@azure/keyvault-keys 4.10.1-alpha.20250702.2 → 4.10.1-alpha.20250722.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (100) hide show
  1. package/dist/browser/cryptography/remoteCryptographyProvider.js +34 -11
  2. package/dist/browser/cryptography/remoteCryptographyProvider.js.map +1 -1
  3. package/dist/browser/cryptographyClient.js +12 -5
  4. package/dist/browser/cryptographyClient.js.map +1 -1
  5. package/dist/browser/generated/src/api/keyVaultContext.js +12 -9
  6. package/dist/browser/generated/src/api/keyVaultContext.js.map +1 -1
  7. package/dist/browser/generated/src/api/operations.js +229 -78
  8. package/dist/browser/generated/src/api/operations.js.map +1 -1
  9. package/dist/browser/generated/src/keyVaultClient.js +8 -3
  10. package/dist/browser/generated/src/keyVaultClient.js.map +1 -1
  11. package/dist/browser/generated/src/static-helpers/pagingHelpers.js +31 -50
  12. package/dist/browser/generated/src/static-helpers/pagingHelpers.js.map +1 -1
  13. package/dist/browser/generated/src/static-helpers/urlTemplate.js +2 -2
  14. package/dist/browser/generated/src/static-helpers/urlTemplate.js.map +1 -1
  15. package/dist/browser/identifier.js +4 -1
  16. package/dist/browser/identifier.js.map +1 -1
  17. package/dist/browser/index.js +43 -29
  18. package/dist/browser/index.js.map +1 -1
  19. package/dist/browser/lro/delete/operation.js +3 -0
  20. package/dist/browser/lro/delete/operation.js.map +1 -1
  21. package/dist/browser/lro/delete/poller.js +4 -1
  22. package/dist/browser/lro/delete/poller.js.map +1 -1
  23. package/dist/browser/lro/keyVaultKeyPoller.js +6 -8
  24. package/dist/browser/lro/keyVaultKeyPoller.js.map +1 -1
  25. package/dist/browser/lro/recover/operation.js +5 -2
  26. package/dist/browser/lro/recover/operation.js.map +1 -1
  27. package/dist/browser/lro/recover/poller.js +4 -1
  28. package/dist/browser/lro/recover/poller.js.map +1 -1
  29. package/dist/browser/transformations.js +30 -41
  30. package/dist/browser/transformations.js.map +1 -1
  31. package/dist/commonjs/cryptography/aesCryptographyProvider.js +29 -29
  32. package/dist/commonjs/cryptography/aesCryptographyProvider.js.map +1 -1
  33. package/dist/commonjs/cryptography/remoteCryptographyProvider.js +34 -11
  34. package/dist/commonjs/cryptography/remoteCryptographyProvider.js.map +1 -1
  35. package/dist/commonjs/cryptography/rsaCryptographyProvider.js +39 -36
  36. package/dist/commonjs/cryptography/rsaCryptographyProvider.js.map +1 -1
  37. package/dist/commonjs/cryptographyClient.js +12 -5
  38. package/dist/commonjs/cryptographyClient.js.map +1 -1
  39. package/dist/commonjs/generated/src/api/keyVaultContext.js +12 -9
  40. package/dist/commonjs/generated/src/api/keyVaultContext.js.map +1 -1
  41. package/dist/commonjs/generated/src/api/operations.js +229 -78
  42. package/dist/commonjs/generated/src/api/operations.js.map +1 -1
  43. package/dist/commonjs/generated/src/keyVaultClient.js +8 -3
  44. package/dist/commonjs/generated/src/keyVaultClient.js.map +1 -1
  45. package/dist/commonjs/generated/src/static-helpers/pagingHelpers.js +31 -50
  46. package/dist/commonjs/generated/src/static-helpers/pagingHelpers.js.map +1 -1
  47. package/dist/commonjs/generated/src/static-helpers/urlTemplate.js +2 -2
  48. package/dist/commonjs/generated/src/static-helpers/urlTemplate.js.map +1 -1
  49. package/dist/commonjs/identifier.js +4 -1
  50. package/dist/commonjs/identifier.js.map +1 -1
  51. package/dist/commonjs/index.js +43 -29
  52. package/dist/commonjs/index.js.map +1 -1
  53. package/dist/commonjs/lro/delete/operation.js +3 -0
  54. package/dist/commonjs/lro/delete/operation.js.map +1 -1
  55. package/dist/commonjs/lro/delete/poller.js +4 -1
  56. package/dist/commonjs/lro/delete/poller.js.map +1 -1
  57. package/dist/commonjs/lro/keyVaultKeyPoller.js +6 -8
  58. package/dist/commonjs/lro/keyVaultKeyPoller.js.map +1 -1
  59. package/dist/commonjs/lro/recover/operation.js +5 -2
  60. package/dist/commonjs/lro/recover/operation.js.map +1 -1
  61. package/dist/commonjs/lro/recover/poller.js +4 -1
  62. package/dist/commonjs/lro/recover/poller.js.map +1 -1
  63. package/dist/commonjs/transformations.js +30 -41
  64. package/dist/commonjs/transformations.js.map +1 -1
  65. package/dist/commonjs/tsdoc-metadata.json +11 -11
  66. package/dist/esm/cryptography/aesCryptographyProvider.js +26 -26
  67. package/dist/esm/cryptography/aesCryptographyProvider.js.map +1 -1
  68. package/dist/esm/cryptography/remoteCryptographyProvider.js +34 -11
  69. package/dist/esm/cryptography/remoteCryptographyProvider.js.map +1 -1
  70. package/dist/esm/cryptography/rsaCryptographyProvider.js +39 -36
  71. package/dist/esm/cryptography/rsaCryptographyProvider.js.map +1 -1
  72. package/dist/esm/cryptographyClient.js +12 -5
  73. package/dist/esm/cryptographyClient.js.map +1 -1
  74. package/dist/esm/generated/src/api/keyVaultContext.js +12 -9
  75. package/dist/esm/generated/src/api/keyVaultContext.js.map +1 -1
  76. package/dist/esm/generated/src/api/operations.js +229 -78
  77. package/dist/esm/generated/src/api/operations.js.map +1 -1
  78. package/dist/esm/generated/src/keyVaultClient.js +8 -3
  79. package/dist/esm/generated/src/keyVaultClient.js.map +1 -1
  80. package/dist/esm/generated/src/static-helpers/pagingHelpers.js +31 -50
  81. package/dist/esm/generated/src/static-helpers/pagingHelpers.js.map +1 -1
  82. package/dist/esm/generated/src/static-helpers/urlTemplate.js +2 -2
  83. package/dist/esm/generated/src/static-helpers/urlTemplate.js.map +1 -1
  84. package/dist/esm/identifier.js +4 -1
  85. package/dist/esm/identifier.js.map +1 -1
  86. package/dist/esm/index.js +43 -29
  87. package/dist/esm/index.js.map +1 -1
  88. package/dist/esm/lro/delete/operation.js +3 -0
  89. package/dist/esm/lro/delete/operation.js.map +1 -1
  90. package/dist/esm/lro/delete/poller.js +4 -1
  91. package/dist/esm/lro/delete/poller.js.map +1 -1
  92. package/dist/esm/lro/keyVaultKeyPoller.js +6 -8
  93. package/dist/esm/lro/keyVaultKeyPoller.js.map +1 -1
  94. package/dist/esm/lro/recover/operation.js +5 -2
  95. package/dist/esm/lro/recover/operation.js.map +1 -1
  96. package/dist/esm/lro/recover/poller.js +4 -1
  97. package/dist/esm/lro/recover/poller.js.map +1 -1
  98. package/dist/esm/transformations.js +30 -41
  99. package/dist/esm/transformations.js.map +1 -1
  100. package/package.json +2 -2
package/dist/commonjs/transformations.js CHANGED
@@ -7,7 +7,6 @@ exports.getKeyFromKeyBundle = getKeyFromKeyBundle;
7
7
  exports.getDeletedKeyFromDeletedKeyItem = getDeletedKeyFromDeletedKeyItem;
8
8
  exports.getKeyPropertiesFromKeyItem = getKeyPropertiesFromKeyItem;
9
9
  exports.mapPagedAsyncIterable = mapPagedAsyncIterable;
10
- const tslib_1 = require("tslib");
11
10
  const identifier_js_1 = require("./identifier.js");
12
11
  /**
13
12
  * @internal
@@ -65,7 +64,12 @@ function getDeletedKeyFromDeletedKeyItem(keyItem) {
65
64
  },
66
65
  id: keyItem.kid,
67
66
  name: commonProperties.name,
68
- properties: Object.assign(Object.assign({}, commonProperties), { recoveryId: keyItem.recoveryId, scheduledPurgeDate: keyItem.scheduledPurgeDate, deletedOn: keyItem.deletedDate }),
67
+ properties: {
68
+ ...commonProperties,
69
+ recoveryId: keyItem.recoveryId,
70
+ scheduledPurgeDate: keyItem.scheduledPurgeDate,
71
+ deletedOn: keyItem.deletedDate,
72
+ },
69
73
  };
70
74
  }
71
75
  /**
@@ -77,15 +81,15 @@ function getKeyPropertiesFromKeyItem(keyItem) {
77
81
  const attributes = keyItem.attributes || {};
78
82
  const resultObject = {
79
83
  createdOn: attributes.created,
80
- enabled: attributes === null || attributes === void 0 ? void 0 : attributes.enabled,
81
- expiresOn: attributes === null || attributes === void 0 ? void 0 : attributes.expires,
84
+ enabled: attributes?.enabled,
85
+ expiresOn: attributes?.expires,
82
86
  id: keyItem.kid,
83
87
  managed: keyItem.managed,
84
88
  name: parsedId.name,
85
- notBefore: attributes === null || attributes === void 0 ? void 0 : attributes.notBefore,
86
- recoverableDays: attributes === null || attributes === void 0 ? void 0 : attributes.recoverableDays,
87
- recoveryLevel: attributes === null || attributes === void 0 ? void 0 : attributes.recoveryLevel,
88
- hsmPlatform: attributes === null || attributes === void 0 ? void 0 : attributes.hsmPlatform,
89
+ notBefore: attributes?.notBefore,
90
+ recoverableDays: attributes?.recoverableDays,
91
+ recoveryLevel: attributes?.recoveryLevel,
92
+ hsmPlatform: attributes?.hsmPlatform,
89
93
  tags: keyItem.tags,
90
94
  updatedOn: attributes.updated,
91
95
  vaultUrl: parsedId.vaultUrl,
@@ -109,12 +113,11 @@ function getNormalizedActionType(caseInsensitiveActionType) {
109
113
  */
110
114
  exports.keyRotationTransformations = {
111
115
  propertiesToGenerated: function (parameters) {
112
- var _a;
113
116
  const policy = {
114
117
  attributes: {
115
118
  expiryTime: parameters.expiresIn,
116
119
  },
117
- lifetimeActions: (_a = parameters.lifetimeActions) === null || _a === void 0 ? void 0 : _a.map((action) => {
120
+ lifetimeActions: parameters.lifetimeActions?.map((action) => {
118
121
  const generatedAction = {
119
122
  action: { type: action.action },
120
123
  trigger: {},
@@ -131,18 +134,16 @@ exports.keyRotationTransformations = {
131
134
  return policy;
132
135
  },
133
136
  generatedToPublic(generated) {
134
- var _a, _b, _c, _d;
135
137
  const policy = {
136
138
  id: generated.id,
137
- createdOn: (_a = generated.attributes) === null || _a === void 0 ? void 0 : _a.created,
138
- updatedOn: (_b = generated.attributes) === null || _b === void 0 ? void 0 : _b.updated,
139
- expiresIn: (_c = generated.attributes) === null || _c === void 0 ? void 0 : _c.expiryTime,
140
- lifetimeActions: (_d = generated.lifetimeActions) === null || _d === void 0 ? void 0 : _d.map((action) => {
141
- var _a, _b;
139
+ createdOn: generated.attributes?.created,
140
+ updatedOn: generated.attributes?.updated,
141
+ expiresIn: generated.attributes?.expiryTime,
142
+ lifetimeActions: generated.lifetimeActions?.map((action) => {
142
143
  return {
143
144
  action: getNormalizedActionType(action.action.type),
144
- timeAfterCreate: (_a = action.trigger) === null || _a === void 0 ? void 0 : _a.timeAfterCreate,
145
- timeBeforeExpiry: (_b = action.trigger) === null || _b === void 0 ? void 0 : _b.timeBeforeExpiry,
145
+ timeAfterCreate: action.trigger?.timeAfterCreate,
146
+ timeBeforeExpiry: action.trigger?.timeBeforeExpiry,
146
147
  };
147
148
  }),
148
149
  };
@@ -162,34 +163,22 @@ function mapPagedAsyncIterable(options, operation, mapper) {
162
163
  let iter = undefined;
163
164
  return {
164
165
  async next() {
165
- iter !== null && iter !== void 0 ? iter : (iter = operation(Object.assign(Object.assign({}, options), { maxresults: undefined })));
166
+ iter ??= operation({ ...options, maxresults: undefined });
166
167
  const result = await iter.next();
167
- return Object.assign(Object.assign({}, result), { value: result.value && mapper(result.value) });
168
+ return {
169
+ ...result,
170
+ value: result.value && mapper(result.value),
171
+ };
168
172
  },
169
173
  [Symbol.asyncIterator]() {
170
174
  return this;
171
175
  },
172
- byPage(settings) {
173
- return tslib_1.__asyncGenerator(this, arguments, function* byPage_1() {
174
- var _a, e_1, _b, _c;
175
- // Pass the maxPageSize value to the underlying page operation
176
- const iteratorByPage = operation(Object.assign(Object.assign({}, options), { maxresults: settings === null || settings === void 0 ? void 0 : settings.maxPageSize })).byPage(settings);
177
- try {
178
- for (var _d = true, iteratorByPage_1 = tslib_1.__asyncValues(iteratorByPage), iteratorByPage_1_1; iteratorByPage_1_1 = yield tslib_1.__await(iteratorByPage_1.next()), _a = iteratorByPage_1_1.done, !_a; _d = true) {
179
- _c = iteratorByPage_1_1.value;
180
- _d = false;
181
- const page = _c;
182
- yield yield tslib_1.__await(page.map(mapper));
183
- }
184
- }
185
- catch (e_1_1) { e_1 = { error: e_1_1 }; }
186
- finally {
187
- try {
188
- if (!_d && !_a && (_b = iteratorByPage_1.return)) yield tslib_1.__await(_b.call(iteratorByPage_1));
189
- }
190
- finally { if (e_1) throw e_1.error; }
191
- }
192
- });
176
+ async *byPage(settings) {
177
+ // Pass the maxPageSize value to the underlying page operation
178
+ const iteratorByPage = operation({ ...options, maxresults: settings?.maxPageSize }).byPage(settings);
179
+ for await (const page of iteratorByPage) {
180
+ yield page.map(mapper);
181
+ }
193
182
  },
194
183
  };
195
184
  }
package/dist/commonjs/transformations.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"transformations.js","sourceRoot":"","sources":["../../src/transformations.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC;;;AA2BlC,kDAkDC;AAMD,0EAgBC;AAMD,kEAsBC;AAyED,sDAiCC;;AA9ND,mDAA6D;AAY7D;;;GAGG;AACH,SAAgB,mBAAmB,CACjC,MAAoC;IAEpC,MAAM,SAAS,GAAG,MAAmB,CAAC;IACtC,MAAM,gBAAgB,GAAG,MAA0B,CAAC;IAEpD,MAAM,QAAQ,GAAG,IAAA,0CAA0B,EAAC,SAAS,CAAC,GAAI,CAAC,GAAI,CAAC,CAAC;IAEjE,MAAM,UAAU,GAAkB,SAAS,CAAC,UAAU,IAAI,EAAE,CAAC;IAE7D,MAAM,YAAY,GAA6B;QAC7C,GAAG,EAAE,SAAS,CAAC,GAAG;QAClB,EAAE,EAAE,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS;QACjD,IAAI,EAAE,QAAQ,CAAC,IAAI;QACnB,aAAa,EAAE,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS;QAC/D,OAAO,EAAE,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS;QACtD,UAAU,EAAE;YACV,IAAI,EAAE,SAAS,CAAC,IAAI;YAEpB,OAAO,EAAE,UAAU,CAAC,OAAO;YAC3B,SAAS,EAAE,UAAU,CAAC,SAAS;YAC/B,SAAS,EAAE,UAAU,CAAC,OAAO;YAC7B,SAAS,EAAE,UAAU,CAAC,OAAO;YAC7B,SAAS,EAAE,UAAU,CAAC,OAAO;YAC7B,eAAe,EAAE,UAAU,CAAC,eAAe;YAC3C,aAAa,EAAE,UAAU,CAAC,aAAa;YACvC,UAAU,EAAE,UAAU,CAAC,UAAU;YACjC,aAAa,EAAE,SAAS,CAAC,aAAa;YACtC,WAAW,EAAE,UAAU,CAAC,WAAW;YAEnC,QAAQ,EAAE,QAAQ,CAAC,QAAQ;YAC3B,OAAO,EAAE,QAAQ,CAAC,OAAO;YACzB,IAAI,EAAE,QAAQ,CAAC,IAAI;YACnB,OAAO,EAAE,SAAS,CAAC,OAAO;YAE1B,EAAE,EAAE,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS;SAClD;KACF,CAAC;IAEF,IAAI,gBAAgB,CAAC,UAAU,EAAE,CAAC;QAC/B,YAAoB,CAAC,UAAU,CAAC,UAAU,GAAG,gBAAgB,CAAC,UAAU,CAAC;QACzE,YAAoB,CAAC,UAAU,CAAC,kBAAkB,GAAG,gBAAgB,CAAC,kBAAkB,CAAC;QACzF,YAAoB,CAAC,UAAU,CAAC,SAAS,GAAG,gBAAgB,CAAC,WAAW,CAAC;IAC5E,CAAC;IAED,IAAI,UAAU,CAAC,WAAW,EAAE,CAAC;QAC3B,YAAY,CAAC,UAAU,CAAC,WAAW,GAAG,UAAU,CAAC,WAAW,CAAC;IAC/D,CAAC;IAED,OAAO,YAAY,CAAC;AACtB,CAAC;AAED;;;GAGG;AACH,SAAgB,+BAA+B,CAAC,OAAuB;IACrE,MAAM,gBAAgB,GAAG,2BAA2B,CAAC,OAAO,CAAC,CAAC;IAE9D,OAAO;QACL,GAAG,EAAE;YACH,GAAG,EAAE,OAAO,CAAC,GAAG;SACjB;QACD,EAAE,EAAE,OAAO,CAAC,GAAG;QACf,IAAI,EAAE,gBAAgB,CAAC,IAAI;QAC3B,UAAU,kCACL,gBAAgB,KACnB,UAAU,EAAE,OAAO,CAAC,UAAU,EAC9B,kBAAkB,EAAE,OAAO,CAAC,kBAAkB,EAC9C,SAAS,EAAE,OAAO,CAAC,WAAW,GAC/B;KACF,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,SAAgB,2BAA2B,CAAC,OAAgB;IAC1D,MAAM,QAAQ,GAAG,IAAA,0CAA0B,EAAC,OAAO,CAAC,GAAI,CAAC,CAAC;IAC1D,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,IAAI,EAAE,CAAC;IAE5C,MAAM,YAAY,GAAkB;QAClC,SAAS,EAAE,UAAU,CAAC,OAAO;QAC7B,OAAO,EAAE,UAAU,aAAV,UAAU,uBAAV,UAAU,CAAE,OAAO;QAC5B,SAAS,EAAE,UAAU,aAAV,UAAU,uBAAV,UAAU,CAAE,OAAO;QAC9B,EAAE,EAAE,OAAO,CAAC,GAAG;QACf,OAAO,EAAE,OAAO,CAAC,OAAO;QACxB,IAAI,EAAE,QAAQ,CAAC,IAAI;QACnB,SAAS,EAAE,UAAU,aAAV,UAAU,uBAAV,UAAU,CAAE,SAAS;QAChC,eAAe,EAAE,UAAU,aAAV,UAAU,uBAAV,UAAU,CAAE,eAAe;QAC5C,aAAa,EAAE,UAAU,aAAV,UAAU,uBAAV,UAAU,CAAE,aAAa;QACxC,WAAW,EAAE,UAAU,aAAV,UAAU,uBAAV,UAAU,CAAE,WAAW;QACpC,IAAI,EAAE,OAAO,CAAC,IAAI;QAClB,SAAS,EAAE,UAAU,CAAC,OAAO;QAC7B,QAAQ,EAAE,QAAQ,CAAC,QAAQ;QAC3B,OAAO,EAAE,QAAQ,CAAC,OAAO;KAC1B,CAAC;IAEF,OAAO,YAAY,CAAC;AACtB,CAAC;AAED,MAAM,gCAAgC,GAA4C;IAChF,MAAM,EAAE,QAAQ;IAChB,MAAM,EAAE,QAAQ;CACjB,CAAC;AAEF,SAAS,uBAAuB,CAAC,yBAAiC;IAChE,MAAM,MAAM,GAAG,gCAAgC,CAAC,yBAAyB,CAAC,WAAW,EAAE,CAAC,CAAC;IACzF,IAAI,MAAM,EAAE,CAAC;QACX,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,MAAM,IAAI,KAAK,CAAC,6BAA6B,yBAAyB,EAAE,CAAC,CAAC;AAC5E,CAAC;AAED;;GAEG;AACU,QAAA,0BAA0B,GAAG;IACxC,qBAAqB,EAAE,UACrB,UAAuC;;QAEvC,MAAM,MAAM,GAAoB;YAC9B,UAAU,EAAE;gBACV,UAAU,EAAE,UAAU,CAAC,SAAS;aACjC;YACD,eAAe,EAAE,MAAA,UAAU,CAAC,eAAe,0CAAE,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE;gBAC1D,MAAM,eAAe,GAAoB;oBACvC,MAAM,EAAE,EAAE,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE;oBAC/B,OAAO,EAAE,EAAE;iBACZ,CAAC;gBAEF,IAAI,MAAM,CAAC,eAAe,EAAE,CAAC;oBAC3B,eAAe,CAAC,OAAQ,CAAC,eAAe,GAAG,MAAM,CAAC,eAAe,CAAC;gBACpE,CAAC;gBAED,IAAI,MAAM,CAAC,gBAAgB,EAAE,CAAC;oBAC5B,eAAe,CAAC,OAAQ,CAAC,gBAAgB,GAAG,MAAM,CAAC,gBAAgB,CAAC;gBACtE,CAAC;gBAED,OAAO,eAAe,CAAC;YACzB,CAAC,CAAC;SACH,CAAC;QACF,OAAO,MAAM,CAAC;IAChB,CAAC;IACD,iBAAiB,CAAC,SAA0B;;QAC1C,MAAM,MAAM,GAAsB;YAChC,EAAE,EAAE,SAAS,CAAC,EAAE;YAChB,SAAS,EAAE,MAAA,SAAS,CAAC,UAAU,0CAAE,OAAO;YACxC,SAAS,EAAE,MAAA,SAAS,CAAC,UAAU,0CAAE,OAAO;YACxC,SAAS,EAAE,MAAA,SAAS,CAAC,UAAU,0CAAE,UAAU;YAC3C,eAAe,EAAE,MAAA,SAAS,CAAC,eAAe,0CAAE,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE;;gBACzD,OAAO;oBACL,MAAM,EAAE,uBAAuB,CAAC,MAAM,CAAC,MAAO,CAAC,IAAK,CAAC;oBACrD,eAAe,EAAE,MAAA,MAAM,CAAC,OAAO,0CAAE,eAAe;oBAChD,gBAAgB,EAAE,MAAA,MAAM,CAAC,OAAO,0CAAE,gBAAgB;iBACnD,CAAC;YACJ,CAAC,CAAC;SACH,CAAC;QACF,OAAO,MAAM,CAAC;IAChB,CAAC;CACF,CAAC;AAEF;;;;;;;;GAQG;AACH,SAAgB,qBAAqB,CAKnC,OAAiB,EACjB,SAAwE,EACxE,MAAkC;IAElC,IAAI,IAAI,GAA6C,SAAS,CAAC;IAC/D,OAAO;QACL,KAAK,CAAC,IAAI;YACR,IAAI,aAAJ,IAAI,cAAJ,IAAI,IAAJ,IAAI,GAAK,SAAS,iCAAM,OAAO,KAAE,UAAU,EAAE,SAAS,IAAG,EAAC;YAC1D,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;YAEjC,uCACK,MAAM,KACT,KAAK,EAAE,MAAM,CAAC,KAAK,IAAI,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,IAC3C;QACJ,CAAC;QACD,CAAC,MAAM,CAAC,aAAa,CAAC;YACpB,OAAO,IAAI,CAAC;QACd,CAAC;QACM,MAAM,CAA4D,QAAoB;;;gBAC3F,8DAA8D;gBAC9D,MAAM,cAAc,GAAG,SAAS,iCAAM,OAAO,KAAE,UAAU,EAAE,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,WAAW,IAAG,CAAC,MAAM,CACxF,QAAQ,CACT,CAAC;;oBACF,KAAyB,eAAA,mBAAA,sBAAA,cAAc,CAAA,oBAAA,qHAAE,CAAC;wBAAjB,8BAAc;wBAAd,WAAc;wBAA5B,MAAM,IAAI,KAAA,CAAA;wBACnB,4BAAM,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAA,CAAC;oBACzB,CAAC;;;;;;;;;YACH,CAAC;SAAA;KACF,CAAC;AACJ,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type {\n DeletedKeyBundle,\n DeletedKeyItem,\n KeyRotationPolicy as GeneratedPolicy,\n KeyAttributes,\n KeyBundle,\n KeyItem,\n LifetimeActions,\n} from \"./generated/src/models/index.js\";\nimport { parseKeyVaultKeyIdentifier } from \"./identifier.js\";\nimport type {\n DeletedKey,\n KeyProperties,\n KeyRotationPolicy,\n KeyRotationPolicyAction,\n KeyRotationPolicyProperties,\n KeyVaultKey,\n} from \"./keysModels.js\";\nimport type { PagedAsyncIterableIterator, PageSettings } from \"./generated/src/index.js\";\nimport type { OperationOptions } from \"@azure-rest/core-client\";\n\n/**\n * @internal\n * Shapes the exposed {@link KeyVaultKey} based on either a received key bundle or deleted key bundle.\n */\nexport function getKeyFromKeyBundle(\n bundle: KeyBundle | DeletedKeyBundle,\n): KeyVaultKey | DeletedKey {\n const keyBundle = bundle as KeyBundle;\n const deletedKeyBundle = bundle as DeletedKeyBundle;\n\n const parsedId = parseKeyVaultKeyIdentifier(keyBundle.key!.kid!);\n\n const attributes: KeyAttributes = keyBundle.attributes || {};\n\n const resultObject: KeyVaultKey | DeletedKey = {\n key: keyBundle.key,\n id: keyBundle.key ? keyBundle.key.kid : undefined,\n name: parsedId.name,\n keyOperations: keyBundle.key ? keyBundle.key.keyOps : undefined,\n keyType: keyBundle.key ? keyBundle.key.kty : undefined,\n properties: {\n tags: keyBundle.tags,\n\n enabled: attributes.enabled,\n notBefore: attributes.notBefore,\n expiresOn: attributes.expires,\n createdOn: attributes.created,\n updatedOn: attributes.updated,\n recoverableDays: attributes.recoverableDays,\n recoveryLevel: attributes.recoveryLevel,\n exportable: attributes.exportable,\n releasePolicy: keyBundle.releasePolicy,\n hsmPlatform: attributes.hsmPlatform,\n\n vaultUrl: parsedId.vaultUrl,\n version: parsedId.version,\n name: parsedId.name,\n managed: keyBundle.managed,\n\n id: keyBundle.key ? keyBundle.key.kid : undefined,\n },\n };\n\n if (deletedKeyBundle.recoveryId) {\n (resultObject as any).properties.recoveryId = deletedKeyBundle.recoveryId;\n (resultObject as any).properties.scheduledPurgeDate = deletedKeyBundle.scheduledPurgeDate;\n (resultObject as any).properties.deletedOn = deletedKeyBundle.deletedDate;\n }\n\n if (attributes.attestation) {\n resultObject.properties.attestation = attributes.attestation;\n }\n\n return resultObject;\n}\n\n/**\n * @internal\n * Shapes the exposed {@link DeletedKey} based on a received KeyItem.\n */\nexport function getDeletedKeyFromDeletedKeyItem(keyItem: DeletedKeyItem): DeletedKey {\n const commonProperties = getKeyPropertiesFromKeyItem(keyItem);\n\n return {\n key: {\n kid: keyItem.kid,\n },\n id: keyItem.kid,\n name: commonProperties.name,\n properties: {\n ...commonProperties,\n recoveryId: keyItem.recoveryId,\n scheduledPurgeDate: keyItem.scheduledPurgeDate,\n deletedOn: keyItem.deletedDate,\n },\n };\n}\n\n/**\n * @internal\n * Shapes the exposed {@link KeyProperties} based on a received KeyItem.\n */\nexport function getKeyPropertiesFromKeyItem(keyItem: KeyItem): KeyProperties {\n const parsedId = parseKeyVaultKeyIdentifier(keyItem.kid!);\n const attributes = keyItem.attributes || {};\n\n const resultObject: KeyProperties = {\n createdOn: attributes.created,\n enabled: attributes?.enabled,\n expiresOn: attributes?.expires,\n id: keyItem.kid,\n managed: keyItem.managed,\n name: parsedId.name,\n notBefore: attributes?.notBefore,\n recoverableDays: attributes?.recoverableDays,\n recoveryLevel: attributes?.recoveryLevel,\n hsmPlatform: attributes?.hsmPlatform,\n tags: keyItem.tags,\n updatedOn: attributes.updated,\n vaultUrl: parsedId.vaultUrl,\n version: parsedId.version,\n };\n\n return resultObject;\n}\n\nconst actionTypeCaseInsensitiveMapping: Record<string, KeyRotationPolicyAction> = {\n rotate: \"Rotate\",\n notify: \"Notify\",\n};\n\nfunction getNormalizedActionType(caseInsensitiveActionType: string): KeyRotationPolicyAction {\n const result = actionTypeCaseInsensitiveMapping[caseInsensitiveActionType.toLowerCase()];\n if (result) {\n return result;\n }\n\n throw new Error(`Unrecognized action type: ${caseInsensitiveActionType}`);\n}\n\n/**\n * @internal\n */\nexport const keyRotationTransformations = {\n propertiesToGenerated: function (\n parameters: KeyRotationPolicyProperties,\n ): Partial<GeneratedPolicy> {\n const policy: GeneratedPolicy = {\n attributes: {\n expiryTime: parameters.expiresIn,\n },\n lifetimeActions: parameters.lifetimeActions?.map((action) => {\n const generatedAction: LifetimeActions = {\n action: { type: action.action },\n trigger: {},\n };\n\n if (action.timeAfterCreate) {\n generatedAction.trigger!.timeAfterCreate = action.timeAfterCreate;\n }\n\n if (action.timeBeforeExpiry) {\n generatedAction.trigger!.timeBeforeExpiry = action.timeBeforeExpiry;\n }\n\n return generatedAction;\n }),\n };\n return policy;\n },\n generatedToPublic(generated: GeneratedPolicy): KeyRotationPolicy {\n const policy: KeyRotationPolicy = {\n id: generated.id,\n createdOn: generated.attributes?.created,\n updatedOn: generated.attributes?.updated,\n expiresIn: generated.attributes?.expiryTime,\n lifetimeActions: generated.lifetimeActions?.map((action) => {\n return {\n action: getNormalizedActionType(action.action!.type!),\n timeAfterCreate: action.trigger?.timeAfterCreate,\n timeBeforeExpiry: action.trigger?.timeBeforeExpiry,\n };\n }),\n };\n return policy;\n },\n};\n\n/**\n * A helper supporting compatibility between modular and legacy paged async iterables.\n *\n * Provides the following compatibility:\n * 1. Maps the values of the paged async iterable using the provided mapper function.\n * 2. Supports `maxPageSize` operation on the paged async iterable.\n *\n * TODO: move this to keyvault-common once everything is merged\n */\nexport function mapPagedAsyncIterable<\n TGenerated,\n TPublic,\n TOptions extends OperationOptions & { maxresults?: number },\n>(\n options: TOptions,\n operation: (options: TOptions) => PagedAsyncIterableIterator<TGenerated>,\n mapper: (x: TGenerated) => TPublic,\n): PagedAsyncIterableIterator<TPublic> {\n let iter: ReturnType<typeof operation> | undefined = undefined;\n return {\n async next() {\n iter ??= operation({ ...options, maxresults: undefined });\n const result = await iter.next();\n\n return {\n ...result,\n value: result.value && mapper(result.value),\n };\n },\n [Symbol.asyncIterator]() {\n return this;\n },\n async *byPage<TSettings extends PageSettings & { maxPageSize?: number }>(settings?: TSettings) {\n // Pass the maxPageSize value to the underlying page operation\n const iteratorByPage = operation({ ...options, maxresults: settings?.maxPageSize }).byPage(\n settings,\n );\n for await (const page of iteratorByPage) {\n yield page.map(mapper);\n }\n },\n };\n}\n"]}
1
+ {"version":3,"file":"transformations.js","sourceRoot":"","sources":["../../src/transformations.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC;;;AA2BlC,kDAkDC;AAMD,0EAgBC;AAMD,kEAsBC;AAyED,sDAiCC;AA9ND,mDAA6D;AAY7D;;;GAGG;AACH,SAAgB,mBAAmB,CACjC,MAAoC;IAEpC,MAAM,SAAS,GAAG,MAAmB,CAAC;IACtC,MAAM,gBAAgB,GAAG,MAA0B,CAAC;IAEpD,MAAM,QAAQ,GAAG,IAAA,0CAA0B,EAAC,SAAS,CAAC,GAAI,CAAC,GAAI,CAAC,CAAC;IAEjE,MAAM,UAAU,GAAkB,SAAS,CAAC,UAAU,IAAI,EAAE,CAAC;IAE7D,MAAM,YAAY,GAA6B;QAC7C,GAAG,EAAE,SAAS,CAAC,GAAG;QAClB,EAAE,EAAE,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS;QACjD,IAAI,EAAE,QAAQ,CAAC,IAAI;QACnB,aAAa,EAAE,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS;QAC/D,OAAO,EAAE,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS;QACtD,UAAU,EAAE;YACV,IAAI,EAAE,SAAS,CAAC,IAAI;YAEpB,OAAO,EAAE,UAAU,CAAC,OAAO;YAC3B,SAAS,EAAE,UAAU,CAAC,SAAS;YAC/B,SAAS,EAAE,UAAU,CAAC,OAAO;YAC7B,SAAS,EAAE,UAAU,CAAC,OAAO;YAC7B,SAAS,EAAE,UAAU,CAAC,OAAO;YAC7B,eAAe,EAAE,UAAU,CAAC,eAAe;YAC3C,aAAa,EAAE,UAAU,CAAC,aAAa;YACvC,UAAU,EAAE,UAAU,CAAC,UAAU;YACjC,aAAa,EAAE,SAAS,CAAC,aAAa;YACtC,WAAW,EAAE,UAAU,CAAC,WAAW;YAEnC,QAAQ,EAAE,QAAQ,CAAC,QAAQ;YAC3B,OAAO,EAAE,QAAQ,CAAC,OAAO;YACzB,IAAI,EAAE,QAAQ,CAAC,IAAI;YACnB,OAAO,EAAE,SAAS,CAAC,OAAO;YAE1B,EAAE,EAAE,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS;SAClD;KACF,CAAC;IAEF,IAAI,gBAAgB,CAAC,UAAU,EAAE,CAAC;QAC/B,YAAoB,CAAC,UAAU,CAAC,UAAU,GAAG,gBAAgB,CAAC,UAAU,CAAC;QACzE,YAAoB,CAAC,UAAU,CAAC,kBAAkB,GAAG,gBAAgB,CAAC,kBAAkB,CAAC;QACzF,YAAoB,CAAC,UAAU,CAAC,SAAS,GAAG,gBAAgB,CAAC,WAAW,CAAC;IAC5E,CAAC;IAED,IAAI,UAAU,CAAC,WAAW,EAAE,CAAC;QAC3B,YAAY,CAAC,UAAU,CAAC,WAAW,GAAG,UAAU,CAAC,WAAW,CAAC;IAC/D,CAAC;IAED,OAAO,YAAY,CAAC;AACtB,CAAC;AAED;;;GAGG;AACH,SAAgB,+BAA+B,CAAC,OAAuB;IACrE,MAAM,gBAAgB,GAAG,2BAA2B,CAAC,OAAO,CAAC,CAAC;IAE9D,OAAO;QACL,GAAG,EAAE;YACH,GAAG,EAAE,OAAO,CAAC,GAAG;SACjB;QACD,EAAE,EAAE,OAAO,CAAC,GAAG;QACf,IAAI,EAAE,gBAAgB,CAAC,IAAI;QAC3B,UAAU,EAAE;YACV,GAAG,gBAAgB;YACnB,UAAU,EAAE,OAAO,CAAC,UAAU;YAC9B,kBAAkB,EAAE,OAAO,CAAC,kBAAkB;YAC9C,SAAS,EAAE,OAAO,CAAC,WAAW;SAC/B;KACF,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,SAAgB,2BAA2B,CAAC,OAAgB;IAC1D,MAAM,QAAQ,GAAG,IAAA,0CAA0B,EAAC,OAAO,CAAC,GAAI,CAAC,CAAC;IAC1D,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,IAAI,EAAE,CAAC;IAE5C,MAAM,YAAY,GAAkB;QAClC,SAAS,EAAE,UAAU,CAAC,OAAO;QAC7B,OAAO,EAAE,UAAU,EAAE,OAAO;QAC5B,SAAS,EAAE,UAAU,EAAE,OAAO;QAC9B,EAAE,EAAE,OAAO,CAAC,GAAG;QACf,OAAO,EAAE,OAAO,CAAC,OAAO;QACxB,IAAI,EAAE,QAAQ,CAAC,IAAI;QACnB,SAAS,EAAE,UAAU,EAAE,SAAS;QAChC,eAAe,EAAE,UAAU,EAAE,eAAe;QAC5C,aAAa,EAAE,UAAU,EAAE,aAAa;QACxC,WAAW,EAAE,UAAU,EAAE,WAAW;QACpC,IAAI,EAAE,OAAO,CAAC,IAAI;QAClB,SAAS,EAAE,UAAU,CAAC,OAAO;QAC7B,QAAQ,EAAE,QAAQ,CAAC,QAAQ;QAC3B,OAAO,EAAE,QAAQ,CAAC,OAAO;KAC1B,CAAC;IAEF,OAAO,YAAY,CAAC;AACtB,CAAC;AAED,MAAM,gCAAgC,GAA4C;IAChF,MAAM,EAAE,QAAQ;IAChB,MAAM,EAAE,QAAQ;CACjB,CAAC;AAEF,SAAS,uBAAuB,CAAC,yBAAiC;IAChE,MAAM,MAAM,GAAG,gCAAgC,CAAC,yBAAyB,CAAC,WAAW,EAAE,CAAC,CAAC;IACzF,IAAI,MAAM,EAAE,CAAC;QACX,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,MAAM,IAAI,KAAK,CAAC,6BAA6B,yBAAyB,EAAE,CAAC,CAAC;AAC5E,CAAC;AAED;;GAEG;AACU,QAAA,0BAA0B,GAAG;IACxC,qBAAqB,EAAE,UACrB,UAAuC;QAEvC,MAAM,MAAM,GAAoB;YAC9B,UAAU,EAAE;gBACV,UAAU,EAAE,UAAU,CAAC,SAAS;aACjC;YACD,eAAe,EAAE,UAAU,CAAC,eAAe,EAAE,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE;gBAC1D,MAAM,eAAe,GAAoB;oBACvC,MAAM,EAAE,EAAE,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE;oBAC/B,OAAO,EAAE,EAAE;iBACZ,CAAC;gBAEF,IAAI,MAAM,CAAC,eAAe,EAAE,CAAC;oBAC3B,eAAe,CAAC,OAAQ,CAAC,eAAe,GAAG,MAAM,CAAC,eAAe,CAAC;gBACpE,CAAC;gBAED,IAAI,MAAM,CAAC,gBAAgB,EAAE,CAAC;oBAC5B,eAAe,CAAC,OAAQ,CAAC,gBAAgB,GAAG,MAAM,CAAC,gBAAgB,CAAC;gBACtE,CAAC;gBAED,OAAO,eAAe,CAAC;YACzB,CAAC,CAAC;SACH,CAAC;QACF,OAAO,MAAM,CAAC;IAChB,CAAC;IACD,iBAAiB,CAAC,SAA0B;QAC1C,MAAM,MAAM,GAAsB;YAChC,EAAE,EAAE,SAAS,CAAC,EAAE;YAChB,SAAS,EAAE,SAAS,CAAC,UAAU,EAAE,OAAO;YACxC,SAAS,EAAE,SAAS,CAAC,UAAU,EAAE,OAAO;YACxC,SAAS,EAAE,SAAS,CAAC,UAAU,EAAE,UAAU;YAC3C,eAAe,EAAE,SAAS,CAAC,eAAe,EAAE,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE;gBACzD,OAAO;oBACL,MAAM,EAAE,uBAAuB,CAAC,MAAM,CAAC,MAAO,CAAC,IAAK,CAAC;oBACrD,eAAe,EAAE,MAAM,CAAC,OAAO,EAAE,eAAe;oBAChD,gBAAgB,EAAE,MAAM,CAAC,OAAO,EAAE,gBAAgB;iBACnD,CAAC;YACJ,CAAC,CAAC;SACH,CAAC;QACF,OAAO,MAAM,CAAC;IAChB,CAAC;CACF,CAAC;AAEF;;;;;;;;GAQG;AACH,SAAgB,qBAAqB,CAKnC,OAAiB,EACjB,SAAwE,EACxE,MAAkC;IAElC,IAAI,IAAI,GAA6C,SAAS,CAAC;IAC/D,OAAO;QACL,KAAK,CAAC,IAAI;YACR,IAAI,KAAK,SAAS,CAAC,EAAE,GAAG,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,CAAC,CAAC;YAC1D,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;YAEjC,OAAO;gBACL,GAAG,MAAM;gBACT,KAAK,EAAE,MAAM,CAAC,KAAK,IAAI,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC;aAC5C,CAAC;QACJ,CAAC;QACD,CAAC,MAAM,CAAC,aAAa,CAAC;YACpB,OAAO,IAAI,CAAC;QACd,CAAC;QACD,KAAK,CAAC,CAAC,MAAM,CAA4D,QAAoB;YAC3F,8DAA8D;YAC9D,MAAM,cAAc,GAAG,SAAS,CAAC,EAAE,GAAG,OAAO,EAAE,UAAU,EAAE,QAAQ,EAAE,WAAW,EAAE,CAAC,CAAC,MAAM,CACxF,QAAQ,CACT,CAAC;YACF,IAAI,KAAK,EAAE,MAAM,IAAI,IAAI,cAAc,EAAE,CAAC;gBACxC,MAAM,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;YACzB,CAAC;QACH,CAAC;KACF,CAAC;AACJ,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type {\n DeletedKeyBundle,\n DeletedKeyItem,\n KeyRotationPolicy as GeneratedPolicy,\n KeyAttributes,\n KeyBundle,\n KeyItem,\n LifetimeActions,\n} from \"./generated/src/models/index.js\";\nimport { parseKeyVaultKeyIdentifier } from \"./identifier.js\";\nimport type {\n DeletedKey,\n KeyProperties,\n KeyRotationPolicy,\n KeyRotationPolicyAction,\n KeyRotationPolicyProperties,\n KeyVaultKey,\n} from \"./keysModels.js\";\nimport type { PagedAsyncIterableIterator, PageSettings } from \"./generated/src/index.js\";\nimport type { OperationOptions } from \"@azure-rest/core-client\";\n\n/**\n * @internal\n * Shapes the exposed {@link KeyVaultKey} based on either a received key bundle or deleted key bundle.\n */\nexport function getKeyFromKeyBundle(\n bundle: KeyBundle | DeletedKeyBundle,\n): KeyVaultKey | DeletedKey {\n const keyBundle = bundle as KeyBundle;\n const deletedKeyBundle = bundle as DeletedKeyBundle;\n\n const parsedId = parseKeyVaultKeyIdentifier(keyBundle.key!.kid!);\n\n const attributes: KeyAttributes = keyBundle.attributes || {};\n\n const resultObject: KeyVaultKey | DeletedKey = {\n key: keyBundle.key,\n id: keyBundle.key ? keyBundle.key.kid : undefined,\n name: parsedId.name,\n keyOperations: keyBundle.key ? keyBundle.key.keyOps : undefined,\n keyType: keyBundle.key ? keyBundle.key.kty : undefined,\n properties: {\n tags: keyBundle.tags,\n\n enabled: attributes.enabled,\n notBefore: attributes.notBefore,\n expiresOn: attributes.expires,\n createdOn: attributes.created,\n updatedOn: attributes.updated,\n recoverableDays: attributes.recoverableDays,\n recoveryLevel: attributes.recoveryLevel,\n exportable: attributes.exportable,\n releasePolicy: keyBundle.releasePolicy,\n hsmPlatform: attributes.hsmPlatform,\n\n vaultUrl: parsedId.vaultUrl,\n version: parsedId.version,\n name: parsedId.name,\n managed: keyBundle.managed,\n\n id: keyBundle.key ? keyBundle.key.kid : undefined,\n },\n };\n\n if (deletedKeyBundle.recoveryId) {\n (resultObject as any).properties.recoveryId = deletedKeyBundle.recoveryId;\n (resultObject as any).properties.scheduledPurgeDate = deletedKeyBundle.scheduledPurgeDate;\n (resultObject as any).properties.deletedOn = deletedKeyBundle.deletedDate;\n }\n\n if (attributes.attestation) {\n resultObject.properties.attestation = attributes.attestation;\n }\n\n return resultObject;\n}\n\n/**\n * @internal\n * Shapes the exposed {@link DeletedKey} based on a received KeyItem.\n */\nexport function getDeletedKeyFromDeletedKeyItem(keyItem: DeletedKeyItem): DeletedKey {\n const commonProperties = getKeyPropertiesFromKeyItem(keyItem);\n\n return {\n key: {\n kid: keyItem.kid,\n },\n id: keyItem.kid,\n name: commonProperties.name,\n properties: {\n ...commonProperties,\n recoveryId: keyItem.recoveryId,\n scheduledPurgeDate: keyItem.scheduledPurgeDate,\n deletedOn: keyItem.deletedDate,\n },\n };\n}\n\n/**\n * @internal\n * Shapes the exposed {@link KeyProperties} based on a received KeyItem.\n */\nexport function getKeyPropertiesFromKeyItem(keyItem: KeyItem): KeyProperties {\n const parsedId = parseKeyVaultKeyIdentifier(keyItem.kid!);\n const attributes = keyItem.attributes || {};\n\n const resultObject: KeyProperties = {\n createdOn: attributes.created,\n enabled: attributes?.enabled,\n expiresOn: attributes?.expires,\n id: keyItem.kid,\n managed: keyItem.managed,\n name: parsedId.name,\n notBefore: attributes?.notBefore,\n recoverableDays: attributes?.recoverableDays,\n recoveryLevel: attributes?.recoveryLevel,\n hsmPlatform: attributes?.hsmPlatform,\n tags: keyItem.tags,\n updatedOn: attributes.updated,\n vaultUrl: parsedId.vaultUrl,\n version: parsedId.version,\n };\n\n return resultObject;\n}\n\nconst actionTypeCaseInsensitiveMapping: Record<string, KeyRotationPolicyAction> = {\n rotate: \"Rotate\",\n notify: \"Notify\",\n};\n\nfunction getNormalizedActionType(caseInsensitiveActionType: string): KeyRotationPolicyAction {\n const result = actionTypeCaseInsensitiveMapping[caseInsensitiveActionType.toLowerCase()];\n if (result) {\n return result;\n }\n\n throw new Error(`Unrecognized action type: ${caseInsensitiveActionType}`);\n}\n\n/**\n * @internal\n */\nexport const keyRotationTransformations = {\n propertiesToGenerated: function (\n parameters: KeyRotationPolicyProperties,\n ): Partial<GeneratedPolicy> {\n const policy: GeneratedPolicy = {\n attributes: {\n expiryTime: parameters.expiresIn,\n },\n lifetimeActions: parameters.lifetimeActions?.map((action) => {\n const generatedAction: LifetimeActions = {\n action: { type: action.action },\n trigger: {},\n };\n\n if (action.timeAfterCreate) {\n generatedAction.trigger!.timeAfterCreate = action.timeAfterCreate;\n }\n\n if (action.timeBeforeExpiry) {\n generatedAction.trigger!.timeBeforeExpiry = action.timeBeforeExpiry;\n }\n\n return generatedAction;\n }),\n };\n return policy;\n },\n generatedToPublic(generated: GeneratedPolicy): KeyRotationPolicy {\n const policy: KeyRotationPolicy = {\n id: generated.id,\n createdOn: generated.attributes?.created,\n updatedOn: generated.attributes?.updated,\n expiresIn: generated.attributes?.expiryTime,\n lifetimeActions: generated.lifetimeActions?.map((action) => {\n return {\n action: getNormalizedActionType(action.action!.type!),\n timeAfterCreate: action.trigger?.timeAfterCreate,\n timeBeforeExpiry: action.trigger?.timeBeforeExpiry,\n };\n }),\n };\n return policy;\n },\n};\n\n/**\n * A helper supporting compatibility between modular and legacy paged async iterables.\n *\n * Provides the following compatibility:\n * 1. Maps the values of the paged async iterable using the provided mapper function.\n * 2. Supports `maxPageSize` operation on the paged async iterable.\n *\n * TODO: move this to keyvault-common once everything is merged\n */\nexport function mapPagedAsyncIterable<\n TGenerated,\n TPublic,\n TOptions extends OperationOptions & { maxresults?: number },\n>(\n options: TOptions,\n operation: (options: TOptions) => PagedAsyncIterableIterator<TGenerated>,\n mapper: (x: TGenerated) => TPublic,\n): PagedAsyncIterableIterator<TPublic> {\n let iter: ReturnType<typeof operation> | undefined = undefined;\n return {\n async next() {\n iter ??= operation({ ...options, maxresults: undefined });\n const result = await iter.next();\n\n return {\n ...result,\n value: result.value && mapper(result.value),\n };\n },\n [Symbol.asyncIterator]() {\n return this;\n },\n async *byPage<TSettings extends PageSettings & { maxPageSize?: number }>(settings?: TSettings) {\n // Pass the maxPageSize value to the underlying page operation\n const iteratorByPage = operation({ ...options, maxresults: settings?.maxPageSize }).byPage(\n settings,\n );\n for await (const page of iteratorByPage) {\n yield page.map(mapper);\n }\n },\n };\n}\n"]}
package/dist/commonjs/tsdoc-metadata.json CHANGED
@@ -1,11 +1,11 @@
1
- // This file is read by tools that parse documentation comments conforming to the TSDoc standard.
2
- // It should be published with your NPM package. It should not be tracked by Git.
3
- {
4
- "tsdocVersion": "0.12",
5
- "toolPackages": [
6
- {
7
- "packageName": "@microsoft/api-extractor",
8
- "packageVersion": "7.52.8"
9
- }
10
- ]
11
- }
1
+ // This file is read by tools that parse documentation comments conforming to the TSDoc standard.
2
+ // It should be published with your NPM package. It should not be tracked by Git.
3
+ {
4
+ "tsdocVersion": "0.12",
5
+ "toolPackages": [
6
+ {
7
+ "packageName": "@microsoft/api-extractor",
8
+ "packageVersion": "7.52.8"
9
+ }
10
+ ]
11
+ }
package/dist/esm/cryptography/aesCryptographyProvider.js CHANGED
@@ -1,35 +1,14 @@
1
1
  // Copyright (c) Microsoft Corporation.
2
2
  // Licensed under the MIT License.
3
- import * as crypto from "node:crypto";
3
+ import crypto from "node:crypto";
4
4
  import { LocalCryptographyUnsupportedError } from "./models.js";
5
5
  /**
6
6
  * An AES cryptography provider supporting AES algorithms.
7
7
  * @internal
8
8
  */
9
9
  export class AesCryptographyProvider {
10
+ key;
10
11
  constructor(key) {
11
- /**
12
- * The set of algorithms this provider supports.
13
- * For AES encryption, the values include the underlying algorithm used in crypto
14
- * as well as the key size in bytes.
15
- *
16
- * We start with support for A[SIZE]CBCPAD which uses the PKCS padding (the default padding scheme in node crypto)
17
- */
18
- this.supportedAlgorithms = {
19
- A128CBCPAD: {
20
- algorithm: "aes-128-cbc",
21
- keySizeInBytes: 128 >> 3,
22
- },
23
- A192CBCPAD: {
24
- algorithm: "aes-192-cbc",
25
- keySizeInBytes: 192 >> 3,
26
- },
27
- A256CBCPAD: {
28
- algorithm: "aes-256-cbc",
29
- keySizeInBytes: 256 >> 3,
30
- },
31
- };
32
- this.supportedOperations = ["encrypt", "decrypt"];
33
12
  this.key = key;
34
13
  }
35
14
  encrypt(encryptParameters, _options) {
@@ -68,6 +47,28 @@ export class AesCryptographyProvider {
68
47
  }
69
48
  return true;
70
49
  }
50
+ /**
51
+ * The set of algorithms this provider supports.
52
+ * For AES encryption, the values include the underlying algorithm used in crypto
53
+ * as well as the key size in bytes.
54
+ *
55
+ * We start with support for A[SIZE]CBCPAD which uses the PKCS padding (the default padding scheme in node crypto)
56
+ */
57
+ supportedAlgorithms = {
58
+ A128CBCPAD: {
59
+ algorithm: "aes-128-cbc",
60
+ keySizeInBytes: 128 >> 3,
61
+ },
62
+ A192CBCPAD: {
63
+ algorithm: "aes-192-cbc",
64
+ keySizeInBytes: 192 >> 3,
65
+ },
66
+ A256CBCPAD: {
67
+ algorithm: "aes-256-cbc",
68
+ keySizeInBytes: 256 >> 3,
69
+ },
70
+ };
71
+ supportedOperations = ["encrypt", "decrypt"];
71
72
  wrapKey(_algorithm, _keyToWrap, _options) {
72
73
  throw new LocalCryptographyUnsupportedError("Wrapping a key using a local JsonWebKey is not supported for AES.");
73
74
  }
@@ -87,10 +88,9 @@ export class AesCryptographyProvider {
87
88
  throw new LocalCryptographyUnsupportedError("Verifying using a local JsonWebKey is not supported for AES.");
88
89
  }
89
90
  ensureValid(keySizeInBytes) {
90
- var _a, _b;
91
91
  if (this.key &&
92
- ((_a = this.key.kty) === null || _a === void 0 ? void 0 : _a.toUpperCase()) !== "OCT" &&
93
- ((_b = this.key.kty) === null || _b === void 0 ? void 0 : _b.toUpperCase()) !== "OCT-HSM") {
92
+ this.key.kty?.toUpperCase() !== "OCT" &&
93
+ this.key.kty?.toUpperCase() !== "OCT-HSM") {
94
94
  throw new Error("Key type does not match the key type oct or oct-hsm");
95
95
  }
96
96
  if (!this.key.k) {
package/dist/esm/cryptography/aesCryptographyProvider.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"aesCryptographyProvider.js","sourceRoot":"","sources":["../../../src/cryptography/aesCryptographyProvider.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAGlC,OAAO,KAAK,MAAM,MAAM,aAAa,CAAC;AAoBtC,OAAO,EAAE,iCAAiC,EAAE,MAAM,aAAa,CAAC;AAEhE;;;GAGG;AACH,MAAM,OAAO,uBAAuB;IAElC,YAAY,GAAe;QA6D3B;;;;;;WAMG;QACK,wBAAmB,GAAmE;YAC5F,UAAU,EAAE;gBACV,SAAS,EAAE,aAAa;gBACxB,cAAc,EAAE,GAAG,IAAI,CAAC;aACzB;YACD,UAAU,EAAE;gBACV,SAAS,EAAE,aAAa;gBACxB,cAAc,EAAE,GAAG,IAAI,CAAC;aACzB;YACD,UAAU,EAAE;gBACV,SAAS,EAAE,aAAa;gBACxB,cAAc,EAAE,GAAG,IAAI,CAAC;aACzB;SACF,CAAC;QAEM,wBAAmB,GAAoC,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC;QAlFpF,IAAI,CAAC,GAAG,GAAG,GAAG,CAAC;IACjB,CAAC;IACD,OAAO,CACL,iBAA0C,EAC1C,QAAyB;QAEzB,MAAM,EAAE,SAAS,EAAE,cAAc,EAAE,GAAG,IAAI,CAAC,mBAAmB,CAAC,iBAAiB,CAAC,SAAS,CAAC,CAAC;QAC5F,MAAM,EAAE,GAAG,iBAAiB,CAAC,EAAE,IAAI,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC;QAE1D,IAAI,CAAC,WAAW,CAAC,cAAc,CAAC,CAAC;QAEjC,MAAM,MAAM,GAAG,MAAM,CAAC,cAAc,CAAC,SAAS,EAAE,IAAI,CAAC,GAAG,CAAC,CAAE,CAAC,QAAQ,CAAC,CAAC,EAAE,cAAc,CAAC,EAAE,EAAE,CAAC,CAAC;QAC7F,IAAI,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,SAAS,CAAC,CAAC,CAAC;QACxE,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,EAAE,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;QAEvD,OAAO,OAAO,CAAC,OAAO,CAAC;YACrB,SAAS,EAAE,iBAAiB,CAAC,SAAS;YACtC,MAAM,EAAE,SAAS;YACjB,EAAE,EAAE,EAAE;SACP,CAAC,CAAC;IACL,CAAC;IAED,OAAO,CACL,iBAA0C,EAC1C,QAAyB;QAEzB,MAAM,EAAE,SAAS,EAAE,cAAc,EAAE,GAAG,IAAI,CAAC,mBAAmB,CAAC,iBAAiB,CAAC,SAAS,CAAC,CAAC;QAE5F,IAAI,CAAC,WAAW,CAAC,cAAc,CAAC,CAAC;QAEjC,MAAM,QAAQ,GAAG,MAAM,CAAC,gBAAgB,CACtC,SAAS,EACT,IAAI,CAAC,GAAG,CAAC,CAAE,CAAC,QAAQ,CAAC,CAAC,EAAE,cAAc,CAAC,EACvC,iBAAiB,CAAC,EAAE,CACrB,CAAC;QACF,IAAI,GAAG,GAAG,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,UAAU,CAAC,CAAC,CAAC;QACrE,GAAG,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,QAAQ,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;QAE7C,OAAO,OAAO,CAAC,OAAO,CAAC;YACrB,SAAS,EAAE,iBAAiB,CAAC,SAAS;YACtC,MAAM,EAAE,GAAG;SACZ,CAAC,CAAC;IACL,CAAC;IAED,WAAW,CAAC,SAAiB,EAAE,SAAwC;QACrE,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;YAChB,OAAO,KAAK,CAAC;QACf,CAAC;QAED,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;YAC/D,OAAO,KAAK,CAAC;QACf,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;YAClD,OAAO,KAAK,CAAC;QACf,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IA0BD,OAAO,CACL,UAA4B,EAC5B,UAAsB,EACtB,QAAyB;QAEzB,MAAM,IAAI,iCAAiC,CACzC,mEAAmE,CACpE,CAAC;IACJ,CAAC;IAED,SAAS,CACP,UAA4B,EAC5B,aAAyB,EACzB,QAA2B;QAE3B,MAAM,IAAI,iCAAiC,CACzC,qEAAqE,CACtE,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,UAAkB,EAAE,OAAmB,EAAE,QAAsB;QAClE,MAAM,IAAI,iCAAiC,CACzC,4DAA4D,CAC7D,CAAC;IACJ,CAAC;IAED,QAAQ,CAAC,UAAkB,EAAE,KAAiB,EAAE,QAAsB;QACpE,MAAM,IAAI,iCAAiC,CACzC,4DAA4D,CAC7D,CAAC;IACJ,CAAC;IAED,MAAM,CACJ,UAAkB,EAClB,OAAmB,EACnB,UAAsB,EACtB,QAAwB;QAExB,MAAM,IAAI,iCAAiC,CACzC,8DAA8D,CAC/D,CAAC;IACJ,CAAC;IACD,UAAU,CACR,UAAkB,EAClB,KAAiB,EACjB,UAAsB,EACtB,eAAiC;QAEjC,MAAM,IAAI,iCAAiC,CACzC,8DAA8D,CAC/D,CAAC;IACJ,CAAC;IAEO,WAAW,CAAC,cAAsB;;QACxC,IACE,IAAI,CAAC,GAAG;YACR,CAAA,MAAA,IAAI,CAAC,GAAG,CAAC,GAAG,0CAAE,WAAW,EAAE,MAAK,KAAK;YACrC,CAAA,MAAA,IAAI,CAAC,GAAG,CAAC,GAAG,0CAAE,WAAW,EAAE,MAAK,SAAS,EACzC,CAAC;YACD,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAC;QACzE,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;YAChB,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;QAC/C,CAAC;QAED,IAAI,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,GAAG,cAAc,EAAE,CAAC;YACvC,MAAM,IAAI,KAAK,CAAC,wBAAwB,cAAc,IAAI,CAAC,OAAO,CAAC,CAAC;QACtE,CAAC;IACH,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { OperationOptions } from \"@azure-rest/core-client\";\nimport * as crypto from \"node:crypto\";\nimport type {\n AesCbcEncryptParameters,\n DecryptOptions,\n DecryptResult,\n EncryptOptions,\n EncryptResult,\n JsonWebKey,\n KeyWrapAlgorithm,\n SignOptions,\n SignResult,\n UnwrapKeyOptions,\n UnwrapResult,\n VerifyOptions,\n VerifyResult,\n WrapKeyOptions,\n WrapResult,\n} from \"../index.js\";\nimport type { AesCbcDecryptParameters } from \"../cryptographyClientModels.js\";\nimport type { CryptographyProvider, CryptographyProviderOperation } from \"./models.js\";\nimport { LocalCryptographyUnsupportedError } from \"./models.js\";\n\n/**\n * An AES cryptography provider supporting AES algorithms.\n * @internal\n */\nexport class AesCryptographyProvider implements CryptographyProvider {\n private key: JsonWebKey;\n constructor(key: JsonWebKey) {\n this.key = key;\n }\n encrypt(\n encryptParameters: AesCbcEncryptParameters,\n _options?: EncryptOptions,\n ): Promise<EncryptResult> {\n const { algorithm, keySizeInBytes } = this.supportedAlgorithms[encryptParameters.algorithm];\n const iv = encryptParameters.iv || crypto.randomBytes(16);\n\n this.ensureValid(keySizeInBytes);\n\n const cipher = crypto.createCipheriv(algorithm, this.key.k!.subarray(0, keySizeInBytes), iv);\n let encrypted = cipher.update(Buffer.from(encryptParameters.plaintext));\n encrypted = Buffer.concat([encrypted, cipher.final()]);\n\n return Promise.resolve({\n algorithm: encryptParameters.algorithm,\n result: encrypted,\n iv: iv,\n });\n }\n\n decrypt(\n decryptParameters: AesCbcDecryptParameters,\n _options?: DecryptOptions,\n ): Promise<DecryptResult> {\n const { algorithm, keySizeInBytes } = this.supportedAlgorithms[decryptParameters.algorithm];\n\n this.ensureValid(keySizeInBytes);\n\n const decipher = crypto.createDecipheriv(\n algorithm,\n this.key.k!.subarray(0, keySizeInBytes),\n decryptParameters.iv,\n );\n let dec = decipher.update(Buffer.from(decryptParameters.ciphertext));\n dec = Buffer.concat([dec, decipher.final()]);\n\n return Promise.resolve({\n algorithm: decryptParameters.algorithm,\n result: dec,\n });\n }\n\n isSupported(algorithm: string, operation: CryptographyProviderOperation): boolean {\n if (!this.key.k) {\n return false;\n }\n\n if (!Object.keys(this.supportedAlgorithms).includes(algorithm)) {\n return false;\n }\n\n if (!this.supportedOperations.includes(operation)) {\n return false;\n }\n\n return true;\n }\n\n /**\n * The set of algorithms this provider supports.\n * For AES encryption, the values include the underlying algorithm used in crypto\n * as well as the key size in bytes.\n *\n * We start with support for A[SIZE]CBCPAD which uses the PKCS padding (the default padding scheme in node crypto)\n */\n private supportedAlgorithms: { [s: string]: { algorithm: string; keySizeInBytes: number } } = {\n A128CBCPAD: {\n algorithm: \"aes-128-cbc\",\n keySizeInBytes: 128 >> 3,\n },\n A192CBCPAD: {\n algorithm: \"aes-192-cbc\",\n keySizeInBytes: 192 >> 3,\n },\n A256CBCPAD: {\n algorithm: \"aes-256-cbc\",\n keySizeInBytes: 256 >> 3,\n },\n };\n\n private supportedOperations: CryptographyProviderOperation[] = [\"encrypt\", \"decrypt\"];\n\n wrapKey(\n _algorithm: KeyWrapAlgorithm,\n _keyToWrap: Uint8Array,\n _options?: WrapKeyOptions,\n ): Promise<WrapResult> {\n throw new LocalCryptographyUnsupportedError(\n \"Wrapping a key using a local JsonWebKey is not supported for AES.\",\n );\n }\n\n unwrapKey(\n _algorithm: KeyWrapAlgorithm,\n _encryptedKey: Uint8Array,\n _options?: UnwrapKeyOptions,\n ): Promise<UnwrapResult> {\n throw new LocalCryptographyUnsupportedError(\n \"Unwrapping a key using a local JsonWebKey is not supported for AES.\",\n );\n }\n\n sign(_algorithm: string, _digest: Uint8Array, _options?: SignOptions): Promise<SignResult> {\n throw new LocalCryptographyUnsupportedError(\n \"Signing using a local JsonWebKey is not supported for AES.\",\n );\n }\n\n signData(_algorithm: string, _data: Uint8Array, _options?: SignOptions): Promise<SignResult> {\n throw new LocalCryptographyUnsupportedError(\n \"Signing using a local JsonWebKey is not supported for AES.\",\n );\n }\n\n verify(\n _algorithm: string,\n _digest: Uint8Array,\n _signature: Uint8Array,\n _options?: VerifyOptions,\n ): Promise<VerifyResult> {\n throw new LocalCryptographyUnsupportedError(\n \"Verifying using a local JsonWebKey is not supported for AES.\",\n );\n }\n verifyData(\n _algorithm: string,\n _data: Uint8Array,\n _signature: Uint8Array,\n _updatedOptions: OperationOptions,\n ): Promise<VerifyResult> {\n throw new LocalCryptographyUnsupportedError(\n \"Verifying using a local JsonWebKey is not supported for AES.\",\n );\n }\n\n private ensureValid(keySizeInBytes: number): void {\n if (\n this.key &&\n this.key.kty?.toUpperCase() !== \"OCT\" &&\n this.key.kty?.toUpperCase() !== \"OCT-HSM\"\n ) {\n throw new Error(\"Key type does not match the key type oct or oct-hsm\");\n }\n\n if (!this.key.k) {\n throw new Error(\"Symmetric key is required\");\n }\n\n if (this.key.k.length < keySizeInBytes) {\n throw new Error(`Key must be at least ${keySizeInBytes << 3} bits`);\n }\n }\n}\n"]}
1
+ {"version":3,"file":"aesCryptographyProvider.js","sourceRoot":"","sources":["../../../src/cryptography/aesCryptographyProvider.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAGlC,OAAO,MAAM,MAAM,aAAa,CAAC;AAoBjC,OAAO,EAAE,iCAAiC,EAAE,MAAM,aAAa,CAAC;AAEhE;;;GAGG;AACH,MAAM,OAAO,uBAAuB;IAC1B,GAAG,CAAa;IACxB,YAAY,GAAe;QACzB,IAAI,CAAC,GAAG,GAAG,GAAG,CAAC;IACjB,CAAC;IACD,OAAO,CACL,iBAA0C,EAC1C,QAAyB;QAEzB,MAAM,EAAE,SAAS,EAAE,cAAc,EAAE,GAAG,IAAI,CAAC,mBAAmB,CAAC,iBAAiB,CAAC,SAAS,CAAC,CAAC;QAC5F,MAAM,EAAE,GAAG,iBAAiB,CAAC,EAAE,IAAI,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC;QAE1D,IAAI,CAAC,WAAW,CAAC,cAAc,CAAC,CAAC;QAEjC,MAAM,MAAM,GAAG,MAAM,CAAC,cAAc,CAAC,SAAS,EAAE,IAAI,CAAC,GAAG,CAAC,CAAE,CAAC,QAAQ,CAAC,CAAC,EAAE,cAAc,CAAC,EAAE,EAAE,CAAC,CAAC;QAC7F,IAAI,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,SAAS,CAAC,CAAC,CAAC;QACxE,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,EAAE,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;QAEvD,OAAO,OAAO,CAAC,OAAO,CAAC;YACrB,SAAS,EAAE,iBAAiB,CAAC,SAAS;YACtC,MAAM,EAAE,SAAS;YACjB,EAAE,EAAE,EAAE;SACP,CAAC,CAAC;IACL,CAAC;IAED,OAAO,CACL,iBAA0C,EAC1C,QAAyB;QAEzB,MAAM,EAAE,SAAS,EAAE,cAAc,EAAE,GAAG,IAAI,CAAC,mBAAmB,CAAC,iBAAiB,CAAC,SAAS,CAAC,CAAC;QAE5F,IAAI,CAAC,WAAW,CAAC,cAAc,CAAC,CAAC;QAEjC,MAAM,QAAQ,GAAG,MAAM,CAAC,gBAAgB,CACtC,SAAS,EACT,IAAI,CAAC,GAAG,CAAC,CAAE,CAAC,QAAQ,CAAC,CAAC,EAAE,cAAc,CAAC,EACvC,iBAAiB,CAAC,EAAE,CACrB,CAAC;QACF,IAAI,GAAG,GAAG,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,UAAU,CAAC,CAAC,CAAC;QACrE,GAAG,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,QAAQ,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;QAE7C,OAAO,OAAO,CAAC,OAAO,CAAC;YACrB,SAAS,EAAE,iBAAiB,CAAC,SAAS;YACtC,MAAM,EAAE,GAAG;SACZ,CAAC,CAAC;IACL,CAAC;IAED,WAAW,CAAC,SAAiB,EAAE,SAAwC;QACrE,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;YAChB,OAAO,KAAK,CAAC;QACf,CAAC;QAED,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;YAC/D,OAAO,KAAK,CAAC;QACf,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;YAClD,OAAO,KAAK,CAAC;QACf,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;;;;;OAMG;IACK,mBAAmB,GAAmE;QAC5F,UAAU,EAAE;YACV,SAAS,EAAE,aAAa;YACxB,cAAc,EAAE,GAAG,IAAI,CAAC;SACzB;QACD,UAAU,EAAE;YACV,SAAS,EAAE,aAAa;YACxB,cAAc,EAAE,GAAG,IAAI,CAAC;SACzB;QACD,UAAU,EAAE;YACV,SAAS,EAAE,aAAa;YACxB,cAAc,EAAE,GAAG,IAAI,CAAC;SACzB;KACF,CAAC;IAEM,mBAAmB,GAAoC,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC;IAEtF,OAAO,CACL,UAA4B,EAC5B,UAAsB,EACtB,QAAyB;QAEzB,MAAM,IAAI,iCAAiC,CACzC,mEAAmE,CACpE,CAAC;IACJ,CAAC;IAED,SAAS,CACP,UAA4B,EAC5B,aAAyB,EACzB,QAA2B;QAE3B,MAAM,IAAI,iCAAiC,CACzC,qEAAqE,CACtE,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,UAAkB,EAAE,OAAmB,EAAE,QAAsB;QAClE,MAAM,IAAI,iCAAiC,CACzC,4DAA4D,CAC7D,CAAC;IACJ,CAAC;IAED,QAAQ,CAAC,UAAkB,EAAE,KAAiB,EAAE,QAAsB;QACpE,MAAM,IAAI,iCAAiC,CACzC,4DAA4D,CAC7D,CAAC;IACJ,CAAC;IAED,MAAM,CACJ,UAAkB,EAClB,OAAmB,EACnB,UAAsB,EACtB,QAAwB;QAExB,MAAM,IAAI,iCAAiC,CACzC,8DAA8D,CAC/D,CAAC;IACJ,CAAC;IACD,UAAU,CACR,UAAkB,EAClB,KAAiB,EACjB,UAAsB,EACtB,eAAiC;QAEjC,MAAM,IAAI,iCAAiC,CACzC,8DAA8D,CAC/D,CAAC;IACJ,CAAC;IAEO,WAAW,CAAC,cAAsB;QACxC,IACE,IAAI,CAAC,GAAG;YACR,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,WAAW,EAAE,KAAK,KAAK;YACrC,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,WAAW,EAAE,KAAK,SAAS,EACzC,CAAC;YACD,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAC;QACzE,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;YAChB,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;QAC/C,CAAC;QAED,IAAI,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,GAAG,cAAc,EAAE,CAAC;YACvC,MAAM,IAAI,KAAK,CAAC,wBAAwB,cAAc,IAAI,CAAC,OAAO,CAAC,CAAC;QACtE,CAAC;IACH,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { OperationOptions } from \"@azure-rest/core-client\";\nimport crypto from \"node:crypto\";\nimport type {\n AesCbcEncryptParameters,\n DecryptOptions,\n DecryptResult,\n EncryptOptions,\n EncryptResult,\n JsonWebKey,\n KeyWrapAlgorithm,\n SignOptions,\n SignResult,\n UnwrapKeyOptions,\n UnwrapResult,\n VerifyOptions,\n VerifyResult,\n WrapKeyOptions,\n WrapResult,\n} from \"../index.js\";\nimport type { AesCbcDecryptParameters } from \"../cryptographyClientModels.js\";\nimport type { CryptographyProvider, CryptographyProviderOperation } from \"./models.js\";\nimport { LocalCryptographyUnsupportedError } from \"./models.js\";\n\n/**\n * An AES cryptography provider supporting AES algorithms.\n * @internal\n */\nexport class AesCryptographyProvider implements CryptographyProvider {\n private key: JsonWebKey;\n constructor(key: JsonWebKey) {\n this.key = key;\n }\n encrypt(\n encryptParameters: AesCbcEncryptParameters,\n _options?: EncryptOptions,\n ): Promise<EncryptResult> {\n const { algorithm, keySizeInBytes } = this.supportedAlgorithms[encryptParameters.algorithm];\n const iv = encryptParameters.iv || crypto.randomBytes(16);\n\n this.ensureValid(keySizeInBytes);\n\n const cipher = crypto.createCipheriv(algorithm, this.key.k!.subarray(0, keySizeInBytes), iv);\n let encrypted = cipher.update(Buffer.from(encryptParameters.plaintext));\n encrypted = Buffer.concat([encrypted, cipher.final()]);\n\n return Promise.resolve({\n algorithm: encryptParameters.algorithm,\n result: encrypted,\n iv: iv,\n });\n }\n\n decrypt(\n decryptParameters: AesCbcDecryptParameters,\n _options?: DecryptOptions,\n ): Promise<DecryptResult> {\n const { algorithm, keySizeInBytes } = this.supportedAlgorithms[decryptParameters.algorithm];\n\n this.ensureValid(keySizeInBytes);\n\n const decipher = crypto.createDecipheriv(\n algorithm,\n this.key.k!.subarray(0, keySizeInBytes),\n decryptParameters.iv,\n );\n let dec = decipher.update(Buffer.from(decryptParameters.ciphertext));\n dec = Buffer.concat([dec, decipher.final()]);\n\n return Promise.resolve({\n algorithm: decryptParameters.algorithm,\n result: dec,\n });\n }\n\n isSupported(algorithm: string, operation: CryptographyProviderOperation): boolean {\n if (!this.key.k) {\n return false;\n }\n\n if (!Object.keys(this.supportedAlgorithms).includes(algorithm)) {\n return false;\n }\n\n if (!this.supportedOperations.includes(operation)) {\n return false;\n }\n\n return true;\n }\n\n /**\n * The set of algorithms this provider supports.\n * For AES encryption, the values include the underlying algorithm used in crypto\n * as well as the key size in bytes.\n *\n * We start with support for A[SIZE]CBCPAD which uses the PKCS padding (the default padding scheme in node crypto)\n */\n private supportedAlgorithms: { [s: string]: { algorithm: string; keySizeInBytes: number } } = {\n A128CBCPAD: {\n algorithm: \"aes-128-cbc\",\n keySizeInBytes: 128 >> 3,\n },\n A192CBCPAD: {\n algorithm: \"aes-192-cbc\",\n keySizeInBytes: 192 >> 3,\n },\n A256CBCPAD: {\n algorithm: \"aes-256-cbc\",\n keySizeInBytes: 256 >> 3,\n },\n };\n\n private supportedOperations: CryptographyProviderOperation[] = [\"encrypt\", \"decrypt\"];\n\n wrapKey(\n _algorithm: KeyWrapAlgorithm,\n _keyToWrap: Uint8Array,\n _options?: WrapKeyOptions,\n ): Promise<WrapResult> {\n throw new LocalCryptographyUnsupportedError(\n \"Wrapping a key using a local JsonWebKey is not supported for AES.\",\n );\n }\n\n unwrapKey(\n _algorithm: KeyWrapAlgorithm,\n _encryptedKey: Uint8Array,\n _options?: UnwrapKeyOptions,\n ): Promise<UnwrapResult> {\n throw new LocalCryptographyUnsupportedError(\n \"Unwrapping a key using a local JsonWebKey is not supported for AES.\",\n );\n }\n\n sign(_algorithm: string, _digest: Uint8Array, _options?: SignOptions): Promise<SignResult> {\n throw new LocalCryptographyUnsupportedError(\n \"Signing using a local JsonWebKey is not supported for AES.\",\n );\n }\n\n signData(_algorithm: string, _data: Uint8Array, _options?: SignOptions): Promise<SignResult> {\n throw new LocalCryptographyUnsupportedError(\n \"Signing using a local JsonWebKey is not supported for AES.\",\n );\n }\n\n verify(\n _algorithm: string,\n _digest: Uint8Array,\n _signature: Uint8Array,\n _options?: VerifyOptions,\n ): Promise<VerifyResult> {\n throw new LocalCryptographyUnsupportedError(\n \"Verifying using a local JsonWebKey is not supported for AES.\",\n );\n }\n verifyData(\n _algorithm: string,\n _data: Uint8Array,\n _signature: Uint8Array,\n _updatedOptions: OperationOptions,\n ): Promise<VerifyResult> {\n throw new LocalCryptographyUnsupportedError(\n \"Verifying using a local JsonWebKey is not supported for AES.\",\n );\n }\n\n private ensureValid(keySizeInBytes: number): void {\n if (\n this.key &&\n this.key.kty?.toUpperCase() !== \"OCT\" &&\n this.key.kty?.toUpperCase() !== \"OCT-HSM\"\n ) {\n throw new Error(\"Key type does not match the key type oct or oct-hsm\");\n }\n\n if (!this.key.k) {\n throw new Error(\"Symmetric key is required\");\n }\n\n if (this.key.k.length < keySizeInBytes) {\n throw new Error(`Key must be at least ${keySizeInBytes << 3} bits`);\n }\n }\n}\n"]}
package/dist/esm/cryptography/remoteCryptographyProvider.js CHANGED
@@ -1,6 +1,5 @@
1
1
  // Copyright (c) Microsoft Corporation.
2
2
  // Licensed under the MIT License.
3
- import { __rest } from "tslib";
4
3
  import { SDK_VERSION } from "../constants.js";
5
4
  import { KeyVaultClient } from "../generated/src/index.js";
6
5
  import { parseKeyVaultKeyIdentifier } from "../identifier.js";
@@ -17,7 +16,6 @@ import { bearerTokenAuthenticationPolicyName } from "@azure/core-rest-pipeline";
17
16
  */
18
17
  export class RemoteCryptographyProvider {
19
18
  constructor(key, credential, pipelineOptions = {}) {
20
- var _a;
21
19
  this.key = key;
22
20
  let keyId;
23
21
  if (typeof key === "string") {
@@ -36,7 +34,7 @@ export class RemoteCryptographyProvider {
36
34
  }
37
35
  this.vaultUrl = parsed.vaultUrl;
38
36
  this.name = parsed.name;
39
- this.version = (_a = parsed.version) !== null && _a !== void 0 ? _a : "";
37
+ this.version = parsed.version ?? "";
40
38
  this.client = getOrInitializeClient(this.vaultUrl, credential, pipelineOptions);
41
39
  }
42
40
  catch (err) {
@@ -49,8 +47,8 @@ export class RemoteCryptographyProvider {
49
47
  return true;
50
48
  }
51
49
  encrypt(encryptParameters, options = {}) {
52
- const { algorithm, plaintext } = encryptParameters, params = __rest(encryptParameters, ["algorithm", "plaintext"]);
53
- const requestOptions = Object.assign(Object.assign({}, options), params);
50
+ const { algorithm, plaintext, ...params } = encryptParameters;
51
+ const requestOptions = { ...options, ...params };
54
52
  return tracingClient.withSpan("RemoteCryptographyProvider.encrypt", requestOptions, async (updatedOptions) => {
55
53
  const result = await this.client.encrypt(this.name, this.version, {
56
54
  algorithm,
@@ -71,8 +69,8 @@ export class RemoteCryptographyProvider {
71
69
  });
72
70
  }
73
71
  decrypt(decryptParameters, options = {}) {
74
- const { algorithm, ciphertext } = decryptParameters, params = __rest(decryptParameters, ["algorithm", "ciphertext"]);
75
- const requestOptions = Object.assign(Object.assign({}, options), params);
72
+ const { algorithm, ciphertext, ...params } = decryptParameters;
73
+ const requestOptions = { ...options, ...params };
76
74
  return tracingClient.withSpan("RemoteCryptographyProvider.decrypt", requestOptions, async (updatedOptions) => {
77
75
  const result = await this.client.decrypt(this.name, this.version, {
78
76
  algorithm,
@@ -156,6 +154,10 @@ export class RemoteCryptographyProvider {
156
154
  return { result: result.result, algorithm, keyID: this.getKeyID() };
157
155
  });
158
156
  }
157
+ /**
158
+ * The base URL to the vault.
159
+ */
160
+ vaultUrl;
159
161
  /**
160
162
  * The ID of the key used to perform cryptographic operations for the client.
161
163
  */
@@ -179,6 +181,24 @@ export class RemoteCryptographyProvider {
179
181
  return this.key;
180
182
  });
181
183
  }
184
+ /**
185
+ * A reference to the auto-generated KeyVault HTTP client.
186
+ */
187
+ client;
188
+ /**
189
+ * A reference to the key used for the cryptographic operations.
190
+ * Based on what was provided to the CryptographyClient constructor,
191
+ * it can be either a string with the URL of a Key Vault Key, or an already parsed {@link KeyVaultKey}.
192
+ */
193
+ key;
194
+ /**
195
+ * Name of the key the client represents
196
+ */
197
+ name;
198
+ /**
199
+ * Version of the key the client represents
200
+ */
201
+ version;
182
202
  /**
183
203
  * Attempts to retrieve the ID of the key.
184
204
  */
@@ -213,14 +233,18 @@ function getOrInitializeClient(vaultUrl, credential, options) {
213
233
  ? `${userAgentOptions.userAgentPrefix} ${libInfo}`
214
234
  : libInfo,
215
235
  };
216
- const internalPipelineOptions = Object.assign(Object.assign({}, options), { apiVersion: options.serviceVersion || LATEST_API_VERSION, loggingOptions: {
236
+ const internalPipelineOptions = {
237
+ ...options,
238
+ apiVersion: options.serviceVersion || LATEST_API_VERSION,
239
+ loggingOptions: {
217
240
  logger: logger.info,
218
241
  additionalAllowedHeaderNames: [
219
242
  "x-ms-keyvault-region",
220
243
  "x-ms-keyvault-network-info",
221
244
  "x-ms-keyvault-service-version",
222
245
  ],
223
- } });
246
+ },
247
+ };
224
248
  const client = new KeyVaultClient(vaultUrl, credential, internalPipelineOptions);
225
249
  client.pipeline.removePolicy({ name: bearerTokenAuthenticationPolicyName });
226
250
  client.pipeline.addPolicy(keyVaultAuthenticationPolicy(credential, options));
@@ -228,8 +252,7 @@ function getOrInitializeClient(vaultUrl, credential, options) {
228
252
  client.pipeline.addPolicy({
229
253
  name: "ContentTypePolicy",
230
254
  sendRequest(request, next) {
231
- var _a;
232
- const contentType = (_a = request.headers.get("Content-Type")) !== null && _a !== void 0 ? _a : "";
255
+ const contentType = request.headers.get("Content-Type") ?? "";
233
256
  if (contentType.startsWith("application/json")) {
234
257
  request.headers.set("Content-Type", "application/json");
235
258
  }
package/dist/esm/cryptography/remoteCryptographyProvider.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"remoteCryptographyProvider.js","sourceRoot":"","sources":["../../../src/cryptography/remoteCryptographyProvider.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;;AAoBlC,OAAO,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC;AAG9C,OAAO,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAC;AAC3D,OAAO,EAAE,0BAA0B,EAAE,MAAM,kBAAkB,CAAC;AAE9D,OAAO,EAAE,kBAAkB,EAAE,MAAM,kBAAkB,CAAC;AACtD,OAAO,EAAE,mBAAmB,EAAE,MAAM,uBAAuB,CAAC;AAC5D,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAEzC,OAAO,EAAE,MAAM,EAAE,MAAM,WAAW,CAAC;AACnC,OAAO,EAAE,4BAA4B,EAAE,MAAM,wBAAwB,CAAC;AACtE,OAAO,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAC9C,OAAO,EAAE,mCAAmC,EAAE,MAAM,2BAA2B,CAAC;AAEhF;;;GAGG;AACH,MAAM,OAAO,0BAA0B;IACrC,YACE,GAAyB,EACzB,UAA2B,EAC3B,kBAA6C,EAAE;;QAE/C,IAAI,CAAC,GAAG,GAAG,GAAG,CAAC;QAEf,IAAI,KAAa,CAAC;QAClB,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YAC5B,KAAK,GAAG,GAAG,CAAC;QACd,CAAC;aAAM,CAAC;YACN,KAAK,GAAG,GAAG,CAAC,EAAG,CAAC;QAClB,CAAC;QAED,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,0BAA0B,CAAC,KAAK,CAAC,CAAC;YACjD,IAAI,MAAM,CAAC,IAAI,KAAK,EAAE,EAAE,CAAC;gBACvB,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;YAC7D,CAAC;YAED,IAAI,CAAC,MAAM,CAAC,QAAQ,IAAI,MAAM,CAAC,QAAQ,KAAK,EAAE,EAAE,CAAC;gBAC/C,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;YACjE,CAAC;YAED,IAAI,CAAC,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC;YAChC,IAAI,CAAC,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC;YACxB,IAAI,CAAC,OAAO,GAAG,MAAA,MAAM,CAAC,OAAO,mCAAI,EAAE,CAAC;YAEpC,IAAI,CAAC,MAAM,GAAG,qBAAqB,CAAC,IAAI,CAAC,QAAQ,EAAE,UAAU,EAAE,eAAe,CAAC,CAAC;QAClF,CAAC;QAAC,OAAO,GAAQ,EAAE,CAAC;YAClB,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAElB,MAAM,IAAI,KAAK,CAAC,GAAG,KAAK,kCAAkC,CAAC,CAAC;QAC9D,CAAC;IACH,CAAC;IAED,gEAAgE;IAChE,WAAW,CAAC,UAAkB,EAAE,UAAyC;QACvE,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,CACL,iBAAoC,EACpC,UAA0B,EAAE;QAE5B,MAAM,EAAE,SAAS,EAAE,SAAS,KAAgB,iBAAiB,EAA5B,MAAM,UAAK,iBAAiB,EAAvD,0BAAmC,CAAoB,CAAC;QAC9D,MAAM,cAAc,mCAAQ,OAAO,GAAK,MAAM,CAAE,CAAC;QAEjD,OAAO,aAAa,CAAC,QAAQ,CAC3B,oCAAoC,EACpC,cAAc,EACd,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CACtC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,OAAO,EACZ;gBACE,SAAS;gBACT,KAAK,EAAE,SAAS;gBAChB,GAAG,EACD,6BAA6B,IAAI,iBAAiB;oBAChD,CAAC,CAAC,iBAAiB,CAAC,2BAA2B;oBAC/C,CAAC,CAAC,SAAS;gBACf,EAAE,EAAE,IAAI,IAAI,iBAAiB,CAAC,CAAC,CAAC,iBAAiB,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS;aACjE,EACD,cAAc,CACf,CAAC;YAEF,OAAO;gBACL,SAAS,EAAE,iBAAiB,CAAC,SAAS;gBACtC,MAAM,EAAE,MAAM,CAAC,MAAO;gBACtB,KAAK,EAAE,IAAI,CAAC,QAAQ,EAAE;gBACtB,2BAA2B,EAAE,MAAM,CAAC,2BAA2B;gBAC/D,iBAAiB,EAAE,MAAM,CAAC,iBAAiB;gBAC3C,EAAE,EAAE,MAAM,CAAC,EAAE;aACd,CAAC;QACJ,CAAC,CACF,CAAC;IACJ,CAAC;IAED,OAAO,CACL,iBAAoC,EACpC,UAA0B,EAAE;QAE5B,MAAM,EAAE,SAAS,EAAE,UAAU,KAAgB,iBAAiB,EAA5B,MAAM,UAAK,iBAAiB,EAAxD,2BAAoC,CAAoB,CAAC;QAC/D,MAAM,cAAc,mCAAQ,OAAO,GAAK,MAAM,CAAE,CAAC;QAEjD,OAAO,aAAa,CAAC,QAAQ,CAC3B,oCAAoC,EACpC,cAAc,EACd,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CACtC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,OAAO,EACZ;gBACE,SAAS;gBACT,KAAK,EAAE,UAAU;gBACjB,GAAG,EACD,6BAA6B,IAAI,iBAAiB;oBAChD,CAAC,CAAC,iBAAiB,CAAC,2BAA2B;oBAC/C,CAAC,CAAC,SAAS;gBACf,EAAE,EAAE,IAAI,IAAI,iBAAiB,CAAC,CAAC,CAAC,iBAAiB,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS;gBAChE,GAAG,EACD,mBAAmB,IAAI,iBAAiB;oBACtC,CAAC,CAAC,iBAAiB,CAAC,iBAAiB;oBACrC,CAAC,CAAC,SAAS;aAChB,EACD,cAAc,CACf,CAAC;YACF,OAAO;gBACL,MAAM,EAAE,MAAM,CAAC,MAAO;gBACtB,KAAK,EAAE,IAAI,CAAC,QAAQ,EAAE;gBACtB,SAAS;aACV,CAAC;QACJ,CAAC,CACF,CAAC;IACJ,CAAC;IAED,OAAO,CACL,SAA2B,EAC3B,SAAqB,EACrB,UAA0B,EAAE;QAE5B,OAAO,aAAa,CAAC,QAAQ,CAC3B,oCAAoC,EACpC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CACtC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,OAAO,EACZ;gBACE,SAAS;gBACT,KAAK,EAAE,SAAS;aACjB,EACD,cAAc,CACf,CAAC;YAEF,OAAO;gBACL,MAAM,EAAE,MAAM,CAAC,MAAO;gBACtB,SAAS;gBACT,KAAK,EAAE,IAAI,CAAC,QAAQ,EAAE;aACvB,CAAC;QACJ,CAAC,CACF,CAAC;IACJ,CAAC;IAED,SAAS,CACP,SAA2B,EAC3B,YAAwB,EACxB,UAA4B,EAAE;QAE9B,OAAO,aAAa,CAAC,QAAQ,CAC3B,sCAAsC,EACtC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,SAAS,CACxC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,OAAO,EACZ;gBACE,SAAS;gBACT,KAAK,EAAE,YAAY;aACpB,EACD,cAAc,CACf,CAAC;YAEF,OAAO;gBACL,MAAM,EAAE,MAAM,CAAC,MAAO;gBACtB,SAAS;gBACT,KAAK,EAAE,IAAI,CAAC,QAAQ,EAAE;aACvB,CAAC;QACJ,CAAC,CACF,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,SAAiB,EAAE,MAAkB,EAAE,UAAuB,EAAE;QACnE,OAAO,aAAa,CAAC,QAAQ,CAC3B,iCAAiC,EACjC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CACnC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,OAAO,EACZ;gBACE,SAAS;gBACT,KAAK,EAAE,MAAM;aACd,EACD,cAAc,CACf,CAAC;YAEF,OAAO,EAAE,MAAM,EAAE,MAAM,CAAC,MAAO,EAAE,SAAS,EAAE,KAAK,EAAE,IAAI,CAAC,QAAQ,EAAE,EAAE,CAAC;QACvE,CAAC,CACF,CAAC;IACJ,CAAC;IAED,UAAU,CACR,SAAiB,EACjB,IAAgB,EAChB,SAAqB,EACrB,UAAyB,EAAE;QAE3B,OAAO,aAAa,CAAC,QAAQ,CAC3B,uCAAuC,EACvC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,MAAM,IAAI,GAAG,MAAM,UAAU,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;YAC/C,OAAO,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,EAAE,SAAS,EAAE,cAAc,CAAC,CAAC;QACjE,CAAC,CACF,CAAC;IACJ,CAAC;IAED,MAAM,CACJ,SAAiB,EACjB,MAAkB,EAClB,SAAqB,EACrB,UAAyB,EAAE;QAE3B,OAAO,aAAa,CAAC,QAAQ,CAC3B,mCAAmC,EACnC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CACvC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,OAAO,EACZ;gBACE,SAAS;gBACT,MAAM;gBACN,SAAS;aACV,EACD,cAAc,CACf,CAAC;YACF,OAAO;gBACL,MAAM,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK;gBAC/C,KAAK,EAAE,IAAI,CAAC,QAAQ,EAAE;aACvB,CAAC;QACJ,CAAC,CACF,CAAC;IACJ,CAAC;IAED,QAAQ,CAAC,SAAiB,EAAE,IAAgB,EAAE,UAAuB,EAAE;QACrE,OAAO,aAAa,CAAC,QAAQ,CAC3B,qCAAqC,EACrC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;YACjD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CACnC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,OAAO,EACZ;gBACE,SAAS;gBACT,KAAK,EAAE,MAAM;aACd,EACD,cAAc,CACf,CAAC;YACF,OAAO,EAAE,MAAM,EAAE,MAAM,CAAC,MAAO,EAAE,SAAS,EAAE,KAAK,EAAE,IAAI,CAAC,QAAQ,EAAE,EAAE,CAAC;QACvE,CAAC,CACF,CAAC;IACJ,CAAC;IAOD;;OAEG;IACH,IAAI,KAAK;QACP,OAAO,IAAI,CAAC,QAAQ,EAAE,CAAC;IACzB,CAAC;IAED;;;;OAIG;IACH,MAAM,CAAC,UAAyB,EAAE;QAChC,OAAO,aAAa,CAAC,QAAQ,CAC3B,mCAAmC,EACnC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,IAAI,OAAO,IAAI,CAAC,GAAG,KAAK,QAAQ,EAAE,CAAC;gBACjC,IAAI,CAAC,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,IAAI,KAAK,EAAE,EAAE,CAAC;oBACnC,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;gBACvD,CAAC;gBACD,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CACvC,IAAI,CAAC,IAAI,EACT,OAAO,IAAI,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAC/E,cAAc,CACf,CAAC;gBACF,IAAI,CAAC,GAAG,GAAG,mBAAmB,CAAC,QAAQ,CAAC,CAAC;YAC3C,CAAC;YACD,OAAO,IAAI,CAAC,GAAG,CAAC;QAClB,CAAC,CACF,CAAC;IACJ,CAAC;IAwBD;;OAEG;IACK,QAAQ;QACd,IAAI,GAAG,CAAC;QACR,IAAI,OAAO,IAAI,CAAC,GAAG,KAAK,QAAQ,EAAE,CAAC;YACjC,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;QACpB,CAAC;aAAM,CAAC;YACN,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC;QACjB,CAAC;QAED,OAAO,GAAG,CAAC;IACb,CAAC;CACF;AAED;;;;;;;;GAQG;AACH,SAAS,qBAAqB,CAC5B,QAAgB,EAChB,UAA2B,EAC3B,OAAyE;IAEzE,IAAI,OAAO,CAAC,eAAe,EAAE,CAAC;QAC5B,OAAO,OAAO,CAAC,eAAe,CAAC;IACjC,CAAC;IAED,MAAM,OAAO,GAAG,0BAA0B,WAAW,EAAE,CAAC;IAExD,MAAM,gBAAgB,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAElD,OAAO,CAAC,gBAAgB,GAAG;QACzB,eAAe,EACb,gBAAgB,IAAI,gBAAgB,CAAC,eAAe;YAClD,CAAC,CAAC,GAAG,gBAAgB,CAAC,eAAe,IAAI,OAAO,EAAE;YAClD,CAAC,CAAC,OAAO;KACd,CAAC;IAEF,MAAM,uBAAuB,mCACxB,OAAO,KACV,UAAU,EAAE,OAAO,CAAC,cAAc,IAAI,kBAAkB,EACxD,cAAc,EAAE;YACd,MAAM,EAAE,MAAM,CAAC,IAAI;YACnB,4BAA4B,EAAE;gBAC5B,sBAAsB;gBACtB,4BAA4B;gBAC5B,+BAA+B;aAChC;SACF,GACF,CAAC;IAEF,MAAM,MAAM,GAAG,IAAI,cAAc,CAAC,QAAQ,EAAE,UAAU,EAAE,uBAAuB,CAAC,CAAC;IAEjF,MAAM,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAE,IAAI,EAAE,mCAAmC,EAAE,CAAC,CAAC;IAC5E,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC,4BAA4B,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC;IAC7E,yEAAyE;IACzE,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC;QACxB,IAAI,EAAE,mBAAmB;QACzB,WAAW,CAAC,OAAO,EAAE,IAAI;;YACvB,MAAM,WAAW,GAAG,MAAA,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,mCAAI,EAAE,CAAC;YAC9D,IAAI,WAAW,CAAC,UAAU,CAAC,kBAAkB,CAAC,EAAE,CAAC;gBAC/C,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC;YAC1D,CAAC;YACD,OAAO,IAAI,CAAC,OAAO,CAAC,CAAC;QACvB,CAAC;KACF,CAAC,CAAC;IAEH,OAAO,MAAM,CAAC;AAChB,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { TokenCredential } from \"@azure/core-auth\";\n\nimport type {\n DecryptOptions,\n DecryptParameters,\n DecryptResult,\n EncryptOptions,\n EncryptParameters,\n EncryptResult,\n KeyWrapAlgorithm,\n SignOptions,\n SignResult,\n UnwrapKeyOptions,\n VerifyOptions,\n VerifyResult,\n WrapKeyOptions,\n WrapResult,\n} from \"../cryptographyClientModels.js\";\nimport { SDK_VERSION } from \"../constants.js\";\nimport type { UnwrapResult } from \"../cryptographyClientModels.js\";\nimport type { KeyVaultClientOptionalParams } from \"../generated/src/index.js\";\nimport { KeyVaultClient } from \"../generated/src/index.js\";\nimport { parseKeyVaultKeyIdentifier } from \"../identifier.js\";\nimport type { CryptographyClientOptions, GetKeyOptions, KeyVaultKey } from \"../keysModels.js\";\nimport { LATEST_API_VERSION } from \"../keysModels.js\";\nimport { getKeyFromKeyBundle } from \"../transformations.js\";\nimport { createHash } from \"./crypto.js\";\nimport type { CryptographyProvider, CryptographyProviderOperation } from \"./models.js\";\nimport { logger } from \"../log.js\";\nimport { keyVaultAuthenticationPolicy } from \"@azure/keyvault-common\";\nimport { tracingClient } from \"../tracing.js\";\nimport { bearerTokenAuthenticationPolicyName } from \"@azure/core-rest-pipeline\";\n\n/**\n * The remote cryptography provider is used to run crypto operations against KeyVault.\n * @internal\n */\nexport class RemoteCryptographyProvider implements CryptographyProvider {\n constructor(\n key: string | KeyVaultKey,\n credential: TokenCredential,\n pipelineOptions: CryptographyClientOptions = {},\n ) {\n this.key = key;\n\n let keyId: string;\n if (typeof key === \"string\") {\n keyId = key;\n } else {\n keyId = key.id!;\n }\n\n try {\n const parsed = parseKeyVaultKeyIdentifier(keyId);\n if (parsed.name === \"\") {\n throw new Error(\"Could not find 'name' of key in key URL\");\n }\n\n if (!parsed.vaultUrl || parsed.vaultUrl === \"\") {\n throw new Error(\"Could not find 'vaultUrl' of key in key URL\");\n }\n\n this.vaultUrl = parsed.vaultUrl;\n this.name = parsed.name;\n this.version = parsed.version ?? \"\";\n\n this.client = getOrInitializeClient(this.vaultUrl, credential, pipelineOptions);\n } catch (err: any) {\n logger.error(err);\n\n throw new Error(`${keyId} is not a valid Key Vault key ID`);\n }\n }\n\n // The remote client supports all algorithms and all operations.\n isSupported(_algorithm: string, _operation: CryptographyProviderOperation): boolean {\n return true;\n }\n\n encrypt(\n encryptParameters: EncryptParameters,\n options: EncryptOptions = {},\n ): Promise<EncryptResult> {\n const { algorithm, plaintext, ...params } = encryptParameters;\n const requestOptions = { ...options, ...params };\n\n return tracingClient.withSpan(\n \"RemoteCryptographyProvider.encrypt\",\n requestOptions,\n async (updatedOptions) => {\n const result = await this.client.encrypt(\n this.name,\n this.version,\n {\n algorithm,\n value: plaintext,\n aad:\n \"additionalAuthenticatedData\" in encryptParameters\n ? encryptParameters.additionalAuthenticatedData\n : undefined,\n iv: \"iv\" in encryptParameters ? encryptParameters.iv : undefined,\n },\n updatedOptions,\n );\n\n return {\n algorithm: encryptParameters.algorithm,\n result: result.result!,\n keyID: this.getKeyID(),\n additionalAuthenticatedData: result.additionalAuthenticatedData,\n authenticationTag: result.authenticationTag,\n iv: result.iv,\n };\n },\n );\n }\n\n decrypt(\n decryptParameters: DecryptParameters,\n options: DecryptOptions = {},\n ): Promise<DecryptResult> {\n const { algorithm, ciphertext, ...params } = decryptParameters;\n const requestOptions = { ...options, ...params };\n\n return tracingClient.withSpan(\n \"RemoteCryptographyProvider.decrypt\",\n requestOptions,\n async (updatedOptions) => {\n const result = await this.client.decrypt(\n this.name,\n this.version,\n {\n algorithm,\n value: ciphertext,\n aad:\n \"additionalAuthenticatedData\" in decryptParameters\n ? decryptParameters.additionalAuthenticatedData\n : undefined,\n iv: \"iv\" in decryptParameters ? decryptParameters.iv : undefined,\n tag:\n \"authenticationTag\" in decryptParameters\n ? decryptParameters.authenticationTag\n : undefined,\n },\n updatedOptions,\n );\n return {\n result: result.result!,\n keyID: this.getKeyID(),\n algorithm,\n };\n },\n );\n }\n\n wrapKey(\n algorithm: KeyWrapAlgorithm,\n keyToWrap: Uint8Array,\n options: WrapKeyOptions = {},\n ): Promise<WrapResult> {\n return tracingClient.withSpan(\n \"RemoteCryptographyProvider.wrapKey\",\n options,\n async (updatedOptions) => {\n const result = await this.client.wrapKey(\n this.name,\n this.version,\n {\n algorithm,\n value: keyToWrap,\n },\n updatedOptions,\n );\n\n return {\n result: result.result!,\n algorithm,\n keyID: this.getKeyID(),\n };\n },\n );\n }\n\n unwrapKey(\n algorithm: KeyWrapAlgorithm,\n encryptedKey: Uint8Array,\n options: UnwrapKeyOptions = {},\n ): Promise<UnwrapResult> {\n return tracingClient.withSpan(\n \"RemoteCryptographyProvider.unwrapKey\",\n options,\n async (updatedOptions) => {\n const result = await this.client.unwrapKey(\n this.name,\n this.version,\n {\n algorithm,\n value: encryptedKey,\n },\n updatedOptions,\n );\n\n return {\n result: result.result!,\n algorithm,\n keyID: this.getKeyID(),\n };\n },\n );\n }\n\n sign(algorithm: string, digest: Uint8Array, options: SignOptions = {}): Promise<SignResult> {\n return tracingClient.withSpan(\n \"RemoteCryptographyProvider.sign\",\n options,\n async (updatedOptions) => {\n const result = await this.client.sign(\n this.name,\n this.version,\n {\n algorithm,\n value: digest,\n },\n updatedOptions,\n );\n\n return { result: result.result!, algorithm, keyID: this.getKeyID() };\n },\n );\n }\n\n verifyData(\n algorithm: string,\n data: Uint8Array,\n signature: Uint8Array,\n options: VerifyOptions = {},\n ): Promise<VerifyResult> {\n return tracingClient.withSpan(\n \"RemoteCryptographyProvider.verifyData\",\n options,\n async (updatedOptions) => {\n const hash = await createHash(algorithm, data);\n return this.verify(algorithm, hash, signature, updatedOptions);\n },\n );\n }\n\n verify(\n algorithm: string,\n digest: Uint8Array,\n signature: Uint8Array,\n options: VerifyOptions = {},\n ): Promise<VerifyResult> {\n return tracingClient.withSpan(\n \"RemoteCryptographyProvider.verify\",\n options,\n async (updatedOptions) => {\n const response = await this.client.verify(\n this.name,\n this.version,\n {\n algorithm,\n digest,\n signature,\n },\n updatedOptions,\n );\n return {\n result: response.value ? response.value : false,\n keyID: this.getKeyID(),\n };\n },\n );\n }\n\n signData(algorithm: string, data: Uint8Array, options: SignOptions = {}): Promise<SignResult> {\n return tracingClient.withSpan(\n \"RemoteCryptographyProvider.signData\",\n options,\n async (updatedOptions) => {\n const digest = await createHash(algorithm, data);\n const result = await this.client.sign(\n this.name,\n this.version,\n {\n algorithm,\n value: digest,\n },\n updatedOptions,\n );\n return { result: result.result!, algorithm, keyID: this.getKeyID() };\n },\n );\n }\n\n /**\n * The base URL to the vault.\n */\n readonly vaultUrl: string;\n\n /**\n * The ID of the key used to perform cryptographic operations for the client.\n */\n get keyId(): string | undefined {\n return this.getKeyID();\n }\n\n /**\n * Gets the {@link KeyVaultKey} used for cryptography operations, fetching it\n * from KeyVault if necessary.\n * @param options - Additional options.\n */\n getKey(options: GetKeyOptions = {}): Promise<KeyVaultKey> {\n return tracingClient.withSpan(\n \"RemoteCryptographyProvider.getKey\",\n options,\n async (updatedOptions) => {\n if (typeof this.key === \"string\") {\n if (!this.name || this.name === \"\") {\n throw new Error(\"getKey requires a key with a name\");\n }\n const response = await this.client.getKey(\n this.name,\n options && options.version ? options.version : this.version ? this.version : \"\",\n updatedOptions,\n );\n this.key = getKeyFromKeyBundle(response);\n }\n return this.key;\n },\n );\n }\n\n /**\n * A reference to the auto-generated KeyVault HTTP client.\n */\n private client: KeyVaultClient;\n\n /**\n * A reference to the key used for the cryptographic operations.\n * Based on what was provided to the CryptographyClient constructor,\n * it can be either a string with the URL of a Key Vault Key, or an already parsed {@link KeyVaultKey}.\n */\n private key: string | KeyVaultKey;\n\n /**\n * Name of the key the client represents\n */\n private name: string;\n\n /**\n * Version of the key the client represents\n */\n private version: string;\n\n /**\n * Attempts to retrieve the ID of the key.\n */\n private getKeyID(): string | undefined {\n let kid;\n if (typeof this.key !== \"string\") {\n kid = this.key.id;\n } else {\n kid = this.key;\n }\n\n return kid;\n }\n}\n\n/**\n * A helper method to either get the passed down generated client or initialize a new one.\n * An already constructed generated client may be passed down from {@link KeyClient} in which case we should reuse it.\n *\n * @internal\n * @param credential - The credential to use when initializing a new client.\n * @param options - The options for constructing a client or the underlying client if one already exists.\n * @returns - A generated client instance\n */\nfunction getOrInitializeClient(\n vaultUrl: string,\n credential: TokenCredential,\n options: CryptographyClientOptions & { generatedClient?: KeyVaultClient },\n): KeyVaultClient {\n if (options.generatedClient) {\n return options.generatedClient;\n }\n\n const libInfo = `azsdk-js-keyvault-keys/${SDK_VERSION}`;\n\n const userAgentOptions = options.userAgentOptions;\n\n options.userAgentOptions = {\n userAgentPrefix:\n userAgentOptions && userAgentOptions.userAgentPrefix\n ? `${userAgentOptions.userAgentPrefix} ${libInfo}`\n : libInfo,\n };\n\n const internalPipelineOptions: KeyVaultClientOptionalParams = {\n ...options,\n apiVersion: options.serviceVersion || LATEST_API_VERSION,\n loggingOptions: {\n logger: logger.info,\n additionalAllowedHeaderNames: [\n \"x-ms-keyvault-region\",\n \"x-ms-keyvault-network-info\",\n \"x-ms-keyvault-service-version\",\n ],\n },\n };\n\n const client = new KeyVaultClient(vaultUrl, credential, internalPipelineOptions);\n\n client.pipeline.removePolicy({ name: bearerTokenAuthenticationPolicyName });\n client.pipeline.addPolicy(keyVaultAuthenticationPolicy(credential, options));\n // Workaround for: https://github.com/Azure/azure-sdk-for-js/issues/31843\n client.pipeline.addPolicy({\n name: \"ContentTypePolicy\",\n sendRequest(request, next) {\n const contentType = request.headers.get(\"Content-Type\") ?? \"\";\n if (contentType.startsWith(\"application/json\")) {\n request.headers.set(\"Content-Type\", \"application/json\");\n }\n return next(request);\n },\n });\n\n return client;\n}\n"]}
1
+ {"version":3,"file":"remoteCryptographyProvider.js","sourceRoot":"","sources":["../../../src/cryptography/remoteCryptographyProvider.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAoBlC,OAAO,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC;AAG9C,OAAO,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAC;AAC3D,OAAO,EAAE,0BAA0B,EAAE,MAAM,kBAAkB,CAAC;AAE9D,OAAO,EAAE,kBAAkB,EAAE,MAAM,kBAAkB,CAAC;AACtD,OAAO,EAAE,mBAAmB,EAAE,MAAM,uBAAuB,CAAC;AAC5D,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAEzC,OAAO,EAAE,MAAM,EAAE,MAAM,WAAW,CAAC;AACnC,OAAO,EAAE,4BAA4B,EAAE,MAAM,wBAAwB,CAAC;AACtE,OAAO,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAC9C,OAAO,EAAE,mCAAmC,EAAE,MAAM,2BAA2B,CAAC;AAEhF;;;GAGG;AACH,MAAM,OAAO,0BAA0B;IACrC,YACE,GAAyB,EACzB,UAA2B,EAC3B,kBAA6C,EAAE;QAE/C,IAAI,CAAC,GAAG,GAAG,GAAG,CAAC;QAEf,IAAI,KAAa,CAAC;QAClB,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YAC5B,KAAK,GAAG,GAAG,CAAC;QACd,CAAC;aAAM,CAAC;YACN,KAAK,GAAG,GAAG,CAAC,EAAG,CAAC;QAClB,CAAC;QAED,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,0BAA0B,CAAC,KAAK,CAAC,CAAC;YACjD,IAAI,MAAM,CAAC,IAAI,KAAK,EAAE,EAAE,CAAC;gBACvB,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;YAC7D,CAAC;YAED,IAAI,CAAC,MAAM,CAAC,QAAQ,IAAI,MAAM,CAAC,QAAQ,KAAK,EAAE,EAAE,CAAC;gBAC/C,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;YACjE,CAAC;YAED,IAAI,CAAC,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC;YAChC,IAAI,CAAC,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC;YACxB,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC,OAAO,IAAI,EAAE,CAAC;YAEpC,IAAI,CAAC,MAAM,GAAG,qBAAqB,CAAC,IAAI,CAAC,QAAQ,EAAE,UAAU,EAAE,eAAe,CAAC,CAAC;QAClF,CAAC;QAAC,OAAO,GAAQ,EAAE,CAAC;YAClB,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAElB,MAAM,IAAI,KAAK,CAAC,GAAG,KAAK,kCAAkC,CAAC,CAAC;QAC9D,CAAC;IACH,CAAC;IAED,gEAAgE;IAChE,WAAW,CAAC,UAAkB,EAAE,UAAyC;QACvE,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,CACL,iBAAoC,EACpC,UAA0B,EAAE;QAE5B,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,GAAG,MAAM,EAAE,GAAG,iBAAiB,CAAC;QAC9D,MAAM,cAAc,GAAG,EAAE,GAAG,OAAO,EAAE,GAAG,MAAM,EAAE,CAAC;QAEjD,OAAO,aAAa,CAAC,QAAQ,CAC3B,oCAAoC,EACpC,cAAc,EACd,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CACtC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,OAAO,EACZ;gBACE,SAAS;gBACT,KAAK,EAAE,SAAS;gBAChB,GAAG,EACD,6BAA6B,IAAI,iBAAiB;oBAChD,CAAC,CAAC,iBAAiB,CAAC,2BAA2B;oBAC/C,CAAC,CAAC,SAAS;gBACf,EAAE,EAAE,IAAI,IAAI,iBAAiB,CAAC,CAAC,CAAC,iBAAiB,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS;aACjE,EACD,cAAc,CACf,CAAC;YAEF,OAAO;gBACL,SAAS,EAAE,iBAAiB,CAAC,SAAS;gBACtC,MAAM,EAAE,MAAM,CAAC,MAAO;gBACtB,KAAK,EAAE,IAAI,CAAC,QAAQ,EAAE;gBACtB,2BAA2B,EAAE,MAAM,CAAC,2BAA2B;gBAC/D,iBAAiB,EAAE,MAAM,CAAC,iBAAiB;gBAC3C,EAAE,EAAE,MAAM,CAAC,EAAE;aACd,CAAC;QACJ,CAAC,CACF,CAAC;IACJ,CAAC;IAED,OAAO,CACL,iBAAoC,EACpC,UAA0B,EAAE;QAE5B,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,GAAG,MAAM,EAAE,GAAG,iBAAiB,CAAC;QAC/D,MAAM,cAAc,GAAG,EAAE,GAAG,OAAO,EAAE,GAAG,MAAM,EAAE,CAAC;QAEjD,OAAO,aAAa,CAAC,QAAQ,CAC3B,oCAAoC,EACpC,cAAc,EACd,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CACtC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,OAAO,EACZ;gBACE,SAAS;gBACT,KAAK,EAAE,UAAU;gBACjB,GAAG,EACD,6BAA6B,IAAI,iBAAiB;oBAChD,CAAC,CAAC,iBAAiB,CAAC,2BAA2B;oBAC/C,CAAC,CAAC,SAAS;gBACf,EAAE,EAAE,IAAI,IAAI,iBAAiB,CAAC,CAAC,CAAC,iBAAiB,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS;gBAChE,GAAG,EACD,mBAAmB,IAAI,iBAAiB;oBACtC,CAAC,CAAC,iBAAiB,CAAC,iBAAiB;oBACrC,CAAC,CAAC,SAAS;aAChB,EACD,cAAc,CACf,CAAC;YACF,OAAO;gBACL,MAAM,EAAE,MAAM,CAAC,MAAO;gBACtB,KAAK,EAAE,IAAI,CAAC,QAAQ,EAAE;gBACtB,SAAS;aACV,CAAC;QACJ,CAAC,CACF,CAAC;IACJ,CAAC;IAED,OAAO,CACL,SAA2B,EAC3B,SAAqB,EACrB,UAA0B,EAAE;QAE5B,OAAO,aAAa,CAAC,QAAQ,CAC3B,oCAAoC,EACpC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CACtC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,OAAO,EACZ;gBACE,SAAS;gBACT,KAAK,EAAE,SAAS;aACjB,EACD,cAAc,CACf,CAAC;YAEF,OAAO;gBACL,MAAM,EAAE,MAAM,CAAC,MAAO;gBACtB,SAAS;gBACT,KAAK,EAAE,IAAI,CAAC,QAAQ,EAAE;aACvB,CAAC;QACJ,CAAC,CACF,CAAC;IACJ,CAAC;IAED,SAAS,CACP,SAA2B,EAC3B,YAAwB,EACxB,UAA4B,EAAE;QAE9B,OAAO,aAAa,CAAC,QAAQ,CAC3B,sCAAsC,EACtC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,SAAS,CACxC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,OAAO,EACZ;gBACE,SAAS;gBACT,KAAK,EAAE,YAAY;aACpB,EACD,cAAc,CACf,CAAC;YAEF,OAAO;gBACL,MAAM,EAAE,MAAM,CAAC,MAAO;gBACtB,SAAS;gBACT,KAAK,EAAE,IAAI,CAAC,QAAQ,EAAE;aACvB,CAAC;QACJ,CAAC,CACF,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,SAAiB,EAAE,MAAkB,EAAE,UAAuB,EAAE;QACnE,OAAO,aAAa,CAAC,QAAQ,CAC3B,iCAAiC,EACjC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CACnC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,OAAO,EACZ;gBACE,SAAS;gBACT,KAAK,EAAE,MAAM;aACd,EACD,cAAc,CACf,CAAC;YAEF,OAAO,EAAE,MAAM,EAAE,MAAM,CAAC,MAAO,EAAE,SAAS,EAAE,KAAK,EAAE,IAAI,CAAC,QAAQ,EAAE,EAAE,CAAC;QACvE,CAAC,CACF,CAAC;IACJ,CAAC;IAED,UAAU,CACR,SAAiB,EACjB,IAAgB,EAChB,SAAqB,EACrB,UAAyB,EAAE;QAE3B,OAAO,aAAa,CAAC,QAAQ,CAC3B,uCAAuC,EACvC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,MAAM,IAAI,GAAG,MAAM,UAAU,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;YAC/C,OAAO,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,EAAE,SAAS,EAAE,cAAc,CAAC,CAAC;QACjE,CAAC,CACF,CAAC;IACJ,CAAC;IAED,MAAM,CACJ,SAAiB,EACjB,MAAkB,EAClB,SAAqB,EACrB,UAAyB,EAAE;QAE3B,OAAO,aAAa,CAAC,QAAQ,CAC3B,mCAAmC,EACnC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CACvC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,OAAO,EACZ;gBACE,SAAS;gBACT,MAAM;gBACN,SAAS;aACV,EACD,cAAc,CACf,CAAC;YACF,OAAO;gBACL,MAAM,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK;gBAC/C,KAAK,EAAE,IAAI,CAAC,QAAQ,EAAE;aACvB,CAAC;QACJ,CAAC,CACF,CAAC;IACJ,CAAC;IAED,QAAQ,CAAC,SAAiB,EAAE,IAAgB,EAAE,UAAuB,EAAE;QACrE,OAAO,aAAa,CAAC,QAAQ,CAC3B,qCAAqC,EACrC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;YACjD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CACnC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,OAAO,EACZ;gBACE,SAAS;gBACT,KAAK,EAAE,MAAM;aACd,EACD,cAAc,CACf,CAAC;YACF,OAAO,EAAE,MAAM,EAAE,MAAM,CAAC,MAAO,EAAE,SAAS,EAAE,KAAK,EAAE,IAAI,CAAC,QAAQ,EAAE,EAAE,CAAC;QACvE,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;OAEG;IACM,QAAQ,CAAS;IAE1B;;OAEG;IACH,IAAI,KAAK;QACP,OAAO,IAAI,CAAC,QAAQ,EAAE,CAAC;IACzB,CAAC;IAED;;;;OAIG;IACH,MAAM,CAAC,UAAyB,EAAE;QAChC,OAAO,aAAa,CAAC,QAAQ,CAC3B,mCAAmC,EACnC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,IAAI,OAAO,IAAI,CAAC,GAAG,KAAK,QAAQ,EAAE,CAAC;gBACjC,IAAI,CAAC,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,IAAI,KAAK,EAAE,EAAE,CAAC;oBACnC,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;gBACvD,CAAC;gBACD,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CACvC,IAAI,CAAC,IAAI,EACT,OAAO,IAAI,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAC/E,cAAc,CACf,CAAC;gBACF,IAAI,CAAC,GAAG,GAAG,mBAAmB,CAAC,QAAQ,CAAC,CAAC;YAC3C,CAAC;YACD,OAAO,IAAI,CAAC,GAAG,CAAC;QAClB,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,MAAM,CAAiB;IAE/B;;;;OAIG;IACK,GAAG,CAAuB;IAElC;;OAEG;IACK,IAAI,CAAS;IAErB;;OAEG;IACK,OAAO,CAAS;IAExB;;OAEG;IACK,QAAQ;QACd,IAAI,GAAG,CAAC;QACR,IAAI,OAAO,IAAI,CAAC,GAAG,KAAK,QAAQ,EAAE,CAAC;YACjC,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;QACpB,CAAC;aAAM,CAAC;YACN,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC;QACjB,CAAC;QAED,OAAO,GAAG,CAAC;IACb,CAAC;CACF;AAED;;;;;;;;GAQG;AACH,SAAS,qBAAqB,CAC5B,QAAgB,EAChB,UAA2B,EAC3B,OAAyE;IAEzE,IAAI,OAAO,CAAC,eAAe,EAAE,CAAC;QAC5B,OAAO,OAAO,CAAC,eAAe,CAAC;IACjC,CAAC;IAED,MAAM,OAAO,GAAG,0BAA0B,WAAW,EAAE,CAAC;IAExD,MAAM,gBAAgB,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAElD,OAAO,CAAC,gBAAgB,GAAG;QACzB,eAAe,EACb,gBAAgB,IAAI,gBAAgB,CAAC,eAAe;YAClD,CAAC,CAAC,GAAG,gBAAgB,CAAC,eAAe,IAAI,OAAO,EAAE;YAClD,CAAC,CAAC,OAAO;KACd,CAAC;IAEF,MAAM,uBAAuB,GAAiC;QAC5D,GAAG,OAAO;QACV,UAAU,EAAE,OAAO,CAAC,cAAc,IAAI,kBAAkB;QACxD,cAAc,EAAE;YACd,MAAM,EAAE,MAAM,CAAC,IAAI;YACnB,4BAA4B,EAAE;gBAC5B,sBAAsB;gBACtB,4BAA4B;gBAC5B,+BAA+B;aAChC;SACF;KACF,CAAC;IAEF,MAAM,MAAM,GAAG,IAAI,cAAc,CAAC,QAAQ,EAAE,UAAU,EAAE,uBAAuB,CAAC,CAAC;IAEjF,MAAM,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAE,IAAI,EAAE,mCAAmC,EAAE,CAAC,CAAC;IAC5E,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC,4BAA4B,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC;IAC7E,yEAAyE;IACzE,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC;QACxB,IAAI,EAAE,mBAAmB;QACzB,WAAW,CAAC,OAAO,EAAE,IAAI;YACvB,MAAM,WAAW,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,EAAE,CAAC;YAC9D,IAAI,WAAW,CAAC,UAAU,CAAC,kBAAkB,CAAC,EAAE,CAAC;gBAC/C,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC;YAC1D,CAAC;YACD,OAAO,IAAI,CAAC,OAAO,CAAC,CAAC;QACvB,CAAC;KACF,CAAC,CAAC;IAEH,OAAO,MAAM,CAAC;AAChB,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { TokenCredential } from \"@azure/core-auth\";\n\nimport type {\n DecryptOptions,\n DecryptParameters,\n DecryptResult,\n EncryptOptions,\n EncryptParameters,\n EncryptResult,\n KeyWrapAlgorithm,\n SignOptions,\n SignResult,\n UnwrapKeyOptions,\n VerifyOptions,\n VerifyResult,\n WrapKeyOptions,\n WrapResult,\n} from \"../cryptographyClientModels.js\";\nimport { SDK_VERSION } from \"../constants.js\";\nimport type { UnwrapResult } from \"../cryptographyClientModels.js\";\nimport type { KeyVaultClientOptionalParams } from \"../generated/src/index.js\";\nimport { KeyVaultClient } from \"../generated/src/index.js\";\nimport { parseKeyVaultKeyIdentifier } from \"../identifier.js\";\nimport type { CryptographyClientOptions, GetKeyOptions, KeyVaultKey } from \"../keysModels.js\";\nimport { LATEST_API_VERSION } from \"../keysModels.js\";\nimport { getKeyFromKeyBundle } from \"../transformations.js\";\nimport { createHash } from \"./crypto.js\";\nimport type { CryptographyProvider, CryptographyProviderOperation } from \"./models.js\";\nimport { logger } from \"../log.js\";\nimport { keyVaultAuthenticationPolicy } from \"@azure/keyvault-common\";\nimport { tracingClient } from \"../tracing.js\";\nimport { bearerTokenAuthenticationPolicyName } from \"@azure/core-rest-pipeline\";\n\n/**\n * The remote cryptography provider is used to run crypto operations against KeyVault.\n * @internal\n */\nexport class RemoteCryptographyProvider implements CryptographyProvider {\n constructor(\n key: string | KeyVaultKey,\n credential: TokenCredential,\n pipelineOptions: CryptographyClientOptions = {},\n ) {\n this.key = key;\n\n let keyId: string;\n if (typeof key === \"string\") {\n keyId = key;\n } else {\n keyId = key.id!;\n }\n\n try {\n const parsed = parseKeyVaultKeyIdentifier(keyId);\n if (parsed.name === \"\") {\n throw new Error(\"Could not find 'name' of key in key URL\");\n }\n\n if (!parsed.vaultUrl || parsed.vaultUrl === \"\") {\n throw new Error(\"Could not find 'vaultUrl' of key in key URL\");\n }\n\n this.vaultUrl = parsed.vaultUrl;\n this.name = parsed.name;\n this.version = parsed.version ?? \"\";\n\n this.client = getOrInitializeClient(this.vaultUrl, credential, pipelineOptions);\n } catch (err: any) {\n logger.error(err);\n\n throw new Error(`${keyId} is not a valid Key Vault key ID`);\n }\n }\n\n // The remote client supports all algorithms and all operations.\n isSupported(_algorithm: string, _operation: CryptographyProviderOperation): boolean {\n return true;\n }\n\n encrypt(\n encryptParameters: EncryptParameters,\n options: EncryptOptions = {},\n ): Promise<EncryptResult> {\n const { algorithm, plaintext, ...params } = encryptParameters;\n const requestOptions = { ...options, ...params };\n\n return tracingClient.withSpan(\n \"RemoteCryptographyProvider.encrypt\",\n requestOptions,\n async (updatedOptions) => {\n const result = await this.client.encrypt(\n this.name,\n this.version,\n {\n algorithm,\n value: plaintext,\n aad:\n \"additionalAuthenticatedData\" in encryptParameters\n ? encryptParameters.additionalAuthenticatedData\n : undefined,\n iv: \"iv\" in encryptParameters ? encryptParameters.iv : undefined,\n },\n updatedOptions,\n );\n\n return {\n algorithm: encryptParameters.algorithm,\n result: result.result!,\n keyID: this.getKeyID(),\n additionalAuthenticatedData: result.additionalAuthenticatedData,\n authenticationTag: result.authenticationTag,\n iv: result.iv,\n };\n },\n );\n }\n\n decrypt(\n decryptParameters: DecryptParameters,\n options: DecryptOptions = {},\n ): Promise<DecryptResult> {\n const { algorithm, ciphertext, ...params } = decryptParameters;\n const requestOptions = { ...options, ...params };\n\n return tracingClient.withSpan(\n \"RemoteCryptographyProvider.decrypt\",\n requestOptions,\n async (updatedOptions) => {\n const result = await this.client.decrypt(\n this.name,\n this.version,\n {\n algorithm,\n value: ciphertext,\n aad:\n \"additionalAuthenticatedData\" in decryptParameters\n ? decryptParameters.additionalAuthenticatedData\n : undefined,\n iv: \"iv\" in decryptParameters ? decryptParameters.iv : undefined,\n tag:\n \"authenticationTag\" in decryptParameters\n ? decryptParameters.authenticationTag\n : undefined,\n },\n updatedOptions,\n );\n return {\n result: result.result!,\n keyID: this.getKeyID(),\n algorithm,\n };\n },\n );\n }\n\n wrapKey(\n algorithm: KeyWrapAlgorithm,\n keyToWrap: Uint8Array,\n options: WrapKeyOptions = {},\n ): Promise<WrapResult> {\n return tracingClient.withSpan(\n \"RemoteCryptographyProvider.wrapKey\",\n options,\n async (updatedOptions) => {\n const result = await this.client.wrapKey(\n this.name,\n this.version,\n {\n algorithm,\n value: keyToWrap,\n },\n updatedOptions,\n );\n\n return {\n result: result.result!,\n algorithm,\n keyID: this.getKeyID(),\n };\n },\n );\n }\n\n unwrapKey(\n algorithm: KeyWrapAlgorithm,\n encryptedKey: Uint8Array,\n options: UnwrapKeyOptions = {},\n ): Promise<UnwrapResult> {\n return tracingClient.withSpan(\n \"RemoteCryptographyProvider.unwrapKey\",\n options,\n async (updatedOptions) => {\n const result = await this.client.unwrapKey(\n this.name,\n this.version,\n {\n algorithm,\n value: encryptedKey,\n },\n updatedOptions,\n );\n\n return {\n result: result.result!,\n algorithm,\n keyID: this.getKeyID(),\n };\n },\n );\n }\n\n sign(algorithm: string, digest: Uint8Array, options: SignOptions = {}): Promise<SignResult> {\n return tracingClient.withSpan(\n \"RemoteCryptographyProvider.sign\",\n options,\n async (updatedOptions) => {\n const result = await this.client.sign(\n this.name,\n this.version,\n {\n algorithm,\n value: digest,\n },\n updatedOptions,\n );\n\n return { result: result.result!, algorithm, keyID: this.getKeyID() };\n },\n );\n }\n\n verifyData(\n algorithm: string,\n data: Uint8Array,\n signature: Uint8Array,\n options: VerifyOptions = {},\n ): Promise<VerifyResult> {\n return tracingClient.withSpan(\n \"RemoteCryptographyProvider.verifyData\",\n options,\n async (updatedOptions) => {\n const hash = await createHash(algorithm, data);\n return this.verify(algorithm, hash, signature, updatedOptions);\n },\n );\n }\n\n verify(\n algorithm: string,\n digest: Uint8Array,\n signature: Uint8Array,\n options: VerifyOptions = {},\n ): Promise<VerifyResult> {\n return tracingClient.withSpan(\n \"RemoteCryptographyProvider.verify\",\n options,\n async (updatedOptions) => {\n const response = await this.client.verify(\n this.name,\n this.version,\n {\n algorithm,\n digest,\n signature,\n },\n updatedOptions,\n );\n return {\n result: response.value ? response.value : false,\n keyID: this.getKeyID(),\n };\n },\n );\n }\n\n signData(algorithm: string, data: Uint8Array, options: SignOptions = {}): Promise<SignResult> {\n return tracingClient.withSpan(\n \"RemoteCryptographyProvider.signData\",\n options,\n async (updatedOptions) => {\n const digest = await createHash(algorithm, data);\n const result = await this.client.sign(\n this.name,\n this.version,\n {\n algorithm,\n value: digest,\n },\n updatedOptions,\n );\n return { result: result.result!, algorithm, keyID: this.getKeyID() };\n },\n );\n }\n\n /**\n * The base URL to the vault.\n */\n readonly vaultUrl: string;\n\n /**\n * The ID of the key used to perform cryptographic operations for the client.\n */\n get keyId(): string | undefined {\n return this.getKeyID();\n }\n\n /**\n * Gets the {@link KeyVaultKey} used for cryptography operations, fetching it\n * from KeyVault if necessary.\n * @param options - Additional options.\n */\n getKey(options: GetKeyOptions = {}): Promise<KeyVaultKey> {\n return tracingClient.withSpan(\n \"RemoteCryptographyProvider.getKey\",\n options,\n async (updatedOptions) => {\n if (typeof this.key === \"string\") {\n if (!this.name || this.name === \"\") {\n throw new Error(\"getKey requires a key with a name\");\n }\n const response = await this.client.getKey(\n this.name,\n options && options.version ? options.version : this.version ? this.version : \"\",\n updatedOptions,\n );\n this.key = getKeyFromKeyBundle(response);\n }\n return this.key;\n },\n );\n }\n\n /**\n * A reference to the auto-generated KeyVault HTTP client.\n */\n private client: KeyVaultClient;\n\n /**\n * A reference to the key used for the cryptographic operations.\n * Based on what was provided to the CryptographyClient constructor,\n * it can be either a string with the URL of a Key Vault Key, or an already parsed {@link KeyVaultKey}.\n */\n private key: string | KeyVaultKey;\n\n /**\n * Name of the key the client represents\n */\n private name: string;\n\n /**\n * Version of the key the client represents\n */\n private version: string;\n\n /**\n * Attempts to retrieve the ID of the key.\n */\n private getKeyID(): string | undefined {\n let kid;\n if (typeof this.key !== \"string\") {\n kid = this.key.id;\n } else {\n kid = this.key;\n }\n\n return kid;\n }\n}\n\n/**\n * A helper method to either get the passed down generated client or initialize a new one.\n * An already constructed generated client may be passed down from {@link KeyClient} in which case we should reuse it.\n *\n * @internal\n * @param credential - The credential to use when initializing a new client.\n * @param options - The options for constructing a client or the underlying client if one already exists.\n * @returns - A generated client instance\n */\nfunction getOrInitializeClient(\n vaultUrl: string,\n credential: TokenCredential,\n options: CryptographyClientOptions & { generatedClient?: KeyVaultClient },\n): KeyVaultClient {\n if (options.generatedClient) {\n return options.generatedClient;\n }\n\n const libInfo = `azsdk-js-keyvault-keys/${SDK_VERSION}`;\n\n const userAgentOptions = options.userAgentOptions;\n\n options.userAgentOptions = {\n userAgentPrefix:\n userAgentOptions && userAgentOptions.userAgentPrefix\n ? `${userAgentOptions.userAgentPrefix} ${libInfo}`\n : libInfo,\n };\n\n const internalPipelineOptions: KeyVaultClientOptionalParams = {\n ...options,\n apiVersion: options.serviceVersion || LATEST_API_VERSION,\n loggingOptions: {\n logger: logger.info,\n additionalAllowedHeaderNames: [\n \"x-ms-keyvault-region\",\n \"x-ms-keyvault-network-info\",\n \"x-ms-keyvault-service-version\",\n ],\n },\n };\n\n const client = new KeyVaultClient(vaultUrl, credential, internalPipelineOptions);\n\n client.pipeline.removePolicy({ name: bearerTokenAuthenticationPolicyName });\n client.pipeline.addPolicy(keyVaultAuthenticationPolicy(credential, options));\n // Workaround for: https://github.com/Azure/azure-sdk-for-js/issues/31843\n client.pipeline.addPolicy({\n name: \"ContentTypePolicy\",\n sendRequest(request, next) {\n const contentType = request.headers.get(\"Content-Type\") ?? \"\";\n if (contentType.startsWith(\"application/json\")) {\n request.headers.set(\"Content-Type\", \"application/json\");\n }\n return next(request);\n },\n });\n\n return client;\n}\n"]}