UNPKG

azure-cli

Version:

Microsoft Azure Cross Platform Command Line tool

github.com/Azure/azure-xplat-cli

Azure/azure-xplat-cli

793 lines (344 loc) • 33.5 kB

JavaScript

/*** Generated by streamline 0.10.17 (callbacks) - DO NOT EDIT ***/ "use strict"; var __rt=require('streamline/lib/callbacks/runtime').runtime(__filename, false),__func=__rt.__func,__cb=__rt.__cb,__tryCatch=__rt.__tryCatch; var __ = require("underscore"); var util = require("util"); var fs = require("fs"); var forge = require("node-forge"); var profile = require("../../../util/profile"); var utils = require("../../../util/utils"); var kvUtils = require("./kv-utils"); var kvLegacy = require("./kv-legacy"); var $ = utils.getLocaleString; var KEY_DEST_TYPE_MAP = { Software: "RSA", HSM: "RSA-HSM"}; var KEY_DESTS = Object.keys(KEY_DEST_TYPE_MAP); var KEY_OPS = ["encrypt","decrypt","sign","verify","wrapKey","unwrapKey",]; exports.init = function(cli) { var log = cli.output; var key = cli.category("keyvault").category("key").description($("Commands to manage keys in the Azure Key Vault service")); key.command("list [vault-name]").description($("Lists keys of a vault")).usage("[--vault-name] <vault-name> [options]").option("-u, --vault-name <vault-name>", $("the vault name")).execute(function __1(vaultName, options, _) { var client, keys, progress, result; var __frame = { name: "__1", line: 51 }; return __func(_, this, arguments, __1, 2, __frame, function __$__1() { log.verbose(("arguments: " + JSON.stringify({ vaultName: vaultName, options: options }))); options.vaultName = (options.vaultName || vaultName); if (!options.vaultName) { return _(null, cli.missingArgument("vault-name")); } ; client = createClient(options); keys = []; progress = cli.interaction.progress(util.format($("Loading keys of vault %s"), options.vaultUri)); return (function ___(__then) { (function ___(_) { __tryCatch(_, function __$__1() { return client.keys.list(options.vaultUri, null, __cb(_, __frame, 26, 33, function ___(__0, __1) { result = __1; return (function ___(__break) { var __more; var __loop = __cb(_, __frame, 0, 0, function __$__1() { __more = false; var __4 = 1; if (__4) { if ((result.value && result.value.length)) { keys = keys.concat(result.value); } ; if (!result.nextLink) { return __break(); } ; log.verbose(util.format($("Found %d keys, loading more"), keys.length)); return client.keys.listNext(result.nextLink, __cb(_, __frame, 35, 31, function ___(__0, __2) { result = __2; while (__more) { __loop(); }; __more = true; }, true)); } else { __break(); } ; }); do { __loop(); } while (__more); __more = true; })(function __$__1() { _(null, null, true); }); }, true)); }); })(function ___(__e, __r, __cont) { (function ___(__then) { __tryCatch(_, function __$__1() { progress.end(); __then(); }); })(function ___() { __tryCatch(_, function ___() { if (__cont) { __then(); } else { _(__e, __r); }; }); }); }); })(function ___() { __tryCatch(_, function __$__1() { log.table(keys, showKeyRow); log.info(util.format($("Found %d keys"), keys.length)); _(); }); }); }); }); key.command("list-versions [vault-name] [key-name]").description($("Lists key versions")).usage("[--vault-name] <vault-name> [[--key-name] <key-name>] [options]").option("-u, --vault-name <vault-name>", $("the vault name")).option("-k, --key-name <key-name>", $("lists only versions of this key")).execute(function __2(vaultName, keyName, options, _) { var client, keys, progress, result, items, i, keyIdentifier, keyVersions; var __frame = { name: "__2", line: 101 }; return __func(_, this, arguments, __2, 3, __frame, function __$__2() { log.verbose(("arguments: " + JSON.stringify({ vaultName: vaultName, keyName: keyName, options: options }))); options.vaultName = (options.vaultName || vaultName); options.keyName = (options.keyName || keyName); if (!options.vaultName) { return _(null, cli.missingArgument("vault-name")); } ; client = createClient(options); return (function __$__2(__then) { if (!options.keyName) { keys = []; progress = cli.interaction.progress(util.format($("Loading keys of vault %s"), options.vaultUri)); return (function ___(__then) { (function ___(_) { __tryCatch(_, function __$__2() { return client.keys.list(options.vaultUri, null, __cb(_, __frame, 31, 35, function ___(__0, __1) { result = __1; return (function ___(__break) { var __more; var __loop = __cb(_, __frame, 0, 0, function __$__2() { __more = false; var __6 = 1; if (__6) { items = result.value; return (function __$__2(__then) { if ((items && items.length)) { i = 0; var __8 = false; return (function ___(__break) { var __more; var __loop = __cb(_, __frame, 0, 0, function __$__2() { __more = false; if (__8) { ++i; } else { __8 = true; } ; var __7 = (i < items.length); if (__7) { keyIdentifier = kvUtils.parseKeyIdentifier(items[i].kid); return getKeyVersions(client, keyIdentifier.vaultUri, keyIdentifier.name, __cb(_, __frame, 37, 34, function ___(__0, __2) { keyVersions = __2; keys = keys.concat(keyVersions); while (__more) { __loop(); }; __more = true; }, true)); } else { __break(); } ; }); do { __loop(); } while (__more); __more = true; })(__then); } else { __then(); } ; })(function __$__2() { if (!result.nextLink) { return __break(); } ; log.verbose(util.format($("Found %d keys, loading more"), keys.length)); return client.keys.listNext(result.nextLink, __cb(_, __frame, 45, 33, function ___(__0, __3) { result = __3; while (__more) { __loop(); }; __more = true; }, true)); }); } else { __break(); } ; }); do { __loop(); } while (__more); __more = true; })(function __$__2() { _(null, null, true); }); }, true)); }); })(function ___(__e, __r, __cont) { (function ___(__then) { __tryCatch(_, function __$__2() { progress.end(); __then(); }); })(function ___() { __tryCatch(_, function ___() { if (__cont) { __then(); } else { _(__e, __r); }; }); }); }); })(function ___() { __tryCatch(_, __then); }); } else { progress = cli.interaction.progress(util.format($("Loading keys of vault %s"), options.vaultUri)); return (function ___(__then) { (function ___(_) { __tryCatch(_, function __$__2() { return getKeyVersions(client, options.vaultUri, options.keyName, __cb(_, __frame, 53, 17, function ___(__0, __4) { keys = __4; _(null, null, true); }, true)); }); })(function ___(__e, __r, __cont) { (function ___(__then) { __tryCatch(_, function __$__2() { progress.end(); __then(); }); })(function ___() { __tryCatch(_, function ___() { if (__cont) { __then(); } else { _(__e, __r); }; }); }); }); })(function ___() { __tryCatch(_, __then); }); } ; })(function __$__2() { log.table(keys, showKeyRow); log.info(util.format($("Found %d keys"), keys.length)); _(); }); }); }); key.command("create [vault-name] [key-name]").description($("Creates a key in the vault")).usage("[--vault-name] <vault-name> [--key-name] <key-name> --destination <destination> [options]").option("-u, --vault-name <vault-name>", $("the vault name")).option("-k, --key-name <key-name>", $("name of the key to be created; if already exists, a new key version is generated")).option("-d, --destination <destination>", util.format($("tells if the key is software-protected or HSM-protected; valid values: [%s]"), KEY_DESTS.join(", "))).option("--enabled <boolean>", $("tells if the key should be enabled; valid values: [false, true]; default is true")).option("-e, --expires <datetime>", $("key expiration time, in UTC format")).option("-n, --not-before <datetime>", $("time before which key cannot be used, in UTC format")).option("-o, --key-ops <key-ops>", util.format($("JSON-encoded array of strings representing key operations; each string can be one of [%s]"), KEY_OPS.join(", "))).option("-t, --tags <tags>", $("Tags to set on the key. Can be multiple in the format 'name=value'. Name is required and value is optional. For example, -t tag1=value1;tag2")).execute(function __3(vaultName, keyName, options, _) { var keyVersion, client, request, key, keyIdentifier, progress; var __frame = { name: "__3", line: 175 }; return __func(_, this, arguments, __3, 3, __frame, function __$__3() { parseKeyPropertiesArguments(vaultName, keyName, keyVersion, options, true); options.kty = (options.hsm ? "RSA-HSM" : "RSA"); client = createClient(options); request = { kty: options.kty, key_ops: options.keyOps, attributes: { enabled: options.enabled, nbf: options.notBefore, exp: options.expires }, tags: options.tags }; log.verbose(("request: " + JSON.stringify(request))); keyIdentifier = getKeyIdentifier(options); progress = cli.interaction.progress(util.format($("Creating key %s"), keyIdentifier)); return (function ___(__then) { (function ___(_) { __tryCatch(_, function __$__3() { return client.keys.create(options.vaultUri, options.keyName, request, __cb(_, __frame, 33, 26, function ___(__0, __1) { key = __1; _(null, null, true); }, true)); }); })(function ___(__e, __r, __cont) { (function ___(__then) { __tryCatch(_, function __$__3() { progress.end(); __then(); }); })(function ___() { __tryCatch(_, function ___() { if (__cont) { __then(); } else { _(__e, __r); }; }); }); }); })(function ___() { __tryCatch(_, function __$__3() { showKey(key); _(); }); }); }); }); key.command("import [vault-name] [key-name]").description($("Imports an existing key into a vault")).usage("[--vault-name] <vault-name> [--key-name] <key-name> ( --pem-file | --byok-file ) <file-name> [--destination <destination>] [options]").option("-u, --vault-name <vault-name>", $("the vault name")).option("-k, --key-name <key-name>", $("name of the key to be imported; if already exists, a new key version is generated")).option("--pem-file <file-name>", $("name of a PEM file containing the key to be imported; the file must not be password protected")).option("--byok-file <file-name>", $("name of a BYOK file containing the key to be imported")).option("-p, --password <password>", $("password of key file; if not informed and the file is encrypted, will prompt")).option("-d, --destination <destination>", util.format($("tells if the key is software-protected or HSM-protected; valid values: [%s]"), KEY_DESTS.join(", "))).option("--enabled <boolean>", $("tells if the key should be enabled; valid values: [false, true]; default is true")).option("-e, --expires <datetime>", $("key expiration time, in UTC format")).option("-n, --not-before <datetime>", $("time before which key cannot be used, in UTC format")).option("-o, --key-ops <key-ops>", util.format($("JSON-encoded array of strings representing key operations; each string can be one of [%s]"), KEY_OPS.join(", "))).option("-t, --tags <tags>", $("Tags to set on the key. Can be multiple in the format 'name=value'. Name is required and value is optional. For example, -t tag1=value1;tag2")).execute(function __4(vaultName, keyName, options, _) { var keyVersion, v, request, data, keyFile, keyInfo, encrypted, pwdMsg, password, client, key, keyIdentifier, progress; var __frame = { name: "__4", line: 230 }; return __func(_, this, arguments, __4, 3, __frame, function __$__4() { parseKeyPropertiesArguments(vaultName, keyName, keyVersion, options, options.pemFile); v = 0; if (options.pemFile) { v++; } ; if (options.byokFile) { v++; } ; if ((v != 1)) { v = ["zero","one","two",][v]; log.error(util.format($("Expecting exactly one of the following, but %s were informed:"), v)); log.error($(" --pem-file <file-name>")); log.error($(" --byok-file <file-name>")); return _(new Error($("Could not establish key to import from command arguments"))); } ; if (((options.byokFile && options.destination) && !options.hsm)) { log.error(util.format($("Value of parameter --destination (%s) is incompatible with input key type (BYOK)."), options.destination)); } ; request = { key: { key_ops: options.keyOps }, hsm: options.hsm, attributes: { enabled: options.enabled, nbf: options.notBefore, exp: options.expires }, tags: options.tags }; return (function __$__4(__then) { if (options.pemFile) { request.key.kty = "RSA"; log.verbose(("reading " + options.pemFile)); data = fs.readFileSync(options.pemFile); encrypted = isPemEncrypted(data); return (function __$__4(__then) { if (encrypted) { pwdMsg = util.format($("Password for %s: "), options.pemFile); return cli.interaction.promptPasswordOnceIfNotGiven(pwdMsg, options.password, __cb(_, __frame, 53, 41, function ___(__0, __1) { password = __1; keyInfo = forge.pki.decryptRsaPrivateKey(data, password); __then(); }, true)); } else { keyInfo = forge.pki.privateKeyFromPem(data); if (options.password) { log.warn(util.format($("File %s is not password protected, the --password flag is extraneous and was ignored"), options.pemFile)); } ; __then(); } ; })(function __$__4() { log.verbose("setting RSA parameters from PEM data"); setRsaParameters(request.key, keyInfo); keyFile = options.pemFile; __then(); }); } else { request.key.kty = "RSA-HSM"; log.verbose(("reading " + options.byokFile)); data = fs.readFileSync(options.byokFile); log.verbose("setting BYOK parameters from file"); setHsmParameters(request.key, data); keyFile = options.byokFile; if (options.password) { log.warn($("The --password flag is extraneous and was ignored")); } ; __then(); } ; })(function __$__4() { client = createClient(options); log.verbose(("request: " + JSON.stringify(request, null, " "))); keyIdentifier = getKeyIdentifier(options); progress = cli.interaction.progress(util.format($("Importing file %s into %s"), keyFile, keyIdentifier)); return (function ___(__then) { (function ___(_) { __tryCatch(_, function __$__4() { return client.keys.importMethod(keyIdentifier, request, __cb(_, __frame, 93, 26, function ___(__0, __2) { key = __2; _(null, null, true); }, true)); }); })(function ___(__e, __r, __cont) { (function ___(__then) { __tryCatch(_, function __$__4() { progress.end(); __then(); }); })(function ___() { __tryCatch(_, function ___() { if (__cont) { __then(); } else { _(__e, __r); }; }); }); }); })(function ___() { __tryCatch(_, function __$__4() { showKey(key); _(); }); }); }); }); }); key.command("set-attributes [vault-name] [key-name] [key-version]").description($("Changes attributes of an existing key")).usage("[--vault-name] <vault-name> [--key-name] <key-name> [[--key-version] <key-version>] [options]").option("-u, --vault-name <vault-name>", $("the vault name")).option("-k, --key-name <key-name>", $("name of the key to be modified")).option("-r, --key-version <key-version>", $("the version to be modified; if ommited, modifies only the most recent")).option("--enabled <boolean>", $("if informed, command will change the enabled state; valid values: [false, true]")).option("-e, --expires <datetime>", $("if informed, command will change key expiration time; must be a date in UTC format or null")).option("-n, --not-before <datetime>", $("if informed, command will change time before which key cannot be used; must be a date in UTC format or null")).option("-o, --key-ops <key-ops>", util.format($("if informed, command will change valid operations; must be JSON-encoded array of strings representing key operations; each string can be one of [%s]"), KEY_OPS.join(", "))).option("-t, --tags <tags>", $("Tags to set on the key. Can be multiple in the format 'name=value'. Name is required and value is optional. For example, -t tag1=value1;tag2")).option("--reset-tags", $("remove previously existing tags; can combined with --tags")).execute(function __5(vaultName, keyName, keyVersion, options, _) { var informed, client, key, keyIdentifier, currentTags, request, progress; var __frame = { name: "__5", line: 343 }; return __func(_, this, arguments, __5, 4, __frame, function __$__5() { informed = { enabled: (options.enabled || false), expires: (options.expires || false), notBefore: (options.notBefore || false), keyOps: (options.keyOps || false), tags: (options.tags || false), resetTags: (options.resetTags || false) }; parseKeyPropertiesArguments(vaultName, keyName, keyVersion, options, false); client = createClient(options); keyIdentifier = getKeyIdentifier(options); return (function __$__5(__then) { if (informed.tags) { return (function __$__5(__then) { if (!informed.resetTags) { log.info(util.format($("Getting key %s"), keyIdentifier)); return client.keys.get(keyIdentifier, __cb(_, __frame, 35, 28, function ___(__0, __1) { key = __1; currentTags = key.tags; if (!currentTags) { currentTags = { }; } ; options.tags = kvUtils.mergeTags(currentTags, options.tags); __then(); }, true)); } else { __then(); } ; })(__then); } else { if (informed.resetTags) { informed.tags = true; options.tags = { }; } ; __then(); } ; })(function __$__5() { request = { attributes: { } }; if (informed.keyOps) { request.key_ops = options.keyOps; } ; if (informed.enabled) { request.attributes.enabled = options.enabled; } ; if (informed.notBefore) { request.attributes.nbf = options.notBefore; } ; if (informed.expires) { request.attributes.exp = options.expires; } ; if (informed.tags) { request.tags = options.tags; } ; log.verbose(("request: " + JSON.stringify(request, null, " "))); progress = cli.interaction.progress(util.format($("Updating key %s"), keyIdentifier)); return (function ___(__then) { (function ___(_) { __tryCatch(_, function __$__5() { return client.keys.update(keyIdentifier, request, __cb(_, __frame, 81, 26, function ___(__0, __2) { key = __2; _(null, null, true); }, true)); }); })(function ___(__e, __r, __cont) { (function ___(__then) { __tryCatch(_, function __$__5() { progress.end(); __then(); }); })(function ___() { __tryCatch(_, function ___() { if (__cont) { __then(); } else { _(__e, __r); }; }); }); }); })(function ___() { __tryCatch(_, function __$__5() { showKey(key); _(); }); }); }); }); }); key.command("show [vault-name] [key-name] [key-version]").description($("Shows properties of a vault key")).usage("[--vault-name] <vault-name> [--key-name] <key-name> [[--key-version] <key-version>] [options]").option("-u, --vault-name <vault-name>", $("the vault name")).option("-k, --key-name <key-name>", $("the key name")).option("-r, --key-version <key-version>", $("the key version; if ommited, uses the most recent")).execute(function __6(vaultName, keyName, keyVersion, options, _) { var client, keyIdentifier, progress; var __frame = { name: "__6", line: 438 }; return __func(_, this, arguments, __6, 4, __frame, function __$__6() { log.verbose(("arguments: " + JSON.stringify({ vaultName: vaultName, keyName: keyName, keyVersion: keyVersion, options: options }))); options.vaultName = (options.vaultName || vaultName); options.keyName = (options.keyName || keyName); options.keyVersion = (options.keyVersion || keyVersion); if (!options.vaultName) { return _(null, cli.missingArgument("vault-name")); } ; if (!options.keyName) { return _(null, cli.missingArgument("key-name")); } ; client = createClient(options); keyIdentifier = getKeyIdentifier(options); progress = cli.interaction.progress(util.format($("Getting key %s"), keyIdentifier)); return (function ___(__then) { (function ___(_) { __tryCatch(_, function __$__6() { return client.keys.get(keyIdentifier, __cb(_, __frame, 34, 26, function ___(__0, __1) { key = __1; _(null, null, true); }, true)); }); })(function ___(__e, __r, __cont) { (function ___(__then) { __tryCatch(_, function __$__6() { progress.end(); __then(); }); })(function ___() { __tryCatch(_, function ___() { if (__cont) { __then(); } else { _(__e, __r); }; }); }); }); })(function ___() { __tryCatch(_, function __$__6() { showKey(key); _(); }); }); }); }); key.command("delete [vault-name] [key-name]").description($("Deletes a key from the vault")).usage("[--vault-name] <vault-name> [--key-name] <key-name> [options]").option("-u, --vault-name <vault-name>", $("the vault name")).option("-k, --key-name <key-name>", $("the key name")).option("-q, --quiet", $("quiet mode (do not ask for delete confirmation)")).option("-p, --pass-thru", $("outputs the deleted key")).execute(function __7(vaultName, keyName, options, _) { var client, key, keyIdentifier, progress; var __frame = { name: "__7", line: 487 }; return __func(_, this, arguments, __7, 3, __frame, function __$__7() { log.verbose(("arguments: " + JSON.stringify({ vaultName: vaultName, keyName: keyName, options: options }))); options.vaultName = (options.vaultName || vaultName); options.keyName = (options.keyName || keyName); if (!options.vaultName) { return _(null, cli.missingArgument("vault-name")); } ; if (!options.keyName) { return _(null, cli.missingArgument("key-name")); } ; return (function __$__7(_) { var __1 = !options.quiet; if (!__1) { return _(null, __1); } ; return cli.interaction.confirm(util.format($("Delete key %s from vault %s? [y/n] "), options.keyName, options.vaultName), __cb(_, __frame, 23, 45, function ___(__0, __3) { var __2 = !__3; return _(null, __2); }, true)); })(__cb(_, __frame, -486, 17, function ___(__0, __2) { return (function __$__7(__then) { if (__2) { return _(new Error($("Aborted by user"))); } else { __then(); } ; })(function __$__7() { client = createClient(options); keyIdentifier = getKeyIdentifier(options); progress = cli.interaction.progress(util.format($("Deleting key %s"), keyIdentifier)); return (function ___(__then) { (function ___(_) { __tryCatch(_, function __$__7() { return client.keys.deleteKey(options.vaultUri, options.keyName, __cb(_, __frame, 37, 26, function ___(__0, __3) { key = __3; _(null, null, true); }, true)); }); })(function ___(__e, __r, __cont) { (function ___(__then) { __tryCatch(_, function __$__7() { progress.end(); __then(); }); })(function ___() { __tryCatch(_, function ___() { if (__cont) { __then(); } else { _(__e, __r); }; }); }); }); })(function ___() { __tryCatch(_, function __$__7() { if (options.passThru) { showKey(key); } ; _(); }); }); }); }, true)); }); }); key.command("backup [vault-name] [key-name] [output-file]").description($("Generates a protected backup of a vault key")).usage("[--vault-name] <vault-name> [--key-name] <key-name> [--output-file] <output-file> [options]").option("-u, --vault-name <vault-name>", $("the vault name")).option("-k, --key-name <key-name>", $("the key name")).option("-f, --output-file <output-file>", $("name of the binary file that will contain backup data")).execute(function __8(vaultName, keyName, outputFile, options, _) { var client, blob, keyIdentifier, progress, data; var __frame = { name: "__8", line: 540 }; return __func(_, this, arguments, __8, 4, __frame, function __$__8() { log.verbose(("arguments: " + JSON.stringify({ vaultName: vaultName, keyName: keyName, outputFile: outputFile, options: options }))); options.vaultName = (options.vaultName || vaultName); options.keyName = (options.keyName || keyName); options.outputFile = (options.outputFile || outputFile); if (!options.vaultName) { return _(null, cli.missingArgument("vault-name")); } ; if (!options.keyName) { return _(null, cli.missingArgument("key-name")); } ; if (!options.outputFile) { return _(null, cli.missingArgument("output-file")); } ; client = createClient(options); keyIdentifier = getKeyIdentifier(options); progress = cli.interaction.progress(util.format($("Requesting a backup blob for key %s"), keyIdentifier)); return (function ___(__then) { (function ___(_) { __tryCatch(_, function __$__8() { return client.keys.backup(keyIdentifier, __cb(_, __frame, 39, 27, function ___(__0, __1) { blob = __1; _(null, null, true); }, true)); }); })(function ___(__e, __r, __cont) { (function ___(__then) { __tryCatch(_, function __$__8() { progress.end(); __then(); }); })(function ___() { __tryCatch(_, function ___() { if (__cont) { __then(); } else { _(__e, __r); }; }); }); }); })(function ___() { __tryCatch(_, function __$__8() { data = kvUtils.base64UrlToBuffer(blob.value); log.info(util.format($("Writing file %s"), options.outputFile)); fs.writeFileSync(options.outputFile, data); _(); }); }); }); }); key.command("restore [vault-name] [input-file]").description($("Restores a backed up key to a vault")).usage("[--vault-name] <vault-name> [--input-file] <input-file> [options]").option("-u, --vault-name <vault-name>", $("the vault name")).option("-f, --input-file <input-file>", $("name of the binary file that contains backup data")).execute(function __9(vaultName, inputFile, options, _) { var buffer, request, client, key, progress; var __frame = { name: "__9", line: 595 }; return __func(_, this, arguments, __9, 3, __frame, function __$__9() { log.verbose(("arguments: " + JSON.stringify({ vaultName: vaultName, inputFile: inputFile, options: options }))); options.vaultName = (options.vaultName || vaultName); options.inputFile = (options.inputFile || inputFile); if (!options.vaultName) { return _(null, cli.missingArgument("vault-name")); } ; if (!options.inputFile) { return _(null, cli.missingArgument("input-file")); } ; log.info(util.format($("Reading file %s"), options.inputFile)); buffer = fs.readFileSync(options.inputFile); request = { value: kvUtils.bufferToBase64Url(buffer) }; client = createClient(options); log.verbose(("request: " + JSON.stringify(request, null, " "))); progress = cli.interaction.progress(util.format($("Restoring key into vault %s"), options.vaultUri)); return (function ___(__then) { (function ___(_) { __tryCatch(_, function __$__9() { return client.keys.restore(options.vaultUri, request, __cb(_, __frame, 41, 26, function ___(__0, __1) { key = __1; _(null, null, true); }, true)); }); })(function ___(__e, __r, __cont) { (function ___(__then) { __tryCatch(_, function __$__9() { progress.end(); __then(); }); })(function ___() { __tryCatch(_, function ___() { if (__cont) { __then(); } else { _(__e, __r); }; }); }); }); })(function ___() { __tryCatch(_, function __$__9() { showKey(key); _(); }); }); }); }); function createClient(options) { var subscription = profile.current.getSubscription(options.subscription); log.verbose(util.format($("Using subscription %s (%s)"), subscription.name, subscription.id)); options.vaultUri = (("https://" + options.vaultName) + subscription.keyVaultDnsSuffix); var newClient = utils.createKeyVaultClient(subscription, options.vaultUri); return new kvLegacy.KeyVaultClient(newClient._internalClient); }; function isPemEncrypted(pem) { var msg = forge.pem.decode(pem)[0]; if ((!msg || ((((msg.type !== "ENCRYPTED PRIVATE KEY") && (msg.type !== "PRIVATE KEY")) && (msg.type !== "RSA PRIVATE KEY"))))) { return false; } ; return ((msg.procType && (msg.procType.type === "ENCRYPTED"))); }; function getKeyIdentifier(options) { var kid = ((options.vaultUri + "/keys/") + options.keyName); if (options.keyVersion) { kid += ("/" + options.keyVersion); } ; return kid; }; function parseKeyPropertiesArguments(vaultName, keyName, keyVersion, options, requireDestination) { log.verbose(("arguments: " + JSON.stringify({ vaultName: vaultName, keyName: keyName, keyVersion: keyVersion, options: options }))); options.vaultName = (options.vaultName || vaultName); options.keyName = (options.keyName || keyName); options.keyVersion = (options.keyVersion || keyVersion); if (!options.vaultName) { return cli.missingArgument("vault-name"); } ; if (!options.keyName) { return cli.missingArgument("key-name"); } ; if ((requireDestination && !options.destination)) { return cli.missingArgument("destination"); } ; if (options.destination) { var kty; __.each(KEY_DEST_TYPE_MAP, function(value, key) { if (utils.ignoreCaseEquals(key, options.destination)) { kty = value; } ; }); if (!kty) { throw new Error(util.format($("Invalid value for destination argument. Accepted values are: %s"), KEY_DESTS.join(", "))); } ; options.hsm = ((kty === "RSA-HSM")); } else { options.hsm = false; } ; options.expires = kvUtils.parseDateArgument("expires", options.expires, null); options.notBefore = kvUtils.parseDateArgument("not-before", options.notBefore, null); options.keyOps = kvUtils.parseArrayArgument("key-ops", options.keyOps, KEY_OPS, []); options.enabled = kvUtils.parseBooleanArgument("enabled", options.enabled, true); options.tags = kvUtils.parseTagsArgument("tags", options.tags); }; function getKeyVersions(client, vaultUri, keyName, _) { var keys, result, items; var __frame = { name: "getKeyVersions", line: 720 }; return __func(_, this, arguments, getKeyVersions, 3, __frame, function __$getKeyVersions() { log.verbose(util.format($("Loading versions of key %s"), keyName)); keys = []; return client.keys.listVersions(vaultUri, keyName, null, __cb(_, __frame, 5, 29, function ___(__0, __1) { result = __1; return (function ___(__break) { var __more; var __loop = __cb(_, __frame, 0, 0, function __$getKeyVersions() { __more = false; var __4 = 1; if (__4) { items = result.value; if ((items && items.length)) { keys = keys.concat(items); } ; if (!result.nextLink) { return __break(); } ; log.verbose(util.format($("Found %d versions, loading more"), keys.length)); return client.keys.listVersionsNext(result.nextLink, __cb(_, __frame, 15, 27, function ___(__0, __2) { result = __2; while (__more) { __loop(); }; __more = true; }, true)); } else { __break(); } ; }); do { __loop(); } while (__more); __more = true; })(function __$getKeyVersions() { return _(null, keys); }); }, true)); }); }; function showKey(key) { cli.interaction.formatOutput(key, function(key) { key.attributes = kvUtils.getAttributesWithPrettyDates(key.attributes); utils.logLineFormat(key, log.data); }); }; function showKeyRow(row, item) { var identifier = kvUtils.parseKeyIdentifier(item.kid); row.cell($("Name"), identifier.name); if (identifier.version) { row.cell($("Version"), identifier.version); } ; row.cell($("Enabled"), item.attributes.enabled); var attributes = kvUtils.getAttributesWithPrettyDates(item.attributes); row.cell($("Not Before"), (attributes.nbf || "")); row.cell($("Expires"), (attributes.exp || "")); row.cell($("Created"), attributes.created); row.cell($("Updated"), attributes.updated); }; function setRsaParameters(dest, key) { dest.n = bigIntegerToBase64Url(key.n); dest.e = bigIntegerToBase64Url(key.e); dest.d = bigIntegerToBase64Url(key.d); dest.p = bigIntegerToBase64Url(key.p); dest.q = bigIntegerToBase64Url(key.q); dest.dp = bigIntegerToBase64Url(key.dP); dest.dq = bigIntegerToBase64Url(key.dQ); dest.qi = bigIntegerToBase64Url(key.qInv); }; function bigIntegerToBase64Url(n) { var data = n.toByteArray(); var leadingZeroes = 0; while (((leadingZeroes < data.length) && (data[leadingZeroes] === 0))) { ++leadingZeroes; }; if (leadingZeroes) { data = data.slice(leadingZeroes); } ; var buffer = new Buffer(data); return kvUtils.bufferToBase64Url(buffer); }; function setHsmParameters(dest, byokBlob) { dest.key_hsm = kvUtils.bufferToBase64Url(byokBlob); };};