Key Vault data-plane SDK with certificate feature

lib/services/keyVault/README.md

@@ -1,7 +1,7 @@
 # Microsoft Azure SDK for Node.js - Key Vault
 
 This project provides a Node.js package for accessing keys and secrets on Azure Key Vault. Right now it supports:
-- **Node.js version: 0.8.28 or higher**
+- **Node.js version: 4.x.x or higher**
 - **REST API version: 2015-06-01**
 
 ## Features
@@ -9,6 +9,7 @@ This project provides a Node.js package for accessing keys and secrets on Azure
 - Manage keys: create, import, update, delete, backup, restore, list and get.
 - Key operations: sign, verify, encrypt, decrypt, wrap, unwrap.
 - Secret operations: set, get, update and list.
+- Certificate operations: set, get, update and list.
 
 ## How to Install
 
@@ -21,105 +22,186 @@ npm install azure-keyvault
 The following example writes and reads a secret, creates a key and uses it for encrypt and decrypt some data.
 
 ```javascript
-var async = require('async');
-var adalNode = require('adal-node'); // Used for authentication
-var azureKeyVault = require('azure-keyvault');
+var KeyVault = require('azure-keyvault');
+var util = require('util');
+var Crypto = require('crypto');
+var AuthenticationContext = require('adal-node').AuthenticationContext;
 
-var clientId = '<your client id>';
-var clientSecret = '<your client secret>';
+var clientId = "<to-be-filled>";
+var clientSecret = "<to-be-filled>";
+var vaultUri = "<to-be-filled>";
 
-var credentials = new azureKeyVault.KeyVaultCredentials(authenticator);
-var client = new azureKeyVault.KeyVaultClient(credentials);
+// Authenticator - retrieves the access token
+var authenticator = function (challenge, callback) {
 
-var vaultUri = 'https://<my vault>.vault.azure.net';
-var secret = 'Chocolate is hidden in the toothpaste cabinet';
-var secretId;
-var kid;
-var plainText = '1234567890';
-var cipherText;
-
-async.series([  
-
-  function (next) {
-    // Writes a secret
-    var request = { value: secret };
-    console.info('Writing secret...');
-    client.setSecret(vaultUri, 'mySecret', request, function(err, result) {
-      if (err) throw err;
-      console.info('Secret written: ' + JSON.stringify(result, null, ' '));
-      secretId = result.id;
-      next();
-    });
-  },
-
-  function (next) {
-    // Reads a secret
-    console.info('Reading secret...');
-    client.getSecret(secretId, function(err, result) {
-      if (err) throw err;
-      console.info('Secret read: ' + JSON.stringify(result, null, ' '));
-      next();
-    });
-  },
-
-  function (next) {
-    // Creates a key
-    var request = { kty: "RSA", key_ops: ["encrypt", "decrypt"] };
-    console.info('Creating key...');
-    client.createKey(vaultUri, 'mykey', request, function(err, result) {
-      if (err) throw err;
-      console.info('Key created: ' + JSON.stringify(result));
-      kid = result.key.kid;
-      next();
-    });
-  },
-
-  function (next) {
-    // Encrypts some data with the key.
-    console.info('Encrypting text...');
-    client.encrypt(kid, 'RSA-OAEP', new Buffer(plainText), function(err, result) {
-      if (err) throw err;
-      console.info('Encryption result: ' + JSON.stringify(result));
-      cipherText = result.value;
-      next();
-    });
-  },
-  
-  function (next) {
-    // Decrypts data with the key.
-    console.info('Decrypting text...');
-    client.decrypt(kid, 'RSA-OAEP', cipherText, function(err, result) {
-      if (err) throw err;
-      console.info('Decryption result: ' + JSON.stringify(result));
-      var decrypted = result.value.toString();
-      if (decrypted !== plainText) {
-        throw new Error('Was expecting "' + plainText + '", not "' + decrypted + '".');
-      }
-      next();
-    });
-  },
-  
-  function (next) {
-    console.info('Finished with success!');
-    next();
-  }
-
-]);
-
-function authenticator(challenge, callback) {
   // Create a new authentication context.
-  var context = new adalNode.AuthenticationContext(challenge.authorization);
+  var context = new AuthenticationContext(challenge.authorization);
+  
   // Use the context to acquire an authentication token.
-  return context.acquireTokenWithClientCredentials(challenge.resource, clientId, clientSecret, function(err, tokenResponse) {
-      if (err) throw err;
-      // Calculate the value to be set in the request's Authorization header and resume the call.
-      var authorizationValue = tokenResponse.tokenType + ' ' + tokenResponse.accessToken;
-      return callback(null, authorizationValue);
+  return context.acquireTokenWithClientCredentials(challenge.resource, clientId, clientSecret, function (err, tokenResponse) {
+    if (err) throw err;
+    // Calculate the value to be set in the request's Authorization header and resume the call.
+    var authorizationValue = tokenResponse.tokenType + ' ' + tokenResponse.accessToken;
+
+    return callback(null, authorizationValue);
   });
-}
+
+};
+
+var credentials = new KeyVault.KeyVaultCredentials(authenticator);
+var client = new KeyVault.KeyVaultClient(credentials);
+
+var attributes = { expires: new Date('2050-02-02T08:00:00.000Z'), notBefore: new Date('2016-01-01T08:00:00.000Z') };
+var keyOperations = ['encrypt', 'decrypt', 'sign', 'verify', 'wrapKey', 'unwrapKey'];
+
+//Create a key
+client.createKey(vaultUri, 'mykey', 'RSA', { keyOps: keyOperations, keyAttributes: attributes }, function(err, keyBundle) {
+  if (err) throw err;
+  console.log('\n\nkey ', keyBundle.key.kid, ' is created.\n', util.inspect(keyBundle, { depth: null }));
+
+  // Retrieve the key
+  client.getKey(keyBundle.key.kid, function(getErr, getKeyBundle) {
+    if (getErr) throw getErr;    
+    console.log('\n\nkey ', getKeyBundle.key.kid, ' is retrieved.\n');
+    
+    // Encrypt a plain text
+    var encryptionContent = new Buffer('This message is to be encrypted...');
+    client.encrypt(keyBundle.key.kid, 'RSA-OAEP', encryptionContent, function (encryptErr, cipherText) {
+      if (encryptErr) throw encryptErr;
+      console.log('\n\nText is encrypted: ', cipherText.result);
+      
+      // Decrypt a cipher text
+      client.decrypt(keyBundle.key.kid, 'RSA-OAEP', cipherText.result, function (decryptErr, plainText) {
+        if (decryptErr) throw decryptErr;
+        console.log('\n\nThe encrypted cipher text is decrypted to: ', plainText.result);
+      });
+    });
+
+    // Sign a digest value
+    var hash = Crypto.createHash('sha256');
+    var digest = hash.update(new Buffer('sign me')).digest();
+    client.sign(keyBundle.key.kid, 'RS256', digest, function (signErr, signature) {
+      if (signErr) throw signErr;
+      console.log('The signature for digest ', digest, ' is: ', signature.result);
+      
+      // Verify a signature
+      client.verify(keyBundle.key.kid, 'RS256', digest, signature.result, function (verifyErr, verification) {
+        if (verifyErr) throw verifyErr;
+        console.log('The verification', verification.value === true? 'succeeded':'failed');
+      });
+    });
+
+  });
+  
+  // Update the key with new tags
+  client.updateKey(keyBundle.key.kid, {tags: {'tag1': 'this is tag1', 'tag2': 'this is tag2'}}, function (getErr, updatedKeyBundle) {
+    if (getErr) throw getErr;
+    console.log('\n\nkey ', updatedKeyBundle.key.kid, ' is updated.\n', util.inspect(updatedKeyBundle, { depth: null }));
+  });
+  
+  // List all versions of the key
+  var parsedId = KeyVault.parseKeyIdentifier(keyBundle.key.kid);
+  client.getKeyVersions(parsedId.vault, parsedId.name, function (getVersionsErr, result) {
+    if (getVersionsErr) throw getVersionsErr;
+    
+    var loop = function (nextLink) {
+      if (nextLink !== null && nextLink !== undefined) {
+        client.getKeyVersionsNext(nextLink, function (err, res) {
+          console.log(res);
+          loop(res.nextLink);
+        });
+      }
+    };
+    
+    console.log(result);
+    loop(result.nextLink);      
+  });
+});
+
+
+//Create a secret
+client.setSecret(vaultUri, 'mysecret', 'my password', { contentType: 'test secret', secretAttributes: attributes }, function (err, secretBundle) {
+  if (err) throw err;
+  console.log('\n\nSecret ', secretBundle.id, ' is created.\n', util.inspect(secretBundle, { depth: null }));
+  
+  // Retrieve the secret
+  client.getSecret(secretBundle.id, function (getErr, getSecretBundle) {
+    if (getErr) throw getErr;
+    console.log('\n\nSecret ', getSecretBundle.id, ' is retrieved.\n');
+  });
+  
+  // List all secrets
+  var parsedId = KeyVault.parseSecretIdentifier(secretBundle.id);
+  client.getSecrets(parsedId.vault, parsedId.name, function (err, result) {
+    if (err) throw err;
+    
+    var loop = function (nextLink) {
+      if (nextLink !== null && nextLink !== undefined) {
+        client.getSecretsNext(nextLink, function (err, res) {
+          console.log(res);
+          loop(res.nextLink);
+        });
+      }
+    };
+    
+    console.log(result);
+    loop(result.nextLink);
+  });
+});
+
+var certificatePolicy = {
+  keyProperties : {
+    exportable: true,
+    reuseKey : false,
+    keySize : 2048,
+    keyType : 'RSA'
+  },          
+  secretProperties : {
+    contentType : 'application/x-pkcs12'
+  },
+  issuerReference : {
+    name : 'Self'
+  },
+  x509CertificateProperties : {
+    subject : 'CN=*.microsoft.com',
+    subjectAlternativeNames : ["onedrive.microsoft.com", "xbox.microsoft.com"],
+    validityInMonths : 24
+  }
+};
+var intervalTime = 5000;
+
+//Create a certificate
+client.createCertificate(vaultUri, 'mycertificate', { certificatePolicy: certificatePolicy }, function (err, certificateOperation) {
+  if (err) throw err;  
+  console.log('\n\nCertificate', certificateOperation.id, 'is being created.\n', util.inspect(certificateOperation, { depth: null }));
+
+  // Poll the certificate status until it is created
+  var interval = setInterval(function getCertStatus() {
+        
+    var parsedId = KeyVault.parseCertificateOperationIdentifier(certificateOperation.id);
+    client.getCertificateOperation(parsedId.vault, parsedId.name, function (err, pendingCertificate) {
+      if (err) throw err;
+      
+      if (pendingCertificate.status.toUpperCase() === 'completed'.toUpperCase()) {
+        clearInterval(interval);        
+        console.log('\n\nCertificate', pendingCertificate.target, 'is created.\n', util.inspect(pendingCertificate, { depth: null }));
+        
+        var parsedCertId = KeyVault.parseCertificateIdentifier(pendingCertificate.target);
+        //Delete the created certificate
+        client.deleteCertificate(parsedCertId.vault, parsedCertId.name, function (delErr, deleteResp) {          
+          console.log('\n\nCertificate', pendingCertificate.target, 'is deleted.\n');
+        });
+      }      
+      else if (pendingCertificate.status.toUpperCase() === 'InProgress'.toUpperCase()) {
+        console.log('\n\nCertificate', certificateOperation.id, 'is being created.\n', util.inspect(pendingCertificate, { depth: null }));
+      }
+    });
+  }, intervalTime);
+});
+
 ```
 
 ## Related projects
 
 - [Microsoft Azure SDK for Node.js](https://github.com/azure/azure-sdk-for-node)
-- [Microsoft Azure SDK for Node.js - Key Vault Management](https://github.com/Azure/azure-sdk-for-node/tree/master/lib/services/keyVault)
+- [Microsoft Azure SDK for Node.js - Key Vault Management](https://github.com/Azure/azure-sdk-for-node/tree/master/lib/services/keyVaultManagement)

lib/services/keyVault/lib/jwk.js

@@ -61,78 +61,9 @@ JsonWebKeyType.OCT = 'oct';
 
 /** @class
   */
-function JsonWebKey() {
-  
-  /** The key identifier.
-    * @member {string}
-    */
-  this.kid = null;
-
-  /** The key type. Typically is one of {@linkcode JsonWebKeyType} constants.
-    * @member {string}
-    */
-  this.kty = null;
-
-  /** An array describing the operations supported by this key.
-    * @member {string[]}
-    */        
-  this.key_ops = null;
-  
-  /** Symmetric key material.
-    * @member {Buffer}
-    */        
-  this.k = null;
-  
-  /** The RSA public modulus.
-    * @member {Buffer}
-    */        
-  this.n = null;
-  
-  /** The RSA public exponent.
-    * @member {Buffer}
-    */        
-  this.e = null;
-  
-  /** An RSA private key component.
-    * @member {Buffer}
-    */        
-  this.d = null;
-  
-  /** An RSA private key component.
-    * @member {Buffer}
-    */        
-  this.p = null;
-  
-  /** An RSA private key component.
-    * @member {Buffer}
-    */        
-  this.q = null;
-  
-  /** An RSA private key component.
-    * @member {Buffer}
-    */        
-  this.dp = null;
-  
-  /** An RSA private key component.
-    * @member {Buffer}
-    */        
-  this.dq = null;
-  
-  /** An RSA private key component.
-    * @member {Buffer}
-    */        
-  this.qi = null;
-  
-  /** HSM Token, used with "Bring Your Own Key".
-    * @member {Buffer}
-    */        
-  this.key_hsm = null;
-
-}
 
 var exports = module.exports;
 
 exports.JsonWebKeyEncryptionAlgorithms = JsonWebKeyEncryptionAlgorithms;
 exports.JsonWebKeySignatureAlgorithms = JsonWebKeySignatureAlgorithms;
-exports.JsonWebKeyType = JsonWebKeyType;
-exports.JsonWebKey = JsonWebKey;
+exports.JsonWebKeyType = JsonWebKeyType;

lib/services/keyVault/lib/keyVaultCredentials.js

@@ -18,9 +18,9 @@
 /* jshint latedef:false */
 
 var Url = require('url');
-var AzureCommon = require('azure-common');
-var HeaderConstants = AzureCommon.Constants.HeaderConstants;
-var requestPipeline = AzureCommon.requestPipeline;
+var msRest = require('ms-rest');
+var HeaderConstants = msRest.Constants.HeaderConstants;
+var requestPipeline = msRest.requestPipeline;
 
 /**
  * An object that performs authentication for Key Vault.
@@ -178,4 +178,4 @@ function getAuthority(uri) {
   }
   result += host;
   return result;
-}
+}

lib/services/keyVault/lib/models/action.js

@@ -0,0 +1,53 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+/**
+ * @class
+ * Initializes a new instance of the Action class.
+ * @constructor
+ * The action that will be executed.
+ *
+ * @member {string} [actionType] The type of the action. Possible values
+ * include: 'EmailContacts', 'AutoRenew'
+ * 
+ */
+function Action() {
+}
+
+/**
+ * Defines the metadata of Action
+ *
+ * @returns {object} metadata of Action
+ *
+ */
+Action.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'Action',
+    type: {
+      name: 'Composite',
+      className: 'Action',
+      modelProperties: {
+        actionType: {
+          required: false,
+          serializedName: 'action_type',
+          type: {
+            name: 'Enum',
+            allowedValues: [ 'EmailContacts', 'AutoRenew' ]
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = Action;

lib/services/keyVault/lib/models/administratorDetails.js

@@ -0,0 +1,78 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+/**
+ * @class
+ * Initializes a new instance of the AdministratorDetails class.
+ * @constructor
+ * Details of the organization administrator of the certificate issuer
+ *
+ * @member {string} [firstName] First name.
+ * 
+ * @member {string} [lastName] Last name.
+ * 
+ * @member {string} [emailAddress] Email addresss.
+ * 
+ * @member {string} [phone] Phone number.
+ * 
+ */
+function AdministratorDetails() {
+}
+
+/**
+ * Defines the metadata of AdministratorDetails
+ *
+ * @returns {object} metadata of AdministratorDetails
+ *
+ */
+AdministratorDetails.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'AdministratorDetails',
+    type: {
+      name: 'Composite',
+      className: 'AdministratorDetails',
+      modelProperties: {
+        firstName: {
+          required: false,
+          serializedName: 'first_name',
+          type: {
+            name: 'String'
+          }
+        },
+        lastName: {
+          required: false,
+          serializedName: 'last_name',
+          type: {
+            name: 'String'
+          }
+        },
+        emailAddress: {
+          required: false,
+          serializedName: 'email',
+          type: {
+            name: 'String'
+          }
+        },
+        phone: {
+          required: false,
+          serializedName: 'phone',
+          type: {
+            name: 'String'
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = AdministratorDetails;

lib/services/keyVault/lib/models/attributes.js

@@ -0,0 +1,89 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+/**
+ * @class
+ * Initializes a new instance of the Attributes class.
+ * @constructor
+ * The object attributes managed by the KeyVault service
+ *
+ * @member {boolean} [enabled] Determines whether the object is enabled
+ * 
+ * @member {date} [notBefore] Not before date in UTC
+ * 
+ * @member {date} [expires] Expiry date in UTC
+ * 
+ * @member {date} [created] Creation time in UTC
+ * 
+ * @member {date} [updated] Last updated time in UTC
+ * 
+ */
+function Attributes() {
+}
+
+/**
+ * Defines the metadata of Attributes
+ *
+ * @returns {object} metadata of Attributes
+ *
+ */
+Attributes.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'Attributes',
+    type: {
+      name: 'Composite',
+      className: 'Attributes',
+      modelProperties: {
+        enabled: {
+          required: false,
+          serializedName: 'enabled',
+          type: {
+            name: 'Boolean'
+          }
+        },
+        notBefore: {
+          required: false,
+          serializedName: 'nbf',
+          type: {
+            name: 'UnixTime'
+          }
+        },
+        expires: {
+          required: false,
+          serializedName: 'exp',
+          type: {
+            name: 'UnixTime'
+          }
+        },
+        created: {
+          required: false,
+          readOnly: true,
+          serializedName: 'created',
+          type: {
+            name: 'UnixTime'
+          }
+        },
+        updated: {
+          required: false,
+          readOnly: true,
+          serializedName: 'updated',
+          type: {
+            name: 'UnixTime'
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = Attributes;

lib/services/keyVault/lib/models/backupKeyResult.js

@@ -0,0 +1,52 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+/**
+ * @class
+ * Initializes a new instance of the BackupKeyResult class.
+ * @constructor
+ * The backup key result, containing the backup blob
+ *
+ * @member {buffer} [value] The backup blob containing the backed up key
+ * 
+ */
+function BackupKeyResult() {
+}
+
+/**
+ * Defines the metadata of BackupKeyResult
+ *
+ * @returns {object} metadata of BackupKeyResult
+ *
+ */
+BackupKeyResult.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'BackupKeyResult',
+    type: {
+      name: 'Composite',
+      className: 'BackupKeyResult',
+      modelProperties: {
+        value: {
+          required: false,
+          readOnly: true,
+          serializedName: 'value',
+          type: {
+            name: 'Base64Url'
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = BackupKeyResult;

lib/services/keyVault/lib/models/certificateAttributes.js

@@ -0,0 +1,86 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+var models = require('./index');
+
+var util = require('util');
+
+/**
+ * @class
+ * Initializes a new instance of the CertificateAttributes class.
+ * @constructor
+ * The certificate management attributes
+ *
+ */
+function CertificateAttributes() {
+  CertificateAttributes['super_'].call(this);
+}
+
+util.inherits(CertificateAttributes, models['Attributes']);
+
+/**
+ * Defines the metadata of CertificateAttributes
+ *
+ * @returns {object} metadata of CertificateAttributes
+ *
+ */
+CertificateAttributes.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'CertificateAttributes',
+    type: {
+      name: 'Composite',
+      className: 'CertificateAttributes',
+      modelProperties: {
+        enabled: {
+          required: false,
+          serializedName: 'enabled',
+          type: {
+            name: 'Boolean'
+          }
+        },
+        notBefore: {
+          required: false,
+          serializedName: 'nbf',
+          type: {
+            name: 'UnixTime'
+          }
+        },
+        expires: {
+          required: false,
+          serializedName: 'exp',
+          type: {
+            name: 'UnixTime'
+          }
+        },
+        created: {
+          required: false,
+          readOnly: true,
+          serializedName: 'created',
+          type: {
+            name: 'UnixTime'
+          }
+        },
+        updated: {
+          required: false,
+          readOnly: true,
+          serializedName: 'updated',
+          type: {
+            name: 'UnixTime'
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = CertificateAttributes;

lib/services/keyVault/lib/models/certificateBundle.js

@@ -0,0 +1,203 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+var models = require('./index');
+
+/**
+ * @class
+ * Initializes a new instance of the CertificateBundle class.
+ * @constructor
+ * A certificate bundle consists of a certificate (X509) plus its attributes.
+ *
+ * @member {string} [id] The certificate id
+ * 
+ * @member {string} [kid] The key id
+ * 
+ * @member {string} [sid] The secret id
+ * 
+ * @member {buffer} [x509Thumbprint] Thumbprint of the certificate.
+ * 
+ * @member {object} [policy] The management policy.
+ * 
+ * @member {string} [policy.id] The certificate id
+ * 
+ * @member {object} [policy.keyProperties] Properties of the key backing a
+ * certificate.
+ * 
+ * @member {boolean} [policy.keyProperties.exportable] Indicates if the
+ * private key can be exported.
+ * 
+ * @member {string} [policy.keyProperties.keyType] The key type.
+ * 
+ * @member {number} [policy.keyProperties.keySize] The key size in bytes. e.g.
+ * 1024 or 2048.
+ * 
+ * @member {boolean} [policy.keyProperties.reuseKey] Indicates if the same key
+ * pair will be used on certificate renewal.
+ * 
+ * @member {object} [policy.secretProperties] Properties of the secret backing
+ * a certificate.
+ * 
+ * @member {string} [policy.secretProperties.contentType] The media type (MIME
+ * type).
+ * 
+ * @member {object} [policy.x509CertificateProperties] Properties of the X509
+ * component of a certificate.
+ * 
+ * @member {string} [policy.x509CertificateProperties.subject] The subject
+ * name. Should be a valid X509 Distinguished Name.
+ * 
+ * @member {array} [policy.x509CertificateProperties.ekus] The enhaunced key
+ * usage.
+ * 
+ * @member {object} [policy.x509CertificateProperties.subjectAlternativeNames]
+ * The subject alternative names.
+ * 
+ * @member {array}
+ * [policy.x509CertificateProperties.subjectAlternativeNames.emails] Email
+ * addresses.
+ * 
+ * @member {array}
+ * [policy.x509CertificateProperties.subjectAlternativeNames.dnsNames] Domain
+ * names.
+ * 
+ * @member {array}
+ * [policy.x509CertificateProperties.subjectAlternativeNames.upns] User
+ * principal names.
+ * 
+ * @member {array} [policy.x509CertificateProperties.keyUsage] List of key
+ * usages.
+ * 
+ * @member {number} [policy.x509CertificateProperties.validityInMonths] The
+ * subject alternate names.
+ * 
+ * @member {array} [policy.lifetimeActions] Actions that will be performed by
+ * Key Vault over the lifetime of a certificate.
+ * 
+ * @member {object} [policy.issuerReference] Reference to the issuer of the
+ * X509 component of a certificate.
+ * 
+ * @member {string} [policy.issuerReference.name] Name of the referenced
+ * issuer object.
+ * 
+ * @member {object} [policy.attributes] The certificate attributes.
+ * 
+ * @member {buffer} [cer] CER contents of x509 certificate.
+ * 
+ * @member {string} [contentType] The content type of the secret
+ * 
+ * @member {object} [attributes] The certificate attributes.
+ * 
+ * @member {object} [tags] Application-specific metadata in the form of
+ * key-value pairs
+ * 
+ */
+function CertificateBundle() {
+}
+
+/**
+ * Defines the metadata of CertificateBundle
+ *
+ * @returns {object} metadata of CertificateBundle
+ *
+ */
+CertificateBundle.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'CertificateBundle',
+    type: {
+      name: 'Composite',
+      className: 'CertificateBundle',
+      modelProperties: {
+        id: {
+          required: false,
+          readOnly: true,
+          serializedName: 'id',
+          type: {
+            name: 'String'
+          }
+        },
+        kid: {
+          required: false,
+          readOnly: true,
+          serializedName: 'kid',
+          type: {
+            name: 'String'
+          }
+        },
+        sid: {
+          required: false,
+          readOnly: true,
+          serializedName: 'sid',
+          type: {
+            name: 'String'
+          }
+        },
+        x509Thumbprint: {
+          required: false,
+          readOnly: true,
+          serializedName: 'x5t',
+          type: {
+            name: 'Base64Url'
+          }
+        },
+        policy: {
+          required: false,
+          readOnly: true,
+          serializedName: 'policy',
+          type: {
+            name: 'Composite',
+            className: 'CertificatePolicy'
+          }
+        },
+        cer: {
+          required: false,
+          serializedName: 'cer',
+          type: {
+            name: 'ByteArray'
+          }
+        },
+        contentType: {
+          required: false,
+          serializedName: 'contentType',
+          type: {
+            name: 'String'
+          }
+        },
+        attributes: {
+          required: false,
+          serializedName: 'attributes',
+          type: {
+            name: 'Composite',
+            className: 'CertificateAttributes'
+          }
+        },
+        tags: {
+          required: false,
+          serializedName: 'tags',
+          type: {
+            name: 'Dictionary',
+            value: {
+                required: false,
+                serializedName: 'StringElementType',
+                type: {
+                  name: 'String'
+                }
+            }
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = CertificateBundle;

lib/services/keyVault/lib/models/certificateCreateParameters.js

@@ -0,0 +1,148 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+var models = require('./index');
+
+/**
+ * @class
+ * Initializes a new instance of the CertificateCreateParameters class.
+ * @constructor
+ * The certificate create parameters
+ *
+ * @member {object} [certificatePolicy] The management policy for the
+ * certificate
+ * 
+ * @member {string} [certificatePolicy.id] The certificate id
+ * 
+ * @member {object} [certificatePolicy.keyProperties] Properties of the key
+ * backing a certificate.
+ * 
+ * @member {boolean} [certificatePolicy.keyProperties.exportable] Indicates if
+ * the private key can be exported.
+ * 
+ * @member {string} [certificatePolicy.keyProperties.keyType] The key type.
+ * 
+ * @member {number} [certificatePolicy.keyProperties.keySize] The key size in
+ * bytes. e.g. 1024 or 2048.
+ * 
+ * @member {boolean} [certificatePolicy.keyProperties.reuseKey] Indicates if
+ * the same key pair will be used on certificate renewal.
+ * 
+ * @member {object} [certificatePolicy.secretProperties] Properties of the
+ * secret backing a certificate.
+ * 
+ * @member {string} [certificatePolicy.secretProperties.contentType] The media
+ * type (MIME type).
+ * 
+ * @member {object} [certificatePolicy.x509CertificateProperties] Properties
+ * of the X509 component of a certificate.
+ * 
+ * @member {string} [certificatePolicy.x509CertificateProperties.subject] The
+ * subject name. Should be a valid X509 Distinguished Name.
+ * 
+ * @member {array} [certificatePolicy.x509CertificateProperties.ekus] The
+ * enhaunced key usage.
+ * 
+ * @member {object}
+ * [certificatePolicy.x509CertificateProperties.subjectAlternativeNames] The
+ * subject alternative names.
+ * 
+ * @member {array}
+ * [certificatePolicy.x509CertificateProperties.subjectAlternativeNames.emails]
+ * Email addresses.
+ * 
+ * @member {array}
+ * [certificatePolicy.x509CertificateProperties.subjectAlternativeNames.dnsNames]
+ * Domain names.
+ * 
+ * @member {array}
+ * [certificatePolicy.x509CertificateProperties.subjectAlternativeNames.upns]
+ * User principal names.
+ * 
+ * @member {array} [certificatePolicy.x509CertificateProperties.keyUsage] List
+ * of key usages.
+ * 
+ * @member {number}
+ * [certificatePolicy.x509CertificateProperties.validityInMonths] The subject
+ * alternate names.
+ * 
+ * @member {array} [certificatePolicy.lifetimeActions] Actions that will be
+ * performed by Key Vault over the lifetime of a certificate.
+ * 
+ * @member {object} [certificatePolicy.issuerReference] Reference to the
+ * issuer of the X509 component of a certificate.
+ * 
+ * @member {string} [certificatePolicy.issuerReference.name] Name of the
+ * referenced issuer object.
+ * 
+ * @member {object} [certificatePolicy.attributes] The certificate attributes.
+ * 
+ * @member {object} [certificateAttributes] The attributes of the certificate
+ * (optional)
+ * 
+ * @member {object} [tags] Application-specific metadata in the form of
+ * key-value pairs
+ * 
+ */
+function CertificateCreateParameters() {
+}
+
+/**
+ * Defines the metadata of CertificateCreateParameters
+ *
+ * @returns {object} metadata of CertificateCreateParameters
+ *
+ */
+CertificateCreateParameters.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'CertificateCreateParameters',
+    type: {
+      name: 'Composite',
+      className: 'CertificateCreateParameters',
+      modelProperties: {
+        certificatePolicy: {
+          required: false,
+          serializedName: 'policy',
+          type: {
+            name: 'Composite',
+            className: 'CertificatePolicy'
+          }
+        },
+        certificateAttributes: {
+          required: false,
+          serializedName: 'attributes',
+          type: {
+            name: 'Composite',
+            className: 'CertificateAttributes'
+          }
+        },
+        tags: {
+          required: false,
+          serializedName: 'tags',
+          type: {
+            name: 'Dictionary',
+            value: {
+                required: false,
+                serializedName: 'StringElementType',
+                type: {
+                  name: 'String'
+                }
+            }
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = CertificateCreateParameters;

lib/services/keyVault/lib/models/certificateImportParameters.js

@@ -0,0 +1,169 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+var models = require('./index');
+
+/**
+ * @class
+ * Initializes a new instance of the CertificateImportParameters class.
+ * @constructor
+ * The certificate import parameters
+ *
+ * @member {string} base64EncodedCertificate Base64 encoded representation of
+ * the certificate object to import. This certificate needs to contain the
+ * private key.
+ * 
+ * @member {string} [password] If the private key in base64EncodedCertificate
+ * is encrypted, the password used for encryption
+ * 
+ * @member {object} [certificatePolicy] The management policy for the
+ * certificate
+ * 
+ * @member {string} [certificatePolicy.id] The certificate id
+ * 
+ * @member {object} [certificatePolicy.keyProperties] Properties of the key
+ * backing a certificate.
+ * 
+ * @member {boolean} [certificatePolicy.keyProperties.exportable] Indicates if
+ * the private key can be exported.
+ * 
+ * @member {string} [certificatePolicy.keyProperties.keyType] The key type.
+ * 
+ * @member {number} [certificatePolicy.keyProperties.keySize] The key size in
+ * bytes. e.g. 1024 or 2048.
+ * 
+ * @member {boolean} [certificatePolicy.keyProperties.reuseKey] Indicates if
+ * the same key pair will be used on certificate renewal.
+ * 
+ * @member {object} [certificatePolicy.secretProperties] Properties of the
+ * secret backing a certificate.
+ * 
+ * @member {string} [certificatePolicy.secretProperties.contentType] The media
+ * type (MIME type).
+ * 
+ * @member {object} [certificatePolicy.x509CertificateProperties] Properties
+ * of the X509 component of a certificate.
+ * 
+ * @member {string} [certificatePolicy.x509CertificateProperties.subject] The
+ * subject name. Should be a valid X509 Distinguished Name.
+ * 
+ * @member {array} [certificatePolicy.x509CertificateProperties.ekus] The
+ * enhaunced key usage.
+ * 
+ * @member {object}
+ * [certificatePolicy.x509CertificateProperties.subjectAlternativeNames] The
+ * subject alternative names.
+ * 
+ * @member {array}
+ * [certificatePolicy.x509CertificateProperties.subjectAlternativeNames.emails]
+ * Email addresses.
+ * 
+ * @member {array}
+ * [certificatePolicy.x509CertificateProperties.subjectAlternativeNames.dnsNames]
+ * Domain names.
+ * 
+ * @member {array}
+ * [certificatePolicy.x509CertificateProperties.subjectAlternativeNames.upns]
+ * User principal names.
+ * 
+ * @member {array} [certificatePolicy.x509CertificateProperties.keyUsage] List
+ * of key usages.
+ * 
+ * @member {number}
+ * [certificatePolicy.x509CertificateProperties.validityInMonths] The subject
+ * alternate names.
+ * 
+ * @member {array} [certificatePolicy.lifetimeActions] Actions that will be
+ * performed by Key Vault over the lifetime of a certificate.
+ * 
+ * @member {object} [certificatePolicy.issuerReference] Reference to the
+ * issuer of the X509 component of a certificate.
+ * 
+ * @member {string} [certificatePolicy.issuerReference.name] Name of the
+ * referenced issuer object.
+ * 
+ * @member {object} [certificatePolicy.attributes] The certificate attributes.
+ * 
+ * @member {object} [certificateAttributes] The attributes of the certificate
+ * (optional)
+ * 
+ * @member {object} [tags] Application-specific metadata in the form of
+ * key-value pairs
+ * 
+ */
+function CertificateImportParameters() {
+}
+
+/**
+ * Defines the metadata of CertificateImportParameters
+ *
+ * @returns {object} metadata of CertificateImportParameters
+ *
+ */
+CertificateImportParameters.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'CertificateImportParameters',
+    type: {
+      name: 'Composite',
+      className: 'CertificateImportParameters',
+      modelProperties: {
+        base64EncodedCertificate: {
+          required: true,
+          serializedName: 'value',
+          type: {
+            name: 'String'
+          }
+        },
+        password: {
+          required: false,
+          serializedName: 'pwd',
+          type: {
+            name: 'String'
+          }
+        },
+        certificatePolicy: {
+          required: false,
+          serializedName: 'policy',
+          type: {
+            name: 'Composite',
+            className: 'CertificatePolicy'
+          }
+        },
+        certificateAttributes: {
+          required: false,
+          serializedName: 'attributes',
+          type: {
+            name: 'Composite',
+            className: 'CertificateAttributes'
+          }
+        },
+        tags: {
+          required: false,
+          serializedName: 'tags',
+          type: {
+            name: 'Dictionary',
+            value: {
+                required: false,
+                serializedName: 'StringElementType',
+                type: {
+                  name: 'String'
+                }
+            }
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = CertificateImportParameters;

lib/services/keyVault/lib/models/certificateIssuerItem.js

@@ -0,0 +1,60 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+/**
+ * @class
+ * Initializes a new instance of the CertificateIssuerItem class.
+ * @constructor
+ * The certificate issuer item containing certificate issuer metadata
+ *
+ * @member {string} [id] Certificate Identifier
+ * 
+ * @member {string} [provider] The name of the issuer.
+ * 
+ */
+function CertificateIssuerItem() {
+}
+
+/**
+ * Defines the metadata of CertificateIssuerItem
+ *
+ * @returns {object} metadata of CertificateIssuerItem
+ *
+ */
+CertificateIssuerItem.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'CertificateIssuerItem',
+    type: {
+      name: 'Composite',
+      className: 'CertificateIssuerItem',
+      modelProperties: {
+        id: {
+          required: false,
+          serializedName: 'id',
+          type: {
+            name: 'String'
+          }
+        },
+        provider: {
+          required: false,
+          serializedName: 'provider',
+          type: {
+            name: 'String'
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = CertificateIssuerItem;

lib/services/keyVault/lib/models/certificateIssuerListResult.js

@@ -0,0 +1,76 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+var util = require('util');
+
+/**
+ * @class
+ * Initializes a new instance of the CertificateIssuerListResult class.
+ * @constructor
+ * The certificate issuer list result
+ * @member {array} [value] A response message containing a list of certificate
+ * issuers in the vault along with a link to the next page of certificate
+ * issuers
+ * 
+ * @member {string} [nextLink] The URL to get the next set of certificate
+ * issuers.
+ * 
+ */
+function CertificateIssuerListResult() {
+}
+
+util.inherits(CertificateIssuerListResult, Array);
+
+/**
+ * Defines the metadata of CertificateIssuerListResult
+ *
+ * @returns {object} metadata of CertificateIssuerListResult
+ *
+ */
+CertificateIssuerListResult.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'CertificateIssuerListResult',
+    type: {
+      name: 'Composite',
+      className: 'CertificateIssuerListResult',
+      modelProperties: {
+        value: {
+          required: false,
+          readOnly: true,
+          serializedName: '',
+          type: {
+            name: 'Sequence',
+            element: {
+                required: false,
+                serializedName: 'CertificateIssuerItemElementType',
+                type: {
+                  name: 'Composite',
+                  className: 'CertificateIssuerItem'
+                }
+            }
+          }
+        },
+        nextLink: {
+          required: false,
+          readOnly: true,
+          serializedName: 'nextLink',
+          type: {
+            name: 'String'
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = CertificateIssuerListResult;

lib/services/keyVault/lib/models/certificateItem.js

@@ -0,0 +1,89 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+var models = require('./index');
+
+/**
+ * @class
+ * Initializes a new instance of the CertificateItem class.
+ * @constructor
+ * The certificate item containing certificate metadata
+ *
+ * @member {string} [id] Certificate Identifier
+ * 
+ * @member {object} [attributes] The certificate management attributes
+ * 
+ * @member {object} [tags] Application-specific metadata in the form of
+ * key-value pairs
+ * 
+ * @member {buffer} [x509Thumbprint] Thumbprint of the certificate.
+ * 
+ */
+function CertificateItem() {
+}
+
+/**
+ * Defines the metadata of CertificateItem
+ *
+ * @returns {object} metadata of CertificateItem
+ *
+ */
+CertificateItem.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'CertificateItem',
+    type: {
+      name: 'Composite',
+      className: 'CertificateItem',
+      modelProperties: {
+        id: {
+          required: false,
+          serializedName: 'id',
+          type: {
+            name: 'String'
+          }
+        },
+        attributes: {
+          required: false,
+          serializedName: 'attributes',
+          type: {
+            name: 'Composite',
+            className: 'CertificateAttributes'
+          }
+        },
+        tags: {
+          required: false,
+          serializedName: 'tags',
+          type: {
+            name: 'Dictionary',
+            value: {
+                required: false,
+                serializedName: 'StringElementType',
+                type: {
+                  name: 'String'
+                }
+            }
+          }
+        },
+        x509Thumbprint: {
+          required: false,
+          serializedName: 'x5t',
+          type: {
+            name: 'Base64Url'
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = CertificateItem;

lib/services/keyVault/lib/models/certificateListResult.js

@@ -0,0 +1,75 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+var util = require('util');
+
+/**
+ * @class
+ * Initializes a new instance of the CertificateListResult class.
+ * @constructor
+ * The certificate list result
+ * @member {array} [value] A response message containing a list of
+ * certificates in the vault along with a link to the next page of
+ * certificates
+ * 
+ * @member {string} [nextLink] The URL to get the next set of certificates.
+ * 
+ */
+function CertificateListResult() {
+}
+
+util.inherits(CertificateListResult, Array);
+
+/**
+ * Defines the metadata of CertificateListResult
+ *
+ * @returns {object} metadata of CertificateListResult
+ *
+ */
+CertificateListResult.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'CertificateListResult',
+    type: {
+      name: 'Composite',
+      className: 'CertificateListResult',
+      modelProperties: {
+        value: {
+          required: false,
+          readOnly: true,
+          serializedName: '',
+          type: {
+            name: 'Sequence',
+            element: {
+                required: false,
+                serializedName: 'CertificateItemElementType',
+                type: {
+                  name: 'Composite',
+                  className: 'CertificateItem'
+                }
+            }
+          }
+        },
+        nextLink: {
+          required: false,
+          readOnly: true,
+          serializedName: 'nextLink',
+          type: {
+            name: 'String'
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = CertificateListResult;

lib/services/keyVault/lib/models/certificateMergeParameters.js

@@ -0,0 +1,91 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+var models = require('./index');
+
+var util = require('util');
+
+/**
+ * @class
+ * Initializes a new instance of the CertificateMergeParameters class.
+ * @constructor
+ * The certificate merge parameters
+ *
+ * @member {array} x509Certificates The certificate or the certificate chain
+ * to merge
+ * 
+ * @member {object} [certificateAttributes] The attributes of the certificate
+ * (optional)
+ * 
+ * @member {object} [tags] Application-specific metadata in the form of
+ * key-value pairs
+ * 
+ */
+function CertificateMergeParameters() {
+}
+
+/**
+ * Defines the metadata of CertificateMergeParameters
+ *
+ * @returns {object} metadata of CertificateMergeParameters
+ *
+ */
+CertificateMergeParameters.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'CertificateMergeParameters',
+    type: {
+      name: 'Composite',
+      className: 'CertificateMergeParameters',
+      modelProperties: {
+        x509Certificates: {
+          required: true,
+          serializedName: 'x5c',
+          type: {
+            name: 'Sequence',
+            element: {
+                required: false,
+                serializedName: 'BufferElementType',
+                type: {
+                  name: 'ByteArray'
+                }
+            }
+          }
+        },
+        certificateAttributes: {
+          required: false,
+          serializedName: 'attributes',
+          type: {
+            name: 'Composite',
+            className: 'CertificateAttributes'
+          }
+        },
+        tags: {
+          required: false,
+          serializedName: 'tags',
+          type: {
+            name: 'Dictionary',
+            value: {
+                required: false,
+                serializedName: 'StringElementType',
+                type: {
+                  name: 'String'
+                }
+            }
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = CertificateMergeParameters;

lib/services/keyVault/lib/models/certificateOperation.js

@@ -0,0 +1,141 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+var models = require('./index');
+
+/**
+ * @class
+ * Initializes a new instance of the CertificateOperation class.
+ * @constructor
+ * A certificate operation is returned in case of async requests.
+ *
+ * @member {string} [id] The certificate id
+ * 
+ * @member {object} [issuerReference] Reference to the issuer of the X509
+ * component of a certificate.
+ * 
+ * @member {string} [issuerReference.name] Name of the referenced issuer
+ * object.
+ * 
+ * @member {buffer} [csr] The Certificate Signing Request (CSR) that is being
+ * used in the certificate operation.
+ * 
+ * @member {boolean} [cancellationRequested] Indicates if cancellation was
+ * requested on the certificate operation.
+ * 
+ * @member {string} [status] Status of the certificate operation.
+ * 
+ * @member {string} [statusDetails] The status details of the certificate
+ * operation.
+ * 
+ * @member {object} [error] Error encountered, if any, during the certificate
+ * operation.
+ * 
+ * @member {string} [error.code] The error code.
+ * 
+ * @member {string} [error.message] The error message.
+ * 
+ * @member {string} [target] Location which contains the result of the
+ * certificate operation.
+ * 
+ * @member {string} [requestId] Identifier for the certificate operation.
+ * 
+ */
+function CertificateOperation() {
+}
+
+/**
+ * Defines the metadata of CertificateOperation
+ *
+ * @returns {object} metadata of CertificateOperation
+ *
+ */
+CertificateOperation.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'CertificateOperation',
+    type: {
+      name: 'Composite',
+      className: 'CertificateOperation',
+      modelProperties: {
+        id: {
+          required: false,
+          readOnly: true,
+          serializedName: 'id',
+          type: {
+            name: 'String'
+          }
+        },
+        issuerReference: {
+          required: false,
+          serializedName: 'issuer',
+          type: {
+            name: 'Composite',
+            className: 'IssuerReference'
+          }
+        },
+        csr: {
+          required: false,
+          serializedName: 'csr',
+          type: {
+            name: 'ByteArray'
+          }
+        },
+        cancellationRequested: {
+          required: false,
+          serializedName: 'cancellation_requested',
+          type: {
+            name: 'Boolean'
+          }
+        },
+        status: {
+          required: false,
+          serializedName: 'status',
+          type: {
+            name: 'String'
+          }
+        },
+        statusDetails: {
+          required: false,
+          serializedName: 'status_details',
+          type: {
+            name: 'String'
+          }
+        },
+        error: {
+          required: false,
+          serializedName: 'error',
+          type: {
+            name: 'Composite',
+            className: 'ErrorModel'
+          }
+        },
+        target: {
+          required: false,
+          serializedName: 'target',
+          type: {
+            name: 'String'
+          }
+        },
+        requestId: {
+          required: false,
+          serializedName: 'request_id',
+          type: {
+            name: 'String'
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = CertificateOperation;

lib/services/keyVault/lib/models/certificatePolicy.js

@@ -0,0 +1,166 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+var models = require('./index');
+
+var util = require('util');
+
+/**
+ * @class
+ * Initializes a new instance of the CertificatePolicy class.
+ * @constructor
+ * Management policy for a certificate.
+ *
+ * @member {string} [id] The certificate id
+ * 
+ * @member {object} [keyProperties] Properties of the key backing a
+ * certificate.
+ * 
+ * @member {boolean} [keyProperties.exportable] Indicates if the private key
+ * can be exported.
+ * 
+ * @member {string} [keyProperties.keyType] The key type.
+ * 
+ * @member {number} [keyProperties.keySize] The key size in bytes. e.g. 1024
+ * or 2048.
+ * 
+ * @member {boolean} [keyProperties.reuseKey] Indicates if the same key pair
+ * will be used on certificate renewal.
+ * 
+ * @member {object} [secretProperties] Properties of the secret backing a
+ * certificate.
+ * 
+ * @member {string} [secretProperties.contentType] The media type (MIME type).
+ * 
+ * @member {object} [x509CertificateProperties] Properties of the X509
+ * component of a certificate.
+ * 
+ * @member {string} [x509CertificateProperties.subject] The subject name.
+ * Should be a valid X509 Distinguished Name.
+ * 
+ * @member {array} [x509CertificateProperties.ekus] The enhaunced key usage.
+ * 
+ * @member {object} [x509CertificateProperties.subjectAlternativeNames] The
+ * subject alternative names.
+ * 
+ * @member {array} [x509CertificateProperties.subjectAlternativeNames.emails]
+ * Email addresses.
+ * 
+ * @member {array}
+ * [x509CertificateProperties.subjectAlternativeNames.dnsNames] Domain names.
+ * 
+ * @member {array} [x509CertificateProperties.subjectAlternativeNames.upns]
+ * User principal names.
+ * 
+ * @member {array} [x509CertificateProperties.keyUsage] List of key usages.
+ * 
+ * @member {number} [x509CertificateProperties.validityInMonths] The subject
+ * alternate names.
+ * 
+ * @member {array} [lifetimeActions] Actions that will be performed by Key
+ * Vault over the lifetime of a certificate.
+ * 
+ * @member {object} [issuerReference] Reference to the issuer of the X509
+ * component of a certificate.
+ * 
+ * @member {string} [issuerReference.name] Name of the referenced issuer
+ * object.
+ * 
+ * @member {object} [attributes] The certificate attributes.
+ * 
+ */
+function CertificatePolicy() {
+}
+
+/**
+ * Defines the metadata of CertificatePolicy
+ *
+ * @returns {object} metadata of CertificatePolicy
+ *
+ */
+CertificatePolicy.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'CertificatePolicy',
+    type: {
+      name: 'Composite',
+      className: 'CertificatePolicy',
+      modelProperties: {
+        id: {
+          required: false,
+          readOnly: true,
+          serializedName: 'id',
+          type: {
+            name: 'String'
+          }
+        },
+        keyProperties: {
+          required: false,
+          serializedName: 'key_props',
+          type: {
+            name: 'Composite',
+            className: 'KeyProperties'
+          }
+        },
+        secretProperties: {
+          required: false,
+          serializedName: 'secret_props',
+          type: {
+            name: 'Composite',
+            className: 'SecretProperties'
+          }
+        },
+        x509CertificateProperties: {
+          required: false,
+          serializedName: 'x509_props',
+          type: {
+            name: 'Composite',
+            className: 'X509CertificateProperties'
+          }
+        },
+        lifetimeActions: {
+          required: false,
+          serializedName: 'lifetime_actions',
+          type: {
+            name: 'Sequence',
+            element: {
+                required: false,
+                serializedName: 'LifetimeActionElementType',
+                type: {
+                  name: 'Composite',
+                  className: 'LifetimeAction'
+                }
+            }
+          }
+        },
+        issuerReference: {
+          required: false,
+          serializedName: 'issuer',
+          type: {
+            name: 'Composite',
+            className: 'IssuerReference'
+          }
+        },
+        attributes: {
+          required: false,
+          serializedName: 'attributes',
+          type: {
+            name: 'Composite',
+            className: 'CertificateAttributes'
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = CertificatePolicy;

lib/services/keyVault/lib/models/certificateUpdateParameters.js

@@ -0,0 +1,72 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+var models = require('./index');
+
+/**
+ * @class
+ * Initializes a new instance of the CertificateUpdateParameters class.
+ * @constructor
+ * The certificate update parameters
+ *
+ * @member {object} [certificateAttributes] The attributes of the certificate
+ * (optional)
+ * 
+ * @member {object} [tags] Application-specific metadata in the form of
+ * key-value pairs
+ * 
+ */
+function CertificateUpdateParameters() {
+}
+
+/**
+ * Defines the metadata of CertificateUpdateParameters
+ *
+ * @returns {object} metadata of CertificateUpdateParameters
+ *
+ */
+CertificateUpdateParameters.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'CertificateUpdateParameters',
+    type: {
+      name: 'Composite',
+      className: 'CertificateUpdateParameters',
+      modelProperties: {
+        certificateAttributes: {
+          required: false,
+          serializedName: 'attributes',
+          type: {
+            name: 'Composite',
+            className: 'CertificateAttributes'
+          }
+        },
+        tags: {
+          required: false,
+          serializedName: 'tags',
+          type: {
+            name: 'Dictionary',
+            value: {
+                required: false,
+                serializedName: 'StringElementType',
+                type: {
+                  name: 'String'
+                }
+            }
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = CertificateUpdateParameters;

lib/services/keyVault/lib/models/contact.js

@@ -0,0 +1,69 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+/**
+ * @class
+ * Initializes a new instance of the Contact class.
+ * @constructor
+ * The contact information for the vault certificates.
+ *
+ * @member {string} [emailAddress] Email addresss.
+ * 
+ * @member {string} [name] Name.
+ * 
+ * @member {string} [phone] Phone number.
+ * 
+ */
+function Contact() {
+}
+
+/**
+ * Defines the metadata of Contact
+ *
+ * @returns {object} metadata of Contact
+ *
+ */
+Contact.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'Contact',
+    type: {
+      name: 'Composite',
+      className: 'Contact',
+      modelProperties: {
+        emailAddress: {
+          required: false,
+          serializedName: 'email',
+          type: {
+            name: 'String'
+          }
+        },
+        name: {
+          required: false,
+          serializedName: 'name',
+          type: {
+            name: 'String'
+          }
+        },
+        phone: {
+          required: false,
+          serializedName: 'phone',
+          type: {
+            name: 'String'
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = Contact;

lib/services/keyVault/lib/models/contacts.js

@@ -0,0 +1,73 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+var models = require('./index');
+
+var util = require('util');
+
+/**
+ * @class
+ * Initializes a new instance of the Contacts class.
+ * @constructor
+ * The contacts for the vault certificates.
+ *
+ * @member {string} [id] Identifier for the contacts collection.
+ * 
+ * @member {array} [contactList] The contact list for the vault certificates.
+ * 
+ */
+function Contacts() {
+}
+
+/**
+ * Defines the metadata of Contacts
+ *
+ * @returns {object} metadata of Contacts
+ *
+ */
+Contacts.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'Contacts',
+    type: {
+      name: 'Composite',
+      className: 'Contacts',
+      modelProperties: {
+        id: {
+          required: false,
+          readOnly: true,
+          serializedName: 'id',
+          type: {
+            name: 'String'
+          }
+        },
+        contactList: {
+          required: false,
+          serializedName: 'contacts',
+          type: {
+            name: 'Sequence',
+            element: {
+                required: false,
+                serializedName: 'ContactElementType',
+                type: {
+                  name: 'Composite',
+                  className: 'Contact'
+                }
+            }
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = Contacts;

lib/services/keyVault/lib/models/errorModel.js

@@ -0,0 +1,62 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+/**
+ * @class
+ * Initializes a new instance of the ErrorModel class.
+ * @constructor
+ * The key vault server error
+ *
+ * @member {string} [code] The error code.
+ * 
+ * @member {string} [message] The error message.
+ * 
+ */
+function ErrorModel() {
+}
+
+/**
+ * Defines the metadata of ErrorModel
+ *
+ * @returns {object} metadata of ErrorModel
+ *
+ */
+ErrorModel.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'Error',
+    type: {
+      name: 'Composite',
+      className: 'ErrorModel',
+      modelProperties: {
+        code: {
+          required: false,
+          readOnly: true,
+          serializedName: 'code',
+          type: {
+            name: 'String'
+          }
+        },
+        message: {
+          required: false,
+          readOnly: true,
+          serializedName: 'message',
+          type: {
+            name: 'String'
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = ErrorModel;

lib/services/keyVault/lib/models/index.js

@@ -0,0 +1,72 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+/* jshint latedef:false */
+/* jshint forin:false */
+/* jshint noempty:false */
+
+'use strict';
+
+var msRestAzure = require('ms-rest-azure');
+
+exports.BaseResource = msRestAzure.BaseResource;
+exports.CloudError = msRestAzure.CloudError;
+exports.Attributes = require('./attributes');
+exports.JsonWebKey = require('./jsonWebKey');
+exports.KeyAttributes = require('./keyAttributes');
+exports.KeyBundle = require('./keyBundle');
+exports.KeyItem = require('./keyItem');
+exports.SecretBundle = require('./secretBundle');
+exports.SecretAttributes = require('./secretAttributes');
+exports.SecretItem = require('./secretItem');
+exports.CertificateAttributes = require('./certificateAttributes');
+exports.CertificateItem = require('./certificateItem');
+exports.CertificateIssuerItem = require('./certificateIssuerItem');
+exports.CertificateBundle = require('./certificateBundle');
+exports.CertificatePolicy = require('./certificatePolicy');
+exports.KeyProperties = require('./keyProperties');
+exports.SecretProperties = require('./secretProperties');
+exports.X509CertificateProperties = require('./x509CertificateProperties');
+exports.SubjectAlternativeNames = require('./subjectAlternativeNames');
+exports.LifetimeAction = require('./lifetimeAction');
+exports.Trigger = require('./trigger');
+exports.Action = require('./action');
+exports.IssuerReference = require('./issuerReference');
+exports.CertificateOperation = require('./certificateOperation');
+exports.ErrorModel = require('./errorModel');
+exports.IssuerBundle = require('./issuerBundle');
+exports.IssuerCredentials = require('./issuerCredentials');
+exports.OrganizationDetails = require('./organizationDetails');
+exports.AdministratorDetails = require('./administratorDetails');
+exports.IssuerAttributes = require('./issuerAttributes');
+exports.Contacts = require('./contacts');
+exports.Contact = require('./contact');
+exports.KeyCreateParameters = require('./keyCreateParameters');
+exports.KeyImportParameters = require('./keyImportParameters');
+exports.KeyOperationsParameters = require('./keyOperationsParameters');
+exports.KeySignParameters = require('./keySignParameters');
+exports.KeyVerifyParameters = require('./keyVerifyParameters');
+exports.KeyUpdateParameters = require('./keyUpdateParameters');
+exports.KeyRestoreParameters = require('./keyRestoreParameters');
+exports.SecretSetParameters = require('./secretSetParameters');
+exports.SecretUpdateParameters = require('./secretUpdateParameters');
+exports.CertificateCreateParameters = require('./certificateCreateParameters');
+exports.CertificateImportParameters = require('./certificateImportParameters');
+exports.CertificateUpdateParameters = require('./certificateUpdateParameters');
+exports.CertificateMergeParameters = require('./certificateMergeParameters');
+exports.KeyOperationResult = require('./keyOperationResult');
+exports.KeyVerifyResult = require('./keyVerifyResult');
+exports.BackupKeyResult = require('./backupKeyResult');
+exports.PendingCertificateSigningRequestResult = require('./pendingCertificateSigningRequestResult');
+exports.KeyVaultError = require('./keyVaultError');
+exports.KeyListResult = require('./keyListResult');
+exports.SecretListResult = require('./secretListResult');
+exports.CertificateListResult = require('./certificateListResult');
+exports.CertificateIssuerListResult = require('./certificateIssuerListResult');

lib/services/keyVault/lib/models/issuerAttributes.js

@@ -0,0 +1,71 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+/**
+ * @class
+ * Initializes a new instance of the IssuerAttributes class.
+ * @constructor
+ * The attributes of an issuer managed by the KeyVault service
+ *
+ * @member {boolean} [enabled] Determines whether the issuer is enabled
+ * 
+ * @member {date} [created] Creation time in UTC
+ * 
+ * @member {date} [updated] Last updated time in UTC
+ * 
+ */
+function IssuerAttributes() {
+}
+
+/**
+ * Defines the metadata of IssuerAttributes
+ *
+ * @returns {object} metadata of IssuerAttributes
+ *
+ */
+IssuerAttributes.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'IssuerAttributes',
+    type: {
+      name: 'Composite',
+      className: 'IssuerAttributes',
+      modelProperties: {
+        enabled: {
+          required: false,
+          serializedName: 'enabled',
+          type: {
+            name: 'Boolean'
+          }
+        },
+        created: {
+          required: false,
+          readOnly: true,
+          serializedName: 'created',
+          type: {
+            name: 'UnixTime'
+          }
+        },
+        updated: {
+          required: false,
+          readOnly: true,
+          serializedName: 'updated',
+          type: {
+            name: 'UnixTime'
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = IssuerAttributes;

lib/services/keyVault/lib/models/issuerBundle.js

@@ -0,0 +1,111 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+var models = require('./index');
+
+/**
+ * @class
+ * Initializes a new instance of the IssuerBundle class.
+ * @constructor
+ * The issuer for Key Vault certificate
+ *
+ * @member {string} [id] Identifier for the issuer object.
+ * 
+ * @member {string} [provider] The name of the issuer.
+ * 
+ * @member {object} [credentials] The credentials to be used for the issuer.
+ * 
+ * @member {string} [credentials.accountId] The user name/account name/account
+ * id.
+ * 
+ * @member {string} [credentials.password] The password/secret/account key.
+ * 
+ * @member {object} [organizationDetails] Details of the organization as
+ * provided to the issuer.
+ * 
+ * @member {string} [organizationDetails.id] Id of the organization.
+ * 
+ * @member {array} [organizationDetails.adminDetails] Details of the
+ * organization administrator.
+ * 
+ * @member {object} [attributes] Attributes of the issuer object.
+ * 
+ * @member {boolean} [attributes.enabled] Determines whether the issuer is
+ * enabled
+ * 
+ * @member {date} [attributes.created] Creation time in UTC
+ * 
+ * @member {date} [attributes.updated] Last updated time in UTC
+ * 
+ */
+function IssuerBundle() {
+}
+
+/**
+ * Defines the metadata of IssuerBundle
+ *
+ * @returns {object} metadata of IssuerBundle
+ *
+ */
+IssuerBundle.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'IssuerBundle',
+    type: {
+      name: 'Composite',
+      className: 'IssuerBundle',
+      modelProperties: {
+        id: {
+          required: false,
+          readOnly: true,
+          serializedName: 'id',
+          type: {
+            name: 'String'
+          }
+        },
+        provider: {
+          required: false,
+          serializedName: 'provider',
+          type: {
+            name: 'String'
+          }
+        },
+        credentials: {
+          required: false,
+          serializedName: 'credentials',
+          type: {
+            name: 'Composite',
+            className: 'IssuerCredentials'
+          }
+        },
+        organizationDetails: {
+          required: false,
+          serializedName: 'org_details',
+          type: {
+            name: 'Composite',
+            className: 'OrganizationDetails'
+          }
+        },
+        attributes: {
+          required: false,
+          serializedName: 'attributes',
+          type: {
+            name: 'Composite',
+            className: 'IssuerAttributes'
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = IssuerBundle;

lib/services/keyVault/lib/models/issuerCredentials.js

@@ -0,0 +1,60 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+/**
+ * @class
+ * Initializes a new instance of the IssuerCredentials class.
+ * @constructor
+ * The credentials to be used for the certificate issuer.
+ *
+ * @member {string} [accountId] The user name/account name/account id.
+ * 
+ * @member {string} [password] The password/secret/account key.
+ * 
+ */
+function IssuerCredentials() {
+}
+
+/**
+ * Defines the metadata of IssuerCredentials
+ *
+ * @returns {object} metadata of IssuerCredentials
+ *
+ */
+IssuerCredentials.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'IssuerCredentials',
+    type: {
+      name: 'Composite',
+      className: 'IssuerCredentials',
+      modelProperties: {
+        accountId: {
+          required: false,
+          serializedName: 'account_id',
+          type: {
+            name: 'String'
+          }
+        },
+        password: {
+          required: false,
+          serializedName: 'pwd',
+          type: {
+            name: 'String'
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = IssuerCredentials;

lib/services/keyVault/lib/models/issuerReference.js

@@ -0,0 +1,51 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+/**
+ * @class
+ * Initializes a new instance of the IssuerReference class.
+ * @constructor
+ * Reference to the issuer of the X509 component of a certificate.
+ *
+ * @member {string} [name] Name of the referenced issuer object.
+ * 
+ */
+function IssuerReference() {
+}
+
+/**
+ * Defines the metadata of IssuerReference
+ *
+ * @returns {object} metadata of IssuerReference
+ *
+ */
+IssuerReference.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'IssuerReference',
+    type: {
+      name: 'Composite',
+      className: 'IssuerReference',
+      modelProperties: {
+        name: {
+          required: false,
+          serializedName: 'name',
+          type: {
+            name: 'String'
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = IssuerReference;

lib/services/keyVault/lib/models/jsonWebKey.js

@@ -0,0 +1,169 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+var util = require('util');
+
+/**
+ * @class
+ * Initializes a new instance of the JsonWebKey class.
+ * @constructor
+ * As of http://tools.ietf.org/html/draft-ietf-jose-json-web-key-18
+ *
+ * @member {string} [kid] Key Identifier
+ * 
+ * @member {string} [kty] Key type, usually RSA. Possible values include:
+ * 'EC', 'RSA', 'RSA-HSM', 'oct'
+ * 
+ * @member {array} [keyOps]
+ * 
+ * @member {buffer} [n] RSA modulus
+ * 
+ * @member {buffer} [e] RSA public exponent
+ * 
+ * @member {buffer} [d] RSA private exponent
+ * 
+ * @member {buffer} [dp] RSA Private Key Parameter
+ * 
+ * @member {buffer} [dq] RSA Private Key Parameter
+ * 
+ * @member {buffer} [qi] RSA Private Key Parameter
+ * 
+ * @member {buffer} [p] RSA secret prime
+ * 
+ * @member {buffer} [q] RSA secret prime, with p < q
+ * 
+ * @member {buffer} [k] Symmetric key
+ * 
+ * @member {buffer} [t] HSM Token, used with Bring Your Own Key
+ * 
+ */
+function JsonWebKey() {
+}
+
+/**
+ * Defines the metadata of JsonWebKey
+ *
+ * @returns {object} metadata of JsonWebKey
+ *
+ */
+JsonWebKey.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'JsonWebKey',
+    type: {
+      name: 'Composite',
+      className: 'JsonWebKey',
+      modelProperties: {
+        kid: {
+          required: false,
+          serializedName: 'kid',
+          type: {
+            name: 'String'
+          }
+        },
+        kty: {
+          required: false,
+          serializedName: 'kty',
+          type: {
+            name: 'String'
+          }
+        },
+        keyOps: {
+          required: false,
+          serializedName: 'key_ops',
+          type: {
+            name: 'Sequence',
+            element: {
+                required: false,
+                serializedName: 'StringElementType',
+                type: {
+                  name: 'String'
+                }
+            }
+          }
+        },
+        n: {
+          required: false,
+          serializedName: 'n',
+          type: {
+            name: 'Base64Url'
+          }
+        },
+        e: {
+          required: false,
+          serializedName: 'e',
+          type: {
+            name: 'Base64Url'
+          }
+        },
+        d: {
+          required: false,
+          serializedName: 'd',
+          type: {
+            name: 'Base64Url'
+          }
+        },
+        dp: {
+          required: false,
+          serializedName: 'dp',
+          type: {
+            name: 'Base64Url'
+          }
+        },
+        dq: {
+          required: false,
+          serializedName: 'dq',
+          type: {
+            name: 'Base64Url'
+          }
+        },
+        qi: {
+          required: false,
+          serializedName: 'qi',
+          type: {
+            name: 'Base64Url'
+          }
+        },
+        p: {
+          required: false,
+          serializedName: 'p',
+          type: {
+            name: 'Base64Url'
+          }
+        },
+        q: {
+          required: false,
+          serializedName: 'q',
+          type: {
+            name: 'Base64Url'
+          }
+        },
+        k: {
+          required: false,
+          serializedName: 'K',
+          type: {
+            name: 'Base64Url'
+          }
+        },
+        t: {
+          required: false,
+          serializedName: 'key_hsm',
+          type: {
+            name: 'Base64Url'
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = JsonWebKey;

lib/services/keyVault/lib/models/keyAttributes.js

@@ -0,0 +1,86 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+var models = require('./index');
+
+var util = require('util');
+
+/**
+ * @class
+ * Initializes a new instance of the KeyAttributes class.
+ * @constructor
+ * The attributes of a key managed by the KeyVault service
+ *
+ */
+function KeyAttributes() {
+  KeyAttributes['super_'].call(this);
+}
+
+util.inherits(KeyAttributes, models['Attributes']);
+
+/**
+ * Defines the metadata of KeyAttributes
+ *
+ * @returns {object} metadata of KeyAttributes
+ *
+ */
+KeyAttributes.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'KeyAttributes',
+    type: {
+      name: 'Composite',
+      className: 'KeyAttributes',
+      modelProperties: {
+        enabled: {
+          required: false,
+          serializedName: 'enabled',
+          type: {
+            name: 'Boolean'
+          }
+        },
+        notBefore: {
+          required: false,
+          serializedName: 'nbf',
+          type: {
+            name: 'UnixTime'
+          }
+        },
+        expires: {
+          required: false,
+          serializedName: 'exp',
+          type: {
+            name: 'UnixTime'
+          }
+        },
+        created: {
+          required: false,
+          readOnly: true,
+          serializedName: 'created',
+          type: {
+            name: 'UnixTime'
+          }
+        },
+        updated: {
+          required: false,
+          readOnly: true,
+          serializedName: 'updated',
+          type: {
+            name: 'UnixTime'
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = KeyAttributes;

lib/services/keyVault/lib/models/keyBundle.js

@@ -0,0 +1,108 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+var models = require('./index');
+
+/**
+ * @class
+ * Initializes a new instance of the KeyBundle class.
+ * @constructor
+ * A KeyBundle consisting of a WebKey plus its Attributes
+ *
+ * @member {object} [key] The Json web key
+ * 
+ * @member {string} [key.kid] Key Identifier
+ * 
+ * @member {string} [key.kty] Key type, usually RSA. Possible values include:
+ * 'EC', 'RSA', 'RSA-HSM', 'oct'
+ * 
+ * @member {array} [key.keyOps]
+ * 
+ * @member {buffer} [key.n] RSA modulus
+ * 
+ * @member {buffer} [key.e] RSA public exponent
+ * 
+ * @member {buffer} [key.d] RSA private exponent
+ * 
+ * @member {buffer} [key.dp] RSA Private Key Parameter
+ * 
+ * @member {buffer} [key.dq] RSA Private Key Parameter
+ * 
+ * @member {buffer} [key.qi] RSA Private Key Parameter
+ * 
+ * @member {buffer} [key.p] RSA secret prime
+ * 
+ * @member {buffer} [key.q] RSA secret prime, with p < q
+ * 
+ * @member {buffer} [key.k] Symmetric key
+ * 
+ * @member {buffer} [key.t] HSM Token, used with Bring Your Own Key
+ * 
+ * @member {object} [attributes] The key management attributes
+ * 
+ * @member {object} [tags] Application-specific metadata in the form of
+ * key-value pairs
+ * 
+ */
+function KeyBundle() {
+}
+
+/**
+ * Defines the metadata of KeyBundle
+ *
+ * @returns {object} metadata of KeyBundle
+ *
+ */
+KeyBundle.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'KeyBundle',
+    type: {
+      name: 'Composite',
+      className: 'KeyBundle',
+      modelProperties: {
+        key: {
+          required: false,
+          serializedName: 'key',
+          type: {
+            name: 'Composite',
+            className: 'JsonWebKey'
+          }
+        },
+        attributes: {
+          required: false,
+          serializedName: 'attributes',
+          type: {
+            name: 'Composite',
+            className: 'KeyAttributes'
+          }
+        },
+        tags: {
+          required: false,
+          serializedName: 'tags',
+          type: {
+            name: 'Dictionary',
+            value: {
+                required: false,
+                serializedName: 'StringElementType',
+                type: {
+                  name: 'String'
+                }
+            }
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = KeyBundle;

lib/services/keyVault/lib/models/keyCreateParameters.js

@@ -0,0 +1,111 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+var models = require('./index');
+
+var util = require('util');
+
+/**
+ * @class
+ * Initializes a new instance of the KeyCreateParameters class.
+ * @constructor
+ * The key create parameters
+ *
+ * @member {string} kty The type of key to create. Valid key types, see
+ * JsonWebKeyType. Possible values include: 'EC', 'RSA', 'RSA-HSM', 'oct'
+ * 
+ * @member {number} [keySize] The key size in bytes. e.g. 1024 or 2048.
+ * 
+ * @member {array} [keyOps]
+ * 
+ * @member {object} [keyAttributes]
+ * 
+ * @member {object} [tags] Application-specific metadata in the form of
+ * key-value pairs
+ * 
+ */
+function KeyCreateParameters() {
+}
+
+/**
+ * Defines the metadata of KeyCreateParameters
+ *
+ * @returns {object} metadata of KeyCreateParameters
+ *
+ */
+KeyCreateParameters.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'KeyCreateParameters',
+    type: {
+      name: 'Composite',
+      className: 'KeyCreateParameters',
+      modelProperties: {
+        kty: {
+          required: true,
+          serializedName: 'kty',
+          constraints: {
+            MinLength: 1
+          },
+          type: {
+            name: 'String'
+          }
+        },
+        keySize: {
+          required: false,
+          serializedName: 'key_size',
+          type: {
+            name: 'Number'
+          }
+        },
+        keyOps: {
+          required: false,
+          serializedName: 'key_ops',
+          type: {
+            name: 'Sequence',
+            element: {
+                required: false,
+                serializedName: 'StringElementType',
+                type: {
+                  name: 'String'
+                }
+            }
+          }
+        },
+        keyAttributes: {
+          required: false,
+          serializedName: 'attributes',
+          type: {
+            name: 'Composite',
+            className: 'KeyAttributes'
+          }
+        },
+        tags: {
+          required: false,
+          serializedName: 'tags',
+          type: {
+            name: 'Dictionary',
+            value: {
+                required: false,
+                serializedName: 'StringElementType',
+                type: {
+                  name: 'String'
+                }
+            }
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = KeyCreateParameters;

lib/services/keyVault/lib/models/keyImportParameters.js

@@ -0,0 +1,118 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+var models = require('./index');
+
+/**
+ * @class
+ * Initializes a new instance of the KeyImportParameters class.
+ * @constructor
+ * The key import parameters
+ *
+ * @member {boolean} [hsm] Whether to import as a hardware key (HSM) or
+ * software key
+ * 
+ * @member {object} key The Json web key
+ * 
+ * @member {string} [key.kid] Key Identifier
+ * 
+ * @member {string} [key.kty] Key type, usually RSA. Possible values include:
+ * 'EC', 'RSA', 'RSA-HSM', 'oct'
+ * 
+ * @member {array} [key.keyOps]
+ * 
+ * @member {buffer} [key.n] RSA modulus
+ * 
+ * @member {buffer} [key.e] RSA public exponent
+ * 
+ * @member {buffer} [key.d] RSA private exponent
+ * 
+ * @member {buffer} [key.dp] RSA Private Key Parameter
+ * 
+ * @member {buffer} [key.dq] RSA Private Key Parameter
+ * 
+ * @member {buffer} [key.qi] RSA Private Key Parameter
+ * 
+ * @member {buffer} [key.p] RSA secret prime
+ * 
+ * @member {buffer} [key.q] RSA secret prime, with p < q
+ * 
+ * @member {buffer} [key.k] Symmetric key
+ * 
+ * @member {buffer} [key.t] HSM Token, used with Bring Your Own Key
+ * 
+ * @member {object} [keyAttributes] The key management attributes
+ * 
+ * @member {object} [tags] Application-specific metadata in the form of
+ * key-value pairs
+ * 
+ */
+function KeyImportParameters() {
+}
+
+/**
+ * Defines the metadata of KeyImportParameters
+ *
+ * @returns {object} metadata of KeyImportParameters
+ *
+ */
+KeyImportParameters.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'KeyImportParameters',
+    type: {
+      name: 'Composite',
+      className: 'KeyImportParameters',
+      modelProperties: {
+        hsm: {
+          required: false,
+          serializedName: 'Hsm',
+          type: {
+            name: 'Boolean'
+          }
+        },
+        key: {
+          required: true,
+          serializedName: 'key',
+          type: {
+            name: 'Composite',
+            className: 'JsonWebKey'
+          }
+        },
+        keyAttributes: {
+          required: false,
+          serializedName: 'attributes',
+          type: {
+            name: 'Composite',
+            className: 'KeyAttributes'
+          }
+        },
+        tags: {
+          required: false,
+          serializedName: 'tags',
+          type: {
+            name: 'Dictionary',
+            value: {
+                required: false,
+                serializedName: 'StringElementType',
+                type: {
+                  name: 'String'
+                }
+            }
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = KeyImportParameters;

lib/services/keyVault/lib/models/keyItem.js

@@ -0,0 +1,80 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+var models = require('./index');
+
+/**
+ * @class
+ * Initializes a new instance of the KeyItem class.
+ * @constructor
+ * The key item containing key metadata
+ *
+ * @member {string} [kid] Key Identifier
+ * 
+ * @member {object} [attributes] The key management attributes
+ * 
+ * @member {object} [tags] Application-specific metadata in the form of
+ * key-value pairs
+ * 
+ */
+function KeyItem() {
+}
+
+/**
+ * Defines the metadata of KeyItem
+ *
+ * @returns {object} metadata of KeyItem
+ *
+ */
+KeyItem.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'KeyItem',
+    type: {
+      name: 'Composite',
+      className: 'KeyItem',
+      modelProperties: {
+        kid: {
+          required: false,
+          serializedName: 'kid',
+          type: {
+            name: 'String'
+          }
+        },
+        attributes: {
+          required: false,
+          serializedName: 'attributes',
+          type: {
+            name: 'Composite',
+            className: 'KeyAttributes'
+          }
+        },
+        tags: {
+          required: false,
+          serializedName: 'tags',
+          type: {
+            name: 'Dictionary',
+            value: {
+                required: false,
+                serializedName: 'StringElementType',
+                type: {
+                  name: 'String'
+                }
+            }
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = KeyItem;

lib/services/keyVault/lib/models/keyListResult.js

@@ -0,0 +1,74 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+var util = require('util');
+
+/**
+ * @class
+ * Initializes a new instance of the KeyListResult class.
+ * @constructor
+ * The key list result
+ * @member {array} [value] A response message containing a list of keys in the
+ * vault along with a link to the next page of keys
+ * 
+ * @member {string} [nextLink] The URL to get the next set of keys.
+ * 
+ */
+function KeyListResult() {
+}
+
+util.inherits(KeyListResult, Array);
+
+/**
+ * Defines the metadata of KeyListResult
+ *
+ * @returns {object} metadata of KeyListResult
+ *
+ */
+KeyListResult.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'KeyListResult',
+    type: {
+      name: 'Composite',
+      className: 'KeyListResult',
+      modelProperties: {
+        value: {
+          required: false,
+          readOnly: true,
+          serializedName: '',
+          type: {
+            name: 'Sequence',
+            element: {
+                required: false,
+                serializedName: 'KeyItemElementType',
+                type: {
+                  name: 'Composite',
+                  className: 'KeyItem'
+                }
+            }
+          }
+        },
+        nextLink: {
+          required: false,
+          readOnly: true,
+          serializedName: 'nextLink',
+          type: {
+            name: 'String'
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = KeyListResult;

lib/services/keyVault/lib/models/keyOperationResult.js

@@ -0,0 +1,62 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+/**
+ * @class
+ * Initializes a new instance of the KeyOperationResult class.
+ * @constructor
+ * The key operation result
+ *
+ * @member {string} [kid] Key identifier
+ * 
+ * @member {buffer} [result]
+ * 
+ */
+function KeyOperationResult() {
+}
+
+/**
+ * Defines the metadata of KeyOperationResult
+ *
+ * @returns {object} metadata of KeyOperationResult
+ *
+ */
+KeyOperationResult.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'KeyOperationResult',
+    type: {
+      name: 'Composite',
+      className: 'KeyOperationResult',
+      modelProperties: {
+        kid: {
+          required: false,
+          readOnly: true,
+          serializedName: 'kid',
+          type: {
+            name: 'String'
+          }
+        },
+        result: {
+          required: false,
+          readOnly: true,
+          serializedName: 'value',
+          type: {
+            name: 'Base64Url'
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = KeyOperationResult;

lib/services/keyVault/lib/models/keyOperationsParameters.js

@@ -0,0 +1,64 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+/**
+ * @class
+ * Initializes a new instance of the KeyOperationsParameters class.
+ * @constructor
+ * The key operations parameters
+ *
+ * @member {string} algorithm algorithm identifier. Possible values include:
+ * 'RSA-OAEP', 'RSA1_5'
+ * 
+ * @member {buffer} value
+ * 
+ */
+function KeyOperationsParameters() {
+}
+
+/**
+ * Defines the metadata of KeyOperationsParameters
+ *
+ * @returns {object} metadata of KeyOperationsParameters
+ *
+ */
+KeyOperationsParameters.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'KeyOperationsParameters',
+    type: {
+      name: 'Composite',
+      className: 'KeyOperationsParameters',
+      modelProperties: {
+        algorithm: {
+          required: true,
+          serializedName: 'alg',
+          constraints: {
+            MinLength: 1
+          },
+          type: {
+            name: 'String'
+          }
+        },
+        value: {
+          required: true,
+          serializedName: 'value',
+          type: {
+            name: 'Base64Url'
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = KeyOperationsParameters;

lib/services/keyVault/lib/models/keyProperties.js

@@ -0,0 +1,79 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+/**
+ * @class
+ * Initializes a new instance of the KeyProperties class.
+ * @constructor
+ * Properties of the key pair backing a certificate.
+ *
+ * @member {boolean} [exportable] Indicates if the private key can be exported.
+ * 
+ * @member {string} [keyType] The key type.
+ * 
+ * @member {number} [keySize] The key size in bytes. e.g. 1024 or 2048.
+ * 
+ * @member {boolean} [reuseKey] Indicates if the same key pair will be used on
+ * certificate renewal.
+ * 
+ */
+function KeyProperties() {
+}
+
+/**
+ * Defines the metadata of KeyProperties
+ *
+ * @returns {object} metadata of KeyProperties
+ *
+ */
+KeyProperties.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'KeyProperties',
+    type: {
+      name: 'Composite',
+      className: 'KeyProperties',
+      modelProperties: {
+        exportable: {
+          required: false,
+          serializedName: 'exportable',
+          type: {
+            name: 'Boolean'
+          }
+        },
+        keyType: {
+          required: false,
+          serializedName: 'kty',
+          type: {
+            name: 'String'
+          }
+        },
+        keySize: {
+          required: false,
+          serializedName: 'key_size',
+          type: {
+            name: 'Number'
+          }
+        },
+        reuseKey: {
+          required: false,
+          serializedName: 'reuse_key',
+          type: {
+            name: 'Boolean'
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = KeyProperties;

lib/services/keyVault/lib/models/keyRestoreParameters.js

@@ -0,0 +1,52 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+/**
+ * @class
+ * Initializes a new instance of the KeyRestoreParameters class.
+ * @constructor
+ * The key restore parameters
+ *
+ * @member {buffer} keyBundleBackup the backup blob associated with a key
+ * bundle
+ * 
+ */
+function KeyRestoreParameters() {
+}
+
+/**
+ * Defines the metadata of KeyRestoreParameters
+ *
+ * @returns {object} metadata of KeyRestoreParameters
+ *
+ */
+KeyRestoreParameters.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'KeyRestoreParameters',
+    type: {
+      name: 'Composite',
+      className: 'KeyRestoreParameters',
+      modelProperties: {
+        keyBundleBackup: {
+          required: true,
+          serializedName: 'value',
+          type: {
+            name: 'Base64Url'
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = KeyRestoreParameters;

lib/services/keyVault/lib/models/keySignParameters.js

@@ -0,0 +1,66 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+/**
+ * @class
+ * Initializes a new instance of the KeySignParameters class.
+ * @constructor
+ * The key operations parameters
+ *
+ * @member {string} algorithm The signing/verification algorithm identifier.
+ * For more information on possible algorithm types, see
+ * JsonWebKeySignatureAlgorithm. Possible values include: 'RS256', 'RS384',
+ * 'RS512', 'RSNULL'
+ * 
+ * @member {buffer} value
+ * 
+ */
+function KeySignParameters() {
+}
+
+/**
+ * Defines the metadata of KeySignParameters
+ *
+ * @returns {object} metadata of KeySignParameters
+ *
+ */
+KeySignParameters.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'KeySignParameters',
+    type: {
+      name: 'Composite',
+      className: 'KeySignParameters',
+      modelProperties: {
+        algorithm: {
+          required: true,
+          serializedName: 'alg',
+          constraints: {
+            MinLength: 1
+          },
+          type: {
+            name: 'String'
+          }
+        },
+        value: {
+          required: true,
+          serializedName: 'value',
+          type: {
+            name: 'Base64Url'
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = KeySignParameters;

lib/services/keyVault/lib/models/keyUpdateParameters.js

@@ -0,0 +1,90 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+var models = require('./index');
+
+var util = require('util');
+
+/**
+ * @class
+ * Initializes a new instance of the KeyUpdateParameters class.
+ * @constructor
+ * The key update parameters
+ *
+ * @member {array} [keyOps] Json web key operations. For more information on
+ * possible key operations, see JsonWebKeyOperation.
+ * 
+ * @member {object} [keyAttributes]
+ * 
+ * @member {object} [tags] Application-specific metadata in the form of
+ * key-value pairs
+ * 
+ */
+function KeyUpdateParameters() {
+}
+
+/**
+ * Defines the metadata of KeyUpdateParameters
+ *
+ * @returns {object} metadata of KeyUpdateParameters
+ *
+ */
+KeyUpdateParameters.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'KeyUpdateParameters',
+    type: {
+      name: 'Composite',
+      className: 'KeyUpdateParameters',
+      modelProperties: {
+        keyOps: {
+          required: false,
+          serializedName: 'key_ops',
+          type: {
+            name: 'Sequence',
+            element: {
+                required: false,
+                serializedName: 'StringElementType',
+                type: {
+                  name: 'String'
+                }
+            }
+          }
+        },
+        keyAttributes: {
+          required: false,
+          serializedName: 'attributes',
+          type: {
+            name: 'Composite',
+            className: 'KeyAttributes'
+          }
+        },
+        tags: {
+          required: false,
+          serializedName: 'tags',
+          type: {
+            name: 'Dictionary',
+            value: {
+                required: false,
+                serializedName: 'StringElementType',
+                type: {
+                  name: 'String'
+                }
+            }
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = KeyUpdateParameters;

lib/services/keyVault/lib/models/keyVaultError.js

@@ -0,0 +1,59 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+var models = require('./index');
+
+/**
+ * @class
+ * Initializes a new instance of the KeyVaultError class.
+ * @constructor
+ * the key vault error exception
+ *
+ * @member {object} [error]
+ * 
+ * @member {string} [error.code] The error code.
+ * 
+ * @member {string} [error.message] The error message.
+ * 
+ */
+function KeyVaultError() {
+}
+
+/**
+ * Defines the metadata of KeyVaultError
+ *
+ * @returns {object} metadata of KeyVaultError
+ *
+ */
+KeyVaultError.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'KeyVaultError',
+    type: {
+      name: 'Composite',
+      className: 'KeyVaultError',
+      modelProperties: {
+        error: {
+          required: false,
+          readOnly: true,
+          serializedName: 'error',
+          type: {
+            name: 'Composite',
+            className: 'ErrorModel'
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = KeyVaultError;

lib/services/keyVault/lib/models/keyVerifyParameters.js

@@ -0,0 +1,74 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+/**
+ * @class
+ * Initializes a new instance of the KeyVerifyParameters class.
+ * @constructor
+ * The key verify parameters
+ *
+ * @member {string} algorithm The signing/verification algorithm. For more
+ * information on possible algorithm types, see JsonWebKeySignatureAlgorithm.
+ * Possible values include: 'RS256', 'RS384', 'RS512', 'RSNULL'
+ * 
+ * @member {buffer} digest The digest used for signing
+ * 
+ * @member {buffer} signature The signature to be verified
+ * 
+ */
+function KeyVerifyParameters() {
+}
+
+/**
+ * Defines the metadata of KeyVerifyParameters
+ *
+ * @returns {object} metadata of KeyVerifyParameters
+ *
+ */
+KeyVerifyParameters.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'KeyVerifyParameters',
+    type: {
+      name: 'Composite',
+      className: 'KeyVerifyParameters',
+      modelProperties: {
+        algorithm: {
+          required: true,
+          serializedName: 'alg',
+          constraints: {
+            MinLength: 1
+          },
+          type: {
+            name: 'String'
+          }
+        },
+        digest: {
+          required: true,
+          serializedName: 'digest',
+          type: {
+            name: 'Base64Url'
+          }
+        },
+        signature: {
+          required: true,
+          serializedName: 'value',
+          type: {
+            name: 'Base64Url'
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = KeyVerifyParameters;

lib/services/keyVault/lib/models/keyVerifyResult.js

@@ -0,0 +1,53 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+/**
+ * @class
+ * Initializes a new instance of the KeyVerifyResult class.
+ * @constructor
+ * The key verify result
+ *
+ * @member {boolean} [value] true if the signature is verified, false
+ * otherwise.
+ * 
+ */
+function KeyVerifyResult() {
+}
+
+/**
+ * Defines the metadata of KeyVerifyResult
+ *
+ * @returns {object} metadata of KeyVerifyResult
+ *
+ */
+KeyVerifyResult.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'KeyVerifyResult',
+    type: {
+      name: 'Composite',
+      className: 'KeyVerifyResult',
+      modelProperties: {
+        value: {
+          required: false,
+          readOnly: true,
+          serializedName: 'value',
+          type: {
+            name: 'Boolean'
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = KeyVerifyResult;

lib/services/keyVault/lib/models/lifetimeAction.js

@@ -0,0 +1,73 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+var models = require('./index');
+
+/**
+ * @class
+ * Initializes a new instance of the LifetimeAction class.
+ * @constructor
+ * Action and its trigger that will be performed by Key Vault over the
+ * lifetime of a certificate.
+ *
+ * @member {object} [trigger] The condition that will execute the action.
+ * 
+ * @member {number} [trigger.lifetimePercentage] Percentage of lifetime as
+ * which to trigger. Value should be between 1 and 99.
+ * 
+ * @member {number} [trigger.daysBeforeExpiry] Days before expiry.
+ * 
+ * @member {object} [action] The action that will be executed.
+ * 
+ * @member {string} [action.actionType] The type of the action. Possible
+ * values include: 'EmailContacts', 'AutoRenew'
+ * 
+ */
+function LifetimeAction() {
+}
+
+/**
+ * Defines the metadata of LifetimeAction
+ *
+ * @returns {object} metadata of LifetimeAction
+ *
+ */
+LifetimeAction.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'LifetimeAction',
+    type: {
+      name: 'Composite',
+      className: 'LifetimeAction',
+      modelProperties: {
+        trigger: {
+          required: false,
+          serializedName: 'trigger',
+          type: {
+            name: 'Composite',
+            className: 'Trigger'
+          }
+        },
+        action: {
+          required: false,
+          serializedName: 'action',
+          type: {
+            name: 'Composite',
+            className: 'Action'
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = LifetimeAction;

lib/services/keyVault/lib/models/organizationDetails.js

@@ -0,0 +1,72 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+var models = require('./index');
+
+var util = require('util');
+
+/**
+ * @class
+ * Initializes a new instance of the OrganizationDetails class.
+ * @constructor
+ * Details of the organization of the certificate issuer.
+ *
+ * @member {string} [id] Id of the organization.
+ * 
+ * @member {array} [adminDetails] Details of the organization administrator.
+ * 
+ */
+function OrganizationDetails() {
+}
+
+/**
+ * Defines the metadata of OrganizationDetails
+ *
+ * @returns {object} metadata of OrganizationDetails
+ *
+ */
+OrganizationDetails.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'OrganizationDetails',
+    type: {
+      name: 'Composite',
+      className: 'OrganizationDetails',
+      modelProperties: {
+        id: {
+          required: false,
+          serializedName: 'id',
+          type: {
+            name: 'String'
+          }
+        },
+        adminDetails: {
+          required: false,
+          serializedName: 'admin_details',
+          type: {
+            name: 'Sequence',
+            element: {
+                required: false,
+                serializedName: 'AdministratorDetailsElementType',
+                type: {
+                  name: 'Composite',
+                  className: 'AdministratorDetails'
+                }
+            }
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = OrganizationDetails;

lib/services/keyVault/lib/models/pendingCertificateSigningRequestResult.js

@@ -0,0 +1,53 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+/**
+ * @class
+ * Initializes a new instance of the PendingCertificateSigningRequestResult class.
+ * @constructor
+ * The pending certificate signing request result
+ *
+ * @member {string} [value] The pending certificate signing request as Base64
+ * encoded string.
+ * 
+ */
+function PendingCertificateSigningRequestResult() {
+}
+
+/**
+ * Defines the metadata of PendingCertificateSigningRequestResult
+ *
+ * @returns {object} metadata of PendingCertificateSigningRequestResult
+ *
+ */
+PendingCertificateSigningRequestResult.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'PendingCertificateSigningRequestResult',
+    type: {
+      name: 'Composite',
+      className: 'PendingCertificateSigningRequestResult',
+      modelProperties: {
+        value: {
+          required: false,
+          readOnly: true,
+          serializedName: 'value',
+          type: {
+            name: 'String'
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = PendingCertificateSigningRequestResult;

lib/services/keyVault/lib/models/secretAttributes.js

@@ -0,0 +1,86 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+var models = require('./index');
+
+var util = require('util');
+
+/**
+ * @class
+ * Initializes a new instance of the SecretAttributes class.
+ * @constructor
+ * The secret management attributes
+ *
+ */
+function SecretAttributes() {
+  SecretAttributes['super_'].call(this);
+}
+
+util.inherits(SecretAttributes, models['Attributes']);
+
+/**
+ * Defines the metadata of SecretAttributes
+ *
+ * @returns {object} metadata of SecretAttributes
+ *
+ */
+SecretAttributes.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'SecretAttributes',
+    type: {
+      name: 'Composite',
+      className: 'SecretAttributes',
+      modelProperties: {
+        enabled: {
+          required: false,
+          serializedName: 'enabled',
+          type: {
+            name: 'Boolean'
+          }
+        },
+        notBefore: {
+          required: false,
+          serializedName: 'nbf',
+          type: {
+            name: 'UnixTime'
+          }
+        },
+        expires: {
+          required: false,
+          serializedName: 'exp',
+          type: {
+            name: 'UnixTime'
+          }
+        },
+        created: {
+          required: false,
+          readOnly: true,
+          serializedName: 'created',
+          type: {
+            name: 'UnixTime'
+          }
+        },
+        updated: {
+          required: false,
+          readOnly: true,
+          serializedName: 'updated',
+          type: {
+            name: 'UnixTime'
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = SecretAttributes;

lib/services/keyVault/lib/models/secretBundle.js

@@ -0,0 +1,107 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+var models = require('./index');
+
+/**
+ * @class
+ * Initializes a new instance of the SecretBundle class.
+ * @constructor
+ * A Secret consisting of a value, id and its attributes.
+ *
+ * @member {string} [value] The secret value
+ * 
+ * @member {string} [id] The secret id
+ * 
+ * @member {string} [contentType] The content type of the secret
+ * 
+ * @member {object} [attributes] The secret management attributes
+ * 
+ * @member {object} [tags] Application-specific metadata in the form of
+ * key-value pairs
+ * 
+ * @member {string} [kid] The key id for certificate.
+ * 
+ */
+function SecretBundle() {
+}
+
+/**
+ * Defines the metadata of SecretBundle
+ *
+ * @returns {object} metadata of SecretBundle
+ *
+ */
+SecretBundle.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'SecretBundle',
+    type: {
+      name: 'Composite',
+      className: 'SecretBundle',
+      modelProperties: {
+        value: {
+          required: false,
+          serializedName: 'value',
+          type: {
+            name: 'String'
+          }
+        },
+        id: {
+          required: false,
+          serializedName: 'id',
+          type: {
+            name: 'String'
+          }
+        },
+        contentType: {
+          required: false,
+          serializedName: 'contentType',
+          type: {
+            name: 'String'
+          }
+        },
+        attributes: {
+          required: false,
+          serializedName: 'attributes',
+          type: {
+            name: 'Composite',
+            className: 'SecretAttributes'
+          }
+        },
+        tags: {
+          required: false,
+          serializedName: 'tags',
+          type: {
+            name: 'Dictionary',
+            value: {
+                required: false,
+                serializedName: 'StringElementType',
+                type: {
+                  name: 'String'
+                }
+            }
+          }
+        },
+        kid: {
+          required: false,
+          serializedName: 'kid',
+          type: {
+            name: 'String'
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = SecretBundle;

lib/services/keyVault/lib/models/secretItem.js

@@ -0,0 +1,89 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+var models = require('./index');
+
+/**
+ * @class
+ * Initializes a new instance of the SecretItem class.
+ * @constructor
+ * The secret item containing secret metadata
+ *
+ * @member {string} [id] Secret Identifier
+ * 
+ * @member {object} [attributes] The secret management attributes
+ * 
+ * @member {object} [tags] Application-specific metadata in the form of
+ * key-value pairs
+ * 
+ * @member {string} [contentType] Type of the secret value such as a password
+ * 
+ */
+function SecretItem() {
+}
+
+/**
+ * Defines the metadata of SecretItem
+ *
+ * @returns {object} metadata of SecretItem
+ *
+ */
+SecretItem.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'SecretItem',
+    type: {
+      name: 'Composite',
+      className: 'SecretItem',
+      modelProperties: {
+        id: {
+          required: false,
+          serializedName: 'id',
+          type: {
+            name: 'String'
+          }
+        },
+        attributes: {
+          required: false,
+          serializedName: 'attributes',
+          type: {
+            name: 'Composite',
+            className: 'SecretAttributes'
+          }
+        },
+        tags: {
+          required: false,
+          serializedName: 'tags',
+          type: {
+            name: 'Dictionary',
+            value: {
+                required: false,
+                serializedName: 'StringElementType',
+                type: {
+                  name: 'String'
+                }
+            }
+          }
+        },
+        contentType: {
+          required: false,
+          serializedName: 'contentType',
+          type: {
+            name: 'String'
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = SecretItem;

lib/services/keyVault/lib/models/secretListResult.js

@@ -0,0 +1,74 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+var util = require('util');
+
+/**
+ * @class
+ * Initializes a new instance of the SecretListResult class.
+ * @constructor
+ * The secret list result
+ * @member {array} [value] A response message containing a list of secrets in
+ * the vault along with a link to the next page of secrets
+ * 
+ * @member {string} [nextLink] The URL to get the next set of secrets.
+ * 
+ */
+function SecretListResult() {
+}
+
+util.inherits(SecretListResult, Array);
+
+/**
+ * Defines the metadata of SecretListResult
+ *
+ * @returns {object} metadata of SecretListResult
+ *
+ */
+SecretListResult.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'SecretListResult',
+    type: {
+      name: 'Composite',
+      className: 'SecretListResult',
+      modelProperties: {
+        value: {
+          required: false,
+          readOnly: true,
+          serializedName: '',
+          type: {
+            name: 'Sequence',
+            element: {
+                required: false,
+                serializedName: 'SecretItemElementType',
+                type: {
+                  name: 'Composite',
+                  className: 'SecretItem'
+                }
+            }
+          }
+        },
+        nextLink: {
+          required: false,
+          readOnly: true,
+          serializedName: 'nextLink',
+          type: {
+            name: 'String'
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = SecretListResult;

lib/services/keyVault/lib/models/secretProperties.js

@@ -0,0 +1,51 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+/**
+ * @class
+ * Initializes a new instance of the SecretProperties class.
+ * @constructor
+ * Properties of the key backing a certificate.
+ *
+ * @member {string} [contentType] The media type (MIME type).
+ * 
+ */
+function SecretProperties() {
+}
+
+/**
+ * Defines the metadata of SecretProperties
+ *
+ * @returns {object} metadata of SecretProperties
+ *
+ */
+SecretProperties.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'SecretProperties',
+    type: {
+      name: 'Composite',
+      className: 'SecretProperties',
+      modelProperties: {
+        contentType: {
+          required: false,
+          serializedName: 'contentType',
+          type: {
+            name: 'String'
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = SecretProperties;

lib/services/keyVault/lib/models/secretSetParameters.js

@@ -0,0 +1,89 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+var models = require('./index');
+
+/**
+ * @class
+ * Initializes a new instance of the SecretSetParameters class.
+ * @constructor
+ * The secret set parameters
+ *
+ * @member {string} value The value of the secret
+ * 
+ * @member {object} [tags] Application-specific metadata in the form of
+ * key-value pairs
+ * 
+ * @member {string} [contentType] Type of the secret value such as a password
+ * 
+ * @member {object} [secretAttributes] The secret management attributes
+ * 
+ */
+function SecretSetParameters() {
+}
+
+/**
+ * Defines the metadata of SecretSetParameters
+ *
+ * @returns {object} metadata of SecretSetParameters
+ *
+ */
+SecretSetParameters.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'SecretSetParameters',
+    type: {
+      name: 'Composite',
+      className: 'SecretSetParameters',
+      modelProperties: {
+        value: {
+          required: true,
+          serializedName: 'value',
+          type: {
+            name: 'String'
+          }
+        },
+        tags: {
+          required: false,
+          serializedName: 'tags',
+          type: {
+            name: 'Dictionary',
+            value: {
+                required: false,
+                serializedName: 'StringElementType',
+                type: {
+                  name: 'String'
+                }
+            }
+          }
+        },
+        contentType: {
+          required: false,
+          serializedName: 'contentType',
+          type: {
+            name: 'String'
+          }
+        },
+        secretAttributes: {
+          required: false,
+          serializedName: 'attributes',
+          type: {
+            name: 'Composite',
+            className: 'SecretAttributes'
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = SecretSetParameters;

lib/services/keyVault/lib/models/secretUpdateParameters.js

@@ -0,0 +1,80 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+var models = require('./index');
+
+/**
+ * @class
+ * Initializes a new instance of the SecretUpdateParameters class.
+ * @constructor
+ * The secret update parameters
+ *
+ * @member {string} [contentType] Type of the secret value such as a password
+ * 
+ * @member {object} [secretAttributes] The secret management attributes
+ * 
+ * @member {object} [tags] Application-specific metadata in the form of
+ * key-value pairs
+ * 
+ */
+function SecretUpdateParameters() {
+}
+
+/**
+ * Defines the metadata of SecretUpdateParameters
+ *
+ * @returns {object} metadata of SecretUpdateParameters
+ *
+ */
+SecretUpdateParameters.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'SecretUpdateParameters',
+    type: {
+      name: 'Composite',
+      className: 'SecretUpdateParameters',
+      modelProperties: {
+        contentType: {
+          required: false,
+          serializedName: 'contentType',
+          type: {
+            name: 'String'
+          }
+        },
+        secretAttributes: {
+          required: false,
+          serializedName: 'attributes',
+          type: {
+            name: 'Composite',
+            className: 'SecretAttributes'
+          }
+        },
+        tags: {
+          required: false,
+          serializedName: 'tags',
+          type: {
+            name: 'Dictionary',
+            value: {
+                required: false,
+                serializedName: 'StringElementType',
+                type: {
+                  name: 'String'
+                }
+            }
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = SecretUpdateParameters;

lib/services/keyVault/lib/models/subjectAlternativeNames.js

@@ -0,0 +1,92 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+var util = require('util');
+
+/**
+ * @class
+ * Initializes a new instance of the SubjectAlternativeNames class.
+ * @constructor
+ * The subject alternate names of a X509 object.
+ *
+ * @member {array} [emails] Email addresses.
+ * 
+ * @member {array} [dnsNames] Domain names.
+ * 
+ * @member {array} [upns] User principal names.
+ * 
+ */
+function SubjectAlternativeNames() {
+}
+
+/**
+ * Defines the metadata of SubjectAlternativeNames
+ *
+ * @returns {object} metadata of SubjectAlternativeNames
+ *
+ */
+SubjectAlternativeNames.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'SubjectAlternativeNames',
+    type: {
+      name: 'Composite',
+      className: 'SubjectAlternativeNames',
+      modelProperties: {
+        emails: {
+          required: false,
+          serializedName: 'emails',
+          type: {
+            name: 'Sequence',
+            element: {
+                required: false,
+                serializedName: 'StringElementType',
+                type: {
+                  name: 'String'
+                }
+            }
+          }
+        },
+        dnsNames: {
+          required: false,
+          serializedName: 'dns_names',
+          type: {
+            name: 'Sequence',
+            element: {
+                required: false,
+                serializedName: 'StringElementType',
+                type: {
+                  name: 'String'
+                }
+            }
+          }
+        },
+        upns: {
+          required: false,
+          serializedName: 'upns',
+          type: {
+            name: 'Sequence',
+            element: {
+                required: false,
+                serializedName: 'StringElementType',
+                type: {
+                  name: 'String'
+                }
+            }
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = SubjectAlternativeNames;

lib/services/keyVault/lib/models/trigger.js

@@ -0,0 +1,65 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+/**
+ * @class
+ * Initializes a new instance of the Trigger class.
+ * @constructor
+ * A condition to be satisfied for an action to be executed.
+ *
+ * @member {number} [lifetimePercentage] Percentage of lifetime as which to
+ * trigger. Value should be between 1 and 99.
+ * 
+ * @member {number} [daysBeforeExpiry] Days before expiry.
+ * 
+ */
+function Trigger() {
+}
+
+/**
+ * Defines the metadata of Trigger
+ *
+ * @returns {object} metadata of Trigger
+ *
+ */
+Trigger.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'Trigger',
+    type: {
+      name: 'Composite',
+      className: 'Trigger',
+      modelProperties: {
+        lifetimePercentage: {
+          required: false,
+          serializedName: 'lifetime_percentage',
+          constraints: {
+            InclusiveMaximum: 99,
+            InclusiveMinimum: 1
+          },
+          type: {
+            name: 'Number'
+          }
+        },
+        daysBeforeExpiry: {
+          required: false,
+          serializedName: 'days_before_expiry',
+          type: {
+            name: 'Number'
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = Trigger;

lib/services/keyVault/lib/models/x509CertificateProperties.js

@@ -0,0 +1,116 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+var models = require('./index');
+
+var util = require('util');
+
+/**
+ * @class
+ * Initializes a new instance of the X509CertificateProperties class.
+ * @constructor
+ * Properties of the X509 component of a certificate.
+ *
+ * @member {string} [subject] The subject name. Should be a valid X509
+ * Distinguished Name.
+ * 
+ * @member {array} [ekus] The enhaunced key usage.
+ * 
+ * @member {object} [subjectAlternativeNames] The subject alternative names.
+ * 
+ * @member {array} [subjectAlternativeNames.emails] Email addresses.
+ * 
+ * @member {array} [subjectAlternativeNames.dnsNames] Domain names.
+ * 
+ * @member {array} [subjectAlternativeNames.upns] User principal names.
+ * 
+ * @member {array} [keyUsage] List of key usages.
+ * 
+ * @member {number} [validityInMonths] The subject alternate names.
+ * 
+ */
+function X509CertificateProperties() {
+}
+
+/**
+ * Defines the metadata of X509CertificateProperties
+ *
+ * @returns {object} metadata of X509CertificateProperties
+ *
+ */
+X509CertificateProperties.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'X509CertificateProperties',
+    type: {
+      name: 'Composite',
+      className: 'X509CertificateProperties',
+      modelProperties: {
+        subject: {
+          required: false,
+          serializedName: 'subject',
+          type: {
+            name: 'String'
+          }
+        },
+        ekus: {
+          required: false,
+          serializedName: 'ekus',
+          type: {
+            name: 'Sequence',
+            element: {
+                required: false,
+                serializedName: 'StringElementType',
+                type: {
+                  name: 'String'
+                }
+            }
+          }
+        },
+        subjectAlternativeNames: {
+          required: false,
+          serializedName: 'sans',
+          type: {
+            name: 'Composite',
+            className: 'SubjectAlternativeNames'
+          }
+        },
+        keyUsage: {
+          required: false,
+          serializedName: 'key_usage',
+          type: {
+            name: 'Sequence',
+            element: {
+                required: false,
+                serializedName: 'StringElementType',
+                type: {
+                  name: 'String'
+                }
+            }
+          }
+        },
+        validityInMonths: {
+          required: false,
+          serializedName: 'validity_months',
+          constraints: {
+            InclusiveMinimum: 0
+          },
+          type: {
+            name: 'Number'
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = X509CertificateProperties;

lib/services/keyVault/lib/objectIdentifier.js

@@ -0,0 +1,221 @@
+var url = require('url');
+var util = require('util');
+
+
+/** An identifier for an Azure Key Vault resource.
+  * @class
+  */
+function ObjectIdentifier(collection, vault, name, version) {
+
+  /** The vault URI.
+    * @member {string}
+    */
+  this.vault = vault;
+
+  /** The key name.
+    * @member {string}
+    */
+  this.name = name;
+
+  /** The key version. May be null.
+    * @member {string}
+    */
+  this.version = version;
+
+  /** The base identifier (i.e. without the version).
+    * @member {string}
+    */
+  this.baseIdentifier = util.format('%s/%s/%s', vault, collection, name);
+
+  /** The full identifier if a version was informed; otherwise is the same value of baseIdentifier.
+    * @member {string}
+    */
+  this.identifier = version ? util.format('%s/%s', this.baseIdentifier, version) : this.baseIdentifier;
+}
+
+function createObjectIdentifier(collection, vault, name, version) {
+
+  if (typeof collection != 'string' || !(collection = collection.trim())) {
+    throw new Error('Invalid collection argument');
+  }
+
+  if (typeof vault != 'string' || !(vault = vault.trim())) {
+    throw new Error('Invalid vault argument');
+  }
+
+  if (typeof name != 'string' || !(name = name.trim())) {
+    throw new Error('Invalid name argument');
+  }
+
+  if (version && typeof version != 'string') {
+    throw new Error('Invalid version argument');
+  }
+
+  if (version) {
+    version = version.trim();
+  }
+
+  if (!version) {
+    version = null;
+  }
+
+  var baseUri;
+  try {
+    baseUri = url.parse(vault, true, true);
+  } catch (e) {
+    throw new Error(util.format('Invalid %s identifier: %s. Not a valid URI', collection, vault));
+  }
+
+  var vault = util.format('%s//%s', baseUri.protocol, baseUri.host);
+  return new ObjectIdentifier(collection, vault, name, version);
+}
+
+function parseObjectIdentifier(collection, identifier) {
+
+  if (typeof collection != 'string' || !(collection = collection.trim())) {
+    throw new Error('Invalid collection argument');
+  }
+
+  if (typeof identifier != 'string' || !(identifier = identifier.trim())) {
+    throw new Error('Invalid identifier argument');
+  }
+
+  var baseUri;
+  try {
+    baseUri = url.parse(identifier, true, true);
+  } catch (e) {
+    throw new Error(util.format('Invalid %s identifier: %s. Not a valid URI', collection, identifier));
+  }
+
+  // Path is of the form '/collection/name[/version]'
+  var segments = baseUri.pathname.split('/');
+  if (segments.length !== 3 && segments.length !== 4) {
+    throw new Error(util.format('Invalid %s identifier: %s. Bad number of segments: %d', collection, identifier, segments.length));
+  }
+
+  if (collection !== segments[1]) {
+    throw new Error(util.format('Invalid %s identifier: %s. segment [1] should be "%s", found "%s"', collection, identifier, collection, segments[1]));
+  }
+
+  var vault = util.format('%s//%s', baseUri.protocol, baseUri.host);
+  var name = segments[2];
+  var version = segments.length === 4 ? segments[3] : null;
+  return new ObjectIdentifier(collection, vault, name, version);
+}
+
+/** Creates an ObjectIdentifier object for a key.
+ @param {string} vault The vault URI.
+ @param {string} name The key name.
+ @param {string} [version=null] The object version.
+ @return {ObjectIdentifier} An object that represents the key identifier.
+*/
+module.exports.createKeyIdentifier = function (vault, name, version) {
+    return createObjectIdentifier('keys', vault, name, version);
+};
+
+/** Parses a string containing a key identifier and returns the ObjectIdentifier object.
+ @param {string} identifier The key identifier (an URI).
+ @return {ObjectIdentifier} An object that represents the key identifier.
+*/
+module.exports.parseKeyIdentifier = function (identifier) {
+    return parseObjectIdentifier('keys', identifier);
+};
+
+/** Creates an ObjectIdentifier object for a secret.
+ @param {string} vault The vault URI.
+ @param {string} name The secret name.
+ @param {string} [version=null] The object version.
+ @return {ObjectIdentifier} An object that represents the secret identifier.
+*/
+module.exports.createSecretIdentifier = function (vault, name, version) {
+    return createObjectIdentifier('secrets', vault, name, version);
+};
+
+/** Parses a string containing a secret identifier and returns the ObjectIdentifier object.
+ @param {string} identifier The secret identifier (an URI).
+ @return {ObjectIdentifier} An object that represents the secret identifier.
+*/
+module.exports.parseSecretIdentifier = function (identifier) {
+    return parseObjectIdentifier('secrets', identifier);
+};
+
+/** Creates an ObjectIdentifier object for a certificate.
+ @param {string} vault The vault URI.
+ @param {string} name The certificate name.
+ @param {string} [version=null] The object version.
+ @return {ObjectIdentifier} An object that represents the certificate identifier.
+*/
+module.exports.createCertificateIdentifier = function (vault, name, version) {
+    return createObjectIdentifier('certificates', vault, name, version);
+};
+
+/** Parses a string containing a certificate identifier and returns the ObjectIdentifier object.
+ @param {string} identifier The certificate identifier (an URI).
+ @return {ObjectIdentifier} An object that represents the certificate identifier.
+*/
+module.exports.parseCertificateIdentifier = function (identifier) {
+    return parseObjectIdentifier('certificates', identifier);
+};
+
+/** Creates an ObjectIdentifier object for a certificate operation.
+ @param {string} vault The vault URI.
+ @param {string} name The certificate name.
+ @return {ObjectIdentifier} An object that represents the certificate identifier.
+*/
+module.exports.createCertificateOperationIdentifier = function (vault, name) {
+    var objId = createObjectIdentifier('certificates', vault, name, 'pending');
+    objId.baseIdentifier = objId.identifier;
+    objId.version = null;
+    return objId;
+};
+
+/** Parses a string containing a certificate identifier and returns the ObjectIdentifier object.
+ @param {string} identifier The certificate identifier (an URI).
+ @return {ObjectIdentifier} An object that represents the certificate identifier.
+*/
+module.exports.parseCertificateOperationIdentifier = function (identifier) {
+    var objId = parseObjectIdentifier('certificates', identifier);
+    objId.baseIdentifier = objId.identifier;
+    objId.version = null;
+    return objId;
+};
+
+/** Creates an ObjectIdentifier object for a certificate issuer.
+ @param {string} vault The vault URI.
+ @param {string} name The certificate issuer name.
+ @return {ObjectIdentifier} An object that represents the certificate issuer identifier.
+*/
+module.exports.createIssuerIdentifier = function (vault, name) {
+    return createObjectIdentifier('certificates/issuers', vault, name);
+};
+
+/** Parses a string containing a certificate issuer identifier and returns the ObjectIdentifier object.
+ @param {string} identifier The certificate issuer identifier (an URI).
+ @return {ObjectIdentifier} An object that represents the certificate issuer identifier.
+*/
+module.exports.parseIssuerIdentifier = function (identifier) {
+    var baseUri;
+    try {
+        baseUri = url.parse(identifier, true, true);
+    } catch (e) {
+        throw new Error(util.format('Invalid %s identifier: %s. Not a valid URI', 'issuer', identifier));
+    }
+    
+    // Path is of the form '/certificate/issuer/name'
+    var segments = baseUri.pathname.split('/');
+    if (segments.length !== 4) {
+        throw new Error(util.format('Invalid %s identifier: %s. Bad number of segments: %d', 'issuer', identifier, segments.length));
+    }
+    
+    if ('certificates' !== segments[1]) {
+        throw new Error(util.format('Invalid %s identifier: %s. segment [1] should be "%s", found "%s"', 'issuer', identifier, 'certificates', segments[1]));
+    }
+    
+    if ('issuers' !== segments[2]) {
+        throw new Error(util.format('Invalid %s identifier: %s. segment [2] should be "%s", found "%s"', 'issuer', identifier, 'issuers', segments[1]));
+    }
+    
+    var vault = util.format('%s//%s', baseUri.protocol, baseUri.host);
+    var name = segments[3];
+    return new ObjectIdentifier('certificates/issuers', vault, name, null);
+};

lib/services/keyVault/package.json

@@ -6,10 +6,11 @@
     "Gupta, Divya <Divya.Gupta@microsoft.com>",
     "Kostal, Greg <gkostal@microsoft.com>",
     "Wilson, Hervey <herveyw@microsoft.com>",
+    "Mortazavi, Pooneh <pomortaz@microsoft.com>",
     "Zavery, Amar <amzavery@microsoft.com>",
     "Wang, Yugang <yugangw@microsoft.com>"
   ],
-  "version": "0.10.1",
+  "version": "0.10.2",
   "description": "Microsoft Azure Key Vault Client Library for node",
   "tags": [
     "azure",
@@ -27,9 +28,9 @@
     }
   ],
   "dependencies": {
-    "azure-common": "^0.9.13",
-    "node-uuid": ">= 1.3.3",
-    "underscore": "1.4.x"
+    "ms-rest": "^1.14.0",
+    "ms-rest-azure": "^1.14.0",
+    "underscore": "^1.4.0"
   },
   "homepage": "http://github.com/Azure/azure-sdk-for-node",
   "repository": {

lib/services/keyVaultManagement/README.md

@@ -1,8 +1,8 @@
 # Microsoft Azure SDK for Node.js - Key Vault Management
 
 This project provides a Node.js package for managing vaults on Azure Key Vault. Right now it supports:
-- **Node.js version: 0.6.15 or higher**
-- **Resource Management REST API version: 2014-12-19-PREVIEW**
+- **Node.js version: 4.x.x or higher**
+- **REST API version: 2015-06-01**
 
 ## Features
 
@@ -19,33 +19,19 @@ npm install azure-arm-keyvault
 The following example creates a new vault.
 
 ```javascript
-var AzureCommon       = require('azure-common');
-var AzureMgmtKeyVault = require('azure-arm-keyvault');
-var AdalNode          = require('adal-node'); // Used for authentication
+var msRestAzure = require('ms-rest-azure');
+var keyVaultManagementClient = require('azure-arm-keyvault');
 
-var userName = 'someone@myorg.com';
-var password = '123';
-var clientId = '<client GUID>';
-var resourceUri = 'https://management.core.windows.net/';
+// Interactive Login
+msRestAzure.interactiveLogin(function(err, credentials) {
+  var client = new keyVaultManagementClient(credentials, '<your-subscription-id>');
 
-var context = new AdalNode.AuthenticationContext('https://login.windows.net/myorg.com');
-context.acquireTokenWithUsernamePassword(resourceId, userName, password, clientId, function (err, response) {
-  if (err) {
-    throw new Error('Unable to authenticate: ' + err.stack);
-  }
-
-  var credentials = new AzureCommon.TokenCloudCredentials({
-    subscriptionId : '<subscription GUID>',
-    authorizationScheme : response.tokenType,
-    token : response.accessToken
+  client.vaults.list(function(err, result) {
+    if (err) console.log(err);
+    console.log(result);
   });
-  
-  // Creates an Azure Key Vault Management client.
-  // The Azure Resource Manager URI must also be passed to this constructor for the
-  // China, Germany, and US Government Azure environments
-  client = new AzureMgmtKeyVault.KeyVaultManagementClient(credentials);
-  
-  var resourceGroup = 'myResourceGroup';
+
+  var resourceGroup = '<resource group name>';
   var vaultName = 'myNewVault';
   var parameters = {
     location : "East US",
@@ -59,18 +45,17 @@ context.acquireTokenWithUsernamePassword(resourceId, userName, password, clientI
       tenantId : '<tenant GUID>'
     },
     tags : {}
-  }; 
-  
+  };
+
   console.info('Creating vault...');
   client.vaults.createOrUpdate(resourceGroup, vaultName, parameters, function (err, result) {
     if (err) throw err;
-    console.info('Vault created: ' + JSON.stringify(result, null, ' '));
+    console.log(result);
   });
-  
 });
 ```
 
 ## Related projects
 
-- [Microsoft Azure SDK for Node.js](https://github.com/WindowsAzure/azure-sdk-for-node)
-- [Microsoft Azure SDK for Node.js - Key Vault](https://github.com/WindowsAzure/azure-keyvault-for-node)
+- [Microsoft Azure SDK for Node.js](https://github.com/Azure/azure-sdk-for-node)
+- [Microsoft Azure SDK for Node.js - Key Vault](https://github.com/Azure/azure-sdk-for-node/tree/master/lib/services/keyVault)

lib/services/keyVaultManagement/lib/keyVault.js

@@ -1,19 +0,0 @@
-//
-// Copyright (c) Microsoft and contributors.  All rights reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//   http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-//
-// See the License for the specific language governing permissions and
-// limitations under the License.
-//
-
-var exports = module.exports;
-
-exports.KeyVaultManagementClient = require('./keyVaultManagementClient').KeyVaultManagementClient;

lib/services/keyVaultManagement/lib/keyVaultManagementClient.d.ts

@@ -0,0 +1,62 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+import { ServiceClientOptions, RequestOptions, ServiceCallback, ServiceClientCredentials } from 'ms-rest';
+import * as operations from "./operations";
+
+declare class KeyVaultManagementClient {
+    /**
+     * @class
+     * Initializes a new instance of the KeyVaultManagementClient class.
+     * @constructor
+     *
+     * @param {credentials} credentials - Credentials needed for the client to connect to Azure.
+     *
+     * @param {string} subscriptionId - Gets subscription credentials which uniquely identify Microsoft Azure subscription. The subscription ID forms part of the URI for every service call.
+     *
+     * @param {string} [baseUri] - The base URI of the service.
+     *
+     * @param {object} [options] - The parameter options
+     *
+     * @param {Array} [options.filters] - Filters to be added to the request pipeline
+     *
+     * @param {object} [options.requestOptions] - Options for the underlying request object
+     * {@link https://github.com/request/request#requestoptions-callback Options doc}
+     *
+     * @param {boolean} [options.noRetryPolicy] - If set to true, turn off default retry policy
+     *
+     * @param {string} [options.apiVersion] - Client Api Version.
+     *
+     * @param {string} [options.acceptLanguage] - Gets or sets the preferred language for the response.
+     *
+     * @param {number} [options.longRunningOperationRetryTimeout] - Gets or sets the retry timeout in seconds for Long Running Operations. Default value is 30.
+     *
+     * @param {boolean} [options.generateClientRequestId] - When set to true a unique x-ms-client-request-id value is generated and included in each request. Default is true.
+     *
+     */
+    constructor(credentials: ServiceClientCredentials, subscriptionId: string, baseUri: string, options: ServiceClientOptions);
+
+    credentials: ServiceClientCredentials;
+
+    subscriptionId: string;
+
+    apiVersion: string;
+
+    acceptLanguage: string;
+
+    longRunningOperationRetryTimeout: number;
+
+    generateClientRequestId: boolean;
+
+    // Operation groups
+    vaults: operations.Vaults;
+    }
+
+export = KeyVaultManagementClient;

lib/services/keyVaultManagement/lib/models/accessPolicyEntry.js

@@ -0,0 +1,94 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+var models = require('./index');
+
+/**
+ * @class
+ * Initializes a new instance of the AccessPolicyEntry class.
+ * @constructor
+ * An array of 0 to 16 identities that have access to the key vault. All
+ * identities in the array must use the same tenant ID as the key vault's
+ * tenant ID.
+ *
+ * @member {uuid} tenantId The Azure Active Directory tenant ID that should be
+ * used for authenticating requests to the key vault.
+ * 
+ * @member {uuid} objectId The object ID of a user or service principal in the
+ * Azure Active Directory tenant for the vault. The object ID must be unique
+ * for the list of access policies.
+ * 
+ * @member {uuid} [applicationId]  Application ID of the client making request
+ * on behalf of a principal
+ * 
+ * @member {object} permissions Permissions the identity has for keys, secrets
+ * and certificates.
+ * 
+ * @member {array} [permissions.keys] Permissions to keys
+ * 
+ * @member {array} [permissions.secrets] Permissions to secrets
+ * 
+ * @member {array} [permissions.certificates] Permissions to certificates
+ * 
+ */
+function AccessPolicyEntry() {
+}
+
+/**
+ * Defines the metadata of AccessPolicyEntry
+ *
+ * @returns {object} metadata of AccessPolicyEntry
+ *
+ */
+AccessPolicyEntry.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'AccessPolicyEntry',
+    type: {
+      name: 'Composite',
+      className: 'AccessPolicyEntry',
+      modelProperties: {
+        tenantId: {
+          required: true,
+          serializedName: 'tenantId',
+          type: {
+            name: 'String'
+          }
+        },
+        objectId: {
+          required: true,
+          serializedName: 'objectId',
+          type: {
+            name: 'String'
+          }
+        },
+        applicationId: {
+          required: false,
+          serializedName: 'applicationId',
+          type: {
+            name: 'String'
+          }
+        },
+        permissions: {
+          required: true,
+          serializedName: 'permissions',
+          type: {
+            name: 'Composite',
+            className: 'Permissions'
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = AccessPolicyEntry;

lib/services/keyVaultManagement/lib/models/index.d.ts

@@ -0,0 +1,241 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+// TODO: Include PageTemplateModels here too?? Probably
+ */
+
+
+/**
+ * @class
+ * Initializes a new instance of the Sku class.
+ * @constructor
+ * SKU details
+ *
+ * @member {string} name SKU name to specify whether the key vault is a
+ * standard vault or a premium vault. Possible values include: 'standard',
+ * 'premium'
+ * 
+ */
+export interface Sku {
+    name: string;
+}
+
+/**
+ * @class
+ * Initializes a new instance of the AccessPolicyEntry class.
+ * @constructor
+ * An array of 0 to 16 identities that have access to the key vault. All
+ * identities in the array must use the same tenant ID as the key vault's
+ * tenant ID.
+ *
+ * @member {uuid} tenantId The Azure Active Directory tenant ID that should be
+ * used for authenticating requests to the key vault.
+ * 
+ * @member {uuid} objectId The object ID of a user or service principal in the
+ * Azure Active Directory tenant for the vault. The object ID must be unique
+ * for the list of access policies.
+ * 
+ * @member {uuid} [applicationId]  Application ID of the client making request
+ * on behalf of a principal
+ * 
+ * @member {object} permissions Permissions the identity has for keys, secrets
+ * and certificates.
+ * 
+ * @member {array} [permissions.keys] Permissions to keys
+ * 
+ * @member {array} [permissions.secrets] Permissions to secrets
+ * 
+ * @member {array} [permissions.certificates] Permissions to certificates
+ * 
+ */
+export interface AccessPolicyEntry {
+    tenantId: string;
+    objectId: string;
+    applicationId?: string;
+    permissions: Permissions;
+}
+
+/**
+ * @class
+ * Initializes a new instance of the Permissions class.
+ * @constructor
+ * Permissions the identity has for keys, secrets and certificates.
+ *
+ * @member {array} [keys] Permissions to keys
+ * 
+ * @member {array} [secrets] Permissions to secrets
+ * 
+ * @member {array} [certificates] Permissions to certificates
+ * 
+ */
+export interface Permissions {
+    keys?: string[];
+    secrets?: string[];
+    certificates?: string[];
+}
+
+/**
+ * @class
+ * Initializes a new instance of the VaultProperties class.
+ * @constructor
+ * Properties of the vault
+ *
+ * @member {string} [vaultUri] The URI of the vault for performing operations
+ * on keys and secrets.
+ * 
+ * @member {uuid} tenantId The Azure Active Directory tenant ID that should be
+ * used for authenticating requests to the key vault.
+ * 
+ * @member {object} sku SKU details
+ * 
+ * @member {string} [sku.name] SKU name to specify whether the key vault is a
+ * standard vault or a premium vault. Possible values include: 'standard',
+ * 'premium'
+ * 
+ * @member {array} accessPolicies An array of 0 to 16 identities that have
+ * access to the key vault. All identities in the array must use the same
+ * tenant ID as the key vault's tenant ID.
+ * 
+ * @member {boolean} [enabledForDeployment] Property to specify whether Azure
+ * Virtual Machines are permitted to retrieve certificates stored as secrets
+ * from the key vault.
+ * 
+ * @member {boolean} [enabledForDiskEncryption] Property to specify whether
+ * Azure Disk Encryption is permitted to retrieve secrets from the vault and
+ * unwrap keys.
+ * 
+ * @member {boolean} [enabledForTemplateDeployment] Property to specify
+ * whether Azure Resource Manager is permitted to retrieve secrets from the
+ * key vault.
+ * 
+ */
+export interface VaultProperties {
+    vaultUri?: string;
+    tenantId: string;
+    sku: Sku;
+    accessPolicies: AccessPolicyEntry[];
+    enabledForDeployment?: boolean;
+    enabledForDiskEncryption?: boolean;
+    enabledForTemplateDeployment?: boolean;
+}
+
+/**
+ * @class
+ * Initializes a new instance of the VaultCreateOrUpdateParameters class.
+ * @constructor
+ * Parameters for creating or updating a vault
+ *
+ * @member {string} location The supported Azure location where the key vault
+ * should be created.
+ * 
+ * @member {object} [tags] The tags that will be assigned to the key vault.
+ * 
+ * @member {object} properties Properties of the vault
+ * 
+ * @member {string} [properties.vaultUri] The URI of the vault for performing
+ * operations on keys and secrets.
+ * 
+ * @member {uuid} [properties.tenantId] The Azure Active Directory tenant ID
+ * that should be used for authenticating requests to the key vault.
+ * 
+ * @member {object} [properties.sku] SKU details
+ * 
+ * @member {string} [properties.sku.name] SKU name to specify whether the key
+ * vault is a standard vault or a premium vault. Possible values include:
+ * 'standard', 'premium'
+ * 
+ * @member {array} [properties.accessPolicies] An array of 0 to 16 identities
+ * that have access to the key vault. All identities in the array must use
+ * the same tenant ID as the key vault's tenant ID.
+ * 
+ * @member {boolean} [properties.enabledForDeployment] Property to specify
+ * whether Azure Virtual Machines are permitted to retrieve certificates
+ * stored as secrets from the key vault.
+ * 
+ * @member {boolean} [properties.enabledForDiskEncryption] Property to specify
+ * whether Azure Disk Encryption is permitted to retrieve secrets from the
+ * vault and unwrap keys.
+ * 
+ * @member {boolean} [properties.enabledForTemplateDeployment] Property to
+ * specify whether Azure Resource Manager is permitted to retrieve secrets
+ * from the key vault.
+ * 
+ */
+export interface VaultCreateOrUpdateParameters extends BaseResource {
+    location: string;
+    tags?: { [propertyName: string]: string };
+    properties: VaultProperties;
+}
+
+/**
+ * @class
+ * Initializes a new instance of the Resource class.
+ * @constructor
+ * Key Vault resource
+ *
+ * @member {string} [id] The Azure Resource Manager resource ID for the key
+ * vault.
+ * 
+ * @member {string} name The name of the key vault.
+ * 
+ * @member {string} [type] The resource type of the key vault.
+ * 
+ * @member {string} location The supported Azure location where the key vault
+ * should be created.
+ * 
+ * @member {object} [tags] The tags that will be assigned to the key vault.
+ * 
+ */
+export interface Resource extends BaseResource {
+    id?: string;
+    name: string;
+    type?: string;
+    location: string;
+    tags?: { [propertyName: string]: string };
+}
+
+/**
+ * @class
+ * Initializes a new instance of the Vault class.
+ * @constructor
+ * Resource information with extended details.
+ *
+ * @member {object} properties Properties of the vault
+ * 
+ * @member {string} [properties.vaultUri] The URI of the vault for performing
+ * operations on keys and secrets.
+ * 
+ * @member {uuid} [properties.tenantId] The Azure Active Directory tenant ID
+ * that should be used for authenticating requests to the key vault.
+ * 
+ * @member {object} [properties.sku] SKU details
+ * 
+ * @member {string} [properties.sku.name] SKU name to specify whether the key
+ * vault is a standard vault or a premium vault. Possible values include:
+ * 'standard', 'premium'
+ * 
+ * @member {array} [properties.accessPolicies] An array of 0 to 16 identities
+ * that have access to the key vault. All identities in the array must use
+ * the same tenant ID as the key vault's tenant ID.
+ * 
+ * @member {boolean} [properties.enabledForDeployment] Property to specify
+ * whether Azure Virtual Machines are permitted to retrieve certificates
+ * stored as secrets from the key vault.
+ * 
+ * @member {boolean} [properties.enabledForDiskEncryption] Property to specify
+ * whether Azure Disk Encryption is permitted to retrieve secrets from the
+ * vault and unwrap keys.
+ * 
+ * @member {boolean} [properties.enabledForTemplateDeployment] Property to
+ * specify whether Azure Resource Manager is permitted to retrieve secrets
+ * from the key vault.
+ * 
+ */
+export interface Vault extends Resource {
+    properties: VaultProperties;
+}

lib/services/keyVaultManagement/lib/models/index.js

@@ -0,0 +1,28 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+/* jshint latedef:false */
+/* jshint forin:false */
+/* jshint noempty:false */
+
+'use strict';
+
+var msRestAzure = require('ms-rest-azure');
+
+exports.BaseResource = msRestAzure.BaseResource;
+exports.CloudError = msRestAzure.CloudError;
+exports.Sku = require('./sku');
+exports.AccessPolicyEntry = require('./accessPolicyEntry');
+exports.Permissions = require('./permissions');
+exports.VaultProperties = require('./vaultProperties');
+exports.VaultCreateOrUpdateParameters = require('./vaultCreateOrUpdateParameters');
+exports.Resource = require('./resource');
+exports.Vault = require('./vault');
+exports.VaultListResult = require('./vaultListResult');

lib/services/keyVaultManagement/lib/models/permissions.js

@@ -0,0 +1,92 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+var util = require('util');
+
+/**
+ * @class
+ * Initializes a new instance of the Permissions class.
+ * @constructor
+ * Permissions the identity has for keys, secrets and certificates.
+ *
+ * @member {array} [keys] Permissions to keys
+ * 
+ * @member {array} [secrets] Permissions to secrets
+ * 
+ * @member {array} [certificates] Permissions to certificates
+ * 
+ */
+function Permissions() {
+}
+
+/**
+ * Defines the metadata of Permissions
+ *
+ * @returns {object} metadata of Permissions
+ *
+ */
+Permissions.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'Permissions',
+    type: {
+      name: 'Composite',
+      className: 'Permissions',
+      modelProperties: {
+        keys: {
+          required: false,
+          serializedName: 'keys',
+          type: {
+            name: 'Sequence',
+            element: {
+                required: false,
+                serializedName: 'StringElementType',
+                type: {
+                  name: 'String'
+                }
+            }
+          }
+        },
+        secrets: {
+          required: false,
+          serializedName: 'secrets',
+          type: {
+            name: 'Sequence',
+            element: {
+                required: false,
+                serializedName: 'StringElementType',
+                type: {
+                  name: 'String'
+                }
+            }
+          }
+        },
+        certificates: {
+          required: false,
+          serializedName: 'certificates',
+          type: {
+            name: 'Sequence',
+            element: {
+                required: false,
+                serializedName: 'StringElementType',
+                type: {
+                  name: 'String'
+                }
+            }
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = Permissions;

lib/services/keyVaultManagement/lib/models/resource.js

@@ -0,0 +1,105 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+var models = require('./index');
+
+var util = require('util');
+
+/**
+ * @class
+ * Initializes a new instance of the Resource class.
+ * @constructor
+ * Key Vault resource
+ *
+ * @member {string} [id] The Azure Resource Manager resource ID for the key
+ * vault.
+ * 
+ * @member {string} name The name of the key vault.
+ * 
+ * @member {string} [type] The resource type of the key vault.
+ * 
+ * @member {string} location The supported Azure location where the key vault
+ * should be created.
+ * 
+ * @member {object} [tags] The tags that will be assigned to the key vault.
+ * 
+ */
+function Resource() {
+  Resource['super_'].call(this);
+}
+
+util.inherits(Resource, models['BaseResource']);
+
+/**
+ * Defines the metadata of Resource
+ *
+ * @returns {object} metadata of Resource
+ *
+ */
+Resource.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'Resource',
+    type: {
+      name: 'Composite',
+      className: 'Resource',
+      modelProperties: {
+        id: {
+          required: false,
+          readOnly: true,
+          serializedName: 'id',
+          type: {
+            name: 'String'
+          }
+        },
+        name: {
+          required: true,
+          serializedName: 'name',
+          type: {
+            name: 'String'
+          }
+        },
+        type: {
+          required: false,
+          readOnly: true,
+          serializedName: 'type',
+          type: {
+            name: 'String'
+          }
+        },
+        location: {
+          required: true,
+          serializedName: 'location',
+          type: {
+            name: 'String'
+          }
+        },
+        tags: {
+          required: false,
+          serializedName: 'tags',
+          type: {
+            name: 'Dictionary',
+            value: {
+                required: false,
+                serializedName: 'StringElementType',
+                type: {
+                  name: 'String'
+                }
+            }
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = Resource;

lib/services/keyVaultManagement/lib/models/sku.js

@@ -0,0 +1,63 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+/**
+ * @class
+ * Initializes a new instance of the Sku class.
+ * @constructor
+ * SKU details
+ *
+ * @member {string} name SKU name to specify whether the key vault is a
+ * standard vault or a premium vault. Possible values include: 'standard',
+ * 'premium'
+ * 
+ */
+function Sku() {
+}
+
+/**
+ * Defines the metadata of Sku
+ *
+ * @returns {object} metadata of Sku
+ *
+ */
+Sku.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'Sku',
+    type: {
+      name: 'Composite',
+      className: 'Sku',
+      modelProperties: {
+        family: {
+          required: true,
+          isConstant: true,
+          serializedName: 'family',
+          defaultValue: 'A',
+          type: {
+            name: 'String'
+          }
+        },
+        name: {
+          required: true,
+          serializedName: 'name',
+          type: {
+            name: 'Enum',
+            allowedValues: [ 'standard', 'premium' ]
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = Sku;

lib/services/keyVaultManagement/lib/models/subResource.js

@@ -0,0 +1,52 @@
+/*
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+var models = require('./index');
+
+var util = require('util');
+
+/**
+ * @class
+ * Initializes a new instance of the SubResource class.
+ * @constructor
+ * @member {string} [id] Resource Id
+ * 
+ */
+function SubResource() {
+  SubResource['super_'].call(this);
+}
+
+util.inherits(SubResource, models['BaseResource']);
+
+/**
+ * Defines the metadata of SubResource
+ *
+ * @returns {object} metadata of SubResource
+ *
+ */
+SubResource.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'SubResource',
+    type: {
+      name: 'Composite',
+      className: 'SubResource',
+      modelProperties: {
+        id: {
+          required: false,
+          serializedName: 'id',
+          type: {
+            name: 'String'
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = SubResource;

lib/services/keyVaultManagement/lib/models/vault.js

@@ -0,0 +1,132 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+var models = require('./index');
+
+var util = require('util');
+
+/**
+ * @class
+ * Initializes a new instance of the Vault class.
+ * @constructor
+ * Resource information with extended details.
+ *
+ * @member {object} properties Properties of the vault
+ * 
+ * @member {string} [properties.vaultUri] The URI of the vault for performing
+ * operations on keys and secrets.
+ * 
+ * @member {uuid} [properties.tenantId] The Azure Active Directory tenant ID
+ * that should be used for authenticating requests to the key vault.
+ * 
+ * @member {object} [properties.sku] SKU details
+ * 
+ * @member {string} [properties.sku.name] SKU name to specify whether the key
+ * vault is a standard vault or a premium vault. Possible values include:
+ * 'standard', 'premium'
+ * 
+ * @member {array} [properties.accessPolicies] An array of 0 to 16 identities
+ * that have access to the key vault. All identities in the array must use
+ * the same tenant ID as the key vault's tenant ID.
+ * 
+ * @member {boolean} [properties.enabledForDeployment] Property to specify
+ * whether Azure Virtual Machines are permitted to retrieve certificates
+ * stored as secrets from the key vault.
+ * 
+ * @member {boolean} [properties.enabledForDiskEncryption] Property to specify
+ * whether Azure Disk Encryption is permitted to retrieve secrets from the
+ * vault and unwrap keys.
+ * 
+ * @member {boolean} [properties.enabledForTemplateDeployment] Property to
+ * specify whether Azure Resource Manager is permitted to retrieve secrets
+ * from the key vault.
+ * 
+ */
+function Vault() {
+  Vault['super_'].call(this);
+}
+
+util.inherits(Vault, models['Resource']);
+
+/**
+ * Defines the metadata of Vault
+ *
+ * @returns {object} metadata of Vault
+ *
+ */
+Vault.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'Vault',
+    type: {
+      name: 'Composite',
+      className: 'Vault',
+      modelProperties: {
+        id: {
+          required: false,
+          readOnly: true,
+          serializedName: 'id',
+          type: {
+            name: 'String'
+          }
+        },
+        name: {
+          required: true,
+          serializedName: 'name',
+          type: {
+            name: 'String'
+          }
+        },
+        type: {
+          required: false,
+          readOnly: true,
+          serializedName: 'type',
+          type: {
+            name: 'String'
+          }
+        },
+        location: {
+          required: true,
+          serializedName: 'location',
+          type: {
+            name: 'String'
+          }
+        },
+        tags: {
+          required: false,
+          serializedName: 'tags',
+          type: {
+            name: 'Dictionary',
+            value: {
+                required: false,
+                serializedName: 'StringElementType',
+                type: {
+                  name: 'String'
+                }
+            }
+          }
+        },
+        properties: {
+          required: true,
+          serializedName: 'properties',
+          defaultValue: {},
+          type: {
+            name: 'Composite',
+            className: 'VaultProperties'
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = Vault;

lib/services/keyVaultManagement/lib/models/vaultCreateOrUpdateParameters.js

@@ -0,0 +1,114 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+var models = require('./index');
+
+var util = require('util');
+
+/**
+ * @class
+ * Initializes a new instance of the VaultCreateOrUpdateParameters class.
+ * @constructor
+ * Parameters for creating or updating a vault
+ *
+ * @member {string} location The supported Azure location where the key vault
+ * should be created.
+ * 
+ * @member {object} [tags] The tags that will be assigned to the key vault.
+ * 
+ * @member {object} properties Properties of the vault
+ * 
+ * @member {string} [properties.vaultUri] The URI of the vault for performing
+ * operations on keys and secrets.
+ * 
+ * @member {uuid} [properties.tenantId] The Azure Active Directory tenant ID
+ * that should be used for authenticating requests to the key vault.
+ * 
+ * @member {object} [properties.sku] SKU details
+ * 
+ * @member {string} [properties.sku.name] SKU name to specify whether the key
+ * vault is a standard vault or a premium vault. Possible values include:
+ * 'standard', 'premium'
+ * 
+ * @member {array} [properties.accessPolicies] An array of 0 to 16 identities
+ * that have access to the key vault. All identities in the array must use
+ * the same tenant ID as the key vault's tenant ID.
+ * 
+ * @member {boolean} [properties.enabledForDeployment] Property to specify
+ * whether Azure Virtual Machines are permitted to retrieve certificates
+ * stored as secrets from the key vault.
+ * 
+ * @member {boolean} [properties.enabledForDiskEncryption] Property to specify
+ * whether Azure Disk Encryption is permitted to retrieve secrets from the
+ * vault and unwrap keys.
+ * 
+ * @member {boolean} [properties.enabledForTemplateDeployment] Property to
+ * specify whether Azure Resource Manager is permitted to retrieve secrets
+ * from the key vault.
+ * 
+ */
+function VaultCreateOrUpdateParameters() {
+  VaultCreateOrUpdateParameters['super_'].call(this);
+}
+
+util.inherits(VaultCreateOrUpdateParameters, models['BaseResource']);
+
+/**
+ * Defines the metadata of VaultCreateOrUpdateParameters
+ *
+ * @returns {object} metadata of VaultCreateOrUpdateParameters
+ *
+ */
+VaultCreateOrUpdateParameters.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'VaultCreateOrUpdateParameters',
+    type: {
+      name: 'Composite',
+      className: 'VaultCreateOrUpdateParameters',
+      modelProperties: {
+        location: {
+          required: true,
+          serializedName: 'location',
+          type: {
+            name: 'String'
+          }
+        },
+        tags: {
+          required: false,
+          serializedName: 'tags',
+          type: {
+            name: 'Dictionary',
+            value: {
+                required: false,
+                serializedName: 'StringElementType',
+                type: {
+                  name: 'String'
+                }
+            }
+          }
+        },
+        properties: {
+          required: true,
+          serializedName: 'properties',
+          defaultValue: {},
+          type: {
+            name: 'Composite',
+            className: 'VaultProperties'
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = VaultCreateOrUpdateParameters;

lib/services/keyVaultManagement/lib/models/vaultListResult.js

@@ -0,0 +1,72 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+var util = require('util');
+
+/**
+ * @class
+ * Initializes a new instance of the VaultListResult class.
+ * @constructor
+ * List of vaults
+ * @member {array} [value] Gets or sets the list of vaults.
+ * 
+ * @member {string} [nextLink] Gets or sets the URL to get the next set of
+ * vaults.
+ * 
+ */
+function VaultListResult() {
+}
+
+util.inherits(VaultListResult, Array);
+
+/**
+ * Defines the metadata of VaultListResult
+ *
+ * @returns {object} metadata of VaultListResult
+ *
+ */
+VaultListResult.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'VaultListResult',
+    type: {
+      name: 'Composite',
+      className: 'VaultListResult',
+      modelProperties: {
+        value: {
+          required: false,
+          serializedName: '',
+          type: {
+            name: 'Sequence',
+            element: {
+                required: false,
+                serializedName: 'VaultElementType',
+                type: {
+                  name: 'Composite',
+                  className: 'Vault'
+                }
+            }
+          }
+        },
+        nextLink: {
+          required: false,
+          serializedName: 'nextLink',
+          type: {
+            name: 'String'
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = VaultListResult;

lib/services/keyVaultManagement/lib/models/vaultProperties.js

@@ -0,0 +1,136 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+var models = require('./index');
+
+var util = require('util');
+
+/**
+ * @class
+ * Initializes a new instance of the VaultProperties class.
+ * @constructor
+ * Properties of the vault
+ *
+ * @member {string} [vaultUri] The URI of the vault for performing operations
+ * on keys and secrets.
+ * 
+ * @member {uuid} tenantId The Azure Active Directory tenant ID that should be
+ * used for authenticating requests to the key vault.
+ * 
+ * @member {object} sku SKU details
+ * 
+ * @member {string} [sku.name] SKU name to specify whether the key vault is a
+ * standard vault or a premium vault. Possible values include: 'standard',
+ * 'premium'
+ * 
+ * @member {array} accessPolicies An array of 0 to 16 identities that have
+ * access to the key vault. All identities in the array must use the same
+ * tenant ID as the key vault's tenant ID.
+ * 
+ * @member {boolean} [enabledForDeployment] Property to specify whether Azure
+ * Virtual Machines are permitted to retrieve certificates stored as secrets
+ * from the key vault.
+ * 
+ * @member {boolean} [enabledForDiskEncryption] Property to specify whether
+ * Azure Disk Encryption is permitted to retrieve secrets from the vault and
+ * unwrap keys.
+ * 
+ * @member {boolean} [enabledForTemplateDeployment] Property to specify
+ * whether Azure Resource Manager is permitted to retrieve secrets from the
+ * key vault.
+ * 
+ */
+function VaultProperties() {
+}
+
+/**
+ * Defines the metadata of VaultProperties
+ *
+ * @returns {object} metadata of VaultProperties
+ *
+ */
+VaultProperties.prototype.mapper = function () {
+  return {
+    required: false,
+    serializedName: 'VaultProperties',
+    type: {
+      name: 'Composite',
+      className: 'VaultProperties',
+      modelProperties: {
+        vaultUri: {
+          required: false,
+          serializedName: 'vaultUri',
+          type: {
+            name: 'String'
+          }
+        },
+        tenantId: {
+          required: true,
+          serializedName: 'tenantId',
+          type: {
+            name: 'String'
+          }
+        },
+        sku: {
+          required: true,
+          serializedName: 'sku',
+          defaultValue: {},
+          type: {
+            name: 'Composite',
+            className: 'Sku'
+          }
+        },
+        accessPolicies: {
+          required: true,
+          serializedName: 'accessPolicies',
+          constraints: {
+            MaxItems: 16
+          },
+          type: {
+            name: 'Sequence',
+            element: {
+                required: false,
+                serializedName: 'AccessPolicyEntryElementType',
+                type: {
+                  name: 'Composite',
+                  className: 'AccessPolicyEntry'
+                }
+            }
+          }
+        },
+        enabledForDeployment: {
+          required: false,
+          serializedName: 'enabledForDeployment',
+          type: {
+            name: 'Boolean'
+          }
+        },
+        enabledForDiskEncryption: {
+          required: false,
+          serializedName: 'enabledForDiskEncryption',
+          type: {
+            name: 'Boolean'
+          }
+        },
+        enabledForTemplateDeployment: {
+          required: false,
+          serializedName: 'enabledForTemplateDeployment',
+          type: {
+            name: 'Boolean'
+          }
+        }
+      }
+    }
+  };
+};
+
+module.exports = VaultProperties;

lib/services/keyVaultManagement/lib/operations/index.d.ts

@@ -0,0 +1,190 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+*/
+
+import { ServiceClientOptions, RequestOptions, ServiceCallback } from 'ms-rest';
+import * as models from '../models';
+
+
+/**
+ * @class
+ * Vaults
+ * __NOTE__: An instance of this class is automatically created for an
+ * instance of the KeyVaultManagementClient.
+ */
+export interface Vaults {
+
+    /**
+     * Create or update a key vault in the specified subscription.
+     *
+     * @param {string} resourceGroupName The name of the Resource Group to which
+     * the server belongs.
+     * 
+     * @param {string} vaultName Name of the vault
+     * 
+     * @param {object} parameters Parameters to create or update the vault
+     * 
+     * @param {string} parameters.location The supported Azure location where the
+     * key vault should be created.
+     * 
+     * @param {object} [parameters.tags] The tags that will be assigned to the key
+     * vault.
+     * 
+     * @param {object} parameters.properties Properties of the vault
+     * 
+     * @param {string} [parameters.properties.vaultUri] The URI of the vault for
+     * performing operations on keys and secrets.
+     * 
+     * @param {uuid} parameters.properties.tenantId The Azure Active Directory
+     * tenant ID that should be used for authenticating requests to the key vault.
+     * 
+     * @param {object} parameters.properties.sku SKU details
+     * 
+     * @param {string} parameters.properties.sku.name SKU name to specify whether
+     * the key vault is a standard vault or a premium vault. Possible values
+     * include: 'standard', 'premium'
+     * 
+     * @param {array} parameters.properties.accessPolicies An array of 0 to 16
+     * identities that have access to the key vault. All identities in the array
+     * must use the same tenant ID as the key vault's tenant ID.
+     * 
+     * @param {boolean} [parameters.properties.enabledForDeployment] Property to
+     * specify whether Azure Virtual Machines are permitted to retrieve
+     * certificates stored as secrets from the key vault.
+     * 
+     * @param {boolean} [parameters.properties.enabledForDiskEncryption] Property
+     * to specify whether Azure Disk Encryption is permitted to retrieve secrets
+     * from the vault and unwrap keys.
+     * 
+     * @param {boolean} [parameters.properties.enabledForTemplateDeployment]
+     * Property to specify whether Azure Resource Manager is permitted to
+     * retrieve secrets from the key vault.
+     * 
+     * @param {object} [options] Optional Parameters.
+     * 
+     * @param {object} [options.customHeaders] Headers that will be added to the
+     * request
+     * 
+     * @param {ServiceCallback} [callback] callback function; see ServiceCallback
+     * doc in ms-rest index.d.ts for details
+     */
+    createOrUpdate(resourceGroupName: string, vaultName: string, parameters: models.VaultCreateOrUpdateParameters, options: { customHeaders? : { [headerName: string]: string; } }, callback: ServiceCallback<models.Vault>): void;
+    createOrUpdate(resourceGroupName: string, vaultName: string, parameters: models.VaultCreateOrUpdateParameters, callback: ServiceCallback<models.Vault>): void;
+
+    /**
+     * Deletes the specified Azure key vault.
+     *
+     * @param {string} resourceGroupName The name of the Resource Group to which
+     * the vault belongs.
+     * 
+     * @param {string} vaultName The name of the vault to delete
+     * 
+     * @param {object} [options] Optional Parameters.
+     * 
+     * @param {object} [options.customHeaders] Headers that will be added to the
+     * request
+     * 
+     * @param {ServiceCallback} [callback] callback function; see ServiceCallback
+     * doc in ms-rest index.d.ts for details
+     */
+    deleteMethod(resourceGroupName: string, vaultName: string, options: { customHeaders? : { [headerName: string]: string; } }, callback: ServiceCallback<void>): void;
+    deleteMethod(resourceGroupName: string, vaultName: string, callback: ServiceCallback<void>): void;
+
+    /**
+     * Gets the specified Azure key vault.
+     *
+     * @param {string} resourceGroupName The name of the Resource Group to which
+     * the vault belongs.
+     * 
+     * @param {string} vaultName The name of the vault.
+     * 
+     * @param {object} [options] Optional Parameters.
+     * 
+     * @param {object} [options.customHeaders] Headers that will be added to the
+     * request
+     * 
+     * @param {ServiceCallback} [callback] callback function; see ServiceCallback
+     * doc in ms-rest index.d.ts for details
+     */
+    get(resourceGroupName: string, vaultName: string, options: { customHeaders? : { [headerName: string]: string; } }, callback: ServiceCallback<models.Vault>): void;
+    get(resourceGroupName: string, vaultName: string, callback: ServiceCallback<models.Vault>): void;
+
+    /**
+     * The List operation gets information about the vaults associated with the
+     * subscription and within the specified resource group.
+     *
+     * @param {string} resourceGroupName The name of the Resource Group to which
+     * the vault belongs.
+     * 
+     * @param {object} [options] Optional Parameters.
+     * 
+     * @param {number} [options.top] Maximum number of results to return.
+     * 
+     * @param {object} [options.customHeaders] Headers that will be added to the
+     * request
+     * 
+     * @param {ServiceCallback} [callback] callback function; see ServiceCallback
+     * doc in ms-rest index.d.ts for details
+     */
+    listByResourceGroup(resourceGroupName: string, options: { top? : number, customHeaders? : { [headerName: string]: string; } }, callback: ServiceCallback<models.VaultListResult>): void;
+    listByResourceGroup(resourceGroupName: string, callback: ServiceCallback<models.VaultListResult>): void;
+
+    /**
+     * The List operation gets information about the vaults associated with the
+     * subscription.
+     *
+     * @param {object} [options] Optional Parameters.
+     * 
+     * @param {number} [options.top] Maximum number of results to return.
+     * 
+     * @param {object} [options.customHeaders] Headers that will be added to the
+     * request
+     * 
+     * @param {ServiceCallback} [callback] callback function; see ServiceCallback
+     * doc in ms-rest index.d.ts for details
+     */
+    list(options: { top? : number, customHeaders? : { [headerName: string]: string; } }, callback: ServiceCallback<models.VaultListResult>): void;
+    list(callback: ServiceCallback<models.VaultListResult>): void;
+
+    /**
+     * The List operation gets information about the vaults associated with the
+     * subscription and within the specified resource group.
+     *
+     * @param {string} nextPageLink The NextLink from the previous successful call
+     * to List operation.
+     * 
+     * @param {object} [options] Optional Parameters.
+     * 
+     * @param {object} [options.customHeaders] Headers that will be added to the
+     * request
+     * 
+     * @param {ServiceCallback} [callback] callback function; see ServiceCallback
+     * doc in ms-rest index.d.ts for details
+     */
+    listByResourceGroupNext(nextPageLink: string, options: { customHeaders? : { [headerName: string]: string; } }, callback: ServiceCallback<models.VaultListResult>): void;
+    listByResourceGroupNext(nextPageLink: string, callback: ServiceCallback<models.VaultListResult>): void;
+
+    /**
+     * The List operation gets information about the vaults associated with the
+     * subscription.
+     *
+     * @param {string} nextPageLink The NextLink from the previous successful call
+     * to List operation.
+     * 
+     * @param {object} [options] Optional Parameters.
+     * 
+     * @param {object} [options.customHeaders] Headers that will be added to the
+     * request
+     * 
+     * @param {ServiceCallback} [callback] callback function; see ServiceCallback
+     * doc in ms-rest index.d.ts for details
+     */
+    listNext(nextPageLink: string, options: { customHeaders? : { [headerName: string]: string; } }, callback: ServiceCallback<models.VaultListResult>): void;
+    listNext(nextPageLink: string, callback: ServiceCallback<models.VaultListResult>): void;
+}

lib/services/keyVaultManagement/lib/operations/index.js

@@ -0,0 +1,17 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ * 
+ * Code generated by Microsoft (R) AutoRest Code Generator 0.17.0.0
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+/* jshint latedef:false */
+/* jshint forin:false */
+/* jshint noempty:false */
+
+'use strict';
+
+exports.Vaults = require('./vaults');

lib/services/keyVaultManagement/package.json

@@ -5,12 +5,13 @@
     "Colombo, Fernando <fcolombo@microsoft.com>",
     "Gupta, Divya <Divya.Gupta@microsoft.com>",
     "Kostal, Greg <gkostal@microsoft.com>",
+    "Mortazavi, Pooneh <pomortaz@microsoft.com>",
     "Wilson, Hervey <herveyw@microsoft.com>",
     "Zavery, Amar <amzavery@microsoft.com>",
     "Wang, Yugang <yugangw@microsoft.com>"
   ],
-  "version": "0.11.1",
-  "description": "Microsoft Azure Key Vault Client Library for node",
+  "version": "0.11.2",
+  "description": "Microsoft Azure Key Vault Management Client Library for node",
   "tags": [
     "azure",
     "sdk"
@@ -19,7 +20,7 @@
     "node",
     "azure"
   ],
-  "main": "./lib/keyVault.js",
+  "main": "./lib/keyVaultManagementClient.js",
   "licenses": [
     {
       "type": "Apache 2.0",
@@ -27,7 +28,9 @@
     }
   ],
   "dependencies": {
-    "azure-common": "^0.9.13"
+    "ms-rest": "^1.14.0",
+    "ms-rest-azure": "^1.14.0",
+    "underscore": "^1.4.0"
   },
   "homepage": "http://github.com/Azure/azure-sdk-for-node",
   "repository": {

nodeSDK.njsproj

@@ -295,6 +295,60 @@
     <Compile Include="lib\services\HDInsight2\lib\hDInsightManagementClient.js" />
     <Compile Include="lib\services\HDInsightJob2\lib\hdinsightjob2.js" />
     <Compile Include="lib\services\HDInsightJob2\lib\hDInsightJobManagementClient.js" />
+    <Compile Include="lib\services\keyVault\lib\keyVaultClient.js" />
+    <Compile Include="lib\services\keyVault\lib\models\action.js" />
+    <Compile Include="lib\services\keyVault\lib\models\administratorDetails.js" />
+    <Compile Include="lib\services\keyVault\lib\models\attributes.js" />
+    <Compile Include="lib\services\keyVault\lib\models\backupKeyResult.js" />
+    <Compile Include="lib\services\keyVault\lib\models\certificateAttributes.js" />
+    <Compile Include="lib\services\keyVault\lib\models\certificateBundle.js" />
+    <Compile Include="lib\services\keyVault\lib\models\certificateCreateParameters.js" />
+    <Compile Include="lib\services\keyVault\lib\models\certificateImportParameters.js" />
+    <Compile Include="lib\services\keyVault\lib\models\certificateIssuerItem.js" />
+    <Compile Include="lib\services\keyVault\lib\models\certificateIssuerListResult.js" />
+    <Compile Include="lib\services\keyVault\lib\models\certificateItem.js" />
+    <Compile Include="lib\services\keyVault\lib\models\certificateListResult.js" />
+    <Compile Include="lib\services\keyVault\lib\models\certificateMergeParameters.js" />
+    <Compile Include="lib\services\keyVault\lib\models\certificateOperation.js" />
+    <Compile Include="lib\services\keyVault\lib\models\certificatePolicy.js" />
+    <Compile Include="lib\services\keyVault\lib\models\certificateUpdateParameters.js" />
+    <Compile Include="lib\services\keyVault\lib\models\contact.js" />
+    <Compile Include="lib\services\keyVault\lib\models\contacts.js" />
+    <Compile Include="lib\services\keyVault\lib\models\errorModel.js" />
+    <Compile Include="lib\services\keyVault\lib\models\index.js" />
+    <Compile Include="lib\services\keyVault\lib\models\issuerAttributes.js" />
+    <Compile Include="lib\services\keyVault\lib\models\issuerBundle.js" />
+    <Compile Include="lib\services\keyVault\lib\models\issuerCredentials.js" />
+    <Compile Include="lib\services\keyVault\lib\models\issuerReference.js" />
+    <Compile Include="lib\services\keyVault\lib\models\jsonWebKey.js" />
+    <Compile Include="lib\services\keyVault\lib\models\keyAttributes.js" />
+    <Compile Include="lib\services\keyVault\lib\models\keyBundle.js" />
+    <Compile Include="lib\services\keyVault\lib\models\keyCreateParameters.js" />
+    <Compile Include="lib\services\keyVault\lib\models\keyImportParameters.js" />
+    <Compile Include="lib\services\keyVault\lib\models\keyItem.js" />
+    <Compile Include="lib\services\keyVault\lib\models\keyListResult.js" />
+    <Compile Include="lib\services\keyVault\lib\models\keyOperationResult.js" />
+    <Compile Include="lib\services\keyVault\lib\models\keyOperationsParameters.js" />
+    <Compile Include="lib\services\keyVault\lib\models\keyProperties.js" />
+    <Compile Include="lib\services\keyVault\lib\models\keyRestoreParameters.js" />
+    <Compile Include="lib\services\keyVault\lib\models\keyUpdateParameters.js" />
+    <Compile Include="lib\services\keyVault\lib\models\keyVaultError.js" />
+    <Compile Include="lib\services\keyVault\lib\models\keyVerifyParameters.js" />
+    <Compile Include="lib\services\keyVault\lib\models\keyVerifyResult.js" />
+    <Compile Include="lib\services\keyVault\lib\models\lifetimeAction.js" />
+    <Compile Include="lib\services\keyVault\lib\models\organizationDetails.js" />
+    <Compile Include="lib\services\keyVault\lib\models\pendingCertificateSigningRequestResult.js" />
+    <Compile Include="lib\services\keyVault\lib\models\secretAttributes.js" />
+    <Compile Include="lib\services\keyVault\lib\models\secretBundle.js" />
+    <Compile Include="lib\services\keyVault\lib\models\secretItem.js" />
+    <Compile Include="lib\services\keyVault\lib\models\secretListResult.js" />
+    <Compile Include="lib\services\keyVault\lib\models\secretProperties.js" />
+    <Compile Include="lib\services\keyVault\lib\models\secretSetParameters.js" />
+    <Compile Include="lib\services\keyVault\lib\models\secretUpdateParameters.js" />
+    <Compile Include="lib\services\keyVault\lib\models\subjectAlternativeNames.js" />
+    <Compile Include="lib\services\keyVault\lib\models\trigger.js" />
+    <Compile Include="lib\services\keyVault\lib\models\x509CertificateProperties.js" />
+    <Compile Include="lib\services\keyVault\lib\objectIdentifier.js" />
     <Compile Include="lib\services\notificationHubsManagement\lib\models\admCredential.js" />
     <Compile Include="lib\services\notificationHubsManagement\lib\models\admCredentialProperties.js" />
     <Compile Include="lib\services\notificationHubsManagement\lib\models\apnsCredential.js" />
@@ -888,7 +942,6 @@
     <Compile Include="lib\services\keyVault\lib\jwk.js" />
     <Compile Include="lib\services\keyVault\lib\keyVault.js" />
     <Compile Include="lib\services\keyVault\lib\keyVaultCredentials.js" />
-    <Compile Include="lib\services\keyVault\lib\keyVaultInternalClient.js" />
     <Compile Include="lib\services\keyVaultManagement\lib\keyVault.js" />
     <Compile Include="lib\services\keyVaultManagement\lib\keyVaultManagementClient.js" />
     <Compile Include="lib\services\legacyStorage\lib\storage.js" />
@@ -939,6 +992,8 @@
     <Compile Include="lib\services\networkManagement\lib\networkManagementClient.js" />
     <Compile Include="lib\services\networkManagement2\lib\network.js" />
     <Compile Include="lib\services\networkManagement2\lib\networkResourceProviderClient.js" />
+    <TypeScriptCompile Include="lib\services\keyVault\lib\keyVaultClient.d.ts" />
+    <TypeScriptCompile Include="lib\services\keyVault\lib\models\index.d.ts" />
     <TypeScriptCompile Include="lib\services\notificationHubsManagement\lib\models\index.d.ts" />
     <TypeScriptCompile Include="lib\services\notificationHubsManagement\lib\notificationHubsManagementClient.d.ts" />
     <TypeScriptCompile Include="lib\services\notificationHubsManagement\lib\operations\index.d.ts" />
@@ -1433,6 +1488,19 @@
     <Compile Include="test\services\intune\intuneResourceManagementClient-tests.js">
       <TestFramework>Mocha</TestFramework>
     </Compile>
+    <Compile Include="test\services\keyVault\keyVault-certificate-tests.js">
+      <TestFramework>Mocha</TestFramework>
+    </Compile>
+    <Compile Include="test\services\keyVault\keyVault-key-tests.js">
+      <TestFramework>Mocha</TestFramework>
+    </Compile>
+    <Compile Include="test\services\keyVault\keyVault-secret-tests.js">
+      <TestFramework>Mocha</TestFramework>
+    </Compile>
+    <Compile Include="test\services\keyVault\kv-test-utils.js">
+      <TestFramework>
+      </TestFramework>
+    </Compile>
     <Compile Include="test\services\notificationHubsManagement\namespace-tests.js" />
     <Compile Include="test\services\notificationHubsManagement\notificationHub-tests.js" />
     <Compile Include="test\services\resourceManagement\authorizationClient-tests.js">
@@ -1574,6 +1642,7 @@
     <Folder Include="lib\services\keyVault\lib" />
     <Folder Include="lib\services\keyVaultManagement" />
     <Folder Include="lib\services\keyVaultManagement\lib" />
+    <Folder Include="lib\services\keyVault\lib\models\" />
     <Folder Include="lib\services\legacyStorage" />
     <Folder Include="lib\services\legacyStorage\lib" />
     <Folder Include="lib\services\legacyStorage\lib\blob" />
@@ -1918,6 +1987,7 @@
     <Folder Include="test\services\dataLakeAnalyticsManagement\" />
     <Folder Include="test\services\dataLakeStoreManagement\" />
     <Folder Include="test\services\intune" />
+    <Folder Include="test\services\keyVault\" />
     <Folder Include="test\services\notificationHubsManagement\" />
     <Folder Include="test\services\resourceManagement" />
     <Folder Include="test\services\storageManagement" />

test/services/keyVault/keyVault-certificate-tests.js

@@ -0,0 +1,868 @@
+//
+// Copyright (c) Microsoft and contributors.  All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+'use strict';
+
+var Testutil = require('../../util/util');
+var KeyVault = Testutil.libRequire('services/keyVault');
+var MockedTestUtils = require('../../framework/mocked-test-utils');
+var KvUtils = require('./kv-test-utils.js');
+var Crypto = require('crypto');
+var util = require('util');
+var should = require('should');
+
+var series = KvUtils.series;
+var validateCertificateOperation = KvUtils.validateCertificateOperation
+var validateCertificateBundle = KvUtils.validateCertificateBundle;
+var validateIssuerBundle = KvUtils.validateIssuerBundle;
+var validateCertificateContacts = KvUtils.validateCertificateContacts;
+var validateCertificateList = KvUtils.validateCertificateList;
+var validateCertificateIssuerList = KvUtils.validateCertificateIssuerList;
+var assertExactly = KvUtils.assertExactly;
+var compareObjects = KvUtils.compareObjects;
+
+var vaultUri = process.env['AZURE_KV_VAULT'];
+if (!vaultUri) {
+	vaultUri = 'https://sdktestvault0511.vault.azure.net';
+}
+
+var CERTIFICATE_NAME = 'nodeCertificate';
+var ISSUER_NAME = 'nodeIssuer';
+var LIST_TEST_SIZE = 2;
+
+describe('Key Vault certificates', function () {
+
+  var client;
+  var suiteUtil;
+
+  before(function (done) {
+    var credentials = new KeyVault.KeyVaultCredentials(KvUtils.authenticator);
+    client = new KeyVault.KeyVaultClient(credentials);
+
+    suiteUtil = new MockedTestUtils(client, 'keyVault-certificate-tests');
+    suiteUtil.setupSuite(done);
+  });
+
+  after(function (done) {
+    cleanupCreatedCertificates(function () {
+      suiteUtil.teardownSuite(done);
+    });
+  });
+
+  beforeEach(function (done) {
+    suiteUtil.setupTest(done);
+  });
+
+  afterEach(function (done) {
+    suiteUtil.baseTeardownTest(done);
+  });
+
+  describe('identifier', function () {
+    it('should work', function (done) {
+
+      function assertCertificateMatch(vault, name, version, Id) {
+
+        assertExactly(util.format('%s/certificates/%s', vault, name), Id.baseIdentifier);
+        if (version) {
+          assertExactly(util.format('%s/certificates/%s/%s', vault, name, version), Id.identifier);
+        } else {
+          assertExactly(Id.baseIdentifier, Id.identifier);
+        }
+        assertExactly(vault, Id.vault);
+        assertExactly(name, Id.name);
+        assertExactly(version, Id.version);
+      }
+
+      function verifyCertificateCreate(vault, name, version) {
+        var Id, parsedId;
+        if (version) {
+          Id = KeyVault.createCertificateIdentifier(vault, name, version);
+        } else {
+          Id = KeyVault.createCertificateIdentifier(vault, name);
+        }
+        assertCertificateMatch(vault, name, version, Id);
+        if (version) {
+          parsedId = KeyVault.parseCertificateIdentifier(Id.identifier);
+          assertCertificateMatch(vault, name, version, parsedId);
+        }
+        parsedId = KeyVault.parseCertificateIdentifier(Id.baseIdentifier);
+        assertCertificateMatch(vault, name, null, parsedId);
+      }
+
+      function assertCertificateOperationMatch(vault, name, Id) {
+        assertExactly(util.format('%s/certificates/%s/pending', vault, name), Id.baseIdentifier);
+        assertExactly(Id.baseIdentifier, Id.identifier);
+
+        assertExactly(vault, Id.vault);
+        assertExactly(name, Id.name);
+        assertExactly(null, Id.version);
+      }
+
+      function verifyCertificateOperationCreate(vault, name) {
+        var Id, parsedId;
+        Id = KeyVault.createCertificateOperationIdentifier(vault, name);
+
+        assertCertificateOperationMatch(vault, name, Id);
+        parsedId = KeyVault.parseCertificateOperationIdentifier(Id.baseIdentifier);
+        assertCertificateOperationMatch(vault, name, parsedId);
+      }
+
+      function assertIssuerMatch(vault, name, Id) {
+        assertExactly(util.format('%s/certificates/issuers/%s', vault, name), Id.baseIdentifier);
+        assertExactly(Id.baseIdentifier, Id.identifier);
+
+        assertExactly(vault, Id.vault);
+        assertExactly(name, Id.name);
+        assertExactly(null, Id.version);
+      }
+
+      function verifyIssuerCreate(vault, name) {
+        var Id, parsedId;
+        Id = KeyVault.createIssuerIdentifier(vault, name);
+
+        assertIssuerMatch(vault, name, Id);
+        parsedId = KeyVault.parseIssuerIdentifier(Id.baseIdentifier);
+        assertIssuerMatch(vault, name, parsedId);
+      }
+
+      verifyCertificateCreate(vaultUri, CERTIFICATE_NAME, null);
+      verifyCertificateCreate(vaultUri, CERTIFICATE_NAME, '1234');
+
+      verifyCertificateOperationCreate(vaultUri, CERTIFICATE_NAME);
+
+      verifyIssuerCreate(vaultUri, CERTIFICATE_NAME);
+
+      done();
+
+    });
+  });
+
+  describe('CRUD certificate', function () {
+    it('should work', function (done) {
+
+      this.timeout(100000);
+
+      //create delete update get
+
+      var createdBundle;
+      var certificateId;
+      var certificatePolicy = {
+        keyProperties: {
+          exportable: true,
+          reuseKey: false,
+          keySize: 2048,
+          keyType: 'RSA'
+        },
+        secretProperties: {
+          contentType: 'application/x-pkcs12'
+        },
+        issuerReference: {
+          name: 'Self'
+        },
+        x509CertificateProperties: {
+          subject: 'CN=*.microsoft.com',
+          subjectAlternativeNames: ["onedrive.microsoft.com", "xbox.microsoft.com"],
+          validityInMonths: 24
+        }
+      };
+
+      function createCertificate(next) {
+        var intervalTime = 5000;
+        if (suiteUtil.isPlayback) {
+          intervalTime = 0;
+        }
+        client.createCertificate(vaultUri, CERTIFICATE_NAME, { certificatePolicy: certificatePolicy }, function (err, certificateOperation) {
+          if (err) throw err;
+          var interval = setInterval(function getCertStatus() {
+            client.getCertificateOperation(vaultUri, CERTIFICATE_NAME, function (err, pendingCertificate) {
+              if (err) throw err;
+              validateCertificateOperation(pendingCertificate, vaultUri, CERTIFICATE_NAME, certificatePolicy);
+
+              if (pendingCertificate.status.toUpperCase() === 'completed'.toUpperCase()) {
+                clearInterval(interval);
+                validateCertificateOperation(pendingCertificate, vaultUri, CERTIFICATE_NAME, certificatePolicy);
+                certificateId = pendingCertificate.target;
+                next();
+              }
+              else if (pendingCertificate.status.toUpperCase() !== 'InProgress'.toUpperCase()) {
+                throw new Error('UnKnown status code for pending certificate: ' + util.inspect(pendingCertificate, { depth: null }));
+              }
+            });
+          }, intervalTime);
+        });
+      }
+
+      function updateCertificate(next) {
+        certificatePolicy.tags = { 'tag1': 'value1' };
+        client.updateCertificate(certificateId, certificatePolicy, function (err, certificateBundle) {
+          if (err) throw err;
+          validateCertificateBundle(certificateBundle, vaultUri, CERTIFICATE_NAME, certificatePolicy);
+          next();
+        });
+      }
+
+      function getCertificate(next) {
+        client.getCertificate(certificateId, function (err, certificateBundle) {
+          if (err) throw err;
+
+          validateCertificateBundle(certificateBundle, vaultUri, CERTIFICATE_NAME, certificatePolicy);
+
+          //Get certificate as secret
+          client.getSecret(certificateBundle.sid, function (err, secretBundle) {
+            if (err) throw err;
+
+            next();
+          });
+        });
+      }
+
+      function deleteCertificate(next) {
+        client.deleteCertificate(vaultUri, CERTIFICATE_NAME, function (err, certificateBundle) {
+          if (err) throw err;
+          validateCertificateBundle(certificateBundle, vaultUri, CERTIFICATE_NAME, certificatePolicy);
+          next();
+        });
+      }
+
+      function getNoneExistingCertificate(next) {
+        client.getCertificate(certificateId, function (err, certificateBundle) {
+          if (!err || !err.code || err.code !== 'CertificateNotFound' || !err.statusCode || err.statusCode !== 404) {
+            throw new Error('Unexpected error object: ' + JSON.stringify(err, null, ' '));
+          }
+          next();
+        });
+      }
+
+      series([
+        createCertificate,
+        updateCertificate,
+        getCertificate,
+        deleteCertificate,
+        getNoneExistingCertificate,
+        function () { done(); }
+      ]);
+
+    });
+  });
+
+
+  describe('import', function () {
+    it('should work', function (done) {
+
+      this.timeout(10000);
+
+      var CERTIFICATE_NAME = 'nodeImportCertificate';
+
+      function importCertificate(next) {
+        importCommonCertificate(CERTIFICATE_NAME, function (err, certificateBundle, certificatePolicy) {
+          if (err) throw err;
+          validateCertificateBundle(certificateBundle, vaultUri, CERTIFICATE_NAME, certificatePolicy);
+          next();
+        });
+      }
+
+      series([
+        importCertificate,
+        function () { done(); }
+      ]);
+
+    });
+  });
+
+  describe('list', function () {
+    it('should work', function (done) {
+
+      this.timeout(100000);
+      var expected = {};
+
+      function importSomeCertificates(next) {
+        importCommonCertificate('importListCertificate1', function (err, certificateBundle) {
+          if (err) throw err;
+          expected[KeyVault.parseCertificateIdentifier(certificateBundle.id).baseIdentifier] = certificateBundle.attributes;
+
+          importCommonCertificate('importListCertificate2', function (err, certificateBundle) {
+            if (err) throw err;
+            expected[KeyVault.parseCertificateIdentifier(certificateBundle.id).baseIdentifier] = certificateBundle.attributes;
+            next();
+          });
+        });
+      }
+
+      function listCertificate(next) {
+        client.getCertificates(vaultUri, { maxresults: LIST_TEST_SIZE }, function (err, certList) {
+          if (err) throw err;
+          should(certList.length).be.within(0, LIST_TEST_SIZE);
+          validateCertificateList(certList, expected);
+          if (certList.nextLink) {
+            return getNextCertificates(certList.nextLink);
+          }
+
+          if (expected.length && expected.length !== 0) {
+            throw new Error('Not all certificates were returned: ' + JSON.stringify(expected, null, ' '));
+          }
+          next();
+
+          function getNextCertificates(nextLink) {
+            client.getCertificatesNext(nextLink, function (err, list) {
+              if (err) throw err;
+              validateCertificateList(list, expected);
+              if (list.nextLink) {
+                return getNextCertificates(list.nextLink);
+              }
+              if (expected.length && expected.length !== 0) {
+                throw new Error('Not all certificates were returned: ' + JSON.stringify(expected, null, ' '));
+              }
+              next();
+            });
+          }
+        });
+      }
+
+      series([
+        importSomeCertificates,
+        listCertificate,
+        function () {
+          done();
+        }
+      ]);
+
+    });
+  });
+
+  describe('list versions', function () {
+    it('should work', function (done) {
+      var CERTIFICATE_NAME = 'importListVersionCerts';
+      this.timeout(100000);
+      var expected = {};
+
+      function importSameCertificates(next) {
+        importCommonCertificate(CERTIFICATE_NAME, function (err, certificateBundle) {
+          if (err) throw err;
+          expected[certificateBundle.id] = certificateBundle.attributes;
+
+          importCommonCertificate(CERTIFICATE_NAME, function (err, certificateBundle) {
+            if (err) throw err;
+            expected[certificateBundle.id] = certificateBundle.attributes;
+            next();
+          });
+        });
+      }
+
+      function listCertificateVersions(next) {
+        client.getCertificateVersions(vaultUri, CERTIFICATE_NAME, { maxresults: LIST_TEST_SIZE }, function (err, certVersionList) {
+          if (err) throw err;
+          should(certVersionList.length).be.within(0, LIST_TEST_SIZE);
+          validateCertificateList(certVersionList, expected);
+          if (certVersionList.nextLink) {
+            return getNextCertificateVersions(certVersionList.nextLink);
+          }
+
+          if (expected.length && expected.length !== 0) {
+            throw new Error('Not all certificates versions were returned: ' + JSON.stringify(expected, null, ' '));
+          }
+          next();
+
+          function getNextCertificateVersions(nextLink) {
+            client.getCertificateVersionsNext(nextLink, function (err, list) {
+              if (err) throw err;
+              validateCertificateList(list, expected);
+              if (list.nextLink) {
+                return getNextCertificateVersions(list.nextLink);
+              }
+              if (expected.length && expected.length !== 0) {
+                throw new Error('Not all certificates versions were returned: ' + JSON.stringify(expected, null, ' '));
+              }
+              next();
+            });
+          }
+        });
+      }
+
+      series([
+        importSameCertificates,
+        listCertificateVersions,
+        function () {
+          done();
+        }
+      ]);
+    });
+  });
+
+  describe('CRUD issuer', function () {
+    it('should work', function (done) {
+
+      this.timeout(100000);
+      setTimeout(done, 100000);
+
+      var ISSUER_NAME = 'nodeIssuer';
+
+      var issuerBundle = {
+        provider: 'test',
+        credentials: {
+          accountId: 'keyvaultuser',
+          password: 'password'
+        },
+        organizationDetails: {
+          adminDetails: [{
+            firstName: 'Jane',
+            lastName: 'Doe',
+            emailAddress: 'admin@contoso.com',
+            phone: '4256666666'
+          }]
+        }
+      };
+
+      function createCertificateIssuer(next) {
+        client.setCertificateIssuer(vaultUri, ISSUER_NAME, issuerBundle, function (err, responseIssuerBundle) {
+          if (err) throw err;
+          validateIssuerBundle(responseIssuerBundle, vaultUri, ISSUER_NAME, issuerBundle);
+          next();
+        });
+      }
+
+      function getCertificateIssuer(next) {
+        client.getCertificateIssuer(vaultUri, ISSUER_NAME, function (err, responseIssuerBundle) {
+          if (err) throw err;
+          validateIssuerBundle(responseIssuerBundle, vaultUri, ISSUER_NAME, issuerBundle);
+          next();
+        });
+      }
+
+      function updateCertificateIssuer(next) {
+        var updateIssuer = {
+          provider: 'test',
+          credentials: {
+            accountId: 'xboxuser',
+            password: 'security'
+          },
+          organizationDetails: {
+            adminDetails: [{
+              firstName: 'Jane II',
+              lastName: 'Doe',
+              emailAddress: 'admin@contoso2.com',
+              phone: '1111111111'
+            }]
+          }
+        };
+        client.updateCertificateIssuer(vaultUri, ISSUER_NAME, updateIssuer, function (err, responseIssuerBundle) {
+          if (err) throw err;
+          validateIssuerBundle(responseIssuerBundle, vaultUri, ISSUER_NAME, updateIssuer);
+          next();
+        });
+      }
+
+      function deleteCertificateIssuer(next) {
+        client.deleteCertificateIssuer(vaultUri, ISSUER_NAME, function (err, responseIssuerBundle) {
+          if (err) throw err;
+          next();
+        });
+      }
+
+      function getNoneExistingIssuer(next) {
+        client.getCertificateIssuer(vaultUri, ISSUER_NAME, function (err, responseIssuerBundle) {
+          if (!err || !err.code || err.code !== 'CertificateIssuerNotFound' || !err.statusCode || err.statusCode !== 404) {
+            throw new Error('Unexpected error object: ' + JSON.stringify(err, null, ' '));
+          }
+          next();
+        });
+      }
+
+      series([
+        createCertificateIssuer,
+        getCertificateIssuer,
+        updateCertificateIssuer,
+        deleteCertificateIssuer,
+        getNoneExistingIssuer,
+        function () { done(); }
+      ]);
+
+    });
+  });
+
+  describe('list issuers', function () {
+    it('should work', function (done) {
+
+      this.timeout(10000);
+
+      var expected = {};
+
+      function setCertificateIssuers(next) {
+
+        var issuerBundle = {
+          provider: 'test',
+          credentials: {
+            accountId: 'keyvaultuser',
+            password: 'password'
+          },
+          organizationDetails: {
+            adminDetails: [{
+              firstName: 'Jane',
+              lastName: 'Doe',
+              emailAddress: 'admin@contoso.com',
+              phone: '4256666666'
+            }]
+          }
+        };
+
+        client.setCertificateIssuer(vaultUri, 'nodeIssuer1', issuerBundle, function (err, setIssuerBundle) {
+          if (err) throw err;
+          expected[setIssuerBundle.id] = setIssuerBundle.provider;
+
+          client.setCertificateIssuer(vaultUri, 'nodeIssuer2', issuerBundle, function (err, setIssuerBundle) {
+            if (err) throw err;
+            expected[setIssuerBundle.id] = setIssuerBundle.provider;
+            next();
+          });
+        });
+      }
+
+      function listCertificateIssuers(next) {
+
+        client.getCertificateIssuers(vaultUri, { maxresults: LIST_TEST_SIZE }, function (err, issuerList1) {
+          if (err) throw err;
+          validateCertificateIssuerList(issuerList1, expected);
+          should(issuerList1.length).be.within(0, LIST_TEST_SIZE);
+
+          if (issuerList1.nextLink) {
+            return getNextIssuers(issuerList1.nextLink);
+          }
+
+          if (expected.length && expected.length !== 0) {
+            throw new Error('Not all issuers were returned: ' + JSON.stringify(expected, null, ' '));
+          }
+          next();
+
+          function getNextIssuers(nextList) {
+            client.getCertificateIssuersNext(nextList, function (err, issuerList) {
+              if (err) throw err;
+              validateCertificateIssuerList(issuerList, expected);
+              if (issuerList.nextLink) {
+                return getNextIssuers(issuerList.nextLink);
+              }
+              if (expected.length && expected.length !== 0) {
+                throw new Error('Not all issuers were returned: ' + JSON.stringify(expected, null, ' '));
+              }
+              next();
+            });
+          }
+        });
+      }
+
+      series([
+        setCertificateIssuers,
+        listCertificateIssuers,
+        function () { done(); }
+      ]);
+
+    });
+  });
+
+  describe('async request cancellation and deletion', function () {
+    it('should work', function (done) {
+
+      this.timeout(10000);
+
+      var certificateName = "asyncCancelledDeletedCert";
+      var certificatePolicy = {
+        keyProperties: {
+          exportable: true,
+          reuseKey: false,
+          keySize: 2048,
+          keyType: 'RSA'
+        },
+        secretProperties: {
+          contentType: 'application/x-pkcs12'
+        },
+        issuerReference: {
+          name: 'Self'
+        },
+        x509CertificateProperties: {
+          subject: 'CN=*.microsoft.com',
+          subjectAlternativeNames: ["onedrive.microsoft.com", "xbox.microsoft.com"]
+        },
+        ValidityInMonths: 24,
+      };
+
+      function createCertificate(next) {
+
+        client.createCertificate(vaultUri, certificateName, { certificatePolicy: certificatePolicy }, function (err, certificateOperation) {
+          if (err) throw err;
+          next();
+        });
+      }
+
+      function cancelCertificateOperation(next) {
+
+        var certificateOperation = {
+          cancellationRequested: true
+        };
+        client.updateCertificateOperation(vaultUri, certificateName, certificateOperation, function (err, cancelledCertificateOperation) {
+          if (err) throw err;
+          should.exist(cancelledCertificateOperation.cancellationRequested);
+          should(cancelledCertificateOperation.cancellationRequested).be.exactly(true);
+          validateCertificateOperation(cancelledCertificateOperation, vaultUri, certificateName, certificatePolicy);
+
+          client.getCertificateOperation(vaultUri, certificateName, function (err, retrievedCertificateOperation) {
+            if (err) throw err;
+
+            should.exist(cancelledCertificateOperation.cancellationRequested);
+            should(cancelledCertificateOperation.cancellationRequested).be.exactly(true);
+            validateCertificateOperation(retrievedCertificateOperation, vaultUri, certificateName, certificatePolicy);
+            next();
+          });
+        });
+      }
+
+      function deleteCertificateOperation(next) {
+
+        client.deleteCertificateOperation(vaultUri, certificateName, function (err, deletedCertificateOperation) {
+          if (err) throw err;
+          should.exist(deletedCertificateOperation);
+          validateCertificateOperation(deletedCertificateOperation, vaultUri, certificateName, certificatePolicy);
+
+          client.getCertificateOperation(vaultUri, certificateName, function (err, retrievedCertificateOperation) {
+            if (!err || !err.code || err.code !== 'PendingCertificateNotFound' || !err.statusCode || err.statusCode !== 404) {
+              throw new Error('Unexpected error object: ' + JSON.stringify(err, null, ' '));
+            }
+            next();
+          });
+        });
+      }
+
+      function deleteCancelledCertificateOperation(next) {
+        client.deleteCertificate(vaultUri, certificateName, function (err, certificateBundle) {
+          if (err) throw err;
+          next();
+        });
+      }
+
+      series([
+        createCertificate,
+        cancelCertificateOperation,
+        deleteCertificateOperation,
+        deleteCancelledCertificateOperation,
+        function () { done(); }
+      ]);
+
+    });
+  });
+
+  describe('CRUD contacts', function () {
+    it('should work', function (done) {
+
+      var contacts = {
+        contactList: [{
+          emailAddress: 'admin@contoso.com',
+          name: 'John Doe',
+          phone: '1111111111'
+        }, {
+            emailAddress: 'admin2@contoso.com',
+            name: 'John Doe2',
+            phone: '2222222222'
+          }]
+      };
+
+      function createCertificateContacts(next) {
+        client.setCertificateContacts(vaultUri, contacts, function (err, responseContacts) {
+          if (err) throw err;
+          validateCertificateContacts(responseContacts, vaultUri, contacts);
+          next();
+        });
+      }
+
+      function getCertificateContacts(next) {
+        client.getCertificateContacts(vaultUri, function (err, responseContacts) {
+          if (err) throw err;
+          validateCertificateContacts(responseContacts, vaultUri, contacts);
+          next();
+        });
+      }
+
+      function deleteCertificateContacts(next) {
+        client.deleteCertificateContacts(vaultUri, function (err, responseContacts) {
+          if (err) throw err;
+          validateCertificateContacts(responseContacts, vaultUri, contacts);
+          next();
+        });
+      }
+
+      function getNoneExistingContacts(next) {
+        client.getCertificateContacts(vaultUri, function (err, responseContacts) {
+          if (!err || !err.code || err.code !== 'ContactsNotFound' || !err.statusCode || err.statusCode !== 404) {
+            throw new Error('Unexpected error object: ' + JSON.stringify(err, null, ' '));
+          }
+          next();
+        });
+      }
+
+      series([
+        createCertificateContacts,
+        getCertificateContacts,
+        deleteCertificateContacts,
+        getNoneExistingContacts,
+        function () { done(); }
+      ]);
+
+    });
+  });
+
+  describe('policy', function () {
+    it('should work', function (done) {
+
+      this.timeout(10000);
+
+      var certificateName = 'policyCertificate';
+
+      function getCertificatePolicy(next) {
+
+        importCommonCertificate(certificateName, function (err, certificateBundle, certificatePolicy) {
+          if (err) throw err;
+          client.getCertificatePolicy(vaultUri, certificateName, function (err, retrievedCertificatePolicy) {
+            if (err) throw err;
+            should.exist(retrievedCertificatePolicy);
+            next();
+          });
+        });
+
+      }
+
+      function updateCertificatePolicy(next) {
+
+        var certificatePolicy = {
+          keyProperties: {
+            exportable: true,
+            reuseKey: false,
+            keySize: 2048,
+            keyType: 'RSA'
+          },
+          secretProperties: {
+            contentType: 'application/x-pkcs12'
+          },
+          issuerReference: {
+            name: 'Self'
+          }
+        };
+
+        client.updateCertificatePolicy(vaultUri, certificateName, certificatePolicy, function (err, certificateBundle, updatedCertificatePolicy) {
+          if (err) throw err;
+          client.getCertificatePolicy(vaultUri, certificateName, function (err, updatedCertificatePolicy) {
+            if (err) throw err;
+            should.exist(updatedCertificatePolicy);
+            next();
+          });
+        });
+      }
+
+      series([
+        getCertificatePolicy,
+        updateCertificatePolicy,
+        function () { done(); }
+      ]);
+
+    });
+  });
+
+  describe('manual enrolled', function () {
+    it('should work', function (done) {
+
+      this.timeout(10000);
+
+      var certificateName = "UnknownIssuerCert1";
+      var certificatePolicy = {
+        keyProperties: {
+          exportable: true,
+          reuseKey: false,
+          keySize: 2048,
+          keyType: 'RSA'
+        },
+        secretProperties: {
+          contentType: 'application/x-pkcs12'
+        },
+        issuerReference: {
+          name: 'Unknown'
+        },
+        x509CertificateProperties: {
+          subject: 'CN=*.microsoft.com',
+          subjectAlternativeNames: ["onedrive.microsoft.com", "xbox.microsoft.com"]
+        }
+      };
+
+      function getPendingCertificateSigningRequest(next) {
+
+        client.createCertificate(vaultUri, certificateName, { certificatePolicy: certificatePolicy }, function (err, certificateOperation) {
+          if (err) throw err;
+
+          try {
+            client.getPendingCertificateSigningRequest(vaultUri, certificateName, function (err, pendingVersionCsr) {
+              if (err) throw err;
+              should(new Buffer(certificateOperation.csr).toString('base64')).be.exactly(pendingVersionCsr);
+              next();
+            });
+          }
+          catch (e) { throw e; }
+          finally {
+            client.deleteCertificate(vaultUri, certificateName, function (err, certificateBundle) {
+              if (err) throw err;
+              next();
+            });
+          }
+        });
+      }
+
+      series([
+        getPendingCertificateSigningRequest,
+        function () { done(); }
+      ]);
+
+    });
+  });
+
+  function importCommonCertificate(certificateName, callback) {
+    var certificateContent = "MIIJOwIBAzCCCPcGCSqGSIb3DQEHAaCCCOgEggjkMIII4DCCBgkGCSqGSIb3DQEHAaCCBfoEggX2MIIF8jCCBe4GCyqGSIb3DQEMCgECoIIE/jCCBPowHAYKKoZIhvcNAQwBAzAOBAj15YH9pOE58AICB9AEggTYLrI+SAru2dBZRQRlJY7XQ3LeLkah2FcRR3dATDshZ2h0IA2oBrkQIdsLyAAWZ32qYR1qkWxLHn9AqXgu27AEbOk35+pITZaiy63YYBkkpR+pDdngZt19Z0PWrGwHEq5z6BHS2GLyyN8SSOCbdzCz7blj3+7IZYoMj4WOPgOm/tQ6U44SFWek46QwN2zeA4i97v7ftNNns27ms52jqfhOvTA9c/wyfZKAY4aKJfYYUmycKjnnRl012ldS2lOkASFt+lu4QCa72IY6ePtRudPCvmzRv2pkLYS6z3cI7omT8nHP3DymNOqLbFqr5O2M1ZYaLC63Q3xt3eVvbcPh3N08D1hHkhz/KDTvkRAQpvrW8ISKmgDdmzN55Pe55xHfSWGB7gPw8sZea57IxFzWHTK2yvTslooWoosmGxanYY2IG/no3EbPOWDKjPZ4ilYJe5JJ2immlxPz+2e2EOCKpDI+7fzQcRz3PTd3BK+budZ8aXX8aW/lOgKS8WmxZoKnOJBNWeTNWQFugmktXfdPHAdxMhjUXqeGQd8wTvZ4EzQNNafovwkI7IV/ZYoa++RGofVR3ZbRSiBNF6TDj/qXFt0wN/CQnsGAmQAGNiN+D4mY7i25dtTu/Jc7OxLdhAUFpHyJpyrYWLfvOiS5WYBeEDHkiPUa/8eZSPA3MXWZR1RiuDvuNqMjct1SSwdXADTtF68l/US1ksU657+XSC+6ly1A/upz+X71+C4Ho6W0751j5ZMT6xKjGh5pee7MVuduxIzXjWIy3YSd0fIT3U0A5NLEvJ9rfkx6JiHjRLx6V1tqsrtT6BsGtmCQR1UCJPLqsKVDvAINx3cPA/CGqr5OX2BGZlAihGmN6n7gv8w4O0k0LPTAe5YefgXN3m9pE867N31GtHVZaJ/UVgDNYS2jused4rw76ZWN41akx2QN0JSeMJqHXqVz6AKfz8ICS/dFnEGyBNpXiMRxrY/QPKi/wONwqsbDxRW7vZRVKs78pBkE0ksaShlZk5GkeayDWC/7Hi/NqUFtIloK9XB3paLxo1DGu5qqaF34jZdktzkXp0uZqpp+FfKZaiovMjt8F7yHCPk+LYpRsU2Cyc9DVoDA6rIgf+uEP4jppgehsxyT0lJHax2t869R2jYdsXwYUXjgwHIV0voj7bJYPGFlFjXOp6ZW86scsHM5xfsGQoK2Fp838VT34SHE1ZXU/puM7rviREHYW72pfpgGZUILQMohuTPnd8tFtAkbrmjLDo+k9xx7HUvgoFTiNNWuq/cRjr70FKNguMMTIrid+HwfmbRoaxENWdLcOTNeascER2a+37UQolKD5ksrPJG6RdNA7O2pzp3micDYRs/+s28cCIxO//J/d4nsgHp6RTuCu4+Jm9k0YTw2Xg75b2cWKrxGnDUgyIlvNPaZTB5QbMid4x44/lE0LLi9kcPQhRgrK07OnnrMgZvVGjt1CLGhKUv7KFc3xV1r1rwKkosxnoG99oCoTQtregcX5rIMjHgkc1IdflGJkZzaWMkYVFOJ4Weynz008i4ddkske5vabZs37Lb8iggUYNBYZyGzalruBgnQyK4fz38Fae4nWYjyildVfgyo/fCePR2ovOfphx9OQJi+M9BoFmPrAg+8ARDZ+R+5yzYuEc9ZoVX7nkp7LTGB3DANBgkrBgEEAYI3EQIxADATBgkqhkiG9w0BCRUxBgQEAQAAADBXBgkqhkiG9w0BCRQxSh5IAGEAOAAwAGQAZgBmADgANgAtAGUAOQA2AGUALQA0ADIAMgA0AC0AYQBhADEAMQAtAGIAZAAxADkANABkADUAYQA2AGIANwA3MF0GCSsGAQQBgjcRATFQHk4ATQBpAGMAcgBvAHMAbwBmAHQAIABTAHQAcgBvAG4AZwAgAEMAcgB5AHAAdABvAGcAcgBhAHAAaABpAGMAIABQAHIAbwB2AGkAZABlAHIwggLPBgkqhkiG9w0BBwagggLAMIICvAIBADCCArUGCSqGSIb3DQEHATAcBgoqhkiG9w0BDAEGMA4ECNX+VL2MxzzWAgIH0ICCAojmRBO+CPfVNUO0s+BVuwhOzikAGNBmQHNChmJ/pyzPbMUbx7tO63eIVSc67iERda2WCEmVwPigaVQkPaumsfp8+L6iV/BMf5RKlyRXcwh0vUdu2Qa7qadD+gFQ2kngf4Dk6vYo2/2HxayuIf6jpwe8vql4ca3ZtWXfuRix2fwgltM0bMz1g59d7x/glTfNqxNlsty0A/rWrPJjNbOPRU2XykLuc3AtlTtYsQ32Zsmu67A7UNBw6tVtkEXlFDqhavEhUEO3dvYqMY+QLxzpZhA0q44ZZ9/ex0X6QAFNK5wuWxCbupHWsgxRwKftrxyszMHsAvNoNcTlqcctee+ecNwTJQa1/MDbnhO6/qHA7cfG1qYDq8Th635vGNMW1w3sVS7l0uEvdayAsBHWTcOC2tlMa5bfHrhY8OEIqj5bN5H9RdFy8G/W239tjDu1OYjBDydiBqzBn8HG1DSj1Pjc0kd/82d4ZU0308KFTC3yGcRad0GnEH0Oi3iEJ9HbriUbfVMbXNHOF+MktWiDVqzndGMKmuJSdfTBKvGFvejAWVO5E4mgLvoaMmbchc3BO7sLeraHnJN5hvMBaLcQI38N86mUfTR8AP6AJ9c2k514KaDLclm4z6J8dMz60nUeo5D3YD09G6BavFHxSvJ8MF0Lu5zOFzEePDRFm9mH8W0N/sFlIaYfD/GWU/w44mQucjaBk95YtqOGRIj58tGDWr8iUdHwaYKGqU24zGeRae9DhFXPzZshV1ZGsBQFRaoYkyLAwdJWIXTi+c37YaC8FRSEnnNmS79Dou1Kc3BvK4EYKAD2KxjtUebrV174gD0Q+9YuJ0GXOTspBvCFd5VT2Rw5zDNrA/J3F5fMCk4wOzAfMAcGBSsOAwIaBBSxgh2xyF+88V4vAffBmZXv8Txt4AQU4O/NX4MjxSodbE7ApNAMIvrtREwCAgfQ";
+    var certificatePassword = "123";
+    var certificatePolicy = {
+      keyProperties: {
+        exportable: true,
+        reuseKey: false,
+        keySize: 2048,
+        keyType: 'RSA'
+      },
+      secretProperties: {
+        contentType: 'application/x-pkcs12'
+      }
+    };
+
+    client.importCertificate(vaultUri, certificateName, certificateContent, { password: certificatePassword, certificatePolicy: certificatePolicy }, function (err, bundle) {
+      callback(err, bundle, certificatePolicy);
+    });
+  }
+
+  function cleanupCreatedCertificates(callback) {
+    if (!suiteUtil.isMocked) {
+      client.getCertificates(vaultUri, function (err, list) {
+        if (list && list.length !== 0) {
+          list.forEach(function (cert) {
+            var id = KeyVault.parseCertificateIdentifier(cert.id);
+            client.deleteCertificate(id.vault, id.name, function (err, bundle) { });
+          });
+        }
+        callback();;
+      });
+    }
+    else callback();
+  }
+
+});

test/services/keyVault/keyVault-key-tests.js

@@ -22,6 +22,7 @@ var MockedTestUtils = require('../../framework/mocked-test-utils');
 var KvUtils = require('./kv-test-utils.js');
 var Crypto = require('crypto');
 var util = require('util');
+var should = require('should');
 
 var series = KvUtils.series;
 var assertExactly = KvUtils.assertExactly;
@@ -34,7 +35,7 @@ var random = KvUtils.getRandom();
 
 var vaultUri = process.env['AZURE_KV_VAULT'];
 if (!vaultUri) {
-    vaultUri = 'https://nodesdktest.vault.azure.net';
+    vaultUri = 'https://sdktestvault0511.vault.azure.net';
 }
 
 var standardVaultOnly = process.env['AZURE_KV_STANDARD_VAULT_ONLY'];
@@ -43,7 +44,7 @@ if (!standardVaultOnly || standardVaultOnly.toLowerCase() == 'false') {
 }
 
 var KEY_NAME = 'nodeKey';
-var LIST_TEST_SIZE = 5;
+var LIST_TEST_SIZE = 2;
 
 describe('Key Vault keys', function () {
 
@@ -59,7 +60,9 @@ describe('Key Vault keys', function () {
   });
 
   after(function (done) {
-    suiteUtil.teardownSuite(done);
+    cleanupCreatedKeys(function () {
+      suiteUtil.teardownSuite(done);
+    });
   });
 
   beforeEach(function (done) {
@@ -70,9 +73,9 @@ describe('Key Vault keys', function () {
     suiteUtil.baseTeardownTest(done);
   });
 
-  describe('identifier', function() {
-    it('should work', function(done) {
-      
+  describe('identifier', function () {
+    it('should work', function (done) {
+
       function assertMatch(vault, name, version, keyId) {
         assertExactly(util.format('%s/keys/%s', vault, name), keyId.baseIdentifier);
         if (version) {
@@ -84,7 +87,7 @@ describe('Key Vault keys', function () {
         assertExactly(name, keyId.name);
         assertExactly(version, keyId.version);
       }
-      
+
       function verifyCreate(vault, name, version) {
         var keyId, parsedId;
         if (version) {
@@ -103,20 +106,22 @@ describe('Key Vault keys', function () {
 
       verifyCreate(vaultUri, KEY_NAME, null);
       verifyCreate(vaultUri, KEY_NAME, '1234');
-      
+
       done();
-      
+
     });
   });
-  
+
   describe('CRUD operations', function () {
     it('should work', function (done) {
-      
+
+      this.timeout(10000);
+
       var createdBundle;
       var keyId;
 
       function createKey(next) {
-        client.createKey(vaultUri, KEY_NAME, { kty: 'RSA' }, function(err, keyBundle) {
+        client.createKey(vaultUri, KEY_NAME, 'RSA', function (err, keyBundle) {
           if (err) throw err;
           validateRsaKeyBundle(keyBundle, vaultUri, KEY_NAME, 'RSA');
           createdBundle = keyBundle;
@@ -124,9 +129,9 @@ describe('Key Vault keys', function () {
           next();
         });
       }
-      
+
       function getKeyWOVersion(next) {
-        client.getKey(keyId.baseIdentifier, function(err, keyBundle) {
+        client.getKey(keyId.baseIdentifier, function (err, keyBundle) {
           if (err) throw err;
           compareObjects(createdBundle, keyBundle);
           next();
@@ -134,7 +139,7 @@ describe('Key Vault keys', function () {
       }
 
       function getKeyWithVersion(next) {
-        client.getKey(keyId.identifier, function(err, keyBundle) {
+        client.getKey(keyId.identifier, function (err, keyBundle) {
           if (err) throw err;
           compareObjects(createdBundle, keyBundle);
           next();
@@ -143,11 +148,11 @@ describe('Key Vault keys', function () {
 
       function updateKey(keyUri, next) {
         var updatingBundle = KvUtils.clone(createdBundle);
-        updatingBundle.attributes.exp = new Date('2050-02-02T08:00:00.000Z');
-        updatingBundle.key.key_ops = ['encrypt', 'decrypt'];
+        updatingBundle.attributes.expires = new Date('2050-02-02T08:00:00.000Z');
+        updatingBundle.key.keyOps = ['encrypt', 'decrypt'];
         updatingBundle.tags = { foo: random.hex(100) };
-        var request = { key_ops: updatingBundle.key.key_ops, attributes: updatingBundle.attributes, tags: updatingBundle.tags };
-        client.updateKey(keyUri, request, function(err, keyBundle) {
+        var request = { keyOps: updatingBundle.key.keyOps, keyAttributes: updatingBundle.attributes, tags: updatingBundle.tags };
+        client.updateKey(keyUri, request, function (err, keyBundle) {
           if (err) throw err;
           updatingBundle.attributes.updated = keyBundle.attributes.updated;
           compareObjects(updatingBundle, keyBundle);
@@ -155,17 +160,17 @@ describe('Key Vault keys', function () {
           next();
         });
       }
-      
+
       function updateKeyWOVersion(next) {
         return updateKey(keyId.baseIdentifier, next);
       }
-      
+
       function updateKeyWithVersion(next) {
         return updateKey(keyId.identifier, next);
       }
 
       function deleteKey(next) {
-        client.deleteKey(keyId.vault, keyId.name, function(err, keyBundle) {
+        client.deleteKey(keyId.vault, keyId.name, function (err, keyBundle) {
           if (err) throw err;
           compareObjects(createdBundle, keyBundle);
           next();
@@ -173,7 +178,7 @@ describe('Key Vault keys', function () {
       }
 
       function getKeyReturnsNotFound(next) {
-        client.getKey(keyId.baseIdentifier, function(err, keyBundle) {
+        client.getKey(keyId.baseIdentifier, function (err, keyBundle) {
           if (!err || !err.code || err.code !== 'KeyNotFound' || !err.statusCode || err.statusCode !== 404) {
             throw new Error('Unexpected error object: ' + JSON.stringify(err, null, ' '));
           }
@@ -189,37 +194,38 @@ describe('Key Vault keys', function () {
         updateKeyWithVersion,
         deleteKey,
         getKeyReturnsNotFound,
-        function () {done();}
-      ]);     
-      
+        function () { done(); }
+      ]);
+
     });
   });
-  
-  describe('import', function() {
-    it('should work', function(done) {
-      
+
+
+  describe('import', function () {
+    it('should work', function (done) {
+
+      this.timeout(10000);
+
       function doImport(importToHardware, next) {
-        var importKeyRequest = {
-          key: {
-            kty: 'RSA',
-            key_ops: ['encrypt', 'decrypt', 'sign', 'verify', 'wrapKey', 'unwrapKey']
-          },
-          hsm: importToHardware
-        };  
-        setRsaParameters(importKeyRequest.key, getTestKey(suiteUtil));
-        client.importKey(vaultUri, KEY_NAME, importKeyRequest, function(err, keyBundle) {
+        var key = {
+          kty: 'RSA',
+          keyOps: ['encrypt', 'decrypt', 'sign', 'verify', 'wrapKey', 'unwrapKey']
+        };
+
+        setRsaParameters(key, getTestKey(suiteUtil));
+        client.importKey(vaultUri, KEY_NAME, key, { hsm: importToHardware }, function (err, keyBundle) {
           if (err) throw err;
-          validateRsaKeyBundle(keyBundle, vaultUri, KEY_NAME, importToHardware ? 'RSA-HSM' : 'RSA', importKeyRequest.key_ops);
+          validateRsaKeyBundle(keyBundle, vaultUri, KEY_NAME, importToHardware ? 'RSA-HSM' : 'RSA', key.keyOps);
           next();
         });
       };
-      
+
       function importToSoftware(next) {
-        doImport(false, next);        
+        doImport(false, next);
       }
-            
+
       function importToHardware(next) {
-        if(!standardVaultOnly) {
+        if (!standardVaultOnly) {
           doImport(true, next);
         } else {
           doImport(false, next);
@@ -229,15 +235,16 @@ describe('Key Vault keys', function () {
       series([
         importToSoftware,
         importToHardware,
-        function() {done();}
-      ]);     
+        function () { done(); }
+      ]);
 
     });
   });
- 
-  // TODO: Disabled because intermittently fails due to throtlling. We need to have a better back-off handling here.
-  describe.skip('list', function() {
-    it('should work', function(done) {
+
+  describe('list', function () {
+    it('should work', function (done) {
+
+      this.timeout(100000);
 
       var maxKeys = LIST_TEST_SIZE;
       var expected = {};
@@ -249,7 +256,7 @@ describe('Key Vault keys', function () {
         var errorCount = 0;
 
         function createAKey() {
-          client.createKey(vaultUri, KEY_NAME + (keyCount+1), { kty: 'RSA' }, function(err, keyBundle) {
+          client.createKey(vaultUri, KEY_NAME + (keyCount + 1), 'RSA', function (err, keyBundle) {
             if (err && err.code == 'Throttled') {
               ++errorCount;
               return setTimeout(createAKey, errorCount * 2500);
@@ -271,72 +278,48 @@ describe('Key Vault keys', function () {
 
       function listKeys(next) {
         var currentResult;
-        client.getKeys(vaultUri, null, function(err, result) {
+        client.getKeys(vaultUri, { maxresults: LIST_TEST_SIZE }, function (err, result) {
           if (err) throw err;
-          //console.log('getKeys: ' + JSON.stringify(result, null, ' '));
+          should(result.length).be.within(0, LIST_TEST_SIZE);
           validateKeyList(result, expected);
           currentResult = result;
           if (currentResult.nextLink) {
-            return getNextKeys();
+            return getNextKeys(currentResult.nextLink);
           }
           next();
-          
-          function getNextKeys() {
-            client.getKeysNext(currentResult.nextLink, function(err, result) {
+
+          function getNextKeys(nextLink) {
+            client.getKeysNext(nextLink, function (err, list) {
               if (err) throw err;
-              validateKeyList(result, expected);
-              currentResult = result;
-              if (currentResult.nextLink) {
-                return getNextKeys();
+              validateKeyList(list, expected);
+              if (list.nextLink) {
+                return getNextKeys(list.nextLink);
               }
-              if (Object.keys(expected).length !== zeroCount) {
-                throw new Error('Not all keys were returned: ' + JSON.stringify(Object.keys(expected), null, ' '));
+              if (expected.length && expected.length !== 0) {
+                throw new Error('Not all keys were returned: ' + JSON.stringify(expected, null, ' '));
               }
               next();
             });
           }
-          
+
         });
       }
 
-      function deleteKeys(next) {
-
-        var keyNum = 1;
-
-        function deleteAKey() {
-          client.deleteKey(vaultUri, KEY_NAME+keyNum, function(err, keyBundle) {
-            if (err) {
-              console.info('Unable to delete key: ' + JSON.stringify(err));
-            }
-            ++keyNum;
-            if (keyNum <= maxKeys) {
-              return deleteAKey();
-            }
-            next();
-          });
-        }
-
-        deleteAKey();
-      }
-
       series([
         createManyKeys,
         listKeys,
-        deleteKeys,
-        function() { 
-          if (!suiteUtil.isMocked) {
-            // Avoid being throttled in the next test.
-            setTimeout(function() {done();}, 5000); 
-          }
+        function () {
+          done();
         }
       ]);
 
     });
   });
 
-  // TODO: Disabled because intermittently fails due to throtlling. We need to have a better back-off handling here.
-  describe.skip('list versions', function() {
-    it('should work', function(done) {
+  describe('list versions', function () {
+    it('should work', function (done) {
+
+      this.timeout(10000);
 
       var maxKeys = LIST_TEST_SIZE;
       var expected = {};
@@ -348,7 +331,7 @@ describe('Key Vault keys', function () {
         var errorCount = 0;
 
         function createAKey() {
-          client.createKey(vaultUri, KEY_NAME, { kty: 'RSA' }, function(err, keyBundle) {
+          client.createKey(vaultUri, KEY_NAME, 'RSA', function (err, keyBundle) {
             if (err && err.code == 'Throttled') {
               ++errorCount;
               return setTimeout(createAKey, errorCount * 2500);
@@ -369,59 +352,47 @@ describe('Key Vault keys', function () {
 
       function listKeyVersions(next) {
         var currentResult;
-        client.getKeyVersions(vaultUri, KEY_NAME, null, function(err, result) {
+        client.getKeyVersions(vaultUri, KEY_NAME, function (err, result) {
           if (err) throw err;
           validateKeyList(result, expected);
           currentResult = result;
           if (currentResult.nextLink) {
-            return getNextKeys();
+            return getNextKeys(currentResult.nextLink);
           }
           next();
-          
-          function getNextKeys() {
-            client.getKeyVersionsNext(currentResult.nextLink, function(err, result) {
+
+          function getNextKeys(nextLink) {
+            client.getKeyVersionsNext(currentResult.nextLink, function (err, list) {
               if (err) throw err;
-              validateKeyList(result, expected);
-              currentResult = result;
-              if (currentResult.nextLink) {
-                return getNextKeys();
+              validateKeyList(list, expected);
+              if (list.nextLink) {
+                return getNextKeys(list.nextLink);
               }
-              if (Object.keys(expected).length !== zeroCount) {
-                throw new Error('Not all keys were returned: ' + JSON.stringify(Object.keys(expected), null, ' '));
+              if (expected.length && expected.length !== 0) {
+                throw new Error('Not all key versions were returned: ' + JSON.stringify(expected, null, ' '));
               }
               next();
             });
           }
-          
-        });
-      }
 
-      function deleteKey(next) {
-        client.deleteKey(vaultUri, KEY_NAME, function(err, keyBundle) {
-          if (err) {
-            console.info('Unable to delete key: ' + JSON.stringify(err));
-          }
-          next();
         });
       }
 
       series([
         createManyKeyVersions,
         listKeyVersions,
-        deleteKey,
-        function() { 
-          if (!suiteUtil.isMocked) {
-            // Avoid being throttled in the next test.
-            setTimeout(function() {done();}, 5000); 
-          }
+        function () {
+          done();
         }
       ]);
 
     });
   });
 
-  describe('backup and restore', function() {
-    it('should work', function(done) {
+  describe('backup and restore', function () {
+    it('should work', function (done) {
+
+      this.timeout(10000);
 
       var keyName = KEY_NAME + 'forBkp';
       var createdBundle;
@@ -429,7 +400,7 @@ describe('Key Vault keys', function () {
       var keyBackup;
 
       function createKey(next) {
-        client.createKey(vaultUri, keyName, { kty: 'RSA' }, function(err, keyBundle) {
+        client.createKey(vaultUri, keyName, 'RSA', function (err, keyBundle) {
           if (err) throw err;
           createdBundle = keyBundle;
           keyId = KeyVault.parseKeyIdentifier(createdBundle.key.kid);
@@ -438,7 +409,7 @@ describe('Key Vault keys', function () {
       }
 
       function backup(next) {
-        client.backupKey(keyId.vault, keyId.name, function(err, result) {
+        client.backupKey(keyId.vault, keyId.name, function (err, result) {
           if (err) throw err;
           keyBackup = result.value;
           next();
@@ -446,14 +417,14 @@ describe('Key Vault keys', function () {
       }
 
       function deleteKey(next) {
-        client.deleteKey(keyId.vault, keyId.name, function(err, keyBundle) {
+        client.deleteKey(keyId.vault, keyId.name, function (err, keyBundle) {
           if (err) throw err;
           next();
         });
       }
 
       function restore(next) {
-        client.restoreKey(vaultUri, keyBackup, function(err, keyBundle) {
+        client.restoreKey(vaultUri, keyBackup, function (err, keyBundle) {
           if (err) throw err;
           compareObjects(createdBundle, keyBundle);
           next();
@@ -465,21 +436,23 @@ describe('Key Vault keys', function () {
         backup,
         deleteKey,
         restore,
-        function() {done();}
+        function () { done(); }
       ]);
 
     });
   });
 
-  describe('encrypt and decrypt', function() {
-    it ('should work', function(done) {
+  describe('encrypt and decrypt', function () {
+    it('should work', function (done) {
+
+      this.timeout(10000);
 
       var keyId = KeyVault.createKeyIdentifier(vaultUri, KEY_NAME);
       var plainText = new Buffer(random.hex(200), 'hex');
       var cipherText;
 
       function importKey(next) {
-        importTestKey(client, keyId, function(err, keyBundle) {
+        importTestKey(client, keyId, function (err, keyBundle) {
           if (err) throw err;
           keyId = KeyVault.parseKeyIdentifier(keyBundle.key.kid);
           next();
@@ -487,33 +460,33 @@ describe('Key Vault keys', function () {
       }
 
       function encryptWOVersion(next) {
-        client.encrypt(keyId.baseIdentifier, 'RSA-OAEP', plainText, function(err, result) {
+        client.encrypt(keyId.baseIdentifier, 'RSA-OAEP', plainText, function (err, result) {
           if (err) throw err;
-          cipherText = result.value;
+          cipherText = result.result;
           next();
         });
       }
 
       function decryptWOVersion(next) {
-        client.decrypt(keyId.baseIdentifier, 'RSA-OAEP', cipherText, function(err, result) {
+        client.decrypt(keyId.baseIdentifier, 'RSA-OAEP', cipherText, function (err, result) {
           if (err) throw err;
-          compareObjects(plainText, result.value);
+          compareObjects(plainText, result.result);
           next();
         });
       }
 
       function encryptWithVersion(next) {
-        client.encrypt(keyId.identifier, 'RSA-OAEP', plainText, function(err, result) {
+        client.encrypt(keyId.identifier, 'RSA-OAEP', plainText, function (err, result) {
           if (err) throw err;
-          cipherText = result.value;
+          cipherText = result.result;
           next();
         });
       }
 
       function decryptWithVersion(next) {
-        client.decrypt(keyId.identifier, 'RSA-OAEP', cipherText, function(err, result) {
+        client.decrypt(keyId.identifier, 'RSA-OAEP', cipherText, function (err, result) {
           if (err) throw err;
-          compareObjects(plainText, result.value);
+          compareObjects(plainText, result.result);
           next();
         });
       }
@@ -524,21 +497,23 @@ describe('Key Vault keys', function () {
         decryptWOVersion,
         encryptWithVersion,
         decryptWithVersion,
-        function() {done();}
+        function () { done(); }
       ]);
 
     });
   });
 
-  describe('wrap and unwrap', function() {
-    it ('should work', function(done) {
+  describe('wrap and unwrap', function () {
+    it('should work', function (done) {
+
+      this.timeout(10000);
 
       var keyId = KeyVault.createKeyIdentifier(vaultUri, KEY_NAME);
       var plainText = new Buffer(random.hex(200), 'hex');
       var cipherText;
 
       function importKey(next) {
-        importTestKey(client, keyId, function(err, keyBundle) {
+        importTestKey(client, keyId, function (err, keyBundle) {
           if (err) throw err;
           keyId = KeyVault.parseKeyIdentifier(keyBundle.key.kid);
           next();
@@ -546,33 +521,33 @@ describe('Key Vault keys', function () {
       }
 
       function wrapWOVersion(next) {
-        client.wrapKey(keyId.baseIdentifier, 'RSA-OAEP', plainText, function(err, result) {
+        client.wrapKey(keyId.baseIdentifier, 'RSA-OAEP', plainText, function (err, result) {
           if (err) throw err;
-          cipherText = result.value;
+          cipherText = result.result;
           next();
         });
       }
 
       function unwrapWOVersion(next) {
-        client.unwrapKey(keyId.baseIdentifier, 'RSA-OAEP', cipherText, function(err, result) {
+        client.unwrapKey(keyId.baseIdentifier, 'RSA-OAEP', cipherText, function (err, result) {
           if (err) throw err;
-          compareObjects(plainText, result.value);
+          compareObjects(plainText, result.result);
           next();
         });
       }
 
       function wrapWithVersion(next) {
-        client.wrapKey(keyId.identifier, 'RSA-OAEP', plainText, function(err, result) {
+        client.wrapKey(keyId.identifier, 'RSA-OAEP', plainText, function (err, result) {
           if (err) throw err;
-          cipherText = result.value;
+          cipherText = result.result;
           next();
         });
       }
 
       function unwrapWithVersion(next) {
-        client.unwrapKey(keyId.identifier, 'RSA-OAEP', cipherText, function(err, result) {
+        client.unwrapKey(keyId.identifier, 'RSA-OAEP', cipherText, function (err, result) {
           if (err) throw err;
-          compareObjects(plainText, result.value);
+          compareObjects(plainText, result.result);
           next();
         });
       }
@@ -583,14 +558,16 @@ describe('Key Vault keys', function () {
         unwrapWOVersion,
         wrapWithVersion,
         unwrapWithVersion,
-        function() {done();}
+        function () { done(); }
       ]);
 
     });
   });
 
-  describe('sign and verify', function() {
-    it ('should work', function(done) {
+  describe('sign and verify', function () {
+    it('should work', function (done) {
+
+      this.timeout(10000);
 
       var keyId = KeyVault.createKeyIdentifier(vaultUri, KEY_NAME);
       var plainText = new Buffer(random.hex(200), 'hex');
@@ -600,23 +577,23 @@ describe('Key Vault keys', function () {
       var signature;
 
       function importKey(next) {
-        importTestKey(client, keyId, function(err, keyBundle) {
+        importTestKey(client, keyId, function (err, keyBundle) {
           if (err) throw err;
           keyId = KeyVault.parseKeyIdentifier(keyBundle.key.kid);
           next();
-        })
+        });
       }
 
       function signWOVersion(next) {
-        client.sign(keyId.baseIdentifier, 'RS256', digest, function(err, result) {
+        client.sign(keyId.baseIdentifier, 'RS256', digest, function (err, result) {
           if (err) throw err;
-          signature = result.value;
+          signature = result.result;
           next();
         });
       }
 
       function verifyWOVersion(next) {
-        client.verify(keyId.baseIdentifier, 'RS256', digest, signature, function(err, result) {
+        client.verify(keyId.baseIdentifier, 'RS256', digest, signature, function (err, result) {
           if (err) throw err;
           if (!result.value) {
             throw new Error('Expected {value:true}, but found ' + JSON.stringify(result));
@@ -626,15 +603,15 @@ describe('Key Vault keys', function () {
       }
 
       function signWithVersion(next) {
-        client.sign(keyId.identifier, 'RS256', digest, function(err, result) {
+        client.sign(keyId.identifier, 'RS256', digest, function (err, result) {
           if (err) throw err;
-          signature = result.value;
+          signature = result.result;
           next();
         });
       }
 
       function verifyWithVersion(next) {
-        client.verify(keyId.identifier, 'RS256', digest, signature, function(err, result) {
+        client.verify(keyId.identifier, 'RS256', digest, signature, function (err, result) {
           if (err) throw err;
           if (!result.value) {
             throw new Error('Expected {value:true}, but found ' + JSON.stringify(result));
@@ -647,21 +624,34 @@ describe('Key Vault keys', function () {
         importKey,
         signWOVersion,
         verifyWOVersion,
-        function() {done();}
+        function () { done(); }
       ]);
 
     });
   });
 
   function importTestKey(client, keyId, callback) {
-    var importKeyRequest = {
-      key: {
-        kty: 'RSA',
-        key_ops: ['encrypt', 'decrypt', 'sign', 'verify', 'wrapKey', 'unwrapKey']
-      }
+    var key = {
+      kty: 'RSA',
+      keyOps: ['encrypt', 'decrypt', 'sign', 'verify', 'wrapKey', 'unwrapKey']
     };
-    setRsaParameters(importKeyRequest.key, getTestKey(suiteUtil));
-    client.importKey(keyId.vault, keyId.name, importKeyRequest, callback);
+    setRsaParameters(key, getTestKey(suiteUtil));
+    client.importKey(keyId.vault, keyId.name, key, callback);
   }
-  
-});
+
+  function cleanupCreatedKeys(callback) {
+
+    if (!suiteUtil.isMocked) {
+      client.getKeys(vaultUri, function (err, list) {
+        if (list && list.length !== 0) {
+          list.forEach(function (key) {
+            var id = KeyVault.parseKeyIdentifier(key.kid);
+            client.deleteKey(id.vault, id.name, function (err, bundle) { });
+          });
+        }
+        callback();;
+      });
+    }
+    else callback();
+  }
+});

test/services/keyVault/keyVault-secret-tests.js

@@ -21,6 +21,7 @@ var KeyVault = Testutil.libRequire('services/keyVault');
 var MockedTestUtils = require('../../framework/mocked-test-utils');
 var KvUtils = require('./kv-test-utils.js');
 var util = require('util');
+var should = require('should');
 
 var series = KvUtils.series;
 var assertExactly = KvUtils.assertExactly;
@@ -31,12 +32,12 @@ var random = KvUtils.getRandom();
 
 var vaultUri = process.env['AZURE_KV_VAULT'];
 if (!vaultUri) {
-    vaultUri = 'https://nodesdktest.vault.azure.net';
+    vaultUri = 'https://sdktestvault0511.vault.azure.net';
 }
 
 var SECRET_NAME = 'nodeSecret';
 var SECRET_VALUE = 'Pa$$w0rd';
-var LIST_TEST_SIZE = 5;
+var LIST_TEST_SIZE = 2;
 
 describe('Key Vault secrets', function () {
 
@@ -46,13 +47,15 @@ describe('Key Vault secrets', function () {
   before(function (done) {
     var credentials = new KeyVault.KeyVaultCredentials(KvUtils.authenticator);
     client = new KeyVault.KeyVaultClient(credentials);
-      
+
     suiteUtil = new MockedTestUtils(client, 'keyVault-secret-tests');
     suiteUtil.setupSuite(done);
   });
 
   after(function (done) {
-    suiteUtil.teardownSuite(done);
+    cleanupCreatedSecrets(function () {
+      suiteUtil.teardownSuite(done);
+    });
   });
 
   beforeEach(function (done) {
@@ -62,10 +65,10 @@ describe('Key Vault secrets', function () {
   afterEach(function (done) {
     suiteUtil.baseTeardownTest(done);
   });
-  
-  describe('identifier', function() {
-    it('should work', function(done) {
-      
+
+  describe('identifier', function () {
+    it('should work', function (done) {
+
       function assertMatch(vault, name, version, secretId) {
         assertExactly(util.format('%s/secrets/%s', vault, name), secretId.baseIdentifier);
         if (version) {
@@ -96,20 +99,22 @@ describe('Key Vault secrets', function () {
 
       verifyCreate(vaultUri, SECRET_NAME, null);
       verifyCreate(vaultUri, SECRET_NAME, '1234');
-      
+
       done();
-      
+
     });
   });
-  
+
   describe('CRUD operations', function () {
     it('should work', function (done) {
-      
+
+      this.timeout(10000);
+
       var createdBundle;
       var secretId;
 
       function createSecret(next) {
-        client.setSecret(vaultUri, SECRET_NAME, { value: SECRET_VALUE }, function(err, secretBundle) {
+        client.setSecret(vaultUri, SECRET_NAME, SECRET_VALUE, function (err, secretBundle) {
           if (err) throw err;
           validateSecretBundle(secretBundle, vaultUri, SECRET_NAME, SECRET_VALUE);
           createdBundle = secretBundle;
@@ -117,9 +122,9 @@ describe('Key Vault secrets', function () {
           next();
         });
       }
-      
+
       function getSecretWOVersion(next) {
-        client.getSecret(secretId.baseIdentifier, function(err, secretBundle) {
+        client.getSecret(secretId.baseIdentifier, function (err, secretBundle) {
           if (err) throw err;
           compareObjects(createdBundle, secretBundle);
           next();
@@ -127,7 +132,7 @@ describe('Key Vault secrets', function () {
       }
 
       function getSecretWithVersion(next) {
-        client.getSecret(secretId.identifier, function(err, secretBundle) {
+        client.getSecret(secretId.identifier, function (err, secretBundle) {
           if (err) throw err;
           compareObjects(createdBundle, secretBundle);
           next();
@@ -137,10 +142,10 @@ describe('Key Vault secrets', function () {
       function updateSecret(secretUri, next) {
         var updatingBundle = KvUtils.clone(createdBundle);
         updatingBundle.contentType = 'text/plain';
-        updatingBundle.attributes.exp = new Date('2050-02-02T08:00:00.000Z');
+        updatingBundle.attributes.expires = new Date('2050-02-02T08:00:00.000Z');
         updatingBundle.tags = { foo: random.hex(100) };
-        var request = { contentType: updatingBundle.contentType, attributes: updatingBundle.attributes, tags: updatingBundle.tags };
-        client.updateSecret(secretUri, request, function(err, secretBundle) {
+        var request = { contentType: updatingBundle.contentType, secretAttributes: updatingBundle.attributes, tags: updatingBundle.tags };
+        client.updateSecret(secretUri, request, function (err, secretBundle) {
           if (err) throw err;
           delete updatingBundle.value;
           updatingBundle.attributes.updated = secretBundle.attributes.updated;
@@ -149,17 +154,17 @@ describe('Key Vault secrets', function () {
           next();
         });
       }
-      
+
       function updateSecretWOVersion(next) {
         return updateSecret(secretId.baseIdentifier, next);
       }
-      
+
       function updateSecretWithVersion(next) {
         return updateSecret(secretId.identifier, next);
       }
 
       function deleteSecret(next) {
-        client.deleteSecret(secretId.vault, secretId.name, function(err, secretBundle) {
+        client.deleteSecret(secretId.vault, secretId.name, function (err, secretBundle) {
           if (err) throw err;
           compareObjects(createdBundle, secretBundle);
           next();
@@ -167,7 +172,7 @@ describe('Key Vault secrets', function () {
       }
 
       function getSecretReturnsNotFound(next) {
-        client.getSecret(secretId.baseIdentifier, function(err, secretBundle) {
+        client.getSecret(secretId.baseIdentifier, function (err, secretBundle) {
           if (!err || !err.code || err.code !== 'SecretNotFound' || !err.statusCode || err.statusCode !== 404) throw new Error('Unexpected error object: ' + JSON.stringify(err, null, ' '));
           next();
         });
@@ -181,15 +186,16 @@ describe('Key Vault secrets', function () {
         updateSecretWithVersion,
         deleteSecret,
         getSecretReturnsNotFound,
-        function () {done();}
-      ]);     
-      
+        function () { done(); }
+      ]);
+
     });
   });
 
-  // TODO: Disabled because intermittently fails due to throtlling. We need to have a better back-off handling here.
-  describe.skip('list', function() {
-    it('should work', function(done) {
+  describe('list', function () {
+    it('should work', function (done) {
+
+      this.timeout(100000);
 
       var maxSecrets = LIST_TEST_SIZE;
       var expected = {};
@@ -201,7 +207,7 @@ describe('Key Vault secrets', function () {
         var errorCount = 0;
 
         function createASecret() {
-          client.setSecret(vaultUri, SECRET_NAME + (secretCount+1), { value: SECRET_VALUE }, function(err, secretBundle) {
+          client.setSecret(vaultUri, SECRET_NAME + (secretCount + 1), SECRET_VALUE, function (err, secretBundle) {
             if (err && err.code == 'Throttled') {
               ++errorCount;
               return setTimeout(createASecret, errorCount * 2500);
@@ -223,23 +229,22 @@ describe('Key Vault secrets', function () {
 
       function listSecrets(next) {
         var currentResult;
-        client.getSecrets(vaultUri, null, function(err, result) {
+        client.getSecrets(vaultUri, { maxresults: LIST_TEST_SIZE }, function (err, result) {
           if (err) throw err;
-          //console.log('getSecrets: ' + JSON.stringify(result, null, ' '));
+          should(result.length).be.within(0, LIST_TEST_SIZE);
           validateSecretList(result, expected);
           currentResult = result;
           if (currentResult.nextLink) {
-            return getNextSecrets();
+            return getNextSecrets(currentResult.nextLink);
           }
           next();
-          
-          function getNextSecrets() {
-            client.getSecretsNext(currentResult.nextLink, function(err, result) {
+
+          function getNextSecrets(nextLink) {
+            client.getSecretsNext(nextLink, function (err, list) {
               if (err) throw err;
-              validateSecretList(result, expected);
-              currentResult = result;
-              if (currentResult.nextLink) {
-                return getNextSecrets();
+              validateSecretList(list, expected);
+              if (list.nextLink) {
+                return getNextSecrets(list.nextLink);
               }
               if (Object.keys(expected).length !== zeroCount) {
                 throw new Error('Not all secrets were returned: ' + JSON.stringify(Object.keys(expected), null, ' '));
@@ -247,48 +252,26 @@ describe('Key Vault secrets', function () {
               next();
             });
           }
-          
+
         });
       }
 
-      function deleteSecrets(next) {
-
-        var secretNum = 1;
-
-        function deleteASecret() {
-          client.deleteSecret(vaultUri, SECRET_NAME+secretNum, function(err, secretBundle) {
-            if (err) {
-              console.info('Unable to delete secret: ' + JSON.stringify(err));
-            }
-            ++secretNum;
-            if (secretNum <= maxSecrets) {
-              return deleteASecret();
-            }
-            next();
-          });
-        }
-
-        deleteASecret();
-      }
-
       series([
         createManySecrets,
         listSecrets,
-        deleteSecrets,
-        function() { 
-          if (!suiteUtil.isMocked) {
-            // Avoid being throttled in the next test.
-            setTimeout(function() {done();}, 5000); 
-          }
+        function () {
+          done();
         }
       ]);
 
     });
   });
 
-  // TODO: Disabled because intermittently fails due to throtlling. We need to have a better back-off handling here.
-  describe.skip('list versions', function() {
-    it('should work', function(done) {
+  describe('list versions', function () {
+    it('should work', function (done) {
+
+      this.timeout(10000);
+
 
       var maxSecrets = LIST_TEST_SIZE;
       var expected = {};
@@ -300,7 +283,7 @@ describe('Key Vault secrets', function () {
         var errorCount = 0;
 
         function createASecret() {
-          client.setSecret(vaultUri, SECRET_NAME, { value: SECRET_VALUE }, function(err, secretBundle) {
+          client.setSecret(vaultUri, SECRET_NAME, SECRET_VALUE, function (err, secretBundle) {
             if (err && err.code == 'Throttled') {
               ++errorCount;
               return setTimeout(createASecret, errorCount * 2500);
@@ -321,22 +304,21 @@ describe('Key Vault secrets', function () {
 
       function listSecretVersions(next) {
         var currentResult;
-        client.getSecretVersions(vaultUri, SECRET_NAME, null, function(err, result) {
+        client.getSecretVersions(vaultUri, SECRET_NAME, function (err, result) {
           if (err) throw err;
           validateSecretList(result, expected);
           currentResult = result;
           if (currentResult.nextLink) {
-            return getNextSecrets();
+            return getNextSecrets(currentResult.nextLink);
           }
           next();
-          
-          function getNextSecrets() {
-            client.getSecretVersionsNext(currentResult.nextLink, function(err, result) {
+
+          function getNextSecrets(nextList) {
+            client.getSecretVersionsNext(nextList, function (err, list) {
               if (err) throw err;
-              validateSecretList(result, expected);
-              currentResult = result;
-              if (currentResult.nextLink) {
-                return getNextSecrets();
+              validateSecretList(list, expected);
+              if (list.nextLink) {
+                return getNextSecrets(list.nextLink);
               }
               if (Object.keys(expected).length !== zeroCount) {
                 throw new Error('Not all secrets were returned: ' + JSON.stringify(Object.keys(expected), null, ' '));
@@ -344,32 +326,35 @@ describe('Key Vault secrets', function () {
               next();
             });
           }
-          
-        });
-      }
 
-      function deleteSecret(next) {
-        client.deleteSecret(vaultUri, SECRET_NAME, function(err, secretBundle) {
-          if (err) {
-            console.info('Unable to delete secret: ' + JSON.stringify(err));
-          }
-          next();
         });
       }
 
       series([
         createManySecretVersions,
         listSecretVersions,
-        deleteSecret,
-        function() { 
-          if (!suiteUtil.isMocked) {
-            // Avoid being throttled in the next test.
-            setTimeout(function() {done();}, 5000); 
-          }
+        function () {
+          done();
         }
       ]);
 
     });
   });
 
-});
+  function cleanupCreatedSecrets(callback) {
+
+    if (!suiteUtil.isMocked) {
+      client.getSecrets(vaultUri, function (err, list) {
+        if (list && list.length !== 0) {
+          list.forEach(function (secret) {
+            var id = KeyVault.parseSecretIdentifier(secret.id);
+            client.deleteSecret(id.vault, id.name, function (err, bundle) { });
+          });
+        }
+        callback();
+      });
+    }
+    else callback();
+  }
+
+});

test/services/keyVault/kv-test-utils.js

@@ -23,6 +23,7 @@ var Forge = require('node-forge');
 var BigInteger = Forge.jsbn.BigInteger;
 var Random = require('random-js');
 var util = require('util');
+var should = require('should');
 
 var exports = module.exports;
 
@@ -35,7 +36,7 @@ exports.authenticator = function(challenge, callback) {
   var clientId = process.env['AZURE_KV_CLIENT_ID'];
   var clientSecret = process.env['AZURE_KV_CLIENT_SECRET'];
   
-  if (!clientId) clientId = 'mocked';
+  if (!clientId) clientId = 'a2a96829-36de-4f0a-9b7b-c26a3377242e';
   if (!clientSecret) clientSecret = 'mocked';
 
   // Create a new authentication context.
@@ -112,11 +113,11 @@ function clone(obj) {
     return new Buffer(obj);
   }
   if (obj instanceof Object) {
-    if (obj instanceof KeyVault.JsonWebKey) result = new KeyVault.JsonWebKey();
+    if (obj instanceof KeyVault.Models.JsonWebKey) result = new KeyVault.Models.JsonWebKey();
     else
-    if (obj instanceof KeyVault.KeyAttributes) result = new KeyVault.KeyAttributes();
+    if (obj instanceof KeyVault.Models.KeyAttributes) result = new KeyVault.Models.KeyAttributes();
     else
-    if (obj instanceof KeyVault.SecretAttributes) result = new KeyVault.SecretAttributes();
+    if (obj instanceof KeyVault.Models.SecretAttributes) result = new KeyVault.Models.SecretAttributes();
     else
       result = {};
 
@@ -125,6 +126,7 @@ function clone(obj) {
         result[p] = clone(obj[p]);
       }
     }
+
     return result;
   }
   return obj;
@@ -169,7 +171,7 @@ exports.validateSecretBundle = function(bundle, vault, secretName, secretValue)
 };
 
 exports.validateSecretList = function(result, expected) {
-  var secrets = result.value;
+  var secrets = result;
   if (secrets && secrets.length) {
     for (var i = 0; i < secrets.length; ++i) {
       var secret = secrets[i];
@@ -183,7 +185,7 @@ exports.validateSecretList = function(result, expected) {
   }
 };
 
-exports.validateRsaKeyBundle = function(bundle, vault, keyName, kty, key_ops) {
+exports.validateRsaKeyBundle = function(bundle, vault, keyName, kty, keyOps) {
   var prefix = vault + '/keys/' + keyName + '/';
   var key = bundle.key;
   var kid = key.kid;
@@ -196,11 +198,11 @@ exports.validateRsaKeyBundle = function(bundle, vault, keyName, kty, key_ops) {
   if (!key.n || !key.e) {
     throw new Error('Bad RSA public material.');
   }
-  if (key_ops != null) {
-      var expected = JSON.stringify(key_ops);
-      var actual = JSON.stringify(key.key_ops);
+  if (keyOps != null) {
+      var expected = JSON.stringify(keyOps);
+      var actual = JSON.stringify(key.keyOps);
       if (actual !== expected) {
-        throw new Error(util.format('key_ops should be %s, but is %s.', expected, actual)); 
+        throw new Error(util.format('keyOps should be %s, but is %s.', expected, actual)); 
       }
   }
   var attributes = bundle.attributes;
@@ -210,7 +212,7 @@ exports.validateRsaKeyBundle = function(bundle, vault, keyName, kty, key_ops) {
 };
 
 exports.validateKeyList = function(result, expected) {
-  var keys = result.value;
+  var keys = result;
   if (keys && keys.length) {
     for (var i = 0; i < keys.length; ++i) {
       var key = keys[i];
@@ -224,6 +226,104 @@ exports.validateKeyList = function(result, expected) {
   }
 };
 
+exports.validateCertificateList = function (certificates, expected) {
+
+    if (certificates && certificates.length) {
+        certificates.forEach(function (certificate) {
+            KeyVault.parseCertificateIdentifier(certificate.id);
+            var attributes = expected[certificate.id];
+            if (attributes) {
+                exports.compareObjects(attributes, certificate.attributes);
+                delete expected[certificate.id];
+            }
+        });
+    }
+};
+
+exports.validateCertificateIssuerList = function (issuers, expected) {
+    
+    if (issuers && issuers.length) {
+        issuers.forEach(function (issuer) {
+            KeyVault.parseCertificateIdentifier(issuer.id);
+            var provider = expected[issuer.id];
+            if (provider) {
+                should(provider).be.exactly(issuer.provider);
+                delete expected[issuer.id];
+            }
+        });
+    }
+};
+
+exports.validateCertificateOperation = function (pendingCertificate, vault, certificateName, policy) {
+    var identifier = KeyVault.parseCertificateOperationIdentifier(pendingCertificate.id);
+    should(identifier.vault).be.exactly(vault);
+    should(identifier.name).be.exactly(certificateName);
+    should.exist(pendingCertificate);
+    should.exist(pendingCertificate.csr);
+    should(policy.issuerReference.name).be.exactly(pendingCertificate.issuerReference.name);
+};
+
+exports.validateCertificateBundle = function (bundle, vault, certificateName, policy) {
+    var identifier = KeyVault.parseCertificateIdentifier(bundle.id);
+    should(identifier.vault).be.exactly(vault);
+    should(identifier.name).be.exactly(certificateName);
+
+    should.exist(bundle);
+    should.exist(bundle.x509Thumbprint);
+    should.exist(bundle.policy);
+    should.exist(bundle.cer);
+    should.exist(bundle.attributes);
+    should.exist(bundle.policy.id);
+    should.exist(bundle.policy.issuerReference);
+    should.exist(bundle.policy.keyProperties);
+    should.exist(bundle.policy.secretProperties);
+    should.exist(bundle.policy.lifetimeActions);
+    should.exist(bundle.policy.x509CertificateProperties);
+    if (policy.secretProperties)
+        exports.compareObjects(policy.secretProperties, bundle.policy.secretProperties);    
+    if (policy.keyProperties)
+        exports.compareObjects(policy.keyProperties, bundle.policy.keyProperties);
+    if (policy.x509CertificateProperties && policy.x509CertificateProperties.validityInMonths)
+        should(policy.x509CertificateProperties.validityInMonths).be.exactly(bundle.policy.x509CertificateProperties.validityInMonths);
+
+    KeyVault.parseSecretIdentifier(bundle.sid);
+    KeyVault.parseKeyIdentifier(bundle.kid);
+};
+
+
+exports.validateIssuerBundle = function (bundle, vault, issuerName, expectedBundle) {
+    var identifier = KeyVault.parseIssuerIdentifier(bundle.id);
+    should(identifier.vault).be.exactly(vault);
+    should(identifier.name).be.exactly(issuerName);
+    
+    should.exist(bundle);
+    should.exist(bundle.attributes);
+    should.exist(bundle.organizationDetails);
+
+    should(bundle.provider).be.exactly(expectedBundle.provider);
+
+    if (expectedBundle.credentials)
+        should(bundle.credentials.accountId).be.exactly(expectedBundle.credentials.accountId);
+        
+    if (expectedBundle.organizationDetails)
+        exports.compareObjects(expectedBundle.organizationDetails, bundle.organizationDetails);
+};
+
+exports.validateCertificateContacts = function (contacts, vault, expectedContacts) {
+    var contactId = vault + '/certificates/contacts';
+    should(contactId).be.exactly(contacts.id);
+    should(expectedContacts.contactList.length).be.exactly(contacts.contactList.length);
+    
+    contacts.contactList.forEach(function (contact) {
+        var expectedContact = expectedContacts.contactList.find(function (element, index, array) {
+            if (element.emailAddress == contact.emailAddress)
+                return true;
+            return false;
+        });
+        exports.compareObjects(expectedContact, contact);
+    });
+};
+
 exports.getTestKey = function(suiteUtil) {  
   return getWellKnownKey();
 };
@@ -263,4 +363,4 @@ function bigIntegerToBuffer(n) {
     data = data.slice(leadingZeroes);
   }
   return new Buffer(data);
-}
+}

test/testlist.txt

@@ -15,8 +15,6 @@ common/storageservicesettings-tests.js
 serviceruntime/roleenvironment-tests.js
 serviceruntime/runtimeversionmanager-tests.js
 serviceruntime/runtimeversionprotocolclient-tests.js
-#services/keyVault/keyVault-key-tests.js
-#services/keyVault/keyVault-secret-tests.js
 services/blob/internal/sharedaccesssignature-tests.js
 services/blob/internal/sharedkey-tests.js
 services/blob/internal/sharedkeylite-tests.js

test/testlistarm.txt

@@ -20,4 +20,7 @@ services/servermanagement/servermanagement-tests.js
 services/notificationHubsManagement/namespace-tests.js
 services/notificationHubsManagement/notificationHub-tests.js
 services/devTestLabs/devTestLabsClient-tests.js
-services/iothub/iothubClient-tests.js
+services/iothub/iothubClient-tests.js
+services/keyVault/keyVault-key-tests.js
+services/keyVault/keyVault-secret-tests.js
+services/keyVault/keyVault-certificate-tests.js