AzureKeyVault/R/stored_key.R

stored_key <- R6::R6Class("stored_key",

public=list(

    token=NULL,
    url=NULL,
    name=NULL,
    version=NULL,
    key=NULL,
    attributes=NULL,
    managed=NULL,
    tags=NULL,

    initialize=function(token, url, name, version, properties)
    {
        self$token <- token
        self$url <- url
        self$name <- name
        self$version <- version

        lapply(names(properties), function(n)
        {
            if(exists(n, self))
                self[[n]] <- properties[[n]]
            else warning("Unexpected property: ", n)
        })

        if(is.null(self$version))
            self$version <- basename(self$key$kid)
    },

    encrypt=function(plaintext, algorithm=c("RSA-OAEP", "RSA-OAEP-256", "RSA1_5"))
    {
        if(!is.raw(plaintext) && !is.character(plaintext) && length(plaintext) != 1)
            stop("Can only encrypt raw or character plaintext")

        body <- list(
            alg=match.arg(algorithm),
            value=plaintext
        )
        self$do_operation("encrypt", body=body, encode="json", http_verb="POST")$value
    },

    decrypt=function(ciphertext, algorithm=c("RSA-OAEP", "RSA-OAEP-256", "RSA1_5"))
    {
        if(!is.raw(ciphertext) && !is.character(ciphertext) && length(ciphertext) != 1)
            stop("Can only decrypt raw or character ciphertext")

        body <- list(
            alg=match.arg(algorithm),
            value=ciphertext
        )
        self$do_operation("decrypt", body=body, encode="json", http_verb="POST")$value
    },

    sign=function(digest,
                  algorithm=c("ES256", "ES256K", "ES384", "ES512", "PS256",
                              "PS384", "PS512", "RS256", "RS384", "RS512"))
    {
        if(!is.raw(digest) && !is.character(digest) && length(digest) != 1)
            stop("Can only sign raw or character digest")

        body <- list(
            alg=match.arg(algorithm),
            value=jose::base64url_encode(digest)
        )
        self$do_operation("sign", body=body, encode="json", http_verb="POST")$value
    },

    verify=function(signature, digest,
                    algorithm=c("ES256", "ES256K", "ES384", "ES512", "PS256",
                                "PS384", "PS512", "RS256", "RS384", "RS512"))
    {
        if(!is.raw(signature) && !is.character(signature) && length(signature) != 1)
            stop("Can only verify raw or character signature")

        if(!is.raw(digest) && !is.character(digest) && length(digest) != 1)
            stop("Can only verify raw or character digest")

        body <- list(
            alg=match.arg(algorithm),
            digest=jose::base64url_encode(digest),
            value=signature
        )
        self$do_operation("verify", body=body, encode="json", http_verb="POST")$value
    },

    wrap=function(value, algorithm=c("RSA-OAEP", "RSA-OAEP-256", "RSA1_5"))
    {
        if(!is.raw(value) && !is.character(value) && length(value) != 1)
            stop("Can only wrap raw or character input")

        body <- list(
            alg=match.arg(algorithm),
            value=value
        )
        self$do_operation("wrapkey", body=body, encode="json", http_verb="POST")$value
    },

    unwrap=function(value, algorithm=c("RSA-OAEP", "RSA-OAEP-256", "RSA1_5"))
    {
        if(!is.raw(value) && !is.character(value) && length(value) != 1)
            stop("Can only wrap raw or character input")

        body <- list(
            alg=match.arg(algorithm),
            value=value
        )
        self$do_operation("unwrapkey", body=body, encode="json", http_verb="POST")$value
    },

    do_operation=function(op="", ..., options=list())
    {
        url <- self$url
        url$path <- construct_path("keys", self$name, self$version, op)
        url$query <- options
        call_vault_url(self$token, url, ...)
    }
))
implement key object 2019-04-11 08:00:53 +03:00			`stored_key <- R6::R6Class("stored_key",`

			`public=list(`

			`token=NULL,`
			`url=NULL,`
			`name=NULL,`
			`version=NULL,`
			`key=NULL,`
			`attributes=NULL,`
			`managed=NULL,`
			`tags=NULL,`

			`initialize=function(token, url, name, version, properties)`
			`{`
			`self$token <- token`
			`self$url <- url`
			`self$name <- name`
			`self$version <- version`

			`lapply(names(properties), function(n)`
			`{`
			`if(exists(n, self))`
			`self[[n]] <- properties[[n]]`
cert object 2019-04-11 10:04:38 +03:00			`else warning("Unexpected property: ", n)`
implement key object 2019-04-11 08:00:53 +03:00			`})`

			`if(is.null(self$version))`
			`self$version <- basename(self$key$kid)`
			`},`

keyobj methods fixing 2019-04-11 08:18:27 +03:00			`encrypt=function(plaintext, algorithm=c("RSA-OAEP", "RSA-OAEP-256", "RSA1_5"))`
implement key object 2019-04-11 08:00:53 +03:00			`{`
			`if(!is.raw(plaintext) && !is.character(plaintext) && length(plaintext) != 1)`
			`stop("Can only encrypt raw or character plaintext")`

			`body <- list(`
			`alg=match.arg(algorithm),`
			`value=plaintext`
			`)`
			`self$do_operation("encrypt", body=body, encode="json", http_verb="POST")$value`
			`},`

keyobj methods fixing 2019-04-11 08:18:27 +03:00			`decrypt=function(ciphertext, algorithm=c("RSA-OAEP", "RSA-OAEP-256", "RSA1_5"))`
implement key object 2019-04-11 08:00:53 +03:00			`{`
			`if(!is.raw(ciphertext) && !is.character(ciphertext) && length(ciphertext) != 1)`
			`stop("Can only decrypt raw or character ciphertext")`

			`body <- list(`
			`alg=match.arg(algorithm),`
			`value=ciphertext`
			`)`
			`self$do_operation("decrypt", body=body, encode="json", http_verb="POST")$value`
			`},`

keyobj methods fixing 2019-04-11 08:18:27 +03:00			`sign=function(digest,`
implement key object 2019-04-11 08:00:53 +03:00			`algorithm=c("ES256", "ES256K", "ES384", "ES512", "PS256",`
keyobj methods fixing 2019-04-11 08:18:27 +03:00			`"PS384", "PS512", "RS256", "RS384", "RS512"))`
implement key object 2019-04-11 08:00:53 +03:00			`{`
			`if(!is.raw(digest) && !is.character(digest) && length(digest) != 1)`
			`stop("Can only sign raw or character digest")`

			`body <- list(`
			`alg=match.arg(algorithm),`
key sign/verify works 2019-04-11 08:33:11 +03:00			`value=jose::base64url_encode(digest)`
implement key object 2019-04-11 08:00:53 +03:00			`)`
			`self$do_operation("sign", body=body, encode="json", http_verb="POST")$value`
			`},`

keyobj methods fixing 2019-04-11 08:18:27 +03:00			`verify=function(signature, digest,`
implement key object 2019-04-11 08:00:53 +03:00			`algorithm=c("ES256", "ES256K", "ES384", "ES512", "PS256",`
keyobj methods fixing 2019-04-11 08:18:27 +03:00			`"PS384", "PS512", "RS256", "RS384", "RS512"))`
implement key object 2019-04-11 08:00:53 +03:00			`{`
			`if(!is.raw(signature) && !is.character(signature) && length(signature) != 1)`
			`stop("Can only verify raw or character signature")`

			`if(!is.raw(digest) && !is.character(digest) && length(digest) != 1)`
			`stop("Can only verify raw or character digest")`

			`body <- list(`
			`alg=match.arg(algorithm),`
key sign/verify works 2019-04-11 08:33:11 +03:00			`digest=jose::base64url_encode(digest),`
implement key object 2019-04-11 08:00:53 +03:00			`value=signature`
			`)`
			`self$do_operation("verify", body=body, encode="json", http_verb="POST")$value`
			`},`

keyobj methods fixing 2019-04-11 08:18:27 +03:00			`wrap=function(value, algorithm=c("RSA-OAEP", "RSA-OAEP-256", "RSA1_5"))`
implement key object 2019-04-11 08:00:53 +03:00			`{`
			`if(!is.raw(value) && !is.character(value) && length(value) != 1)`
			`stop("Can only wrap raw or character input")`

			`body <- list(`
			`alg=match.arg(algorithm),`
			`value=value`
			`)`
			`self$do_operation("wrapkey", body=body, encode="json", http_verb="POST")$value`
			`},`

keyobj methods fixing 2019-04-11 08:18:27 +03:00			`unwrap=function(value, algorithm=c("RSA-OAEP", "RSA-OAEP-256", "RSA1_5"))`
implement key object 2019-04-11 08:00:53 +03:00			`{`
			`if(!is.raw(value) && !is.character(value) && length(value) != 1)`
			`stop("Can only wrap raw or character input")`

			`body <- list(`
			`alg=match.arg(algorithm),`
			`value=value`
			`)`
			`self$do_operation("unwrapkey", body=body, encode="json", http_verb="POST")$value`
			`},`

secret object, more refactoring 2019-04-11 09:37:28 +03:00			`do_operation=function(op="", ..., options=list())`
implement key object 2019-04-11 08:00:53 +03:00			`{`
			`url <- self$url`
			`url$path <- construct_path("keys", self$name, self$version, op)`
secret object, more refactoring 2019-04-11 09:37:28 +03:00			`url$query <- options`
implement key object 2019-04-11 08:00:53 +03:00			`call_vault_url(self$token, url, ...)`
			`}`
			`))`