Skip to content

[KeyVault] az keyvault key import: Support --curve parameter for importing BYOK keys #16593

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
houk-ms merged 3 commits into from
Jan 22, 2021
Merged

[KeyVault] az keyvault key import: Support --curve parameter for importing BYOK keys #16593

houk-ms merged 3 commits into from
Jan 22, 2021

Conversation

@houk-ms
Copy link
Contributor

@houk-ms houk-ms commented Jan 20, 2021

Description

Testing Guide

This PR fixes https://github.com/Azure/azure-cli-pr/issues/121

It provides the --curve paramter in az keyvault key import command.

--curve          : The curve name of the key to import (only for BYOK).  Allowed values:
                   P-256, P-256K, P-384, P-521.

The command below could be used for key importing after the fix.

az keyvault key import --vault-name MyVault --name KeyName --byok-file BYOKFilePath --kty EC --curve P-256

The behavior of --kty and --curve paramters.

  • --kty has the default value RSA
  • --curve should be specified together with --kty EC

History Notes

[Component Name 1] BREAKING CHANGE: az command a: Make some customer-facing breaking change.
[Component Name 2] az command b: Add some customer-facing feature.

This checklist is used to make sure that common guidelines for a pull request are followed.

@houk-ms houk-ms requested a review from yungezz January 20, 2021 04:51
@houk-ms houk-ms self-assigned this Jan 20, 2021
@houk-ms houk-ms changed the title [KeyVault] Support --curve parameter in az keyvault key import [KeyVault] az keyvault key import: Support --curve parameter for importing BYOK keys Jan 20, 2021
@yungezz yungezz added the KeyVault az keyvault label Jan 20, 2021
yungezz
yungezz reviewed Jan 20, 2021
View reviewed changes
qwordy
qwordy reviewed Jan 20, 2021
View reviewed changes
src/azure-cli/azure/cli/command_modules/keyvault/_validators.py
kty = getattr(ns, 'kty', None)
crv = getattr(ns, 'curve', None)

if (kty == 'EC' and crv is None) or (kty != 'EC' and crv):
Copy link
Member

@qwordy qwordy Jan 20, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

add a lower()?

Copy link
Contributor Author

@houk-ms houk-ms Jan 20, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We don't accept the lower case, it also applies to other existing commands.

@houk-ms houk-ms merged commit 58a247f into Azure:dev Jan 22, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@fengzhou-msft fengzhou-msft Awaiting requested review from fengzhou-msft

2 more reviewers

@qwordy qwordy qwordy approved these changes

@yungezz yungezz yungezz approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@houk-ms houk-ms

Labels

KeyVault az keyvault

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@houk-ms @qwordy @yungezz