com.azure.security.keyvault.keys.package-info Maven / Gradle / Ivy

Go to download
Show more of this group Show more artifacts with this name
Show all versions of azure-security-keyvault-keys Show documentation
This module contains client library for Microsoft Azure KeyVault Keys.
There is a newer version: 4.9.0
Show newest version
// Copyright (c) Microsoft Corporation. All rights reserved.
// Licensed under the MIT License.

/**
 * Azure Key Vault is a cloud-based service
 * provided by Microsoft Azure that allows users to securely store and manage cryptographic keys used for encrypting
 * and decrypting data. It is a part of Azure Key Vault, which is a cloud-based service for managing cryptographic keys,
 * secrets, and certificates.
 *
 * Azure Key Vault Keys provides a centralized and highly secure key management solution, allowing you to protect
 * your keys and control access to them. It eliminates the need for storing keys in code or configuration files,
 * reducing the risk of exposure and unauthorized access.
 *
 * With Azure Key Vault Keys, you can perform various operations on cryptographic keys, such as creating keys,
 * importing existing keys, generating key pairs, encrypting data using keys, and decrypting data using keys.
 * The service supports various key types and algorithms, including symmetric keys, asymmetric keys, and
 * Elliptic Curve Cryptography (ECC) keys.
 *
 * The Azure Key Vault Keys client library allows developers to interact with the Azure Key Vault service
 * from their applications. The library provides a set of APIs that enable developers to securely create keys,
 * import existing keys, delete keys, retrieving key metadata, encrypting and decrypting data using keys,
 * and signing and verifying signatures using keys.
 *
 * Key Concepts:
 *
 * What is a Key Client?
 * The key client performs the interactions with the Azure Key Vault service for getting, setting, updating,
 * deleting, and listing keys and its versions. Asynchronous (`KeyAsyncClient`) and synchronous (`KeyClient`) clients
 * exist in the SDK allowing for the selection of a client based on an application's use case. Once you have
 * initialized a key, you can interact with the primary resource types in Key Vault.
 *
 * What is an Azure Key Vault Key ?
 * Azure Key Vault supports multiple key types (RSA and EC) and algorithms, and enables the use of
 * Hardware Security Modules (HSM) for high value keys. In addition to the key material, the following attributes may
 * be specified:
 *
 * 
 *     enabled: Specifies whether the key is enabled and usable for cryptographic operations.
 *     notBefore: Identifies the time before which the key must not be used for cryptographic operations.
 *     expires: Identifies the expiration time on or after which the key MUST NOT be used for cryptographic operations.
 *     created: Indicates when this version of the key was created.
 *     updated: Indicates when this version of the key was updated.
 * 
 *
 * Getting Started
 *
 * In order to interact with the Azure Key Vault service, you will need to create an instance of the
 * {@link com.azure.security.keyvault.keys.KeyClient} class, a vault url and a credential object.
 *
 * The examples shown in this document use a credential object named DefaultAzureCredential for authentication,
 * which is appropriate for most scenarios, including local development and production environments. Additionally,
 * we recommend using a
 * 
 * managed identity for authentication in production environments.
 * You can find more information on different ways of authenticating and their corresponding credential types in the
 * 
 * Azure Identity documentation".
 *
 * Sample: Construct Synchronous Key Client
 *
 * The following code sample demonstrates the creation of a {@link com.azure.security.keyvault.keys.KeyClient},
 * using the {@link com.azure.security.keyvault.keys.KeyClientBuilder} to configure it.
 *
 * 
 *  * KeyClient keyClient = new KeyClientBuilder()
 *     .vaultUrl("<your-key-vault-url>")
 *     .credential(new DefaultAzureCredentialBuilder().build())
 *     .buildClient();
 * 
 * 
 *
 * Sample: Construct Asynchronous Key Client
 *
 * The following code sample demonstrates the creation of a
 * {@link com.azure.security.keyvault.keys.KeyClient}, using the
 * {@link com.azure.security.keyvault.keys.KeyClientBuilder} to configure it.
 *
 * 
 *  * KeyAsyncClient keyAsyncClient = new KeyClientBuilder()
 *     .vaultUrl("<your-key-vault-url>")
 *     .credential(new DefaultAzureCredentialBuilder().build())
 *     .buildAsyncClient();
 * 
 * 
 *
 * 

 *
 * 
 *
 * Create a Cryptographic Key
 * The {@link com.azure.security.keyvault.keys.KeyClient} or
 * {@link com.azure.security.keyvault.keys.KeyAsyncClient} can be used to create a key in the key vault.
 *
 * Synchronous Code Sample:
 * The following code sample demonstrates how to synchronously create a cryptographic key in the key vault,
 * using the {@link com.azure.security.keyvault.keys.KeyClient#createKey(java.lang.String, com.azure.security.keyvault.keys.models.KeyType)} API.
 *
 * 
 *  * KeyVaultKey key = keyClient.createKey("keyName", KeyType.EC);
 * System.out.printf("Created key with name: %s and id: %s%n", key.getName(), key.getId());
 * 
 * 
 *
 * Note: For the asynchronous sample, refer to
 * {@link com.azure.security.keyvault.keys.KeyAsyncClient}.
 *
 * 

 *
 * 
 *
 * Get a Cryptographic Key
 * The {@link com.azure.security.keyvault.keys.KeyClient} or
 * {@link com.azure.security.keyvault.keys.KeyAsyncClient} can be used to retrieve a key from the
 * key vault.
 *
 * Synchronous Code Sample:
 * The following code sample demonstrates how to synchronously retrieve a key from the key vault, using
 * the {@link com.azure.security.keyvault.keys.KeyClient#getKey(java.lang.String)} API.
 *
 * 
 *  * KeyVaultKey keyWithVersionValue = keyClient.getKey("keyName");
 *
 * System.out.printf("Retrieved key with name: %s and: id %s%n", keyWithVersionValue.getName(),
 *     keyWithVersionValue.getId());
 * 
 * 
 *
 * Note: For the asynchronous sample, refer to
 * {@link com.azure.security.keyvault.keys.KeyAsyncClient}.
 *
 * 

 *
 * 
 *
 * Delete a Cryptographic Key
 * The {@link com.azure.security.keyvault.keys.KeyClient} or
 * {@link com.azure.security.keyvault.keys.KeyAsyncClient} can be used to delete a key from the key vault.
 *
 * Synchronous Code Sample:
 * The following code sample demonstrates how to synchronously delete a key from the
 * key vault, using the {@link com.azure.security.keyvault.keys.KeyClient#beginDeleteKey(java.lang.String)} API.
 *
 * 
 *  * SyncPoller<DeletedKey, Void> deleteKeyPoller = keyClient.beginDeleteKey("keyName");
 * PollResponse<DeletedKey> deleteKeyPollResponse = deleteKeyPoller.poll();
 *
 * // Deleted date only works for SoftDelete Enabled Key Vault.
 * DeletedKey deletedKey = deleteKeyPollResponse.getValue();
 *
 * System.out.printf("Key delete date: %s%n", deletedKey.getDeletedOn());
 * System.out.printf("Deleted key's recovery id: %s%n", deletedKey.getRecoveryId());
 *
 * // Key is being deleted on the server.
 * deleteKeyPoller.waitForCompletion();
 * // Key is deleted
 * 
 * 
 *
 * Note: For the asynchronous sample, refer to
 * {@link com.azure.security.keyvault.keys.KeyAsyncClient}.
 *
 * @see com.azure.security.keyvault.keys.KeyClient
 * @see com.azure.security.keyvault.keys.KeyAsyncClient
 * @see com.azure.security.keyvault.keys.KeyClientBuilder
 */
package com.azure.security.keyvault.keys;