@eqxjs/azure-manage-identity
Version:
For get Azure keyvault secret
18 lines • 1.14 kB
JavaScript
;
Object.defineProperty(exports, "__esModule", { value: true });
exports.encryptData = encryptData;
const keyvault_keys_1 = require("@azure/keyvault-keys");
const confidential_mgnt_1 = require("../confidential.mgnt");
const secret_get_1 = require("../secret/secret.get");
const base64url_1 = require("base64url");
const node_buffer_1 = require("node:buffer");
async function encryptData(keyURL, keyName, payload, ivSecretName) {
const credential = new confidential_mgnt_1.MyClientAssertionCredential();
const keysClient = new keyvault_keys_1.KeyClient(keyURL, credential);
const vaultKey = await keysClient.getKey(keyName);
const secret = await (0, secret_get_1.getSecret)(keyURL, ivSecretName);
const cryptographyClient = new keyvault_keys_1.CryptographyClient(vaultKey, credential);
let result = await cryptographyClient.encrypt({ algorithm: "A256CBC", plaintext: node_buffer_1.Buffer.from(payload), iv: (secret.value) ? node_buffer_1.Buffer.from(secret.value) : undefined });
return base64url_1.default.encode(node_buffer_1.Buffer.from(result.result));
}
//# sourceMappingURL=key.encrypt.js.map