-
Notifications
You must be signed in to change notification settings - Fork 1
/
index.js
70 lines (58 loc) · 2.37 KB
/
index.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
const {KeyClient, CryptographyClient} = require("@azure/keyvault-keys");
const {SecretClient} = require("@azure/keyvault-secrets");
//The production code accessing keys
const KeyRepository = function (keyName, url, credential, options) {
this.keyName = keyName;
this.credential = credential;
this.options = options;
this.client = new KeyClient(url, credential, options);
this.decrypt = async function (cipher) {
let key = await this.client.getKey(this.keyName);
let cryptographyClient = new CryptographyClient(key, this.credential, this.options);
let result = await cryptographyClient.decrypt({
algorithm: "RSA-OAEP-256",
ciphertext: cipher
});
return result.result.toString();
}
this.encrypt = async function (clearText) {
let key = await this.client.getKey(this.keyName);
let cryptographyClient = new CryptographyClient(key, this.credential, this.options);
let result = await cryptographyClient.encrypt({
algorithm: "RSA-OAEP-256",
plaintext: Uint8Array.from(clearText, x => x.charCodeAt(0))
});
return result.result;
}
}
//The production code accessing secrets
const SecretRepository = function (secretNames, url, credential, options) {
this.secretNames = secretNames;
this.credential = credential;
this.options = options;
this.client = new SecretClient(url, credential, options);
this.getDbUrl = async function () {
return (await this.client.getSecret(this.secretNames.url)).value;
}
this.getDbUser = async function () {
return (await this.client.getSecret(this.secretNames.username)).value;
}
this.getDbPass = async function () {
return (await this.client.getSecret(this.secretNames.password)).value;
}
}
//The production code accessing certificates
const CertificateRepository = function (certificateName, url, credential, options) {
this.certificateName = certificateName;
this.credential = credential;
this.options = options;
this.client = new SecretClient(url, credential, options);
this.getBase64Pkcs12Content = async function () {
return (await this.client.getSecret(this.certificateName)).value;
}
}
module.exports = {
KeyRepository: KeyRepository,
SecretRepository: SecretRepository,
CertificateRepository: CertificateRepository
}