diff --git a/sdk/security/keyvault/azkeys/CHANGELOG.md b/sdk/security/keyvault/azkeys/CHANGELOG.md index 0ce175c94292..65b2133ecbee 100644 --- a/sdk/security/keyvault/azkeys/CHANGELOG.md +++ b/sdk/security/keyvault/azkeys/CHANGELOG.md @@ -1,5 +1,25 @@ # Release History +## 2.0.0 (2025-01-23) +### Breaking Changes + +- Type of `DeletedKeyProperties.KID` has been changed from `*ID` to `*string` +- Type of `JSONWebKey.KID` has been changed from `*ID` to `*string` +- Type of `JSONWebKey.KeyOps` has been changed from `[]*KeyOperation` to `[]*string` +- Type of `KeyAttributes.RecoveryLevel` has been changed from `*string` to `*DeletionRecoveryLevel` +- Type of `KeyOperationResult.KID` has been changed from `*ID` to `*string` +- Type of `KeyProperties.KID` has been changed from `*ID` to `*string` + +### Features Added + +- New value `KeyOperationExport` added to enum type `KeyOperation` +- New value `SignatureAlgorithmRSNULL` added to enum type `SignatureAlgorithm` +- New enum type `DeletionRecoveryLevel` with values `DeletionRecoveryLevelCustomizedRecoverable`, `DeletionRecoveryLevelCustomizedRecoverableProtectedSubscription`, `DeletionRecoveryLevelCustomizedRecoverablePurgeable`, `DeletionRecoveryLevelPurgeable`, `DeletionRecoveryLevelRecoverable`, `DeletionRecoveryLevelRecoverableProtectedSubscription`, `DeletionRecoveryLevelRecoverablePurgeable` +- New field `Maxresults` in struct `ListDeletedKeyPropertiesOptions` +- New field `Maxresults` in struct `ListKeyPropertiesOptions` +- New field `Maxresults` in struct `ListKeyPropertiesVersionsOptions` + + ## 1.3.1 (Unreleased) ### Features Added diff --git a/sdk/security/keyvault/azkeys/README.md b/sdk/security/keyvault/azkeys/README.md index a2150f0f25e0..023756f3299f 100644 --- a/sdk/security/keyvault/azkeys/README.md +++ b/sdk/security/keyvault/azkeys/README.md @@ -13,7 +13,7 @@ Install `azkeys` and `azidentity` with `go get`: ```Bash -go get github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azkeys +go get github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azkeys/v2 go get github.com/Azure/azure-sdk-for-go/sdk/azidentity ``` [azidentity][azure_identity] is used for Azure Active Directory authentication as demonstrated below. @@ -37,7 +37,7 @@ Constructing the client requires your vault's URL, which you can get from the Az ```go import ( "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azkeys" + "github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azkeys/v2" ) func main() { diff --git a/sdk/security/keyvault/azkeys/build.go b/sdk/security/keyvault/azkeys/build.go deleted file mode 100644 index 16ea90bf8888..000000000000 --- a/sdk/security/keyvault/azkeys/build.go +++ /dev/null @@ -1,8 +0,0 @@ -//go:generate tsp-client update -//go:generate go run ./internal/transforms.go -//go:generate goimports -w . - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. - -package azkeys diff --git a/sdk/security/keyvault/azkeys/client.go b/sdk/security/keyvault/azkeys/client.go index 0120d4206e25..ce964122bc75 100644 --- a/sdk/security/keyvault/azkeys/client.go +++ b/sdk/security/keyvault/azkeys/client.go @@ -7,13 +7,13 @@ package azkeys import ( "context" "errors" - "net/http" - "net/url" - "strings" - "github.com/Azure/azure-sdk-for-go/sdk/azcore" "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strconv" + "strings" ) // Client - The key vault client performs cryptographic key operations and vault operations against the Key Vault service. @@ -196,6 +196,9 @@ func (client *Client) decryptCreateRequest(ctx context.Context, name string, ver return nil, errors.New("parameter name cannot be empty") } urlPath = strings.ReplaceAll(urlPath, "{key-name}", url.PathEscape(name)) + if version == "" { + return nil, errors.New("parameter version cannot be empty") + } urlPath = strings.ReplaceAll(urlPath, "{key-version}", url.PathEscape(version)) req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(host, urlPath)) if err != nil { @@ -324,6 +327,9 @@ func (client *Client) encryptCreateRequest(ctx context.Context, name string, ver return nil, errors.New("parameter name cannot be empty") } urlPath = strings.ReplaceAll(urlPath, "{key-name}", url.PathEscape(name)) + if version == "" { + return nil, errors.New("parameter version cannot be empty") + } urlPath = strings.ReplaceAll(urlPath, "{key-version}", url.PathEscape(version)) req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(host, urlPath)) if err != nil { @@ -447,6 +453,9 @@ func (client *Client) getKeyCreateRequest(ctx context.Context, name string, vers return nil, errors.New("parameter name cannot be empty") } urlPath = strings.ReplaceAll(urlPath, "{key-name}", url.PathEscape(name)) + if version == "" { + return nil, errors.New("parameter version cannot be empty") + } urlPath = strings.ReplaceAll(urlPath, "{key-version}", url.PathEscape(version)) req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(host, urlPath)) if err != nil { @@ -690,6 +699,9 @@ func (client *Client) listDeletedKeyPropertiesCreateRequest(ctx context.Context, } reqQP := req.Raw().URL.Query() reqQP.Set("api-version", "7.5") + if options != nil && options.Maxresults != nil { + reqQP.Set("maxresults", strconv.FormatInt(int64(*options.Maxresults), 10)) + } req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -745,6 +757,9 @@ func (client *Client) listKeyPropertiesCreateRequest(ctx context.Context, option } reqQP := req.Raw().URL.Query() reqQP.Set("api-version", "7.5") + if options != nil && options.Maxresults != nil { + reqQP.Set("maxresults", strconv.FormatInt(int64(*options.Maxresults), 10)) + } req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -804,6 +819,9 @@ func (client *Client) listKeyPropertiesVersionsCreateRequest(ctx context.Context } reqQP := req.Raw().URL.Query() reqQP.Set("api-version", "7.5") + if options != nil && options.Maxresults != nil { + reqQP.Set("maxresults", strconv.FormatInt(int64(*options.Maxresults), 10)) + } req.Raw().URL.RawQuery = reqQP.Encode() req.Raw().Header["Accept"] = []string{"application/json"} return req, nil @@ -965,6 +983,9 @@ func (client *Client) releaseCreateRequest(ctx context.Context, name string, ver return nil, errors.New("parameter name cannot be empty") } urlPath = strings.ReplaceAll(urlPath, "{key-name}", url.PathEscape(name)) + if version == "" { + return nil, errors.New("parameter version cannot be empty") + } urlPath = strings.ReplaceAll(urlPath, "{key-version}", url.PathEscape(version)) req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(host, urlPath)) if err != nil { @@ -1151,6 +1172,9 @@ func (client *Client) signCreateRequest(ctx context.Context, name string, versio return nil, errors.New("parameter name cannot be empty") } urlPath = strings.ReplaceAll(urlPath, "{key-name}", url.PathEscape(name)) + if version == "" { + return nil, errors.New("parameter version cannot be empty") + } urlPath = strings.ReplaceAll(urlPath, "{key-version}", url.PathEscape(version)) req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(host, urlPath)) if err != nil { @@ -1217,6 +1241,9 @@ func (client *Client) unwrapKeyCreateRequest(ctx context.Context, name string, v return nil, errors.New("parameter name cannot be empty") } urlPath = strings.ReplaceAll(urlPath, "{key-name}", url.PathEscape(name)) + if version == "" { + return nil, errors.New("parameter version cannot be empty") + } urlPath = strings.ReplaceAll(urlPath, "{key-version}", url.PathEscape(version)) req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(host, urlPath)) if err != nil { @@ -1283,6 +1310,9 @@ func (client *Client) updateKeyCreateRequest(ctx context.Context, name string, v return nil, errors.New("parameter name cannot be empty") } urlPath = strings.ReplaceAll(urlPath, "{key-name}", url.PathEscape(name)) + if version == "" { + return nil, errors.New("parameter version cannot be empty") + } urlPath = strings.ReplaceAll(urlPath, "{key-version}", url.PathEscape(version)) req, err := runtime.NewRequest(ctx, http.MethodPatch, runtime.JoinPaths(host, urlPath)) if err != nil { @@ -1412,6 +1442,9 @@ func (client *Client) verifyCreateRequest(ctx context.Context, name string, vers return nil, errors.New("parameter name cannot be empty") } urlPath = strings.ReplaceAll(urlPath, "{key-name}", url.PathEscape(name)) + if version == "" { + return nil, errors.New("parameter version cannot be empty") + } urlPath = strings.ReplaceAll(urlPath, "{key-version}", url.PathEscape(version)) req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(host, urlPath)) if err != nil { @@ -1480,6 +1513,9 @@ func (client *Client) wrapKeyCreateRequest(ctx context.Context, name string, ver return nil, errors.New("parameter name cannot be empty") } urlPath = strings.ReplaceAll(urlPath, "{key-name}", url.PathEscape(name)) + if version == "" { + return nil, errors.New("parameter version cannot be empty") + } urlPath = strings.ReplaceAll(urlPath, "{key-version}", url.PathEscape(version)) req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(host, urlPath)) if err != nil { diff --git a/sdk/security/keyvault/azkeys/constants.go b/sdk/security/keyvault/azkeys/constants.go index de3f3a8133a6..70022a4d6cf9 100644 --- a/sdk/security/keyvault/azkeys/constants.go +++ b/sdk/security/keyvault/azkeys/constants.go @@ -4,7 +4,7 @@ package azkeys -// CurveName - Elliptic curve name. +// CurveName - Elliptic curve name. For valid values, see JsonWebKeyCurveName. type CurveName string const ( @@ -28,6 +28,59 @@ func PossibleCurveNameValues() []CurveName { } } +// DeletionRecoveryLevel - Reflects the deletion recovery level currently in effect for certificates in the current vault. +// If it contains 'Purgeable', the certificate can be permanently deleted by a privileged user; otherwise, only the system +// can purge the certificate, at the end of the retention interval. +type DeletionRecoveryLevel string + +const ( + // DeletionRecoveryLevelCustomizedRecoverable - Denotes a vault state in which deletion is recoverable without the possibility + // for immediate and permanent deletion (i.e. purge when 7 <= SoftDeleteRetentionInDays < 90).This level guarantees the recoverability + // of the deleted entity during the retention interval and while the subscription is still available. + DeletionRecoveryLevelCustomizedRecoverable DeletionRecoveryLevel = "CustomizedRecoverable" + // DeletionRecoveryLevelCustomizedRecoverableProtectedSubscription - Denotes a vault and subscription state in which deletion + // is recoverable, immediate and permanent deletion (i.e. purge) is not permitted, and in which the subscription itself cannot + // be permanently canceled when 7 <= SoftDeleteRetentionInDays < 90. This level guarantees the recoverability of the deleted + // entity during the retention interval, and also reflects the fact that the subscription itself cannot be cancelled. + DeletionRecoveryLevelCustomizedRecoverableProtectedSubscription DeletionRecoveryLevel = "CustomizedRecoverable+ProtectedSubscription" + // DeletionRecoveryLevelCustomizedRecoverablePurgeable - Denotes a vault state in which deletion is recoverable, and which + // also permits immediate and permanent deletion (i.e. purge when 7 <= SoftDeleteRetentionInDays < 90). This level guarantees + // the recoverability of the deleted entity during the retention interval, unless a Purge operation is requested, or the subscription + // is cancelled. + DeletionRecoveryLevelCustomizedRecoverablePurgeable DeletionRecoveryLevel = "CustomizedRecoverable+Purgeable" + // DeletionRecoveryLevelPurgeable - Denotes a vault state in which deletion is an irreversible operation, without the possibility + // for recovery. This level corresponds to no protection being available against a Delete operation; the data is irretrievably + // lost upon accepting a Delete operation at the entity level or higher (vault, resource group, subscription etc.) + DeletionRecoveryLevelPurgeable DeletionRecoveryLevel = "Purgeable" + // DeletionRecoveryLevelRecoverable - Denotes a vault state in which deletion is recoverable without the possibility for immediate + // and permanent deletion (i.e. purge). This level guarantees the recoverability of the deleted entity during the retention + // interval(90 days) and while the subscription is still available. System wil permanently delete it after 90 days, if not + // recovered + DeletionRecoveryLevelRecoverable DeletionRecoveryLevel = "Recoverable" + // DeletionRecoveryLevelRecoverableProtectedSubscription - Denotes a vault and subscription state in which deletion is recoverable + // within retention interval (90 days), immediate and permanent deletion (i.e. purge) is not permitted, and in which the subscription + // itself cannot be permanently canceled. System wil permanently delete it after 90 days, if not recovered + DeletionRecoveryLevelRecoverableProtectedSubscription DeletionRecoveryLevel = "Recoverable+ProtectedSubscription" + // DeletionRecoveryLevelRecoverablePurgeable - Denotes a vault state in which deletion is recoverable, and which also permits + // immediate and permanent deletion (i.e. purge). This level guarantees the recoverability of the deleted entity during the + // retention interval (90 days), unless a Purge operation is requested, or the subscription is cancelled. System wil permanently + // delete it after 90 days, if not recovered + DeletionRecoveryLevelRecoverablePurgeable DeletionRecoveryLevel = "Recoverable+Purgeable" +) + +// PossibleDeletionRecoveryLevelValues returns the possible values for the DeletionRecoveryLevel const type. +func PossibleDeletionRecoveryLevelValues() []DeletionRecoveryLevel { + return []DeletionRecoveryLevel{ + DeletionRecoveryLevelCustomizedRecoverable, + DeletionRecoveryLevelCustomizedRecoverableProtectedSubscription, + DeletionRecoveryLevelCustomizedRecoverablePurgeable, + DeletionRecoveryLevelPurgeable, + DeletionRecoveryLevelRecoverable, + DeletionRecoveryLevelRecoverableProtectedSubscription, + DeletionRecoveryLevelRecoverablePurgeable, + } +} + // EncryptionAlgorithm - An algorithm used for encryption and decryption. type EncryptionAlgorithm string @@ -56,11 +109,16 @@ const ( EncryptionAlgorithmA256GCM EncryptionAlgorithm = "A256GCM" // EncryptionAlgorithmA256KW - 256-bit AES key wrap. EncryptionAlgorithmA256KW EncryptionAlgorithm = "A256KW" - // EncryptionAlgorithmRSA15 - RSAES-PKCS1-V1_5 key encryption, as described in https://tools.ietf.org/html/rfc3447. + // EncryptionAlgorithmRSA15 - [Not recommended] RSAES-PKCS1-V1_5 key encryption, as described in https://tools.ietf.org/html/rfc3447. + // Microsoft recommends using RSA_OAEP_256 or stronger algorithms for enhanced security. Microsoft does *not* recommend RSA_1_5, + // which is included solely for backwards compatibility. Cryptographic standards no longer consider RSA with the PKCS#1 v1.5 + // padding scheme secure for encryption. EncryptionAlgorithmRSA15 EncryptionAlgorithm = "RSA1_5" - // EncryptionAlgorithmRSAOAEP - RSAES using Optimal Asymmetric Encryption Padding (OAEP), as described in https://tools.ietf.org/html/rfc3447, - // with the default parameters specified by RFC 3447 in Section A.2.1. Those default parameters are using a hash function - // of SHA-1 and a mask generation function of MGF1 with SHA-1. + // EncryptionAlgorithmRSAOAEP - [Not recommended] RSAES using Optimal Asymmetric Encryption Padding (OAEP), as described in + // https://tools.ietf.org/html/rfc3447, with the default parameters specified by RFC 3447 in Section A.2.1. Those default + // parameters are using a hash function of SHA-1 and a mask generation function of MGF1 with SHA-1. Microsoft recommends using + // RSA_OAEP_256 or stronger algorithms for enhanced security. Microsoft does *not* recommend RSA_OAEP, which is included solely + // for backwards compatibility. RSA_OAEP utilizes SHA1, which has known collision problems. EncryptionAlgorithmRSAOAEP EncryptionAlgorithm = "RSA-OAEP" // EncryptionAlgorithmRSAOAEP256 - RSAES using Optimal Asymmetric Encryption Padding with a hash function of SHA-256 and a // mask generation function of MGF1 with SHA-256. @@ -109,7 +167,7 @@ func PossibleKeyEncryptionAlgorithmValues() []KeyEncryptionAlgorithm { } } -// KeyOperation - JSON web key operations. +// KeyOperation - JSON web key operations. For more information, see JsonWebKeyOperation. type KeyOperation string const ( @@ -117,7 +175,8 @@ const ( KeyOperationDecrypt KeyOperation = "decrypt" // KeyOperationEncrypt - Indicates that the key can be used to encrypt. KeyOperationEncrypt KeyOperation = "encrypt" - + // KeyOperationExport - Indicates that the private component of the key can be exported. + KeyOperationExport KeyOperation = "export" // KeyOperationImport - Indicates that the key can be imported during creation. KeyOperationImport KeyOperation = "import" // KeyOperationSign - Indicates that the key can be used to sign. @@ -135,7 +194,7 @@ func PossibleKeyOperationValues() []KeyOperation { return []KeyOperation{ KeyOperationDecrypt, KeyOperationEncrypt, - + KeyOperationExport, KeyOperationImport, KeyOperationSign, KeyOperationUnwrapKey, @@ -192,7 +251,8 @@ func PossibleKeyTypeValues() []KeyType { } } -// SignatureAlgorithm - The signing/verification algorithm identifier. +// SignatureAlgorithm - The signing/verification algorithm identifier. For more information on possible algorithm types, see +// JsonWebKeySignatureAlgorithm. type SignatureAlgorithm string const ( @@ -216,6 +276,8 @@ const ( SignatureAlgorithmRS384 SignatureAlgorithm = "RS384" // SignatureAlgorithmRS512 - RSASSA-PKCS1-v1_5 using SHA-512, as described in https://tools.ietf.org/html/rfc7518 SignatureAlgorithmRS512 SignatureAlgorithm = "RS512" + // SignatureAlgorithmRSNULL - Reserved + SignatureAlgorithmRSNULL SignatureAlgorithm = "RSNULL" ) // PossibleSignatureAlgorithmValues returns the possible values for the SignatureAlgorithm const type. @@ -231,5 +293,6 @@ func PossibleSignatureAlgorithmValues() []SignatureAlgorithm { SignatureAlgorithmRS256, SignatureAlgorithmRS384, SignatureAlgorithmRS512, + SignatureAlgorithmRSNULL, } } diff --git a/sdk/security/keyvault/azkeys/go.mod b/sdk/security/keyvault/azkeys/go.mod index 0b1a6e092658..ef91b7275357 100644 --- a/sdk/security/keyvault/azkeys/go.mod +++ b/sdk/security/keyvault/azkeys/go.mod @@ -1,4 +1,4 @@ -module github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azkeys +module github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azkeys/v2 go 1.18 @@ -6,6 +6,7 @@ require ( github.com/Azure/azure-sdk-for-go/sdk/azcore v1.16.0 github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.8.0 github.com/Azure/azure-sdk-for-go/sdk/internal v1.10.0 + github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azkeys v1.3.0 github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal v1.1.0 github.com/stretchr/testify v1.10.0 ) diff --git a/sdk/security/keyvault/azkeys/go.sum b/sdk/security/keyvault/azkeys/go.sum index b9c534aac67f..664ce91f6773 100644 --- a/sdk/security/keyvault/azkeys/go.sum +++ b/sdk/security/keyvault/azkeys/go.sum @@ -5,6 +5,8 @@ github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.8.0/go.mod h1:fiPSssYvltE08H github.com/Azure/azure-sdk-for-go/sdk/azidentity/cache v0.3.0 h1:+m0M/LFxN43KvULkDNfdXOgrjtg6UYJPFBJyuEcRCAw= github.com/Azure/azure-sdk-for-go/sdk/internal v1.10.0 h1:ywEEhmNahHBihViHepv3xPBn1663uRv2t2q/ESv9seY= github.com/Azure/azure-sdk-for-go/sdk/internal v1.10.0/go.mod h1:iZDifYGJTIgIIkYRNWPENUnqx6bJ2xnSDFI2tjwZNuY= +github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azkeys v1.3.0 h1:7rKG7UmnrxX4N53TFhkYqjc+kVUZuw0fL8I3Fh+Ld9E= +github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azkeys v1.3.0/go.mod h1:Wjo+24QJVhhl/L7jy6w9yzFF2yDOf3cKECAa8ecf9vE= github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal v1.1.0 h1:eXnN9kaS8TiDwXjoie3hMRLuwdUBUMW9KRgOqB3mCaw= github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal v1.1.0/go.mod h1:XIpam8wumeZ5rVMuhdDQLMfIPDf1WO3IzrCRO3e3e3o= github.com/AzureAD/microsoft-authentication-extensions-for-go/cache v0.1.1 h1:WJTmL004Abzc5wDB5VtZG2PJk5ndYDgVacGqfirKxjM= diff --git a/sdk/security/keyvault/azkeys/models.go b/sdk/security/keyvault/azkeys/models.go index 36bdd166bfc8..cb6fa2040382 100644 --- a/sdk/security/keyvault/azkeys/models.go +++ b/sdk/security/keyvault/azkeys/models.go @@ -14,16 +14,16 @@ type BackupKeyResult struct { // CreateKeyParameters - The key create parameters. type CreateKeyParameters struct { - // REQUIRED; The type of key to create. + // REQUIRED; The type of key to create. For valid values, see JsonWebKeyType. Kty *KeyType - // Elliptic curve name. + // Elliptic curve name. For valid values, see JsonWebKeyCurveName. Curve *CurveName // The attributes of a key managed by the key vault service. KeyAttributes *KeyAttributes - // Json web key operations. + // Json web key operations. For more information on possible key operations, see JsonWebKeyOperation. KeyOps []*KeyOperation // The key size in bits. For example: 2048, 3072, or 4096 for RSA. @@ -39,7 +39,7 @@ type CreateKeyParameters struct { Tags map[string]*string } -// DeletedKey - A DeletedKey consisting of a WebKey plus its Attributes and deletion info +// DeletedKey - A DeletedKeyBundle consisting of a WebKey plus its Attributes and deletion info type DeletedKey struct { // The key management attributes. Attributes *KeyAttributes @@ -73,7 +73,7 @@ type DeletedKeyProperties struct { Attributes *KeyAttributes // Key identifier. - KID *ID + KID *string // The url of the recovery object, used to identify and recover the deleted key. RecoveryID *string @@ -128,7 +128,7 @@ type ImportKeyParameters struct { // JSONWebKey - As of http://tools.ietf.org/html/draft-ietf-jose-json-web-key-18 type JSONWebKey struct { - // Elliptic curve name. + // Elliptic curve name. For valid values, see JsonWebKeyCurveName. Crv *CurveName // RSA private exponent, or the D component of an EC private key. @@ -147,10 +147,10 @@ type JSONWebKey struct { K []byte // Key identifier. - KID *ID + KID *string - // Json web key operations. - KeyOps []*KeyOperation + // Json web key operations. For more information on possible key operations, see JsonWebKeyOperation. + KeyOps []*string // JsonWebKey Key Type (kty), as defined in https://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-40. Kty *KeyType @@ -204,7 +204,7 @@ type KeyAttributes struct { // READ-ONLY; Reflects the deletion recovery level currently in effect for keys in the current vault. If it contains 'Purgeable' // the key can be permanently deleted by a privileged user; otherwise, only the system can purge the key, at the end of the // retention interval. - RecoveryLevel *string + RecoveryLevel *DeletionRecoveryLevel // READ-ONLY; Last updated time in UTC. Updated *time.Time @@ -259,7 +259,7 @@ type KeyOperationResult struct { IV []byte // READ-ONLY; Key identifier - KID *ID + KID *string // READ-ONLY; The result of the operation. Result []byte @@ -271,7 +271,7 @@ type KeyProperties struct { Attributes *KeyAttributes // Key identifier. - KID *ID + KID *string // Application specific metadata in the form of key-value pairs. Tags map[string]*string @@ -393,7 +393,7 @@ type RestoreKeyParameters struct { // SignParameters - The key operations parameters. type SignParameters struct { - // REQUIRED; The signing/verification algorithm identifier. + // REQUIRED; The signing/verification algorithm identifier. For more information on possible algorithm types, see JsonWebKeySignatureAlgorithm. Algorithm *SignatureAlgorithm // REQUIRED; The value to operate on. @@ -405,7 +405,7 @@ type UpdateKeyParameters struct { // The attributes of a key managed by the key vault service. KeyAttributes *KeyAttributes - // Json web key operations. + // Json web key operations. For more information on possible key operations, see JsonWebKeyOperation. KeyOps []*KeyOperation // The policy rules under which the key can be exported. @@ -417,7 +417,7 @@ type UpdateKeyParameters struct { // VerifyParameters - The key verify parameters. type VerifyParameters struct { - // REQUIRED; The signing/verification algorithm. + // REQUIRED; The signing/verification algorithm. For more information on possible algorithm types, see JsonWebKeySignatureAlgorithm. Algorithm *SignatureAlgorithm // REQUIRED; The digest used for signing. diff --git a/sdk/security/keyvault/azkeys/models_serde.go b/sdk/security/keyvault/azkeys/models_serde.go index 1f0a620c9104..c8463264f540 100644 --- a/sdk/security/keyvault/azkeys/models_serde.go +++ b/sdk/security/keyvault/azkeys/models_serde.go @@ -7,10 +7,9 @@ package azkeys import ( "encoding/json" "fmt" - "reflect" - "github.com/Azure/azure-sdk-for-go/sdk/azcore" "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "reflect" ) // MarshalJSON implements the json.Marshaller interface for type BackupKeyResult. diff --git a/sdk/security/keyvault/azkeys/options.go b/sdk/security/keyvault/azkeys/options.go index 3fa3e0888144..881a868437d5 100644 --- a/sdk/security/keyvault/azkeys/options.go +++ b/sdk/security/keyvault/azkeys/options.go @@ -56,17 +56,20 @@ type ImportKeyOptions struct { // ListDeletedKeyPropertiesOptions contains the optional parameters for the Client.NewListDeletedKeyPropertiesPager method. type ListDeletedKeyPropertiesOptions struct { - // placeholder for future optional parameters + // Maximum number of results to return in a page. If not specified the service will return up to 25 results. + Maxresults *int32 } // ListKeyPropertiesOptions contains the optional parameters for the Client.NewListKeyPropertiesPager method. type ListKeyPropertiesOptions struct { - // placeholder for future optional parameters + // Maximum number of results to return in a page. If not specified the service will return up to 25 results. + Maxresults *int32 } // ListKeyPropertiesVersionsOptions contains the optional parameters for the Client.NewListKeyPropertiesVersionsPager method. type ListKeyPropertiesVersionsOptions struct { - // placeholder for future optional parameters + // Maximum number of results to return in a page. If not specified the service will return up to 25 results. + Maxresults *int32 } // PurgeDeletedKeyOptions contains the optional parameters for the Client.PurgeDeletedKey method. diff --git a/sdk/security/keyvault/azkeys/responses.go b/sdk/security/keyvault/azkeys/responses.go index 17e2451be137..5406514bfcca 100644 --- a/sdk/security/keyvault/azkeys/responses.go +++ b/sdk/security/keyvault/azkeys/responses.go @@ -24,7 +24,7 @@ type DecryptResponse struct { // DeleteKeyResponse contains the response from method Client.DeleteKey. type DeleteKeyResponse struct { - // A DeletedKey consisting of a WebKey plus its Attributes and deletion info + // A DeletedKeyBundle consisting of a WebKey plus its Attributes and deletion info DeletedKey } @@ -36,7 +36,7 @@ type EncryptResponse struct { // GetDeletedKeyResponse contains the response from method Client.GetDeletedKey. type GetDeletedKeyResponse struct { - // A DeletedKey consisting of a WebKey plus its Attributes and deletion info + // A DeletedKeyBundle consisting of a WebKey plus its Attributes and deletion info DeletedKey } diff --git a/sdk/security/keyvault/azkeys/time_unix.go b/sdk/security/keyvault/azkeys/time_unix.go index 922f0854756b..c46295ba9159 100644 --- a/sdk/security/keyvault/azkeys/time_unix.go +++ b/sdk/security/keyvault/azkeys/time_unix.go @@ -7,10 +7,9 @@ package azkeys import ( "encoding/json" "fmt" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" "reflect" "time" - - "github.com/Azure/azure-sdk-for-go/sdk/azcore" ) type timeUnix time.Time diff --git a/sdk/security/keyvault/azkeys/tsp-location.yaml b/sdk/security/keyvault/azkeys/tsp-location.yaml index cecc0869850c..1f3be04c43af 100644 --- a/sdk/security/keyvault/azkeys/tsp-location.yaml +++ b/sdk/security/keyvault/azkeys/tsp-location.yaml @@ -1,6 +1,5 @@ directory: specification/keyvault/Security.KeyVault.Keys -commit: de825aa1e9bc91476240630a2142d42a380de1c9 +commit: 256c5d15d6b085cea66e9b0e35a57b26d1ab264f repo: Azure/azure-rest-api-specs additionalDirectories: -- specification/keyvault/Security.KeyVault.Common/ -# https://github.com/Azure/azure-rest-api-specs/tree/de825aa1e9bc91476240630a2142d42a380de1c9/specification/keyvault/Security.KeyVault.Keys +- specification/keyvault/Security.KeyVault.Common/ \ No newline at end of file