@azure/keyvault-keys 4.10.1 → 4.10.2-alpha.20250925.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (293) hide show
  1. package/dist/browser/api/index.d.ts.map +1 -0
  2. package/dist/browser/api/index.js.map +1 -0
  3. package/dist/browser/api/keyVaultContext.d.ts.map +1 -0
  4. package/dist/{esm/generated/src → browser}/api/keyVaultContext.js +1 -3
  5. package/dist/browser/api/keyVaultContext.js.map +1 -0
  6. package/dist/browser/api/operations.d.ts.map +1 -0
  7. package/dist/{esm/generated/src → browser}/api/operations.js +25 -75
  8. package/dist/browser/api/operations.js.map +1 -0
  9. package/dist/browser/api/options.d.ts.map +1 -0
  10. package/dist/browser/api/options.js.map +1 -0
  11. package/dist/browser/constants.js +1 -1
  12. package/dist/browser/constants.js.map +1 -1
  13. package/dist/browser/cryptography/remoteCryptographyProvider.js +2 -2
  14. package/dist/browser/cryptography/remoteCryptographyProvider.js.map +1 -1
  15. package/dist/browser/cryptographyClient.js +1 -1
  16. package/dist/browser/cryptographyClient.js.map +1 -1
  17. package/dist/browser/cryptographyClientModels.d.ts +2 -2
  18. package/dist/browser/cryptographyClientModels.d.ts.map +1 -1
  19. package/dist/browser/cryptographyClientModels.js +1 -1
  20. package/dist/browser/cryptographyClientModels.js.map +1 -1
  21. package/dist/browser/index.d.ts +2 -2
  22. package/dist/browser/index.d.ts.map +1 -1
  23. package/dist/browser/index.js +3 -3
  24. package/dist/browser/index.js.map +1 -1
  25. package/dist/browser/keyVaultClient.d.ts.map +1 -0
  26. package/dist/{esm/generated/src → browser}/keyVaultClient.js +1 -1
  27. package/dist/browser/keyVaultClient.js.map +1 -0
  28. package/dist/browser/keysModels.d.ts +2 -2
  29. package/dist/browser/keysModels.d.ts.map +1 -1
  30. package/dist/browser/keysModels.js.map +1 -1
  31. package/dist/{esm/log.d.ts → browser/logger.d.ts} +1 -1
  32. package/dist/browser/logger.d.ts.map +1 -0
  33. package/dist/browser/{log.js → logger.js} +1 -1
  34. package/dist/browser/logger.js.map +1 -0
  35. package/dist/browser/lro/delete/operation.d.ts +1 -1
  36. package/dist/browser/lro/delete/operation.d.ts.map +1 -1
  37. package/dist/browser/lro/delete/operation.js.map +1 -1
  38. package/dist/browser/lro/keyVaultKeyPoller.d.ts +1 -1
  39. package/dist/browser/lro/keyVaultKeyPoller.d.ts.map +1 -1
  40. package/dist/browser/lro/keyVaultKeyPoller.js.map +1 -1
  41. package/dist/browser/lro/recover/operation.d.ts +1 -1
  42. package/dist/browser/lro/recover/operation.d.ts.map +1 -1
  43. package/dist/browser/lro/recover/operation.js.map +1 -1
  44. package/dist/browser/models/index.d.ts.map +1 -0
  45. package/dist/browser/models/index.js.map +1 -0
  46. package/dist/browser/models/models.d.ts.map +1 -0
  47. package/dist/{esm/generated/src → browser}/models/models.js +17 -51
  48. package/dist/browser/models/models.js.map +1 -0
  49. package/dist/browser/static-helpers/pagingHelpers.d.ts.map +1 -0
  50. package/dist/{esm/generated/src → browser}/static-helpers/pagingHelpers.js +2 -4
  51. package/dist/browser/static-helpers/pagingHelpers.js.map +1 -0
  52. package/dist/browser/static-helpers/urlTemplate.d.ts.map +1 -0
  53. package/dist/{esm/generated/src → browser}/static-helpers/urlTemplate.js +1 -4
  54. package/dist/browser/static-helpers/urlTemplate.js.map +1 -0
  55. package/dist/browser/transformations.d.ts +2 -2
  56. package/dist/browser/transformations.d.ts.map +1 -1
  57. package/dist/browser/transformations.js.map +1 -1
  58. package/dist/commonjs/api/index.d.ts.map +1 -0
  59. package/dist/commonjs/api/index.js.map +1 -0
  60. package/dist/commonjs/api/keyVaultContext.d.ts.map +1 -0
  61. package/dist/commonjs/{generated/src/api → api}/keyVaultContext.js +1 -3
  62. package/dist/commonjs/api/keyVaultContext.js.map +1 -0
  63. package/dist/commonjs/api/operations.d.ts.map +1 -0
  64. package/dist/commonjs/{generated/src/api → api}/operations.js +25 -75
  65. package/dist/commonjs/api/operations.js.map +1 -0
  66. package/dist/commonjs/api/options.d.ts.map +1 -0
  67. package/dist/commonjs/api/options.js.map +1 -0
  68. package/dist/commonjs/constants.js +1 -1
  69. package/dist/commonjs/constants.js.map +1 -1
  70. package/dist/commonjs/cryptography/remoteCryptographyProvider.js +5 -5
  71. package/dist/commonjs/cryptography/remoteCryptographyProvider.js.map +1 -1
  72. package/dist/commonjs/cryptographyClient.js +2 -2
  73. package/dist/commonjs/cryptographyClient.js.map +1 -1
  74. package/dist/commonjs/cryptographyClientModels.d.ts +2 -2
  75. package/dist/commonjs/cryptographyClientModels.d.ts.map +1 -1
  76. package/dist/commonjs/cryptographyClientModels.js +6 -6
  77. package/dist/commonjs/cryptographyClientModels.js.map +1 -1
  78. package/dist/commonjs/index.d.ts +2 -2
  79. package/dist/commonjs/index.d.ts.map +1 -1
  80. package/dist/commonjs/index.js +6 -6
  81. package/dist/commonjs/index.js.map +1 -1
  82. package/dist/commonjs/keyVaultClient.d.ts.map +1 -0
  83. package/dist/commonjs/keyVaultClient.js.map +1 -0
  84. package/dist/commonjs/keysModels.d.ts +2 -2
  85. package/dist/commonjs/keysModels.d.ts.map +1 -1
  86. package/dist/commonjs/keysModels.js.map +1 -1
  87. package/dist/{browser/log.d.ts → commonjs/logger.d.ts} +1 -1
  88. package/dist/commonjs/logger.d.ts.map +1 -0
  89. package/dist/commonjs/{log.js → logger.js} +1 -1
  90. package/dist/commonjs/logger.js.map +1 -0
  91. package/dist/commonjs/lro/delete/operation.d.ts +1 -1
  92. package/dist/commonjs/lro/delete/operation.d.ts.map +1 -1
  93. package/dist/commonjs/lro/delete/operation.js.map +1 -1
  94. package/dist/commonjs/lro/keyVaultKeyPoller.d.ts +1 -1
  95. package/dist/commonjs/lro/keyVaultKeyPoller.d.ts.map +1 -1
  96. package/dist/commonjs/lro/keyVaultKeyPoller.js.map +1 -1
  97. package/dist/commonjs/lro/recover/operation.d.ts +1 -1
  98. package/dist/commonjs/lro/recover/operation.d.ts.map +1 -1
  99. package/dist/commonjs/lro/recover/operation.js.map +1 -1
  100. package/dist/commonjs/models/index.d.ts.map +1 -0
  101. package/dist/commonjs/models/index.js.map +1 -0
  102. package/dist/commonjs/models/models.d.ts.map +1 -0
  103. package/dist/commonjs/{generated/src/models → models}/models.js +17 -51
  104. package/dist/commonjs/models/models.js.map +1 -0
  105. package/dist/commonjs/static-helpers/pagingHelpers.d.ts.map +1 -0
  106. package/dist/commonjs/{generated/src/static-helpers → static-helpers}/pagingHelpers.js +1 -3
  107. package/dist/commonjs/static-helpers/pagingHelpers.js.map +1 -0
  108. package/dist/commonjs/static-helpers/urlTemplate.d.ts.map +1 -0
  109. package/dist/commonjs/{generated/src/static-helpers → static-helpers}/urlTemplate.js +1 -4
  110. package/dist/commonjs/static-helpers/urlTemplate.js.map +1 -0
  111. package/dist/commonjs/transformations.d.ts +2 -2
  112. package/dist/commonjs/transformations.d.ts.map +1 -1
  113. package/dist/commonjs/transformations.js.map +1 -1
  114. package/dist/commonjs/tsdoc-metadata.json +1 -1
  115. package/dist/esm/api/index.d.ts.map +1 -0
  116. package/dist/esm/api/index.js.map +1 -0
  117. package/dist/esm/api/keyVaultContext.d.ts.map +1 -0
  118. package/dist/{browser/generated/src → esm}/api/keyVaultContext.js +1 -3
  119. package/dist/esm/api/keyVaultContext.js.map +1 -0
  120. package/dist/esm/api/operations.d.ts.map +1 -0
  121. package/dist/{browser/generated/src → esm}/api/operations.js +25 -75
  122. package/dist/esm/api/operations.js.map +1 -0
  123. package/dist/esm/api/options.d.ts.map +1 -0
  124. package/dist/esm/api/options.js.map +1 -0
  125. package/dist/esm/constants.js +1 -1
  126. package/dist/esm/constants.js.map +1 -1
  127. package/dist/esm/cryptography/remoteCryptographyProvider.js +2 -2
  128. package/dist/esm/cryptography/remoteCryptographyProvider.js.map +1 -1
  129. package/dist/esm/cryptographyClient.js +1 -1
  130. package/dist/esm/cryptographyClient.js.map +1 -1
  131. package/dist/esm/cryptographyClientModels.d.ts +2 -2
  132. package/dist/esm/cryptographyClientModels.d.ts.map +1 -1
  133. package/dist/esm/cryptographyClientModels.js +1 -1
  134. package/dist/esm/cryptographyClientModels.js.map +1 -1
  135. package/dist/esm/index.d.ts +2 -2
  136. package/dist/esm/index.d.ts.map +1 -1
  137. package/dist/esm/index.js +3 -3
  138. package/dist/esm/index.js.map +1 -1
  139. package/dist/esm/keyVaultClient.d.ts.map +1 -0
  140. package/dist/{browser/generated/src → esm}/keyVaultClient.js +1 -1
  141. package/dist/esm/keyVaultClient.js.map +1 -0
  142. package/dist/esm/keysModels.d.ts +2 -2
  143. package/dist/esm/keysModels.d.ts.map +1 -1
  144. package/dist/esm/keysModels.js.map +1 -1
  145. package/dist/{commonjs/log.d.ts → esm/logger.d.ts} +1 -1
  146. package/dist/esm/logger.d.ts.map +1 -0
  147. package/dist/esm/{log.js → logger.js} +1 -1
  148. package/dist/esm/logger.js.map +1 -0
  149. package/dist/esm/lro/delete/operation.d.ts +1 -1
  150. package/dist/esm/lro/delete/operation.d.ts.map +1 -1
  151. package/dist/esm/lro/delete/operation.js.map +1 -1
  152. package/dist/esm/lro/keyVaultKeyPoller.d.ts +1 -1
  153. package/dist/esm/lro/keyVaultKeyPoller.d.ts.map +1 -1
  154. package/dist/esm/lro/keyVaultKeyPoller.js.map +1 -1
  155. package/dist/esm/lro/recover/operation.d.ts +1 -1
  156. package/dist/esm/lro/recover/operation.d.ts.map +1 -1
  157. package/dist/esm/lro/recover/operation.js.map +1 -1
  158. package/dist/esm/models/index.d.ts.map +1 -0
  159. package/dist/esm/models/index.js.map +1 -0
  160. package/dist/esm/models/models.d.ts.map +1 -0
  161. package/dist/{browser/generated/src → esm}/models/models.js +17 -51
  162. package/dist/esm/models/models.js.map +1 -0
  163. package/dist/esm/static-helpers/pagingHelpers.d.ts.map +1 -0
  164. package/dist/{browser/generated/src → esm}/static-helpers/pagingHelpers.js +2 -4
  165. package/dist/esm/static-helpers/pagingHelpers.js.map +1 -0
  166. package/dist/esm/static-helpers/urlTemplate.d.ts.map +1 -0
  167. package/dist/{browser/generated/src → esm}/static-helpers/urlTemplate.js +1 -4
  168. package/dist/esm/static-helpers/urlTemplate.js.map +1 -0
  169. package/dist/esm/transformations.d.ts +2 -2
  170. package/dist/esm/transformations.d.ts.map +1 -1
  171. package/dist/esm/transformations.js.map +1 -1
  172. package/package.json +8 -13
  173. package/dist/browser/generated/src/api/index.d.ts.map +0 -1
  174. package/dist/browser/generated/src/api/index.js.map +0 -1
  175. package/dist/browser/generated/src/api/keyVaultContext.d.ts.map +0 -1
  176. package/dist/browser/generated/src/api/keyVaultContext.js.map +0 -1
  177. package/dist/browser/generated/src/api/operations.d.ts.map +0 -1
  178. package/dist/browser/generated/src/api/operations.js.map +0 -1
  179. package/dist/browser/generated/src/api/options.d.ts.map +0 -1
  180. package/dist/browser/generated/src/api/options.js.map +0 -1
  181. package/dist/browser/generated/src/index.d.ts +0 -6
  182. package/dist/browser/generated/src/index.d.ts.map +0 -1
  183. package/dist/browser/generated/src/index.js +0 -5
  184. package/dist/browser/generated/src/index.js.map +0 -1
  185. package/dist/browser/generated/src/keyVaultClient.d.ts.map +0 -1
  186. package/dist/browser/generated/src/keyVaultClient.js.map +0 -1
  187. package/dist/browser/generated/src/logger.d.ts +0 -2
  188. package/dist/browser/generated/src/logger.d.ts.map +0 -1
  189. package/dist/browser/generated/src/logger.js +0 -5
  190. package/dist/browser/generated/src/logger.js.map +0 -1
  191. package/dist/browser/generated/src/models/index.d.ts.map +0 -1
  192. package/dist/browser/generated/src/models/index.js.map +0 -1
  193. package/dist/browser/generated/src/models/models.d.ts.map +0 -1
  194. package/dist/browser/generated/src/models/models.js.map +0 -1
  195. package/dist/browser/generated/src/static-helpers/pagingHelpers.d.ts.map +0 -1
  196. package/dist/browser/generated/src/static-helpers/pagingHelpers.js.map +0 -1
  197. package/dist/browser/generated/src/static-helpers/urlTemplate.d.ts.map +0 -1
  198. package/dist/browser/generated/src/static-helpers/urlTemplate.js.map +0 -1
  199. package/dist/browser/log.d.ts.map +0 -1
  200. package/dist/browser/log.js.map +0 -1
  201. package/dist/commonjs/generated/src/api/index.d.ts.map +0 -1
  202. package/dist/commonjs/generated/src/api/index.js.map +0 -1
  203. package/dist/commonjs/generated/src/api/keyVaultContext.d.ts.map +0 -1
  204. package/dist/commonjs/generated/src/api/keyVaultContext.js.map +0 -1
  205. package/dist/commonjs/generated/src/api/operations.d.ts.map +0 -1
  206. package/dist/commonjs/generated/src/api/operations.js.map +0 -1
  207. package/dist/commonjs/generated/src/api/options.d.ts.map +0 -1
  208. package/dist/commonjs/generated/src/api/options.js.map +0 -1
  209. package/dist/commonjs/generated/src/index.d.ts +0 -6
  210. package/dist/commonjs/generated/src/index.d.ts.map +0 -1
  211. package/dist/commonjs/generated/src/index.js +0 -17
  212. package/dist/commonjs/generated/src/index.js.map +0 -1
  213. package/dist/commonjs/generated/src/keyVaultClient.d.ts.map +0 -1
  214. package/dist/commonjs/generated/src/keyVaultClient.js.map +0 -1
  215. package/dist/commonjs/generated/src/logger.d.ts +0 -2
  216. package/dist/commonjs/generated/src/logger.d.ts.map +0 -1
  217. package/dist/commonjs/generated/src/logger.js +0 -8
  218. package/dist/commonjs/generated/src/logger.js.map +0 -1
  219. package/dist/commonjs/generated/src/models/index.d.ts.map +0 -1
  220. package/dist/commonjs/generated/src/models/index.js.map +0 -1
  221. package/dist/commonjs/generated/src/models/models.d.ts.map +0 -1
  222. package/dist/commonjs/generated/src/models/models.js.map +0 -1
  223. package/dist/commonjs/generated/src/static-helpers/pagingHelpers.d.ts.map +0 -1
  224. package/dist/commonjs/generated/src/static-helpers/pagingHelpers.js.map +0 -1
  225. package/dist/commonjs/generated/src/static-helpers/urlTemplate.d.ts.map +0 -1
  226. package/dist/commonjs/generated/src/static-helpers/urlTemplate.js.map +0 -1
  227. package/dist/commonjs/log.d.ts.map +0 -1
  228. package/dist/commonjs/log.js.map +0 -1
  229. package/dist/esm/generated/src/api/index.d.ts.map +0 -1
  230. package/dist/esm/generated/src/api/index.js.map +0 -1
  231. package/dist/esm/generated/src/api/keyVaultContext.d.ts.map +0 -1
  232. package/dist/esm/generated/src/api/keyVaultContext.js.map +0 -1
  233. package/dist/esm/generated/src/api/operations.d.ts.map +0 -1
  234. package/dist/esm/generated/src/api/operations.js.map +0 -1
  235. package/dist/esm/generated/src/api/options.d.ts.map +0 -1
  236. package/dist/esm/generated/src/api/options.js.map +0 -1
  237. package/dist/esm/generated/src/index.d.ts +0 -6
  238. package/dist/esm/generated/src/index.d.ts.map +0 -1
  239. package/dist/esm/generated/src/index.js +0 -5
  240. package/dist/esm/generated/src/index.js.map +0 -1
  241. package/dist/esm/generated/src/keyVaultClient.d.ts.map +0 -1
  242. package/dist/esm/generated/src/keyVaultClient.js.map +0 -1
  243. package/dist/esm/generated/src/logger.d.ts +0 -2
  244. package/dist/esm/generated/src/logger.d.ts.map +0 -1
  245. package/dist/esm/generated/src/logger.js +0 -5
  246. package/dist/esm/generated/src/logger.js.map +0 -1
  247. package/dist/esm/generated/src/models/index.d.ts.map +0 -1
  248. package/dist/esm/generated/src/models/index.js.map +0 -1
  249. package/dist/esm/generated/src/models/models.d.ts.map +0 -1
  250. package/dist/esm/generated/src/models/models.js.map +0 -1
  251. package/dist/esm/generated/src/static-helpers/pagingHelpers.d.ts.map +0 -1
  252. package/dist/esm/generated/src/static-helpers/pagingHelpers.js.map +0 -1
  253. package/dist/esm/generated/src/static-helpers/urlTemplate.d.ts.map +0 -1
  254. package/dist/esm/generated/src/static-helpers/urlTemplate.js.map +0 -1
  255. package/dist/esm/log.d.ts.map +0 -1
  256. package/dist/esm/log.js.map +0 -1
  257. /package/dist/browser/{generated/src/api → api}/index.d.ts +0 -0
  258. /package/dist/browser/{generated/src/api → api}/index.js +0 -0
  259. /package/dist/browser/{generated/src/api → api}/keyVaultContext.d.ts +0 -0
  260. /package/dist/browser/{generated/src/api → api}/operations.d.ts +0 -0
  261. /package/dist/browser/{generated/src/api → api}/options.d.ts +0 -0
  262. /package/dist/browser/{generated/src/api → api}/options.js +0 -0
  263. /package/dist/browser/{generated/src/keyVaultClient.d.ts → keyVaultClient.d.ts} +0 -0
  264. /package/dist/browser/{generated/src/models → models}/index.d.ts +0 -0
  265. /package/dist/browser/{generated/src/models → models}/index.js +0 -0
  266. /package/dist/browser/{generated/src/models → models}/models.d.ts +0 -0
  267. /package/dist/browser/{generated/src/static-helpers → static-helpers}/pagingHelpers.d.ts +0 -0
  268. /package/dist/browser/{generated/src/static-helpers → static-helpers}/urlTemplate.d.ts +0 -0
  269. /package/dist/commonjs/{generated/src/api → api}/index.d.ts +0 -0
  270. /package/dist/commonjs/{generated/src/api → api}/index.js +0 -0
  271. /package/dist/commonjs/{generated/src/api → api}/keyVaultContext.d.ts +0 -0
  272. /package/dist/commonjs/{generated/src/api → api}/operations.d.ts +0 -0
  273. /package/dist/commonjs/{generated/src/api → api}/options.d.ts +0 -0
  274. /package/dist/commonjs/{generated/src/api → api}/options.js +0 -0
  275. /package/dist/commonjs/{generated/src/keyVaultClient.d.ts → keyVaultClient.d.ts} +0 -0
  276. /package/dist/commonjs/{generated/src/keyVaultClient.js → keyVaultClient.js} +0 -0
  277. /package/dist/commonjs/{generated/src/models → models}/index.d.ts +0 -0
  278. /package/dist/commonjs/{generated/src/models → models}/index.js +0 -0
  279. /package/dist/commonjs/{generated/src/models → models}/models.d.ts +0 -0
  280. /package/dist/commonjs/{generated/src/static-helpers → static-helpers}/pagingHelpers.d.ts +0 -0
  281. /package/dist/commonjs/{generated/src/static-helpers → static-helpers}/urlTemplate.d.ts +0 -0
  282. /package/dist/esm/{generated/src/api → api}/index.d.ts +0 -0
  283. /package/dist/esm/{generated/src/api → api}/index.js +0 -0
  284. /package/dist/esm/{generated/src/api → api}/keyVaultContext.d.ts +0 -0
  285. /package/dist/esm/{generated/src/api → api}/operations.d.ts +0 -0
  286. /package/dist/esm/{generated/src/api → api}/options.d.ts +0 -0
  287. /package/dist/esm/{generated/src/api → api}/options.js +0 -0
  288. /package/dist/esm/{generated/src/keyVaultClient.d.ts → keyVaultClient.d.ts} +0 -0
  289. /package/dist/esm/{generated/src/models → models}/index.d.ts +0 -0
  290. /package/dist/esm/{generated/src/models → models}/index.js +0 -0
  291. /package/dist/esm/{generated/src/models → models}/models.d.ts +0 -0
  292. /package/dist/esm/{generated/src/static-helpers → static-helpers}/pagingHelpers.d.ts +0 -0
  293. /package/dist/esm/{generated/src/static-helpers → static-helpers}/urlTemplate.d.ts +0 -0
package/dist/commonjs/api/operations.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"operations.js","sourceRoot":"","sources":["../../../src/api/operations.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC;;AAsFlC,wDAwBC;AAED,sEAWC;AAGD,8CAQC;AAED,kDAuBC;AAED,gEAWC;AAGD,wCAOC;AAED,oEAyBC;AAED,kFAWC;AAGD,0DAQC;AAED,8DAsBC;AAED,4EAWC;AAGD,oDAOC;AAED,wDAsBC;AAED,sEAWC;AAGD,8CAOC;AAED,oDAsBC;AAED,kEASC;AAGD,0CAOC;AAED,gDAsBC;AAED,8DAWC;AAGD,sCAOC;AAED,kDAqBC;AAED,gEAWC;AAGD,wCAWC;AAED,oCA2BC;AAED,kDAWC;AAGD,0BASC;AAED,wCA2BC;AAED,sDAWC;AAGD,8BASC;AAED,oCA2BC;AAED,kDAWC;AAGD,0BASC;AAED,kCA2BC;AAED,gDASC;AAGD,wBASC;AAED,8BA2BC;AAED,4CASC;AAGD,oBASC;AAED,oCA2BC;AAED,kDAWC;AAGD,0BASC;AAED,oCA2BC;AAED,kDAWC;AAGD,0BASC;AAED,0CAuBC;AAED,wDASC;AAGD,gCAOC;AAED,wCAsBC;AAED,sDAWC;AAGD,8BAOC;AAED,oCAqBC;AAED,kDASC;AAGD,0BAWC;AAED,kDAuBC;AAED,gEAWC;AAGD,wCAYC;AAED,kCAwBC;AAED,gDASC;AAGD,wBAQC;AAED,wCA2BC;AAED,sDASC;AAGD,8BASC;AAED,wCAsBC;AAED,sDAWC;AAGD,8BAOC;AAED,wCAyBC;AAED,sDASC;AAGD,8BAQC;AAED,wCAsBC;AAED,sDASC;AAGD,8BAOC;AAED,wCAyBC;AAED,sDASC;AAGD,8BAQC;AA5yCD,mDA2C6B;AA4B7B,yEAG4C;AAC5C,qEAAqE;AACrE,yDAKiC;AAEjC,SAAgB,sBAAsB,CACpC,OAAe,EACf,OAAe,EACf,UAAkB,EAClB,UAA2C,EAAE,cAAc,EAAE,EAAE,EAAE;IAEjE,MAAM,IAAI,GAAG,IAAA,kCAAiB,EAC5B,4DAA4D,EAC5D;QACE,UAAU,EAAE,OAAO;QACnB,aAAa,EAAE,UAAU;QACzB,eAAe,EAAE,OAAO,CAAC,UAAU;KACpC,EACD;QACE,aAAa,EAAE,OAAO,EAAE,cAAc,EAAE,eAAe;KACxD,CACF,CAAC;IACF,OAAO,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC;QAC5B,GAAG,IAAA,iDAAmC,EAAC,OAAO,CAAC;QAC/C,OAAO,EAAE;YACP,MAAM,EAAE,kBAAkB;YAC1B,GAAG,OAAO,CAAC,cAAc,EAAE,OAAO;SACnC;KACF,CAAC,CAAC;AACL,CAAC;AAEM,KAAK,UAAU,6BAA6B,CACjD,MAA6B;IAE7B,MAAM,gBAAgB,GAAG,CAAC,KAAK,CAAC,CAAC;IACjC,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;QAC9C,MAAM,KAAK,GAAG,IAAA,6BAAe,EAAC,MAAM,CAAC,CAAC;QACtC,KAAK,CAAC,OAAO,GAAG,IAAA,qCAAyB,EAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACvD,MAAM,KAAK,CAAC;IACd,CAAC;IAED,OAAO,IAAA,iCAAqB,EAAC,MAAM,CAAC,IAAI,CAAC,CAAC;AAC5C,CAAC;AAED,0IAA0I;AACnI,KAAK,UAAU,iBAAiB,CACrC,OAAe,EACf,OAAe,EACf,UAAkB,EAClB,UAA2C,EAAE,cAAc,EAAE,EAAE,EAAE;IAEjE,MAAM,MAAM,GAAG,MAAM,sBAAsB,CAAC,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,OAAO,CAAC,CAAC;IACnF,OAAO,6BAA6B,CAAC,MAAM,CAAC,CAAC;AAC/C,CAAC;AAED,SAAgB,mBAAmB,CACjC,OAAe,EACf,UAAiC,EACjC,UAAwC,EAAE,cAAc,EAAE,EAAE,EAAE;IAE9D,MAAM,IAAI,GAAG,IAAA,kCAAiB,EAC5B,sBAAsB,EACtB;QACE,eAAe,EAAE,OAAO,CAAC,UAAU;KACpC,EACD;QACE,aAAa,EAAE,OAAO,EAAE,cAAc,EAAE,eAAe;KACxD,CACF,CAAC;IACF,OAAO,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC;QAC7B,GAAG,IAAA,iDAAmC,EAAC,OAAO,CAAC;QAC/C,WAAW,EAAE,kBAAkB;QAC/B,OAAO,EAAE;YACP,MAAM,EAAE,kBAAkB;YAC1B,GAAG,OAAO,CAAC,cAAc,EAAE,OAAO;SACnC;QACD,IAAI,EAAE,IAAA,2CAA+B,EAAC,UAAU,CAAC;KAClD,CAAC,CAAC;AACL,CAAC;AAEM,KAAK,UAAU,0BAA0B,CAC9C,MAA6B;IAE7B,MAAM,gBAAgB,GAAG,CAAC,KAAK,CAAC,CAAC;IACjC,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;QAC9C,MAAM,KAAK,GAAG,IAAA,6BAAe,EAAC,MAAM,CAAC,CAAC;QACtC,KAAK,CAAC,OAAO,GAAG,IAAA,qCAAyB,EAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACvD,MAAM,KAAK,CAAC;IACd,CAAC;IAED,OAAO,IAAA,mCAAuB,EAAC,MAAM,CAAC,IAAI,CAAC,CAAC;AAC9C,CAAC;AAED,qFAAqF;AAC9E,KAAK,UAAU,cAAc,CAClC,OAAe,EACf,UAAiC,EACjC,UAAwC,EAAE,cAAc,EAAE,EAAE,EAAE;IAE9D,MAAM,MAAM,GAAG,MAAM,mBAAmB,CAAC,OAAO,EAAE,UAAU,EAAE,OAAO,CAAC,CAAC;IACvE,OAAO,0BAA0B,CAAC,MAAM,CAAC,CAAC;AAC5C,CAAC;AAED,SAAgB,4BAA4B,CAC1C,OAAe,EACf,OAAe,EACf,iBAAoC,EACpC,UAAiD,EAAE,cAAc,EAAE,EAAE,EAAE;IAEvE,MAAM,IAAI,GAAG,IAAA,kCAAiB,EAC5B,iDAAiD,EACjD;QACE,UAAU,EAAE,OAAO;QACnB,eAAe,EAAE,OAAO,CAAC,UAAU;KACpC,EACD;QACE,aAAa,EAAE,OAAO,EAAE,cAAc,EAAE,eAAe;KACxD,CACF,CAAC;IACF,OAAO,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC;QAC5B,GAAG,IAAA,iDAAmC,EAAC,OAAO,CAAC;QAC/C,WAAW,EAAE,kBAAkB;QAC/B,OAAO,EAAE;YACP,MAAM,EAAE,kBAAkB;YAC1B,GAAG,OAAO,CAAC,cAAc,EAAE,OAAO;SACnC;QACD,IAAI,EAAE,IAAA,uCAA2B,EAAC,iBAAiB,CAAC;KACrD,CAAC,CAAC;AACL,CAAC;AAEM,KAAK,UAAU,mCAAmC,CACvD,MAA6B;IAE7B,MAAM,gBAAgB,GAAG,CAAC,KAAK,CAAC,CAAC;IACjC,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;QAC9C,MAAM,KAAK,GAAG,IAAA,6BAAe,EAAC,MAAM,CAAC,CAAC;QACtC,KAAK,CAAC,OAAO,GAAG,IAAA,qCAAyB,EAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACvD,MAAM,KAAK,CAAC;IACd,CAAC;IAED,OAAO,IAAA,yCAA6B,EAAC,MAAM,CAAC,IAAI,CAAC,CAAC;AACpD,CAAC;AAED,8HAA8H;AACvH,KAAK,UAAU,uBAAuB,CAC3C,OAAe,EACf,OAAe,EACf,iBAAoC,EACpC,UAAiD,EAAE,cAAc,EAAE,EAAE,EAAE;IAEvE,MAAM,MAAM,GAAG,MAAM,4BAA4B,CAAC,OAAO,EAAE,OAAO,EAAE,iBAAiB,EAAE,OAAO,CAAC,CAAC;IAChG,OAAO,mCAAmC,CAAC,MAAM,CAAC,CAAC;AACrD,CAAC;AAED,SAAgB,yBAAyB,CACvC,OAAe,EACf,OAAe,EACf,UAA8C,EAAE,cAAc,EAAE,EAAE,EAAE;IAEpE,MAAM,IAAI,GAAG,IAAA,kCAAiB,EAC5B,iDAAiD,EACjD;QACE,UAAU,EAAE,OAAO;QACnB,eAAe,EAAE,OAAO,CAAC,UAAU;KACpC,EACD;QACE,aAAa,EAAE,OAAO,EAAE,cAAc,EAAE,eAAe;KACxD,CACF,CAAC;IACF,OAAO,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC;QAC5B,GAAG,IAAA,iDAAmC,EAAC,OAAO,CAAC;QAC/C,OAAO,EAAE;YACP,MAAM,EAAE,kBAAkB;YAC1B,GAAG,OAAO,CAAC,cAAc,EAAE,OAAO;SACnC;KACF,CAAC,CAAC;AACL,CAAC;AAEM,KAAK,UAAU,gCAAgC,CACpD,MAA6B;IAE7B,MAAM,gBAAgB,GAAG,CAAC,KAAK,CAAC,CAAC;IACjC,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;QAC9C,MAAM,KAAK,GAAG,IAAA,6BAAe,EAAC,MAAM,CAAC,CAAC;QACtC,KAAK,CAAC,OAAO,GAAG,IAAA,qCAAyB,EAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACvD,MAAM,KAAK,CAAC;IACd,CAAC;IAED,OAAO,IAAA,yCAA6B,EAAC,MAAM,CAAC,IAAI,CAAC,CAAC;AACpD,CAAC;AAED,iKAAiK;AAC1J,KAAK,UAAU,oBAAoB,CACxC,OAAe,EACf,OAAe,EACf,UAA8C,EAAE,cAAc,EAAE,EAAE,EAAE;IAEpE,MAAM,MAAM,GAAG,MAAM,yBAAyB,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;IAC1E,OAAO,gCAAgC,CAAC,MAAM,CAAC,CAAC;AAClD,CAAC;AAED,SAAgB,sBAAsB,CACpC,OAAe,EACf,OAAe,EACf,UAA2C,EAAE,cAAc,EAAE,EAAE,EAAE;IAEjE,MAAM,IAAI,GAAG,IAAA,kCAAiB,EAC5B,iDAAiD,EACjD;QACE,UAAU,EAAE,OAAO;QACnB,eAAe,EAAE,OAAO,CAAC,UAAU;KACpC,EACD;QACE,aAAa,EAAE,OAAO,EAAE,cAAc,EAAE,eAAe;KACxD,CACF,CAAC;IACF,OAAO,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC;QAC7B,GAAG,IAAA,iDAAmC,EAAC,OAAO,CAAC;QAC/C,OAAO,EAAE;YACP,MAAM,EAAE,kBAAkB;YAC1B,GAAG,OAAO,CAAC,cAAc,EAAE,OAAO;SACnC;KACF,CAAC,CAAC;AACL,CAAC;AAEM,KAAK,UAAU,6BAA6B,CACjD,MAA6B;IAE7B,MAAM,gBAAgB,GAAG,CAAC,KAAK,CAAC,CAAC;IACjC,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;QAC9C,MAAM,KAAK,GAAG,IAAA,6BAAe,EAAC,MAAM,CAAC,CAAC;QACtC,KAAK,CAAC,OAAO,GAAG,IAAA,qCAAyB,EAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACvD,MAAM,KAAK,CAAC;IACd,CAAC;IAED,OAAO,IAAA,iCAAqB,EAAC,MAAM,CAAC,IAAI,CAAC,CAAC;AAC5C,CAAC;AAED,+WAA+W;AACxW,KAAK,UAAU,iBAAiB,CACrC,OAAe,EACf,OAAe,EACf,UAA2C,EAAE,cAAc,EAAE,EAAE,EAAE;IAEjE,MAAM,MAAM,GAAG,MAAM,sBAAsB,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;IACvE,OAAO,6BAA6B,CAAC,MAAM,CAAC,CAAC;AAC/C,CAAC;AAED,SAAgB,oBAAoB,CAClC,OAAe,EACf,OAAe,EACf,UAAyC,EAAE,cAAc,EAAE,EAAE,EAAE;IAE/D,MAAM,IAAI,GAAG,IAAA,kCAAiB,EAC5B,yCAAyC,EACzC;QACE,UAAU,EAAE,OAAO;QACnB,eAAe,EAAE,OAAO,CAAC,UAAU;KACpC,EACD;QACE,aAAa,EAAE,OAAO,EAAE,cAAc,EAAE,eAAe;KACxD,CACF,CAAC;IACF,OAAO,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC;QAC/B,GAAG,IAAA,iDAAmC,EAAC,OAAO,CAAC;QAC/C,OAAO,EAAE;YACP,MAAM,EAAE,kBAAkB;YAC1B,GAAG,OAAO,CAAC,cAAc,EAAE,OAAO;SACnC;KACF,CAAC,CAAC;AACL,CAAC;AAEM,KAAK,UAAU,2BAA2B,CAAC,MAA6B;IAC7E,MAAM,gBAAgB,GAAG,CAAC,KAAK,CAAC,CAAC;IACjC,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;QAC9C,MAAM,KAAK,GAAG,IAAA,6BAAe,EAAC,MAAM,CAAC,CAAC;QACtC,KAAK,CAAC,OAAO,GAAG,IAAA,qCAAyB,EAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACvD,MAAM,KAAK,CAAC;IACd,CAAC;IAED,OAAO;AACT,CAAC;AAED,+PAA+P;AACxP,KAAK,UAAU,eAAe,CACnC,OAAe,EACf,OAAe,EACf,UAAyC,EAAE,cAAc,EAAE,EAAE,EAAE;IAE/D,MAAM,MAAM,GAAG,MAAM,oBAAoB,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;IACrE,OAAO,2BAA2B,CAAC,MAAM,CAAC,CAAC;AAC7C,CAAC;AAED,SAAgB,kBAAkB,CAChC,OAAe,EACf,OAAe,EACf,UAAuC,EAAE,cAAc,EAAE,EAAE,EAAE;IAE7D,MAAM,IAAI,GAAG,IAAA,kCAAiB,EAC5B,yCAAyC,EACzC;QACE,UAAU,EAAE,OAAO;QACnB,eAAe,EAAE,OAAO,CAAC,UAAU;KACpC,EACD;QACE,aAAa,EAAE,OAAO,EAAE,cAAc,EAAE,eAAe;KACxD,CACF,CAAC;IACF,OAAO,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC;QAC5B,GAAG,IAAA,iDAAmC,EAAC,OAAO,CAAC;QAC/C,OAAO,EAAE;YACP,MAAM,EAAE,kBAAkB;YAC1B,GAAG,OAAO,CAAC,cAAc,EAAE,OAAO;SACnC;KACF,CAAC,CAAC;AACL,CAAC;AAEM,KAAK,UAAU,yBAAyB,CAC7C,MAA6B;IAE7B,MAAM,gBAAgB,GAAG,CAAC,KAAK,CAAC,CAAC;IACjC,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;QAC9C,MAAM,KAAK,GAAG,IAAA,6BAAe,EAAC,MAAM,CAAC,CAAC;QACtC,KAAK,CAAC,OAAO,GAAG,IAAA,qCAAyB,EAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACvD,MAAM,KAAK,CAAC;IACd,CAAC;IAED,OAAO,IAAA,wCAA4B,EAAC,MAAM,CAAC,IAAI,CAAC,CAAC;AACnD,CAAC;AAED,2PAA2P;AACpP,KAAK,UAAU,aAAa,CACjC,OAAe,EACf,OAAe,EACf,UAAuC,EAAE,cAAc,EAAE,EAAE,EAAE;IAE7D,MAAM,MAAM,GAAG,MAAM,kBAAkB,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;IACnE,OAAO,yBAAyB,CAAC,MAAM,CAAC,CAAC;AAC3C,CAAC;AAED,SAAgB,mBAAmB,CACjC,OAAe,EACf,UAAwC,EAAE,cAAc,EAAE,EAAE,EAAE;IAE9D,MAAM,IAAI,GAAG,IAAA,kCAAiB,EAC5B,yCAAyC,EACzC;QACE,eAAe,EAAE,OAAO,CAAC,UAAU;QACnC,UAAU,EAAE,OAAO,EAAE,UAAU;KAChC,EACD;QACE,aAAa,EAAE,OAAO,EAAE,cAAc,EAAE,eAAe;KACxD,CACF,CAAC;IACF,OAAO,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC;QAC5B,GAAG,IAAA,iDAAmC,EAAC,OAAO,CAAC;QAC/C,OAAO,EAAE;YACP,MAAM,EAAE,kBAAkB;YAC1B,GAAG,OAAO,CAAC,cAAc,EAAE,OAAO;SACnC;KACF,CAAC,CAAC;AACL,CAAC;AAEM,KAAK,UAAU,0BAA0B,CAC9C,MAA6B;IAE7B,MAAM,gBAAgB,GAAG,CAAC,KAAK,CAAC,CAAC;IACjC,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;QAC9C,MAAM,KAAK,GAAG,IAAA,6BAAe,EAAC,MAAM,CAAC,CAAC;QACtC,KAAK,CAAC,OAAO,GAAG,IAAA,qCAAyB,EAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACvD,MAAM,KAAK,CAAC;IACd,CAAC;IAED,OAAO,IAAA,6CAAiC,EAAC,MAAM,CAAC,IAAI,CAAC,CAAC;AACxD,CAAC;AAED,gbAAgb;AAChb,SAAgB,cAAc,CAC5B,OAAe,EACf,UAAwC,EAAE,cAAc,EAAE,EAAE,EAAE;IAE9D,OAAO,IAAA,0CAAuB,EAC5B,OAAO,EACP,GAAG,EAAE,CAAC,mBAAmB,CAAC,OAAO,EAAE,OAAO,CAAC,EAC3C,0BAA0B,EAC1B,CAAC,KAAK,CAAC,EACP,EAAE,QAAQ,EAAE,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,CAChD,CAAC;AACJ,CAAC;AAED,SAAgB,YAAY,CAC1B,OAAe,EACf,OAAe,EACf,UAAkB,EAClB,UAAgC,EAChC,UAAiC,EAAE,cAAc,EAAE,EAAE,EAAE;IAEvD,MAAM,IAAI,GAAG,IAAA,kCAAiB,EAC5B,wDAAwD,EACxD;QACE,UAAU,EAAE,OAAO;QACnB,aAAa,EAAE,UAAU;QACzB,eAAe,EAAE,OAAO,CAAC,UAAU;KACpC,EACD;QACE,aAAa,EAAE,OAAO,EAAE,cAAc,EAAE,eAAe;KACxD,CACF,CAAC;IACF,OAAO,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC;QAC7B,GAAG,IAAA,iDAAmC,EAAC,OAAO,CAAC;QAC/C,WAAW,EAAE,kBAAkB;QAC/B,OAAO,EAAE;YACP,MAAM,EAAE,kBAAkB;YAC1B,GAAG,OAAO,CAAC,cAAc,EAAE,OAAO;SACnC;QACD,IAAI,EAAE,IAAA,0CAA8B,EAAC,UAAU,CAAC;KACjD,CAAC,CAAC;AACL,CAAC;AAEM,KAAK,UAAU,mBAAmB,CACvC,MAA6B;IAE7B,MAAM,gBAAgB,GAAG,CAAC,KAAK,CAAC,CAAC;IACjC,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;QAC9C,MAAM,KAAK,GAAG,IAAA,6BAAe,EAAC,MAAM,CAAC,CAAC;QACtC,KAAK,CAAC,OAAO,GAAG,IAAA,qCAAyB,EAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACvD,MAAM,KAAK,CAAC;IACd,CAAC;IAED,OAAO,IAAA,wCAA4B,EAAC,MAAM,CAAC,IAAI,CAAC,CAAC;AACnD,CAAC;AAED,+JAA+J;AACxJ,KAAK,UAAU,OAAO,CAC3B,OAAe,EACf,OAAe,EACf,UAAkB,EAClB,UAAgC,EAChC,UAAiC,EAAE,cAAc,EAAE,EAAE,EAAE;IAEvD,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,UAAU,EAAE,OAAO,CAAC,CAAC;IACrF,OAAO,mBAAmB,CAAC,MAAM,CAAC,CAAC;AACrC,CAAC;AAED,SAAgB,cAAc,CAC5B,OAAe,EACf,OAAe,EACf,UAAkB,EAClB,UAAmC,EACnC,UAAmC,EAAE,cAAc,EAAE,EAAE,EAAE;IAEzD,MAAM,IAAI,GAAG,IAAA,kCAAiB,EAC5B,0DAA0D,EAC1D;QACE,UAAU,EAAE,OAAO;QACnB,aAAa,EAAE,UAAU;QACzB,eAAe,EAAE,OAAO,CAAC,UAAU;KACpC,EACD;QACE,aAAa,EAAE,OAAO,EAAE,cAAc,EAAE,eAAe;KACxD,CACF,CAAC;IACF,OAAO,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC;QAC7B,GAAG,IAAA,iDAAmC,EAAC,OAAO,CAAC;QAC/C,WAAW,EAAE,kBAAkB;QAC/B,OAAO,EAAE;YACP,MAAM,EAAE,kBAAkB;YAC1B,GAAG,OAAO,CAAC,cAAc,EAAE,OAAO;SACnC;QACD,IAAI,EAAE,IAAA,6CAAiC,EAAC,UAAU,CAAC;KACpD,CAAC,CAAC;AACL,CAAC;AAEM,KAAK,UAAU,qBAAqB,CACzC,MAA6B;IAE7B,MAAM,gBAAgB,GAAG,CAAC,KAAK,CAAC,CAAC;IACjC,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;QAC9C,MAAM,KAAK,GAAG,IAAA,6BAAe,EAAC,MAAM,CAAC,CAAC;QACtC,KAAK,CAAC,OAAO,GAAG,IAAA,qCAAyB,EAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACvD,MAAM,KAAK,CAAC;IACd,CAAC;IAED,OAAO,IAAA,0CAA8B,EAAC,MAAM,CAAC,IAAI,CAAC,CAAC;AACrD,CAAC;AAED,yVAAyV;AAClV,KAAK,UAAU,SAAS,CAC7B,OAAe,EACf,OAAe,EACf,UAAkB,EAClB,UAAmC,EACnC,UAAmC,EAAE,cAAc,EAAE,EAAE,EAAE;IAEzD,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,UAAU,EAAE,OAAO,CAAC,CAAC;IACvF,OAAO,qBAAqB,CAAC,MAAM,CAAC,CAAC;AACvC,CAAC;AAED,SAAgB,YAAY,CAC1B,OAAe,EACf,OAAe,EACf,UAAkB,EAClB,UAAmC,EACnC,UAAiC,EAAE,cAAc,EAAE,EAAE,EAAE;IAEvD,MAAM,IAAI,GAAG,IAAA,kCAAiB,EAC5B,wDAAwD,EACxD;QACE,UAAU,EAAE,OAAO;QACnB,aAAa,EAAE,UAAU;QACzB,eAAe,EAAE,OAAO,CAAC,UAAU;KACpC,EACD;QACE,aAAa,EAAE,OAAO,EAAE,cAAc,EAAE,eAAe;KACxD,CACF,CAAC;IACF,OAAO,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC;QAC7B,GAAG,IAAA,iDAAmC,EAAC,OAAO,CAAC;QAC/C,WAAW,EAAE,kBAAkB;QAC/B,OAAO,EAAE;YACP,MAAM,EAAE,kBAAkB;YAC1B,GAAG,OAAO,CAAC,cAAc,EAAE,OAAO;SACnC;QACD,IAAI,EAAE,IAAA,6CAAiC,EAAC,UAAU,CAAC;KACpD,CAAC,CAAC;AACL,CAAC;AAEM,KAAK,UAAU,mBAAmB,CACvC,MAA6B;IAE7B,MAAM,gBAAgB,GAAG,CAAC,KAAK,CAAC,CAAC;IACjC,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;QAC9C,MAAM,KAAK,GAAG,IAAA,6BAAe,EAAC,MAAM,CAAC,CAAC;QACtC,KAAK,CAAC,OAAO,GAAG,IAAA,qCAAyB,EAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACvD,MAAM,KAAK,CAAC;IACd,CAAC;IAED,OAAO,IAAA,0CAA8B,EAAC,MAAM,CAAC,IAAI,CAAC,CAAC;AACrD,CAAC;AAED,0hBAA0hB;AACnhB,KAAK,UAAU,OAAO,CAC3B,OAAe,EACf,OAAe,EACf,UAAkB,EAClB,UAAmC,EACnC,UAAiC,EAAE,cAAc,EAAE,EAAE,EAAE;IAEvD,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,UAAU,EAAE,OAAO,CAAC,CAAC;IACrF,OAAO,mBAAmB,CAAC,MAAM,CAAC,CAAC;AACrC,CAAC;AAED,SAAgB,WAAW,CACzB,OAAe,EACf,OAAe,EACf,UAAkB,EAClB,UAA+B,EAC/B,UAAgC,EAAE,cAAc,EAAE,EAAE,EAAE;IAEtD,MAAM,IAAI,GAAG,IAAA,kCAAiB,EAC5B,uDAAuD,EACvD;QACE,UAAU,EAAE,OAAO;QACnB,aAAa,EAAE,UAAU;QACzB,eAAe,EAAE,OAAO,CAAC,UAAU;KACpC,EACD;QACE,aAAa,EAAE,OAAO,EAAE,cAAc,EAAE,eAAe;KACxD,CACF,CAAC;IACF,OAAO,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC;QAC7B,GAAG,IAAA,iDAAmC,EAAC,OAAO,CAAC;QAC/C,WAAW,EAAE,kBAAkB;QAC/B,OAAO,EAAE;YACP,MAAM,EAAE,kBAAkB;YAC1B,GAAG,OAAO,CAAC,cAAc,EAAE,OAAO;SACnC;QACD,IAAI,EAAE,IAAA,yCAA6B,EAAC,UAAU,CAAC;KAChD,CAAC,CAAC;AACL,CAAC;AAEM,KAAK,UAAU,kBAAkB,CAAC,MAA6B;IACpE,MAAM,gBAAgB,GAAG,CAAC,KAAK,CAAC,CAAC;IACjC,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;QAC9C,MAAM,KAAK,GAAG,IAAA,6BAAe,EAAC,MAAM,CAAC,CAAC;QACtC,KAAK,CAAC,OAAO,GAAG,IAAA,qCAAyB,EAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACvD,MAAM,KAAK,CAAC;IACd,CAAC;IAED,OAAO,IAAA,uCAA2B,EAAC,MAAM,CAAC,IAAI,CAAC,CAAC;AAClD,CAAC;AAED,8aAA8a;AACva,KAAK,UAAU,MAAM,CAC1B,OAAe,EACf,OAAe,EACf,UAAkB,EAClB,UAA+B,EAC/B,UAAgC,EAAE,cAAc,EAAE,EAAE,EAAE;IAEtD,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,UAAU,EAAE,OAAO,CAAC,CAAC;IACpF,OAAO,kBAAkB,CAAC,MAAM,CAAC,CAAC;AACpC,CAAC;AAED,SAAgB,SAAS,CACvB,OAAe,EACf,OAAe,EACf,UAAkB,EAClB,UAA6B,EAC7B,UAA8B,EAAE,cAAc,EAAE,EAAE,EAAE;IAEpD,MAAM,IAAI,GAAG,IAAA,kCAAiB,EAC5B,qDAAqD,EACrD;QACE,UAAU,EAAE,OAAO;QACnB,aAAa,EAAE,UAAU;QACzB,eAAe,EAAE,OAAO,CAAC,UAAU;KACpC,EACD;QACE,aAAa,EAAE,OAAO,EAAE,cAAc,EAAE,eAAe;KACxD,CACF,CAAC;IACF,OAAO,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC;QAC7B,GAAG,IAAA,iDAAmC,EAAC,OAAO,CAAC;QAC/C,WAAW,EAAE,kBAAkB;QAC/B,OAAO,EAAE;YACP,MAAM,EAAE,kBAAkB;YAC1B,GAAG,OAAO,CAAC,cAAc,EAAE,OAAO;SACnC;QACD,IAAI,EAAE,IAAA,uCAA2B,EAAC,UAAU,CAAC;KAC9C,CAAC,CAAC;AACL,CAAC;AAEM,KAAK,UAAU,gBAAgB,CAAC,MAA6B;IAClE,MAAM,gBAAgB,GAAG,CAAC,KAAK,CAAC,CAAC;IACjC,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;QAC9C,MAAM,KAAK,GAAG,IAAA,6BAAe,EAAC,MAAM,CAAC,CAAC;QACtC,KAAK,CAAC,OAAO,GAAG,IAAA,qCAAyB,EAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACvD,MAAM,KAAK,CAAC;IACd,CAAC;IAED,OAAO,IAAA,0CAA8B,EAAC,MAAM,CAAC,IAAI,CAAC,CAAC;AACrD,CAAC;AAED,8MAA8M;AACvM,KAAK,UAAU,IAAI,CACxB,OAAe,EACf,OAAe,EACf,UAAkB,EAClB,UAA6B,EAC7B,UAA8B,EAAE,cAAc,EAAE,EAAE,EAAE;IAEpD,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,UAAU,EAAE,OAAO,CAAC,CAAC;IAClF,OAAO,gBAAgB,CAAC,MAAM,CAAC,CAAC;AAClC,CAAC;AAED,SAAgB,YAAY,CAC1B,OAAe,EACf,OAAe,EACf,UAAkB,EAClB,UAAmC,EACnC,UAAiC,EAAE,cAAc,EAAE,EAAE,EAAE;IAEvD,MAAM,IAAI,GAAG,IAAA,kCAAiB,EAC5B,wDAAwD,EACxD;QACE,UAAU,EAAE,OAAO;QACnB,aAAa,EAAE,UAAU;QACzB,eAAe,EAAE,OAAO,CAAC,UAAU;KACpC,EACD;QACE,aAAa,EAAE,OAAO,EAAE,cAAc,EAAE,eAAe;KACxD,CACF,CAAC;IACF,OAAO,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC;QAC7B,GAAG,IAAA,iDAAmC,EAAC,OAAO,CAAC;QAC/C,WAAW,EAAE,kBAAkB;QAC/B,OAAO,EAAE;YACP,MAAM,EAAE,kBAAkB;YAC1B,GAAG,OAAO,CAAC,cAAc,EAAE,OAAO;SACnC;QACD,IAAI,EAAE,IAAA,6CAAiC,EAAC,UAAU,CAAC;KACpD,CAAC,CAAC;AACL,CAAC;AAEM,KAAK,UAAU,mBAAmB,CACvC,MAA6B;IAE7B,MAAM,gBAAgB,GAAG,CAAC,KAAK,CAAC,CAAC;IACjC,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;QAC9C,MAAM,KAAK,GAAG,IAAA,6BAAe,EAAC,MAAM,CAAC,CAAC;QACtC,KAAK,CAAC,OAAO,GAAG,IAAA,qCAAyB,EAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACvD,MAAM,KAAK,CAAC;IACd,CAAC;IAED,OAAO,IAAA,0CAA8B,EAAC,MAAM,CAAC,IAAI,CAAC,CAAC;AACrD,CAAC;AAED,+uBAA+uB;AACxuB,KAAK,UAAU,OAAO,CAC3B,OAAe,EACf,OAAe,EACf,UAAkB,EAClB,UAAmC,EACnC,UAAiC,EAAE,cAAc,EAAE,EAAE,EAAE;IAEvD,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,UAAU,EAAE,OAAO,CAAC,CAAC;IACrF,OAAO,mBAAmB,CAAC,MAAM,CAAC,CAAC;AACrC,CAAC;AAED,SAAgB,YAAY,CAC1B,OAAe,EACf,OAAe,EACf,UAAkB,EAClB,UAAmC,EACnC,UAAiC,EAAE,cAAc,EAAE,EAAE,EAAE;IAEvD,MAAM,IAAI,GAAG,IAAA,kCAAiB,EAC5B,wDAAwD,EACxD;QACE,UAAU,EAAE,OAAO;QACnB,aAAa,EAAE,UAAU;QACzB,eAAe,EAAE,OAAO,CAAC,UAAU;KACpC,EACD;QACE,aAAa,EAAE,OAAO,EAAE,cAAc,EAAE,eAAe;KACxD,CACF,CAAC;IACF,OAAO,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC;QAC7B,GAAG,IAAA,iDAAmC,EAAC,OAAO,CAAC;QAC/C,WAAW,EAAE,kBAAkB;QAC/B,OAAO,EAAE;YACP,MAAM,EAAE,kBAAkB;YAC1B,GAAG,OAAO,CAAC,cAAc,EAAE,OAAO;SACnC;QACD,IAAI,EAAE,IAAA,6CAAiC,EAAC,UAAU,CAAC;KACpD,CAAC,CAAC;AACL,CAAC;AAEM,KAAK,UAAU,mBAAmB,CACvC,MAA6B;IAE7B,MAAM,gBAAgB,GAAG,CAAC,KAAK,CAAC,CAAC;IACjC,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;QAC9C,MAAM,KAAK,GAAG,IAAA,6BAAe,EAAC,MAAM,CAAC,CAAC;QACtC,KAAK,CAAC,OAAO,GAAG,IAAA,qCAAyB,EAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACvD,MAAM,KAAK,CAAC;IACd,CAAC;IAED,OAAO,IAAA,0CAA8B,EAAC,MAAM,CAAC,IAAI,CAAC,CAAC;AACrD,CAAC;AAED,sqBAAsqB;AAC/pB,KAAK,UAAU,OAAO,CAC3B,OAAe,EACf,OAAe,EACf,UAAkB,EAClB,UAAmC,EACnC,UAAiC,EAAE,cAAc,EAAE,EAAE,EAAE;IAEvD,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,UAAU,EAAE,OAAO,CAAC,CAAC;IACrF,OAAO,mBAAmB,CAAC,MAAM,CAAC,CAAC;AACrC,CAAC;AAED,SAAgB,eAAe,CAC7B,OAAe,EACf,UAAgC,EAChC,UAAoC,EAAE,cAAc,EAAE,EAAE,EAAE;IAE1D,MAAM,IAAI,GAAG,IAAA,kCAAiB,EAC5B,+BAA+B,EAC/B;QACE,eAAe,EAAE,OAAO,CAAC,UAAU;KACpC,EACD;QACE,aAAa,EAAE,OAAO,EAAE,cAAc,EAAE,eAAe;KACxD,CACF,CAAC;IACF,OAAO,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC;QAC7B,GAAG,IAAA,iDAAmC,EAAC,OAAO,CAAC;QAC/C,WAAW,EAAE,kBAAkB;QAC/B,OAAO,EAAE;YACP,MAAM,EAAE,kBAAkB;YAC1B,GAAG,OAAO,CAAC,cAAc,EAAE,OAAO;SACnC;QACD,IAAI,EAAE,IAAA,0CAA8B,EAAC,UAAU,CAAC;KACjD,CAAC,CAAC;AACL,CAAC;AAEM,KAAK,UAAU,sBAAsB,CAAC,MAA6B;IACxE,MAAM,gBAAgB,GAAG,CAAC,KAAK,CAAC,CAAC;IACjC,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;QAC9C,MAAM,KAAK,GAAG,IAAA,6BAAe,EAAC,MAAM,CAAC,CAAC;QACtC,KAAK,CAAC,OAAO,GAAG,IAAA,qCAAyB,EAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACvD,MAAM,KAAK,CAAC;IACd,CAAC;IAED,OAAO,IAAA,iCAAqB,EAAC,MAAM,CAAC,IAAI,CAAC,CAAC;AAC5C,CAAC;AAED,45BAA45B;AACr5B,KAAK,UAAU,UAAU,CAC9B,OAAe,EACf,UAAgC,EAChC,UAAoC,EAAE,cAAc,EAAE,EAAE,EAAE;IAE1D,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC,OAAO,EAAE,UAAU,EAAE,OAAO,CAAC,CAAC;IACnE,OAAO,sBAAsB,CAAC,MAAM,CAAC,CAAC;AACxC,CAAC;AAED,SAAgB,cAAc,CAC5B,OAAe,EACf,OAAe,EACf,UAAmC,EAAE,cAAc,EAAE,EAAE,EAAE;IAEzD,MAAM,IAAI,GAAG,IAAA,kCAAiB,EAC5B,yCAAyC,EACzC;QACE,UAAU,EAAE,OAAO;QACnB,eAAe,EAAE,OAAO,CAAC,UAAU;KACpC,EACD;QACE,aAAa,EAAE,OAAO,EAAE,cAAc,EAAE,eAAe;KACxD,CACF,CAAC;IACF,OAAO,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC;QAC7B,GAAG,IAAA,iDAAmC,EAAC,OAAO,CAAC;QAC/C,OAAO,EAAE;YACP,MAAM,EAAE,kBAAkB;YAC1B,GAAG,OAAO,CAAC,cAAc,EAAE,OAAO;SACnC;KACF,CAAC,CAAC;AACL,CAAC;AAEM,KAAK,UAAU,qBAAqB,CACzC,MAA6B;IAE7B,MAAM,gBAAgB,GAAG,CAAC,KAAK,CAAC,CAAC;IACjC,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;QAC9C,MAAM,KAAK,GAAG,IAAA,6BAAe,EAAC,MAAM,CAAC,CAAC;QACtC,KAAK,CAAC,OAAO,GAAG,IAAA,qCAAyB,EAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACvD,MAAM,KAAK,CAAC;IACd,CAAC;IAED,OAAO,IAAA,uCAA2B,EAAC,MAAM,CAAC,IAAI,CAAC,CAAC;AAClD,CAAC;AAED,o7BAAo7B;AAC76B,KAAK,UAAU,SAAS,CAC7B,OAAe,EACf,OAAe,EACf,UAAmC,EAAE,cAAc,EAAE,EAAE,EAAE;IAEzD,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;IAC/D,OAAO,qBAAqB,CAAC,MAAM,CAAC,CAAC;AACvC,CAAC;AAED,SAAgB,YAAY,CAC1B,OAAe,EACf,UAAiC,EAAE,cAAc,EAAE,EAAE,EAAE;IAEvD,MAAM,IAAI,GAAG,IAAA,kCAAiB,EAC5B,kCAAkC,EAClC;QACE,eAAe,EAAE,OAAO,CAAC,UAAU;QACnC,UAAU,EAAE,OAAO,EAAE,UAAU;KAChC,EACD;QACE,aAAa,EAAE,OAAO,EAAE,cAAc,EAAE,eAAe;KACxD,CACF,CAAC;IACF,OAAO,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC;QAC5B,GAAG,IAAA,iDAAmC,EAAC,OAAO,CAAC;QAC/C,OAAO,EAAE;YACP,MAAM,EAAE,kBAAkB;YAC1B,GAAG,OAAO,CAAC,cAAc,EAAE,OAAO;SACnC;KACF,CAAC,CAAC;AACL,CAAC;AAEM,KAAK,UAAU,mBAAmB,CAAC,MAA6B;IACrE,MAAM,gBAAgB,GAAG,CAAC,KAAK,CAAC,CAAC;IACjC,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;QAC9C,MAAM,KAAK,GAAG,IAAA,6BAAe,EAAC,MAAM,CAAC,CAAC;QACtC,KAAK,CAAC,OAAO,GAAG,IAAA,qCAAyB,EAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACvD,MAAM,KAAK,CAAC;IACd,CAAC;IAED,OAAO,IAAA,sCAA0B,EAAC,MAAM,CAAC,IAAI,CAAC,CAAC;AACjD,CAAC;AAED,wXAAwX;AACxX,SAAgB,OAAO,CACrB,OAAe,EACf,UAAiC,EAAE,cAAc,EAAE,EAAE,EAAE;IAEvD,OAAO,IAAA,0CAAuB,EAC5B,OAAO,EACP,GAAG,EAAE,CAAC,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,EACpC,mBAAmB,EACnB,CAAC,KAAK,CAAC,EACP,EAAE,QAAQ,EAAE,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,CAChD,CAAC;AACJ,CAAC;AAED,SAAgB,mBAAmB,CACjC,OAAe,EACf,OAAe,EACf,UAAwC,EAAE,cAAc,EAAE,EAAE,EAAE;IAE9D,MAAM,IAAI,GAAG,IAAA,kCAAiB,EAC5B,sDAAsD,EACtD;QACE,UAAU,EAAE,OAAO;QACnB,eAAe,EAAE,OAAO,CAAC,UAAU;QACnC,UAAU,EAAE,OAAO,EAAE,UAAU;KAChC,EACD;QACE,aAAa,EAAE,OAAO,EAAE,cAAc,EAAE,eAAe;KACxD,CACF,CAAC;IACF,OAAO,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC;QAC5B,GAAG,IAAA,iDAAmC,EAAC,OAAO,CAAC;QAC/C,OAAO,EAAE;YACP,MAAM,EAAE,kBAAkB;YAC1B,GAAG,OAAO,CAAC,cAAc,EAAE,OAAO;SACnC;KACF,CAAC,CAAC;AACL,CAAC;AAEM,KAAK,UAAU,0BAA0B,CAC9C,MAA6B;IAE7B,MAAM,gBAAgB,GAAG,CAAC,KAAK,CAAC,CAAC;IACjC,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;QAC9C,MAAM,KAAK,GAAG,IAAA,6BAAe,EAAC,MAAM,CAAC,CAAC;QACtC,KAAK,CAAC,OAAO,GAAG,IAAA,qCAAyB,EAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACvD,MAAM,KAAK,CAAC;IACd,CAAC;IAED,OAAO,IAAA,sCAA0B,EAAC,MAAM,CAAC,IAAI,CAAC,CAAC;AACjD,CAAC;AAED,oIAAoI;AACpI,SAAgB,cAAc,CAC5B,OAAe,EACf,OAAe,EACf,UAAwC,EAAE,cAAc,EAAE,EAAE,EAAE;IAE9D,OAAO,IAAA,0CAAuB,EAC5B,OAAO,EACP,GAAG,EAAE,CAAC,mBAAmB,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC,EACpD,0BAA0B,EAC1B,CAAC,KAAK,CAAC,EACP,EAAE,QAAQ,EAAE,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,CAChD,CAAC;AACJ,CAAC;AAED,SAAgB,WAAW,CACzB,OAAe,EACf,OAAe,EACf,UAAkB,EAClB,UAAgC,EAAE,cAAc,EAAE,EAAE,EAAE;IAEtD,MAAM,IAAI,GAAG,IAAA,kCAAiB,EAC5B,gDAAgD,EAChD;QACE,UAAU,EAAE,OAAO;QACnB,aAAa,EAAE,UAAU;QACzB,eAAe,EAAE,OAAO,CAAC,UAAU;KACpC,EACD;QACE,aAAa,EAAE,OAAO,EAAE,cAAc,EAAE,eAAe;KACxD,CACF,CAAC;IACF,OAAO,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC;QAC5B,GAAG,IAAA,iDAAmC,EAAC,OAAO,CAAC;QAC/C,OAAO,EAAE;YACP,MAAM,EAAE,kBAAkB;YAC1B,GAAG,OAAO,CAAC,cAAc,EAAE,OAAO;SACnC;KACF,CAAC,CAAC;AACL,CAAC;AAEM,KAAK,UAAU,kBAAkB,CAAC,MAA6B;IACpE,MAAM,gBAAgB,GAAG,CAAC,KAAK,CAAC,CAAC;IACjC,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;QAC9C,MAAM,KAAK,GAAG,IAAA,6BAAe,EAAC,MAAM,CAAC,CAAC;QACtC,KAAK,CAAC,OAAO,GAAG,IAAA,qCAAyB,EAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACvD,MAAM,KAAK,CAAC;IACd,CAAC;IAED,OAAO,IAAA,iCAAqB,EAAC,MAAM,CAAC,IAAI,CAAC,CAAC;AAC5C,CAAC;AAED,kMAAkM;AAC3L,KAAK,UAAU,MAAM,CAC1B,OAAe,EACf,OAAe,EACf,UAAkB,EAClB,UAAgC,EAAE,cAAc,EAAE,EAAE,EAAE;IAEtD,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,OAAO,CAAC,CAAC;IACxE,OAAO,kBAAkB,CAAC,MAAM,CAAC,CAAC;AACpC,CAAC;AAED,SAAgB,cAAc,CAC5B,OAAe,EACf,OAAe,EACf,UAAkB,EAClB,UAA+B,EAC/B,UAAmC,EAAE,cAAc,EAAE,EAAE,EAAE;IAEzD,MAAM,IAAI,GAAG,IAAA,kCAAiB,EAC5B,gDAAgD,EAChD;QACE,UAAU,EAAE,OAAO;QACnB,aAAa,EAAE,UAAU;QACzB,eAAe,EAAE,OAAO,CAAC,UAAU;KACpC,EACD;QACE,aAAa,EAAE,OAAO,EAAE,cAAc,EAAE,eAAe;KACxD,CACF,CAAC;IACF,OAAO,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC;QAC9B,GAAG,IAAA,iDAAmC,EAAC,OAAO,CAAC;QAC/C,WAAW,EAAE,kBAAkB;QAC/B,OAAO,EAAE;YACP,MAAM,EAAE,kBAAkB;YAC1B,GAAG,OAAO,CAAC,cAAc,EAAE,OAAO;SACnC;QACD,IAAI,EAAE,IAAA,yCAA6B,EAAC,UAAU,CAAC;KAChD,CAAC,CAAC;AACL,CAAC;AAEM,KAAK,UAAU,qBAAqB,CAAC,MAA6B;IACvE,MAAM,gBAAgB,GAAG,CAAC,KAAK,CAAC,CAAC;IACjC,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;QAC9C,MAAM,KAAK,GAAG,IAAA,6BAAe,EAAC,MAAM,CAAC,CAAC;QACtC,KAAK,CAAC,OAAO,GAAG,IAAA,qCAAyB,EAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACvD,MAAM,KAAK,CAAC;IACd,CAAC;IAED,OAAO,IAAA,iCAAqB,EAAC,MAAM,CAAC,IAAI,CAAC,CAAC;AAC5C,CAAC;AAED,+MAA+M;AACxM,KAAK,UAAU,SAAS,CAC7B,OAAe,EACf,OAAe,EACf,UAAkB,EAClB,UAA+B,EAC/B,UAAmC,EAAE,cAAc,EAAE,EAAE,EAAE;IAEzD,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,UAAU,EAAE,OAAO,CAAC,CAAC;IACvF,OAAO,qBAAqB,CAAC,MAAM,CAAC,CAAC;AACvC,CAAC;AAED,SAAgB,cAAc,CAC5B,OAAe,EACf,OAAe,EACf,UAAmC,EAAE,cAAc,EAAE,EAAE,EAAE;IAEzD,MAAM,IAAI,GAAG,IAAA,kCAAiB,EAC5B,kCAAkC,EAClC;QACE,UAAU,EAAE,OAAO;QACnB,eAAe,EAAE,OAAO,CAAC,UAAU;KACpC,EACD;QACE,aAAa,EAAE,OAAO,EAAE,cAAc,EAAE,eAAe;KACxD,CACF,CAAC;IACF,OAAO,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC;QAC/B,GAAG,IAAA,iDAAmC,EAAC,OAAO,CAAC;QAC/C,OAAO,EAAE;YACP,MAAM,EAAE,kBAAkB;YAC1B,GAAG,OAAO,CAAC,cAAc,EAAE,OAAO;SACnC;KACF,CAAC,CAAC;AACL,CAAC;AAEM,KAAK,UAAU,qBAAqB,CACzC,MAA6B;IAE7B,MAAM,gBAAgB,GAAG,CAAC,KAAK,CAAC,CAAC;IACjC,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;QAC9C,MAAM,KAAK,GAAG,IAAA,6BAAe,EAAC,MAAM,CAAC,CAAC;QACtC,KAAK,CAAC,OAAO,GAAG,IAAA,qCAAyB,EAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACvD,MAAM,KAAK,CAAC;IACd,CAAC;IAED,OAAO,IAAA,wCAA4B,EAAC,MAAM,CAAC,IAAI,CAAC,CAAC;AACnD,CAAC;AAED,mTAAmT;AAC5S,KAAK,UAAU,SAAS,CAC7B,OAAe,EACf,OAAe,EACf,UAAmC,EAAE,cAAc,EAAE,EAAE,EAAE;IAEzD,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;IAC/D,OAAO,qBAAqB,CAAC,MAAM,CAAC,CAAC;AACvC,CAAC;AAED,SAAgB,cAAc,CAC5B,OAAe,EACf,OAAe,EACf,UAA+B,EAC/B,UAAmC,EAAE,cAAc,EAAE,EAAE,EAAE;IAEzD,MAAM,IAAI,GAAG,IAAA,kCAAiB,EAC5B,kCAAkC,EAClC;QACE,UAAU,EAAE,OAAO;QACnB,eAAe,EAAE,OAAO,CAAC,UAAU;KACpC,EACD;QACE,aAAa,EAAE,OAAO,EAAE,cAAc,EAAE,eAAe;KACxD,CACF,CAAC;IACF,OAAO,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC;QAC5B,GAAG,IAAA,iDAAmC,EAAC,OAAO,CAAC;QAC/C,WAAW,EAAE,kBAAkB;QAC/B,OAAO,EAAE;YACP,MAAM,EAAE,kBAAkB;YAC1B,GAAG,OAAO,CAAC,cAAc,EAAE,OAAO;SACnC;QACD,IAAI,EAAE,IAAA,yCAA6B,EAAC,UAAU,CAAC;KAChD,CAAC,CAAC;AACL,CAAC;AAEM,KAAK,UAAU,qBAAqB,CAAC,MAA6B;IACvE,MAAM,gBAAgB,GAAG,CAAC,KAAK,CAAC,CAAC;IACjC,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;QAC9C,MAAM,KAAK,GAAG,IAAA,6BAAe,EAAC,MAAM,CAAC,CAAC;QACtC,KAAK,CAAC,OAAO,GAAG,IAAA,qCAAyB,EAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACvD,MAAM,KAAK,CAAC;IACd,CAAC;IAED,OAAO,IAAA,iCAAqB,EAAC,MAAM,CAAC,IAAI,CAAC,CAAC;AAC5C,CAAC;AAED,kOAAkO;AAC3N,KAAK,UAAU,SAAS,CAC7B,OAAe,EACf,OAAe,EACf,UAA+B,EAC/B,UAAmC,EAAE,cAAc,EAAE,EAAE,EAAE;IAEzD,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,OAAO,CAAC,CAAC;IAC3E,OAAO,qBAAqB,CAAC,MAAM,CAAC,CAAC;AACvC,CAAC;AAED,SAAgB,cAAc,CAC5B,OAAe,EACf,OAAe,EACf,UAAmC,EAAE,cAAc,EAAE,EAAE,EAAE;IAEzD,MAAM,IAAI,GAAG,IAAA,kCAAiB,EAC5B,yCAAyC,EACzC;QACE,UAAU,EAAE,OAAO;QACnB,eAAe,EAAE,OAAO,CAAC,UAAU;KACpC,EACD;QACE,aAAa,EAAE,OAAO,EAAE,cAAc,EAAE,eAAe;KACxD,CACF,CAAC;IACF,OAAO,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC;QAC7B,GAAG,IAAA,iDAAmC,EAAC,OAAO,CAAC;QAC/C,OAAO,EAAE;YACP,MAAM,EAAE,kBAAkB;YAC1B,GAAG,OAAO,CAAC,cAAc,EAAE,OAAO;SACnC;KACF,CAAC,CAAC;AACL,CAAC;AAEM,KAAK,UAAU,qBAAqB,CAAC,MAA6B;IACvE,MAAM,gBAAgB,GAAG,CAAC,KAAK,CAAC,CAAC;IACjC,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;QAC9C,MAAM,KAAK,GAAG,IAAA,6BAAe,EAAC,MAAM,CAAC,CAAC;QACtC,KAAK,CAAC,OAAO,GAAG,IAAA,qCAAyB,EAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACvD,MAAM,KAAK,CAAC;IACd,CAAC;IAED,OAAO,IAAA,iCAAqB,EAAC,MAAM,CAAC,IAAI,CAAC,CAAC;AAC5C,CAAC;AAED,yGAAyG;AAClG,KAAK,UAAU,SAAS,CAC7B,OAAe,EACf,OAAe,EACf,UAAmC,EAAE,cAAc,EAAE,EAAE,EAAE;IAEzD,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;IAC/D,OAAO,qBAAqB,CAAC,MAAM,CAAC,CAAC;AACvC,CAAC;AAED,SAAgB,cAAc,CAC5B,OAAe,EACf,OAAe,EACf,UAA+B,EAC/B,UAAmC,EAAE,cAAc,EAAE,EAAE,EAAE;IAEzD,MAAM,IAAI,GAAG,IAAA,kCAAiB,EAC5B,yCAAyC,EACzC;QACE,UAAU,EAAE,OAAO;QACnB,eAAe,EAAE,OAAO,CAAC,UAAU;KACpC,EACD;QACE,aAAa,EAAE,OAAO,EAAE,cAAc,EAAE,eAAe;KACxD,CACF,CAAC;IACF,OAAO,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC;QAC7B,GAAG,IAAA,iDAAmC,EAAC,OAAO,CAAC;QAC/C,WAAW,EAAE,kBAAkB;QAC/B,OAAO,EAAE;YACP,MAAM,EAAE,kBAAkB;YAC1B,GAAG,OAAO,CAAC,cAAc,EAAE,OAAO;SACnC;QACD,IAAI,EAAE,IAAA,yCAA6B,EAAC,UAAU,CAAC;KAChD,CAAC,CAAC;AACL,CAAC;AAEM,KAAK,UAAU,qBAAqB,CAAC,MAA6B;IACvE,MAAM,gBAAgB,GAAG,CAAC,KAAK,CAAC,CAAC;IACjC,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;QAC9C,MAAM,KAAK,GAAG,IAAA,6BAAe,EAAC,MAAM,CAAC,CAAC;QACtC,KAAK,CAAC,OAAO,GAAG,IAAA,qCAAyB,EAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACvD,MAAM,KAAK,CAAC;IACd,CAAC;IAED,OAAO,IAAA,iCAAqB,EAAC,MAAM,CAAC,IAAI,CAAC,CAAC;AAC5C,CAAC;AAED,iNAAiN;AAC1M,KAAK,UAAU,SAAS,CAC7B,OAAe,EACf,OAAe,EACf,UAA+B,EAC/B,UAAmC,EAAE,cAAc,EAAE,EAAE,EAAE;IAEzD,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,OAAO,CAAC,CAAC;IAC3E,OAAO,qBAAqB,CAAC,MAAM,CAAC,CAAC;AACvC,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport { KeyVaultContext as Client } from \"./index.js\";\nimport {\n KeyCreateParameters,\n keyCreateParametersSerializer,\n KeyBundle,\n keyBundleDeserializer,\n keyVaultErrorDeserializer,\n KeyImportParameters,\n keyImportParametersSerializer,\n DeletedKeyBundle,\n deletedKeyBundleDeserializer,\n KeyUpdateParameters,\n keyUpdateParametersSerializer,\n _KeyListResult,\n _keyListResultDeserializer,\n KeyItem,\n BackupKeyResult,\n backupKeyResultDeserializer,\n KeyRestoreParameters,\n keyRestoreParametersSerializer,\n KeyOperationsParameters,\n keyOperationsParametersSerializer,\n KeyOperationResult,\n keyOperationResultDeserializer,\n KeySignParameters,\n keySignParametersSerializer,\n KeyVerifyParameters,\n keyVerifyParametersSerializer,\n KeyVerifyResult,\n keyVerifyResultDeserializer,\n KeyReleaseParameters,\n keyReleaseParametersSerializer,\n KeyReleaseResult,\n keyReleaseResultDeserializer,\n _DeletedKeyListResult,\n _deletedKeyListResultDeserializer,\n DeletedKeyItem,\n KeyRotationPolicy,\n keyRotationPolicySerializer,\n keyRotationPolicyDeserializer,\n GetRandomBytesRequest,\n getRandomBytesRequestSerializer,\n RandomBytes,\n randomBytesDeserializer,\n} from \"../models/models.js\";\nimport {\n GetKeyAttestationOptionalParams,\n GetRandomBytesOptionalParams,\n UpdateKeyRotationPolicyOptionalParams,\n GetKeyRotationPolicyOptionalParams,\n RecoverDeletedKeyOptionalParams,\n PurgeDeletedKeyOptionalParams,\n GetDeletedKeyOptionalParams,\n GetDeletedKeysOptionalParams,\n ReleaseOptionalParams,\n UnwrapKeyOptionalParams,\n WrapKeyOptionalParams,\n VerifyOptionalParams,\n SignOptionalParams,\n DecryptOptionalParams,\n EncryptOptionalParams,\n RestoreKeyOptionalParams,\n BackupKeyOptionalParams,\n GetKeysOptionalParams,\n GetKeyVersionsOptionalParams,\n GetKeyOptionalParams,\n UpdateKeyOptionalParams,\n DeleteKeyOptionalParams,\n ImportKeyOptionalParams,\n RotateKeyOptionalParams,\n CreateKeyOptionalParams,\n} from \"./options.js\";\nimport {\n PagedAsyncIterableIterator,\n buildPagedAsyncIterator,\n} from \"../static-helpers/pagingHelpers.js\";\nimport { expandUrlTemplate } from \"../static-helpers/urlTemplate.js\";\nimport {\n StreamableMethod,\n PathUncheckedResponse,\n createRestError,\n operationOptionsToRequestParameters,\n} from \"@azure-rest/core-client\";\n\nexport function _getKeyAttestationSend(\n context: Client,\n keyName: string,\n keyVersion: string,\n options: GetKeyAttestationOptionalParams = { requestOptions: {} },\n): StreamableMethod {\n const path = expandUrlTemplate(\n \"/keys/{key-name}/{key-version}/attestation{?api%2Dversion}\",\n {\n \"key-name\": keyName,\n \"key-version\": keyVersion,\n \"api%2Dversion\": context.apiVersion,\n },\n {\n allowReserved: options?.requestOptions?.skipUrlEncoding,\n },\n );\n return context.path(path).get({\n ...operationOptionsToRequestParameters(options),\n headers: {\n accept: \"application/json\",\n ...options.requestOptions?.headers,\n },\n });\n}\n\nexport async function _getKeyAttestationDeserialize(\n result: PathUncheckedResponse,\n): Promise<KeyBundle> {\n const expectedStatuses = [\"200\"];\n if (!expectedStatuses.includes(result.status)) {\n const error = createRestError(result);\n error.details = keyVaultErrorDeserializer(result.body);\n throw error;\n }\n\n return keyBundleDeserializer(result.body);\n}\n\n/** The get key attestation operation returns the key along with its attestation blob. This operation requires the keys/get permission. */\nexport async function getKeyAttestation(\n context: Client,\n keyName: string,\n keyVersion: string,\n options: GetKeyAttestationOptionalParams = { requestOptions: {} },\n): Promise<KeyBundle> {\n const result = await _getKeyAttestationSend(context, keyName, keyVersion, options);\n return _getKeyAttestationDeserialize(result);\n}\n\nexport function _getRandomBytesSend(\n context: Client,\n parameters: GetRandomBytesRequest,\n options: GetRandomBytesOptionalParams = { requestOptions: {} },\n): StreamableMethod {\n const path = expandUrlTemplate(\n \"/rng{?api%2Dversion}\",\n {\n \"api%2Dversion\": context.apiVersion,\n },\n {\n allowReserved: options?.requestOptions?.skipUrlEncoding,\n },\n );\n return context.path(path).post({\n ...operationOptionsToRequestParameters(options),\n contentType: \"application/json\",\n headers: {\n accept: \"application/json\",\n ...options.requestOptions?.headers,\n },\n body: getRandomBytesRequestSerializer(parameters),\n });\n}\n\nexport async function _getRandomBytesDeserialize(\n result: PathUncheckedResponse,\n): Promise<RandomBytes> {\n const expectedStatuses = [\"200\"];\n if (!expectedStatuses.includes(result.status)) {\n const error = createRestError(result);\n error.details = keyVaultErrorDeserializer(result.body);\n throw error;\n }\n\n return randomBytesDeserializer(result.body);\n}\n\n/** Get the requested number of bytes containing random values from a managed HSM. */\nexport async function getRandomBytes(\n context: Client,\n parameters: GetRandomBytesRequest,\n options: GetRandomBytesOptionalParams = { requestOptions: {} },\n): Promise<RandomBytes> {\n const result = await _getRandomBytesSend(context, parameters, options);\n return _getRandomBytesDeserialize(result);\n}\n\nexport function _updateKeyRotationPolicySend(\n context: Client,\n keyName: string,\n keyRotationPolicy: KeyRotationPolicy,\n options: UpdateKeyRotationPolicyOptionalParams = { requestOptions: {} },\n): StreamableMethod {\n const path = expandUrlTemplate(\n \"/keys/{key-name}/rotationpolicy{?api%2Dversion}\",\n {\n \"key-name\": keyName,\n \"api%2Dversion\": context.apiVersion,\n },\n {\n allowReserved: options?.requestOptions?.skipUrlEncoding,\n },\n );\n return context.path(path).put({\n ...operationOptionsToRequestParameters(options),\n contentType: \"application/json\",\n headers: {\n accept: \"application/json\",\n ...options.requestOptions?.headers,\n },\n body: keyRotationPolicySerializer(keyRotationPolicy),\n });\n}\n\nexport async function _updateKeyRotationPolicyDeserialize(\n result: PathUncheckedResponse,\n): Promise<KeyRotationPolicy> {\n const expectedStatuses = [\"200\"];\n if (!expectedStatuses.includes(result.status)) {\n const error = createRestError(result);\n error.details = keyVaultErrorDeserializer(result.body);\n throw error;\n }\n\n return keyRotationPolicyDeserializer(result.body);\n}\n\n/** Set specified members in the key policy. Leave others as undefined. This operation requires the keys/update permission. */\nexport async function updateKeyRotationPolicy(\n context: Client,\n keyName: string,\n keyRotationPolicy: KeyRotationPolicy,\n options: UpdateKeyRotationPolicyOptionalParams = { requestOptions: {} },\n): Promise<KeyRotationPolicy> {\n const result = await _updateKeyRotationPolicySend(context, keyName, keyRotationPolicy, options);\n return _updateKeyRotationPolicyDeserialize(result);\n}\n\nexport function _getKeyRotationPolicySend(\n context: Client,\n keyName: string,\n options: GetKeyRotationPolicyOptionalParams = { requestOptions: {} },\n): StreamableMethod {\n const path = expandUrlTemplate(\n \"/keys/{key-name}/rotationpolicy{?api%2Dversion}\",\n {\n \"key-name\": keyName,\n \"api%2Dversion\": context.apiVersion,\n },\n {\n allowReserved: options?.requestOptions?.skipUrlEncoding,\n },\n );\n return context.path(path).get({\n ...operationOptionsToRequestParameters(options),\n headers: {\n accept: \"application/json\",\n ...options.requestOptions?.headers,\n },\n });\n}\n\nexport async function _getKeyRotationPolicyDeserialize(\n result: PathUncheckedResponse,\n): Promise<KeyRotationPolicy> {\n const expectedStatuses = [\"200\"];\n if (!expectedStatuses.includes(result.status)) {\n const error = createRestError(result);\n error.details = keyVaultErrorDeserializer(result.body);\n throw error;\n }\n\n return keyRotationPolicyDeserializer(result.body);\n}\n\n/** The GetKeyRotationPolicy operation returns the specified key policy resources in the specified key vault. This operation requires the keys/get permission. */\nexport async function getKeyRotationPolicy(\n context: Client,\n keyName: string,\n options: GetKeyRotationPolicyOptionalParams = { requestOptions: {} },\n): Promise<KeyRotationPolicy> {\n const result = await _getKeyRotationPolicySend(context, keyName, options);\n return _getKeyRotationPolicyDeserialize(result);\n}\n\nexport function _recoverDeletedKeySend(\n context: Client,\n keyName: string,\n options: RecoverDeletedKeyOptionalParams = { requestOptions: {} },\n): StreamableMethod {\n const path = expandUrlTemplate(\n \"/deletedkeys/{key-name}/recover{?api%2Dversion}\",\n {\n \"key-name\": keyName,\n \"api%2Dversion\": context.apiVersion,\n },\n {\n allowReserved: options?.requestOptions?.skipUrlEncoding,\n },\n );\n return context.path(path).post({\n ...operationOptionsToRequestParameters(options),\n headers: {\n accept: \"application/json\",\n ...options.requestOptions?.headers,\n },\n });\n}\n\nexport async function _recoverDeletedKeyDeserialize(\n result: PathUncheckedResponse,\n): Promise<KeyBundle> {\n const expectedStatuses = [\"200\"];\n if (!expectedStatuses.includes(result.status)) {\n const error = createRestError(result);\n error.details = keyVaultErrorDeserializer(result.body);\n throw error;\n }\n\n return keyBundleDeserializer(result.body);\n}\n\n/** The Recover Deleted Key operation is applicable for deleted keys in soft-delete enabled vaults. It recovers the deleted key back to its latest version under /keys. An attempt to recover an non-deleted key will return an error. Consider this the inverse of the delete operation on soft-delete enabled vaults. This operation requires the keys/recover permission. */\nexport async function recoverDeletedKey(\n context: Client,\n keyName: string,\n options: RecoverDeletedKeyOptionalParams = { requestOptions: {} },\n): Promise<KeyBundle> {\n const result = await _recoverDeletedKeySend(context, keyName, options);\n return _recoverDeletedKeyDeserialize(result);\n}\n\nexport function _purgeDeletedKeySend(\n context: Client,\n keyName: string,\n options: PurgeDeletedKeyOptionalParams = { requestOptions: {} },\n): StreamableMethod {\n const path = expandUrlTemplate(\n \"/deletedkeys/{key-name}{?api%2Dversion}\",\n {\n \"key-name\": keyName,\n \"api%2Dversion\": context.apiVersion,\n },\n {\n allowReserved: options?.requestOptions?.skipUrlEncoding,\n },\n );\n return context.path(path).delete({\n ...operationOptionsToRequestParameters(options),\n headers: {\n accept: \"application/json\",\n ...options.requestOptions?.headers,\n },\n });\n}\n\nexport async function _purgeDeletedKeyDeserialize(result: PathUncheckedResponse): Promise<void> {\n const expectedStatuses = [\"204\"];\n if (!expectedStatuses.includes(result.status)) {\n const error = createRestError(result);\n error.details = keyVaultErrorDeserializer(result.body);\n throw error;\n }\n\n return;\n}\n\n/** The Purge Deleted Key operation is applicable for soft-delete enabled vaults. While the operation can be invoked on any vault, it will return an error if invoked on a non soft-delete enabled vault. This operation requires the keys/purge permission. */\nexport async function purgeDeletedKey(\n context: Client,\n keyName: string,\n options: PurgeDeletedKeyOptionalParams = { requestOptions: {} },\n): Promise<void> {\n const result = await _purgeDeletedKeySend(context, keyName, options);\n return _purgeDeletedKeyDeserialize(result);\n}\n\nexport function _getDeletedKeySend(\n context: Client,\n keyName: string,\n options: GetDeletedKeyOptionalParams = { requestOptions: {} },\n): StreamableMethod {\n const path = expandUrlTemplate(\n \"/deletedkeys/{key-name}{?api%2Dversion}\",\n {\n \"key-name\": keyName,\n \"api%2Dversion\": context.apiVersion,\n },\n {\n allowReserved: options?.requestOptions?.skipUrlEncoding,\n },\n );\n return context.path(path).get({\n ...operationOptionsToRequestParameters(options),\n headers: {\n accept: \"application/json\",\n ...options.requestOptions?.headers,\n },\n });\n}\n\nexport async function _getDeletedKeyDeserialize(\n result: PathUncheckedResponse,\n): Promise<DeletedKeyBundle> {\n const expectedStatuses = [\"200\"];\n if (!expectedStatuses.includes(result.status)) {\n const error = createRestError(result);\n error.details = keyVaultErrorDeserializer(result.body);\n throw error;\n }\n\n return deletedKeyBundleDeserializer(result.body);\n}\n\n/** The Get Deleted Key operation is applicable for soft-delete enabled vaults. While the operation can be invoked on any vault, it will return an error if invoked on a non soft-delete enabled vault. This operation requires the keys/get permission. */\nexport async function getDeletedKey(\n context: Client,\n keyName: string,\n options: GetDeletedKeyOptionalParams = { requestOptions: {} },\n): Promise<DeletedKeyBundle> {\n const result = await _getDeletedKeySend(context, keyName, options);\n return _getDeletedKeyDeserialize(result);\n}\n\nexport function _getDeletedKeysSend(\n context: Client,\n options: GetDeletedKeysOptionalParams = { requestOptions: {} },\n): StreamableMethod {\n const path = expandUrlTemplate(\n \"/deletedkeys{?api%2Dversion,maxresults}\",\n {\n \"api%2Dversion\": context.apiVersion,\n maxresults: options?.maxresults,\n },\n {\n allowReserved: options?.requestOptions?.skipUrlEncoding,\n },\n );\n return context.path(path).get({\n ...operationOptionsToRequestParameters(options),\n headers: {\n accept: \"application/json\",\n ...options.requestOptions?.headers,\n },\n });\n}\n\nexport async function _getDeletedKeysDeserialize(\n result: PathUncheckedResponse,\n): Promise<_DeletedKeyListResult> {\n const expectedStatuses = [\"200\"];\n if (!expectedStatuses.includes(result.status)) {\n const error = createRestError(result);\n error.details = keyVaultErrorDeserializer(result.body);\n throw error;\n }\n\n return _deletedKeyListResultDeserializer(result.body);\n}\n\n/** Retrieves a list of the keys in the Key Vault as JSON Web Key structures that contain the public part of a deleted key. This operation includes deletion-specific information. The Get Deleted Keys operation is applicable for vaults enabled for soft-delete. While the operation can be invoked on any vault, it will return an error if invoked on a non soft-delete enabled vault. This operation requires the keys/list permission. */\nexport function getDeletedKeys(\n context: Client,\n options: GetDeletedKeysOptionalParams = { requestOptions: {} },\n): PagedAsyncIterableIterator<DeletedKeyItem> {\n return buildPagedAsyncIterator(\n context,\n () => _getDeletedKeysSend(context, options),\n _getDeletedKeysDeserialize,\n [\"200\"],\n { itemName: \"value\", nextLinkName: \"nextLink\" },\n );\n}\n\nexport function _releaseSend(\n context: Client,\n keyName: string,\n keyVersion: string,\n parameters: KeyReleaseParameters,\n options: ReleaseOptionalParams = { requestOptions: {} },\n): StreamableMethod {\n const path = expandUrlTemplate(\n \"/keys/{key-name}/{key-version}/release{?api%2Dversion}\",\n {\n \"key-name\": keyName,\n \"key-version\": keyVersion,\n \"api%2Dversion\": context.apiVersion,\n },\n {\n allowReserved: options?.requestOptions?.skipUrlEncoding,\n },\n );\n return context.path(path).post({\n ...operationOptionsToRequestParameters(options),\n contentType: \"application/json\",\n headers: {\n accept: \"application/json\",\n ...options.requestOptions?.headers,\n },\n body: keyReleaseParametersSerializer(parameters),\n });\n}\n\nexport async function _releaseDeserialize(\n result: PathUncheckedResponse,\n): Promise<KeyReleaseResult> {\n const expectedStatuses = [\"200\"];\n if (!expectedStatuses.includes(result.status)) {\n const error = createRestError(result);\n error.details = keyVaultErrorDeserializer(result.body);\n throw error;\n }\n\n return keyReleaseResultDeserializer(result.body);\n}\n\n/** The release key operation is applicable to all key types. The target key must be marked exportable. This operation requires the keys/release permission. */\nexport async function release(\n context: Client,\n keyName: string,\n keyVersion: string,\n parameters: KeyReleaseParameters,\n options: ReleaseOptionalParams = { requestOptions: {} },\n): Promise<KeyReleaseResult> {\n const result = await _releaseSend(context, keyName, keyVersion, parameters, options);\n return _releaseDeserialize(result);\n}\n\nexport function _unwrapKeySend(\n context: Client,\n keyName: string,\n keyVersion: string,\n parameters: KeyOperationsParameters,\n options: UnwrapKeyOptionalParams = { requestOptions: {} },\n): StreamableMethod {\n const path = expandUrlTemplate(\n \"/keys/{key-name}/{key-version}/unwrapkey{?api%2Dversion}\",\n {\n \"key-name\": keyName,\n \"key-version\": keyVersion,\n \"api%2Dversion\": context.apiVersion,\n },\n {\n allowReserved: options?.requestOptions?.skipUrlEncoding,\n },\n );\n return context.path(path).post({\n ...operationOptionsToRequestParameters(options),\n contentType: \"application/json\",\n headers: {\n accept: \"application/json\",\n ...options.requestOptions?.headers,\n },\n body: keyOperationsParametersSerializer(parameters),\n });\n}\n\nexport async function _unwrapKeyDeserialize(\n result: PathUncheckedResponse,\n): Promise<KeyOperationResult> {\n const expectedStatuses = [\"200\"];\n if (!expectedStatuses.includes(result.status)) {\n const error = createRestError(result);\n error.details = keyVaultErrorDeserializer(result.body);\n throw error;\n }\n\n return keyOperationResultDeserializer(result.body);\n}\n\n/** The UNWRAP operation supports decryption of a symmetric key using the target key encryption key. This operation is the reverse of the WRAP operation. The UNWRAP operation applies to asymmetric and symmetric keys stored in Azure Key Vault since it uses the private portion of the key. This operation requires the keys/unwrapKey permission. */\nexport async function unwrapKey(\n context: Client,\n keyName: string,\n keyVersion: string,\n parameters: KeyOperationsParameters,\n options: UnwrapKeyOptionalParams = { requestOptions: {} },\n): Promise<KeyOperationResult> {\n const result = await _unwrapKeySend(context, keyName, keyVersion, parameters, options);\n return _unwrapKeyDeserialize(result);\n}\n\nexport function _wrapKeySend(\n context: Client,\n keyName: string,\n keyVersion: string,\n parameters: KeyOperationsParameters,\n options: WrapKeyOptionalParams = { requestOptions: {} },\n): StreamableMethod {\n const path = expandUrlTemplate(\n \"/keys/{key-name}/{key-version}/wrapkey{?api%2Dversion}\",\n {\n \"key-name\": keyName,\n \"key-version\": keyVersion,\n \"api%2Dversion\": context.apiVersion,\n },\n {\n allowReserved: options?.requestOptions?.skipUrlEncoding,\n },\n );\n return context.path(path).post({\n ...operationOptionsToRequestParameters(options),\n contentType: \"application/json\",\n headers: {\n accept: \"application/json\",\n ...options.requestOptions?.headers,\n },\n body: keyOperationsParametersSerializer(parameters),\n });\n}\n\nexport async function _wrapKeyDeserialize(\n result: PathUncheckedResponse,\n): Promise<KeyOperationResult> {\n const expectedStatuses = [\"200\"];\n if (!expectedStatuses.includes(result.status)) {\n const error = createRestError(result);\n error.details = keyVaultErrorDeserializer(result.body);\n throw error;\n }\n\n return keyOperationResultDeserializer(result.body);\n}\n\n/** The WRAP operation supports encryption of a symmetric key using a key encryption key that has previously been stored in an Azure Key Vault. The WRAP operation is only strictly necessary for symmetric keys stored in Azure Key Vault since protection with an asymmetric key can be performed using the public portion of the key. This operation is supported for asymmetric keys as a convenience for callers that have a key-reference but do not have access to the public key material. This operation requires the keys/wrapKey permission. */\nexport async function wrapKey(\n context: Client,\n keyName: string,\n keyVersion: string,\n parameters: KeyOperationsParameters,\n options: WrapKeyOptionalParams = { requestOptions: {} },\n): Promise<KeyOperationResult> {\n const result = await _wrapKeySend(context, keyName, keyVersion, parameters, options);\n return _wrapKeyDeserialize(result);\n}\n\nexport function _verifySend(\n context: Client,\n keyName: string,\n keyVersion: string,\n parameters: KeyVerifyParameters,\n options: VerifyOptionalParams = { requestOptions: {} },\n): StreamableMethod {\n const path = expandUrlTemplate(\n \"/keys/{key-name}/{key-version}/verify{?api%2Dversion}\",\n {\n \"key-name\": keyName,\n \"key-version\": keyVersion,\n \"api%2Dversion\": context.apiVersion,\n },\n {\n allowReserved: options?.requestOptions?.skipUrlEncoding,\n },\n );\n return context.path(path).post({\n ...operationOptionsToRequestParameters(options),\n contentType: \"application/json\",\n headers: {\n accept: \"application/json\",\n ...options.requestOptions?.headers,\n },\n body: keyVerifyParametersSerializer(parameters),\n });\n}\n\nexport async function _verifyDeserialize(result: PathUncheckedResponse): Promise<KeyVerifyResult> {\n const expectedStatuses = [\"200\"];\n if (!expectedStatuses.includes(result.status)) {\n const error = createRestError(result);\n error.details = keyVaultErrorDeserializer(result.body);\n throw error;\n }\n\n return keyVerifyResultDeserializer(result.body);\n}\n\n/** The VERIFY operation is applicable to symmetric keys stored in Azure Key Vault. VERIFY is not strictly necessary for asymmetric keys stored in Azure Key Vault since signature verification can be performed using the public portion of the key but this operation is supported as a convenience for callers that only have a key-reference and not the public portion of the key. This operation requires the keys/verify permission. */\nexport async function verify(\n context: Client,\n keyName: string,\n keyVersion: string,\n parameters: KeyVerifyParameters,\n options: VerifyOptionalParams = { requestOptions: {} },\n): Promise<KeyVerifyResult> {\n const result = await _verifySend(context, keyName, keyVersion, parameters, options);\n return _verifyDeserialize(result);\n}\n\nexport function _signSend(\n context: Client,\n keyName: string,\n keyVersion: string,\n parameters: KeySignParameters,\n options: SignOptionalParams = { requestOptions: {} },\n): StreamableMethod {\n const path = expandUrlTemplate(\n \"/keys/{key-name}/{key-version}/sign{?api%2Dversion}\",\n {\n \"key-name\": keyName,\n \"key-version\": keyVersion,\n \"api%2Dversion\": context.apiVersion,\n },\n {\n allowReserved: options?.requestOptions?.skipUrlEncoding,\n },\n );\n return context.path(path).post({\n ...operationOptionsToRequestParameters(options),\n contentType: \"application/json\",\n headers: {\n accept: \"application/json\",\n ...options.requestOptions?.headers,\n },\n body: keySignParametersSerializer(parameters),\n });\n}\n\nexport async function _signDeserialize(result: PathUncheckedResponse): Promise<KeyOperationResult> {\n const expectedStatuses = [\"200\"];\n if (!expectedStatuses.includes(result.status)) {\n const error = createRestError(result);\n error.details = keyVaultErrorDeserializer(result.body);\n throw error;\n }\n\n return keyOperationResultDeserializer(result.body);\n}\n\n/** The SIGN operation is applicable to asymmetric and symmetric keys stored in Azure Key Vault since this operation uses the private portion of the key. This operation requires the keys/sign permission. */\nexport async function sign(\n context: Client,\n keyName: string,\n keyVersion: string,\n parameters: KeySignParameters,\n options: SignOptionalParams = { requestOptions: {} },\n): Promise<KeyOperationResult> {\n const result = await _signSend(context, keyName, keyVersion, parameters, options);\n return _signDeserialize(result);\n}\n\nexport function _decryptSend(\n context: Client,\n keyName: string,\n keyVersion: string,\n parameters: KeyOperationsParameters,\n options: DecryptOptionalParams = { requestOptions: {} },\n): StreamableMethod {\n const path = expandUrlTemplate(\n \"/keys/{key-name}/{key-version}/decrypt{?api%2Dversion}\",\n {\n \"key-name\": keyName,\n \"key-version\": keyVersion,\n \"api%2Dversion\": context.apiVersion,\n },\n {\n allowReserved: options?.requestOptions?.skipUrlEncoding,\n },\n );\n return context.path(path).post({\n ...operationOptionsToRequestParameters(options),\n contentType: \"application/json\",\n headers: {\n accept: \"application/json\",\n ...options.requestOptions?.headers,\n },\n body: keyOperationsParametersSerializer(parameters),\n });\n}\n\nexport async function _decryptDeserialize(\n result: PathUncheckedResponse,\n): Promise<KeyOperationResult> {\n const expectedStatuses = [\"200\"];\n if (!expectedStatuses.includes(result.status)) {\n const error = createRestError(result);\n error.details = keyVaultErrorDeserializer(result.body);\n throw error;\n }\n\n return keyOperationResultDeserializer(result.body);\n}\n\n/** The DECRYPT operation decrypts a well-formed block of ciphertext using the target encryption key and specified algorithm. This operation is the reverse of the ENCRYPT operation; only a single block of data may be decrypted, the size of this block is dependent on the target key and the algorithm to be used. The DECRYPT operation applies to asymmetric and symmetric keys stored in Azure Key Vault since it uses the private portion of the key. This operation requires the keys/decrypt permission. Microsoft recommends not to use CBC algorithms for decryption without first ensuring the integrity of the ciphertext using an HMAC, for example. See https://learn.microsoft.com/dotnet/standard/security/vulnerabilities-cbc-mode for more information. */\nexport async function decrypt(\n context: Client,\n keyName: string,\n keyVersion: string,\n parameters: KeyOperationsParameters,\n options: DecryptOptionalParams = { requestOptions: {} },\n): Promise<KeyOperationResult> {\n const result = await _decryptSend(context, keyName, keyVersion, parameters, options);\n return _decryptDeserialize(result);\n}\n\nexport function _encryptSend(\n context: Client,\n keyName: string,\n keyVersion: string,\n parameters: KeyOperationsParameters,\n options: EncryptOptionalParams = { requestOptions: {} },\n): StreamableMethod {\n const path = expandUrlTemplate(\n \"/keys/{key-name}/{key-version}/encrypt{?api%2Dversion}\",\n {\n \"key-name\": keyName,\n \"key-version\": keyVersion,\n \"api%2Dversion\": context.apiVersion,\n },\n {\n allowReserved: options?.requestOptions?.skipUrlEncoding,\n },\n );\n return context.path(path).post({\n ...operationOptionsToRequestParameters(options),\n contentType: \"application/json\",\n headers: {\n accept: \"application/json\",\n ...options.requestOptions?.headers,\n },\n body: keyOperationsParametersSerializer(parameters),\n });\n}\n\nexport async function _encryptDeserialize(\n result: PathUncheckedResponse,\n): Promise<KeyOperationResult> {\n const expectedStatuses = [\"200\"];\n if (!expectedStatuses.includes(result.status)) {\n const error = createRestError(result);\n error.details = keyVaultErrorDeserializer(result.body);\n throw error;\n }\n\n return keyOperationResultDeserializer(result.body);\n}\n\n/** The ENCRYPT operation encrypts an arbitrary sequence of bytes using an encryption key that is stored in Azure Key Vault. Note that the ENCRYPT operation only supports a single block of data, the size of which is dependent on the target key and the encryption algorithm to be used. The ENCRYPT operation is only strictly necessary for symmetric keys stored in Azure Key Vault since protection with an asymmetric key can be performed using public portion of the key. This operation is supported for asymmetric keys as a convenience for callers that have a key-reference but do not have access to the public key material. This operation requires the keys/encrypt permission. */\nexport async function encrypt(\n context: Client,\n keyName: string,\n keyVersion: string,\n parameters: KeyOperationsParameters,\n options: EncryptOptionalParams = { requestOptions: {} },\n): Promise<KeyOperationResult> {\n const result = await _encryptSend(context, keyName, keyVersion, parameters, options);\n return _encryptDeserialize(result);\n}\n\nexport function _restoreKeySend(\n context: Client,\n parameters: KeyRestoreParameters,\n options: RestoreKeyOptionalParams = { requestOptions: {} },\n): StreamableMethod {\n const path = expandUrlTemplate(\n \"/keys/restore{?api%2Dversion}\",\n {\n \"api%2Dversion\": context.apiVersion,\n },\n {\n allowReserved: options?.requestOptions?.skipUrlEncoding,\n },\n );\n return context.path(path).post({\n ...operationOptionsToRequestParameters(options),\n contentType: \"application/json\",\n headers: {\n accept: \"application/json\",\n ...options.requestOptions?.headers,\n },\n body: keyRestoreParametersSerializer(parameters),\n });\n}\n\nexport async function _restoreKeyDeserialize(result: PathUncheckedResponse): Promise<KeyBundle> {\n const expectedStatuses = [\"200\"];\n if (!expectedStatuses.includes(result.status)) {\n const error = createRestError(result);\n error.details = keyVaultErrorDeserializer(result.body);\n throw error;\n }\n\n return keyBundleDeserializer(result.body);\n}\n\n/** Imports a previously backed up key into Azure Key Vault, restoring the key, its key identifier, attributes and access control policies. The RESTORE operation may be used to import a previously backed up key. Individual versions of a key cannot be restored. The key is restored in its entirety with the same key name as it had when it was backed up. If the key name is not available in the target Key Vault, the RESTORE operation will be rejected. While the key name is retained during restore, the final key identifier will change if the key is restored to a different vault. Restore will restore all versions and preserve version identifiers. The RESTORE operation is subject to security constraints: The target Key Vault must be owned by the same Microsoft Azure Subscription as the source Key Vault The user must have RESTORE permission in the target Key Vault. This operation requires the keys/restore permission. */\nexport async function restoreKey(\n context: Client,\n parameters: KeyRestoreParameters,\n options: RestoreKeyOptionalParams = { requestOptions: {} },\n): Promise<KeyBundle> {\n const result = await _restoreKeySend(context, parameters, options);\n return _restoreKeyDeserialize(result);\n}\n\nexport function _backupKeySend(\n context: Client,\n keyName: string,\n options: BackupKeyOptionalParams = { requestOptions: {} },\n): StreamableMethod {\n const path = expandUrlTemplate(\n \"/keys/{key-name}/backup{?api%2Dversion}\",\n {\n \"key-name\": keyName,\n \"api%2Dversion\": context.apiVersion,\n },\n {\n allowReserved: options?.requestOptions?.skipUrlEncoding,\n },\n );\n return context.path(path).post({\n ...operationOptionsToRequestParameters(options),\n headers: {\n accept: \"application/json\",\n ...options.requestOptions?.headers,\n },\n });\n}\n\nexport async function _backupKeyDeserialize(\n result: PathUncheckedResponse,\n): Promise<BackupKeyResult> {\n const expectedStatuses = [\"200\"];\n if (!expectedStatuses.includes(result.status)) {\n const error = createRestError(result);\n error.details = keyVaultErrorDeserializer(result.body);\n throw error;\n }\n\n return backupKeyResultDeserializer(result.body);\n}\n\n/** The Key Backup operation exports a key from Azure Key Vault in a protected form. Note that this operation does NOT return key material in a form that can be used outside the Azure Key Vault system, the returned key material is either protected to a Azure Key Vault HSM or to Azure Key Vault itself. The intent of this operation is to allow a client to GENERATE a key in one Azure Key Vault instance, BACKUP the key, and then RESTORE it into another Azure Key Vault instance. The BACKUP operation may be used to export, in protected form, any key type from Azure Key Vault. Individual versions of a key cannot be backed up. BACKUP / RESTORE can be performed within geographical boundaries only; meaning that a BACKUP from one geographical area cannot be restored to another geographical area. For example, a backup from the US geographical area cannot be restored in an EU geographical area. This operation requires the key/backup permission. */\nexport async function backupKey(\n context: Client,\n keyName: string,\n options: BackupKeyOptionalParams = { requestOptions: {} },\n): Promise<BackupKeyResult> {\n const result = await _backupKeySend(context, keyName, options);\n return _backupKeyDeserialize(result);\n}\n\nexport function _getKeysSend(\n context: Client,\n options: GetKeysOptionalParams = { requestOptions: {} },\n): StreamableMethod {\n const path = expandUrlTemplate(\n \"/keys{?api%2Dversion,maxresults}\",\n {\n \"api%2Dversion\": context.apiVersion,\n maxresults: options?.maxresults,\n },\n {\n allowReserved: options?.requestOptions?.skipUrlEncoding,\n },\n );\n return context.path(path).get({\n ...operationOptionsToRequestParameters(options),\n headers: {\n accept: \"application/json\",\n ...options.requestOptions?.headers,\n },\n });\n}\n\nexport async function _getKeysDeserialize(result: PathUncheckedResponse): Promise<_KeyListResult> {\n const expectedStatuses = [\"200\"];\n if (!expectedStatuses.includes(result.status)) {\n const error = createRestError(result);\n error.details = keyVaultErrorDeserializer(result.body);\n throw error;\n }\n\n return _keyListResultDeserializer(result.body);\n}\n\n/** Retrieves a list of the keys in the Key Vault as JSON Web Key structures that contain the public part of a stored key. The LIST operation is applicable to all key types, however only the base key identifier, attributes, and tags are provided in the response. Individual versions of a key are not listed in the response. This operation requires the keys/list permission. */\nexport function getKeys(\n context: Client,\n options: GetKeysOptionalParams = { requestOptions: {} },\n): PagedAsyncIterableIterator<KeyItem> {\n return buildPagedAsyncIterator(\n context,\n () => _getKeysSend(context, options),\n _getKeysDeserialize,\n [\"200\"],\n { itemName: \"value\", nextLinkName: \"nextLink\" },\n );\n}\n\nexport function _getKeyVersionsSend(\n context: Client,\n keyName: string,\n options: GetKeyVersionsOptionalParams = { requestOptions: {} },\n): StreamableMethod {\n const path = expandUrlTemplate(\n \"/keys/{key-name}/versions{?api%2Dversion,maxresults}\",\n {\n \"key-name\": keyName,\n \"api%2Dversion\": context.apiVersion,\n maxresults: options?.maxresults,\n },\n {\n allowReserved: options?.requestOptions?.skipUrlEncoding,\n },\n );\n return context.path(path).get({\n ...operationOptionsToRequestParameters(options),\n headers: {\n accept: \"application/json\",\n ...options.requestOptions?.headers,\n },\n });\n}\n\nexport async function _getKeyVersionsDeserialize(\n result: PathUncheckedResponse,\n): Promise<_KeyListResult> {\n const expectedStatuses = [\"200\"];\n if (!expectedStatuses.includes(result.status)) {\n const error = createRestError(result);\n error.details = keyVaultErrorDeserializer(result.body);\n throw error;\n }\n\n return _keyListResultDeserializer(result.body);\n}\n\n/** The full key identifier, attributes, and tags are provided in the response. This operation requires the keys/list permission. */\nexport function getKeyVersions(\n context: Client,\n keyName: string,\n options: GetKeyVersionsOptionalParams = { requestOptions: {} },\n): PagedAsyncIterableIterator<KeyItem> {\n return buildPagedAsyncIterator(\n context,\n () => _getKeyVersionsSend(context, keyName, options),\n _getKeyVersionsDeserialize,\n [\"200\"],\n { itemName: \"value\", nextLinkName: \"nextLink\" },\n );\n}\n\nexport function _getKeySend(\n context: Client,\n keyName: string,\n keyVersion: string,\n options: GetKeyOptionalParams = { requestOptions: {} },\n): StreamableMethod {\n const path = expandUrlTemplate(\n \"/keys/{key-name}/{key-version}{?api%2Dversion}\",\n {\n \"key-name\": keyName,\n \"key-version\": keyVersion,\n \"api%2Dversion\": context.apiVersion,\n },\n {\n allowReserved: options?.requestOptions?.skipUrlEncoding,\n },\n );\n return context.path(path).get({\n ...operationOptionsToRequestParameters(options),\n headers: {\n accept: \"application/json\",\n ...options.requestOptions?.headers,\n },\n });\n}\n\nexport async function _getKeyDeserialize(result: PathUncheckedResponse): Promise<KeyBundle> {\n const expectedStatuses = [\"200\"];\n if (!expectedStatuses.includes(result.status)) {\n const error = createRestError(result);\n error.details = keyVaultErrorDeserializer(result.body);\n throw error;\n }\n\n return keyBundleDeserializer(result.body);\n}\n\n/** The get key operation is applicable to all key types. If the requested key is symmetric, then no key material is released in the response. This operation requires the keys/get permission. */\nexport async function getKey(\n context: Client,\n keyName: string,\n keyVersion: string,\n options: GetKeyOptionalParams = { requestOptions: {} },\n): Promise<KeyBundle> {\n const result = await _getKeySend(context, keyName, keyVersion, options);\n return _getKeyDeserialize(result);\n}\n\nexport function _updateKeySend(\n context: Client,\n keyName: string,\n keyVersion: string,\n parameters: KeyUpdateParameters,\n options: UpdateKeyOptionalParams = { requestOptions: {} },\n): StreamableMethod {\n const path = expandUrlTemplate(\n \"/keys/{key-name}/{key-version}{?api%2Dversion}\",\n {\n \"key-name\": keyName,\n \"key-version\": keyVersion,\n \"api%2Dversion\": context.apiVersion,\n },\n {\n allowReserved: options?.requestOptions?.skipUrlEncoding,\n },\n );\n return context.path(path).patch({\n ...operationOptionsToRequestParameters(options),\n contentType: \"application/json\",\n headers: {\n accept: \"application/json\",\n ...options.requestOptions?.headers,\n },\n body: keyUpdateParametersSerializer(parameters),\n });\n}\n\nexport async function _updateKeyDeserialize(result: PathUncheckedResponse): Promise<KeyBundle> {\n const expectedStatuses = [\"200\"];\n if (!expectedStatuses.includes(result.status)) {\n const error = createRestError(result);\n error.details = keyVaultErrorDeserializer(result.body);\n throw error;\n }\n\n return keyBundleDeserializer(result.body);\n}\n\n/** In order to perform this operation, the key must already exist in the Key Vault. Note: The cryptographic material of a key itself cannot be changed. This operation requires the keys/update permission. */\nexport async function updateKey(\n context: Client,\n keyName: string,\n keyVersion: string,\n parameters: KeyUpdateParameters,\n options: UpdateKeyOptionalParams = { requestOptions: {} },\n): Promise<KeyBundle> {\n const result = await _updateKeySend(context, keyName, keyVersion, parameters, options);\n return _updateKeyDeserialize(result);\n}\n\nexport function _deleteKeySend(\n context: Client,\n keyName: string,\n options: DeleteKeyOptionalParams = { requestOptions: {} },\n): StreamableMethod {\n const path = expandUrlTemplate(\n \"/keys/{key-name}{?api%2Dversion}\",\n {\n \"key-name\": keyName,\n \"api%2Dversion\": context.apiVersion,\n },\n {\n allowReserved: options?.requestOptions?.skipUrlEncoding,\n },\n );\n return context.path(path).delete({\n ...operationOptionsToRequestParameters(options),\n headers: {\n accept: \"application/json\",\n ...options.requestOptions?.headers,\n },\n });\n}\n\nexport async function _deleteKeyDeserialize(\n result: PathUncheckedResponse,\n): Promise<DeletedKeyBundle> {\n const expectedStatuses = [\"200\"];\n if (!expectedStatuses.includes(result.status)) {\n const error = createRestError(result);\n error.details = keyVaultErrorDeserializer(result.body);\n throw error;\n }\n\n return deletedKeyBundleDeserializer(result.body);\n}\n\n/** The delete key operation cannot be used to remove individual versions of a key. This operation removes the cryptographic material associated with the key, which means the key is not usable for Sign/Verify, Wrap/Unwrap or Encrypt/Decrypt operations. This operation requires the keys/delete permission. */\nexport async function deleteKey(\n context: Client,\n keyName: string,\n options: DeleteKeyOptionalParams = { requestOptions: {} },\n): Promise<DeletedKeyBundle> {\n const result = await _deleteKeySend(context, keyName, options);\n return _deleteKeyDeserialize(result);\n}\n\nexport function _importKeySend(\n context: Client,\n keyName: string,\n parameters: KeyImportParameters,\n options: ImportKeyOptionalParams = { requestOptions: {} },\n): StreamableMethod {\n const path = expandUrlTemplate(\n \"/keys/{key-name}{?api%2Dversion}\",\n {\n \"key-name\": keyName,\n \"api%2Dversion\": context.apiVersion,\n },\n {\n allowReserved: options?.requestOptions?.skipUrlEncoding,\n },\n );\n return context.path(path).put({\n ...operationOptionsToRequestParameters(options),\n contentType: \"application/json\",\n headers: {\n accept: \"application/json\",\n ...options.requestOptions?.headers,\n },\n body: keyImportParametersSerializer(parameters),\n });\n}\n\nexport async function _importKeyDeserialize(result: PathUncheckedResponse): Promise<KeyBundle> {\n const expectedStatuses = [\"200\"];\n if (!expectedStatuses.includes(result.status)) {\n const error = createRestError(result);\n error.details = keyVaultErrorDeserializer(result.body);\n throw error;\n }\n\n return keyBundleDeserializer(result.body);\n}\n\n/** The import key operation may be used to import any key type into an Azure Key Vault. If the named key already exists, Azure Key Vault creates a new version of the key. This operation requires the keys/import permission. */\nexport async function importKey(\n context: Client,\n keyName: string,\n parameters: KeyImportParameters,\n options: ImportKeyOptionalParams = { requestOptions: {} },\n): Promise<KeyBundle> {\n const result = await _importKeySend(context, keyName, parameters, options);\n return _importKeyDeserialize(result);\n}\n\nexport function _rotateKeySend(\n context: Client,\n keyName: string,\n options: RotateKeyOptionalParams = { requestOptions: {} },\n): StreamableMethod {\n const path = expandUrlTemplate(\n \"/keys/{key-name}/rotate{?api%2Dversion}\",\n {\n \"key-name\": keyName,\n \"api%2Dversion\": context.apiVersion,\n },\n {\n allowReserved: options?.requestOptions?.skipUrlEncoding,\n },\n );\n return context.path(path).post({\n ...operationOptionsToRequestParameters(options),\n headers: {\n accept: \"application/json\",\n ...options.requestOptions?.headers,\n },\n });\n}\n\nexport async function _rotateKeyDeserialize(result: PathUncheckedResponse): Promise<KeyBundle> {\n const expectedStatuses = [\"200\"];\n if (!expectedStatuses.includes(result.status)) {\n const error = createRestError(result);\n error.details = keyVaultErrorDeserializer(result.body);\n throw error;\n }\n\n return keyBundleDeserializer(result.body);\n}\n\n/** The operation will rotate the key based on the key policy. It requires the keys/rotate permission. */\nexport async function rotateKey(\n context: Client,\n keyName: string,\n options: RotateKeyOptionalParams = { requestOptions: {} },\n): Promise<KeyBundle> {\n const result = await _rotateKeySend(context, keyName, options);\n return _rotateKeyDeserialize(result);\n}\n\nexport function _createKeySend(\n context: Client,\n keyName: string,\n parameters: KeyCreateParameters,\n options: CreateKeyOptionalParams = { requestOptions: {} },\n): StreamableMethod {\n const path = expandUrlTemplate(\n \"/keys/{key-name}/create{?api%2Dversion}\",\n {\n \"key-name\": keyName,\n \"api%2Dversion\": context.apiVersion,\n },\n {\n allowReserved: options?.requestOptions?.skipUrlEncoding,\n },\n );\n return context.path(path).post({\n ...operationOptionsToRequestParameters(options),\n contentType: \"application/json\",\n headers: {\n accept: \"application/json\",\n ...options.requestOptions?.headers,\n },\n body: keyCreateParametersSerializer(parameters),\n });\n}\n\nexport async function _createKeyDeserialize(result: PathUncheckedResponse): Promise<KeyBundle> {\n const expectedStatuses = [\"200\"];\n if (!expectedStatuses.includes(result.status)) {\n const error = createRestError(result);\n error.details = keyVaultErrorDeserializer(result.body);\n throw error;\n }\n\n return keyBundleDeserializer(result.body);\n}\n\n/** The create key operation can be used to create any key type in Azure Key Vault. If the named key already exists, Azure Key Vault creates a new version of the key. It requires the keys/create permission. */\nexport async function createKey(\n context: Client,\n keyName: string,\n parameters: KeyCreateParameters,\n options: CreateKeyOptionalParams = { requestOptions: {} },\n): Promise<KeyBundle> {\n const result = await _createKeySend(context, keyName, parameters, options);\n return _createKeyDeserialize(result);\n}\n"]}
package/dist/commonjs/api/options.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"options.d.ts","sourceRoot":"","sources":["../../../src/api/options.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAE3D,2BAA2B;AAC3B,MAAM,WAAW,+BAAgC,SAAQ,gBAAgB;CAAG;AAE5E,2BAA2B;AAC3B,MAAM,WAAW,4BAA6B,SAAQ,gBAAgB;CAAG;AAEzE,2BAA2B;AAC3B,MAAM,WAAW,qCAAsC,SAAQ,gBAAgB;CAAG;AAElF,2BAA2B;AAC3B,MAAM,WAAW,kCAAmC,SAAQ,gBAAgB;CAAG;AAE/E,2BAA2B;AAC3B,MAAM,WAAW,+BAAgC,SAAQ,gBAAgB;CAAG;AAE5E,2BAA2B;AAC3B,MAAM,WAAW,6BAA8B,SAAQ,gBAAgB;CAAG;AAE1E,2BAA2B;AAC3B,MAAM,WAAW,2BAA4B,SAAQ,gBAAgB;CAAG;AAExE,2BAA2B;AAC3B,MAAM,WAAW,4BAA6B,SAAQ,gBAAgB;IACpE,gHAAgH;IAChH,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,2BAA2B;AAC3B,MAAM,WAAW,qBAAsB,SAAQ,gBAAgB;CAAG;AAElE,2BAA2B;AAC3B,MAAM,WAAW,uBAAwB,SAAQ,gBAAgB;CAAG;AAEpE,2BAA2B;AAC3B,MAAM,WAAW,qBAAsB,SAAQ,gBAAgB;CAAG;AAElE,2BAA2B;AAC3B,MAAM,WAAW,oBAAqB,SAAQ,gBAAgB;CAAG;AAEjE,2BAA2B;AAC3B,MAAM,WAAW,kBAAmB,SAAQ,gBAAgB;CAAG;AAE/D,2BAA2B;AAC3B,MAAM,WAAW,qBAAsB,SAAQ,gBAAgB;CAAG;AAElE,2BAA2B;AAC3B,MAAM,WAAW,qBAAsB,SAAQ,gBAAgB;CAAG;AAElE,2BAA2B;AAC3B,MAAM,WAAW,wBAAyB,SAAQ,gBAAgB;CAAG;AAErE,2BAA2B;AAC3B,MAAM,WAAW,uBAAwB,SAAQ,gBAAgB;CAAG;AAEpE,2BAA2B;AAC3B,MAAM,WAAW,qBAAsB,SAAQ,gBAAgB;IAC7D,gHAAgH;IAChH,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,2BAA2B;AAC3B,MAAM,WAAW,4BAA6B,SAAQ,gBAAgB;IACpE,gHAAgH;IAChH,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,2BAA2B;AAC3B,MAAM,WAAW,oBAAqB,SAAQ,gBAAgB;CAAG;AAEjE,2BAA2B;AAC3B,MAAM,WAAW,uBAAwB,SAAQ,gBAAgB;CAAG;AAEpE,2BAA2B;AAC3B,MAAM,WAAW,uBAAwB,SAAQ,gBAAgB;CAAG;AAEpE,2BAA2B;AAC3B,MAAM,WAAW,uBAAwB,SAAQ,gBAAgB;CAAG;AAEpE,2BAA2B;AAC3B,MAAM,WAAW,uBAAwB,SAAQ,gBAAgB;CAAG;AAEpE,2BAA2B;AAC3B,MAAM,WAAW,uBAAwB,SAAQ,gBAAgB;CAAG"}
package/dist/commonjs/api/options.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"options.js","sourceRoot":"","sources":["../../../src/api/options.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport { OperationOptions } from \"@azure-rest/core-client\";\n\n/** Optional parameters. */\nexport interface GetKeyAttestationOptionalParams extends OperationOptions {}\n\n/** Optional parameters. */\nexport interface GetRandomBytesOptionalParams extends OperationOptions {}\n\n/** Optional parameters. */\nexport interface UpdateKeyRotationPolicyOptionalParams extends OperationOptions {}\n\n/** Optional parameters. */\nexport interface GetKeyRotationPolicyOptionalParams extends OperationOptions {}\n\n/** Optional parameters. */\nexport interface RecoverDeletedKeyOptionalParams extends OperationOptions {}\n\n/** Optional parameters. */\nexport interface PurgeDeletedKeyOptionalParams extends OperationOptions {}\n\n/** Optional parameters. */\nexport interface GetDeletedKeyOptionalParams extends OperationOptions {}\n\n/** Optional parameters. */\nexport interface GetDeletedKeysOptionalParams extends OperationOptions {\n /** Maximum number of results to return in a page. If not specified the service will return up to 25 results. */\n maxresults?: number;\n}\n\n/** Optional parameters. */\nexport interface ReleaseOptionalParams extends OperationOptions {}\n\n/** Optional parameters. */\nexport interface UnwrapKeyOptionalParams extends OperationOptions {}\n\n/** Optional parameters. */\nexport interface WrapKeyOptionalParams extends OperationOptions {}\n\n/** Optional parameters. */\nexport interface VerifyOptionalParams extends OperationOptions {}\n\n/** Optional parameters. */\nexport interface SignOptionalParams extends OperationOptions {}\n\n/** Optional parameters. */\nexport interface DecryptOptionalParams extends OperationOptions {}\n\n/** Optional parameters. */\nexport interface EncryptOptionalParams extends OperationOptions {}\n\n/** Optional parameters. */\nexport interface RestoreKeyOptionalParams extends OperationOptions {}\n\n/** Optional parameters. */\nexport interface BackupKeyOptionalParams extends OperationOptions {}\n\n/** Optional parameters. */\nexport interface GetKeysOptionalParams extends OperationOptions {\n /** Maximum number of results to return in a page. If not specified the service will return up to 25 results. */\n maxresults?: number;\n}\n\n/** Optional parameters. */\nexport interface GetKeyVersionsOptionalParams extends OperationOptions {\n /** Maximum number of results to return in a page. If not specified the service will return up to 25 results. */\n maxresults?: number;\n}\n\n/** Optional parameters. */\nexport interface GetKeyOptionalParams extends OperationOptions {}\n\n/** Optional parameters. */\nexport interface UpdateKeyOptionalParams extends OperationOptions {}\n\n/** Optional parameters. */\nexport interface DeleteKeyOptionalParams extends OperationOptions {}\n\n/** Optional parameters. */\nexport interface ImportKeyOptionalParams extends OperationOptions {}\n\n/** Optional parameters. */\nexport interface RotateKeyOptionalParams extends OperationOptions {}\n\n/** Optional parameters. */\nexport interface CreateKeyOptionalParams extends OperationOptions {}\n"]}
package/dist/commonjs/constants.js CHANGED
@@ -3,5 +3,5 @@
3
3
  // Licensed under the MIT License.
4
4
  Object.defineProperty(exports, "__esModule", { value: true });
5
5
  exports.SDK_VERSION = void 0;
6
- exports.SDK_VERSION = "4.10.1";
6
+ exports.SDK_VERSION = "4.10.2";
7
7
  //# sourceMappingURL=constants.js.map
package/dist/commonjs/constants.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"constants.js","sourceRoot":"","sources":["../../src/constants.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC;;;AAErB,QAAA,WAAW,GAAW,QAAQ,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nexport const SDK_VERSION: string = \"4.10.1\";\n"]}
1
+ {"version":3,"file":"constants.js","sourceRoot":"","sources":["../../src/constants.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC;;;AAErB,QAAA,WAAW,GAAW,QAAQ,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nexport const SDK_VERSION: string = \"4.10.2\";\n"]}
package/dist/commonjs/cryptography/remoteCryptographyProvider.js CHANGED
@@ -4,12 +4,12 @@
4
4
  Object.defineProperty(exports, "__esModule", { value: true });
5
5
  exports.RemoteCryptographyProvider = void 0;
6
6
  const constants_js_1 = require("../constants.js");
7
- const index_js_1 = require("../generated/src/index.js");
7
+ const keyVaultClient_js_1 = require("../keyVaultClient.js");
8
8
  const identifier_js_1 = require("../identifier.js");
9
9
  const keysModels_js_1 = require("../keysModels.js");
10
10
  const transformations_js_1 = require("../transformations.js");
11
11
  const crypto_js_1 = require("./crypto.js");
12
- const log_js_1 = require("../log.js");
12
+ const logger_js_1 = require("../logger.js");
13
13
  const keyvault_common_1 = require("@azure/keyvault-common");
14
14
  const tracing_js_1 = require("../tracing.js");
15
15
  const core_rest_pipeline_1 = require("@azure/core-rest-pipeline");
@@ -41,7 +41,7 @@ class RemoteCryptographyProvider {
41
41
  this.client = getOrInitializeClient(this.vaultUrl, credential, pipelineOptions);
42
42
  }
43
43
  catch (err) {
44
- log_js_1.logger.error(err);
44
+ logger_js_1.logger.error(err);
45
45
  throw new Error(`${keyId} is not a valid Key Vault key ID`);
46
46
  }
47
47
  }
@@ -241,7 +241,7 @@ function getOrInitializeClient(vaultUrl, credential, options) {
241
241
  ...options,
242
242
  apiVersion: options.serviceVersion || keysModels_js_1.LATEST_API_VERSION,
243
243
  loggingOptions: {
244
- logger: log_js_1.logger.info,
244
+ logger: logger_js_1.logger.info,
245
245
  additionalAllowedHeaderNames: [
246
246
  "x-ms-keyvault-region",
247
247
  "x-ms-keyvault-network-info",
@@ -249,7 +249,7 @@ function getOrInitializeClient(vaultUrl, credential, options) {
249
249
  ],
250
250
  },
251
251
  };
252
- const client = new index_js_1.KeyVaultClient(vaultUrl, credential, internalPipelineOptions);
252
+ const client = new keyVaultClient_js_1.KeyVaultClient(vaultUrl, credential, internalPipelineOptions);
253
253
  client.pipeline.removePolicy({ name: core_rest_pipeline_1.bearerTokenAuthenticationPolicyName });
254
254
  client.pipeline.addPolicy((0, keyvault_common_1.keyVaultAuthenticationPolicy)(credential, options));
255
255
  // Workaround for: https://github.com/Azure/azure-sdk-for-js/issues/31843
package/dist/commonjs/cryptography/remoteCryptographyProvider.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"remoteCryptographyProvider.js","sourceRoot":"","sources":["../../../src/cryptography/remoteCryptographyProvider.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC;;;AAoBlC,kDAA8C;AAG9C,wDAA2D;AAC3D,oDAA8D;AAE9D,oDAAsD;AACtD,8DAA4D;AAC5D,2CAAyC;AAEzC,sCAAmC;AACnC,4DAAsE;AACtE,8CAA8C;AAC9C,kEAAgF;AAEhF;;;GAGG;AACH,MAAa,0BAA0B;IACrC,YACE,GAAyB,EACzB,UAA2B,EAC3B,kBAA6C,EAAE;QAE/C,IAAI,CAAC,GAAG,GAAG,GAAG,CAAC;QAEf,IAAI,KAAa,CAAC;QAClB,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YAC5B,KAAK,GAAG,GAAG,CAAC;QACd,CAAC;aAAM,CAAC;YACN,KAAK,GAAG,GAAG,CAAC,EAAG,CAAC;QAClB,CAAC;QAED,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,IAAA,0CAA0B,EAAC,KAAK,CAAC,CAAC;YACjD,IAAI,MAAM,CAAC,IAAI,KAAK,EAAE,EAAE,CAAC;gBACvB,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;YAC7D,CAAC;YAED,IAAI,CAAC,MAAM,CAAC,QAAQ,IAAI,MAAM,CAAC,QAAQ,KAAK,EAAE,EAAE,CAAC;gBAC/C,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;YACjE,CAAC;YAED,IAAI,CAAC,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC;YAChC,IAAI,CAAC,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC;YACxB,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC,OAAO,IAAI,EAAE,CAAC;YAEpC,IAAI,CAAC,MAAM,GAAG,qBAAqB,CAAC,IAAI,CAAC,QAAQ,EAAE,UAAU,EAAE,eAAe,CAAC,CAAC;QAClF,CAAC;QAAC,OAAO,GAAQ,EAAE,CAAC;YAClB,eAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAElB,MAAM,IAAI,KAAK,CAAC,GAAG,KAAK,kCAAkC,CAAC,CAAC;QAC9D,CAAC;IACH,CAAC;IAED,gEAAgE;IAChE,WAAW,CAAC,UAAkB,EAAE,UAAyC;QACvE,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,CACL,iBAAoC,EACpC,UAA0B,EAAE;QAE5B,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,GAAG,MAAM,EAAE,GAAG,iBAAiB,CAAC;QAC9D,MAAM,cAAc,GAAG,EAAE,GAAG,OAAO,EAAE,GAAG,MAAM,EAAE,CAAC;QAEjD,OAAO,0BAAa,CAAC,QAAQ,CAC3B,oCAAoC,EACpC,cAAc,EACd,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CACtC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,OAAO,EACZ;gBACE,SAAS;gBACT,KAAK,EAAE,SAAS;gBAChB,GAAG,EACD,6BAA6B,IAAI,iBAAiB;oBAChD,CAAC,CAAC,iBAAiB,CAAC,2BAA2B;oBAC/C,CAAC,CAAC,SAAS;gBACf,EAAE,EAAE,IAAI,IAAI,iBAAiB,CAAC,CAAC,CAAC,iBAAiB,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS;aACjE,EACD,cAAc,CACf,CAAC;YAEF,OAAO;gBACL,SAAS,EAAE,iBAAiB,CAAC,SAAS;gBACtC,MAAM,EAAE,MAAM,CAAC,MAAO;gBACtB,KAAK,EAAE,IAAI,CAAC,QAAQ,EAAE;gBACtB,2BAA2B,EAAE,MAAM,CAAC,2BAA2B;gBAC/D,iBAAiB,EAAE,MAAM,CAAC,iBAAiB;gBAC3C,EAAE,EAAE,MAAM,CAAC,EAAE;aACd,CAAC;QACJ,CAAC,CACF,CAAC;IACJ,CAAC;IAED,OAAO,CACL,iBAAoC,EACpC,UAA0B,EAAE;QAE5B,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,GAAG,MAAM,EAAE,GAAG,iBAAiB,CAAC;QAC/D,MAAM,cAAc,GAAG,EAAE,GAAG,OAAO,EAAE,GAAG,MAAM,EAAE,CAAC;QAEjD,OAAO,0BAAa,CAAC,QAAQ,CAC3B,oCAAoC,EACpC,cAAc,EACd,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CACtC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,OAAO,EACZ;gBACE,SAAS;gBACT,KAAK,EAAE,UAAU;gBACjB,GAAG,EACD,6BAA6B,IAAI,iBAAiB;oBAChD,CAAC,CAAC,iBAAiB,CAAC,2BAA2B;oBAC/C,CAAC,CAAC,SAAS;gBACf,EAAE,EAAE,IAAI,IAAI,iBAAiB,CAAC,CAAC,CAAC,iBAAiB,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS;gBAChE,GAAG,EACD,mBAAmB,IAAI,iBAAiB;oBACtC,CAAC,CAAC,iBAAiB,CAAC,iBAAiB;oBACrC,CAAC,CAAC,SAAS;aAChB,EACD,cAAc,CACf,CAAC;YACF,OAAO;gBACL,MAAM,EAAE,MAAM,CAAC,MAAO;gBACtB,KAAK,EAAE,IAAI,CAAC,QAAQ,EAAE;gBACtB,SAAS;aACV,CAAC;QACJ,CAAC,CACF,CAAC;IACJ,CAAC;IAED,OAAO,CACL,SAA2B,EAC3B,SAAqB,EACrB,UAA0B,EAAE;QAE5B,OAAO,0BAAa,CAAC,QAAQ,CAC3B,oCAAoC,EACpC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CACtC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,OAAO,EACZ;gBACE,SAAS;gBACT,KAAK,EAAE,SAAS;aACjB,EACD,cAAc,CACf,CAAC;YAEF,OAAO;gBACL,MAAM,EAAE,MAAM,CAAC,MAAO;gBACtB,SAAS;gBACT,KAAK,EAAE,IAAI,CAAC,QAAQ,EAAE;aACvB,CAAC;QACJ,CAAC,CACF,CAAC;IACJ,CAAC;IAED,SAAS,CACP,SAA2B,EAC3B,YAAwB,EACxB,UAA4B,EAAE;QAE9B,OAAO,0BAAa,CAAC,QAAQ,CAC3B,sCAAsC,EACtC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,SAAS,CACxC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,OAAO,EACZ;gBACE,SAAS;gBACT,KAAK,EAAE,YAAY;aACpB,EACD,cAAc,CACf,CAAC;YAEF,OAAO;gBACL,MAAM,EAAE,MAAM,CAAC,MAAO;gBACtB,SAAS;gBACT,KAAK,EAAE,IAAI,CAAC,QAAQ,EAAE;aACvB,CAAC;QACJ,CAAC,CACF,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,SAAiB,EAAE,MAAkB,EAAE,UAAuB,EAAE;QACnE,OAAO,0BAAa,CAAC,QAAQ,CAC3B,iCAAiC,EACjC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CACnC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,OAAO,EACZ;gBACE,SAAS;gBACT,KAAK,EAAE,MAAM;aACd,EACD,cAAc,CACf,CAAC;YAEF,OAAO,EAAE,MAAM,EAAE,MAAM,CAAC,MAAO,EAAE,SAAS,EAAE,KAAK,EAAE,IAAI,CAAC,QAAQ,EAAE,EAAE,CAAC;QACvE,CAAC,CACF,CAAC;IACJ,CAAC;IAED,UAAU,CACR,SAAiB,EACjB,IAAgB,EAChB,SAAqB,EACrB,UAAyB,EAAE;QAE3B,OAAO,0BAAa,CAAC,QAAQ,CAC3B,uCAAuC,EACvC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,MAAM,IAAI,GAAG,MAAM,IAAA,sBAAU,EAAC,SAAS,EAAE,IAAI,CAAC,CAAC;YAC/C,OAAO,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,EAAE,SAAS,EAAE,cAAc,CAAC,CAAC;QACjE,CAAC,CACF,CAAC;IACJ,CAAC;IAED,MAAM,CACJ,SAAiB,EACjB,MAAkB,EAClB,SAAqB,EACrB,UAAyB,EAAE;QAE3B,OAAO,0BAAa,CAAC,QAAQ,CAC3B,mCAAmC,EACnC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CACvC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,OAAO,EACZ;gBACE,SAAS;gBACT,MAAM;gBACN,SAAS;aACV,EACD,cAAc,CACf,CAAC;YACF,OAAO;gBACL,MAAM,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK;gBAC/C,KAAK,EAAE,IAAI,CAAC,QAAQ,EAAE;aACvB,CAAC;QACJ,CAAC,CACF,CAAC;IACJ,CAAC;IAED,QAAQ,CAAC,SAAiB,EAAE,IAAgB,EAAE,UAAuB,EAAE;QACrE,OAAO,0BAAa,CAAC,QAAQ,CAC3B,qCAAqC,EACrC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,MAAM,MAAM,GAAG,MAAM,IAAA,sBAAU,EAAC,SAAS,EAAE,IAAI,CAAC,CAAC;YACjD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CACnC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,OAAO,EACZ;gBACE,SAAS;gBACT,KAAK,EAAE,MAAM;aACd,EACD,cAAc,CACf,CAAC;YACF,OAAO,EAAE,MAAM,EAAE,MAAM,CAAC,MAAO,EAAE,SAAS,EAAE,KAAK,EAAE,IAAI,CAAC,QAAQ,EAAE,EAAE,CAAC;QACvE,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;OAEG;IACM,QAAQ,CAAS;IAE1B;;OAEG;IACH,IAAI,KAAK;QACP,OAAO,IAAI,CAAC,QAAQ,EAAE,CAAC;IACzB,CAAC;IAED;;;;OAIG;IACH,MAAM,CAAC,UAAyB,EAAE;QAChC,OAAO,0BAAa,CAAC,QAAQ,CAC3B,mCAAmC,EACnC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,IAAI,OAAO,IAAI,CAAC,GAAG,KAAK,QAAQ,EAAE,CAAC;gBACjC,IAAI,CAAC,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,IAAI,KAAK,EAAE,EAAE,CAAC;oBACnC,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;gBACvD,CAAC;gBACD,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CACvC,IAAI,CAAC,IAAI,EACT,OAAO,IAAI,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAC/E,cAAc,CACf,CAAC;gBACF,IAAI,CAAC,GAAG,GAAG,IAAA,wCAAmB,EAAC,QAAQ,CAAC,CAAC;YAC3C,CAAC;YACD,OAAO,IAAI,CAAC,GAAG,CAAC;QAClB,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,MAAM,CAAiB;IAE/B;;;;OAIG;IACK,GAAG,CAAuB;IAElC;;OAEG;IACK,IAAI,CAAS;IAErB;;OAEG;IACK,OAAO,CAAS;IAExB;;OAEG;IACK,QAAQ;QACd,IAAI,GAAG,CAAC;QACR,IAAI,OAAO,IAAI,CAAC,GAAG,KAAK,QAAQ,EAAE,CAAC;YACjC,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;QACpB,CAAC;aAAM,CAAC;YACN,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC;QACjB,CAAC;QAED,OAAO,GAAG,CAAC;IACb,CAAC;CACF;AA3UD,gEA2UC;AAED;;;;;;;;GAQG;AACH,SAAS,qBAAqB,CAC5B,QAAgB,EAChB,UAA2B,EAC3B,OAAyE;IAEzE,IAAI,OAAO,CAAC,eAAe,EAAE,CAAC;QAC5B,OAAO,OAAO,CAAC,eAAe,CAAC;IACjC,CAAC;IAED,MAAM,OAAO,GAAG,0BAA0B,0BAAW,EAAE,CAAC;IAExD,MAAM,gBAAgB,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAElD,OAAO,CAAC,gBAAgB,GAAG;QACzB,eAAe,EACb,gBAAgB,IAAI,gBAAgB,CAAC,eAAe;YAClD,CAAC,CAAC,GAAG,gBAAgB,CAAC,eAAe,IAAI,OAAO,EAAE;YAClD,CAAC,CAAC,OAAO;KACd,CAAC;IAEF,MAAM,uBAAuB,GAAiC;QAC5D,GAAG,OAAO;QACV,UAAU,EAAE,OAAO,CAAC,cAAc,IAAI,kCAAkB;QACxD,cAAc,EAAE;YACd,MAAM,EAAE,eAAM,CAAC,IAAI;YACnB,4BAA4B,EAAE;gBAC5B,sBAAsB;gBACtB,4BAA4B;gBAC5B,+BAA+B;aAChC;SACF;KACF,CAAC;IAEF,MAAM,MAAM,GAAG,IAAI,yBAAc,CAAC,QAAQ,EAAE,UAAU,EAAE,uBAAuB,CAAC,CAAC;IAEjF,MAAM,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAE,IAAI,EAAE,wDAAmC,EAAE,CAAC,CAAC;IAC5E,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAA,8CAA4B,EAAC,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC;IAC7E,yEAAyE;IACzE,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC;QACxB,IAAI,EAAE,mBAAmB;QACzB,WAAW,CAAC,OAAO,EAAE,IAAI;YACvB,MAAM,WAAW,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,EAAE,CAAC;YAC9D,IAAI,WAAW,CAAC,UAAU,CAAC,kBAAkB,CAAC,EAAE,CAAC;gBAC/C,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC;YAC1D,CAAC;YACD,OAAO,IAAI,CAAC,OAAO,CAAC,CAAC;QACvB,CAAC;KACF,CAAC,CAAC;IAEH,OAAO,MAAM,CAAC;AAChB,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { TokenCredential } from \"@azure/core-auth\";\n\nimport type {\n DecryptOptions,\n DecryptParameters,\n DecryptResult,\n EncryptOptions,\n EncryptParameters,\n EncryptResult,\n KeyWrapAlgorithm,\n SignOptions,\n SignResult,\n UnwrapKeyOptions,\n VerifyOptions,\n VerifyResult,\n WrapKeyOptions,\n WrapResult,\n} from \"../cryptographyClientModels.js\";\nimport { SDK_VERSION } from \"../constants.js\";\nimport type { UnwrapResult } from \"../cryptographyClientModels.js\";\nimport type { KeyVaultClientOptionalParams } from \"../generated/src/index.js\";\nimport { KeyVaultClient } from \"../generated/src/index.js\";\nimport { parseKeyVaultKeyIdentifier } from \"../identifier.js\";\nimport type { CryptographyClientOptions, GetKeyOptions, KeyVaultKey } from \"../keysModels.js\";\nimport { LATEST_API_VERSION } from \"../keysModels.js\";\nimport { getKeyFromKeyBundle } from \"../transformations.js\";\nimport { createHash } from \"./crypto.js\";\nimport type { CryptographyProvider, CryptographyProviderOperation } from \"./models.js\";\nimport { logger } from \"../log.js\";\nimport { keyVaultAuthenticationPolicy } from \"@azure/keyvault-common\";\nimport { tracingClient } from \"../tracing.js\";\nimport { bearerTokenAuthenticationPolicyName } from \"@azure/core-rest-pipeline\";\n\n/**\n * The remote cryptography provider is used to run crypto operations against KeyVault.\n * @internal\n */\nexport class RemoteCryptographyProvider implements CryptographyProvider {\n constructor(\n key: string | KeyVaultKey,\n credential: TokenCredential,\n pipelineOptions: CryptographyClientOptions = {},\n ) {\n this.key = key;\n\n let keyId: string;\n if (typeof key === \"string\") {\n keyId = key;\n } else {\n keyId = key.id!;\n }\n\n try {\n const parsed = parseKeyVaultKeyIdentifier(keyId);\n if (parsed.name === \"\") {\n throw new Error(\"Could not find 'name' of key in key URL\");\n }\n\n if (!parsed.vaultUrl || parsed.vaultUrl === \"\") {\n throw new Error(\"Could not find 'vaultUrl' of key in key URL\");\n }\n\n this.vaultUrl = parsed.vaultUrl;\n this.name = parsed.name;\n this.version = parsed.version ?? \"\";\n\n this.client = getOrInitializeClient(this.vaultUrl, credential, pipelineOptions);\n } catch (err: any) {\n logger.error(err);\n\n throw new Error(`${keyId} is not a valid Key Vault key ID`);\n }\n }\n\n // The remote client supports all algorithms and all operations.\n isSupported(_algorithm: string, _operation: CryptographyProviderOperation): boolean {\n return true;\n }\n\n encrypt(\n encryptParameters: EncryptParameters,\n options: EncryptOptions = {},\n ): Promise<EncryptResult> {\n const { algorithm, plaintext, ...params } = encryptParameters;\n const requestOptions = { ...options, ...params };\n\n return tracingClient.withSpan(\n \"RemoteCryptographyProvider.encrypt\",\n requestOptions,\n async (updatedOptions) => {\n const result = await this.client.encrypt(\n this.name,\n this.version,\n {\n algorithm,\n value: plaintext,\n aad:\n \"additionalAuthenticatedData\" in encryptParameters\n ? encryptParameters.additionalAuthenticatedData\n : undefined,\n iv: \"iv\" in encryptParameters ? encryptParameters.iv : undefined,\n },\n updatedOptions,\n );\n\n return {\n algorithm: encryptParameters.algorithm,\n result: result.result!,\n keyID: this.getKeyID(),\n additionalAuthenticatedData: result.additionalAuthenticatedData,\n authenticationTag: result.authenticationTag,\n iv: result.iv,\n };\n },\n );\n }\n\n decrypt(\n decryptParameters: DecryptParameters,\n options: DecryptOptions = {},\n ): Promise<DecryptResult> {\n const { algorithm, ciphertext, ...params } = decryptParameters;\n const requestOptions = { ...options, ...params };\n\n return tracingClient.withSpan(\n \"RemoteCryptographyProvider.decrypt\",\n requestOptions,\n async (updatedOptions) => {\n const result = await this.client.decrypt(\n this.name,\n this.version,\n {\n algorithm,\n value: ciphertext,\n aad:\n \"additionalAuthenticatedData\" in decryptParameters\n ? decryptParameters.additionalAuthenticatedData\n : undefined,\n iv: \"iv\" in decryptParameters ? decryptParameters.iv : undefined,\n tag:\n \"authenticationTag\" in decryptParameters\n ? decryptParameters.authenticationTag\n : undefined,\n },\n updatedOptions,\n );\n return {\n result: result.result!,\n keyID: this.getKeyID(),\n algorithm,\n };\n },\n );\n }\n\n wrapKey(\n algorithm: KeyWrapAlgorithm,\n keyToWrap: Uint8Array,\n options: WrapKeyOptions = {},\n ): Promise<WrapResult> {\n return tracingClient.withSpan(\n \"RemoteCryptographyProvider.wrapKey\",\n options,\n async (updatedOptions) => {\n const result = await this.client.wrapKey(\n this.name,\n this.version,\n {\n algorithm,\n value: keyToWrap,\n },\n updatedOptions,\n );\n\n return {\n result: result.result!,\n algorithm,\n keyID: this.getKeyID(),\n };\n },\n );\n }\n\n unwrapKey(\n algorithm: KeyWrapAlgorithm,\n encryptedKey: Uint8Array,\n options: UnwrapKeyOptions = {},\n ): Promise<UnwrapResult> {\n return tracingClient.withSpan(\n \"RemoteCryptographyProvider.unwrapKey\",\n options,\n async (updatedOptions) => {\n const result = await this.client.unwrapKey(\n this.name,\n this.version,\n {\n algorithm,\n value: encryptedKey,\n },\n updatedOptions,\n );\n\n return {\n result: result.result!,\n algorithm,\n keyID: this.getKeyID(),\n };\n },\n );\n }\n\n sign(algorithm: string, digest: Uint8Array, options: SignOptions = {}): Promise<SignResult> {\n return tracingClient.withSpan(\n \"RemoteCryptographyProvider.sign\",\n options,\n async (updatedOptions) => {\n const result = await this.client.sign(\n this.name,\n this.version,\n {\n algorithm,\n value: digest,\n },\n updatedOptions,\n );\n\n return { result: result.result!, algorithm, keyID: this.getKeyID() };\n },\n );\n }\n\n verifyData(\n algorithm: string,\n data: Uint8Array,\n signature: Uint8Array,\n options: VerifyOptions = {},\n ): Promise<VerifyResult> {\n return tracingClient.withSpan(\n \"RemoteCryptographyProvider.verifyData\",\n options,\n async (updatedOptions) => {\n const hash = await createHash(algorithm, data);\n return this.verify(algorithm, hash, signature, updatedOptions);\n },\n );\n }\n\n verify(\n algorithm: string,\n digest: Uint8Array,\n signature: Uint8Array,\n options: VerifyOptions = {},\n ): Promise<VerifyResult> {\n return tracingClient.withSpan(\n \"RemoteCryptographyProvider.verify\",\n options,\n async (updatedOptions) => {\n const response = await this.client.verify(\n this.name,\n this.version,\n {\n algorithm,\n digest,\n signature,\n },\n updatedOptions,\n );\n return {\n result: response.value ? response.value : false,\n keyID: this.getKeyID(),\n };\n },\n );\n }\n\n signData(algorithm: string, data: Uint8Array, options: SignOptions = {}): Promise<SignResult> {\n return tracingClient.withSpan(\n \"RemoteCryptographyProvider.signData\",\n options,\n async (updatedOptions) => {\n const digest = await createHash(algorithm, data);\n const result = await this.client.sign(\n this.name,\n this.version,\n {\n algorithm,\n value: digest,\n },\n updatedOptions,\n );\n return { result: result.result!, algorithm, keyID: this.getKeyID() };\n },\n );\n }\n\n /**\n * The base URL to the vault.\n */\n readonly vaultUrl: string;\n\n /**\n * The ID of the key used to perform cryptographic operations for the client.\n */\n get keyId(): string | undefined {\n return this.getKeyID();\n }\n\n /**\n * Gets the {@link KeyVaultKey} used for cryptography operations, fetching it\n * from KeyVault if necessary.\n * @param options - Additional options.\n */\n getKey(options: GetKeyOptions = {}): Promise<KeyVaultKey> {\n return tracingClient.withSpan(\n \"RemoteCryptographyProvider.getKey\",\n options,\n async (updatedOptions) => {\n if (typeof this.key === \"string\") {\n if (!this.name || this.name === \"\") {\n throw new Error(\"getKey requires a key with a name\");\n }\n const response = await this.client.getKey(\n this.name,\n options && options.version ? options.version : this.version ? this.version : \"\",\n updatedOptions,\n );\n this.key = getKeyFromKeyBundle(response);\n }\n return this.key;\n },\n );\n }\n\n /**\n * A reference to the auto-generated KeyVault HTTP client.\n */\n private client: KeyVaultClient;\n\n /**\n * A reference to the key used for the cryptographic operations.\n * Based on what was provided to the CryptographyClient constructor,\n * it can be either a string with the URL of a Key Vault Key, or an already parsed {@link KeyVaultKey}.\n */\n private key: string | KeyVaultKey;\n\n /**\n * Name of the key the client represents\n */\n private name: string;\n\n /**\n * Version of the key the client represents\n */\n private version: string;\n\n /**\n * Attempts to retrieve the ID of the key.\n */\n private getKeyID(): string | undefined {\n let kid;\n if (typeof this.key !== \"string\") {\n kid = this.key.id;\n } else {\n kid = this.key;\n }\n\n return kid;\n }\n}\n\n/**\n * A helper method to either get the passed down generated client or initialize a new one.\n * An already constructed generated client may be passed down from {@link KeyClient} in which case we should reuse it.\n *\n * @internal\n * @param credential - The credential to use when initializing a new client.\n * @param options - The options for constructing a client or the underlying client if one already exists.\n * @returns - A generated client instance\n */\nfunction getOrInitializeClient(\n vaultUrl: string,\n credential: TokenCredential,\n options: CryptographyClientOptions & { generatedClient?: KeyVaultClient },\n): KeyVaultClient {\n if (options.generatedClient) {\n return options.generatedClient;\n }\n\n const libInfo = `azsdk-js-keyvault-keys/${SDK_VERSION}`;\n\n const userAgentOptions = options.userAgentOptions;\n\n options.userAgentOptions = {\n userAgentPrefix:\n userAgentOptions && userAgentOptions.userAgentPrefix\n ? `${userAgentOptions.userAgentPrefix} ${libInfo}`\n : libInfo,\n };\n\n const internalPipelineOptions: KeyVaultClientOptionalParams = {\n ...options,\n apiVersion: options.serviceVersion || LATEST_API_VERSION,\n loggingOptions: {\n logger: logger.info,\n additionalAllowedHeaderNames: [\n \"x-ms-keyvault-region\",\n \"x-ms-keyvault-network-info\",\n \"x-ms-keyvault-service-version\",\n ],\n },\n };\n\n const client = new KeyVaultClient(vaultUrl, credential, internalPipelineOptions);\n\n client.pipeline.removePolicy({ name: bearerTokenAuthenticationPolicyName });\n client.pipeline.addPolicy(keyVaultAuthenticationPolicy(credential, options));\n // Workaround for: https://github.com/Azure/azure-sdk-for-js/issues/31843\n client.pipeline.addPolicy({\n name: \"ContentTypePolicy\",\n sendRequest(request, next) {\n const contentType = request.headers.get(\"Content-Type\") ?? \"\";\n if (contentType.startsWith(\"application/json\")) {\n request.headers.set(\"Content-Type\", \"application/json\");\n }\n return next(request);\n },\n });\n\n return client;\n}\n"]}
1
+ {"version":3,"file":"remoteCryptographyProvider.js","sourceRoot":"","sources":["../../../src/cryptography/remoteCryptographyProvider.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC;;;AAoBlC,kDAA8C;AAG9C,4DAAsD;AACtD,oDAA8D;AAE9D,oDAAsD;AACtD,8DAA4D;AAC5D,2CAAyC;AAEzC,4CAAsC;AACtC,4DAAsE;AACtE,8CAA8C;AAC9C,kEAAgF;AAEhF;;;GAGG;AACH,MAAa,0BAA0B;IACrC,YACE,GAAyB,EACzB,UAA2B,EAC3B,kBAA6C,EAAE;QAE/C,IAAI,CAAC,GAAG,GAAG,GAAG,CAAC;QAEf,IAAI,KAAa,CAAC;QAClB,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YAC5B,KAAK,GAAG,GAAG,CAAC;QACd,CAAC;aAAM,CAAC;YACN,KAAK,GAAG,GAAG,CAAC,EAAG,CAAC;QAClB,CAAC;QAED,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,IAAA,0CAA0B,EAAC,KAAK,CAAC,CAAC;YACjD,IAAI,MAAM,CAAC,IAAI,KAAK,EAAE,EAAE,CAAC;gBACvB,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;YAC7D,CAAC;YAED,IAAI,CAAC,MAAM,CAAC,QAAQ,IAAI,MAAM,CAAC,QAAQ,KAAK,EAAE,EAAE,CAAC;gBAC/C,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;YACjE,CAAC;YAED,IAAI,CAAC,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC;YAChC,IAAI,CAAC,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC;YACxB,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC,OAAO,IAAI,EAAE,CAAC;YAEpC,IAAI,CAAC,MAAM,GAAG,qBAAqB,CAAC,IAAI,CAAC,QAAQ,EAAE,UAAU,EAAE,eAAe,CAAC,CAAC;QAClF,CAAC;QAAC,OAAO,GAAQ,EAAE,CAAC;YAClB,kBAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAElB,MAAM,IAAI,KAAK,CAAC,GAAG,KAAK,kCAAkC,CAAC,CAAC;QAC9D,CAAC;IACH,CAAC;IAED,gEAAgE;IAChE,WAAW,CAAC,UAAkB,EAAE,UAAyC;QACvE,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,CACL,iBAAoC,EACpC,UAA0B,EAAE;QAE5B,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,GAAG,MAAM,EAAE,GAAG,iBAAiB,CAAC;QAC9D,MAAM,cAAc,GAAG,EAAE,GAAG,OAAO,EAAE,GAAG,MAAM,EAAE,CAAC;QAEjD,OAAO,0BAAa,CAAC,QAAQ,CAC3B,oCAAoC,EACpC,cAAc,EACd,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CACtC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,OAAO,EACZ;gBACE,SAAS;gBACT,KAAK,EAAE,SAAS;gBAChB,GAAG,EACD,6BAA6B,IAAI,iBAAiB;oBAChD,CAAC,CAAC,iBAAiB,CAAC,2BAA2B;oBAC/C,CAAC,CAAC,SAAS;gBACf,EAAE,EAAE,IAAI,IAAI,iBAAiB,CAAC,CAAC,CAAC,iBAAiB,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS;aACjE,EACD,cAAc,CACf,CAAC;YAEF,OAAO;gBACL,SAAS,EAAE,iBAAiB,CAAC,SAAS;gBACtC,MAAM,EAAE,MAAM,CAAC,MAAO;gBACtB,KAAK,EAAE,IAAI,CAAC,QAAQ,EAAE;gBACtB,2BAA2B,EAAE,MAAM,CAAC,2BAA2B;gBAC/D,iBAAiB,EAAE,MAAM,CAAC,iBAAiB;gBAC3C,EAAE,EAAE,MAAM,CAAC,EAAE;aACd,CAAC;QACJ,CAAC,CACF,CAAC;IACJ,CAAC;IAED,OAAO,CACL,iBAAoC,EACpC,UAA0B,EAAE;QAE5B,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,GAAG,MAAM,EAAE,GAAG,iBAAiB,CAAC;QAC/D,MAAM,cAAc,GAAG,EAAE,GAAG,OAAO,EAAE,GAAG,MAAM,EAAE,CAAC;QAEjD,OAAO,0BAAa,CAAC,QAAQ,CAC3B,oCAAoC,EACpC,cAAc,EACd,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CACtC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,OAAO,EACZ;gBACE,SAAS;gBACT,KAAK,EAAE,UAAU;gBACjB,GAAG,EACD,6BAA6B,IAAI,iBAAiB;oBAChD,CAAC,CAAC,iBAAiB,CAAC,2BAA2B;oBAC/C,CAAC,CAAC,SAAS;gBACf,EAAE,EAAE,IAAI,IAAI,iBAAiB,CAAC,CAAC,CAAC,iBAAiB,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS;gBAChE,GAAG,EACD,mBAAmB,IAAI,iBAAiB;oBACtC,CAAC,CAAC,iBAAiB,CAAC,iBAAiB;oBACrC,CAAC,CAAC,SAAS;aAChB,EACD,cAAc,CACf,CAAC;YACF,OAAO;gBACL,MAAM,EAAE,MAAM,CAAC,MAAO;gBACtB,KAAK,EAAE,IAAI,CAAC,QAAQ,EAAE;gBACtB,SAAS;aACV,CAAC;QACJ,CAAC,CACF,CAAC;IACJ,CAAC;IAED,OAAO,CACL,SAA2B,EAC3B,SAAqB,EACrB,UAA0B,EAAE;QAE5B,OAAO,0BAAa,CAAC,QAAQ,CAC3B,oCAAoC,EACpC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CACtC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,OAAO,EACZ;gBACE,SAAS;gBACT,KAAK,EAAE,SAAS;aACjB,EACD,cAAc,CACf,CAAC;YAEF,OAAO;gBACL,MAAM,EAAE,MAAM,CAAC,MAAO;gBACtB,SAAS;gBACT,KAAK,EAAE,IAAI,CAAC,QAAQ,EAAE;aACvB,CAAC;QACJ,CAAC,CACF,CAAC;IACJ,CAAC;IAED,SAAS,CACP,SAA2B,EAC3B,YAAwB,EACxB,UAA4B,EAAE;QAE9B,OAAO,0BAAa,CAAC,QAAQ,CAC3B,sCAAsC,EACtC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,SAAS,CACxC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,OAAO,EACZ;gBACE,SAAS;gBACT,KAAK,EAAE,YAAY;aACpB,EACD,cAAc,CACf,CAAC;YAEF,OAAO;gBACL,MAAM,EAAE,MAAM,CAAC,MAAO;gBACtB,SAAS;gBACT,KAAK,EAAE,IAAI,CAAC,QAAQ,EAAE;aACvB,CAAC;QACJ,CAAC,CACF,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,SAAiB,EAAE,MAAkB,EAAE,UAAuB,EAAE;QACnE,OAAO,0BAAa,CAAC,QAAQ,CAC3B,iCAAiC,EACjC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CACnC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,OAAO,EACZ;gBACE,SAAS;gBACT,KAAK,EAAE,MAAM;aACd,EACD,cAAc,CACf,CAAC;YAEF,OAAO,EAAE,MAAM,EAAE,MAAM,CAAC,MAAO,EAAE,SAAS,EAAE,KAAK,EAAE,IAAI,CAAC,QAAQ,EAAE,EAAE,CAAC;QACvE,CAAC,CACF,CAAC;IACJ,CAAC;IAED,UAAU,CACR,SAAiB,EACjB,IAAgB,EAChB,SAAqB,EACrB,UAAyB,EAAE;QAE3B,OAAO,0BAAa,CAAC,QAAQ,CAC3B,uCAAuC,EACvC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,MAAM,IAAI,GAAG,MAAM,IAAA,sBAAU,EAAC,SAAS,EAAE,IAAI,CAAC,CAAC;YAC/C,OAAO,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,EAAE,SAAS,EAAE,cAAc,CAAC,CAAC;QACjE,CAAC,CACF,CAAC;IACJ,CAAC;IAED,MAAM,CACJ,SAAiB,EACjB,MAAkB,EAClB,SAAqB,EACrB,UAAyB,EAAE;QAE3B,OAAO,0BAAa,CAAC,QAAQ,CAC3B,mCAAmC,EACnC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CACvC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,OAAO,EACZ;gBACE,SAAS;gBACT,MAAM;gBACN,SAAS;aACV,EACD,cAAc,CACf,CAAC;YACF,OAAO;gBACL,MAAM,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK;gBAC/C,KAAK,EAAE,IAAI,CAAC,QAAQ,EAAE;aACvB,CAAC;QACJ,CAAC,CACF,CAAC;IACJ,CAAC;IAED,QAAQ,CAAC,SAAiB,EAAE,IAAgB,EAAE,UAAuB,EAAE;QACrE,OAAO,0BAAa,CAAC,QAAQ,CAC3B,qCAAqC,EACrC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,MAAM,MAAM,GAAG,MAAM,IAAA,sBAAU,EAAC,SAAS,EAAE,IAAI,CAAC,CAAC;YACjD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CACnC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,OAAO,EACZ;gBACE,SAAS;gBACT,KAAK,EAAE,MAAM;aACd,EACD,cAAc,CACf,CAAC;YACF,OAAO,EAAE,MAAM,EAAE,MAAM,CAAC,MAAO,EAAE,SAAS,EAAE,KAAK,EAAE,IAAI,CAAC,QAAQ,EAAE,EAAE,CAAC;QACvE,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;OAEG;IACM,QAAQ,CAAS;IAE1B;;OAEG;IACH,IAAI,KAAK;QACP,OAAO,IAAI,CAAC,QAAQ,EAAE,CAAC;IACzB,CAAC;IAED;;;;OAIG;IACH,MAAM,CAAC,UAAyB,EAAE;QAChC,OAAO,0BAAa,CAAC,QAAQ,CAC3B,mCAAmC,EACnC,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,IAAI,OAAO,IAAI,CAAC,GAAG,KAAK,QAAQ,EAAE,CAAC;gBACjC,IAAI,CAAC,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,IAAI,KAAK,EAAE,EAAE,CAAC;oBACnC,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;gBACvD,CAAC;gBACD,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CACvC,IAAI,CAAC,IAAI,EACT,OAAO,IAAI,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAC/E,cAAc,CACf,CAAC;gBACF,IAAI,CAAC,GAAG,GAAG,IAAA,wCAAmB,EAAC,QAAQ,CAAC,CAAC;YAC3C,CAAC;YACD,OAAO,IAAI,CAAC,GAAG,CAAC;QAClB,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,MAAM,CAAiB;IAE/B;;;;OAIG;IACK,GAAG,CAAuB;IAElC;;OAEG;IACK,IAAI,CAAS;IAErB;;OAEG;IACK,OAAO,CAAS;IAExB;;OAEG;IACK,QAAQ;QACd,IAAI,GAAG,CAAC;QACR,IAAI,OAAO,IAAI,CAAC,GAAG,KAAK,QAAQ,EAAE,CAAC;YACjC,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;QACpB,CAAC;aAAM,CAAC;YACN,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC;QACjB,CAAC;QAED,OAAO,GAAG,CAAC;IACb,CAAC;CACF;AA3UD,gEA2UC;AAED;;;;;;;;GAQG;AACH,SAAS,qBAAqB,CAC5B,QAAgB,EAChB,UAA2B,EAC3B,OAAyE;IAEzE,IAAI,OAAO,CAAC,eAAe,EAAE,CAAC;QAC5B,OAAO,OAAO,CAAC,eAAe,CAAC;IACjC,CAAC;IAED,MAAM,OAAO,GAAG,0BAA0B,0BAAW,EAAE,CAAC;IAExD,MAAM,gBAAgB,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAElD,OAAO,CAAC,gBAAgB,GAAG;QACzB,eAAe,EACb,gBAAgB,IAAI,gBAAgB,CAAC,eAAe;YAClD,CAAC,CAAC,GAAG,gBAAgB,CAAC,eAAe,IAAI,OAAO,EAAE;YAClD,CAAC,CAAC,OAAO;KACd,CAAC;IAEF,MAAM,uBAAuB,GAAiC;QAC5D,GAAG,OAAO;QACV,UAAU,EAAE,OAAO,CAAC,cAAc,IAAI,kCAAkB;QACxD,cAAc,EAAE;YACd,MAAM,EAAE,kBAAM,CAAC,IAAI;YACnB,4BAA4B,EAAE;gBAC5B,sBAAsB;gBACtB,4BAA4B;gBAC5B,+BAA+B;aAChC;SACF;KACF,CAAC;IAEF,MAAM,MAAM,GAAG,IAAI,kCAAc,CAAC,QAAQ,EAAE,UAAU,EAAE,uBAAuB,CAAC,CAAC;IAEjF,MAAM,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAE,IAAI,EAAE,wDAAmC,EAAE,CAAC,CAAC;IAC5E,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAA,8CAA4B,EAAC,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC;IAC7E,yEAAyE;IACzE,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC;QACxB,IAAI,EAAE,mBAAmB;QACzB,WAAW,CAAC,OAAO,EAAE,IAAI;YACvB,MAAM,WAAW,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,EAAE,CAAC;YAC9D,IAAI,WAAW,CAAC,UAAU,CAAC,kBAAkB,CAAC,EAAE,CAAC;gBAC/C,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC;YAC1D,CAAC;YACD,OAAO,IAAI,CAAC,OAAO,CAAC,CAAC;QACvB,CAAC;KACF,CAAC,CAAC;IAEH,OAAO,MAAM,CAAC;AAChB,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { TokenCredential } from \"@azure/core-auth\";\n\nimport type {\n DecryptOptions,\n DecryptParameters,\n DecryptResult,\n EncryptOptions,\n EncryptParameters,\n EncryptResult,\n KeyWrapAlgorithm,\n SignOptions,\n SignResult,\n UnwrapKeyOptions,\n VerifyOptions,\n VerifyResult,\n WrapKeyOptions,\n WrapResult,\n} from \"../cryptographyClientModels.js\";\nimport { SDK_VERSION } from \"../constants.js\";\nimport type { UnwrapResult } from \"../cryptographyClientModels.js\";\nimport type { KeyVaultClientOptionalParams } from \"../keyVaultClient.js\";\nimport { KeyVaultClient } from \"../keyVaultClient.js\";\nimport { parseKeyVaultKeyIdentifier } from \"../identifier.js\";\nimport type { CryptographyClientOptions, GetKeyOptions, KeyVaultKey } from \"../keysModels.js\";\nimport { LATEST_API_VERSION } from \"../keysModels.js\";\nimport { getKeyFromKeyBundle } from \"../transformations.js\";\nimport { createHash } from \"./crypto.js\";\nimport type { CryptographyProvider, CryptographyProviderOperation } from \"./models.js\";\nimport { logger } from \"../logger.js\";\nimport { keyVaultAuthenticationPolicy } from \"@azure/keyvault-common\";\nimport { tracingClient } from \"../tracing.js\";\nimport { bearerTokenAuthenticationPolicyName } from \"@azure/core-rest-pipeline\";\n\n/**\n * The remote cryptography provider is used to run crypto operations against KeyVault.\n * @internal\n */\nexport class RemoteCryptographyProvider implements CryptographyProvider {\n constructor(\n key: string | KeyVaultKey,\n credential: TokenCredential,\n pipelineOptions: CryptographyClientOptions = {},\n ) {\n this.key = key;\n\n let keyId: string;\n if (typeof key === \"string\") {\n keyId = key;\n } else {\n keyId = key.id!;\n }\n\n try {\n const parsed = parseKeyVaultKeyIdentifier(keyId);\n if (parsed.name === \"\") {\n throw new Error(\"Could not find 'name' of key in key URL\");\n }\n\n if (!parsed.vaultUrl || parsed.vaultUrl === \"\") {\n throw new Error(\"Could not find 'vaultUrl' of key in key URL\");\n }\n\n this.vaultUrl = parsed.vaultUrl;\n this.name = parsed.name;\n this.version = parsed.version ?? \"\";\n\n this.client = getOrInitializeClient(this.vaultUrl, credential, pipelineOptions);\n } catch (err: any) {\n logger.error(err);\n\n throw new Error(`${keyId} is not a valid Key Vault key ID`);\n }\n }\n\n // The remote client supports all algorithms and all operations.\n isSupported(_algorithm: string, _operation: CryptographyProviderOperation): boolean {\n return true;\n }\n\n encrypt(\n encryptParameters: EncryptParameters,\n options: EncryptOptions = {},\n ): Promise<EncryptResult> {\n const { algorithm, plaintext, ...params } = encryptParameters;\n const requestOptions = { ...options, ...params };\n\n return tracingClient.withSpan(\n \"RemoteCryptographyProvider.encrypt\",\n requestOptions,\n async (updatedOptions) => {\n const result = await this.client.encrypt(\n this.name,\n this.version,\n {\n algorithm,\n value: plaintext,\n aad:\n \"additionalAuthenticatedData\" in encryptParameters\n ? encryptParameters.additionalAuthenticatedData\n : undefined,\n iv: \"iv\" in encryptParameters ? encryptParameters.iv : undefined,\n },\n updatedOptions,\n );\n\n return {\n algorithm: encryptParameters.algorithm,\n result: result.result!,\n keyID: this.getKeyID(),\n additionalAuthenticatedData: result.additionalAuthenticatedData,\n authenticationTag: result.authenticationTag,\n iv: result.iv,\n };\n },\n );\n }\n\n decrypt(\n decryptParameters: DecryptParameters,\n options: DecryptOptions = {},\n ): Promise<DecryptResult> {\n const { algorithm, ciphertext, ...params } = decryptParameters;\n const requestOptions = { ...options, ...params };\n\n return tracingClient.withSpan(\n \"RemoteCryptographyProvider.decrypt\",\n requestOptions,\n async (updatedOptions) => {\n const result = await this.client.decrypt(\n this.name,\n this.version,\n {\n algorithm,\n value: ciphertext,\n aad:\n \"additionalAuthenticatedData\" in decryptParameters\n ? decryptParameters.additionalAuthenticatedData\n : undefined,\n iv: \"iv\" in decryptParameters ? decryptParameters.iv : undefined,\n tag:\n \"authenticationTag\" in decryptParameters\n ? decryptParameters.authenticationTag\n : undefined,\n },\n updatedOptions,\n );\n return {\n result: result.result!,\n keyID: this.getKeyID(),\n algorithm,\n };\n },\n );\n }\n\n wrapKey(\n algorithm: KeyWrapAlgorithm,\n keyToWrap: Uint8Array,\n options: WrapKeyOptions = {},\n ): Promise<WrapResult> {\n return tracingClient.withSpan(\n \"RemoteCryptographyProvider.wrapKey\",\n options,\n async (updatedOptions) => {\n const result = await this.client.wrapKey(\n this.name,\n this.version,\n {\n algorithm,\n value: keyToWrap,\n },\n updatedOptions,\n );\n\n return {\n result: result.result!,\n algorithm,\n keyID: this.getKeyID(),\n };\n },\n );\n }\n\n unwrapKey(\n algorithm: KeyWrapAlgorithm,\n encryptedKey: Uint8Array,\n options: UnwrapKeyOptions = {},\n ): Promise<UnwrapResult> {\n return tracingClient.withSpan(\n \"RemoteCryptographyProvider.unwrapKey\",\n options,\n async (updatedOptions) => {\n const result = await this.client.unwrapKey(\n this.name,\n this.version,\n {\n algorithm,\n value: encryptedKey,\n },\n updatedOptions,\n );\n\n return {\n result: result.result!,\n algorithm,\n keyID: this.getKeyID(),\n };\n },\n );\n }\n\n sign(algorithm: string, digest: Uint8Array, options: SignOptions = {}): Promise<SignResult> {\n return tracingClient.withSpan(\n \"RemoteCryptographyProvider.sign\",\n options,\n async (updatedOptions) => {\n const result = await this.client.sign(\n this.name,\n this.version,\n {\n algorithm,\n value: digest,\n },\n updatedOptions,\n );\n\n return { result: result.result!, algorithm, keyID: this.getKeyID() };\n },\n );\n }\n\n verifyData(\n algorithm: string,\n data: Uint8Array,\n signature: Uint8Array,\n options: VerifyOptions = {},\n ): Promise<VerifyResult> {\n return tracingClient.withSpan(\n \"RemoteCryptographyProvider.verifyData\",\n options,\n async (updatedOptions) => {\n const hash = await createHash(algorithm, data);\n return this.verify(algorithm, hash, signature, updatedOptions);\n },\n );\n }\n\n verify(\n algorithm: string,\n digest: Uint8Array,\n signature: Uint8Array,\n options: VerifyOptions = {},\n ): Promise<VerifyResult> {\n return tracingClient.withSpan(\n \"RemoteCryptographyProvider.verify\",\n options,\n async (updatedOptions) => {\n const response = await this.client.verify(\n this.name,\n this.version,\n {\n algorithm,\n digest,\n signature,\n },\n updatedOptions,\n );\n return {\n result: response.value ? response.value : false,\n keyID: this.getKeyID(),\n };\n },\n );\n }\n\n signData(algorithm: string, data: Uint8Array, options: SignOptions = {}): Promise<SignResult> {\n return tracingClient.withSpan(\n \"RemoteCryptographyProvider.signData\",\n options,\n async (updatedOptions) => {\n const digest = await createHash(algorithm, data);\n const result = await this.client.sign(\n this.name,\n this.version,\n {\n algorithm,\n value: digest,\n },\n updatedOptions,\n );\n return { result: result.result!, algorithm, keyID: this.getKeyID() };\n },\n );\n }\n\n /**\n * The base URL to the vault.\n */\n readonly vaultUrl: string;\n\n /**\n * The ID of the key used to perform cryptographic operations for the client.\n */\n get keyId(): string | undefined {\n return this.getKeyID();\n }\n\n /**\n * Gets the {@link KeyVaultKey} used for cryptography operations, fetching it\n * from KeyVault if necessary.\n * @param options - Additional options.\n */\n getKey(options: GetKeyOptions = {}): Promise<KeyVaultKey> {\n return tracingClient.withSpan(\n \"RemoteCryptographyProvider.getKey\",\n options,\n async (updatedOptions) => {\n if (typeof this.key === \"string\") {\n if (!this.name || this.name === \"\") {\n throw new Error(\"getKey requires a key with a name\");\n }\n const response = await this.client.getKey(\n this.name,\n options && options.version ? options.version : this.version ? this.version : \"\",\n updatedOptions,\n );\n this.key = getKeyFromKeyBundle(response);\n }\n return this.key;\n },\n );\n }\n\n /**\n * A reference to the auto-generated KeyVault HTTP client.\n */\n private client: KeyVaultClient;\n\n /**\n * A reference to the key used for the cryptographic operations.\n * Based on what was provided to the CryptographyClient constructor,\n * it can be either a string with the URL of a Key Vault Key, or an already parsed {@link KeyVaultKey}.\n */\n private key: string | KeyVaultKey;\n\n /**\n * Name of the key the client represents\n */\n private name: string;\n\n /**\n * Version of the key the client represents\n */\n private version: string;\n\n /**\n * Attempts to retrieve the ID of the key.\n */\n private getKeyID(): string | undefined {\n let kid;\n if (typeof this.key !== \"string\") {\n kid = this.key.id;\n } else {\n kid = this.key;\n }\n\n return kid;\n }\n}\n\n/**\n * A helper method to either get the passed down generated client or initialize a new one.\n * An already constructed generated client may be passed down from {@link KeyClient} in which case we should reuse it.\n *\n * @internal\n * @param credential - The credential to use when initializing a new client.\n * @param options - The options for constructing a client or the underlying client if one already exists.\n * @returns - A generated client instance\n */\nfunction getOrInitializeClient(\n vaultUrl: string,\n credential: TokenCredential,\n options: CryptographyClientOptions & { generatedClient?: KeyVaultClient },\n): KeyVaultClient {\n if (options.generatedClient) {\n return options.generatedClient;\n }\n\n const libInfo = `azsdk-js-keyvault-keys/${SDK_VERSION}`;\n\n const userAgentOptions = options.userAgentOptions;\n\n options.userAgentOptions = {\n userAgentPrefix:\n userAgentOptions && userAgentOptions.userAgentPrefix\n ? `${userAgentOptions.userAgentPrefix} ${libInfo}`\n : libInfo,\n };\n\n const internalPipelineOptions: KeyVaultClientOptionalParams = {\n ...options,\n apiVersion: options.serviceVersion || LATEST_API_VERSION,\n loggingOptions: {\n logger: logger.info,\n additionalAllowedHeaderNames: [\n \"x-ms-keyvault-region\",\n \"x-ms-keyvault-network-info\",\n \"x-ms-keyvault-service-version\",\n ],\n },\n };\n\n const client = new KeyVaultClient(vaultUrl, credential, internalPipelineOptions);\n\n client.pipeline.removePolicy({ name: bearerTokenAuthenticationPolicyName });\n client.pipeline.addPolicy(keyVaultAuthenticationPolicy(credential, options));\n // Workaround for: https://github.com/Azure/azure-sdk-for-js/issues/31843\n client.pipeline.addPolicy({\n name: \"ContentTypePolicy\",\n sendRequest(request, next) {\n const contentType = request.headers.get(\"Content-Type\") ?? \"\";\n if (contentType.startsWith(\"application/json\")) {\n request.headers.set(\"Content-Type\", \"application/json\");\n }\n return next(request);\n },\n });\n\n return client;\n}\n"]}
package/dist/commonjs/cryptographyClient.js CHANGED
@@ -10,7 +10,7 @@ const rsaCryptographyProvider_js_1 = require("./cryptography/rsaCryptographyProv
10
10
  const aesCryptographyProvider_js_1 = require("./cryptography/aesCryptographyProvider.js");
11
11
  const tracing_js_1 = require("./tracing.js");
12
12
  const core_rest_pipeline_1 = require("@azure/core-rest-pipeline");
13
- const log_js_1 = require("./log.js");
13
+ const logger_js_1 = require("./logger.js");
14
14
  /**
15
15
  * A client used to perform cryptographic operations on an Azure Key vault key
16
16
  * or a local {@link JsonWebKey}.
@@ -469,7 +469,7 @@ class CryptographyClient {
469
469
  if ((0, core_rest_pipeline_1.isRestError)(e) && e.statusCode === 403) {
470
470
  // If we don't have permission to get the key, we'll fall back to using the remote provider.
471
471
  // Marking the key as a remoteOnlyIdentifier will ensure that we don't attempt to fetch the key again.
472
- log_js_1.logger.verbose(`Permission denied to get key ${this.key.value}. Falling back to remote operation.`);
472
+ logger_js_1.logger.verbose(`Permission denied to get key ${this.key.value}. Falling back to remote operation.`);
473
473
  this.key = { kind: "remoteOnlyIdentifier", value: this.key.value };
474
474
  }
475
475
  else {
package/dist/commonjs/cryptographyClient.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"cryptographyClient.js","sourceRoot":"","sources":["../../src/cryptographyClient.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC;;;AAWlC,mDAAqD;AAuBrD,gGAA0F;AAC1F,wDAAuD;AAEvD,0FAAoF;AACpF,0FAAoF;AACpF,6CAA6C;AAC7C,kEAAwD;AACxD,qCAAkC;AAElC;;;GAGG;AACH,MAAa,kBAAkB;IAC7B;;OAEG;IACK,GAAG,CAAwB;IAEnC;;OAEG;IACK,cAAc,CAA8B;IA2DpD;;;;OAIG;IACH,YACE,GAAsC,EACtC,UAA4B,EAC5B,kBAA6C,EAAE;QAE/C,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YAC5B,uCAAuC;YACvC,IAAI,CAAC,GAAG,GAAG;gBACT,IAAI,EAAE,YAAY;gBAClB,KAAK,EAAE,GAAG;aACX,CAAC;YACF,IAAI,CAAC,cAAc,GAAG,IAAI,0DAA0B,CAAC,GAAG,EAAE,UAAW,EAAE,eAAe,CAAC,CAAC;QAC1F,CAAC;aAAM,IAAI,MAAM,IAAI,GAAG,EAAE,CAAC;YACzB,4CAA4C;YAC5C,IAAI,CAAC,GAAG,GAAG;gBACT,IAAI,EAAE,aAAa;gBACnB,KAAK,EAAE,GAAG;aACX,CAAC;YACF,IAAI,CAAC,cAAc,GAAG,IAAI,0DAA0B,CAAC,GAAG,EAAE,UAAW,EAAE,eAAe,CAAC,CAAC;QAC1F,CAAC;aAAM,CAAC;YACN,wCAAwC;YACxC,IAAI,CAAC,GAAG,GAAG;gBACT,IAAI,EAAE,YAAY;gBAClB,KAAK,EAAE,GAAG;aACX,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;OAEG;IACH,IAAI,QAAQ;QACV,OAAO,IAAI,CAAC,cAAc,EAAE,QAAQ,IAAI,EAAE,CAAC;IAC7C,CAAC;IAED;;OAEG;IACH,IAAI,KAAK;QACP,IAAI,IAAI,CAAC,GAAG,CAAC,IAAI,KAAK,YAAY,IAAI,IAAI,CAAC,GAAG,CAAC,IAAI,KAAK,sBAAsB,EAAE,CAAC;YAC/E,OAAO,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC;QACxB,CAAC;aAAM,IAAI,IAAI,CAAC,GAAG,CAAC,IAAI,KAAK,aAAa,EAAE,CAAC;YAC3C,OAAO,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC;QAC3B,CAAC;aAAM,CAAC;YACN,OAAO,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC;QAC5B,CAAC;IACH,CAAC;IAoEM,OAAO,CACZ,GAAG,IAEmD;QAEtD,MAAM,CAAC,UAAU,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC,4BAA4B,CAAC,IAAI,CAAC,CAAC;QACtE,OAAO,0BAAa,CAAC,QAAQ,CAAC,4BAA4B,EAAE,OAAO,EAAE,KAAK,EAAE,cAAc,EAAE,EAAE;YAC5F,IAAI,CAAC,WAAW,CAAC,MAAM,IAAI,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,kCAAkB,CAAC,OAAO,CAAC,CAAC;YAClF,IAAI,CAAC,YAAY,CAAC,UAAU,CAAC,CAAC;YAC9B,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,SAAS,EAAE,UAAU,CAAC,SAAS,EAAE,cAAc,CAAC,CAAC;YACzF,IAAI,CAAC;gBACH,OAAO,QAAQ,CAAC,OAAO,CAAC,UAAU,EAAE,cAAc,CAAC,CAAC;YACtD,CAAC;YAAC,OAAO,KAAU,EAAE,CAAC;gBACpB,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;oBACxB,OAAO,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,UAAU,EAAE,cAAc,CAAC,CAAC;gBACjE,CAAC;gBACD,MAAM,KAAK,CAAC;YACd,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC;IAEO,YAAY,CAAC,UAA6B;QAChD,uFAAuF;QACvF,MAAM,qBAAqB,GAAgC;YACzD,SAAS;YACT,YAAY;YACZ,SAAS;YACT,YAAY;YACZ,SAAS;YACT,YAAY;SACb,CAAC;QAEF,IAAI,UAAU,CAAC,SAAS,IAAI,qBAAqB,EAAE,CAAC;YAClD,IAAI,CAAC;gBACH,MAAM,SAAS,GAAG,UAAqC,CAAC;gBACxD,IAAI,CAAC,SAAS,CAAC,EAAE,EAAE,CAAC;oBAClB,SAAS,CAAC,EAAE,GAAG,IAAA,uBAAW,EAAC,EAAE,CAAC,CAAC;gBACjC,CAAC;YACH,CAAC;YAAC,OAAO,CAAM,EAAE,CAAC;gBAChB,MAAM,IAAI,KAAK,CACb,yCAAyC,UAAU,CAAC,SAAS,yDAAyD,CAAC,CAAC,OAAO,EAAE,CAClI,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED;;;OAGG;IACK,4BAA4B,CAClC,IAAkF;QAElF,IAAI,OAAO,IAAI,CAAC,CAAC,CAAC,KAAK,QAAQ,EAAE,CAAC;YAChC,4CAA4C;YAC5C,OAAO;gBACL;oBACE,SAAS,EAAE,IAAI,CAAC,CAAC,CAAC;oBAClB,SAAS,EAAE,IAAI,CAAC,CAAC,CAAC;iBACE;gBACtB,IAAI,CAAC,CAAC,CAAC,IAAI,EAAE;aACd,CAAC;QACJ,CAAC;aAAM,CAAC;YACN,sEAAsE;YACtE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,EAAE,CAAmB,CAAC,CAAC;QACtD,CAAC;IACH,CAAC;IAqFM,OAAO,CACZ,GAAG,IAEmD;QAEtD,MAAM,CAAC,UAAU,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC,4BAA4B,CAAC,IAAI,CAAC,CAAC;QAEtE,OAAO,0BAAa,CAAC,QAAQ,CAAC,4BAA4B,EAAE,OAAO,EAAE,KAAK,EAAE,cAAc,EAAE,EAAE;YAC5F,IAAI,CAAC,WAAW,CAAC,MAAM,IAAI,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,kCAAkB,CAAC,OAAO,CAAC,CAAC;YAClF,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,SAAS,EAAE,UAAU,CAAC,SAAS,EAAE,cAAc,CAAC,CAAC;YACzF,IAAI,CAAC;gBACH,OAAO,QAAQ,CAAC,OAAO,CAAC,UAAU,EAAE,cAAc,CAAC,CAAC;YACtD,CAAC;YAAC,OAAO,KAAU,EAAE,CAAC;gBACpB,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;oBACxB,OAAO,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,UAAU,EAAE,cAAc,CAAC,CAAC;gBACjE,CAAC;gBACD,MAAM,KAAK,CAAC;YACd,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;;OAGG;IACK,4BAA4B,CAClC,IAAkF;QAElF,IAAI,OAAO,IAAI,CAAC,CAAC,CAAC,KAAK,QAAQ,EAAE,CAAC;YAChC,qDAAqD;YACrD,OAAO;gBACL;oBACE,SAAS,EAAE,IAAI,CAAC,CAAC,CAAC;oBAClB,UAAU,EAAE,IAAI,CAAC,CAAC,CAAC;iBACC;gBACtB,IAAI,CAAC,CAAC,CAAC,IAAI,EAAE;aACd,CAAC;QACJ,CAAC;aAAM,CAAC;YACN,gFAAgF;YAChF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,EAAE,CAAmB,CAAC,CAAC;QACtD,CAAC;IACH,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;;OAwBG;IACI,OAAO,CACZ,SAA2B,EAC3B,GAAe,EACf,UAA0B,EAAE;QAE5B,OAAO,0BAAa,CAAC,QAAQ,CAAC,4BAA4B,EAAE,OAAO,EAAE,KAAK,EAAE,cAAc,EAAE,EAAE;YAC5F,IAAI,CAAC,WAAW,CAAC,MAAM,IAAI,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,kCAAkB,CAAC,OAAO,CAAC,CAAC;YAClF,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,SAAS,EAAE,SAAS,EAAE,cAAc,CAAC,CAAC;YAC9E,IAAI,CAAC;gBACH,OAAO,QAAQ,CAAC,OAAO,CAAC,SAAS,EAAE,GAAG,EAAE,cAAc,CAAC,CAAC;YAC1D,CAAC;YAAC,OAAO,GAAQ,EAAE,CAAC;gBAClB,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;oBACxB,OAAO,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,SAAS,EAAE,GAAG,EAAE,OAAO,CAAC,CAAC;gBAC9D,CAAC;gBACD,MAAM,GAAG,CAAC;YACZ,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;;;;;OA2BG;IACI,SAAS,CACd,SAA2B,EAC3B,YAAwB,EACxB,UAA4B,EAAE;QAE9B,OAAO,0BAAa,CAAC,QAAQ,CAC3B,8BAA8B,EAC9B,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,IAAI,CAAC,WAAW,CAAC,MAAM,IAAI,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,kCAAkB,CAAC,SAAS,CAAC,CAAC;YACpF,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,WAAW,EAAE,SAAS,EAAE,cAAc,CAAC,CAAC;YAChF,IAAI,CAAC;gBACH,OAAO,QAAQ,CAAC,SAAS,CAAC,SAAS,EAAE,YAAY,EAAE,cAAc,CAAC,CAAC;YACrE,CAAC;YAAC,OAAO,GAAQ,EAAE,CAAC;gBAClB,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;oBACxB,OAAO,IAAI,CAAC,cAAc,CAAC,SAAS,CAAC,SAAS,EAAE,YAAY,EAAE,OAAO,CAAC,CAAC;gBACzE,CAAC;gBACD,MAAM,GAAG,CAAC;YACZ,CAAC;QACH,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA+BG;IACI,IAAI,CACT,SAA6B,EAC7B,MAAkB,EAClB,UAAuB,EAAE;QAEzB,OAAO,0BAAa,CAAC,QAAQ,CAAC,yBAAyB,EAAE,OAAO,EAAE,KAAK,EAAE,cAAc,EAAE,EAAE;YACzF,IAAI,CAAC,WAAW,CAAC,MAAM,IAAI,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,kCAAkB,CAAC,IAAI,CAAC,CAAC;YAC/E,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,SAAS,EAAE,cAAc,CAAC,CAAC;YAC3E,IAAI,CAAC;gBACH,OAAO,QAAQ,CAAC,IAAI,CAAC,SAAS,EAAE,MAAM,EAAE,cAAc,CAAC,CAAC;YAC1D,CAAC;YAAC,OAAO,GAAQ,EAAE,CAAC;gBAClB,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;oBACxB,OAAO,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,SAAS,EAAE,MAAM,EAAE,cAAc,CAAC,CAAC;gBACrE,CAAC;gBACD,MAAM,GAAG,CAAC;YACZ,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OAiCG;IACI,MAAM,CACX,SAA6B,EAC7B,MAAkB,EAClB,SAAqB,EACrB,UAAyB,EAAE;QAE3B,OAAO,0BAAa,CAAC,QAAQ,CAAC,2BAA2B,EAAE,OAAO,EAAE,KAAK,EAAE,cAAc,EAAE,EAAE;YAC3F,IAAI,CAAC,WAAW,CAAC,MAAM,IAAI,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,kCAAkB,CAAC,MAAM,CAAC,CAAC;YACjF,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,QAAQ,EAAE,SAAS,EAAE,cAAc,CAAC,CAAC;YAC7E,IAAI,CAAC;gBACH,OAAO,QAAQ,CAAC,MAAM,CAAC,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,cAAc,CAAC,CAAC;YACvE,CAAC;YAAC,OAAO,GAAQ,EAAE,CAAC;gBAClB,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;oBACxB,OAAO,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,cAAc,CAAC,CAAC;gBAClF,CAAC;gBACD,MAAM,GAAG,CAAC;YACZ,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;;OAwBG;IACI,QAAQ,CACb,SAA6B,EAC7B,IAAgB;IAChB,8DAA8D;IAC9D,UAAuB,EAAE;QAEzB,OAAO,0BAAa,CAAC,QAAQ,CAC3B,6BAA6B,EAC7B,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,IAAI,CAAC,WAAW,CAAC,MAAM,IAAI,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,kCAAkB,CAAC,IAAI,CAAC,CAAC;YAC/E,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,UAAU,EAAE,SAAS,EAAE,cAAc,CAAC,CAAC;YAC/E,IAAI,CAAC;gBACH,OAAO,QAAQ,CAAC,QAAQ,CAAC,SAAS,EAAE,IAAI,EAAE,cAAc,CAAC,CAAC;YAC5D,CAAC;YAAC,OAAO,GAAQ,EAAE,CAAC;gBAClB,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;oBACxB,OAAO,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,SAAS,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;gBAChE,CAAC;gBACD,MAAM,GAAG,CAAC;YACZ,CAAC;QACH,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA8BG;IACI,UAAU,CACf,SAA6B,EAC7B,IAAgB,EAChB,SAAqB;IACrB,8DAA8D;IAC9D,UAAyB,EAAE;QAE3B,OAAO,0BAAa,CAAC,QAAQ,CAC3B,+BAA+B,EAC/B,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,IAAI,CAAC,WAAW,CAAC,MAAM,IAAI,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,kCAAkB,CAAC,MAAM,CAAC,CAAC;YACjF,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,YAAY,EAAE,SAAS,EAAE,cAAc,CAAC,CAAC;YACjF,IAAI,CAAC;gBACH,OAAO,QAAQ,CAAC,UAAU,CAAC,SAAS,EAAE,IAAI,EAAE,SAAS,EAAE,cAAc,CAAC,CAAC;YACzE,CAAC;YAAC,OAAO,GAAQ,EAAE,CAAC;gBAClB,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;oBACxB,OAAO,IAAI,CAAC,cAAc,CAAC,UAAU,CAAC,SAAS,EAAE,IAAI,EAAE,SAAS,EAAE,cAAc,CAAC,CAAC;gBACpF,CAAC;gBACD,MAAM,GAAG,CAAC;YACZ,CAAC;QACH,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;OAGG;IACK,KAAK,CAAC,cAAc,CAAC,OAAsB;QACjD,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;QAEzC,QAAQ,GAAG,CAAC,IAAI,EAAE,CAAC;YACjB,KAAK,YAAY;gBACf,OAAO,GAAG,CAAC,KAAK,CAAC;YACnB,KAAK,aAAa;gBAChB,OAAO,GAAG,CAAC,KAAK,CAAC,GAAI,CAAC;YACxB;gBACE,OAAO,SAAS,CAAC;QACrB,CAAC;IACH,CAAC;IAED;;;;OAIG;IACK,KAAK,CAAC,QAAQ,CAA6B,OAAU;QAC3D,IAAI,IAAI,CAAC,GAAG,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;YACnC,0DAA0D;YAC1D,IAAI,GAA4B,CAAC;YACjC,IAAI,CAAC;gBACH,GAAG,GAAG,MAAM,IAAI,CAAC,cAAe,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;YACnD,CAAC;YAAC,OAAO,CAAU,EAAE,CAAC;gBACpB,IAAI,IAAA,gCAAW,EAAC,CAAC,CAAC,IAAI,CAAC,CAAC,UAAU,KAAK,GAAG,EAAE,CAAC;oBAC3C,4FAA4F;oBAC5F,sGAAsG;oBACtG,eAAM,CAAC,OAAO,CACZ,gCAAgC,IAAI,CAAC,GAAG,CAAC,KAAK,qCAAqC,CACpF,CAAC;oBACF,IAAI,CAAC,GAAG,GAAG,EAAE,IAAI,EAAE,sBAAsB,EAAE,KAAK,EAAE,IAAI,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC;gBACrE,CAAC;qBAAM,CAAC;oBACN,MAAM,CAAC,CAAC;gBACV,CAAC;YACH,CAAC;YAED,IAAI,GAAG,EAAE,CAAC;gBACR,IAAI,CAAC,GAAG,GAAG,EAAE,IAAI,EAAE,aAAa,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC;YACjD,CAAC;QACH,CAAC;QAED,OAAO,IAAI,CAAC,GAAG,CAAC;IAClB,CAAC;IAEO,SAAS,CAA0B;IAC3C;;;;;;OAMG;IACK,KAAK,CAAC,WAAW,CACvB,SAAwC,EACxC,SAAiB,EACjB,OAAU;QAEV,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;YACpB,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;YACvD,IAAI,CAAC,SAAS,GAAG,EAAE,CAAC;YAEpB,uCAAuC;YACvC,IAAI,WAAW,EAAE,CAAC;gBAChB,IAAI,CAAC,SAAS,CAAC,IAAI,CACjB,IAAI,oDAAuB,CAAC,WAAW,CAAC,EACxC,IAAI,oDAAuB,CAAC,WAAW,CAAC,CACzC,CAAC;YACJ,CAAC;YAED,2FAA2F;YAC3F,qGAAqG;YACrG,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;gBACxB,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;YAC3C,CAAC;QACH,CAAC;QAED,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC,CAAC;QAEpF,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC3B,MAAM,IAAI,KAAK,CACb,iCAAiC,SAAS,sBAAsB,SAAS,KACvE,IAAI,CAAC,GAAG,CAAC,IAAI,KAAK,YAAY,CAAC,CAAC,CAAC,0BAA0B,CAAC,CAAC,CAAC,EAChE,EAAE,CACH,CAAC;QACJ,CAAC;QAED,uDAAuD;QACvD,OAAO,SAAS,CAAC,CAAC,CAAC,CAAC;IACtB,CAAC;IAEO,WAAW,CAAC,GAA0B,EAAE,SAAwB;QACtE,IAAI,GAAG,CAAC,IAAI,KAAK,aAAa,EAAE,CAAC;YAC/B,MAAM,MAAM,GAAG,GAAG,CAAC,KAAK,CAAC,aAAa,CAAC;YACvC,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,GAAG,GAAG,CAAC,KAAK,CAAC,UAAU,CAAC;YACtD,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;YAEvB,gCAAgC;YAChC,IAAI,SAAS,IAAI,GAAG,GAAG,SAAS,EAAE,CAAC;gBACjC,MAAM,IAAI,KAAK,CAAC,OAAO,GAAG,CAAC,KAAK,CAAC,EAAE,yBAAyB,SAAS,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC;YACzF,CAAC;YAED,IAAI,SAAS,IAAI,GAAG,GAAG,SAAS,EAAE,CAAC;gBACjC,MAAM,IAAI,KAAK,CAAC,OAAO,GAAG,CAAC,KAAK,CAAC,EAAE,eAAe,SAAS,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC;YAC/E,CAAC;YAED,uBAAuB;YACvB,IAAI,SAAS,IAAI,MAAM,IAAI,CAAC,MAAM,EAAE,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;gBACxD,MAAM,IAAI,KAAK,CAAC,aAAa,SAAS,4BAA4B,GAAG,CAAC,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;YACpF,CAAC;QACH,CAAC;aAAM,IAAI,GAAG,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;YACrC,kCAAkC;YAClC,IAAI,SAAS,IAAI,GAAG,CAAC,KAAK,CAAC,MAAM,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;gBAC5E,MAAM,IAAI,KAAK,CAAC,aAAa,SAAS,4BAA4B,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC;YACrF,CAAC;QACH,CAAC;IACH,CAAC;CACF;AAvyBD,gDAuyBC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { OperationOptions } from \"@azure-rest/core-client\";\nimport type { TokenCredential } from \"@azure/core-auth\";\nimport type {\n CryptographyClientOptions,\n GetKeyOptions,\n JsonWebKey,\n KeyOperation,\n KeyVaultKey,\n} from \"./keysModels.js\";\nimport { KnownKeyOperations } from \"./keysModels.js\";\nimport type {\n AesCbcEncryptParameters,\n AesCbcEncryptionAlgorithm,\n CryptographyClientKey,\n DecryptOptions,\n DecryptParameters,\n DecryptResult,\n EncryptOptions,\n EncryptParameters,\n EncryptResult,\n EncryptionAlgorithm,\n KeyWrapAlgorithm,\n SignOptions,\n SignResult,\n SignatureAlgorithm,\n UnwrapKeyOptions,\n UnwrapResult,\n VerifyOptions,\n VerifyResult,\n WrapKeyOptions,\n WrapResult,\n} from \"./cryptographyClientModels.js\";\nimport { RemoteCryptographyProvider } from \"./cryptography/remoteCryptographyProvider.js\";\nimport { randomBytes } from \"./cryptography/crypto.js\";\nimport type { CryptographyProvider, CryptographyProviderOperation } from \"./cryptography/models.js\";\nimport { RsaCryptographyProvider } from \"./cryptography/rsaCryptographyProvider.js\";\nimport { AesCryptographyProvider } from \"./cryptography/aesCryptographyProvider.js\";\nimport { tracingClient } from \"./tracing.js\";\nimport { isRestError } from \"@azure/core-rest-pipeline\";\nimport { logger } from \"./log.js\";\n\n/**\n * A client used to perform cryptographic operations on an Azure Key vault key\n * or a local {@link JsonWebKey}.\n */\nexport class CryptographyClient {\n /**\n * The key the CryptographyClient currently holds.\n */\n private key: CryptographyClientKey;\n\n /**\n * The remote provider, which would be undefined if used in local mode.\n */\n private remoteProvider?: RemoteCryptographyProvider;\n\n /**\n * Constructs a new instance of the Cryptography client for the given key\n *\n * Example usage:\n * ```ts snippet:ReadmeSampleCreateCryptographyClient\n * import { DefaultAzureCredential } from \"@azure/identity\";\n * import { KeyClient, CryptographyClient } from \"@azure/keyvault-keys\";\n *\n * const credential = new DefaultAzureCredential();\n *\n * const vaultName = \"<YOUR KEYVAULT NAME>\";\n * const url = `https://${vaultName}.vault.azure.net`;\n *\n * const client = new KeyClient(url, credential);\n *\n * // Create or retrieve a key from the keyvault\n * const myKey = await client.createKey(\"MyKey\", \"RSA\");\n *\n * // Lastly, create our cryptography client and connect to the service\n * const cryptographyClient = new CryptographyClient(myKey, credential);\n * ```\n * @param key - The key to use during cryptography tasks. You can also pass the identifier of the key i.e its url here.\n * @param credential - An object that implements the `TokenCredential` interface used to authenticate requests to the service. Use the \\@azure/identity package to create a credential that suits your needs.\n * @param pipelineOptions - Pipeline options used to configure Key Vault API requests.\n * Omit this parameter to use the default pipeline configuration.\n */\n constructor(\n key: string | KeyVaultKey,\n credential: TokenCredential,\n pipelineOptions?: CryptographyClientOptions,\n );\n /**\n * Constructs a new instance of the Cryptography client for the given key in local mode.\n *\n * Example usage:\n * ```ts snippet:ReadmeSampleCreateCryptographyClientLocal\n * import { CryptographyClient } from \"@azure/keyvault-keys\";\n *\n * const jsonWebKey = {\n * kty: \"RSA\",\n * kid: \"test-key-123\",\n * use: \"sig\",\n * alg: \"RS256\",\n * n: new Uint8Array([112, 34, 56, 98, 123, 244, 200, 99]),\n * e: new Uint8Array([1, 0, 1]),\n * d: new Uint8Array([45, 67, 89, 23, 144, 200, 76, 233]),\n * p: new Uint8Array([34, 89, 100, 77, 204, 56, 29, 77]),\n * q: new Uint8Array([78, 99, 201, 45, 188, 34, 67, 90]),\n * dp: new Uint8Array([23, 45, 78, 56, 200, 144, 32, 67]),\n * dq: new Uint8Array([12, 67, 89, 144, 99, 56, 23, 45]),\n * qi: new Uint8Array([78, 90, 45, 201, 34, 67, 120, 55]),\n * };\n * const client = new CryptographyClient(jsonWebKey);\n * ```\n * @param key - The JsonWebKey to use during cryptography operations.\n */\n constructor(key: JsonWebKey);\n /**\n * Internal constructor implementation for either local or Key Vault backed keys.\n * @param key - The key to use during cryptography tasks.\n * @param credential - Teh credential to use when constructing a Key Vault Cryptography client.\n */\n constructor(\n key: string | KeyVaultKey | JsonWebKey,\n credential?: TokenCredential,\n pipelineOptions: CryptographyClientOptions = {},\n ) {\n if (typeof key === \"string\") {\n // Key URL for remote-local operations.\n this.key = {\n kind: \"identifier\",\n value: key,\n };\n this.remoteProvider = new RemoteCryptographyProvider(key, credential!, pipelineOptions);\n } else if (\"name\" in key) {\n // KeyVault key for remote-local operations.\n this.key = {\n kind: \"KeyVaultKey\",\n value: key,\n };\n this.remoteProvider = new RemoteCryptographyProvider(key, credential!, pipelineOptions);\n } else {\n // JsonWebKey for local-only operations.\n this.key = {\n kind: \"JsonWebKey\",\n value: key,\n };\n }\n }\n\n /**\n * The base URL to the vault. If a local {@link JsonWebKey} is used vaultUrl will be empty.\n */\n get vaultUrl(): string {\n return this.remoteProvider?.vaultUrl || \"\";\n }\n\n /**\n * The ID of the key used to perform cryptographic operations for the client.\n */\n get keyID(): string | undefined {\n if (this.key.kind === \"identifier\" || this.key.kind === \"remoteOnlyIdentifier\") {\n return this.key.value;\n } else if (this.key.kind === \"KeyVaultKey\") {\n return this.key.value.id;\n } else {\n return this.key.value.kid;\n }\n }\n\n /**\n * Encrypts the given plaintext with the specified encryption parameters.\n * Depending on the algorithm set in the encryption parameters, the set of possible encryption parameters will change.\n *\n * Example usage:\n * ```ts snippet:ReadmeSampleEncrypt\n * import { DefaultAzureCredential } from \"@azure/identity\";\n * import { KeyClient, CryptographyClient } from \"@azure/keyvault-keys\";\n *\n * const credential = new DefaultAzureCredential();\n *\n * const vaultName = \"<YOUR KEYVAULT NAME>\";\n * const url = `https://${vaultName}.vault.azure.net`;\n *\n * const client = new KeyClient(url, credential);\n *\n * const myKey = await client.createKey(\"MyKey\", \"RSA\");\n * const cryptographyClient = new CryptographyClient(myKey.id, credential);\n *\n * const encryptResult = await cryptographyClient.encrypt({\n * algorithm: \"RSA1_5\",\n * plaintext: Buffer.from(\"My Message\"),\n * });\n * console.log(\"encrypt result: \", encryptResult.result);\n * ```\n * @param encryptParameters - The encryption parameters, keyed on the encryption algorithm chosen.\n * @param options - Additional options.\n */\n public encrypt(\n encryptParameters: EncryptParameters,\n options?: EncryptOptions,\n ): Promise<EncryptResult>;\n /**\n * Encrypts the given plaintext with the specified cryptography algorithm\n *\n * Example usage:\n * ```ts snippet:ReadmeSampleEncrypt\n * import { DefaultAzureCredential } from \"@azure/identity\";\n * import { KeyClient, CryptographyClient } from \"@azure/keyvault-keys\";\n *\n * const credential = new DefaultAzureCredential();\n *\n * const vaultName = \"<YOUR KEYVAULT NAME>\";\n * const url = `https://${vaultName}.vault.azure.net`;\n *\n * const client = new KeyClient(url, credential);\n *\n * const myKey = await client.createKey(\"MyKey\", \"RSA\");\n * const cryptographyClient = new CryptographyClient(myKey.id, credential);\n *\n * const encryptResult = await cryptographyClient.encrypt({\n * algorithm: \"RSA1_5\",\n * plaintext: Buffer.from(\"My Message\"),\n * });\n * console.log(\"encrypt result: \", encryptResult.result);\n * ```\n * @param algorithm - The algorithm to use.\n * @param plaintext - The text to encrypt.\n * @param options - Additional options.\n * @deprecated Use `encrypt({ algorithm, plaintext }, options)` instead.\n */\n public encrypt(\n algorithm: EncryptionAlgorithm,\n plaintext: Uint8Array,\n options?: EncryptOptions,\n ): Promise<EncryptResult>;\n public encrypt(\n ...args:\n | [EncryptParameters, EncryptOptions?]\n | [EncryptionAlgorithm, Uint8Array, EncryptOptions?]\n ): Promise<EncryptResult> {\n const [parameters, options] = this.disambiguateEncryptArguments(args);\n return tracingClient.withSpan(\"CryptographyClient.encrypt\", options, async (updatedOptions) => {\n this.ensureValid(await this.fetchKey(updatedOptions), KnownKeyOperations.Encrypt);\n this.initializeIV(parameters);\n const provider = await this.getProvider(\"encrypt\", parameters.algorithm, updatedOptions);\n try {\n return provider.encrypt(parameters, updatedOptions);\n } catch (error: any) {\n if (this.remoteProvider) {\n return this.remoteProvider.encrypt(parameters, updatedOptions);\n }\n throw error;\n }\n });\n }\n\n private initializeIV(parameters: EncryptParameters): void {\n // For AES-GCM the service **must** generate the IV, so we only populate it for AES-CBC\n const algorithmsRequiringIV: AesCbcEncryptionAlgorithm[] = [\n \"A128CBC\",\n \"A128CBCPAD\",\n \"A192CBC\",\n \"A192CBCPAD\",\n \"A256CBC\",\n \"A256CBCPAD\",\n ];\n\n if (parameters.algorithm in algorithmsRequiringIV) {\n try {\n const cbcParams = parameters as AesCbcEncryptParameters;\n if (!cbcParams.iv) {\n cbcParams.iv = randomBytes(16);\n }\n } catch (e: any) {\n throw new Error(\n `Unable to initialize IV for algorithm ${parameters.algorithm}. You may pass a valid IV to avoid this error. Error: ${e.message}`,\n );\n }\n }\n }\n\n /**\n * Standardizes the arguments of multiple overloads into a single shape.\n * @param args - The encrypt arguments\n */\n private disambiguateEncryptArguments(\n args: [EncryptParameters, EncryptOptions?] | [string, Uint8Array, EncryptOptions?],\n ): [EncryptParameters, EncryptOptions] {\n if (typeof args[0] === \"string\") {\n // Sample shape: [\"RSA1_5\", buffer, options]\n return [\n {\n algorithm: args[0],\n plaintext: args[1],\n } as EncryptParameters,\n args[2] || {},\n ];\n } else {\n // Sample shape: [{ algorithm: \"RSA1_5\", plaintext: buffer }, options]\n return [args[0], (args[1] || {}) as EncryptOptions];\n }\n }\n\n /**\n * Decrypts the given ciphertext with the specified decryption parameters.\n * Depending on the algorithm used in the decryption parameters, the set of possible decryption parameters will change.\n *\n * Microsoft recommends you not use CBC without first ensuring the integrity of the ciphertext using, for example, an HMAC. See https://learn.microsoft.com/dotnet/standard/security/vulnerabilities-cbc-mode for more information.\n *\n * Example usage:\n * ```ts snippet:ReadmeSampleDecrypt\n * import { DefaultAzureCredential } from \"@azure/identity\";\n * import { KeyClient, CryptographyClient } from \"@azure/keyvault-keys\";\n *\n * const credential = new DefaultAzureCredential();\n *\n * const vaultName = \"<YOUR KEYVAULT NAME>\";\n * const url = `https://${vaultName}.vault.azure.net`;\n *\n * const client = new KeyClient(url, credential);\n *\n * const myKey = await client.createKey(\"MyKey\", \"RSA\");\n * const cryptographyClient = new CryptographyClient(myKey.id, credential);\n *\n * const encryptResult = await cryptographyClient.encrypt({\n * algorithm: \"RSA1_5\",\n * plaintext: Buffer.from(\"My Message\"),\n * });\n * console.log(\"encrypt result: \", encryptResult.result);\n *\n * const decryptResult = await cryptographyClient.decrypt({\n * algorithm: \"RSA1_5\",\n * ciphertext: encryptResult.result,\n * });\n * console.log(\"decrypt result: \", decryptResult.result.toString());\n * ```\n * @param decryptParameters - The decryption parameters.\n * @param options - Additional options.\n */\n public async decrypt(\n decryptParameters: DecryptParameters,\n options?: DecryptOptions,\n ): Promise<DecryptResult>;\n /**\n * Decrypts the given ciphertext with the specified cryptography algorithm\n *\n * Example usage:\n * ```ts snippet:ReadmeSampleDecrypt\n * import { DefaultAzureCredential } from \"@azure/identity\";\n * import { KeyClient, CryptographyClient } from \"@azure/keyvault-keys\";\n *\n * const credential = new DefaultAzureCredential();\n *\n * const vaultName = \"<YOUR KEYVAULT NAME>\";\n * const url = `https://${vaultName}.vault.azure.net`;\n *\n * const client = new KeyClient(url, credential);\n *\n * const myKey = await client.createKey(\"MyKey\", \"RSA\");\n * const cryptographyClient = new CryptographyClient(myKey.id, credential);\n *\n * const encryptResult = await cryptographyClient.encrypt({\n * algorithm: \"RSA1_5\",\n * plaintext: Buffer.from(\"My Message\"),\n * });\n * console.log(\"encrypt result: \", encryptResult.result);\n *\n * const decryptResult = await cryptographyClient.decrypt({\n * algorithm: \"RSA1_5\",\n * ciphertext: encryptResult.result,\n * });\n * console.log(\"decrypt result: \", decryptResult.result.toString());\n * ```\n *\n * Microsoft recommends you not use CBC without first ensuring the integrity of the ciphertext using, for example, an HMAC. See https://learn.microsoft.com/dotnet/standard/security/vulnerabilities-cbc-mode for more information.\n *\n * @param algorithm - The algorithm to use.\n * @param ciphertext - The text to decrypt.\n * @param options - Additional options.\n * @deprecated Use `decrypt({ algorithm, ciphertext }, options)` instead.\n */\n public decrypt(\n algorithm: EncryptionAlgorithm,\n ciphertext: Uint8Array,\n options?: DecryptOptions,\n ): Promise<DecryptResult>;\n public decrypt(\n ...args:\n | [DecryptParameters, DecryptOptions?]\n | [EncryptionAlgorithm, Uint8Array, DecryptOptions?]\n ): Promise<DecryptResult> {\n const [parameters, options] = this.disambiguateDecryptArguments(args);\n\n return tracingClient.withSpan(\"CryptographyClient.decrypt\", options, async (updatedOptions) => {\n this.ensureValid(await this.fetchKey(updatedOptions), KnownKeyOperations.Decrypt);\n const provider = await this.getProvider(\"decrypt\", parameters.algorithm, updatedOptions);\n try {\n return provider.decrypt(parameters, updatedOptions);\n } catch (error: any) {\n if (this.remoteProvider) {\n return this.remoteProvider.decrypt(parameters, updatedOptions);\n }\n throw error;\n }\n });\n }\n\n /**\n * Standardizes the arguments of multiple overloads into a single shape.\n * @param args - The decrypt arguments\n */\n private disambiguateDecryptArguments(\n args: [DecryptParameters, DecryptOptions?] | [string, Uint8Array, DecryptOptions?],\n ): [DecryptParameters, DecryptOptions] {\n if (typeof args[0] === \"string\") {\n // Sample shape: [\"RSA1_5\", encryptedBuffer, options]\n return [\n {\n algorithm: args[0],\n ciphertext: args[1],\n } as DecryptParameters,\n args[2] || {},\n ];\n } else {\n // Sample shape: [{ algorithm: \"RSA1_5\", ciphertext: encryptedBuffer }, options]\n return [args[0], (args[1] || {}) as DecryptOptions];\n }\n }\n\n /**\n * Wraps the given key using the specified cryptography algorithm\n *\n * Example usage:\n * ```ts snippet:ReadmeSampleWrapKey\n * import { DefaultAzureCredential } from \"@azure/identity\";\n * import { KeyClient, CryptographyClient } from \"@azure/keyvault-keys\";\n *\n * const credential = new DefaultAzureCredential();\n *\n * const vaultName = \"<YOUR KEYVAULT NAME>\";\n * const url = `https://${vaultName}.vault.azure.net`;\n *\n * const client = new KeyClient(url, credential);\n *\n * const myKey = await client.createKey(\"MyKey\", \"RSA\");\n * const cryptographyClient = new CryptographyClient(myKey, credential);\n *\n * const wrapResult = await cryptographyClient.wrapKey(\"RSA-OAEP\", Buffer.from(\"My Key\"));\n * console.log(\"wrap result:\", wrapResult.result);\n * ```\n * @param algorithm - The encryption algorithm to use to wrap the given key.\n * @param key - The key to wrap.\n * @param options - Additional options.\n */\n public wrapKey(\n algorithm: KeyWrapAlgorithm,\n key: Uint8Array,\n options: WrapKeyOptions = {},\n ): Promise<WrapResult> {\n return tracingClient.withSpan(\"CryptographyClient.wrapKey\", options, async (updatedOptions) => {\n this.ensureValid(await this.fetchKey(updatedOptions), KnownKeyOperations.WrapKey);\n const provider = await this.getProvider(\"wrapKey\", algorithm, updatedOptions);\n try {\n return provider.wrapKey(algorithm, key, updatedOptions);\n } catch (err: any) {\n if (this.remoteProvider) {\n return this.remoteProvider.wrapKey(algorithm, key, options);\n }\n throw err;\n }\n });\n }\n\n /**\n * Unwraps the given wrapped key using the specified cryptography algorithm\n *\n * Example usage:\n * ```ts snippet:ReadmeSampleUnwrapKey\n * import { DefaultAzureCredential } from \"@azure/identity\";\n * import { KeyClient, CryptographyClient } from \"@azure/keyvault-keys\";\n *\n * const credential = new DefaultAzureCredential();\n *\n * const vaultName = \"<YOUR KEYVAULT NAME>\";\n * const url = `https://${vaultName}.vault.azure.net`;\n *\n * const client = new KeyClient(url, credential);\n *\n * const myKey = await client.createKey(\"MyKey\", \"RSA\");\n * const cryptographyClient = new CryptographyClient(myKey, credential);\n *\n * const wrapResult = await cryptographyClient.wrapKey(\"RSA-OAEP\", Buffer.from(\"My Key\"));\n * console.log(\"wrap result:\", wrapResult.result);\n *\n * const unwrapResult = await cryptographyClient.unwrapKey(\"RSA-OAEP\", wrapResult.result);\n * console.log(\"unwrap result: \", unwrapResult.result);\n * ```\n * @param algorithm - The decryption algorithm to use to unwrap the key.\n * @param encryptedKey - The encrypted key to unwrap.\n * @param options - Additional options.\n */\n public unwrapKey(\n algorithm: KeyWrapAlgorithm,\n encryptedKey: Uint8Array,\n options: UnwrapKeyOptions = {},\n ): Promise<UnwrapResult> {\n return tracingClient.withSpan(\n \"CryptographyClient.unwrapKey\",\n options,\n async (updatedOptions) => {\n this.ensureValid(await this.fetchKey(updatedOptions), KnownKeyOperations.UnwrapKey);\n const provider = await this.getProvider(\"unwrapKey\", algorithm, updatedOptions);\n try {\n return provider.unwrapKey(algorithm, encryptedKey, updatedOptions);\n } catch (err: any) {\n if (this.remoteProvider) {\n return this.remoteProvider.unwrapKey(algorithm, encryptedKey, options);\n }\n throw err;\n }\n },\n );\n }\n\n /**\n * Cryptographically sign the digest of a message\n *\n * Example usage:\n * ```ts snippet:ReadmeSampleSign\n * import { DefaultAzureCredential } from \"@azure/identity\";\n * import { KeyClient, CryptographyClient } from \"@azure/keyvault-keys\";\n * import { createHash } from \"node:crypto\";\n *\n * const credential = new DefaultAzureCredential();\n *\n * const vaultName = \"<YOUR KEYVAULT NAME>\";\n * const url = `https://${vaultName}.vault.azure.net`;\n *\n * const client = new KeyClient(url, credential);\n *\n * let myKey = await client.createKey(\"MyKey\", \"RSA\");\n * const cryptographyClient = new CryptographyClient(myKey, credential);\n *\n * const signatureValue = \"MySignature\";\n * const hash = createHash(\"sha256\");\n *\n * const digest = hash.update(signatureValue).digest();\n * console.log(\"digest: \", digest);\n *\n * const signResult = await cryptographyClient.sign(\"RS256\", digest);\n * console.log(\"sign result: \", signResult.result);\n * ```\n * @param algorithm - The signing algorithm to use.\n * @param digest - The digest of the data to sign.\n * @param options - Additional options.\n */\n public sign(\n algorithm: SignatureAlgorithm,\n digest: Uint8Array,\n options: SignOptions = {},\n ): Promise<SignResult> {\n return tracingClient.withSpan(\"CryptographyClient.sign\", options, async (updatedOptions) => {\n this.ensureValid(await this.fetchKey(updatedOptions), KnownKeyOperations.Sign);\n const provider = await this.getProvider(\"sign\", algorithm, updatedOptions);\n try {\n return provider.sign(algorithm, digest, updatedOptions);\n } catch (err: any) {\n if (this.remoteProvider) {\n return this.remoteProvider.sign(algorithm, digest, updatedOptions);\n }\n throw err;\n }\n });\n }\n\n /**\n * Verify the signed message digest\n *\n * Example usage:\n * ```ts snippet:ReadmeSampleVerify\n * import { DefaultAzureCredential } from \"@azure/identity\";\n * import { KeyClient, CryptographyClient } from \"@azure/keyvault-keys\";\n * import { createHash } from \"node:crypto\";\n *\n * const credential = new DefaultAzureCredential();\n *\n * const vaultName = \"<YOUR KEYVAULT NAME>\";\n * const url = `https://${vaultName}.vault.azure.net`;\n *\n * const client = new KeyClient(url, credential);\n *\n * const myKey = await client.createKey(\"MyKey\", \"RSA\");\n * const cryptographyClient = new CryptographyClient(myKey, credential);\n *\n * const hash = createHash(\"sha256\");\n * hash.update(\"My Message\");\n * const digest = hash.digest();\n *\n * const signResult = await cryptographyClient.sign(\"RS256\", digest);\n * console.log(\"sign result: \", signResult.result);\n *\n * const verifyResult = await cryptographyClient.verify(\"RS256\", digest, signResult.result);\n * console.log(\"verify result: \", verifyResult.result);\n * ```\n * @param algorithm - The signing algorithm to use to verify with.\n * @param digest - The digest to verify.\n * @param signature - The signature to verify the digest against.\n * @param options - Additional options.\n */\n public verify(\n algorithm: SignatureAlgorithm,\n digest: Uint8Array,\n signature: Uint8Array,\n options: VerifyOptions = {},\n ): Promise<VerifyResult> {\n return tracingClient.withSpan(\"CryptographyClient.verify\", options, async (updatedOptions) => {\n this.ensureValid(await this.fetchKey(updatedOptions), KnownKeyOperations.Verify);\n const provider = await this.getProvider(\"verify\", algorithm, updatedOptions);\n try {\n return provider.verify(algorithm, digest, signature, updatedOptions);\n } catch (err: any) {\n if (this.remoteProvider) {\n return this.remoteProvider.verify(algorithm, digest, signature, updatedOptions);\n }\n throw err;\n }\n });\n }\n\n /**\n * Cryptographically sign a block of data\n *\n * Example usage:\n * ```ts snippet:ReadmeSampleSignData\n * import { DefaultAzureCredential } from \"@azure/identity\";\n * import { KeyClient, CryptographyClient } from \"@azure/keyvault-keys\";\n *\n * const credential = new DefaultAzureCredential();\n *\n * const vaultName = \"<YOUR KEYVAULT NAME>\";\n * const url = `https://${vaultName}.vault.azure.net`;\n *\n * const client = new KeyClient(url, credential);\n *\n * const myKey = await client.createKey(\"MyKey\", \"RSA\");\n * const cryptographyClient = new CryptographyClient(myKey, credential);\n *\n * const signResult = await cryptographyClient.signData(\"RS256\", Buffer.from(\"My Message\"));\n * console.log(\"sign result: \", signResult.result);\n * ```\n * @param algorithm - The signing algorithm to use.\n * @param data - The data to sign.\n * @param options - Additional options.\n */\n public signData(\n algorithm: SignatureAlgorithm,\n data: Uint8Array,\n // eslint-disable-next-line @azure/azure-sdk/ts-naming-options\n options: SignOptions = {},\n ): Promise<SignResult> {\n return tracingClient.withSpan(\n \"CryptographyClient.signData\",\n options,\n async (updatedOptions) => {\n this.ensureValid(await this.fetchKey(updatedOptions), KnownKeyOperations.Sign);\n const provider = await this.getProvider(\"signData\", algorithm, updatedOptions);\n try {\n return provider.signData(algorithm, data, updatedOptions);\n } catch (err: any) {\n if (this.remoteProvider) {\n return this.remoteProvider.signData(algorithm, data, options);\n }\n throw err;\n }\n },\n );\n }\n\n /**\n * Verify the signed block of data\n *\n * Example usage:\n * ```ts snippet:ReadmeSampleVerifyData\n * import { DefaultAzureCredential } from \"@azure/identity\";\n * import { KeyClient, CryptographyClient } from \"@azure/keyvault-keys\";\n *\n * const credential = new DefaultAzureCredential();\n *\n * const vaultName = \"<YOUR KEYVAULT NAME>\";\n * const url = `https://${vaultName}.vault.azure.net`;\n *\n * const client = new KeyClient(url, credential);\n *\n * const myKey = await client.createKey(\"MyKey\", \"RSA\");\n * const cryptographyClient = new CryptographyClient(myKey, credential);\n *\n * const buffer = Buffer.from(\"My Message\");\n *\n * const signResult = await cryptographyClient.signData(\"RS256\", buffer);\n * console.log(\"sign result: \", signResult.result);\n *\n * const verifyResult = await cryptographyClient.verifyData(\"RS256\", buffer, signResult.result);\n * console.log(\"verify result: \", verifyResult.result);\n * ```\n * @param algorithm - The algorithm to use to verify with.\n * @param data - The signed block of data to verify.\n * @param signature - The signature to verify the block against.\n * @param options - Additional options.\n */\n public verifyData(\n algorithm: SignatureAlgorithm,\n data: Uint8Array,\n signature: Uint8Array,\n // eslint-disable-next-line @azure/azure-sdk/ts-naming-options\n options: VerifyOptions = {},\n ): Promise<VerifyResult> {\n return tracingClient.withSpan(\n \"CryptographyClient.verifyData\",\n options,\n async (updatedOptions) => {\n this.ensureValid(await this.fetchKey(updatedOptions), KnownKeyOperations.Verify);\n const provider = await this.getProvider(\"verifyData\", algorithm, updatedOptions);\n try {\n return provider.verifyData(algorithm, data, signature, updatedOptions);\n } catch (err: any) {\n if (this.remoteProvider) {\n return this.remoteProvider.verifyData(algorithm, data, signature, updatedOptions);\n }\n throw err;\n }\n },\n );\n }\n\n /**\n * Retrieves the {@link JsonWebKey} from the Key Vault, if possible. Returns undefined if the key could not be retrieved due to insufficient permissions.\n * @param options - The additional options.\n */\n private async getKeyMaterial(options: GetKeyOptions): Promise<JsonWebKey | undefined> {\n const key = await this.fetchKey(options);\n\n switch (key.kind) {\n case \"JsonWebKey\":\n return key.value;\n case \"KeyVaultKey\":\n return key.value.key!;\n default:\n return undefined;\n }\n }\n\n /**\n * Returns the underlying key used for cryptographic operations.\n * If needed, attempts to fetch the key from KeyVault and exchanges the ID for the actual key.\n * @param options - The additional options.\n */\n private async fetchKey<T extends OperationOptions>(options: T): Promise<CryptographyClientKey> {\n if (this.key.kind === \"identifier\") {\n // Exchange the identifier with the actual key when needed\n let key: KeyVaultKey | undefined;\n try {\n key = await this.remoteProvider!.getKey(options);\n } catch (e: unknown) {\n if (isRestError(e) && e.statusCode === 403) {\n // If we don't have permission to get the key, we'll fall back to using the remote provider.\n // Marking the key as a remoteOnlyIdentifier will ensure that we don't attempt to fetch the key again.\n logger.verbose(\n `Permission denied to get key ${this.key.value}. Falling back to remote operation.`,\n );\n this.key = { kind: \"remoteOnlyIdentifier\", value: this.key.value };\n } else {\n throw e;\n }\n }\n\n if (key) {\n this.key = { kind: \"KeyVaultKey\", value: key };\n }\n }\n\n return this.key;\n }\n\n private providers?: CryptographyProvider[];\n /**\n * Gets the provider that support this algorithm and operation.\n * The available providers are ordered by priority such that the first provider that supports this\n * operation is the one we should use.\n * @param operation - The {@link KeyOperation}.\n * @param algorithm - The algorithm to use.\n */\n private async getProvider<T extends OperationOptions>(\n operation: CryptographyProviderOperation,\n algorithm: string,\n options: T,\n ): Promise<CryptographyProvider> {\n if (!this.providers) {\n const keyMaterial = await this.getKeyMaterial(options);\n this.providers = [];\n\n // Add local crypto providers as needed\n if (keyMaterial) {\n this.providers.push(\n new RsaCryptographyProvider(keyMaterial),\n new AesCryptographyProvider(keyMaterial),\n );\n }\n\n // If the remote provider exists, we're in hybrid-mode. Otherwise we're in local-only mode.\n // If we're in hybrid mode the remote provider is used as a catch-all and should be last in the list.\n if (this.remoteProvider) {\n this.providers.push(this.remoteProvider);\n }\n }\n\n const providers = this.providers.filter((p) => p.isSupported(algorithm, operation));\n\n if (providers.length === 0) {\n throw new Error(\n `Unable to support operation: \"${operation}\" with algorithm: \"${algorithm}\" ${\n this.key.kind === \"JsonWebKey\" ? \"using a local JsonWebKey\" : \"\"\n }`,\n );\n }\n\n // Return the first provider that supports this request\n return providers[0];\n }\n\n private ensureValid(key: CryptographyClientKey, operation?: KeyOperation): void {\n if (key.kind === \"KeyVaultKey\") {\n const keyOps = key.value.keyOperations;\n const { notBefore, expiresOn } = key.value.properties;\n const now = new Date();\n\n // Check KeyVault Key Expiration\n if (notBefore && now < notBefore) {\n throw new Error(`Key ${key.value.id} can't be used before ${notBefore.toISOString()}`);\n }\n\n if (expiresOn && now > expiresOn) {\n throw new Error(`Key ${key.value.id} expired at ${expiresOn.toISOString()}`);\n }\n\n // Check Key operations\n if (operation && keyOps && !keyOps?.includes(operation)) {\n throw new Error(`Operation ${operation} is not supported on key ${key.value.id}`);\n }\n } else if (key.kind === \"JsonWebKey\") {\n // Check JsonWebKey Key operations\n if (operation && key.value.keyOps && !key.value.keyOps?.includes(operation)) {\n throw new Error(`Operation ${operation} is not supported on key ${key.value.kid}`);\n }\n }\n }\n}\n"]}
1
+ {"version":3,"file":"cryptographyClient.js","sourceRoot":"","sources":["../../src/cryptographyClient.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC;;;AAWlC,mDAAqD;AAuBrD,gGAA0F;AAC1F,wDAAuD;AAEvD,0FAAoF;AACpF,0FAAoF;AACpF,6CAA6C;AAC7C,kEAAwD;AACxD,2CAAqC;AAErC;;;GAGG;AACH,MAAa,kBAAkB;IAC7B;;OAEG;IACK,GAAG,CAAwB;IAEnC;;OAEG;IACK,cAAc,CAA8B;IA2DpD;;;;OAIG;IACH,YACE,GAAsC,EACtC,UAA4B,EAC5B,kBAA6C,EAAE;QAE/C,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YAC5B,uCAAuC;YACvC,IAAI,CAAC,GAAG,GAAG;gBACT,IAAI,EAAE,YAAY;gBAClB,KAAK,EAAE,GAAG;aACX,CAAC;YACF,IAAI,CAAC,cAAc,GAAG,IAAI,0DAA0B,CAAC,GAAG,EAAE,UAAW,EAAE,eAAe,CAAC,CAAC;QAC1F,CAAC;aAAM,IAAI,MAAM,IAAI,GAAG,EAAE,CAAC;YACzB,4CAA4C;YAC5C,IAAI,CAAC,GAAG,GAAG;gBACT,IAAI,EAAE,aAAa;gBACnB,KAAK,EAAE,GAAG;aACX,CAAC;YACF,IAAI,CAAC,cAAc,GAAG,IAAI,0DAA0B,CAAC,GAAG,EAAE,UAAW,EAAE,eAAe,CAAC,CAAC;QAC1F,CAAC;aAAM,CAAC;YACN,wCAAwC;YACxC,IAAI,CAAC,GAAG,GAAG;gBACT,IAAI,EAAE,YAAY;gBAClB,KAAK,EAAE,GAAG;aACX,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;OAEG;IACH,IAAI,QAAQ;QACV,OAAO,IAAI,CAAC,cAAc,EAAE,QAAQ,IAAI,EAAE,CAAC;IAC7C,CAAC;IAED;;OAEG;IACH,IAAI,KAAK;QACP,IAAI,IAAI,CAAC,GAAG,CAAC,IAAI,KAAK,YAAY,IAAI,IAAI,CAAC,GAAG,CAAC,IAAI,KAAK,sBAAsB,EAAE,CAAC;YAC/E,OAAO,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC;QACxB,CAAC;aAAM,IAAI,IAAI,CAAC,GAAG,CAAC,IAAI,KAAK,aAAa,EAAE,CAAC;YAC3C,OAAO,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC;QAC3B,CAAC;aAAM,CAAC;YACN,OAAO,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC;QAC5B,CAAC;IACH,CAAC;IAoEM,OAAO,CACZ,GAAG,IAEmD;QAEtD,MAAM,CAAC,UAAU,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC,4BAA4B,CAAC,IAAI,CAAC,CAAC;QACtE,OAAO,0BAAa,CAAC,QAAQ,CAAC,4BAA4B,EAAE,OAAO,EAAE,KAAK,EAAE,cAAc,EAAE,EAAE;YAC5F,IAAI,CAAC,WAAW,CAAC,MAAM,IAAI,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,kCAAkB,CAAC,OAAO,CAAC,CAAC;YAClF,IAAI,CAAC,YAAY,CAAC,UAAU,CAAC,CAAC;YAC9B,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,SAAS,EAAE,UAAU,CAAC,SAAS,EAAE,cAAc,CAAC,CAAC;YACzF,IAAI,CAAC;gBACH,OAAO,QAAQ,CAAC,OAAO,CAAC,UAAU,EAAE,cAAc,CAAC,CAAC;YACtD,CAAC;YAAC,OAAO,KAAU,EAAE,CAAC;gBACpB,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;oBACxB,OAAO,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,UAAU,EAAE,cAAc,CAAC,CAAC;gBACjE,CAAC;gBACD,MAAM,KAAK,CAAC;YACd,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC;IAEO,YAAY,CAAC,UAA6B;QAChD,uFAAuF;QACvF,MAAM,qBAAqB,GAAgC;YACzD,SAAS;YACT,YAAY;YACZ,SAAS;YACT,YAAY;YACZ,SAAS;YACT,YAAY;SACb,CAAC;QAEF,IAAI,UAAU,CAAC,SAAS,IAAI,qBAAqB,EAAE,CAAC;YAClD,IAAI,CAAC;gBACH,MAAM,SAAS,GAAG,UAAqC,CAAC;gBACxD,IAAI,CAAC,SAAS,CAAC,EAAE,EAAE,CAAC;oBAClB,SAAS,CAAC,EAAE,GAAG,IAAA,uBAAW,EAAC,EAAE,CAAC,CAAC;gBACjC,CAAC;YACH,CAAC;YAAC,OAAO,CAAM,EAAE,CAAC;gBAChB,MAAM,IAAI,KAAK,CACb,yCAAyC,UAAU,CAAC,SAAS,yDAAyD,CAAC,CAAC,OAAO,EAAE,CAClI,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED;;;OAGG;IACK,4BAA4B,CAClC,IAAkF;QAElF,IAAI,OAAO,IAAI,CAAC,CAAC,CAAC,KAAK,QAAQ,EAAE,CAAC;YAChC,4CAA4C;YAC5C,OAAO;gBACL;oBACE,SAAS,EAAE,IAAI,CAAC,CAAC,CAAC;oBAClB,SAAS,EAAE,IAAI,CAAC,CAAC,CAAC;iBACE;gBACtB,IAAI,CAAC,CAAC,CAAC,IAAI,EAAE;aACd,CAAC;QACJ,CAAC;aAAM,CAAC;YACN,sEAAsE;YACtE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,EAAE,CAAmB,CAAC,CAAC;QACtD,CAAC;IACH,CAAC;IAqFM,OAAO,CACZ,GAAG,IAEmD;QAEtD,MAAM,CAAC,UAAU,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC,4BAA4B,CAAC,IAAI,CAAC,CAAC;QAEtE,OAAO,0BAAa,CAAC,QAAQ,CAAC,4BAA4B,EAAE,OAAO,EAAE,KAAK,EAAE,cAAc,EAAE,EAAE;YAC5F,IAAI,CAAC,WAAW,CAAC,MAAM,IAAI,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,kCAAkB,CAAC,OAAO,CAAC,CAAC;YAClF,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,SAAS,EAAE,UAAU,CAAC,SAAS,EAAE,cAAc,CAAC,CAAC;YACzF,IAAI,CAAC;gBACH,OAAO,QAAQ,CAAC,OAAO,CAAC,UAAU,EAAE,cAAc,CAAC,CAAC;YACtD,CAAC;YAAC,OAAO,KAAU,EAAE,CAAC;gBACpB,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;oBACxB,OAAO,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,UAAU,EAAE,cAAc,CAAC,CAAC;gBACjE,CAAC;gBACD,MAAM,KAAK,CAAC;YACd,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;;OAGG;IACK,4BAA4B,CAClC,IAAkF;QAElF,IAAI,OAAO,IAAI,CAAC,CAAC,CAAC,KAAK,QAAQ,EAAE,CAAC;YAChC,qDAAqD;YACrD,OAAO;gBACL;oBACE,SAAS,EAAE,IAAI,CAAC,CAAC,CAAC;oBAClB,UAAU,EAAE,IAAI,CAAC,CAAC,CAAC;iBACC;gBACtB,IAAI,CAAC,CAAC,CAAC,IAAI,EAAE;aACd,CAAC;QACJ,CAAC;aAAM,CAAC;YACN,gFAAgF;YAChF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,EAAE,CAAmB,CAAC,CAAC;QACtD,CAAC;IACH,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;;OAwBG;IACI,OAAO,CACZ,SAA2B,EAC3B,GAAe,EACf,UAA0B,EAAE;QAE5B,OAAO,0BAAa,CAAC,QAAQ,CAAC,4BAA4B,EAAE,OAAO,EAAE,KAAK,EAAE,cAAc,EAAE,EAAE;YAC5F,IAAI,CAAC,WAAW,CAAC,MAAM,IAAI,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,kCAAkB,CAAC,OAAO,CAAC,CAAC;YAClF,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,SAAS,EAAE,SAAS,EAAE,cAAc,CAAC,CAAC;YAC9E,IAAI,CAAC;gBACH,OAAO,QAAQ,CAAC,OAAO,CAAC,SAAS,EAAE,GAAG,EAAE,cAAc,CAAC,CAAC;YAC1D,CAAC;YAAC,OAAO,GAAQ,EAAE,CAAC;gBAClB,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;oBACxB,OAAO,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,SAAS,EAAE,GAAG,EAAE,OAAO,CAAC,CAAC;gBAC9D,CAAC;gBACD,MAAM,GAAG,CAAC;YACZ,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;;;;;OA2BG;IACI,SAAS,CACd,SAA2B,EAC3B,YAAwB,EACxB,UAA4B,EAAE;QAE9B,OAAO,0BAAa,CAAC,QAAQ,CAC3B,8BAA8B,EAC9B,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,IAAI,CAAC,WAAW,CAAC,MAAM,IAAI,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,kCAAkB,CAAC,SAAS,CAAC,CAAC;YACpF,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,WAAW,EAAE,SAAS,EAAE,cAAc,CAAC,CAAC;YAChF,IAAI,CAAC;gBACH,OAAO,QAAQ,CAAC,SAAS,CAAC,SAAS,EAAE,YAAY,EAAE,cAAc,CAAC,CAAC;YACrE,CAAC;YAAC,OAAO,GAAQ,EAAE,CAAC;gBAClB,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;oBACxB,OAAO,IAAI,CAAC,cAAc,CAAC,SAAS,CAAC,SAAS,EAAE,YAAY,EAAE,OAAO,CAAC,CAAC;gBACzE,CAAC;gBACD,MAAM,GAAG,CAAC;YACZ,CAAC;QACH,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA+BG;IACI,IAAI,CACT,SAA6B,EAC7B,MAAkB,EAClB,UAAuB,EAAE;QAEzB,OAAO,0BAAa,CAAC,QAAQ,CAAC,yBAAyB,EAAE,OAAO,EAAE,KAAK,EAAE,cAAc,EAAE,EAAE;YACzF,IAAI,CAAC,WAAW,CAAC,MAAM,IAAI,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,kCAAkB,CAAC,IAAI,CAAC,CAAC;YAC/E,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,SAAS,EAAE,cAAc,CAAC,CAAC;YAC3E,IAAI,CAAC;gBACH,OAAO,QAAQ,CAAC,IAAI,CAAC,SAAS,EAAE,MAAM,EAAE,cAAc,CAAC,CAAC;YAC1D,CAAC;YAAC,OAAO,GAAQ,EAAE,CAAC;gBAClB,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;oBACxB,OAAO,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,SAAS,EAAE,MAAM,EAAE,cAAc,CAAC,CAAC;gBACrE,CAAC;gBACD,MAAM,GAAG,CAAC;YACZ,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OAiCG;IACI,MAAM,CACX,SAA6B,EAC7B,MAAkB,EAClB,SAAqB,EACrB,UAAyB,EAAE;QAE3B,OAAO,0BAAa,CAAC,QAAQ,CAAC,2BAA2B,EAAE,OAAO,EAAE,KAAK,EAAE,cAAc,EAAE,EAAE;YAC3F,IAAI,CAAC,WAAW,CAAC,MAAM,IAAI,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,kCAAkB,CAAC,MAAM,CAAC,CAAC;YACjF,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,QAAQ,EAAE,SAAS,EAAE,cAAc,CAAC,CAAC;YAC7E,IAAI,CAAC;gBACH,OAAO,QAAQ,CAAC,MAAM,CAAC,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,cAAc,CAAC,CAAC;YACvE,CAAC;YAAC,OAAO,GAAQ,EAAE,CAAC;gBAClB,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;oBACxB,OAAO,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,cAAc,CAAC,CAAC;gBAClF,CAAC;gBACD,MAAM,GAAG,CAAC;YACZ,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;;OAwBG;IACI,QAAQ,CACb,SAA6B,EAC7B,IAAgB;IAChB,8DAA8D;IAC9D,UAAuB,EAAE;QAEzB,OAAO,0BAAa,CAAC,QAAQ,CAC3B,6BAA6B,EAC7B,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,IAAI,CAAC,WAAW,CAAC,MAAM,IAAI,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,kCAAkB,CAAC,IAAI,CAAC,CAAC;YAC/E,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,UAAU,EAAE,SAAS,EAAE,cAAc,CAAC,CAAC;YAC/E,IAAI,CAAC;gBACH,OAAO,QAAQ,CAAC,QAAQ,CAAC,SAAS,EAAE,IAAI,EAAE,cAAc,CAAC,CAAC;YAC5D,CAAC;YAAC,OAAO,GAAQ,EAAE,CAAC;gBAClB,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;oBACxB,OAAO,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,SAAS,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;gBAChE,CAAC;gBACD,MAAM,GAAG,CAAC;YACZ,CAAC;QACH,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA8BG;IACI,UAAU,CACf,SAA6B,EAC7B,IAAgB,EAChB,SAAqB;IACrB,8DAA8D;IAC9D,UAAyB,EAAE;QAE3B,OAAO,0BAAa,CAAC,QAAQ,CAC3B,+BAA+B,EAC/B,OAAO,EACP,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,IAAI,CAAC,WAAW,CAAC,MAAM,IAAI,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,kCAAkB,CAAC,MAAM,CAAC,CAAC;YACjF,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,YAAY,EAAE,SAAS,EAAE,cAAc,CAAC,CAAC;YACjF,IAAI,CAAC;gBACH,OAAO,QAAQ,CAAC,UAAU,CAAC,SAAS,EAAE,IAAI,EAAE,SAAS,EAAE,cAAc,CAAC,CAAC;YACzE,CAAC;YAAC,OAAO,GAAQ,EAAE,CAAC;gBAClB,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;oBACxB,OAAO,IAAI,CAAC,cAAc,CAAC,UAAU,CAAC,SAAS,EAAE,IAAI,EAAE,SAAS,EAAE,cAAc,CAAC,CAAC;gBACpF,CAAC;gBACD,MAAM,GAAG,CAAC;YACZ,CAAC;QACH,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;OAGG;IACK,KAAK,CAAC,cAAc,CAAC,OAAsB;QACjD,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;QAEzC,QAAQ,GAAG,CAAC,IAAI,EAAE,CAAC;YACjB,KAAK,YAAY;gBACf,OAAO,GAAG,CAAC,KAAK,CAAC;YACnB,KAAK,aAAa;gBAChB,OAAO,GAAG,CAAC,KAAK,CAAC,GAAI,CAAC;YACxB;gBACE,OAAO,SAAS,CAAC;QACrB,CAAC;IACH,CAAC;IAED;;;;OAIG;IACK,KAAK,CAAC,QAAQ,CAA6B,OAAU;QAC3D,IAAI,IAAI,CAAC,GAAG,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;YACnC,0DAA0D;YAC1D,IAAI,GAA4B,CAAC;YACjC,IAAI,CAAC;gBACH,GAAG,GAAG,MAAM,IAAI,CAAC,cAAe,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;YACnD,CAAC;YAAC,OAAO,CAAU,EAAE,CAAC;gBACpB,IAAI,IAAA,gCAAW,EAAC,CAAC,CAAC,IAAI,CAAC,CAAC,UAAU,KAAK,GAAG,EAAE,CAAC;oBAC3C,4FAA4F;oBAC5F,sGAAsG;oBACtG,kBAAM,CAAC,OAAO,CACZ,gCAAgC,IAAI,CAAC,GAAG,CAAC,KAAK,qCAAqC,CACpF,CAAC;oBACF,IAAI,CAAC,GAAG,GAAG,EAAE,IAAI,EAAE,sBAAsB,EAAE,KAAK,EAAE,IAAI,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC;gBACrE,CAAC;qBAAM,CAAC;oBACN,MAAM,CAAC,CAAC;gBACV,CAAC;YACH,CAAC;YAED,IAAI,GAAG,EAAE,CAAC;gBACR,IAAI,CAAC,GAAG,GAAG,EAAE,IAAI,EAAE,aAAa,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC;YACjD,CAAC;QACH,CAAC;QAED,OAAO,IAAI,CAAC,GAAG,CAAC;IAClB,CAAC;IAEO,SAAS,CAA0B;IAC3C;;;;;;OAMG;IACK,KAAK,CAAC,WAAW,CACvB,SAAwC,EACxC,SAAiB,EACjB,OAAU;QAEV,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;YACpB,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;YACvD,IAAI,CAAC,SAAS,GAAG,EAAE,CAAC;YAEpB,uCAAuC;YACvC,IAAI,WAAW,EAAE,CAAC;gBAChB,IAAI,CAAC,SAAS,CAAC,IAAI,CACjB,IAAI,oDAAuB,CAAC,WAAW,CAAC,EACxC,IAAI,oDAAuB,CAAC,WAAW,CAAC,CACzC,CAAC;YACJ,CAAC;YAED,2FAA2F;YAC3F,qGAAqG;YACrG,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;gBACxB,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;YAC3C,CAAC;QACH,CAAC;QAED,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC,CAAC;QAEpF,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC3B,MAAM,IAAI,KAAK,CACb,iCAAiC,SAAS,sBAAsB,SAAS,KACvE,IAAI,CAAC,GAAG,CAAC,IAAI,KAAK,YAAY,CAAC,CAAC,CAAC,0BAA0B,CAAC,CAAC,CAAC,EAChE,EAAE,CACH,CAAC;QACJ,CAAC;QAED,uDAAuD;QACvD,OAAO,SAAS,CAAC,CAAC,CAAC,CAAC;IACtB,CAAC;IAEO,WAAW,CAAC,GAA0B,EAAE,SAAwB;QACtE,IAAI,GAAG,CAAC,IAAI,KAAK,aAAa,EAAE,CAAC;YAC/B,MAAM,MAAM,GAAG,GAAG,CAAC,KAAK,CAAC,aAAa,CAAC;YACvC,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,GAAG,GAAG,CAAC,KAAK,CAAC,UAAU,CAAC;YACtD,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;YAEvB,gCAAgC;YAChC,IAAI,SAAS,IAAI,GAAG,GAAG,SAAS,EAAE,CAAC;gBACjC,MAAM,IAAI,KAAK,CAAC,OAAO,GAAG,CAAC,KAAK,CAAC,EAAE,yBAAyB,SAAS,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC;YACzF,CAAC;YAED,IAAI,SAAS,IAAI,GAAG,GAAG,SAAS,EAAE,CAAC;gBACjC,MAAM,IAAI,KAAK,CAAC,OAAO,GAAG,CAAC,KAAK,CAAC,EAAE,eAAe,SAAS,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC;YAC/E,CAAC;YAED,uBAAuB;YACvB,IAAI,SAAS,IAAI,MAAM,IAAI,CAAC,MAAM,EAAE,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;gBACxD,MAAM,IAAI,KAAK,CAAC,aAAa,SAAS,4BAA4B,GAAG,CAAC,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;YACpF,CAAC;QACH,CAAC;aAAM,IAAI,GAAG,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;YACrC,kCAAkC;YAClC,IAAI,SAAS,IAAI,GAAG,CAAC,KAAK,CAAC,MAAM,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;gBAC5E,MAAM,IAAI,KAAK,CAAC,aAAa,SAAS,4BAA4B,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC;YACrF,CAAC;QACH,CAAC;IACH,CAAC;CACF;AAvyBD,gDAuyBC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { OperationOptions } from \"@azure-rest/core-client\";\nimport type { TokenCredential } from \"@azure/core-auth\";\nimport type {\n CryptographyClientOptions,\n GetKeyOptions,\n JsonWebKey,\n KeyOperation,\n KeyVaultKey,\n} from \"./keysModels.js\";\nimport { KnownKeyOperations } from \"./keysModels.js\";\nimport type {\n AesCbcEncryptParameters,\n AesCbcEncryptionAlgorithm,\n CryptographyClientKey,\n DecryptOptions,\n DecryptParameters,\n DecryptResult,\n EncryptOptions,\n EncryptParameters,\n EncryptResult,\n EncryptionAlgorithm,\n KeyWrapAlgorithm,\n SignOptions,\n SignResult,\n SignatureAlgorithm,\n UnwrapKeyOptions,\n UnwrapResult,\n VerifyOptions,\n VerifyResult,\n WrapKeyOptions,\n WrapResult,\n} from \"./cryptographyClientModels.js\";\nimport { RemoteCryptographyProvider } from \"./cryptography/remoteCryptographyProvider.js\";\nimport { randomBytes } from \"./cryptography/crypto.js\";\nimport type { CryptographyProvider, CryptographyProviderOperation } from \"./cryptography/models.js\";\nimport { RsaCryptographyProvider } from \"./cryptography/rsaCryptographyProvider.js\";\nimport { AesCryptographyProvider } from \"./cryptography/aesCryptographyProvider.js\";\nimport { tracingClient } from \"./tracing.js\";\nimport { isRestError } from \"@azure/core-rest-pipeline\";\nimport { logger } from \"./logger.js\";\n\n/**\n * A client used to perform cryptographic operations on an Azure Key vault key\n * or a local {@link JsonWebKey}.\n */\nexport class CryptographyClient {\n /**\n * The key the CryptographyClient currently holds.\n */\n private key: CryptographyClientKey;\n\n /**\n * The remote provider, which would be undefined if used in local mode.\n */\n private remoteProvider?: RemoteCryptographyProvider;\n\n /**\n * Constructs a new instance of the Cryptography client for the given key\n *\n * Example usage:\n * ```ts snippet:ReadmeSampleCreateCryptographyClient\n * import { DefaultAzureCredential } from \"@azure/identity\";\n * import { KeyClient, CryptographyClient } from \"@azure/keyvault-keys\";\n *\n * const credential = new DefaultAzureCredential();\n *\n * const vaultName = \"<YOUR KEYVAULT NAME>\";\n * const url = `https://${vaultName}.vault.azure.net`;\n *\n * const client = new KeyClient(url, credential);\n *\n * // Create or retrieve a key from the keyvault\n * const myKey = await client.createKey(\"MyKey\", \"RSA\");\n *\n * // Lastly, create our cryptography client and connect to the service\n * const cryptographyClient = new CryptographyClient(myKey, credential);\n * ```\n * @param key - The key to use during cryptography tasks. You can also pass the identifier of the key i.e its url here.\n * @param credential - An object that implements the `TokenCredential` interface used to authenticate requests to the service. Use the \\@azure/identity package to create a credential that suits your needs.\n * @param pipelineOptions - Pipeline options used to configure Key Vault API requests.\n * Omit this parameter to use the default pipeline configuration.\n */\n constructor(\n key: string | KeyVaultKey,\n credential: TokenCredential,\n pipelineOptions?: CryptographyClientOptions,\n );\n /**\n * Constructs a new instance of the Cryptography client for the given key in local mode.\n *\n * Example usage:\n * ```ts snippet:ReadmeSampleCreateCryptographyClientLocal\n * import { CryptographyClient } from \"@azure/keyvault-keys\";\n *\n * const jsonWebKey = {\n * kty: \"RSA\",\n * kid: \"test-key-123\",\n * use: \"sig\",\n * alg: \"RS256\",\n * n: new Uint8Array([112, 34, 56, 98, 123, 244, 200, 99]),\n * e: new Uint8Array([1, 0, 1]),\n * d: new Uint8Array([45, 67, 89, 23, 144, 200, 76, 233]),\n * p: new Uint8Array([34, 89, 100, 77, 204, 56, 29, 77]),\n * q: new Uint8Array([78, 99, 201, 45, 188, 34, 67, 90]),\n * dp: new Uint8Array([23, 45, 78, 56, 200, 144, 32, 67]),\n * dq: new Uint8Array([12, 67, 89, 144, 99, 56, 23, 45]),\n * qi: new Uint8Array([78, 90, 45, 201, 34, 67, 120, 55]),\n * };\n * const client = new CryptographyClient(jsonWebKey);\n * ```\n * @param key - The JsonWebKey to use during cryptography operations.\n */\n constructor(key: JsonWebKey);\n /**\n * Internal constructor implementation for either local or Key Vault backed keys.\n * @param key - The key to use during cryptography tasks.\n * @param credential - Teh credential to use when constructing a Key Vault Cryptography client.\n */\n constructor(\n key: string | KeyVaultKey | JsonWebKey,\n credential?: TokenCredential,\n pipelineOptions: CryptographyClientOptions = {},\n ) {\n if (typeof key === \"string\") {\n // Key URL for remote-local operations.\n this.key = {\n kind: \"identifier\",\n value: key,\n };\n this.remoteProvider = new RemoteCryptographyProvider(key, credential!, pipelineOptions);\n } else if (\"name\" in key) {\n // KeyVault key for remote-local operations.\n this.key = {\n kind: \"KeyVaultKey\",\n value: key,\n };\n this.remoteProvider = new RemoteCryptographyProvider(key, credential!, pipelineOptions);\n } else {\n // JsonWebKey for local-only operations.\n this.key = {\n kind: \"JsonWebKey\",\n value: key,\n };\n }\n }\n\n /**\n * The base URL to the vault. If a local {@link JsonWebKey} is used vaultUrl will be empty.\n */\n get vaultUrl(): string {\n return this.remoteProvider?.vaultUrl || \"\";\n }\n\n /**\n * The ID of the key used to perform cryptographic operations for the client.\n */\n get keyID(): string | undefined {\n if (this.key.kind === \"identifier\" || this.key.kind === \"remoteOnlyIdentifier\") {\n return this.key.value;\n } else if (this.key.kind === \"KeyVaultKey\") {\n return this.key.value.id;\n } else {\n return this.key.value.kid;\n }\n }\n\n /**\n * Encrypts the given plaintext with the specified encryption parameters.\n * Depending on the algorithm set in the encryption parameters, the set of possible encryption parameters will change.\n *\n * Example usage:\n * ```ts snippet:ReadmeSampleEncrypt\n * import { DefaultAzureCredential } from \"@azure/identity\";\n * import { KeyClient, CryptographyClient } from \"@azure/keyvault-keys\";\n *\n * const credential = new DefaultAzureCredential();\n *\n * const vaultName = \"<YOUR KEYVAULT NAME>\";\n * const url = `https://${vaultName}.vault.azure.net`;\n *\n * const client = new KeyClient(url, credential);\n *\n * const myKey = await client.createKey(\"MyKey\", \"RSA\");\n * const cryptographyClient = new CryptographyClient(myKey.id, credential);\n *\n * const encryptResult = await cryptographyClient.encrypt({\n * algorithm: \"RSA1_5\",\n * plaintext: Buffer.from(\"My Message\"),\n * });\n * console.log(\"encrypt result: \", encryptResult.result);\n * ```\n * @param encryptParameters - The encryption parameters, keyed on the encryption algorithm chosen.\n * @param options - Additional options.\n */\n public encrypt(\n encryptParameters: EncryptParameters,\n options?: EncryptOptions,\n ): Promise<EncryptResult>;\n /**\n * Encrypts the given plaintext with the specified cryptography algorithm\n *\n * Example usage:\n * ```ts snippet:ReadmeSampleEncrypt\n * import { DefaultAzureCredential } from \"@azure/identity\";\n * import { KeyClient, CryptographyClient } from \"@azure/keyvault-keys\";\n *\n * const credential = new DefaultAzureCredential();\n *\n * const vaultName = \"<YOUR KEYVAULT NAME>\";\n * const url = `https://${vaultName}.vault.azure.net`;\n *\n * const client = new KeyClient(url, credential);\n *\n * const myKey = await client.createKey(\"MyKey\", \"RSA\");\n * const cryptographyClient = new CryptographyClient(myKey.id, credential);\n *\n * const encryptResult = await cryptographyClient.encrypt({\n * algorithm: \"RSA1_5\",\n * plaintext: Buffer.from(\"My Message\"),\n * });\n * console.log(\"encrypt result: \", encryptResult.result);\n * ```\n * @param algorithm - The algorithm to use.\n * @param plaintext - The text to encrypt.\n * @param options - Additional options.\n * @deprecated Use `encrypt({ algorithm, plaintext }, options)` instead.\n */\n public encrypt(\n algorithm: EncryptionAlgorithm,\n plaintext: Uint8Array,\n options?: EncryptOptions,\n ): Promise<EncryptResult>;\n public encrypt(\n ...args:\n | [EncryptParameters, EncryptOptions?]\n | [EncryptionAlgorithm, Uint8Array, EncryptOptions?]\n ): Promise<EncryptResult> {\n const [parameters, options] = this.disambiguateEncryptArguments(args);\n return tracingClient.withSpan(\"CryptographyClient.encrypt\", options, async (updatedOptions) => {\n this.ensureValid(await this.fetchKey(updatedOptions), KnownKeyOperations.Encrypt);\n this.initializeIV(parameters);\n const provider = await this.getProvider(\"encrypt\", parameters.algorithm, updatedOptions);\n try {\n return provider.encrypt(parameters, updatedOptions);\n } catch (error: any) {\n if (this.remoteProvider) {\n return this.remoteProvider.encrypt(parameters, updatedOptions);\n }\n throw error;\n }\n });\n }\n\n private initializeIV(parameters: EncryptParameters): void {\n // For AES-GCM the service **must** generate the IV, so we only populate it for AES-CBC\n const algorithmsRequiringIV: AesCbcEncryptionAlgorithm[] = [\n \"A128CBC\",\n \"A128CBCPAD\",\n \"A192CBC\",\n \"A192CBCPAD\",\n \"A256CBC\",\n \"A256CBCPAD\",\n ];\n\n if (parameters.algorithm in algorithmsRequiringIV) {\n try {\n const cbcParams = parameters as AesCbcEncryptParameters;\n if (!cbcParams.iv) {\n cbcParams.iv = randomBytes(16);\n }\n } catch (e: any) {\n throw new Error(\n `Unable to initialize IV for algorithm ${parameters.algorithm}. You may pass a valid IV to avoid this error. Error: ${e.message}`,\n );\n }\n }\n }\n\n /**\n * Standardizes the arguments of multiple overloads into a single shape.\n * @param args - The encrypt arguments\n */\n private disambiguateEncryptArguments(\n args: [EncryptParameters, EncryptOptions?] | [string, Uint8Array, EncryptOptions?],\n ): [EncryptParameters, EncryptOptions] {\n if (typeof args[0] === \"string\") {\n // Sample shape: [\"RSA1_5\", buffer, options]\n return [\n {\n algorithm: args[0],\n plaintext: args[1],\n } as EncryptParameters,\n args[2] || {},\n ];\n } else {\n // Sample shape: [{ algorithm: \"RSA1_5\", plaintext: buffer }, options]\n return [args[0], (args[1] || {}) as EncryptOptions];\n }\n }\n\n /**\n * Decrypts the given ciphertext with the specified decryption parameters.\n * Depending on the algorithm used in the decryption parameters, the set of possible decryption parameters will change.\n *\n * Microsoft recommends you not use CBC without first ensuring the integrity of the ciphertext using, for example, an HMAC. See https://learn.microsoft.com/dotnet/standard/security/vulnerabilities-cbc-mode for more information.\n *\n * Example usage:\n * ```ts snippet:ReadmeSampleDecrypt\n * import { DefaultAzureCredential } from \"@azure/identity\";\n * import { KeyClient, CryptographyClient } from \"@azure/keyvault-keys\";\n *\n * const credential = new DefaultAzureCredential();\n *\n * const vaultName = \"<YOUR KEYVAULT NAME>\";\n * const url = `https://${vaultName}.vault.azure.net`;\n *\n * const client = new KeyClient(url, credential);\n *\n * const myKey = await client.createKey(\"MyKey\", \"RSA\");\n * const cryptographyClient = new CryptographyClient(myKey.id, credential);\n *\n * const encryptResult = await cryptographyClient.encrypt({\n * algorithm: \"RSA1_5\",\n * plaintext: Buffer.from(\"My Message\"),\n * });\n * console.log(\"encrypt result: \", encryptResult.result);\n *\n * const decryptResult = await cryptographyClient.decrypt({\n * algorithm: \"RSA1_5\",\n * ciphertext: encryptResult.result,\n * });\n * console.log(\"decrypt result: \", decryptResult.result.toString());\n * ```\n * @param decryptParameters - The decryption parameters.\n * @param options - Additional options.\n */\n public async decrypt(\n decryptParameters: DecryptParameters,\n options?: DecryptOptions,\n ): Promise<DecryptResult>;\n /**\n * Decrypts the given ciphertext with the specified cryptography algorithm\n *\n * Example usage:\n * ```ts snippet:ReadmeSampleDecrypt\n * import { DefaultAzureCredential } from \"@azure/identity\";\n * import { KeyClient, CryptographyClient } from \"@azure/keyvault-keys\";\n *\n * const credential = new DefaultAzureCredential();\n *\n * const vaultName = \"<YOUR KEYVAULT NAME>\";\n * const url = `https://${vaultName}.vault.azure.net`;\n *\n * const client = new KeyClient(url, credential);\n *\n * const myKey = await client.createKey(\"MyKey\", \"RSA\");\n * const cryptographyClient = new CryptographyClient(myKey.id, credential);\n *\n * const encryptResult = await cryptographyClient.encrypt({\n * algorithm: \"RSA1_5\",\n * plaintext: Buffer.from(\"My Message\"),\n * });\n * console.log(\"encrypt result: \", encryptResult.result);\n *\n * const decryptResult = await cryptographyClient.decrypt({\n * algorithm: \"RSA1_5\",\n * ciphertext: encryptResult.result,\n * });\n * console.log(\"decrypt result: \", decryptResult.result.toString());\n * ```\n *\n * Microsoft recommends you not use CBC without first ensuring the integrity of the ciphertext using, for example, an HMAC. See https://learn.microsoft.com/dotnet/standard/security/vulnerabilities-cbc-mode for more information.\n *\n * @param algorithm - The algorithm to use.\n * @param ciphertext - The text to decrypt.\n * @param options - Additional options.\n * @deprecated Use `decrypt({ algorithm, ciphertext }, options)` instead.\n */\n public decrypt(\n algorithm: EncryptionAlgorithm,\n ciphertext: Uint8Array,\n options?: DecryptOptions,\n ): Promise<DecryptResult>;\n public decrypt(\n ...args:\n | [DecryptParameters, DecryptOptions?]\n | [EncryptionAlgorithm, Uint8Array, DecryptOptions?]\n ): Promise<DecryptResult> {\n const [parameters, options] = this.disambiguateDecryptArguments(args);\n\n return tracingClient.withSpan(\"CryptographyClient.decrypt\", options, async (updatedOptions) => {\n this.ensureValid(await this.fetchKey(updatedOptions), KnownKeyOperations.Decrypt);\n const provider = await this.getProvider(\"decrypt\", parameters.algorithm, updatedOptions);\n try {\n return provider.decrypt(parameters, updatedOptions);\n } catch (error: any) {\n if (this.remoteProvider) {\n return this.remoteProvider.decrypt(parameters, updatedOptions);\n }\n throw error;\n }\n });\n }\n\n /**\n * Standardizes the arguments of multiple overloads into a single shape.\n * @param args - The decrypt arguments\n */\n private disambiguateDecryptArguments(\n args: [DecryptParameters, DecryptOptions?] | [string, Uint8Array, DecryptOptions?],\n ): [DecryptParameters, DecryptOptions] {\n if (typeof args[0] === \"string\") {\n // Sample shape: [\"RSA1_5\", encryptedBuffer, options]\n return [\n {\n algorithm: args[0],\n ciphertext: args[1],\n } as DecryptParameters,\n args[2] || {},\n ];\n } else {\n // Sample shape: [{ algorithm: \"RSA1_5\", ciphertext: encryptedBuffer }, options]\n return [args[0], (args[1] || {}) as DecryptOptions];\n }\n }\n\n /**\n * Wraps the given key using the specified cryptography algorithm\n *\n * Example usage:\n * ```ts snippet:ReadmeSampleWrapKey\n * import { DefaultAzureCredential } from \"@azure/identity\";\n * import { KeyClient, CryptographyClient } from \"@azure/keyvault-keys\";\n *\n * const credential = new DefaultAzureCredential();\n *\n * const vaultName = \"<YOUR KEYVAULT NAME>\";\n * const url = `https://${vaultName}.vault.azure.net`;\n *\n * const client = new KeyClient(url, credential);\n *\n * const myKey = await client.createKey(\"MyKey\", \"RSA\");\n * const cryptographyClient = new CryptographyClient(myKey, credential);\n *\n * const wrapResult = await cryptographyClient.wrapKey(\"RSA-OAEP\", Buffer.from(\"My Key\"));\n * console.log(\"wrap result:\", wrapResult.result);\n * ```\n * @param algorithm - The encryption algorithm to use to wrap the given key.\n * @param key - The key to wrap.\n * @param options - Additional options.\n */\n public wrapKey(\n algorithm: KeyWrapAlgorithm,\n key: Uint8Array,\n options: WrapKeyOptions = {},\n ): Promise<WrapResult> {\n return tracingClient.withSpan(\"CryptographyClient.wrapKey\", options, async (updatedOptions) => {\n this.ensureValid(await this.fetchKey(updatedOptions), KnownKeyOperations.WrapKey);\n const provider = await this.getProvider(\"wrapKey\", algorithm, updatedOptions);\n try {\n return provider.wrapKey(algorithm, key, updatedOptions);\n } catch (err: any) {\n if (this.remoteProvider) {\n return this.remoteProvider.wrapKey(algorithm, key, options);\n }\n throw err;\n }\n });\n }\n\n /**\n * Unwraps the given wrapped key using the specified cryptography algorithm\n *\n * Example usage:\n * ```ts snippet:ReadmeSampleUnwrapKey\n * import { DefaultAzureCredential } from \"@azure/identity\";\n * import { KeyClient, CryptographyClient } from \"@azure/keyvault-keys\";\n *\n * const credential = new DefaultAzureCredential();\n *\n * const vaultName = \"<YOUR KEYVAULT NAME>\";\n * const url = `https://${vaultName}.vault.azure.net`;\n *\n * const client = new KeyClient(url, credential);\n *\n * const myKey = await client.createKey(\"MyKey\", \"RSA\");\n * const cryptographyClient = new CryptographyClient(myKey, credential);\n *\n * const wrapResult = await cryptographyClient.wrapKey(\"RSA-OAEP\", Buffer.from(\"My Key\"));\n * console.log(\"wrap result:\", wrapResult.result);\n *\n * const unwrapResult = await cryptographyClient.unwrapKey(\"RSA-OAEP\", wrapResult.result);\n * console.log(\"unwrap result: \", unwrapResult.result);\n * ```\n * @param algorithm - The decryption algorithm to use to unwrap the key.\n * @param encryptedKey - The encrypted key to unwrap.\n * @param options - Additional options.\n */\n public unwrapKey(\n algorithm: KeyWrapAlgorithm,\n encryptedKey: Uint8Array,\n options: UnwrapKeyOptions = {},\n ): Promise<UnwrapResult> {\n return tracingClient.withSpan(\n \"CryptographyClient.unwrapKey\",\n options,\n async (updatedOptions) => {\n this.ensureValid(await this.fetchKey(updatedOptions), KnownKeyOperations.UnwrapKey);\n const provider = await this.getProvider(\"unwrapKey\", algorithm, updatedOptions);\n try {\n return provider.unwrapKey(algorithm, encryptedKey, updatedOptions);\n } catch (err: any) {\n if (this.remoteProvider) {\n return this.remoteProvider.unwrapKey(algorithm, encryptedKey, options);\n }\n throw err;\n }\n },\n );\n }\n\n /**\n * Cryptographically sign the digest of a message\n *\n * Example usage:\n * ```ts snippet:ReadmeSampleSign\n * import { DefaultAzureCredential } from \"@azure/identity\";\n * import { KeyClient, CryptographyClient } from \"@azure/keyvault-keys\";\n * import { createHash } from \"node:crypto\";\n *\n * const credential = new DefaultAzureCredential();\n *\n * const vaultName = \"<YOUR KEYVAULT NAME>\";\n * const url = `https://${vaultName}.vault.azure.net`;\n *\n * const client = new KeyClient(url, credential);\n *\n * let myKey = await client.createKey(\"MyKey\", \"RSA\");\n * const cryptographyClient = new CryptographyClient(myKey, credential);\n *\n * const signatureValue = \"MySignature\";\n * const hash = createHash(\"sha256\");\n *\n * const digest = hash.update(signatureValue).digest();\n * console.log(\"digest: \", digest);\n *\n * const signResult = await cryptographyClient.sign(\"RS256\", digest);\n * console.log(\"sign result: \", signResult.result);\n * ```\n * @param algorithm - The signing algorithm to use.\n * @param digest - The digest of the data to sign.\n * @param options - Additional options.\n */\n public sign(\n algorithm: SignatureAlgorithm,\n digest: Uint8Array,\n options: SignOptions = {},\n ): Promise<SignResult> {\n return tracingClient.withSpan(\"CryptographyClient.sign\", options, async (updatedOptions) => {\n this.ensureValid(await this.fetchKey(updatedOptions), KnownKeyOperations.Sign);\n const provider = await this.getProvider(\"sign\", algorithm, updatedOptions);\n try {\n return provider.sign(algorithm, digest, updatedOptions);\n } catch (err: any) {\n if (this.remoteProvider) {\n return this.remoteProvider.sign(algorithm, digest, updatedOptions);\n }\n throw err;\n }\n });\n }\n\n /**\n * Verify the signed message digest\n *\n * Example usage:\n * ```ts snippet:ReadmeSampleVerify\n * import { DefaultAzureCredential } from \"@azure/identity\";\n * import { KeyClient, CryptographyClient } from \"@azure/keyvault-keys\";\n * import { createHash } from \"node:crypto\";\n *\n * const credential = new DefaultAzureCredential();\n *\n * const vaultName = \"<YOUR KEYVAULT NAME>\";\n * const url = `https://${vaultName}.vault.azure.net`;\n *\n * const client = new KeyClient(url, credential);\n *\n * const myKey = await client.createKey(\"MyKey\", \"RSA\");\n * const cryptographyClient = new CryptographyClient(myKey, credential);\n *\n * const hash = createHash(\"sha256\");\n * hash.update(\"My Message\");\n * const digest = hash.digest();\n *\n * const signResult = await cryptographyClient.sign(\"RS256\", digest);\n * console.log(\"sign result: \", signResult.result);\n *\n * const verifyResult = await cryptographyClient.verify(\"RS256\", digest, signResult.result);\n * console.log(\"verify result: \", verifyResult.result);\n * ```\n * @param algorithm - The signing algorithm to use to verify with.\n * @param digest - The digest to verify.\n * @param signature - The signature to verify the digest against.\n * @param options - Additional options.\n */\n public verify(\n algorithm: SignatureAlgorithm,\n digest: Uint8Array,\n signature: Uint8Array,\n options: VerifyOptions = {},\n ): Promise<VerifyResult> {\n return tracingClient.withSpan(\"CryptographyClient.verify\", options, async (updatedOptions) => {\n this.ensureValid(await this.fetchKey(updatedOptions), KnownKeyOperations.Verify);\n const provider = await this.getProvider(\"verify\", algorithm, updatedOptions);\n try {\n return provider.verify(algorithm, digest, signature, updatedOptions);\n } catch (err: any) {\n if (this.remoteProvider) {\n return this.remoteProvider.verify(algorithm, digest, signature, updatedOptions);\n }\n throw err;\n }\n });\n }\n\n /**\n * Cryptographically sign a block of data\n *\n * Example usage:\n * ```ts snippet:ReadmeSampleSignData\n * import { DefaultAzureCredential } from \"@azure/identity\";\n * import { KeyClient, CryptographyClient } from \"@azure/keyvault-keys\";\n *\n * const credential = new DefaultAzureCredential();\n *\n * const vaultName = \"<YOUR KEYVAULT NAME>\";\n * const url = `https://${vaultName}.vault.azure.net`;\n *\n * const client = new KeyClient(url, credential);\n *\n * const myKey = await client.createKey(\"MyKey\", \"RSA\");\n * const cryptographyClient = new CryptographyClient(myKey, credential);\n *\n * const signResult = await cryptographyClient.signData(\"RS256\", Buffer.from(\"My Message\"));\n * console.log(\"sign result: \", signResult.result);\n * ```\n * @param algorithm - The signing algorithm to use.\n * @param data - The data to sign.\n * @param options - Additional options.\n */\n public signData(\n algorithm: SignatureAlgorithm,\n data: Uint8Array,\n // eslint-disable-next-line @azure/azure-sdk/ts-naming-options\n options: SignOptions = {},\n ): Promise<SignResult> {\n return tracingClient.withSpan(\n \"CryptographyClient.signData\",\n options,\n async (updatedOptions) => {\n this.ensureValid(await this.fetchKey(updatedOptions), KnownKeyOperations.Sign);\n const provider = await this.getProvider(\"signData\", algorithm, updatedOptions);\n try {\n return provider.signData(algorithm, data, updatedOptions);\n } catch (err: any) {\n if (this.remoteProvider) {\n return this.remoteProvider.signData(algorithm, data, options);\n }\n throw err;\n }\n },\n );\n }\n\n /**\n * Verify the signed block of data\n *\n * Example usage:\n * ```ts snippet:ReadmeSampleVerifyData\n * import { DefaultAzureCredential } from \"@azure/identity\";\n * import { KeyClient, CryptographyClient } from \"@azure/keyvault-keys\";\n *\n * const credential = new DefaultAzureCredential();\n *\n * const vaultName = \"<YOUR KEYVAULT NAME>\";\n * const url = `https://${vaultName}.vault.azure.net`;\n *\n * const client = new KeyClient(url, credential);\n *\n * const myKey = await client.createKey(\"MyKey\", \"RSA\");\n * const cryptographyClient = new CryptographyClient(myKey, credential);\n *\n * const buffer = Buffer.from(\"My Message\");\n *\n * const signResult = await cryptographyClient.signData(\"RS256\", buffer);\n * console.log(\"sign result: \", signResult.result);\n *\n * const verifyResult = await cryptographyClient.verifyData(\"RS256\", buffer, signResult.result);\n * console.log(\"verify result: \", verifyResult.result);\n * ```\n * @param algorithm - The algorithm to use to verify with.\n * @param data - The signed block of data to verify.\n * @param signature - The signature to verify the block against.\n * @param options - Additional options.\n */\n public verifyData(\n algorithm: SignatureAlgorithm,\n data: Uint8Array,\n signature: Uint8Array,\n // eslint-disable-next-line @azure/azure-sdk/ts-naming-options\n options: VerifyOptions = {},\n ): Promise<VerifyResult> {\n return tracingClient.withSpan(\n \"CryptographyClient.verifyData\",\n options,\n async (updatedOptions) => {\n this.ensureValid(await this.fetchKey(updatedOptions), KnownKeyOperations.Verify);\n const provider = await this.getProvider(\"verifyData\", algorithm, updatedOptions);\n try {\n return provider.verifyData(algorithm, data, signature, updatedOptions);\n } catch (err: any) {\n if (this.remoteProvider) {\n return this.remoteProvider.verifyData(algorithm, data, signature, updatedOptions);\n }\n throw err;\n }\n },\n );\n }\n\n /**\n * Retrieves the {@link JsonWebKey} from the Key Vault, if possible. Returns undefined if the key could not be retrieved due to insufficient permissions.\n * @param options - The additional options.\n */\n private async getKeyMaterial(options: GetKeyOptions): Promise<JsonWebKey | undefined> {\n const key = await this.fetchKey(options);\n\n switch (key.kind) {\n case \"JsonWebKey\":\n return key.value;\n case \"KeyVaultKey\":\n return key.value.key!;\n default:\n return undefined;\n }\n }\n\n /**\n * Returns the underlying key used for cryptographic operations.\n * If needed, attempts to fetch the key from KeyVault and exchanges the ID for the actual key.\n * @param options - The additional options.\n */\n private async fetchKey<T extends OperationOptions>(options: T): Promise<CryptographyClientKey> {\n if (this.key.kind === \"identifier\") {\n // Exchange the identifier with the actual key when needed\n let key: KeyVaultKey | undefined;\n try {\n key = await this.remoteProvider!.getKey(options);\n } catch (e: unknown) {\n if (isRestError(e) && e.statusCode === 403) {\n // If we don't have permission to get the key, we'll fall back to using the remote provider.\n // Marking the key as a remoteOnlyIdentifier will ensure that we don't attempt to fetch the key again.\n logger.verbose(\n `Permission denied to get key ${this.key.value}. Falling back to remote operation.`,\n );\n this.key = { kind: \"remoteOnlyIdentifier\", value: this.key.value };\n } else {\n throw e;\n }\n }\n\n if (key) {\n this.key = { kind: \"KeyVaultKey\", value: key };\n }\n }\n\n return this.key;\n }\n\n private providers?: CryptographyProvider[];\n /**\n * Gets the provider that support this algorithm and operation.\n * The available providers are ordered by priority such that the first provider that supports this\n * operation is the one we should use.\n * @param operation - The {@link KeyOperation}.\n * @param algorithm - The algorithm to use.\n */\n private async getProvider<T extends OperationOptions>(\n operation: CryptographyProviderOperation,\n algorithm: string,\n options: T,\n ): Promise<CryptographyProvider> {\n if (!this.providers) {\n const keyMaterial = await this.getKeyMaterial(options);\n this.providers = [];\n\n // Add local crypto providers as needed\n if (keyMaterial) {\n this.providers.push(\n new RsaCryptographyProvider(keyMaterial),\n new AesCryptographyProvider(keyMaterial),\n );\n }\n\n // If the remote provider exists, we're in hybrid-mode. Otherwise we're in local-only mode.\n // If we're in hybrid mode the remote provider is used as a catch-all and should be last in the list.\n if (this.remoteProvider) {\n this.providers.push(this.remoteProvider);\n }\n }\n\n const providers = this.providers.filter((p) => p.isSupported(algorithm, operation));\n\n if (providers.length === 0) {\n throw new Error(\n `Unable to support operation: \"${operation}\" with algorithm: \"${algorithm}\" ${\n this.key.kind === \"JsonWebKey\" ? \"using a local JsonWebKey\" : \"\"\n }`,\n );\n }\n\n // Return the first provider that supports this request\n return providers[0];\n }\n\n private ensureValid(key: CryptographyClientKey, operation?: KeyOperation): void {\n if (key.kind === \"KeyVaultKey\") {\n const keyOps = key.value.keyOperations;\n const { notBefore, expiresOn } = key.value.properties;\n const now = new Date();\n\n // Check KeyVault Key Expiration\n if (notBefore && now < notBefore) {\n throw new Error(`Key ${key.value.id} can't be used before ${notBefore.toISOString()}`);\n }\n\n if (expiresOn && now > expiresOn) {\n throw new Error(`Key ${key.value.id} expired at ${expiresOn.toISOString()}`);\n }\n\n // Check Key operations\n if (operation && keyOps && !keyOps?.includes(operation)) {\n throw new Error(`Operation ${operation} is not supported on key ${key.value.id}`);\n }\n } else if (key.kind === \"JsonWebKey\") {\n // Check JsonWebKey Key operations\n if (operation && key.value.keyOps && !key.value.keyOps?.includes(operation)) {\n throw new Error(`Operation ${operation} is not supported on key ${key.value.kid}`);\n }\n }\n }\n}\n"]}