use of com.azure.security.keyvault.keys.models.JsonWebKey in project signers by ConsenSys.
the class AzureKeyVaultSignerFactory method createSigner.
public Signer createSigner(final AzureConfig config) {
checkNotNull(config, "Config must be specified");
final AzureKeyVault vault;
try {
vault = createUsingClientSecretCredentials(config.getClientId(), config.getClientSecret(), config.getTenantId(), config.getKeyVaultName());
} catch (final Exception e) {
LOG.error("Failed to connect to vault", e);
throw new SignerInitializationException(INACCESSIBLE_KEY_ERROR, e);
}
final CryptographyClient cryptoClient;
try {
cryptoClient = vault.fetchKey(config.getKeyName(), config.getKeyVersion());
} catch (final Exception e) {
LOG.error("Unable to load key {}", e.getMessage());
throw new SignerInitializationException(INVALID_KEY_PARAMETERS_ERROR, e);
}
final JsonWebKey jsonWebKey = cryptoClient.getKey().getKey();
final String curveName = jsonWebKey.getCurveName().toString();
if (!SUPPORTED_CURVE_NAMES.contains(curveName)) {
LOG.error("Unsupported curve name: {}. Expecting one of {}.", curveName, SUPPORTED_CURVE_NAMES);
throw new SignerInitializationException(UNSUPPORTED_CURVE_NAME);
}
final Bytes rawPublicKey = Bytes.concatenate(Bytes.wrap(jsonWebKey.getX()), Bytes.wrap(jsonWebKey.getY()));
final boolean useDeprecatedCurveName = DEPRECATED_CURVE_NAME.equals(curveName);
return new AzureKeyVaultSigner(config, rawPublicKey, needsToHash, useDeprecatedCurveName);
}
Aggregations