CryptographyClient class

Pacote:: @azure/keyvault-keys

Um cliente usado para executar operações criptográficas em uma chave de cofre da Chave do Azure ou em um local JsonWebKey.

Construtores

CryptographyClient(JsonWebKey)

Constrói uma nova instância do cliente de criptografia para a chave dada no modo local.

Exemplo de uso:

import { CryptographyClient } from "@azure/keyvault-keys";

const jsonWebKey = {
  kty: "RSA",
  kid: "test-key-123",
  use: "sig",
  alg: "RS256",
  n: new Uint8Array([112, 34, 56, 98, 123, 244, 200, 99]),
  e: new Uint8Array([1, 0, 1]),
  d: new Uint8Array([45, 67, 89, 23, 144, 200, 76, 233]),
  p: new Uint8Array([34, 89, 100, 77, 204, 56, 29, 77]),
  q: new Uint8Array([78, 99, 201, 45, 188, 34, 67, 90]),
  dp: new Uint8Array([23, 45, 78, 56, 200, 144, 32, 67]),
  dq: new Uint8Array([12, 67, 89, 144, 99, 56, 23, 45]),
  qi: new Uint8Array([78, 90, 45, 201, 34, 67, 120, 55]),
};
const client = new CryptographyClient(jsonWebKey);

CryptographyClient(string | KeyVaultKey, TokenCredential, CryptographyClientOptions)

Constrói uma nova instância do cliente de criptografia para a chave fornecida

Exemplo de uso:

import { DefaultAzureCredential } from "@azure/identity";
import { KeyClient, CryptographyClient } from "@azure/keyvault-keys";

const credential = new DefaultAzureCredential();

const vaultName = "<YOUR KEYVAULT NAME>";
const url = `https://${vaultName}.vault.azure.net`;

const client = new KeyClient(url, credential);

// Create or retrieve a key from the keyvault
const myKey = await client.createKey("MyKey", "RSA");

// Lastly, create our cryptography client and connect to the service
const cryptographyClient = new CryptographyClient(myKey, credential);

Propriedades

keyID	A ID da chave usada para executar operações criptográficas para o cliente.
vaultUrl	O URL base para o cofre. Se um local JsonWebKey for usado, vaultUrl estará vazio.

Métodos

decrypt(DecryptParameters, DecryptOptions)	Desencripta o texto cifrado fornecido com os parâmetros de desencriptação especificados. Dependendo do algoritmo usado nos parâmetros de desencriptação, o conjunto de possíveis parâmetros de desencriptação será alterado. A Microsoft recomenda que você não use CBC sem primeiro garantir a integridade do texto cifrado usando, por exemplo, um HMAC. Consulte https://learn.microsoft.com/dotnet/standard/security/vulnerabilities-cbc-mode para obter mais informações. Exemplo de uso: import { DefaultAzureCredential } from "@azure/identity"; import { KeyClient, CryptographyClient } from "@azure/keyvault-keys"; const credential = new DefaultAzureCredential(); const vaultName = "<YOUR KEYVAULT NAME>"; const url = `https://${vaultName}.vault.azure.net`; const client = new KeyClient(url, credential); const myKey = await client.createKey("MyKey", "RSA"); const cryptographyClient = new CryptographyClient(myKey.id, credential); const encryptResult = await cryptographyClient.encrypt({ algorithm: "RSA1_5", plaintext: Buffer.from("My Message"), }); console.log("encrypt result: ", encryptResult.result); const decryptResult = await cryptographyClient.decrypt({ algorithm: "RSA1_5", ciphertext: encryptResult.result, }); console.log("decrypt result: ", decryptResult.result.toString());
decrypt(string, Uint8Array, DecryptOptions)	Desencripta o texto cifrado fornecido com o algoritmo de encriptação especificado Exemplo de uso: import { DefaultAzureCredential } from "@azure/identity"; import { KeyClient, CryptographyClient } from "@azure/keyvault-keys"; const credential = new DefaultAzureCredential(); const vaultName = "<YOUR KEYVAULT NAME>"; const url = `https://${vaultName}.vault.azure.net`; const client = new KeyClient(url, credential); const myKey = await client.createKey("MyKey", "RSA"); const cryptographyClient = new CryptographyClient(myKey.id, credential); const encryptResult = await cryptographyClient.encrypt({ algorithm: "RSA1_5", plaintext: Buffer.from("My Message"), }); console.log("encrypt result: ", encryptResult.result); const decryptResult = await cryptographyClient.decrypt({ algorithm: "RSA1_5", ciphertext: encryptResult.result, }); console.log("decrypt result: ", decryptResult.result.toString()); A Microsoft recomenda que você não use CBC sem primeiro garantir a integridade do texto cifrado usando, por exemplo, um HMAC. Consulte https://learn.microsoft.com/dotnet/standard/security/vulnerabilities-cbc-mode para obter mais informações.
encrypt(EncryptParameters, EncryptOptions)	Criptografa o texto sem formatação fornecido com os parâmetros de criptografia especificados. Dependendo do algoritmo definido nos parâmetros de encriptação, o conjunto de possíveis parâmetros de encriptação irá mudar. Exemplo de uso: import { DefaultAzureCredential } from "@azure/identity"; import { KeyClient, CryptographyClient } from "@azure/keyvault-keys"; const credential = new DefaultAzureCredential(); const vaultName = "<YOUR KEYVAULT NAME>"; const url = `https://${vaultName}.vault.azure.net`; const client = new KeyClient(url, credential); const myKey = await client.createKey("MyKey", "RSA"); const cryptographyClient = new CryptographyClient(myKey.id, credential); const encryptResult = await cryptographyClient.encrypt({ algorithm: "RSA1_5", plaintext: Buffer.from("My Message"), }); console.log("encrypt result: ", encryptResult.result);
encrypt(string, Uint8Array, EncryptOptions)	Criptografa o texto sem formatação fornecido com o algoritmo de criptografia especificado Exemplo de uso: import { DefaultAzureCredential } from "@azure/identity"; import { KeyClient, CryptographyClient } from "@azure/keyvault-keys"; const credential = new DefaultAzureCredential(); const vaultName = "<YOUR KEYVAULT NAME>"; const url = `https://${vaultName}.vault.azure.net`; const client = new KeyClient(url, credential); const myKey = await client.createKey("MyKey", "RSA"); const cryptographyClient = new CryptographyClient(myKey.id, credential); const encryptResult = await cryptographyClient.encrypt({ algorithm: "RSA1_5", plaintext: Buffer.from("My Message"), }); console.log("encrypt result: ", encryptResult.result);
sign(string, Uint8Array, SignOptions)	Assinar criptograficamente o resumo de uma mensagem Exemplo de uso: import { DefaultAzureCredential } from "@azure/identity"; import { KeyClient, CryptographyClient } from "@azure/keyvault-keys"; import { createHash } from "node:crypto"; const credential = new DefaultAzureCredential(); const vaultName = "<YOUR KEYVAULT NAME>"; const url = `https://${vaultName}.vault.azure.net`; const client = new KeyClient(url, credential); let myKey = await client.createKey("MyKey", "RSA"); const cryptographyClient = new CryptographyClient(myKey, credential); const signatureValue = "MySignature"; const hash = createHash("sha256"); const digest = hash.update(signatureValue).digest(); console.log("digest: ", digest); const signResult = await cryptographyClient.sign("RS256", digest); console.log("sign result: ", signResult.result);
signData(string, Uint8Array, SignOptions)	Assinar criptograficamente um bloco de dados Exemplo de uso: import { DefaultAzureCredential } from "@azure/identity"; import { KeyClient, CryptographyClient } from "@azure/keyvault-keys"; const credential = new DefaultAzureCredential(); const vaultName = "<YOUR KEYVAULT NAME>"; const url = `https://${vaultName}.vault.azure.net`; const client = new KeyClient(url, credential); const myKey = await client.createKey("MyKey", "RSA"); const cryptographyClient = new CryptographyClient(myKey, credential); const signResult = await cryptographyClient.signData("RS256", Buffer.from("My Message")); console.log("sign result: ", signResult.result);
unwrapKey(KeyWrapAlgorithm, Uint8Array, UnwrapKeyOptions)	Desembrulha a chave encapsulada fornecida usando o algoritmo de criptografia especificado Exemplo de uso: import { DefaultAzureCredential } from "@azure/identity"; import { KeyClient, CryptographyClient } from "@azure/keyvault-keys"; const credential = new DefaultAzureCredential(); const vaultName = "<YOUR KEYVAULT NAME>"; const url = `https://${vaultName}.vault.azure.net`; const client = new KeyClient(url, credential); const myKey = await client.createKey("MyKey", "RSA"); const cryptographyClient = new CryptographyClient(myKey, credential); const wrapResult = await cryptographyClient.wrapKey("RSA-OAEP", Buffer.from("My Key")); console.log("wrap result:", wrapResult.result); const unwrapResult = await cryptographyClient.unwrapKey("RSA-OAEP", wrapResult.result); console.log("unwrap result: ", unwrapResult.result);
verify(string, Uint8Array, Uint8Array, VerifyOptions)	Verificar o resumo da mensagem assinada Exemplo de uso: import { DefaultAzureCredential } from "@azure/identity"; import { KeyClient, CryptographyClient } from "@azure/keyvault-keys"; import { createHash } from "node:crypto"; const credential = new DefaultAzureCredential(); const vaultName = "<YOUR KEYVAULT NAME>"; const url = `https://${vaultName}.vault.azure.net`; const client = new KeyClient(url, credential); const myKey = await client.createKey("MyKey", "RSA"); const cryptographyClient = new CryptographyClient(myKey, credential); const hash = createHash("sha256"); hash.update("My Message"); const digest = hash.digest(); const signResult = await cryptographyClient.sign("RS256", digest); console.log("sign result: ", signResult.result); const verifyResult = await cryptographyClient.verify("RS256", digest, signResult.result); console.log("verify result: ", verifyResult.result);
verifyData(string, Uint8Array, Uint8Array, VerifyOptions)	Verificar o bloco de dados assinado Exemplo de uso: import { DefaultAzureCredential } from "@azure/identity"; import { KeyClient, CryptographyClient } from "@azure/keyvault-keys"; const credential = new DefaultAzureCredential(); const vaultName = "<YOUR KEYVAULT NAME>"; const url = `https://${vaultName}.vault.azure.net`; const client = new KeyClient(url, credential); const myKey = await client.createKey("MyKey", "RSA"); const cryptographyClient = new CryptographyClient(myKey, credential); const buffer = Buffer.from("My Message"); const signResult = await cryptographyClient.signData("RS256", buffer); console.log("sign result: ", signResult.result); const verifyResult = await cryptographyClient.verifyData("RS256", buffer, signResult.result); console.log("verify result: ", verifyResult.result);
wrapKey(KeyWrapAlgorithm, Uint8Array, WrapKeyOptions)	Encapsula a chave dada usando o algoritmo de criptografia especificado Exemplo de uso: import { DefaultAzureCredential } from "@azure/identity"; import { KeyClient, CryptographyClient } from "@azure/keyvault-keys"; const credential = new DefaultAzureCredential(); const vaultName = "<YOUR KEYVAULT NAME>"; const url = `https://${vaultName}.vault.azure.net`; const client = new KeyClient(url, credential); const myKey = await client.createKey("MyKey", "RSA"); const cryptographyClient = new CryptographyClient(myKey, credential); const wrapResult = await cryptographyClient.wrapKey("RSA-OAEP", Buffer.from("My Key")); console.log("wrap result:", wrapResult.result);

Detalhes do Construtor

CryptographyClient(JsonWebKey)

Constrói uma nova instância do cliente de criptografia para a chave dada no modo local.

Exemplo de uso:

import { CryptographyClient } from "@azure/keyvault-keys";

const jsonWebKey = {
  kty: "RSA",
  kid: "test-key-123",
  use: "sig",
  alg: "RS256",
  n: new Uint8Array([112, 34, 56, 98, 123, 244, 200, 99]),
  e: new Uint8Array([1, 0, 1]),
  d: new Uint8Array([45, 67, 89, 23, 144, 200, 76, 233]),
  p: new Uint8Array([34, 89, 100, 77, 204, 56, 29, 77]),
  q: new Uint8Array([78, 99, 201, 45, 188, 34, 67, 90]),
  dp: new Uint8Array([23, 45, 78, 56, 200, 144, 32, 67]),
  dq: new Uint8Array([12, 67, 89, 144, 99, 56, 23, 45]),
  qi: new Uint8Array([78, 90, 45, 201, 34, 67, 120, 55]),
};
const client = new CryptographyClient(jsonWebKey);

new CryptographyClient(key: JsonWebKey)

Parâmetros

key: JsonWebKey

O JsonWebKey para usar durante operações de criptografia.

CryptographyClient(string | KeyVaultKey, TokenCredential, CryptographyClientOptions)

Constrói uma nova instância do cliente de criptografia para a chave fornecida

Exemplo de uso:

import { DefaultAzureCredential } from "@azure/identity";
import { KeyClient, CryptographyClient } from "@azure/keyvault-keys";

const credential = new DefaultAzureCredential();

const vaultName = "<YOUR KEYVAULT NAME>";
const url = `https://${vaultName}.vault.azure.net`;

const client = new KeyClient(url, credential);

// Create or retrieve a key from the keyvault
const myKey = await client.createKey("MyKey", "RSA");

// Lastly, create our cryptography client and connect to the service
const cryptographyClient = new CryptographyClient(myKey, credential);

new CryptographyClient(key: string | KeyVaultKey, credential: TokenCredential, pipelineOptions?: CryptographyClientOptions)

Parâmetros

key: string | KeyVaultKey

A chave a ser usada durante as tarefas de criptografia. Você também pode passar o identificador da chave, ou seja, sua url aqui.

credential: TokenCredential

Um objeto que implementa a interface TokenCredential usada para autenticar solicitações para o serviço. Use o pacote @azure/identity para criar uma credencial que atenda às suas necessidades.

pipelineOptions: CryptographyClientOptions

Opções de pipeline usadas para configurar solicitações de API do Cofre de Chaves. Omita esse parâmetro para usar a configuração de pipeline padrão.

Detalhes de Propriedade

keyID

A ID da chave usada para executar operações criptográficas para o cliente.

undefined | string keyID

Valor de Propriedade

undefined | string

vaultUrl

O URL base para o cofre. Se um local JsonWebKey for usado, vaultUrl estará vazio.

string vaultUrl

Valor de Propriedade

string

Detalhes de Método

decrypt(DecryptParameters, DecryptOptions)

Desencripta o texto cifrado fornecido com os parâmetros de desencriptação especificados. Dependendo do algoritmo usado nos parâmetros de desencriptação, o conjunto de possíveis parâmetros de desencriptação será alterado.

A Microsoft recomenda que você não use CBC sem primeiro garantir a integridade do texto cifrado usando, por exemplo, um HMAC. Consulte https://learn.microsoft.com/dotnet/standard/security/vulnerabilities-cbc-mode para obter mais informações.

Exemplo de uso:

import { DefaultAzureCredential } from "@azure/identity";
import { KeyClient, CryptographyClient } from "@azure/keyvault-keys";

const credential = new DefaultAzureCredential();

const vaultName = "<YOUR KEYVAULT NAME>";
const url = `https://${vaultName}.vault.azure.net`;

const client = new KeyClient(url, credential);

const myKey = await client.createKey("MyKey", "RSA");
const cryptographyClient = new CryptographyClient(myKey.id, credential);

const encryptResult = await cryptographyClient.encrypt({
  algorithm: "RSA1_5",
  plaintext: Buffer.from("My Message"),
});
console.log("encrypt result: ", encryptResult.result);

const decryptResult = await cryptographyClient.decrypt({
  algorithm: "RSA1_5",
  ciphertext: encryptResult.result,
});
console.log("decrypt result: ", decryptResult.result.toString());

function decrypt(decryptParameters: DecryptParameters, options?: DecryptOptions): Promise<DecryptResult>

Parâmetros

decryptParameters: DecryptParameters

Os parâmetros de desencriptação.

options: DecryptOptions

Opções adicionais.

Devoluções

Promise<DecryptResult>

decrypt(string, Uint8Array, DecryptOptions)

Aviso

Esta API foi preterida.

Use decrypt({ algorithm, ciphertext }, options) instead.

Desencripta o texto cifrado fornecido com o algoritmo de encriptação especificado

Exemplo de uso:

import { DefaultAzureCredential } from "@azure/identity";
import { KeyClient, CryptographyClient } from "@azure/keyvault-keys";

const credential = new DefaultAzureCredential();

const vaultName = "<YOUR KEYVAULT NAME>";
const url = `https://${vaultName}.vault.azure.net`;

const client = new KeyClient(url, credential);

const myKey = await client.createKey("MyKey", "RSA");
const cryptographyClient = new CryptographyClient(myKey.id, credential);

const encryptResult = await cryptographyClient.encrypt({
  algorithm: "RSA1_5",
  plaintext: Buffer.from("My Message"),
});
console.log("encrypt result: ", encryptResult.result);

const decryptResult = await cryptographyClient.decrypt({
  algorithm: "RSA1_5",
  ciphertext: encryptResult.result,
});
console.log("decrypt result: ", decryptResult.result.toString());

function decrypt(algorithm: string, ciphertext: Uint8Array, options?: DecryptOptions): Promise<DecryptResult>

Parâmetros

algorithm: string

O algoritmo a ser usado.

ciphertext: Uint8Array

O texto a desencriptar.

options: DecryptOptions

Opções adicionais.

Devoluções

Promise<DecryptResult>

encrypt(EncryptParameters, EncryptOptions)

Criptografa o texto sem formatação fornecido com os parâmetros de criptografia especificados. Dependendo do algoritmo definido nos parâmetros de encriptação, o conjunto de possíveis parâmetros de encriptação irá mudar.

Exemplo de uso:

import { DefaultAzureCredential } from "@azure/identity";
import { KeyClient, CryptographyClient } from "@azure/keyvault-keys";

const credential = new DefaultAzureCredential();

const vaultName = "<YOUR KEYVAULT NAME>";
const url = `https://${vaultName}.vault.azure.net`;

const client = new KeyClient(url, credential);

const myKey = await client.createKey("MyKey", "RSA");
const cryptographyClient = new CryptographyClient(myKey.id, credential);

const encryptResult = await cryptographyClient.encrypt({
  algorithm: "RSA1_5",
  plaintext: Buffer.from("My Message"),
});
console.log("encrypt result: ", encryptResult.result);

function encrypt(encryptParameters: EncryptParameters, options?: EncryptOptions): Promise<EncryptResult>

Parâmetros

encryptParameters: EncryptParameters

Os parâmetros de encriptação, inseridos no algoritmo de encriptação escolhido.

options: EncryptOptions

Opções adicionais.

Devoluções

Promise<EncryptResult>

encrypt(string, Uint8Array, EncryptOptions)

Aviso

Esta API foi preterida.

Use encrypt({ algorithm, plaintext }, options) instead.

Criptografa o texto sem formatação fornecido com o algoritmo de criptografia especificado

Exemplo de uso:

import { DefaultAzureCredential } from "@azure/identity";
import { KeyClient, CryptographyClient } from "@azure/keyvault-keys";

const credential = new DefaultAzureCredential();

const vaultName = "<YOUR KEYVAULT NAME>";
const url = `https://${vaultName}.vault.azure.net`;

const client = new KeyClient(url, credential);

const myKey = await client.createKey("MyKey", "RSA");
const cryptographyClient = new CryptographyClient(myKey.id, credential);

const encryptResult = await cryptographyClient.encrypt({
  algorithm: "RSA1_5",
  plaintext: Buffer.from("My Message"),
});
console.log("encrypt result: ", encryptResult.result);

function encrypt(algorithm: string, plaintext: Uint8Array, options?: EncryptOptions): Promise<EncryptResult>

Parâmetros

algorithm: string

O algoritmo a ser usado.

plaintext: Uint8Array

O texto a encriptar.

options: EncryptOptions

Opções adicionais.

Devoluções

Promise<EncryptResult>

sign(string, Uint8Array, SignOptions)

Assinar criptograficamente o resumo de uma mensagem

Exemplo de uso:

import { DefaultAzureCredential } from "@azure/identity";
import { KeyClient, CryptographyClient } from "@azure/keyvault-keys";
import { createHash } from "node:crypto";

const credential = new DefaultAzureCredential();

const vaultName = "<YOUR KEYVAULT NAME>";
const url = `https://${vaultName}.vault.azure.net`;

const client = new KeyClient(url, credential);

let myKey = await client.createKey("MyKey", "RSA");
const cryptographyClient = new CryptographyClient(myKey, credential);

const signatureValue = "MySignature";
const hash = createHash("sha256");

const digest = hash.update(signatureValue).digest();
console.log("digest: ", digest);

const signResult = await cryptographyClient.sign("RS256", digest);
console.log("sign result: ", signResult.result);

function sign(algorithm: string, digest: Uint8Array, options?: SignOptions): Promise<SignResult>

Parâmetros

algorithm: string

O algoritmo de assinatura a ser usado.

digest: Uint8Array

O resumo dos dados a assinar.

options: SignOptions

Opções adicionais.

Devoluções

Promise<SignResult>

signData(string, Uint8Array, SignOptions)

Assinar criptograficamente um bloco de dados

Exemplo de uso:

import { DefaultAzureCredential } from "@azure/identity";
import { KeyClient, CryptographyClient } from "@azure/keyvault-keys";

const credential = new DefaultAzureCredential();

const vaultName = "<YOUR KEYVAULT NAME>";
const url = `https://${vaultName}.vault.azure.net`;

const client = new KeyClient(url, credential);

const myKey = await client.createKey("MyKey", "RSA");
const cryptographyClient = new CryptographyClient(myKey, credential);

const signResult = await cryptographyClient.signData("RS256", Buffer.from("My Message"));
console.log("sign result: ", signResult.result);

function signData(algorithm: string, data: Uint8Array, options?: SignOptions): Promise<SignResult>

Parâmetros

algorithm: string

O algoritmo de assinatura a ser usado.

data: Uint8Array

Os dados a assinar.

options: SignOptions

Opções adicionais.

Devoluções

Promise<SignResult>

unwrapKey(KeyWrapAlgorithm, Uint8Array, UnwrapKeyOptions)

Desembrulha a chave encapsulada fornecida usando o algoritmo de criptografia especificado

Exemplo de uso:

import { DefaultAzureCredential } from "@azure/identity";
import { KeyClient, CryptographyClient } from "@azure/keyvault-keys";

const credential = new DefaultAzureCredential();

const vaultName = "<YOUR KEYVAULT NAME>";
const url = `https://${vaultName}.vault.azure.net`;

const client = new KeyClient(url, credential);

const myKey = await client.createKey("MyKey", "RSA");
const cryptographyClient = new CryptographyClient(myKey, credential);

const wrapResult = await cryptographyClient.wrapKey("RSA-OAEP", Buffer.from("My Key"));
console.log("wrap result:", wrapResult.result);

const unwrapResult = await cryptographyClient.unwrapKey("RSA-OAEP", wrapResult.result);
console.log("unwrap result: ", unwrapResult.result);

function unwrapKey(algorithm: KeyWrapAlgorithm, encryptedKey: Uint8Array, options?: UnwrapKeyOptions): Promise<UnwrapResult>

Parâmetros

algorithm: KeyWrapAlgorithm

O algoritmo de desencriptação a ser usado para desembrulhar a chave.

encryptedKey: Uint8Array

A chave criptografada para desempacotar.

options: UnwrapKeyOptions

Opções adicionais.

Devoluções

Promise<UnwrapResult>

verify(string, Uint8Array, Uint8Array, VerifyOptions)

Verificar o resumo da mensagem assinada

Exemplo de uso:

import { DefaultAzureCredential } from "@azure/identity";
import { KeyClient, CryptographyClient } from "@azure/keyvault-keys";
import { createHash } from "node:crypto";

const credential = new DefaultAzureCredential();

const vaultName = "<YOUR KEYVAULT NAME>";
const url = `https://${vaultName}.vault.azure.net`;

const client = new KeyClient(url, credential);

const myKey = await client.createKey("MyKey", "RSA");
const cryptographyClient = new CryptographyClient(myKey, credential);

const hash = createHash("sha256");
hash.update("My Message");
const digest = hash.digest();

const signResult = await cryptographyClient.sign("RS256", digest);
console.log("sign result: ", signResult.result);

const verifyResult = await cryptographyClient.verify("RS256", digest, signResult.result);
console.log("verify result: ", verifyResult.result);

function verify(algorithm: string, digest: Uint8Array, signature: Uint8Array, options?: VerifyOptions): Promise<VerifyResult>

Parâmetros

algorithm: string

O algoritmo de assinatura a ser usado para verificar com.

digest: Uint8Array

O resumo a verificar.

signature: Uint8Array

A assinatura para verificar o resumo contra.

options: VerifyOptions

Opções adicionais.

Devoluções

Promise<VerifyResult>

verifyData(string, Uint8Array, Uint8Array, VerifyOptions)

Verificar o bloco de dados assinado

Exemplo de uso:

import { DefaultAzureCredential } from "@azure/identity";
import { KeyClient, CryptographyClient } from "@azure/keyvault-keys";

const credential = new DefaultAzureCredential();

const vaultName = "<YOUR KEYVAULT NAME>";
const url = `https://${vaultName}.vault.azure.net`;

const client = new KeyClient(url, credential);

const myKey = await client.createKey("MyKey", "RSA");
const cryptographyClient = new CryptographyClient(myKey, credential);

const buffer = Buffer.from("My Message");

const signResult = await cryptographyClient.signData("RS256", buffer);
console.log("sign result: ", signResult.result);

const verifyResult = await cryptographyClient.verifyData("RS256", buffer, signResult.result);
console.log("verify result: ", verifyResult.result);

function verifyData(algorithm: string, data: Uint8Array, signature: Uint8Array, options?: VerifyOptions): Promise<VerifyResult>

Parâmetros

algorithm: string

O algoritmo a ser usado para verificar com.

data: Uint8Array

O bloco de dados assinado para verificar.

signature: Uint8Array

A assinatura para verificar o bloco contra.

options: VerifyOptions

Opções adicionais.

Devoluções

Promise<VerifyResult>

wrapKey(KeyWrapAlgorithm, Uint8Array, WrapKeyOptions)

Encapsula a chave dada usando o algoritmo de criptografia especificado

Exemplo de uso:

import { DefaultAzureCredential } from "@azure/identity";
import { KeyClient, CryptographyClient } from "@azure/keyvault-keys";

const credential = new DefaultAzureCredential();

const vaultName = "<YOUR KEYVAULT NAME>";
const url = `https://${vaultName}.vault.azure.net`;

const client = new KeyClient(url, credential);

const myKey = await client.createKey("MyKey", "RSA");
const cryptographyClient = new CryptographyClient(myKey, credential);

const wrapResult = await cryptographyClient.wrapKey("RSA-OAEP", Buffer.from("My Key"));
console.log("wrap result:", wrapResult.result);

function wrapKey(algorithm: KeyWrapAlgorithm, key: Uint8Array, options?: WrapKeyOptions): Promise<WrapResult>

Parâmetros

algorithm: KeyWrapAlgorithm

O algoritmo de encriptação a utilizar para encapsular a chave fornecida.

key: Uint8Array

A chave para embrulhar.

options: WrapKeyOptions

Opções adicionais.

Devoluções

Promise<WrapResult>

Partilhar via

CryptographyClient class

Construtores

Propriedades

Métodos

Detalhes do Construtor

CryptographyClient(JsonWebKey)

Parâmetros

CryptographyClient(string | KeyVaultKey, TokenCredential, CryptographyClientOptions)

Parâmetros

Detalhes de Propriedade

keyID

Valor de Propriedade

vaultUrl

Valor de Propriedade

Detalhes de Método

decrypt(DecryptParameters, DecryptOptions)

Parâmetros

Devoluções

decrypt(string, Uint8Array, DecryptOptions)

Parâmetros

Devoluções

encrypt(EncryptParameters, EncryptOptions)

Parâmetros

Devoluções

encrypt(string, Uint8Array, EncryptOptions)

Parâmetros

Devoluções

sign(string, Uint8Array, SignOptions)

Parâmetros

Devoluções

signData(string, Uint8Array, SignOptions)

Parâmetros

Devoluções

unwrapKey(KeyWrapAlgorithm, Uint8Array, UnwrapKeyOptions)

Parâmetros

Devoluções

verify(string, Uint8Array, Uint8Array, VerifyOptions)

Parâmetros

Devoluções

verifyData(string, Uint8Array, Uint8Array, VerifyOptions)

Parâmetros

Devoluções

wrapKey(KeyWrapAlgorithm, Uint8Array, WrapKeyOptions)

Parâmetros

Devoluções