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", d, err) @@ -205,16 +205,16 @@ func (d *DeletedKeyItem) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type DeletedKeyListResult. -func (d DeletedKeyListResult) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type DeletedKeyPropertiesListResult. +func (d DeletedKeyPropertiesListResult) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) populate(objectMap, "nextLink", d.NextLink) populate(objectMap, "value", d.Value) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type DeletedKeyListResult. -func (d *DeletedKeyListResult) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type DeletedKeyPropertiesListResult. +func (d *DeletedKeyPropertiesListResult) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", d, err) @@ -236,15 +236,15 @@ func (d *DeletedKeyListResult) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type GetRandomBytesRequest. -func (g GetRandomBytesRequest) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type GetRandomBytesParameters. +func (g GetRandomBytesParameters) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) populate(objectMap, "count", g.Count) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type GetRandomBytesRequest. -func (g *GetRandomBytesRequest) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type GetRandomBytesParameters. +func (g *GetRandomBytesParameters) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", g, err) @@ -491,18 +491,19 @@ func (k *KeyBundle) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type KeyItem. -func (k KeyItem) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type KeyOperationParameters. +func (k KeyOperationParameters) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "attributes", k.Attributes) - populate(objectMap, "kid", k.KID) - populate(objectMap, "managed", k.Managed) - populate(objectMap, "tags", k.Tags) + populateByteArray(objectMap, "aad", k.AdditionalAuthenticatedData, runtime.Base64URLFormat) + populate(objectMap, "alg", k.Algorithm) + populateByteArray(objectMap, "tag", k.AuthenticationTag, runtime.Base64URLFormat) + populateByteArray(objectMap, "iv", k.IV, runtime.Base64URLFormat) + populateByteArray(objectMap, "value", k.Value, runtime.Base64URLFormat) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type KeyItem. -func (k *KeyItem) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type KeyOperationParameters. +func (k *KeyOperationParameters) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", k, err) @@ -510,48 +511,20 @@ func (k *KeyItem) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "attributes": - err = unpopulate(val, "Attributes", &k.Attributes) - delete(rawMsg, key) - case "kid": - err = unpopulate(val, "KID", &k.KID) + case "aad": + err = runtime.DecodeByteArray(string(val), &k.AdditionalAuthenticatedData, runtime.Base64URLFormat) delete(rawMsg, key) - case "managed": - err = unpopulate(val, "Managed", &k.Managed) + case "alg": + err = unpopulate(val, "Algorithm", &k.Algorithm) delete(rawMsg, key) - case "tags": - err = unpopulate(val, "Tags", &k.Tags) + case "tag": + err = runtime.DecodeByteArray(string(val), &k.AuthenticationTag, runtime.Base64URLFormat) delete(rawMsg, key) - } - if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", k, err) - } - } - return nil -} - -// MarshalJSON implements the json.Marshaller interface for type KeyListResult. -func (k KeyListResult) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]any) - populate(objectMap, "nextLink", k.NextLink) - populate(objectMap, "value", k.Value) - return json.Marshal(objectMap) -} - -// UnmarshalJSON implements the json.Unmarshaller interface for type KeyListResult. -func (k *KeyListResult) UnmarshalJSON(data []byte) error { - var rawMsg map[string]json.RawMessage - if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", k, err) - } - for key, val := range rawMsg { - var err error - switch key { - case "nextLink": - err = unpopulate(val, "NextLink", &k.NextLink) + case "iv": + err = runtime.DecodeByteArray(string(val), &k.IV, runtime.Base64URLFormat) delete(rawMsg, key) case "value": - err = unpopulate(val, "Value", &k.Value) + err = runtime.DecodeByteArray(string(val), &k.Value, runtime.Base64URLFormat) delete(rawMsg, key) } if err != nil { @@ -604,19 +577,18 @@ func (k *KeyOperationResult) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type KeyOperationsParameters. -func (k KeyOperationsParameters) MarshalJSON() ([]byte, error) { +// MarshalJSON implements the json.Marshaller interface for type KeyProperties. +func (k KeyProperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populateByteArray(objectMap, "aad", k.AAD, runtime.Base64URLFormat) - populate(objectMap, "alg", k.Algorithm) - populateByteArray(objectMap, "iv", k.IV, runtime.Base64URLFormat) - populateByteArray(objectMap, "tag", k.Tag, runtime.Base64URLFormat) - populateByteArray(objectMap, "value", k.Value, runtime.Base64URLFormat) + populate(objectMap, "attributes", k.Attributes) + populate(objectMap, "kid", k.KID) + populate(objectMap, "managed", k.Managed) + populate(objectMap, "tags", k.Tags) return json.Marshal(objectMap) } -// UnmarshalJSON implements the json.Unmarshaller interface for type KeyOperationsParameters. -func (k *KeyOperationsParameters) UnmarshalJSON(data []byte) error { +// UnmarshalJSON implements the json.Unmarshaller interface for type KeyProperties. +func (k *KeyProperties) UnmarshalJSON(data []byte) error { var rawMsg map[string]json.RawMessage if err := json.Unmarshal(data, &rawMsg); err != nil { return fmt.Errorf("unmarshalling type %T: %v", k, err) @@ -624,20 +596,48 @@ func (k *KeyOperationsParameters) UnmarshalJSON(data []byte) error { for key, val := range rawMsg { var err error switch key { - case "aad": - err = runtime.DecodeByteArray(string(val), &k.AAD, runtime.Base64URLFormat) + case "attributes": + err = unpopulate(val, "Attributes", &k.Attributes) delete(rawMsg, key) - case "alg": - err = unpopulate(val, "Algorithm", &k.Algorithm) + case "kid": + err = unpopulate(val, "KID", &k.KID) delete(rawMsg, key) - case "iv": - err = runtime.DecodeByteArray(string(val), &k.IV, runtime.Base64URLFormat) + case "managed": + err = unpopulate(val, "Managed", &k.Managed) delete(rawMsg, key) - case "tag": - err = runtime.DecodeByteArray(string(val), &k.Tag, runtime.Base64URLFormat) + case "tags": + err = unpopulate(val, "Tags", &k.Tags) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", k, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type KeyPropertiesListResult. +func (k KeyPropertiesListResult) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", k.NextLink) + populate(objectMap, "value", k.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type KeyPropertiesListResult. +func (k *KeyPropertiesListResult) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", k, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &k.NextLink) delete(rawMsg, key) case "value": - err = runtime.DecodeByteArray(string(val), &k.Value, runtime.Base64URLFormat) + err = unpopulate(val, "Value", &k.Value) delete(rawMsg, key) } if err != nil { @@ -925,7 +925,7 @@ func (r *RandomBytes) UnmarshalJSON(data []byte) error { // MarshalJSON implements the json.Marshaller interface for type ReleaseParameters. func (r ReleaseParameters) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populate(objectMap, "enc", r.Enc) + populate(objectMap, "enc", r.Algorithm) populate(objectMap, "nonce", r.Nonce) populate(objectMap, "target", r.TargetAttestationToken) return json.Marshal(objectMap) @@ -941,7 +941,7 @@ func (r *ReleaseParameters) UnmarshalJSON(data []byte) error { var err error switch key { case "enc": - err = unpopulate(val, "Enc", &r.Enc) + err = unpopulate(val, "Algorithm", &r.Algorithm) delete(rawMsg, key) case "nonce": err = unpopulate(val, "Nonce", &r.Nonce) @@ -960,7 +960,7 @@ func (r *ReleaseParameters) UnmarshalJSON(data []byte) error { // MarshalJSON implements the json.Marshaller interface for type RestoreKeyParameters. func (r RestoreKeyParameters) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) - populateByteArray(objectMap, "value", r.KeyBundleBackup, runtime.Base64URLFormat) + populateByteArray(objectMap, "value", r.KeyBackup, runtime.Base64URLFormat) return json.Marshal(objectMap) } @@ -974,7 +974,7 @@ func (r *RestoreKeyParameters) UnmarshalJSON(data []byte) error { var err error switch key { case "value": - err = runtime.DecodeByteArray(string(val), &r.KeyBundleBackup, runtime.Base64URLFormat) + err = runtime.DecodeByteArray(string(val), &r.KeyBackup, runtime.Base64URLFormat) delete(rawMsg, key) } if err != nil { diff --git a/sdk/security/keyvault/azkeys/response_types.go b/sdk/security/keyvault/azkeys/response_types.go index 62eaefa5e3a7..e9fe38e6b702 100644 --- a/sdk/security/keyvault/azkeys/response_types.go +++ b/sdk/security/keyvault/azkeys/response_types.go @@ -26,7 +26,7 @@ type DecryptResponse struct { // DeleteKeyResponse contains the response from method Client.DeleteKey. type DeleteKeyResponse struct { - DeletedKeyBundle + DeletedKey } // EncryptResponse contains the response from method Client.Encrypt. @@ -36,7 +36,7 @@ type EncryptResponse struct { // GetDeletedKeyResponse contains the response from method Client.GetDeletedKey. type GetDeletedKeyResponse struct { - DeletedKeyBundle + DeletedKey } // GetKeyResponse contains the response from method Client.GetKey. @@ -59,19 +59,19 @@ type ImportKeyResponse struct { KeyBundle } -// ListDeletedKeysResponse contains the response from method Client.NewListDeletedKeysPager. -type ListDeletedKeysResponse struct { - DeletedKeyListResult +// ListDeletedKeyPropertiesResponse contains the response from method Client.NewListDeletedKeyPropertiesPager. +type ListDeletedKeyPropertiesResponse struct { + DeletedKeyPropertiesListResult } -// ListKeyVersionsResponse contains the response from method Client.NewListKeyVersionsPager. -type ListKeyVersionsResponse struct { - KeyListResult +// ListKeyPropertiesResponse contains the response from method Client.NewListKeyPropertiesPager. +type ListKeyPropertiesResponse struct { + KeyPropertiesListResult } -// ListKeysResponse contains the response from method Client.NewListKeysPager. -type ListKeysResponse struct { - KeyListResult +// ListKeyPropertiesVersionsResponse contains the response from method Client.NewListKeyPropertiesVersionsPager. +type ListKeyPropertiesVersionsResponse struct { + KeyPropertiesListResult } // PurgeDeletedKeyResponse contains the response from method Client.PurgeDeletedKey. diff --git a/sdk/security/keyvault/azkeys/testdata/perf/get_key.go b/sdk/security/keyvault/azkeys/testdata/perf/get_key.go index 18c1ad2654f2..0bf41a62be84 100644 --- a/sdk/security/keyvault/azkeys/testdata/perf/get_key.go +++ b/sdk/security/keyvault/azkeys/testdata/perf/get_key.go @@ -39,7 +39,7 @@ func newGetKeyTest(ctx context.Context, options perf.PerfTestOptions) (perf.Glob cred, err := azidentity.NewDefaultAzureCredential(nil) if err != nil { - panic(err) + return nil, err } client, err := azkeys.NewClient(vaultURL, cred, &azkeys.ClientOptions{ @@ -47,8 +47,11 @@ func newGetKeyTest(ctx context.Context, options perf.PerfTestOptions) (perf.Glob Transport: options.Transporter, }, }) + if err != nil { + return nil, err + } - _, err = client.CreateKey(ctx, d.keyName, azkeys.CreateKeyParameters{Kty: to.Ptr(azkeys.JSONWebKeyTypeRSA), KeySize: to.Ptr(int32(2048))}, nil) + _, err = client.CreateKey(ctx, d.keyName, azkeys.CreateKeyParameters{Kty: to.Ptr(azkeys.KeyTypeRSA), KeySize: to.Ptr(int32(2048))}, nil) if err != nil { return nil, err } diff --git a/sdk/security/keyvault/azkeys/utils_test.go b/sdk/security/keyvault/azkeys/utils_test.go index d0de9910ff33..1423365a88ba 100644 --- a/sdk/security/keyvault/azkeys/utils_test.go +++ b/sdk/security/keyvault/azkeys/utils_test.go @@ -14,6 +14,7 @@ import ( "fmt" "hash/fnv" "os" + "regexp" "strings" "sync" "testing" @@ -245,3 +246,27 @@ func getMarshalledReleasePolicy(attestationURL string) []byte { }) return data } + +type serdeModel interface { + json.Marshaler + json.Unmarshaler +} + +func testSerde[T serdeModel](t *testing.T, model T) { + data, err := model.MarshalJSON() + require.NoError(t, err) + err = model.UnmarshalJSON(data) + require.NoError(t, err) + + // testing unmarshal error scenarios + err = model.UnmarshalJSON(nil) + require.Error(t, err) + + m := regexp.MustCompile(":.*$") + modifiedData := m.ReplaceAllString(string(data), `:["test", "test1", "test2"]}`) + if modifiedData != "{}" { + data3 := []byte(modifiedData) + err = model.UnmarshalJSON(data3) + require.Error(t, err) + } +} diff --git a/sdk/security/keyvault/azkeys/version.go b/sdk/security/keyvault/azkeys/version.go index d38632ecc25a..0eff06644c7f 100644 --- a/sdk/security/keyvault/azkeys/version.go +++ b/sdk/security/keyvault/azkeys/version.go @@ -8,5 +8,5 @@ package azkeys const ( moduleName = "azkeys" - version = "v1.0.0" + version = "v0.12.0" )