keys: Encryption keys in Key Vault
In cloudyr/AzureKeyVault: Key and Secret Management in 'Azure'
Description
Methods
Arguments
Value
See Also
Examples
Description
This class represents the collection of encryption keys stored in a vault. It provides methods for managing keys, including creating, importing and deleting keys, and doing backups and restores. For operations with a specific key, see key.
Methods
This class provides the following methods:
1
2
3
4
5
6
7
8
9
10
create(name, type=c("RSA", "EC"), hardware=FALSE,
ec_curve=NULL, rsa_key_size=NULL, key_ops=NULL,
attributes=vault_object_attrs(), ...)
import(name, key, hardware=FALSE,
attributes=vault_object_attrs(), ...)
get(name)
delete(name, confirm=TRUE)
list(include_managed=FALSE)
backup(name)
restore(backup)
Arguments
-
name: The name of the key.
-
type: For create, the type of key to create: RSA or elliptic curve (EC). Note that for keys backing a certificate, only RSA is allowed.
-
hardware: For create, Whether to use a hardware key or software key. The former requires a premium key vault.
-
ec_curve: For an EC key, the type of elliptic curve.
-
rsa_key_size: For an RSA key, the key size, either 2048, 3072 or 4096.
-
key_ops: A character vector of operations that the key supports. The possible operations are "encrypt", "decrypt", "sign", "verify", "wrapkey" and "unwrapkey". See key for more information.
-
attributes: Optional attributes for the key, such as the expiry date and activation date. A convenient way to provide this is via the vault_object_attrs helper function.
-
key: For import, the key to import. This can be the name of a PEM file, a JSON web key (JWK) string, or a key object generated by the openssl package. See the examples below.
-
hardware: For import, whether to import this key as a hardware key (HSM). Only supported for a premium key vault.
-
...: For create and import, other named arguments which will be treated as tags.
-
include_managed: For list, whether to include keys that were created by Key Vault to support a managed certificate.
-
backup: For restore, a string representing the backup blob for a key.
Value
For get, create and import, an object of class stored_key, representing the key itself. This has methods for carrying out the operations given by the key_ops argument.
For list, a vector of key names.
For backup, a string representing the backup blob for a key. If the key has multiple versions, the blob will contain all versions.
See Also
key, vault_object_attrs
Azure Key Vault documentation,
Azure Key Vault API reference
Examples
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
## Not run:
vault <- key_vault("mykeyvault")
vault$keys$create("mynewkey")
vault$keys$create("myRSAkey", type="RSA", rsa_key_size=4096)
vault$keys$create("myECkey", type="EC", ec_curve="P-384")
vault$keys$list()
vault$keys$get("mynewkey")
# specifying an expiry date
today <- Sys.date()
vault$keys$create("mynewkey", attributes=vault_object_attrs(expiry_date=today+365))
# setting management tags
vault$keys$create("mynewkey", tag1="a value", othertag="another value")
# importing a key from a PEM file
vault$keys$import("importedkey1", "myprivatekey.pem")
# importing a key generated by OpenSSL
vault$keys$import("importedkey2", openssl::rsa_keygen())
# importing a JWK (which is a JSON string)
key <- openssl::read_key("myprivatekey.pem")
jwk <- jose::write_jwk(key)
vault$keys$import("importedkey3", jwk)
# backup and restore a key
bak <- vault$keys$backup("mynewkey")
vault$keys$delete("mynewkey", confirm=FALSE)
vault$keys$restore(bak)
## End(Not run)
cloudyr/AzureKeyVault documentation built on Sept. 19, 2021, 8:49 a.m.
R Package Documentation
Browse R Packages
We want your feedback!
Note that we can't provide technical support on individual packages. You should contact the package authors for that.
Description Methods Arguments Value See Also Examples
Description
This class represents the collection of encryption keys stored in a vault. It provides methods for managing keys, including creating, importing and deleting keys, and doing backups and restores. For operations with a specific key, see key.
Methods
This class provides the following methods:
1 2 3 4 5 6 7 8 9 10 | create(name, type=c("RSA", "EC"), hardware=FALSE,
ec_curve=NULL, rsa_key_size=NULL, key_ops=NULL,
attributes=vault_object_attrs(), ...)
import(name, key, hardware=FALSE,
attributes=vault_object_attrs(), ...)
get(name)
delete(name, confirm=TRUE)
list(include_managed=FALSE)
backup(name)
restore(backup)
|
Arguments
-
name: The name of the key. -
type: Forcreate, the type of key to create: RSA or elliptic curve (EC). Note that for keys backing a certificate, only RSA is allowed. -
hardware: Forcreate, Whether to use a hardware key or software key. The former requires a premium key vault. -
ec_curve: For an EC key, the type of elliptic curve. -
rsa_key_size: For an RSA key, the key size, either 2048, 3072 or 4096. -
key_ops: A character vector of operations that the key supports. The possible operations are "encrypt", "decrypt", "sign", "verify", "wrapkey" and "unwrapkey". See key for more information. -
attributes: Optional attributes for the key, such as the expiry date and activation date. A convenient way to provide this is via the vault_object_attrs helper function. -
key: Forimport, the key to import. This can be the name of a PEM file, a JSON web key (JWK) string, or a key object generated by the openssl package. See the examples below. -
hardware: Forimport, whether to import this key as a hardware key (HSM). Only supported for a premium key vault. -
...: Forcreateandimport, other named arguments which will be treated as tags. -
include_managed: Forlist, whether to include keys that were created by Key Vault to support a managed certificate. -
backup: Forrestore, a string representing the backup blob for a key.
Value
For get, create and import, an object of class stored_key, representing the key itself. This has methods for carrying out the operations given by the key_ops argument.
For list, a vector of key names.
For backup, a string representing the backup blob for a key. If the key has multiple versions, the blob will contain all versions.
See Also
key, vault_object_attrs
Azure Key Vault documentation, Azure Key Vault API reference
Examples
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 | ## Not run:
vault <- key_vault("mykeyvault")
vault$keys$create("mynewkey")
vault$keys$create("myRSAkey", type="RSA", rsa_key_size=4096)
vault$keys$create("myECkey", type="EC", ec_curve="P-384")
vault$keys$list()
vault$keys$get("mynewkey")
# specifying an expiry date
today <- Sys.date()
vault$keys$create("mynewkey", attributes=vault_object_attrs(expiry_date=today+365))
# setting management tags
vault$keys$create("mynewkey", tag1="a value", othertag="another value")
# importing a key from a PEM file
vault$keys$import("importedkey1", "myprivatekey.pem")
# importing a key generated by OpenSSL
vault$keys$import("importedkey2", openssl::rsa_keygen())
# importing a JWK (which is a JSON string)
key <- openssl::read_key("myprivatekey.pem")
jwk <- jose::write_jwk(key)
vault$keys$import("importedkey3", jwk)
# backup and restore a key
bak <- vault$keys$backup("mynewkey")
vault$keys$delete("mynewkey", confirm=FALSE)
vault$keys$restore(bak)
## End(Not run)
|
R Package Documentation
Browse R Packages
We want your feedback!
Note that we can't provide technical support on individual packages. You should contact the package authors for that.
Embedding an R snippet on your website
Add the following code to your website.
For more information on customizing the embed code, read Embedding Snippets.