Azure · gearama · Jul 6, 2022 · Apr 11, 2022 · Apr 11, 2022 · Apr 11, 2022
diff --git a/.vscode/cspell.json b/.vscode/cspell.json
@@ -110,6 +110,7 @@
     "sasia",
     "scus",
     "SDDL",
+    "sdpath",
     "serializers",
     "Seriot",
     "southcentralus",
@@ -123,9 +124,11 @@
     "unscoped",
     "unskipped",
     "UPNs",
+    "uaenorth",
     "usgov",
     "usgoviowa",
     "usgovvirginia",
+    "westcentralus",
     "vcpkg",
     "Viet",
     "Viktor",

diff --git a/cmake-modules/FolderList.cmake b/cmake-modules/FolderList.cmake
@@ -2,15 +2,15 @@ macro(GetFolderList project)
     message ("project found ${project}")
     message ("FLAG VALUE : ${FETCH_SOURCE_DEPS}")
     if(${project} STREQUAL CERTIFICATES)
-        DownloadDepVersion(sdk/core azure-core 1.2.0)
+        DownloadDepVersion(sdk/core azure-core 1.5.0)
         DownloadDepVersion(sdk/identity azure-identity 1.1.0)
     elseif(${project} STREQUAL IDENTITY)
         DownloadDepVersion(sdk/core azure-core 1.2.0)
     elseif(${project} STREQUAL SECRETS)
-        DownloadDepVersion(sdk/core azure-core 1.2.0)
+        DownloadDepVersion(sdk/core azure-core 1.5.0)
         DownloadDepVersion(sdk/identity azure-identity 1.1.0)
     elseif(${project} STREQUAL KEYS)
-        DownloadDepVersion(sdk/core azure-core 1.2.0)
+        DownloadDepVersion(sdk/core azure-core 1.5.0)
         DownloadDepVersion(sdk/identity azure-identity 1.1.0)
     elseif(${project} STREQUAL STORAGE_COMMON)
         DownloadDepVersion(sdk/core azure-core 1.5.0)

@@ -49,8 +49,14 @@ parameters:
   default:
     Public:
       SubscriptionConfiguration: $(sub-config-azure-cloud-test-resources)
+      # TODO: Migrate location override into azure-sdk-tools eng/common
+      # See https://github.com/Azure/azure-sdk-tools/issues/3398
+      Location: 'westus'
     Preview:
       SubscriptionConfiguration: $(sub-config-azure-cloud-test-resources-preview)
+      # TODO: Migrate location override into azure-sdk-tools eng/common
+      # See https://github.com/Azure/azure-sdk-tools/issues/3398
+      Location: 'westus'
     Canary:
       SubscriptionConfiguration: $(sub-config-azure-cloud-test-resources)
       Location: 'eastus2euap'

@@ -128,12 +128,14 @@
                     "RunSamples": 1,
                     "WindowsCtestConfig": "-C Release"
                 },
-                "Win_x64_with_unit_test_libcurl": {
-                    "VCPKG_DEFAULT_TRIPLET": "x64-windows-static",
-                    "CMAKE_GENERATOR_PLATFORM": "x64",
-                    "CmakeArgs": " -DBUILD_TRANSPORT_CURL=ON -DBUILD_TESTING=ON -DRUN_LONG_UNIT_TESTS=ON -DBUILD_PERFORMANCE_TESTS=ON -DMSVC_USE_STATIC_CRT=ON ",
-                    "BuildArgs": "-v --parallel 8 --config Release",
-                    "WindowsCtestConfig": "-C Release"
+            "HSM_Win_x64_with_unit_test_libcurl": {
+                  "VCPKG_DEFAULT_TRIPLET": "x64-windows-static",
+                  "CMAKE_GENERATOR_PLATFORM": "x64",
+                  "CmakeArgs": " -DBUILD_TRANSPORT_CURL=ON -DBUILD_TESTING=ON -DRUN_LONG_UNIT_TESTS=ON -DBUILD_PERFORMANCE_TESTS=ON -DMSVC_USE_STATIC_CRT=ON ",
+                  "BuildArgs": "-v --parallel 8 --config Release",
+                  "WindowsCtestConfig": "-C Release",
+                  "KVLocation": "eastus2",
+                  "EnableHSM": 1
                 },
                 "Win_x64_with_unit_samples_libcurl": {
                     "VcpkgInstall": "curl[winssl] openssl",

@@ -177,6 +177,30 @@ namespace Azure { namespace Core { namespace Test {
       return Azure::Core::_internal::StringExtensions::ToLower(testName);
     }
 
+    /**
+     * @brief Get test name with suffix if ENV variable is set.
+     *
+     * @param sanitize Sanitize the input and remove special characters. Default true.
+     * @param suffixEnvName Env variable containing the suffix. Default AZURE_LIVE_TEST_SUFFIX.
+     *
+     * @returns Test name.
+     */
+    std::string GetTestNameSuffix(
+        bool sanitize = true,
+        std::string suffixEnvName = "AZURE_LIVE_TEST_SUFFIX")
+    {
+      std::string baseValue = Azure::Core::Test::TestBase::GetTestName(sanitize);
+
+      std::string suffix = Azure::Core::_internal::Environment::GetVariable(suffixEnvName.c_str());
+
+      if (suffix.length() > 0)
+      {
+        baseValue = "-" + suffix;
+      }
+
+      return baseValue;
+    }
+
     // Creates the sdk client for testing.
     // The client will be set for record and playback before it is created.
     Azure::Core::Credentials::TokenCredentialOptions GetTokenCredentialOptions()

@@ -55,8 +55,8 @@ stages:
         - Name: AZURE_KEYVAULT_URL
           Value: "https://non-real-account.vault.azure.net"
         - Name: AZURE_KEYVAULT_HSM_URL
-          Value: "https://non-real-account.vault.azure.net"
-# Key Vault & Identity
+          Value: "https://non-real-account.managedhsm.azure.net/"
+# Key Vault & Identity 
         - Name: AZURE_TENANT_ID
           Value: "33333333-3333-3333-3333-333333333333"
         - Name: AZURE_CLIENT_ID

@@ -4,11 +4,13 @@
 
 ### Features Added
 
-### Breaking Changes
+- Keyvault 7.3 support added for Certificates.
 
-### Bugs Fixed
+## 4.0.0 (2022-06-07)
 
-### Other Changes
+### Breaking Changes
+
+- Renamed `keyvault_certificates.hpp` to `certificates.hpp`.
 
 ## 4.0.0 (2022-06-07)
 

@@ -40,9 +40,9 @@ if(FETCH_SOURCE_DEPS)
         add_subdirectory(${oneFolder} EXCLUDE_FROM_ALL)
     endforeach()
 elseif(NOT AZ_ALL_LIBRARIES)
-  find_package(azure-core-cpp "1.2.0" CONFIG QUIET)
+  find_package(azure-core-cpp "1.5.0" CONFIG QUIET)
   if(NOT azure-core-cpp_FOUND)
-    find_package(azure-core-cpp "1.2.0" REQUIRED)
+    find_package(azure-core-cpp "1.5.0" REQUIRED)
   endif()
 endif()
 

@@ -440,8 +440,10 @@ namespace Azure { namespace Security { namespace KeyVault { namespace Certificat
      * @brief Imports a certificate into a specified key vault.
      *
      * @details Imports an existing valid certificate, containing a private key, into Azure Key
-     * Vault. The certificate to be imported can be in either PFX or PEM format. If the certificate
-     * is in PEM format the PEM file must contain the key as well as x509 certificates.
+     * Vault. This operation requires the certificates/import permission. The certificate to be
+     * imported can be in either PFX or PEM format. If the certificate is in PEM format the PEM file
+     * must contain the key as well as x509 certificates. Key Vault will only accept a key in PKCS#8
+     * format.
      *
      * @remark This operation requires the certificates/import permission.
      *

@@ -18,59 +18,23 @@
 
 namespace Azure { namespace Security { namespace KeyVault { namespace Certificates {
 
-  /**
-   * @brief The API version to use from Key Vault.
-   *
-   */
-  class ServiceVersion final {
-  private:
-    std::string m_version;
-
-  public:
-    /**
-     * @brief Construct a new Service Version object
-     *
-     * @param version The string version for the Key Vault Certificate service.
-     */
-    ServiceVersion(std::string version) : m_version(std::move(version)) {}
-
-    /**
-     * @brief Enable comparing the ext enum.
-     *
-     * @param other Another #ServiceVersion to be compared.
-     */
-    bool operator==(ServiceVersion const& other) const { return m_version == other.m_version; }
-
-    /**
-     * @brief Return the #ServiceVersion string representation.
-     *
-     */
-    std::string const& ToString() const { return m_version; }
-
-    /**
-     * @brief Use to send request to the 7.2 version of Key Vault service.
-     *
-     */
-    AZ_SECURITY_KEYVAULT_CERTIFICATES_DLLEXPORT static const ServiceVersion V7_2;
-  };
-
   /**
    * @brief Define the options to create an SDK Certificate client.
    *
    */
   struct CertificateClientOptions final : public Azure::Core::_internal::ClientOptions
   {
-    ServiceVersion Version;
+    /**
+     * @brief Service Version used.
+     *
+     */
+    std::string Version;
 
     /**
      * @brief Construct a new Certificate Client Options object.
      *
-     * @param version Optional version for the client.
      */
-    CertificateClientOptions(ServiceVersion version = ServiceVersion::V7_2)
-        : Azure::Core::_internal::ClientOptions(), Version(version)
-    {
-    }
+    CertificateClientOptions() : Azure::Core::_internal::ClientOptions() { Version = "7.3"; }
   };
 
 }}}} // namespace Azure::Security::KeyVault::Certificates
@@ -66,9 +66,9 @@ CertificateClient::CertificateClient(
     std::string const& vaultUrl,
     std::shared_ptr<Core::Credentials::TokenCredential const> credential,
     CertificateClientOptions options)
-    : m_vaultUrl(vaultUrl), m_apiVersion(options.Version.ToString())
+    : m_vaultUrl(vaultUrl), m_apiVersion(options.Version)
 {
-  auto apiVersion = options.Version.ToString();
+  auto apiVersion = options.Version;
 
   std::vector<std::unique_ptr<HttpPolicy>> perRetrypolicies;
   {
@@ -493,5 +493,3 @@ Azure::Response<KeyVaultCertificate> CertificateClient::UpdateCertificatePropert
   auto value = KeyVaultCertificateSerializer::Deserialize(certificateName, *rawResponse);
   return Azure::Response<KeyVaultCertificate>(std::move(value), std::move(rawResponse));
 }
-
-const ServiceVersion ServiceVersion::V7_2("7.2");
@@ -84,6 +84,14 @@ namespace Azure {
     }
 
   public:
+    // Reads the current test instance name.
+    // Name gets also sanitized (special chars are removed) to avoid issues when recording or
+    // creating. This also return the name with suffix if the "AZURE_LIVE_TEST_SUFFIX" exists.
+    std::string GetTestName(bool sanitize = true)
+    {
+      return Azure::Core::Test::TestBase::GetTestNameSuffix(sanitize);
+    }
+
     template <class T>
     static inline void CheckValidResponse(
         Azure::Response<T>& response,

@@ -888,3 +888,22 @@ TEST_F(KeyVaultCertificateClientTest, DISABLED_MergeCertificate)
     }
   }
 }
+
+TEST_F(KeyVaultCertificateClientTest, ServiceVersion)
+{
+  auto credential
+      = std::make_shared<Azure::Identity::ClientSecretCredential>("tenantID", "AppId", "SecretId");
+  {
+    // 7.3
+    EXPECT_NO_THROW(auto options = CertificateClientOptions(); CertificateClient certificateClient(
+                        "http://account.vault.azure.net", credential, options);
+                    EXPECT_EQ(options.Version, "7.3"););
+  }
+  {
+    // arbitrary version
+    EXPECT_NO_THROW(
+        auto options = CertificateClientOptions(); options.Version = "1.0";
+        CertificateClient certificateClient("http://account.vault.azure.net", credential, options);
+        EXPECT_EQ(options.Version, "1.0"););
+  }
+}
@@ -15,7 +15,7 @@
         "content-type": "application/json; charset=utf-8",
         "date": "Thu, 04 Nov 2021 20:50:19 GMT",
         "expires": "-1",
-        "location": "https://REDACTED.vault.azure.net/certificates/BackupRestoreCertificate/pending?api-version=7.2&request_id=3cfb9101c7564c10aecea528cf7cfd2b",
+        "location": "https://REDACTED.vault.azure.net/certificates/BackupRestoreCertificate/pending?api-version=7.3&request_id=3cfb9101c7564c10aecea528cf7cfd2b",
         "pragma": "no-cache",
         "retry-after": "10",
         "strict-transport-security": "max-age=31536000;includeSubDomains",
@@ -27,7 +27,7 @@
         "x-ms-request-id": "d16cb002-79c3-4f0a-b137-e396c501ad30",
         "x-powered-by": "ASP.NET"
       },
-      "Url": "https://REDACTED.vault.azure.net/certificates/BackupRestoreCertificate/create?api-version=7.2"
+      "Url": "https://REDACTED.vault.azure.net/certificates/BackupRestoreCertificate/create?api-version=7.3"
     },
     {
       "Headers": {
@@ -55,7 +55,7 @@
         "x-ms-request-id": "ca4201e0-ba70-4b7e-aed7-0c65e8023441",
         "x-powered-by": "ASP.NET"
       },
-      "Url": "https://REDACTED.vault.azure.net/certificates/BackupRestoreCertificate/pending?api-version=7.2"
+      "Url": "https://REDACTED.vault.azure.net/certificates/BackupRestoreCertificate/pending?api-version=7.3"
     },
     {
       "Headers": {
@@ -82,7 +82,7 @@
         "x-ms-request-id": "715c17a8-3473-46ce-adc5-87b01dc4b7df",
         "x-powered-by": "ASP.NET"
       },
-      "Url": "https://REDACTED.vault.azure.net/certificates/BackupRestoreCertificate/pending?api-version=7.2"
+      "Url": "https://REDACTED.vault.azure.net/certificates/BackupRestoreCertificate/pending?api-version=7.3"
     },
     {
       "Headers": {
@@ -109,7 +109,7 @@
         "x-ms-request-id": "1396e2ed-d3a6-4413-84de-e70144b46a97",
         "x-powered-by": "ASP.NET"
       },
-      "Url": "https://REDACTED.vault.azure.net/certificates/BackupRestoreCertificate?api-version=7.2"
+      "Url": "https://REDACTED.vault.azure.net/certificates/BackupRestoreCertificate?api-version=7.3"
     },
     {
       "Headers": {
@@ -136,7 +136,7 @@
         "x-ms-request-id": "f6ad775e-ab79-462b-9d9f-d1ae4631fc43",
         "x-powered-by": "ASP.NET"
       },
-      "Url": "https://REDACTED.vault.azure.net/certificates/BackupRestoreCertificate/backup?api-version=7.2"
+      "Url": "https://REDACTED.vault.azure.net/certificates/BackupRestoreCertificate/backup?api-version=7.3"
     },
     {
       "Headers": {
@@ -163,7 +163,7 @@
         "x-ms-request-id": "b761851a-58a0-4528-89bd-007797960b6e",
         "x-powered-by": "ASP.NET"
       },
-      "Url": "https://REDACTED.vault.azure.net/certificates/BackupRestoreCertificate?api-version=7.2"
+      "Url": "https://REDACTED.vault.azure.net/certificates/BackupRestoreCertificate?api-version=7.3"
     },
     {
       "Headers": {
@@ -190,7 +190,7 @@
         "x-ms-request-id": "ec4ff08f-4e2f-49a7-8160-151b568a0e77",
         "x-powered-by": "ASP.NET"
       },
-      "Url": "https://REDACTED.vault.azure.net/deletedcertificates/BackupRestoreCertificate?api-version=7.2"
+      "Url": "https://REDACTED.vault.azure.net/deletedcertificates/BackupRestoreCertificate?api-version=7.3"
     },
     {
       "Headers": {
@@ -217,7 +217,7 @@
         "x-ms-request-id": "3d6c9538-c07c-43d0-89b4-211c07c342f9",
         "x-powered-by": "ASP.NET"
       },
-      "Url": "https://REDACTED.vault.azure.net/deletedcertificates/BackupRestoreCertificate?api-version=7.2"
+      "Url": "https://REDACTED.vault.azure.net/deletedcertificates/BackupRestoreCertificate?api-version=7.3"
     },
     {
       "Headers": {
@@ -242,7 +242,7 @@
         "x-ms-request-id": "84d82ad6-89bf-4378-a194-895a49271cf5",
         "x-powered-by": "ASP.NET"
       },
-      "Url": "https://REDACTED.vault.azure.net/deletedcertificates/BackupRestoreCertificate?api-version=7.2"
+      "Url": "https://REDACTED.vault.azure.net/deletedcertificates/BackupRestoreCertificate?api-version=7.3"
     },
     {
       "Headers": {
@@ -269,7 +269,7 @@
         "x-ms-request-id": "1cacb00a-ad4c-4fc9-a546-b1d44e4002b1",
         "x-powered-by": "ASP.NET"
       },
-      "Url": "https://REDACTED.vault.azure.net/certificates/restore?api-version=7.2"
+      "Url": "https://REDACTED.vault.azure.net/certificates/restore?api-version=7.3"
     }
   ]
 }