com.microsoft.azure.keyvault.webkey.JsonWebKeyType Java Examples

@Test(expected = UnsupportedOperationException.class)
public void testFromJsonWebKeyPublicOnly() throws Exception {
	ECGenParameterSpec gps = new ECGenParameterSpec(EcKey.P256);
	EC_KEY_GENERATOR.initialize(gps);
	KeyPair keyPair = EC_KEY_GENERATOR.generateKeyPair();
	
	ECPublicKey apub = (ECPublicKey) keyPair.getPublic();
	ECPoint point = apub.getW();
	
	JsonWebKey jwk = new JsonWebKey()
			.withKid("kid")
			.withCrv(JsonWebKeyCurveName.P_256)
			.withX(point.getAffineX().toByteArray())
			.withY(point.getAffineY().toByteArray())
			.withKty(JsonWebKeyType.EC);

	assertFalse(jwk.hasPrivateKey());
	
	EcKey newKey = EcKey.fromJsonWebKey(jwk, false);
	assertEquals("kid", newKey.getKid());
	doSignVerify(newKey, DIGEST_256);
}
 

@Test
public void testFromJsonWebKey() throws Exception {
    ECGenParameterSpec gps = new ECGenParameterSpec(EcKey.P384);
    EC_KEY_GENERATOR.initialize(gps);
    KeyPair keyPair = EC_KEY_GENERATOR.generateKeyPair();
    
    ECPublicKey apub = (ECPublicKey) keyPair.getPublic();
    ECPoint point = apub.getW();
    ECPrivateKey apriv = (ECPrivateKey) keyPair.getPrivate();
    
    JsonWebKey jwk = new JsonWebKey()
            .withKid("kid")
            .withCrv(JsonWebKeyCurveName.P_384)
            .withX(point.getAffineX().toByteArray())
            .withY(point.getAffineY().toByteArray())
            .withD(apriv.getS().toByteArray())
            .withKty(JsonWebKeyType.EC);

    assertTrue(jwk.hasPrivateKey());
    
    EcKey newKey = EcKey.fromJsonWebKey(jwk, true);
    assertEquals("kid", newKey.getKid());
    doSignVerify(newKey, DIGEST_384);
}
 

@Test
public void testToJsonWebKey() throws Exception {
	ECGenParameterSpec gps = new ECGenParameterSpec(EcKey.P521);
	EC_KEY_GENERATOR.initialize(gps);
	KeyPair keyPair = EC_KEY_GENERATOR.generateKeyPair();
	
	ECPublicKey apub = (ECPublicKey) keyPair.getPublic();
	ECPoint point = apub.getW();
	ECPrivateKey apriv = (ECPrivateKey) keyPair.getPrivate();
	
	JsonWebKey jwk = new JsonWebKey()
			.withKid("kid")
			.withCrv(JsonWebKeyCurveName.P_521)
			.withX(point.getAffineX().toByteArray())
			.withY(point.getAffineY().toByteArray())
			.withD(apriv.getS().toByteArray())
			.withKty(JsonWebKeyType.EC);
	
	EcKey newKey = new EcKey("kid", keyPair);
	
	JsonWebKey newJwk = newKey.toJsonWebKey();
	//set missing parameters
	newJwk.withKid("kid");
	
	assertEquals(jwk, newJwk);	
}
 

private static void validateRsaKeyBundle(KeyBundle bundle, String vault, String keyName, JsonWebKeyType kty, List<JsonWebKeyOperation> key_ops, Attributes attributes) throws Exception {
    String prefix = vault + "/keys/" + keyName + "/";
    String kid = bundle.key().kid();
    Assert.assertTrue( 
            String.format("\"kid\" should start with \"%s\", but instead the value is \"%s\".", prefix, kid), 
            kid.startsWith(prefix));
    Assert.assertEquals(kty, bundle.key().kty());
    Assert.assertNotNull("\"n\" should not be null.", bundle.key().n());
    Assert.assertNotNull("\"e\" should not be null.", bundle.key().e());
    if (key_ops != null) {
        Assert.assertTrue(key_ops.equals(bundle.key().keyOps()));
    }
    Assert.assertNotNull("\"created\" should not be null.", bundle.attributes().created());
    Assert.assertNotNull("\"updated\" should not be null.", bundle.attributes().updated());
            
    Assert.assertTrue(bundle.managed() == null || bundle.managed() == false);
    Assert.assertTrue(bundle.key().isValid());
}
 

private static JsonWebKey importTestKey() throws Exception {

        KeyBundle keyBundle = new KeyBundle();
        JsonWebKey key = JsonWebKey.fromRSA(getTestKeyMaterial());

        key.withKty(JsonWebKeyType.RSA);
        key.withKeyOps(Arrays.asList(JsonWebKeyOperation.ENCRYPT, JsonWebKeyOperation.DECRYPT, JsonWebKeyOperation.SIGN, JsonWebKeyOperation.VERIFY, JsonWebKeyOperation.WRAP_KEY, JsonWebKeyOperation.UNWRAP_KEY));

        keyBundle = keyVaultClient.importKey(
                new ImportKeyRequest
                    .Builder(getVaultUri(), KEY_NAME, key)
                        .withHsm(false)
                        .build());
        
        validateRsaKeyBundle(keyBundle, getVaultUri(), KEY_NAME, JsonWebKeyType.RSA, null, null);

        return keyBundle.key();
    }
 

private void checkImportOperation(KeyBundle keyBundle, boolean importToHardware) throws Exception {
    Attributes attribute = new KeyAttributes()
            .withEnabled(true)
            .withExpires(new DateTime().withYear(2050).withMonthOfYear(1))
            .withNotBefore(new DateTime().withYear(2000).withMonthOfYear(1));
    
    Map<String, String> tags = new HashMap<String, String>();
    tags.put("foo", "baz");
    
    JsonWebKey importedJwk = keyBundle.key();
    KeyBundle importResultBundle = keyVaultClient.importKey(
            new ImportKeyRequest
                .Builder(getVaultUri(), KEY_NAME, keyBundle.key())
                    .withHsm(importToHardware)
                    .withAttributes(attribute)
                    .withTags(tags)
                    .build());
    
    validateRsaKeyBundle(importResultBundle, getVaultUri(), KEY_NAME, importToHardware ? JsonWebKeyType.RSA_HSM : JsonWebKeyType.RSA, importedJwk.keyOps(), attribute);
    checkEncryptDecryptSequence(importedJwk, importResultBundle);
    Assert.assertTrue(importResultBundle.key().isValid());
}
 

protected KeyVaultKey(KeyVaultClient client, KeyBundle keyBundle) {

        if (client == null) {
            throw new IllegalArgumentException("client");
        }

        if (keyBundle == null) {
            throw new IllegalArgumentException("keyBundle");
        }

        JsonWebKey key = keyBundle.key();

        if (key == null) {
            throw new IllegalArgumentException("keyBundle must contain a key");
        }

        if (key.kty().equals(JsonWebKeyType.RSA)) {
            // The private key is not available for KeyVault keys
            implementation = new RsaKey(key.kid(), key.toRSA(false));
        } else if (key.kty().equals(JsonWebKeyType.RSA_HSM)) {
            // The private key is not available for KeyVault keys
            implementation = new RsaKey(key.kid(), key.toRSA(false));
        }

        if (implementation == null) {
            throw new IllegalArgumentException(String.format("The key type %s is not supported", key.kty()));
        }

        this.client = client;
    }
 

@Test
public void KeyVault_KeyVaultKeyResolver_Key_KeyVaultKeyResolverDefaultProviderTest() throws InterruptedException, ExecutionException
{
	String TEST_KEY_NAME = KEY_NAME + "1";
    try {
        // Create a key on a vault.
        CreateKeyRequest  request   = new CreateKeyRequest.Builder(getVaultUri(), TEST_KEY_NAME, JsonWebKeyType.RSA).build();
        KeyBundle         keyBundle = keyVaultClient.createKey(request);
        
        try
        {
            // ctor with client
            final KeyVaultKeyResolver resolver = new KeyVaultKeyResolver( keyVaultClient );

            IKey baseKey    = resolver.resolveKeyAsync( keyBundle.keyIdentifier().baseIdentifier() ).get();
            IKey versionKey = resolver.resolveKeyAsync( keyBundle.keyIdentifier().identifier() ).get();
                                    
            Assert.assertEquals( baseKey.getKid(), versionKey.getKid() );
        }
        finally
        {
            // Delete the key
            keyVaultClient.deleteKey( getVaultUri(), TEST_KEY_NAME );
            pollOnKeyDeletion( getVaultUri(), TEST_KEY_NAME );
            keyVaultClient.purgeDeletedKey( getVaultUri(), TEST_KEY_NAME );
        }
    } catch(Exception ex) {
        fail(ex.getMessage());
    }
}
 

@Test
public void KeyVault_KeyVaultKeyResolver_Key_KeyVaultKeyResolverBCProviderTest() throws InterruptedException, ExecutionException
{
	String TEST_KEY_NAME = KEY_NAME + "1";
    try {
        // Create a key on a vault.
        CreateKeyRequest           request  = new CreateKeyRequest.Builder(getVaultUri(), TEST_KEY_NAME, JsonWebKeyType.RSA).build();
        KeyBundle bundle = keyVaultClient.createKey(request);

        if ( bundle != null )
        {
            try
            {
                // ctor with client
                KeyVaultKeyResolver resolver = new KeyVaultKeyResolver( keyVaultClient, _provider );

                Future<IKey> baseKeyFuture    = resolver.resolveKeyAsync( bundle.keyIdentifier().baseIdentifier() );
                Future<IKey> versionKeyFuture = resolver.resolveKeyAsync( bundle.keyIdentifier().identifier() );

                IKey baseKey    = baseKeyFuture.get();
                IKey versionKey = versionKeyFuture.get();

                Assert.assertEquals( baseKey.getKid(), versionKey.getKid() );
            }
            finally
            {
                // Delete the key
                keyVaultClient.deleteKey( getVaultUri(), TEST_KEY_NAME );
                pollOnKeyDeletion( getVaultUri(), TEST_KEY_NAME );
                keyVaultClient.purgeDeletedKey( getVaultUri(), TEST_KEY_NAME);

            }
        }
    }
    catch ( Exception ex )
    {
        Assert.fail(ex.getMessage());
    }
}
 

@Override
public Observable<ServiceResponse<KeyBundle>> createKeyWithServiceResponseAsync(String vaultBaseUrl, String keyName,
        JsonWebKeyType kty, Integer keySize, List<JsonWebKeyOperation> keyOps, KeyAttributes keyAttributes,
        Map<String, String> tags) {
    return createKeyWithServiceResponseAsync(vaultBaseUrl, keyName, kty, keySize, keyOps, keyAttributes, tags,
            null);
}
 

@Test
public void backupRestoreForKeyOperationsTest() throws Exception {

    KeyBundle createdBundle;

    // Creates a key
    {
        createdBundle = keyVaultClient.createKey(
                new CreateKeyRequest.Builder(getVaultUri(), KEY_NAME, JsonWebKeyType.RSA)
                                    .build());
        validateRsaKeyBundle(createdBundle, getVaultUri(), KEY_NAME, JsonWebKeyType.RSA, null, null);
    }

    // Creates a backup of key.
    byte[] keyBackup;
    {
        keyBackup = keyVaultClient.backupKey(getVaultUri(), KEY_NAME).value();
        if (isRecordMode()) {
        	Thread.sleep(20000);
        }
    }

    // Deletes the key.
    {
        keyVaultClient.deleteKey(getVaultUri(), KEY_NAME);
        pollOnKeyDeletion(getVaultUri(), KEY_NAME);
    }
    
    keyVaultClient.purgeDeletedKey(getVaultUri(), KEY_NAME);
    if (isRecordMode()) {
    	Thread.sleep(40000);
    }

    // Restores the key.
    {
        KeyBundle restoredBundle = keyVaultClient.restoreKey(getVaultUri(), keyBackup);
        compareKeyBundles(createdBundle, restoredBundle);
    }
    
}
 

@Override
public Observable<KeyBundle> createKeyAsync(String vaultBaseUrl, String keyName, JsonWebKeyType kty,
        Integer keySize, List<JsonWebKeyOperation> keyOps, KeyAttributes keyAttributes, Map<String, String> tags) {
    return createKeyAsync(vaultBaseUrl, keyName, kty, keySize, keyOps, keyAttributes, tags,
            (JsonWebKeyCurveName) null);
}
 

@Override
public ServiceFuture<KeyBundle> createKeyAsync(String vaultBaseUrl, String keyName, JsonWebKeyType kty,
        Integer keySize, List<JsonWebKeyOperation> keyOps, KeyAttributes keyAttributes, Map<String, String> tags,
        ServiceCallback<KeyBundle> serviceCallback) {
    return createKeyAsync(vaultBaseUrl, keyName, kty, keySize, keyOps, keyAttributes, tags, null, serviceCallback);
}
 

@Override
public KeyBundle createKey(String vaultBaseUrl, String keyName, JsonWebKeyType kty, Integer keySize,
        List<JsonWebKeyOperation> keyOps, KeyAttributes keyAttributes, Map<String, String> tags) {
    return createKey(vaultBaseUrl, keyName, kty, keySize, keyOps, keyAttributes, tags, null);
}
 

/**
 * @return the key type
 */
public JsonWebKeyType keyType() {
    return keyType;
}
 

@Test
public void listKeyVersionsForKeyOperationsTest() throws Exception {

    HashSet<String> keys = new HashSet<String>();
    for (int i = 0; i < MAX_KEYS; ++i) {
        int failureCount = 0;
        for (;;) {
            try {
                KeyBundle createdBundle = keyVaultClient.createKey(new CreateKeyRequest.Builder(getVaultUri(), KEY_NAME, JsonWebKeyType.RSA).build());
                keys.add(createdBundle.key().kid());
                break;
            } catch (KeyVaultErrorException e) {
                ++failureCount;
                if (e.body().error().code().equals("Throttled")) {
                    System.out.println("Waiting to avoid throttling");
                    if (isRecordMode()) {
                    	Thread.sleep(failureCount * 1500);
                    }
                    continue;
                }
                throw e;
            }
        }
    }

    PagedList<KeyItem> listResult = keyVaultClient.listKeyVersions(getVaultUri(), KEY_NAME, MAX_KEYS);
    //TODO bug: Assert.assertTrue(PAGELIST_MAX_KEYS >= listResult.currentPage().getItems().size());

    listResult = keyVaultClient.listKeyVersions(getVaultUri(), KEY_NAME);
    
    for (KeyItem item : listResult) {
        if(item != null) {
            keys.remove(item.kid());
        }
    }

    Assert.assertEquals(0, keys.size());

    keyVaultClient.deleteKey(getVaultUri(), KEY_NAME);
    pollOnKeyDeletion(getVaultUri(), KEY_NAME);
    
    keyVaultClient.purgeDeletedKey(getVaultUri(), KEY_NAME);
    if (isRecordMode()) {
    	Thread.sleep(40000);        
    }
}
 

@Override
public KeyImpl withKeyTypeToCreate(JsonWebKeyType keyType) {
    createKeyRequest = new CreateKeyRequest.Builder(vault.vaultUri(), name(), keyType);
    return this;
}
 

@Test
public void keyAsyncForAsyncOperationsTest() throws Exception {

	String vault = getVaultUri();
	String keyname = "mykey";

	CreateKeyRequest createKeyRequest = new CreateKeyRequest.Builder(vault, keyname, JsonWebKeyType.RSA).build();
	KeyBundle keyBundle = keyVaultClient.createKeyAsync(createKeyRequest, null).get();
	Assert.assertNotNull(keyBundle);

	UpdateKeyRequest updateKeyRequest = new UpdateKeyRequest.Builder(keyBundle.key().kid()).build();
	keyBundle = keyVaultClient.updateKeyAsync(updateKeyRequest, null).get();
	Assert.assertNotNull(keyBundle);

	keyBundle = keyVaultClient.getKeyAsync(keyBundle.key().kid(), null).get();
	Assert.assertNotNull(keyBundle);

	List<KeyItem> keyItems = keyVaultClient.listKeysAsync(vault, 2, null).get();
	Assert.assertNotNull(keyItems);

	List<KeyItem> keyVersionItems = keyVaultClient.listKeyVersionsAsync(vault, keyname, 2, null).get();
	Assert.assertNotNull(keyVersionItems);

	BackupKeyResult backupResult = keyVaultClient.backupKeyAsync(vault, keyname, null).get();
	Assert.assertNotNull(backupResult);

	keyVaultClient.deleteKeyAsync(keyBundle.keyIdentifier().vault(), keyBundle.keyIdentifier().name(), null).get();
	pollOnKeyDeletion(keyBundle.keyIdentifier().vault(), keyBundle.keyIdentifier().name());
	keyVaultClient.purgeDeletedKey(keyBundle.keyIdentifier().vault(), keyBundle.keyIdentifier().name());
	if (isRecordMode()) {
		Thread.sleep(20000);
	}

	KeyBundle restoreResult = keyVaultClient.restoreKeyAsync(vault, backupResult.value(), null).get();
	Assert.assertNotNull(restoreResult);

	KeyOperationResult encryptResult = keyVaultClient
			.encryptAsync(keyBundle.key().kid(), JsonWebKeyEncryptionAlgorithm.RSA_OAEP, new byte[100], null).get();
	Assert.assertNotNull(encryptResult);

	KeyOperationResult decryptResult = keyVaultClient.decryptAsync(keyBundle.key().kid(),
			JsonWebKeyEncryptionAlgorithm.RSA_OAEP, encryptResult.result(), null).get();
	Assert.assertNotNull(decryptResult);

	KeyOperationResult wrapResult = keyVaultClient
			.wrapKeyAsync(keyBundle.key().kid(), JsonWebKeyEncryptionAlgorithm.RSA_OAEP, new byte[100], null).get();
	Assert.assertNotNull(wrapResult);

	KeyOperationResult unwrapResult = keyVaultClient.unwrapKeyAsync(keyBundle.key().kid(),
			JsonWebKeyEncryptionAlgorithm.RSA_OAEP, wrapResult.result(), null).get();
	Assert.assertNotNull(unwrapResult);

	byte[] plainText = new byte[100];
	new Random(0x1234567L).nextBytes(plainText);
	MessageDigest md = MessageDigest.getInstance("SHA-256");
	md.update(plainText);
	byte[] digest = md.digest();
	KeyOperationResult signResult = keyVaultClient
			.signAsync(keyBundle.key().kid(), JsonWebKeySignatureAlgorithm.RS256, digest, null).get();
	Assert.assertNotNull(signResult);

	KeyVerifyResult verifypResult = keyVaultClient.verifyAsync(keyBundle.key().kid(),
			JsonWebKeySignatureAlgorithm.RS256, digest, signResult.result(), null).get();
	Assert.assertTrue(verifypResult.value());

	keyBundle = keyVaultClient
			.deleteKeyAsync(keyBundle.keyIdentifier().vault(), keyBundle.keyIdentifier().name(), null).get();
	Assert.assertNotNull(keyBundle);
	pollOnKeyDeletion(keyBundle.keyIdentifier().vault(), keyBundle.keyIdentifier().name());
	keyVaultClient.purgeDeletedKey(keyBundle.keyIdentifier().vault(), keyBundle.keyIdentifier().name());
	if (isRecordMode()) {
		Thread.sleep(20000);
	}
	// Get the unavailable key to throw exception -> it gets stuck

	try {
		keyVaultClient.deleteKeyAsync(keyBundle.keyIdentifier().vault(), keyBundle.keyIdentifier().name(), null)
				.get();
	} catch (ExecutionException ex) {

		Throwable t = ex.getCause();
		if (t instanceof KeyVaultErrorException) {
			Assert.assertEquals("KeyNotFound", ((KeyVaultErrorException) t).body().error().code());
		} else
			throw ex;
	}

}
 

/**
 * The builder for constructing {@link CreateKeyRequest} object.
 * 
 * @param vaultBaseUrl
 *            The vault name, e.g. https://myvault.vault.azure.net
 * @param keyName
 *            The name of the key in the given vault
 * @param keyType
 *            The type of key to create. Valid key types, see JsonWebKeyType.
 *            Supported JsonWebKey key types (kty) for Elliptic Curve, RSA, HSM,
 *            Octet. Possible values include: 'EC', 'RSA', 'RSA-HSM', 'oct'
 */
public Builder(String vaultBaseUrl, String keyName, JsonWebKeyType keyType) {
    this.vaultBaseUrl = vaultBaseUrl;
    this.keyName = keyName;
    this.keyType = keyType;
}
 

/**
 * Creates a new key, stores it, then returns key parameters and attributes to
 * the client. The create key operation can be used to create any key type in
 * Azure Key Vault. If the named key already exists, Azure Key Vault creates a
 * new version of the key.
 *
 * @param vaultBaseUrl
 *            The vault name, for example https://myvault.vault.azure.net.
 * @param keyName
 *            The name for the new key. The system will generate the version
 *            name for the new key.
 * @param kty
 *            The type of key to create. For valid key types, see
 *            JsonWebKeyType. Supported JsonWebKey key types (kty) for Elliptic
 *            Curve, RSA, HSM, Octet. Possible values include: 'EC', 'RSA',
 *            'RSA-HSM', 'oct'
 * @param keySize
 *            The key size in bytes. For example, 1024 or 2048.
 * @param keyOps
 *            the List<JsonWebKeyOperation> value
 * @param keyAttributes
 *            the KeyAttributes value
 * @param tags
 *            Application specific metadata in the form of key-value pairs.
 * @param serviceCallback
 *            the async ServiceCallback to handle successful and failed
 *            responses.
 * @throws IllegalArgumentException
 *             thrown if parameters fail the validation
 * @return the {@link ServiceFuture} object
 */
ServiceFuture<KeyBundle> createKeyAsync(String vaultBaseUrl, String keyName, JsonWebKeyType kty, Integer keySize,
        List<JsonWebKeyOperation> keyOps, KeyAttributes keyAttributes, Map<String, String> tags,
        final ServiceCallback<KeyBundle> serviceCallback);
 

/**
 * Creates a new key, stores it, then returns key parameters and attributes to
 * the client. The create key operation can be used to create any key type in
 * Azure Key Vault. If the named key already exists, Azure Key Vault creates a
 * new version of the key.
 *
 * @param vaultBaseUrl
 *            The vault name, for example https://myvault.vault.azure.net.
 * @param keyName
 *            The name for the new key. The system will generate the version
 *            name for the new key.
 * @param kty
 *            The type of key to create. For valid key types, see
 *            JsonWebKeyType. Supported JsonWebKey key types (kty) for Elliptic
 *            Curve, RSA, HSM, Octet. Possible values include: 'EC', 'RSA',
 *            'RSA-HSM', 'oct'
 * @param keySize
 *            The key size in bytes. For example, 1024 or 2048.
 * @param keyOps
 *            the List<JsonWebKeyOperation> value
 * @param keyAttributes
 *            the KeyAttributes value
 * @param tags
 *            Application specific metadata in the form of key-value pairs.
 * @throws IllegalArgumentException
 *             thrown if parameters fail the validation
 * @return the observable to the KeyBundle object
 */
Observable<ServiceResponse<KeyBundle>> createKeyWithServiceResponseAsync(String vaultBaseUrl, String keyName,
        JsonWebKeyType kty, Integer keySize, List<JsonWebKeyOperation> keyOps, KeyAttributes keyAttributes,
        Map<String, String> tags);
 

/**
 * Creates a new key, stores it, then returns key parameters and attributes to
 * the client. The create key operation can be used to create any key type in
 * Azure Key Vault. If the named key already exists, Azure Key Vault creates a
 * new version of the key.
 *
 * @param vaultBaseUrl
 *            The vault name, for example https://myvault.vault.azure.net.
 * @param keyName
 *            The name for the new key. The system will generate the version
 *            name for the new key.
 * @param kty
 *            The type of key to create. For valid key types, see
 *            JsonWebKeyType. Supported JsonWebKey key types (kty) for Elliptic
 *            Curve, RSA, HSM, Octet. Possible values include: 'EC', 'RSA',
 *            'RSA-HSM', 'oct'
 * @param keySize
 *            The key size in bytes. For example, 1024 or 2048.
 * @param keyOps
 *            the List<JsonWebKeyOperation> value
 * @param keyAttributes
 *            the KeyAttributes value
 * @param tags
 *            Application specific metadata in the form of key-value pairs.
 * @throws IllegalArgumentException
 *             thrown if parameters fail the validation
 * @return the observable to the KeyBundle object
 */
Observable<KeyBundle> createKeyAsync(String vaultBaseUrl, String keyName, JsonWebKeyType kty, Integer keySize,
        List<JsonWebKeyOperation> keyOps, KeyAttributes keyAttributes, Map<String, String> tags);
 

/**
 * Specifies a key type to create a new key.
 * @param keyType the JWK type to create
 * @return the next stage of the definition
 */
WithCreate withKeyTypeToCreate(JsonWebKeyType keyType);
 

/**
 * Creates a new key, stores it, then returns key parameters and attributes to
 * the client. The create key operation can be used to create any key type in
 * Azure Key Vault. If the named key already exists, Azure Key Vault creates a
 * new version of the key.
 *
 * @param vaultBaseUrl
 *            The vault name, for example https://myvault.vault.azure.net.
 * @param keyName
 *            The name for the new key. The system will generate the version
 *            name for the new key.
 * @param kty
 *            The type of key to create. For valid key types, see
 *            JsonWebKeyType. Supported JsonWebKey key types (kty) for Elliptic
 *            Curve, RSA, HSM, Octet. Possible values include: 'EC', 'RSA',
 *            'RSA-HSM', 'oct'
 * @param keySize
 *            The key size in bytes. For example, 1024 or 2048.
 * @param keyOps
 *            the List<JsonWebKeyOperation> value
 * @param keyAttributes
 *            the KeyAttributes value
 * @param tags
 *            Application specific metadata in the form of key-value pairs.
 * @throws IllegalArgumentException
 *             thrown if parameters fail the validation
 * @throws KeyVaultErrorException
 *             thrown if the request is rejected by server
 * @throws RuntimeException
 *             all other wrapped checked exceptions if the request fails to be
 *             sent
 * @return the KeyBundle object if successful.
 */
KeyBundle createKey(String vaultBaseUrl, String keyName, JsonWebKeyType kty, Integer keySize,
        List<JsonWebKeyOperation> keyOps, KeyAttributes keyAttributes, Map<String, String> tags);
 

/**
 * Set the kty value.
 *
 * @param kty the kty value to set
 * @return the KeyCreateParameters object itself.
 */
public KeyCreateParameters withKty(JsonWebKeyType kty) {
    this.kty = kty;
    return this;
}
 

/**
 * Get the kty value.
 *
 * @return the kty value
 */
public JsonWebKeyType kty() {
    return this.kty;
}
 

/**
 * Set the keyType value.
 *
 * @param keyType the keyType value to set
 * @return the KeyProperties object itself.
 */
public KeyProperties withKeyType(JsonWebKeyType keyType) {
    this.keyType = keyType;
    return this;
}
 

/**
 * Get the keyType value.
 *
 * @return the keyType value
 */
public JsonWebKeyType keyType() {
    return this.keyType;
}
 

/**
 * Specifies a key type to create a new key version.
 * @param keyType the JWK type to create
 * @return the next stage of the update
 */
UpdateWithCreate withKeyTypeToCreate(JsonWebKeyType keyType);