com.azure.security.keyvault.keys.cryptography

Class CryptographyClient

java.lang.Object

com.azure.security.keyvault.keys.cryptography.CryptographyClient

public class CryptographyClient
extends Object

The CryptographyClient provides synchronous methods to perform cryptographic operations using asymmetric and symmetric keys. The client supports encrypt, decrypt, wrap key, unwrap key, sign and verify operations using the configured key.

Samples to construct the sync client

 CryptographyClient cryptographyClient = new CryptographyClientBuilder()
     .keyIdentifier("<YOUR-KEY-IDENTIFIER>")
     .credential(new DefaultAzureCredentialBuilder().build())
     .buildClient();
 

See Also:

CryptographyClientBuilder

Method Summary

Modifier and Type	Method and Description
DecryptResult	decrypt(EncryptionAlgorithm algorithm, byte[] cipherText) Decrypts a single block of encrypted data using the configured key and specified algorithm.
DecryptResult	decrypt(EncryptionAlgorithm algorithm, byte[] cipherText, com.azure.core.util.Context context) Decrypts a single block of encrypted data using the configured key and specified algorithm.
EncryptResult	encrypt(EncryptionAlgorithm algorithm, byte[] plaintext) Encrypts an arbitrary sequence of bytes using the configured key.
EncryptResult	encrypt(EncryptionAlgorithm algorithm, byte[] plaintext, com.azure.core.util.Context context) Encrypts an arbitrary sequence of bytes using the configured key.
KeyVaultKey	getKey() Gets the public part of the configured key.
com.azure.core.http.rest.Response<KeyVaultKey>	getKeyWithResponse(com.azure.core.util.Context context) Gets the public part of the configured key.
SignResult	sign(SignatureAlgorithm algorithm, byte[] digest) Creates a signature from a digest using the configured key.
SignResult	sign(SignatureAlgorithm algorithm, byte[] digest, com.azure.core.util.Context context) Creates a signature from a digest using the configured key.
SignResult	signData(SignatureAlgorithm algorithm, byte[] data) Creates a signature from the raw data using the configured key.
SignResult	signData(SignatureAlgorithm algorithm, byte[] data, com.azure.core.util.Context context) Creates a signature from the raw data using the configured key.
UnwrapResult	unwrapKey(KeyWrapAlgorithm algorithm, byte[] encryptedKey) Unwraps a symmetric key using the configured key that was initially used for wrapping that key.
UnwrapResult	unwrapKey(KeyWrapAlgorithm algorithm, byte[] encryptedKey, com.azure.core.util.Context context) Unwraps a symmetric key using the configured key that was initially used for wrapping that key.
VerifyResult	verify(SignatureAlgorithm algorithm, byte[] digest, byte[] signature) Verifies a signature using the configured key.
VerifyResult	verify(SignatureAlgorithm algorithm, byte[] digest, byte[] signature, com.azure.core.util.Context context) Verifies a signature using the configured key.
VerifyResult	verifyData(SignatureAlgorithm algorithm, byte[] data, byte[] signature) Verifies a signature against the raw data using the configured key.
VerifyResult	verifyData(SignatureAlgorithm algorithm, byte[] data, byte[] signature, com.azure.core.util.Context context) Verifies a signature against the raw data using the configured key.
WrapResult	wrapKey(KeyWrapAlgorithm algorithm, byte[] key) Wraps a symmetric key using the configured key.
WrapResult	wrapKey(KeyWrapAlgorithm algorithm, byte[] key, com.azure.core.util.Context context) Wraps a symmetric key using the configured key.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

getKey

public KeyVaultKey getKey()

Gets the public part of the configured key. The get key operation is applicable to all key types and it requires the keys/get permission.

Code Samples

Gets the key configured in the client. Prints out the returned key details.

 KeyVaultKey key = cryptographyClient.getKey();
 System.out.printf("Key is returned with name %s and id %s \n", key.getName(), key.getId());
 

Returns:

The requested key.

Throws:

com.azure.core.exception.ResourceNotFoundException - when the configured key doesn't exist in the key vault.

getKeyWithResponse

public com.azure.core.http.rest.Response<KeyVaultKey> getKeyWithResponse(com.azure.core.util.Context context)

Gets the public part of the configured key. The get key operation is applicable to all key types and it requires the keys/get permission.

Code Samples

Gets the key configured in the client. Prints out the returned key details.

 KeyVaultKey keyWithVersion = cryptographyClient.getKeyWithResponse(new Context(key1, value1)).getValue();
 System.out.printf("Key is returned with name %s and id %s \n", keyWithVersion.getName(), keyWithVersion.getId());
 

Parameters:

context - Additional context that is passed through the Http pipeline during the service call.

Returns:

A Response whose value contains the requested key.

Throws:

com.azure.core.exception.ResourceNotFoundException - when the configured key doesn't exist in the key vault.

encrypt

public EncryptResult encrypt(EncryptionAlgorithm algorithm,
                             byte[] plaintext,
                             com.azure.core.util.Context context)

Encrypts an arbitrary sequence of bytes using the configured key. Note that the encrypt operation only supports a single block of data, the size of which is dependent on the target key and the encryption algorithm to be used. The encrypt operation is supported for both symmetric keys and asymmetric keys. In case of asymmetric keys public portion of the key is used for encryption. This operation requires the keys/encrypt permission.

The encryption algorithm indicates the type of algorithm to use for decrypting the specified encrypted content. Possible values for assymetric keys include: RSA1_5, RSA_OAEP and RSA_OAEP_256. Possible values for symmetric keys include: A128CBC, A128CBC-HS256, A192CBC, A192CBC-HS384, A256CBC and A256CBC-HS512

Code Samples

Encrypts the content. Subscribes to the call asynchronously and prints out the encrypted content details when a response has been received.

 byte[] plainTextToEncrypt = new byte[100];
 new Random(0x1234567L).nextBytes(plainTextToEncrypt);
 EncryptResult encryptionResult = cryptographyClient.encrypt(EncryptionAlgorithm.RSA_OAEP, plainTextToEncrypt,
     new Context(key1, value1));
 System.out.printf("Received encrypted content of length %d with algorithm %s \n",
     encryptionResult.getCipherText().length, encryptionResult.getAlgorithm().toString());
 

Parameters:

algorithm - The algorithm to be used for encryption.

plaintext - The content to be encrypted.

context - Additional context that is passed through the Http pipeline during the service call.

Returns:

A EncryptResult whose cipher text contains the encrypted content.

Throws:

com.azure.core.exception.ResourceNotFoundException - if the key cannot be found for encryption.

UnsupportedOperationException - if the encrypt operation is not supported or configured on the key.

NullPointerException - if algorithm or plainText is null.

encrypt

public EncryptResult encrypt(EncryptionAlgorithm algorithm,
                             byte[] plaintext)

Encrypts an arbitrary sequence of bytes using the configured key. Note that the encrypt operation only supports a single block of data, the size of which is dependent on the target key and the encryption algorithm to be used. The encrypt operation is supported for both symmetric keys and asymmetric keys. In case of asymmetric keys public portion of the key is used for encryption. This operation requires the keys/encrypt permission.

The encryption algorithm indicates the type of algorithm to use for decrypting the specified encrypted content. Possible values for assymetric keys include: RSA1_5, RSA_OAEP and RSA_OAEP_256. Possible values for symmetric keys include: A128CBC, A128CBC-HS256, A192CBC, A192CBC-HS384, A256CBC and A256CBC-HS512

Code Samples

Encrypts the content. Subscribes to the call asynchronously and prints out the encrypted content details when a response has been received.

 byte[] plainText = new byte[100];
 new Random(0x1234567L).nextBytes(plainText);
 EncryptResult encryptResult = cryptographyClient.encrypt(EncryptionAlgorithm.RSA_OAEP, plainText);
 System.out.printf("Received encrypted content of length %d with algorithm %s \n",
     encryptResult.getCipherText().length, encryptResult.getAlgorithm().toString());
 

Parameters:

algorithm - The algorithm to be used for encryption.

plaintext - The content to be encrypted.

Returns:

The EncryptResult whose cipher text contains the encrypted content.

Throws:

com.azure.core.exception.ResourceNotFoundException - if the key cannot be found for encryption.

UnsupportedOperationException - if the encrypt operation is not supported or configured on the key.

NullPointerException - if algorithm or plainText is null.

decrypt

public DecryptResult decrypt(EncryptionAlgorithm algorithm,
                             byte[] cipherText,
                             com.azure.core.util.Context context)

Decrypts a single block of encrypted data using the configured key and specified algorithm. Note that only a single block of data may be decrypted, the size of this block is dependent on the target key and the algorithm to be used. The decrypt operation is supported for both asymmetric and symmetric keys. This operation requires the keys/decrypt permission.

The encryption algorithm indicates the type of algorithm to use for decrypting the specified encrypted content. Possible values for assymetric keys include: RSA1_5, RSA_OAEP and RSA_OAEP_256. Possible values for symmetric keys include: A128CBC, A128CBC-HS256, A192CBC, A192CBC-HS384, A256CBC and A256CBC-HS512

Code Samples

Decrypts the encrypted content. Subscribes to the call asynchronously and prints out the decrypted content details when a response has been received.

 DecryptResult decryptionResult = cryptographyClient.decrypt(EncryptionAlgorithm.RSA_OAEP, encryptedData,
     new Context(key1, value1));
 System.out.printf("Received decrypted content of length %d\n", decryptionResult.getPlainText().length);
 

Parameters:

algorithm - The algorithm to be used for decryption.

cipherText - The content to be decrypted.

context - Additional context that is passed through the Http pipeline during the service call.

Returns:

The decrypted blob.

Throws:

com.azure.core.exception.ResourceNotFoundException - if the key cannot be found for decryption.

UnsupportedOperationException - if the decrypt operation is not supported or configured on the key.

NullPointerException - if algorithm or cipherText is null.

decrypt

public DecryptResult decrypt(EncryptionAlgorithm algorithm,
                             byte[] cipherText)

Decrypts a single block of encrypted data using the configured key and specified algorithm. Note that only a single block of data may be decrypted, the size of this block is dependent on the target key and the algorithm to be used. The decrypt operation is supported for both asymmetric and symmetric keys. This operation requires the keys/decrypt permission.

The encryption algorithm indicates the type of algorithm to use for decrypting the specified encrypted content. Possible values for assymetric keys include: RSA1_5, RSA_OAEP and RSA_OAEP_256. Possible values for symmetric keys include: A128CBC, A128CBC-HS256, A192CBC, A192CBC-HS384, A256CBC and A256CBC-HS512

Code Samples

Decrypts the encrypted content. Subscribes to the call asynchronously and prints out the decrypted content details when a response has been received.

 DecryptResult decryptResult = cryptographyClient.decrypt(EncryptionAlgorithm.RSA_OAEP, encryptedData);
 System.out.printf("Received decrypted content of length %d\n", decryptResult.getPlainText().length);
 

Parameters:

algorithm - The algorithm to be used for decryption.

cipherText - The content to be decrypted.

Returns:

The decrypted blob.

Throws:

com.azure.core.exception.ResourceNotFoundException - if the key cannot be found for decryption.

UnsupportedOperationException - if the decrypt operation is not supported or configured on the key.

NullPointerException - if algorithm or cipherText is null.

sign

public SignResult sign(SignatureAlgorithm algorithm,
                       byte[] digest,
                       com.azure.core.util.Context context)

Creates a signature from a digest using the configured key. The sign operation supports both asymmetric and symmetric keys. This operation requires the keys/sign permission.

The signature algorithm indicates the type of algorithm to use to create the signature from the digest. Possible values include: ES256, E384, ES512, ES246K, PS256, RS384, RS512, RS256, RS384 and RS512

Code Samples

Sings the digest. Subscribes to the call asynchronously and prints out the signature details when a response has been received.

 byte[] plainTextData = new byte[100];
 new Random(0x1234567L).nextBytes(plainTextData);
 MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
 messageDigest.update(data);
 byte[] digetContent = messageDigest.digest();
 SignResult signResponse = cryptographyClient.sign(SignatureAlgorithm.ES256, digetContent);
 System.out.printf("Received signature of length %d with algorithm %s", signResponse.getSignature().length,
     signResponse.getAlgorithm().toString(), new Context(key1, value1));
 

Parameters:

algorithm - The algorithm to use for signing.

digest - The content from which signature is to be created.

context - Additional context that is passed through the Http pipeline during the service call.

Returns:

A SignResult whose signature contains the created signature.

Throws:

com.azure.core.exception.ResourceNotFoundException - if the key cannot be found for signing.

UnsupportedOperationException - if the sign operation is not supported or configured on the key.

NullPointerException - if algorithm or digest is null.

sign

public SignResult sign(SignatureAlgorithm algorithm,
                       byte[] digest)

Creates a signature from a digest using the configured key. The sign operation supports both asymmetric and symmetric keys. This operation requires the keys/sign permission.

The signature algorithm indicates the type of algorithm to use to create the signature from the digest. Possible values include: ES256, E384, ES512, ES246K, PS256, RS384, RS512, RS256, RS384 and RS512

Code Samples

Sings the digest. Subscribes to the call asynchronously and prints out the signature details when a response has been received.

 byte[] data = new byte[100];
 new Random(0x1234567L).nextBytes(data);
 MessageDigest md = MessageDigest.getInstance("SHA-256");
 md.update(data);
 byte[] digest = md.digest();
 SignResult signResult = cryptographyClient.sign(SignatureAlgorithm.ES256, digest);
 System.out.printf("Received signature of length %d with algorithm %s", signResult.getSignature().length,
     signResult.getAlgorithm().toString());
 

Parameters:

algorithm - The algorithm to use for signing.

digest - The content from which signature is to be created.

Returns:

A SignResult whose signature contains the created signature.

Throws:

com.azure.core.exception.ResourceNotFoundException - if the key cannot be found for signing.

UnsupportedOperationException - if the sign operation is not supported or configured on the key.

NullPointerException - if algorithm or digest is null.

verify

public VerifyResult verify(SignatureAlgorithm algorithm,
                           byte[] digest,
                           byte[] signature)

Verifies a signature using the configured key. The verify operation supports both symmetric keys and asymmetric keys. In case of asymmetric keys public portion of the key is used to verify the signature . This operation requires the keys/verify permission.

The signature algorithm indicates the type of algorithm to use to create the signature from the digest. Possible values include: ES256, E384, ES512, ES246K, PS256, RS384, RS512, RS256, RS384 and RS512

Code Samples

Verifies the signature against the specified digest. Subscribes to the call asynchronously and prints out the verification details when a response has been received.

 VerifyResult verifyResult = cryptographyClient.verify(SignatureAlgorithm.ES256, digest, signature);
 System.out.printf("Verification status %s", verifyResult.isValid());
 

Parameters:

algorithm - The algorithm to use for signing.

digest - The content from which signature was created.

signature - The signature to be verified.

Returns:

The Boolean indicating the signature verification result.

Throws:

com.azure.core.exception.ResourceNotFoundException - if the key cannot be found for verifying.

UnsupportedOperationException - if the verify operation is not supported or configured on the key.

NullPointerException - if algorithm, digest or signature is null.

verify

public VerifyResult verify(SignatureAlgorithm algorithm,
                           byte[] digest,
                           byte[] signature,
                           com.azure.core.util.Context context)

Verifies a signature using the configured key. The verify operation supports both symmetric keys and asymmetric keys. In case of asymmetric keys public portion of the key is used to verify the signature . This operation requires the keys/verify permission.

The signature algorithm indicates the type of algorithm to use to create the signature from the digest. Possible values include: ES256, E384, ES512, ES246K, PS256, RS384, RS512, RS256, RS384 and RS512

Code Samples

Verifies the signature against the specified digest. Subscribes to the call asynchronously and prints out the verification details when a response has been received.

 VerifyResult verifyResponse = cryptographyClient.verify(SignatureAlgorithm.ES256, digest, signature);
 System.out.printf("Verification status %s", verifyResponse.isValid(), new Context(key2, value2));
 

Parameters:

algorithm - The algorithm to use for signing.

digest - The content from which signature is to be created.

signature - The signature to be verified.

context - Additional context that is passed through the Http pipeline during the service call.

Returns:

The Boolean indicating the signature verification result.

Throws:

com.azure.core.exception.ResourceNotFoundException - if the key cannot be found for verifying.

UnsupportedOperationException - if the verify operation is not supported or configured on the key.

NullPointerException - if algorithm, digest or signature is null.

wrapKey

public WrapResult wrapKey(KeyWrapAlgorithm algorithm,
                          byte[] key)

Wraps a symmetric key using the configured key. The wrap operation supports wrapping a symmetric key with both symmetric and asymmetric keys. This operation requires the keys/wrapKey permission.

The wrap algorithm indicates the type of algorithm to use for wrapping the specified key content. Possible values include: RSA1_5, RSA_OAEP and RSA_OAEP_256

Code Samples

Wraps the key content. Subscribes to the call asynchronously and prints out the wrapped key details when a response has been received.

 byte[] key = new byte[100];
 new Random(0x1234567L).nextBytes(key);
 WrapResult wrapResult = cryptographyClient.wrapKey(KeyWrapAlgorithm.RSA_OAEP, key);
 System.out.printf("Received encypted key of length %d with algorithm %s", wrapResult.getEncryptedKey().length,
     wrapResult.getAlgorithm().toString());
 

Parameters:

algorithm - The encryption algorithm to use for wrapping the key.

key - The key content to be wrapped

Returns:

The WrapResult whose encrypted key contains the wrapped key result.

Throws:

com.azure.core.exception.ResourceNotFoundException - if the key cannot be found for wrap operation.

UnsupportedOperationException - if the wrap operation is not supported or configured on the key.

NullPointerException - if algorithm or key is null.

wrapKey

public WrapResult wrapKey(KeyWrapAlgorithm algorithm,
                          byte[] key,
                          com.azure.core.util.Context context)

Wraps a symmetric key using the configured key. The wrap operation supports wrapping a symmetric key with both symmetric and asymmetric keys. This operation requires the keys/wrapKey permission.

The wrap algorithm indicates the type of algorithm to use for wrapping the specified key content. Possible values include: RSA1_5, RSA_OAEP and RSA_OAEP_256

Code Samples

Wraps the key content. Subscribes to the call asynchronously and prints out the wrapped key details when a response has been received.

 byte[] keyContent = new byte[100];
 new Random(0x1234567L).nextBytes(keyContent);
 WrapResult keyWrapResponse = cryptographyClient.wrapKey(KeyWrapAlgorithm.RSA_OAEP, keyContent);
 System.out.printf("Received encypted key of length %d with algorithm %s", keyWrapResponse.getEncryptedKey().length,
     keyWrapResponse.getAlgorithm().toString(), new Context(key1, value1));
 

Parameters:

algorithm - The encryption algorithm to use for wrapping the key.

key - The key content to be wrapped

context - Additional context that is passed through the Http pipeline during the service call.

Returns:

The WrapResult whose encrypted key contains the wrapped key result.

Throws:

com.azure.core.exception.ResourceNotFoundException - if the key cannot be found for wrap operation.

UnsupportedOperationException - if the wrap operation is not supported or configured on the key.

NullPointerException - if algorithm or key is null.

unwrapKey

public UnwrapResult unwrapKey(KeyWrapAlgorithm algorithm,
                              byte[] encryptedKey)

Unwraps a symmetric key using the configured key that was initially used for wrapping that key. This operation is the reverse of the wrap operation. The unwrap operation supports asymmetric and symmetric keys to unwrap. This operation requires the keys/unwrapKey permission.

The wrap algorithm indicates the type of algorithm to use for wrapping the specified key content. Possible values for asymmetric keys include: RSA1_5, RSA_OAEP and RSA_OAEP_256. Possible values for symmetric keys include: A128KW, A192KW and A256KW

Code Samples

Unwraps the key content. Subscribes to the call asynchronously and prints out the unwrapped key details when a response has been received.

 UnwrapResult unwrapResult = cryptographyClient.unwrapKey(KeyWrapAlgorithm.RSA_OAEP, encryptedKey);
 System.out.printf("Received key of length %d", unwrapResult.getKey().length);
 

Parameters:

algorithm - The encryption algorithm to use for wrapping the key.

encryptedKey - The encrypted key content to unwrap.

Returns:

The unwrapped key content.

Throws:

com.azure.core.exception.ResourceNotFoundException - if the key cannot be found for wrap operation.

UnsupportedOperationException - if the unwrap operation is not supported or configured on the key.

NullPointerException - if algorithm or encryptedKey is null.

unwrapKey

public UnwrapResult unwrapKey(KeyWrapAlgorithm algorithm,
                              byte[] encryptedKey,
                              com.azure.core.util.Context context)

Unwraps a symmetric key using the configured key that was initially used for wrapping that key. This operation is the reverse of the wrap operation. The unwrap operation supports asymmetric and symmetric keys to unwrap. This operation requires the keys/unwrapKey permission.

The wrap algorithm indicates the type of algorithm to use for wrapping the specified key content. Possible values for asymmetric keys include: RSA1_5, RSA_OAEP and RSA_OAEP_256. Possible values for symmetric keys include: A128KW, A192KW and A256KW

Code Samples

Unwraps the key content. Subscribes to the call asynchronously and prints out the unwrapped key details when a response has been received.

 UnwrapResult keyUnwrapResponse = cryptographyClient.unwrapKey(KeyWrapAlgorithm.RSA_OAEP, encryptedKey,
     new Context(key2, value2));
 System.out.printf("Received key of length %d", keyUnwrapResponse.getKey().length);
 

Parameters:

algorithm - The encryption algorithm to use for wrapping the key.

encryptedKey - The encrypted key content to unwrap.

context - Additional context that is passed through the Http pipeline during the service call.

Returns:

The unwrapped key content.

Throws:

com.azure.core.exception.ResourceNotFoundException - if the key cannot be found for wrap operation.

UnsupportedOperationException - if the unwrap operation is not supported or configured on the key.

NullPointerException - if algorithm or encryptedKey is null.

signData

public SignResult signData(SignatureAlgorithm algorithm,
                           byte[] data)

Creates a signature from the raw data using the configured key. The sign data operation supports both asymmetric and symmetric keys. This operation requires the keys/sign permission.

The signature algorithm indicates the type of algorithm to use to create the signature from the digest. Possible values include: ES256, E384, ES512, ES246K, PS256, RS384, RS512, RS256, RS384 and RS512

Code Samples

Signs the raw data. Subscribes to the call asynchronously and prints out the signature details when a response has been received.

 byte[] data = new byte[100];
 new Random(0x1234567L).nextBytes(data);
 SignResult signResult = cryptographyClient.sign(SignatureAlgorithm.ES256, data);
 System.out.printf("Received signature of length %d with algorithm %s", signResult.getSignature().length);
 

Parameters:

algorithm - The algorithm to use for signing.

data - The content from which signature is to be created.

Returns:

A SignResult whose signature contains the created signature.

Throws:

com.azure.core.exception.ResourceNotFoundException - if the key cannot be found for signing.

UnsupportedOperationException - if the sign operation is not supported or configured on the key.

NullPointerException - if algorithm or data is null.

signData

public SignResult signData(SignatureAlgorithm algorithm,
                           byte[] data,
                           com.azure.core.util.Context context)

Creates a signature from the raw data using the configured key. The sign data operation supports both asymmetric and symmetric keys. This operation requires the keys/sign permission.

The signature algorithm indicates the type of algorithm to use to create the signature from the digest. Possible values include: ES256, E384, ES512, ES246K, PS256, RS384, RS512, RS256, RS384 and RS512

Code Samples

Signs the raw data. Subscribes to the call asynchronously and prints out the signature details when a response has been received.

 byte[] plainTextData = new byte[100];
 new Random(0x1234567L).nextBytes(plainTextData);
 SignResult signReponse = cryptographyClient.sign(SignatureAlgorithm.ES256, plainTextData);
 System.out.printf("Received signature of length %d with algorithm %s", signReponse.getSignature().length,
     new Context(key1, value1));
 

Parameters:

algorithm - The algorithm to use for signing.

data - The content from which signature is to be created.

context - Additional context that is passed through the Http pipeline during the service call.

Returns:

A SignResult whose signature contains the created signature.

Throws:

com.azure.core.exception.ResourceNotFoundException - if the key cannot be found for signing.

UnsupportedOperationException - if the sign operation is not supported or configured on the key.

NullPointerException - if algorithm or data is null.

verifyData

public VerifyResult verifyData(SignatureAlgorithm algorithm,
                               byte[] data,
                               byte[] signature)

Verifies a signature against the raw data using the configured key. The verify operation supports both symmetric keys and asymmetric keys. In case of asymmetric keys public portion of the key is used to verify the signature . This operation requires the keys/verify permission.

The signature algorithm indicates the type of algorithm to use to create the signature from the digest. Possible values include: ES256, E384, ES512, ES246K, PS256, RS384, RS512, RS256, RS384 and RS512

Code Samples

Verifies the signature against the raw data. Subscribes to the call asynchronously and prints out the verification details when a response has been received.

 VerifyResult verifyResult =  cryptographyClient.verify(SignatureAlgorithm.ES256, data, signature);
 System.out.printf("Verification status %s", verifyResult.isValid());
 

Parameters:

algorithm - The algorithm to use for signing.

data - The raw content against which signature is to be verified.

signature - The signature to be verified.

Returns:

The Boolean indicating the signature verification result.

Throws:

com.azure.core.exception.ResourceNotFoundException - if the key cannot be found for verifying.

UnsupportedOperationException - if the verify operation is not supported or configured on the key.

NullPointerException - if algorithm, data or signature is null.

verifyData

public VerifyResult verifyData(SignatureAlgorithm algorithm,
                               byte[] data,
                               byte[] signature,
                               com.azure.core.util.Context context)

Verifies a signature against the raw data using the configured key. The verify operation supports both symmetric keys and asymmetric keys. In case of asymmetric keys public portion of the key is used to verify the signature . This operation requires the keys/verify permission.

The signature algorithm indicates the type of algorithm to use to create the signature from the digest. Possible values include: ES256, E384, ES512, ES246K, PS256, RS384, RS512, RS256, RS384 and RS512

Code Samples

Verifies the signature against the raw data. Subscribes to the call asynchronously and prints out the verification details when a response has been received.

 VerifyResult verifyResponse =  cryptographyClient.verify(SignatureAlgorithm.ES256, data, signature);
 System.out.printf("Verification status %s", verifyResponse.isValid(), new Context(key2, value2));
 

Parameters:

algorithm - The algorithm to use for signing.

data - The raw content against which signature is to be verified.

signature - The signature to be verified.

context - Additional context that is passed through the Http pipeline during the service call.

Returns:

The Boolean indicating the signature verification result.

Throws:

com.azure.core.exception.ResourceNotFoundException - if the key cannot be found for verifying.

UnsupportedOperationException - if the verify operation is not supported or configured on the key.

NullPointerException - if algorithm, data or signature is null.