Search in sources :

Example 1 with JsonWebKey

use of com.azure.security.keyvault.keys.models.JsonWebKey in project signers by ConsenSys.

the class AzureKeyVaultSignerFactory method createSigner.

public Signer createSigner(final AzureConfig config) {
    checkNotNull(config, "Config must be specified");
    final AzureKeyVault vault;
    try {
        vault = createUsingClientSecretCredentials(config.getClientId(), config.getClientSecret(), config.getTenantId(), config.getKeyVaultName());
    } catch (final Exception e) {
        LOG.error("Failed to connect to vault", e);
        throw new SignerInitializationException(INACCESSIBLE_KEY_ERROR, e);
    }
    final CryptographyClient cryptoClient;
    try {
        cryptoClient = vault.fetchKey(config.getKeyName(), config.getKeyVersion());
    } catch (final Exception e) {
        LOG.error("Unable to load key {}", e.getMessage());
        throw new SignerInitializationException(INVALID_KEY_PARAMETERS_ERROR, e);
    }
    final JsonWebKey jsonWebKey = cryptoClient.getKey().getKey();
    final String curveName = jsonWebKey.getCurveName().toString();
    if (!SUPPORTED_CURVE_NAMES.contains(curveName)) {
        LOG.error("Unsupported curve name: {}. Expecting one of {}.", curveName, SUPPORTED_CURVE_NAMES);
        throw new SignerInitializationException(UNSUPPORTED_CURVE_NAME);
    }
    final Bytes rawPublicKey = Bytes.concatenate(Bytes.wrap(jsonWebKey.getX()), Bytes.wrap(jsonWebKey.getY()));
    final boolean useDeprecatedCurveName = DEPRECATED_CURVE_NAME.equals(curveName);
    return new AzureKeyVaultSigner(config, rawPublicKey, needsToHash, useDeprecatedCurveName);
}
Also used : SignerInitializationException(tech.pegasys.signers.secp256k1.common.SignerInitializationException) Bytes(org.apache.tuweni.bytes.Bytes) JsonWebKey(com.azure.security.keyvault.keys.models.JsonWebKey) AzureKeyVault(tech.pegasys.signers.azure.AzureKeyVault) CryptographyClient(com.azure.security.keyvault.keys.cryptography.CryptographyClient) SignerInitializationException(tech.pegasys.signers.secp256k1.common.SignerInitializationException)

Aggregations

CryptographyClient (com.azure.security.keyvault.keys.cryptography.CryptographyClient)1 JsonWebKey (com.azure.security.keyvault.keys.models.JsonWebKey)1 Bytes (org.apache.tuweni.bytes.Bytes)1 AzureKeyVault (tech.pegasys.signers.azure.AzureKeyVault)1 SignerInitializationException (tech.pegasys.signers.secp256k1.common.SignerInitializationException)1