Skip to content

Latest commit

 

History

History
42 lines (32 loc) · 1.88 KB

Readme.md

File metadata and controls

42 lines (32 loc) · 1.88 KB

Azure KeyVault signing

This component will calculate SHA-hash for your message and then sign that with Azure KeyVault.

Pre-conditions:

  • Install Azure CLI:
 powershell Invoke-WebRequest -Uri https://aka.ms/installazurecliwindows -OutFile .\AzureCLI.msi; Start-Process msiexec.exe -Wait -ArgumentList '/I AzureCLI.msi /quiet'; rm .\AzureCLI.msi

Then just reference this library and call:

KeyVault.sign "keyvault" "certificateName" "Hello world!"

By default the library uses SHA256 and UTF8, but you can modify that, and change the Azure authentication:

KeyVault.configureAlgorithm <- KeyVault.Algorithms.SHA384
KeyVault.configureEncoding <- System.Text.Encoding.Unicode
let changeDefaultCredentials =
    KeyVault.configureAzureCredentials <- fun() ->
        Azure.Identity.DefaultAzureCredential (
            Azure.Identity.DefaultAzureCredentialOptions (
                    //ExcludeEnvironmentCredential = true
                    //,ExcludeManagedIdentityCredential = true
                    ExcludeSharedTokenCacheCredential = true
                    ,ExcludeVisualStudioCredential = true
                    //,ExcludeVisualStudioCodeCredential = true
                    //,ExcludeAzureCliCredential = true
                    //,ExcludeInteractiveBrowserCredential = true
                ))