CryptographyClient class

Paquete:

@azure/keyvault-keys

Un cliente que se usa para realizar operaciones criptográficas en una clave de Azure Key Vault o en una JsonWebKey local.

Constructores

CryptographyClient(JsonWebKey)

Construye una nueva instancia del cliente cryptography para la clave especificada en modo local. Uso de ejemplo: import { CryptographyClient } from "@azure/keyvault-keys"; const jsonWebKey = { kty: "RSA", kid: "test-key-123", use: "sig", alg: "RS256", n: new Uint8Array([112, 34, 56, 98, 123, 244, 200, 99]), e: new Uint8Array([1, 0, 1]), d: new Uint8Array([45, 67, 89, 23, 144, 200, 76, 233]), p: new Uint8Array([34, 89, 100, 77, 204, 56, 29, 77]), q: new Uint8Array([78, 99, 201, 45, 188, 34, 67, 90]), dp: new Uint8Array([23, 45, 78, 56, 200, 144, 32, 67]), dq: new Uint8Array([12, 67, 89, 144, 99, 56, 23, 45]), qi: new Uint8Array([78, 90, 45, 201, 34, 67, 120, 55]), }; const client = new CryptographyClient(jsonWebKey);

CryptographyClient(string | KeyVaultKey, TokenCredential, CryptographyClientOptions)

Construye una nueva instancia del cliente de criptografía para la clave especificada. Uso de ejemplo: import { DefaultAzureCredential } from "@azure/identity"; import { KeyClient, CryptographyClient } from "@azure/keyvault-keys"; const credential = new DefaultAzureCredential(); const vaultName = "<YOUR KEYVAULT NAME>"; const url = `https://${vaultName}.vault.azure.net`; const client = new KeyClient(url, credential); // Create or retrieve a key from the keyvault const myKey = await client.createKey("MyKey", "RSA"); // Lastly, create our cryptography client and connect to the service const cryptographyClient = new CryptographyClient(myKey, credential);

Propiedades

keyID	Identificador de la clave usada para realizar operaciones criptográficas para el cliente.
vaultUrl	Dirección URL base del almacén. Si se usa una jsonWebKey local vaultUrl.

Métodos

decrypt(DecryptParameters, DecryptOptions)	Descifra el texto cifrado especificado con los parámetros de descifrado especificados. Según el algoritmo usado en los parámetros de descifrado, cambiará el conjunto de posibles parámetros de descifrado. Microsoft recomienda no usar CBC sin asegurarse primero de garantizar la integridad del texto cifrado mediante, por ejemplo, un HMAC. Consulte https://learn.microsoft.com/dotnet/standard/security/vulnerabilities-cbc-mode para obtener más información. Uso de ejemplo: import { DefaultAzureCredential } from "@azure/identity"; import { KeyClient, CryptographyClient } from "@azure/keyvault-keys"; const credential = new DefaultAzureCredential(); const vaultName = "<YOUR KEYVAULT NAME>"; const url = `https://${vaultName}.vault.azure.net`; const client = new KeyClient(url, credential); const myKey = await client.createKey("MyKey", "RSA"); const cryptographyClient = new CryptographyClient(myKey.id, credential); const encryptResult = await cryptographyClient.encrypt({ algorithm: "RSA1_5", plaintext: Buffer.from("My Message"), }); console.log("encrypt result: ", encryptResult.result); const decryptResult = await cryptographyClient.decrypt({ algorithm: "RSA1_5", ciphertext: encryptResult.result, }); console.log("decrypt result: ", decryptResult.result.toString());
decrypt(string, Uint8Array, DecryptOptions)	Descifra el texto cifrado especificado con el algoritmo de criptografía especificado. Uso de ejemplo: import { DefaultAzureCredential } from "@azure/identity"; import { KeyClient, CryptographyClient } from "@azure/keyvault-keys"; const credential = new DefaultAzureCredential(); const vaultName = "<YOUR KEYVAULT NAME>"; const url = `https://${vaultName}.vault.azure.net`; const client = new KeyClient(url, credential); const myKey = await client.createKey("MyKey", "RSA"); const cryptographyClient = new CryptographyClient(myKey.id, credential); const encryptResult = await cryptographyClient.encrypt({ algorithm: "RSA1_5", plaintext: Buffer.from("My Message"), }); console.log("encrypt result: ", encryptResult.result); const decryptResult = await cryptographyClient.decrypt({ algorithm: "RSA1_5", ciphertext: encryptResult.result, }); console.log("decrypt result: ", decryptResult.result.toString()); Microsoft recomienda no usar CBC sin asegurarse primero de garantizar la integridad del texto cifrado mediante, por ejemplo, un HMAC. Consulte https://learn.microsoft.com/dotnet/standard/security/vulnerabilities-cbc-mode para obtener más información.
encrypt(EncryptParameters, EncryptOptions)	Cifra el texto no cifrado especificado con los parámetros de cifrado especificados. Según el algoritmo establecido en los parámetros de cifrado, cambiará el conjunto de posibles parámetros de cifrado. Uso de ejemplo: import { DefaultAzureCredential } from "@azure/identity"; import { KeyClient, CryptographyClient } from "@azure/keyvault-keys"; const credential = new DefaultAzureCredential(); const vaultName = "<YOUR KEYVAULT NAME>"; const url = `https://${vaultName}.vault.azure.net`; const client = new KeyClient(url, credential); const myKey = await client.createKey("MyKey", "RSA"); const cryptographyClient = new CryptographyClient(myKey.id, credential); const encryptResult = await cryptographyClient.encrypt({ algorithm: "RSA1_5", plaintext: Buffer.from("My Message"), }); console.log("encrypt result: ", encryptResult.result);
encrypt(string, Uint8Array, EncryptOptions)	Cifra el texto no cifrado especificado con el algoritmo de criptografía especificado. Uso de ejemplo: import { DefaultAzureCredential } from "@azure/identity"; import { KeyClient, CryptographyClient } from "@azure/keyvault-keys"; const credential = new DefaultAzureCredential(); const vaultName = "<YOUR KEYVAULT NAME>"; const url = `https://${vaultName}.vault.azure.net`; const client = new KeyClient(url, credential); const myKey = await client.createKey("MyKey", "RSA"); const cryptographyClient = new CryptographyClient(myKey.id, credential); const encryptResult = await cryptographyClient.encrypt({ algorithm: "RSA1_5", plaintext: Buffer.from("My Message"), }); console.log("encrypt result: ", encryptResult.result);
sign(string, Uint8Array, SignOptions)	Firmar criptográficamente el resumen de un mensaje Uso de ejemplo: import { DefaultAzureCredential } from "@azure/identity"; import { KeyClient, CryptographyClient } from "@azure/keyvault-keys"; import { createHash } from "node:crypto"; const credential = new DefaultAzureCredential(); const vaultName = "<YOUR KEYVAULT NAME>"; const url = `https://${vaultName}.vault.azure.net`; const client = new KeyClient(url, credential); let myKey = await client.createKey("MyKey", "RSA"); const cryptographyClient = new CryptographyClient(myKey, credential); const signatureValue = "MySignature"; const hash = createHash("sha256"); const digest = hash.update(signatureValue).digest(); console.log("digest: ", digest); const signResult = await cryptographyClient.sign("RS256", digest); console.log("sign result: ", signResult.result);
signData(string, Uint8Array, SignOptions)	Firmar criptográficamente un bloque de datos Uso de ejemplo: import { DefaultAzureCredential } from "@azure/identity"; import { KeyClient, CryptographyClient } from "@azure/keyvault-keys"; const credential = new DefaultAzureCredential(); const vaultName = "<YOUR KEYVAULT NAME>"; const url = `https://${vaultName}.vault.azure.net`; const client = new KeyClient(url, credential); const myKey = await client.createKey("MyKey", "RSA"); const cryptographyClient = new CryptographyClient(myKey, credential); const signResult = await cryptographyClient.signData("RS256", Buffer.from("My Message")); console.log("sign result: ", signResult.result);
unwrapKey(KeyWrapAlgorithm, Uint8Array, UnwrapKeyOptions)	Desencapsula la clave ajustada especificada mediante el algoritmo de criptografía especificado. Uso de ejemplo: import { DefaultAzureCredential } from "@azure/identity"; import { KeyClient, CryptographyClient } from "@azure/keyvault-keys"; const credential = new DefaultAzureCredential(); const vaultName = "<YOUR KEYVAULT NAME>"; const url = `https://${vaultName}.vault.azure.net`; const client = new KeyClient(url, credential); const myKey = await client.createKey("MyKey", "RSA"); const cryptographyClient = new CryptographyClient(myKey, credential); const wrapResult = await cryptographyClient.wrapKey("RSA-OAEP", Buffer.from("My Key")); console.log("wrap result:", wrapResult.result); const unwrapResult = await cryptographyClient.unwrapKey("RSA-OAEP", wrapResult.result); console.log("unwrap result: ", unwrapResult.result);
verify(string, Uint8Array, Uint8Array, VerifyOptions)	Comprobación del resumen del mensaje firmado Uso de ejemplo: import { DefaultAzureCredential } from "@azure/identity"; import { KeyClient, CryptographyClient } from "@azure/keyvault-keys"; import { createHash } from "node:crypto"; const credential = new DefaultAzureCredential(); const vaultName = "<YOUR KEYVAULT NAME>"; const url = `https://${vaultName}.vault.azure.net`; const client = new KeyClient(url, credential); const myKey = await client.createKey("MyKey", "RSA"); const cryptographyClient = new CryptographyClient(myKey, credential); const hash = createHash("sha256"); hash.update("My Message"); const digest = hash.digest(); const signResult = await cryptographyClient.sign("RS256", digest); console.log("sign result: ", signResult.result); const verifyResult = await cryptographyClient.verify("RS256", digest, signResult.result); console.log("verify result: ", verifyResult.result);
verifyData(string, Uint8Array, Uint8Array, VerifyOptions)	Comprobación del bloque de datos firmado Uso de ejemplo: import { DefaultAzureCredential } from "@azure/identity"; import { KeyClient, CryptographyClient } from "@azure/keyvault-keys"; const credential = new DefaultAzureCredential(); const vaultName = "<YOUR KEYVAULT NAME>"; const url = `https://${vaultName}.vault.azure.net`; const client = new KeyClient(url, credential); const myKey = await client.createKey("MyKey", "RSA"); const cryptographyClient = new CryptographyClient(myKey, credential); const buffer = Buffer.from("My Message"); const signResult = await cryptographyClient.signData("RS256", buffer); console.log("sign result: ", signResult.result); const verifyResult = await cryptographyClient.verifyData("RS256", buffer, signResult.result); console.log("verify result: ", verifyResult.result);
wrapKey(KeyWrapAlgorithm, Uint8Array, WrapKeyOptions)	Ajusta la clave especificada mediante el algoritmo de criptografía especificado. Uso de ejemplo: import { DefaultAzureCredential } from "@azure/identity"; import { KeyClient, CryptographyClient } from "@azure/keyvault-keys"; const credential = new DefaultAzureCredential(); const vaultName = "<YOUR KEYVAULT NAME>"; const url = `https://${vaultName}.vault.azure.net`; const client = new KeyClient(url, credential); const myKey = await client.createKey("MyKey", "RSA"); const cryptographyClient = new CryptographyClient(myKey, credential); const wrapResult = await cryptographyClient.wrapKey("RSA-OAEP", Buffer.from("My Key")); console.log("wrap result:", wrapResult.result);

Detalles del constructor

CryptographyClient(JsonWebKey)

Construye una nueva instancia del cliente cryptography para la clave especificada en modo local.

Uso de ejemplo:

import { CryptographyClient } from "@azure/keyvault-keys";

const jsonWebKey = {
  kty: "RSA",
  kid: "test-key-123",
  use: "sig",
  alg: "RS256",
  n: new Uint8Array([112, 34, 56, 98, 123, 244, 200, 99]),
  e: new Uint8Array([1, 0, 1]),
  d: new Uint8Array([45, 67, 89, 23, 144, 200, 76, 233]),
  p: new Uint8Array([34, 89, 100, 77, 204, 56, 29, 77]),
  q: new Uint8Array([78, 99, 201, 45, 188, 34, 67, 90]),
  dp: new Uint8Array([23, 45, 78, 56, 200, 144, 32, 67]),
  dq: new Uint8Array([12, 67, 89, 144, 99, 56, 23, 45]),
  qi: new Uint8Array([78, 90, 45, 201, 34, 67, 120, 55]),
};
const client = new CryptographyClient(jsonWebKey);

new CryptographyClient(key: JsonWebKey)

Parámetros

key

JsonWebKey

JsonWebKey que se va a usar durante las operaciones de criptografía.

CryptographyClient(string | KeyVaultKey, TokenCredential, CryptographyClientOptions)

Construye una nueva instancia del cliente de criptografía para la clave especificada.

Uso de ejemplo:

import { DefaultAzureCredential } from "@azure/identity";
import { KeyClient, CryptographyClient } from "@azure/keyvault-keys";

const credential = new DefaultAzureCredential();

const vaultName = "<YOUR KEYVAULT NAME>";
const url = `https://${vaultName}.vault.azure.net`;

const client = new KeyClient(url, credential);

// Create or retrieve a key from the keyvault
const myKey = await client.createKey("MyKey", "RSA");

// Lastly, create our cryptography client and connect to the service
const cryptographyClient = new CryptographyClient(myKey, credential);

new CryptographyClient(key: string | KeyVaultKey, credential: TokenCredential, pipelineOptions?: CryptographyClientOptions)

Parámetros

key

string | KeyVaultKey

Clave que se va a usar durante las tareas de criptografía. También puede pasar el identificador de la clave, es decir, su dirección URL aquí.

credential

TokenCredential

Objeto que implementa la interfaz TokenCredential utilizada para autenticar las solicitudes al servicio. Use el paquete @azure/identity para crear una credencial que se adapte a sus necesidades.

pipelineOptions

CryptographyClientOptions

Opciones de canalización que se usan para configurar solicitudes de API de Key Vault. Omita este parámetro para usar la configuración de canalización predeterminada.

Detalles de las propiedades

keyID

Identificador de la clave usada para realizar operaciones criptográficas para el cliente.

undefined | string keyID

Valor de propiedad

undefined | string

vaultUrl

Dirección URL base del almacén. Si se usa una jsonWebKey local vaultUrl.

string vaultUrl

Valor de propiedad

string

Detalles del método

decrypt(DecryptParameters, DecryptOptions)

Descifra el texto cifrado especificado con los parámetros de descifrado especificados. Según el algoritmo usado en los parámetros de descifrado, cambiará el conjunto de posibles parámetros de descifrado.

Microsoft recomienda no usar CBC sin asegurarse primero de garantizar la integridad del texto cifrado mediante, por ejemplo, un HMAC. Consulte https://learn.microsoft.com/dotnet/standard/security/vulnerabilities-cbc-mode para obtener más información.

Uso de ejemplo:

import { DefaultAzureCredential } from "@azure/identity";
import { KeyClient, CryptographyClient } from "@azure/keyvault-keys";

const credential = new DefaultAzureCredential();

const vaultName = "<YOUR KEYVAULT NAME>";
const url = `https://${vaultName}.vault.azure.net`;

const client = new KeyClient(url, credential);

const myKey = await client.createKey("MyKey", "RSA");
const cryptographyClient = new CryptographyClient(myKey.id, credential);

const encryptResult = await cryptographyClient.encrypt({
  algorithm: "RSA1_5",
  plaintext: Buffer.from("My Message"),
});
console.log("encrypt result: ", encryptResult.result);

const decryptResult = await cryptographyClient.decrypt({
  algorithm: "RSA1_5",
  ciphertext: encryptResult.result,
});
console.log("decrypt result: ", decryptResult.result.toString());

function decrypt(decryptParameters: DecryptParameters, options?: DecryptOptions): Promise<DecryptResult>

Parámetros

decryptParameters

DecryptParameters

Parámetros de descifrado.

options

DecryptOptions

Opciones adicionales.

Devoluciones

Promise<DecryptResult>

decrypt(string, Uint8Array, DecryptOptions)

Advertencia

Esta API ya está en desuso.

Use decrypt({ algorithm, ciphertext }, options) instead.

Descifra el texto cifrado especificado con el algoritmo de criptografía especificado.

Uso de ejemplo:

import { DefaultAzureCredential } from "@azure/identity";
import { KeyClient, CryptographyClient } from "@azure/keyvault-keys";

const credential = new DefaultAzureCredential();

const vaultName = "<YOUR KEYVAULT NAME>";
const url = `https://${vaultName}.vault.azure.net`;

const client = new KeyClient(url, credential);

const myKey = await client.createKey("MyKey", "RSA");
const cryptographyClient = new CryptographyClient(myKey.id, credential);

const encryptResult = await cryptographyClient.encrypt({
  algorithm: "RSA1_5",
  plaintext: Buffer.from("My Message"),
});
console.log("encrypt result: ", encryptResult.result);

const decryptResult = await cryptographyClient.decrypt({
  algorithm: "RSA1_5",
  ciphertext: encryptResult.result,
});
console.log("decrypt result: ", decryptResult.result.toString());

Microsoft recomienda no usar CBC sin asegurarse primero de garantizar la integridad del texto cifrado mediante, por ejemplo, un HMAC. Consulte https://learn.microsoft.com/dotnet/standard/security/vulnerabilities-cbc-mode para obtener más información.

function decrypt(algorithm: string, ciphertext: Uint8Array, options?: DecryptOptions): Promise<DecryptResult>

Parámetros

algorithm

string

Algoritmo que se va a usar.

ciphertext

Uint8Array

Texto que se va a descifrar.

options

DecryptOptions

Opciones adicionales.

Devoluciones

Promise<DecryptResult>

encrypt(EncryptParameters, EncryptOptions)

Cifra el texto no cifrado especificado con los parámetros de cifrado especificados. Según el algoritmo establecido en los parámetros de cifrado, cambiará el conjunto de posibles parámetros de cifrado.

Uso de ejemplo:

import { DefaultAzureCredential } from "@azure/identity";
import { KeyClient, CryptographyClient } from "@azure/keyvault-keys";

const credential = new DefaultAzureCredential();

const vaultName = "<YOUR KEYVAULT NAME>";
const url = `https://${vaultName}.vault.azure.net`;

const client = new KeyClient(url, credential);

const myKey = await client.createKey("MyKey", "RSA");
const cryptographyClient = new CryptographyClient(myKey.id, credential);

const encryptResult = await cryptographyClient.encrypt({
  algorithm: "RSA1_5",
  plaintext: Buffer.from("My Message"),
});
console.log("encrypt result: ", encryptResult.result);

function encrypt(encryptParameters: EncryptParameters, options?: EncryptOptions): Promise<EncryptResult>

Parámetros

encryptParameters

EncryptParameters

Los parámetros de cifrado, con clave en el algoritmo de cifrado elegido.

options

EncryptOptions

Opciones adicionales.

Devoluciones

Promise<EncryptResult>

encrypt(string, Uint8Array, EncryptOptions)

Advertencia

Esta API ya está en desuso.

Use encrypt({ algorithm, plaintext }, options) instead.

Cifra el texto no cifrado especificado con el algoritmo de criptografía especificado.

Uso de ejemplo:

import { DefaultAzureCredential } from "@azure/identity";
import { KeyClient, CryptographyClient } from "@azure/keyvault-keys";

const credential = new DefaultAzureCredential();

const vaultName = "<YOUR KEYVAULT NAME>";
const url = `https://${vaultName}.vault.azure.net`;

const client = new KeyClient(url, credential);

const myKey = await client.createKey("MyKey", "RSA");
const cryptographyClient = new CryptographyClient(myKey.id, credential);

const encryptResult = await cryptographyClient.encrypt({
  algorithm: "RSA1_5",
  plaintext: Buffer.from("My Message"),
});
console.log("encrypt result: ", encryptResult.result);

function encrypt(algorithm: string, plaintext: Uint8Array, options?: EncryptOptions): Promise<EncryptResult>

Parámetros

algorithm

string

Algoritmo que se va a usar.

plaintext

Uint8Array

Texto que se va a cifrar.

options

EncryptOptions

Opciones adicionales.

Devoluciones

Promise<EncryptResult>

sign(string, Uint8Array, SignOptions)

Firmar criptográficamente el resumen de un mensaje

Uso de ejemplo:

import { DefaultAzureCredential } from "@azure/identity";
import { KeyClient, CryptographyClient } from "@azure/keyvault-keys";
import { createHash } from "node:crypto";

const credential = new DefaultAzureCredential();

const vaultName = "<YOUR KEYVAULT NAME>";
const url = `https://${vaultName}.vault.azure.net`;

const client = new KeyClient(url, credential);

let myKey = await client.createKey("MyKey", "RSA");
const cryptographyClient = new CryptographyClient(myKey, credential);

const signatureValue = "MySignature";
const hash = createHash("sha256");

const digest = hash.update(signatureValue).digest();
console.log("digest: ", digest);

const signResult = await cryptographyClient.sign("RS256", digest);
console.log("sign result: ", signResult.result);

function sign(algorithm: string, digest: Uint8Array, options?: SignOptions): Promise<SignResult>

Parámetros

algorithm

string

Algoritmo de firma que se va a usar.

digest

Uint8Array

Resumen de los datos que se van a firmar.

options

SignOptions

Opciones adicionales.

Devoluciones

Promise<SignResult>

signData(string, Uint8Array, SignOptions)

Firmar criptográficamente un bloque de datos

Uso de ejemplo:

import { DefaultAzureCredential } from "@azure/identity";
import { KeyClient, CryptographyClient } from "@azure/keyvault-keys";

const credential = new DefaultAzureCredential();

const vaultName = "<YOUR KEYVAULT NAME>";
const url = `https://${vaultName}.vault.azure.net`;

const client = new KeyClient(url, credential);

const myKey = await client.createKey("MyKey", "RSA");
const cryptographyClient = new CryptographyClient(myKey, credential);

const signResult = await cryptographyClient.signData("RS256", Buffer.from("My Message"));
console.log("sign result: ", signResult.result);

function signData(algorithm: string, data: Uint8Array, options?: SignOptions): Promise<SignResult>

Parámetros

algorithm

string

Algoritmo de firma que se va a usar.

data

Uint8Array

Datos que se van a firmar.

options

SignOptions

Opciones adicionales.

Devoluciones

Promise<SignResult>

unwrapKey(KeyWrapAlgorithm, Uint8Array, UnwrapKeyOptions)

Desencapsula la clave ajustada especificada mediante el algoritmo de criptografía especificado.

Uso de ejemplo:

import { DefaultAzureCredential } from "@azure/identity";
import { KeyClient, CryptographyClient } from "@azure/keyvault-keys";

const credential = new DefaultAzureCredential();

const vaultName = "<YOUR KEYVAULT NAME>";
const url = `https://${vaultName}.vault.azure.net`;

const client = new KeyClient(url, credential);

const myKey = await client.createKey("MyKey", "RSA");
const cryptographyClient = new CryptographyClient(myKey, credential);

const wrapResult = await cryptographyClient.wrapKey("RSA-OAEP", Buffer.from("My Key"));
console.log("wrap result:", wrapResult.result);

const unwrapResult = await cryptographyClient.unwrapKey("RSA-OAEP", wrapResult.result);
console.log("unwrap result: ", unwrapResult.result);

function unwrapKey(algorithm: KeyWrapAlgorithm, encryptedKey: Uint8Array, options?: UnwrapKeyOptions): Promise<UnwrapResult>

Parámetros

algorithm

KeyWrapAlgorithm

Algoritmo de descifrado que se va a usar para desencapsular la clave.

encryptedKey

Uint8Array

Clave cifrada que se va a desencapsular.

options

UnwrapKeyOptions

Opciones adicionales.

Devoluciones

Promise<UnwrapResult>

verify(string, Uint8Array, Uint8Array, VerifyOptions)

Comprobación del resumen del mensaje firmado

Uso de ejemplo:

import { DefaultAzureCredential } from "@azure/identity";
import { KeyClient, CryptographyClient } from "@azure/keyvault-keys";
import { createHash } from "node:crypto";

const credential = new DefaultAzureCredential();

const vaultName = "<YOUR KEYVAULT NAME>";
const url = `https://${vaultName}.vault.azure.net`;

const client = new KeyClient(url, credential);

const myKey = await client.createKey("MyKey", "RSA");
const cryptographyClient = new CryptographyClient(myKey, credential);

const hash = createHash("sha256");
hash.update("My Message");
const digest = hash.digest();

const signResult = await cryptographyClient.sign("RS256", digest);
console.log("sign result: ", signResult.result);

const verifyResult = await cryptographyClient.verify("RS256", digest, signResult.result);
console.log("verify result: ", verifyResult.result);

function verify(algorithm: string, digest: Uint8Array, signature: Uint8Array, options?: VerifyOptions): Promise<VerifyResult>

Parámetros

algorithm

string

Algoritmo de firma con el que se va a comprobar.

digest

Uint8Array

Resumen que se va a comprobar.

signature

Uint8Array

Firma en la que se va a comprobar el resumen.

options

VerifyOptions

Opciones adicionales.

Devoluciones

Promise<VerifyResult>

verifyData(string, Uint8Array, Uint8Array, VerifyOptions)

Comprobación del bloque de datos firmado

Uso de ejemplo:

import { DefaultAzureCredential } from "@azure/identity";
import { KeyClient, CryptographyClient } from "@azure/keyvault-keys";

const credential = new DefaultAzureCredential();

const vaultName = "<YOUR KEYVAULT NAME>";
const url = `https://${vaultName}.vault.azure.net`;

const client = new KeyClient(url, credential);

const myKey = await client.createKey("MyKey", "RSA");
const cryptographyClient = new CryptographyClient(myKey, credential);

const buffer = Buffer.from("My Message");

const signResult = await cryptographyClient.signData("RS256", buffer);
console.log("sign result: ", signResult.result);

const verifyResult = await cryptographyClient.verifyData("RS256", buffer, signResult.result);
console.log("verify result: ", verifyResult.result);

function verifyData(algorithm: string, data: Uint8Array, signature: Uint8Array, options?: VerifyOptions): Promise<VerifyResult>

Parámetros

algorithm

string

Algoritmo que se va a usar para comprobarlo.

data

Uint8Array

Bloque firmado de datos que se va a comprobar.

signature

Uint8Array

Firma en la que se va a comprobar el bloque.

options

VerifyOptions

Opciones adicionales.

Devoluciones

Promise<VerifyResult>

wrapKey(KeyWrapAlgorithm, Uint8Array, WrapKeyOptions)

Ajusta la clave especificada mediante el algoritmo de criptografía especificado.

Uso de ejemplo:

import { DefaultAzureCredential } from "@azure/identity";
import { KeyClient, CryptographyClient } from "@azure/keyvault-keys";

const credential = new DefaultAzureCredential();

const vaultName = "<YOUR KEYVAULT NAME>";
const url = `https://${vaultName}.vault.azure.net`;

const client = new KeyClient(url, credential);

const myKey = await client.createKey("MyKey", "RSA");
const cryptographyClient = new CryptographyClient(myKey, credential);

const wrapResult = await cryptographyClient.wrapKey("RSA-OAEP", Buffer.from("My Key"));
console.log("wrap result:", wrapResult.result);

function wrapKey(algorithm: KeyWrapAlgorithm, key: Uint8Array, options?: WrapKeyOptions): Promise<WrapResult>

Parámetros

algorithm

KeyWrapAlgorithm

Algoritmo de cifrado que se va a usar para ajustar la clave especificada.

key

Uint8Array

Clave que se va a ajustar.

options

WrapKeyOptions

Opciones adicionales.

Devoluciones

Promise<WrapResult>