-
Notifications
You must be signed in to change notification settings - Fork 233
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
key_client: supply GetRandomBytes API. #1271
Conversation
…I for it. Signed-off-by: Lucasliang <nkcs_lykx@hotmail.com> In this pr: * The ManagedHsmClient has been supplied for accessing managed HSM resources. * Supply GetRandomBytes API to ManagedHsmClient for generating random values.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This should be added to the KeyClient
reflecting what we do in other languages. Don't validate REST methods apart from any URI path parameters, and let the service return a service error as implemented; thus, KeyClient
would return an error reflecting the service's HTTP 400.
FYI, several things are a little bit wired to me, triggering me to divide
These phenomenon showed me that |
Signed-off-by: Lucasliang <nkcs_lykx@hotmail.com>
/cc @heaths Done for it. FYI, I accept to make it consistent with implementations in other languages. Thx. |
Signed-off-by: Lucasliang <nkcs_lykx@hotmail.com>
Signed-off-by: Lucasliang <nkcs_lykx@hotmail.com>
Signed-off-by: Lucasliang <nkcs_lykx@hotmail.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Much better, thank you. One more change, though.
There are a number of APIs that don't work for both Key Vault and Managed HSM, but I'm one of the owners for the SDK and the design of both the service REST APIs and the SDKs are such that developers could test most functionality with the relatively cheap Key Vault service but deploy against a Managed HSM. Few key operations are not supported for both, including /rng.
Signed-off-by: Lucasliang <nkcs_lykx@hotmail.com>
Signed-off-by: Lucasliang <nkcs_lykx@hotmail.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you!
deserialize_with = "deser_base64" | ||
)] | ||
/// `value` is encoded as a base64url string. | ||
#[serde(rename = "value", deserialize_with = "deser_base64")] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ah, I see we're already doing that with this function. I forgot it was locally implemented.
Signed-off-by: Lucasliang <nkcs_lykx@hotmail.com>
/cc @demoray PTAL, thx. If there is no new comments on this pr, please help me to merge it. |
@heaths If there was no other advices or comments, could u help me to merge it? thx. |
Thanks for the contributions! |
Signed-off-by: Lucasliang nkcs_lykx@hotmail.com
In this pr:
TheManagedHsmClient
has been supplied for accessing managed HSM resources.SupplyGetRandomBytes
API toManagedHsmClient
for generating random values.GetRandomBytes
API toKeyClient
.