1919from azure .core .tracing .decorator import distributed_trace
2020
2121from ._shared import KeyVaultClientBase
22+ from .crypto import CryptographyClient
2223from .models import Key , KeyBase , DeletedKey , KeyOperationResult
2324
2425
@@ -40,6 +41,14 @@ class KeyClient(KeyVaultClientBase):
4041
4142 # pylint:disable=protected-access
4243
44+ def get_cryptography_client (self , key , ** kwargs ):
45+ # type: (Union[Key, str], Any) -> CryptographyClient
46+
47+ # the initializer requires a credential but won't actually use it in this case because we pass in this
48+ # KeyClient's generated client, whose pipeline (and auth policy) is fully configured
49+ credential = object ()
50+ return CryptographyClient (key , credential , generated_client = self ._client , ** kwargs )
51+
4352 @distributed_trace
4453 def create_key (
4554 self ,
@@ -510,69 +519,3 @@ def import_key(self, name, key, hsm=None, enabled=None, not_before=None, expires
510519 self .vault_url , name , key = key , hsm = hsm , key_attributes = attributes , tags = tags , ** kwargs
511520 )
512521 return Key ._from_key_bundle (bundle )
513-
514- @distributed_trace
515- def wrap_key (self , name , algorithm , value , version = None , ** kwargs ):
516- # type: (str, str, Optional[str], bytes, Mapping[str, Any]) -> KeyOperationResult
517- """Wraps a symmetric key using a specified key.
518-
519- The WRAP operation supports encryption of a symmetric key using a key
520- encryption key that has previously been stored in an Azure Key Vault.
521- The WRAP operation is only strictly necessary for symmetric keys stored
522- in Azure Key Vault since protection with an asymmetric key can be
523- performed using the public portion of the key. This operation is
524- supported for asymmetric keys as a convenience for callers that have a
525- key-reference but do not have access to the public key material. This
526- operation requires the keys/wrapKey permission.
527-
528- :param str name: The name of the key
529- :param str version: The version of the key.
530- :param algorithm: algorithm identifier. Possible values include:
531- 'RSA-OAEP', 'RSA-OAEP-256', 'RSA1_5'
532- :type algorithm: str or
533- ~azure.security.keyvault.v7_0.models.JsonWebKeyEncryptionAlgorithm
534- :param value:
535- :type value: bytes
536- :returns: The wrapped symmetric key.
537- :rtype: ~azure.keyvault.keys.models.Key
538-
539- """
540- if version is None :
541- version = ""
542-
543- bundle = self ._client .wrap_key (
544- self .vault_url , name , key_version = version , algorithm = algorithm , value = value , ** kwargs
545- )
546- return KeyOperationResult (id = bundle .kid , value = bundle .result )
547-
548- @distributed_trace
549- def unwrap_key (self , name , algorithm , value , version = None , ** kwargs ):
550- # type: (str, str, Optional[str], bytes, Mapping[str, Any]) -> KeyOperationResult
551- """Unwraps a symmetric key using the specified key that was initially used
552- for wrapping that key.
553-
554- The UNWRAP operation supports decryption of a symmetric key using the
555- target key encryption key. This operation is the reverse of the WRAP
556- operation. The UNWRAP operation applies to asymmetric and symmetric
557- keys stored in Azure Key Vault since it uses the private portion of the
558- key. This operation requires the keys/unwrapKey permission.
559-
560- :param str name: The name of the key
561- :param str version: The version of the key.
562- :param algorithm: algorithm identifier. Possible values include:
563- 'RSA-OAEP', 'RSA-OAEP-256', 'RSA1_5'
564- :type algorithm: str or
565- ~azure.security.keyvault.v7_0.models.JsonWebKeyEncryptionAlgorithm
566- :param value:
567- :type value: bytes
568- :returns: The unwrapped symmetric key.
569- :rtype: ~azure.keyvault.keys.models.Key
570-
571- """
572- if version is None :
573- version = ""
574-
575- bundle = self ._client .unwrap_key (
576- self .vault_url , name , key_version = version , algorithm = algorithm , value = value , ** kwargs
577- )
578- return KeyOperationResult (id = bundle .kid , value = bundle .result )
0 commit comments