Microsoft Azure Key Vault SDK for Java

This is the Microsoft Azure Key Vault client library which allows for the consumption of Key Vault services. Azure Key Vault helps safeguard cryptographic keys and secrets used by cloud applications and services. By using Key Vault, you can encrypt keys and secrets (such as authentication keys, storage account keys, data encryption keys, .PFX files, and passwords) using keys protected by hardware security modules (HSMs). For added assurance, you can import or generate keys in HSMs. If you choose to do this, Microsoft processes your keys in FIPS 140-2 Level 2 validated HSMs (hardware and firmware). Key Vault streamlines the key management process and enables you to maintain control of keys that access and encrypt your data. Developers can create keys for development and testing in minutes, and then seamlessly migrate them to production keys. Security administrators can grant (and revoke) permission to keys, as needed. For more information refer to What is Key Vault? or Getting Started.

Documentation for this SDK can be found at Azure Key Vault Java Documentation

Getting started

To get started with a specific library, see the README.md file located in the library's project folder. You can find service libraries in the /sdk/keyvault/azure-security-keyvault-<subcomponent> directory.

• Azure Keyvault Keys README
• Azure Keyvault Certificates README
• Azure Keyvault Secrets README

Sample code

You can find sample code that illustrates key vault usage scenarios here.

Category	Samples
Authentication	Authenticating with a service principal and a self-signed certificate Authenticating with ADAL through a callback Authenticating with a .pfx file
Vault Management	Creating a vault Creating a vault with access restrictions based on IP and Azure Virtual Networks
Secret Management	Putting keys and secrets into a vault Signing Verification of signature with both Java Security and Azure Key Vault REST Injecting a .pfx file into a VM at deployment using a template Using the soft delete and backup restore features Managing storage accounts

For more information on using Java with Azure, see here

Download

To get the binaries of this library as distributed by Microsoft, ready for use within your project, you can use Maven. Add the following fragment to you POM's dependencies.

<dependency>
    <groupId>com.microsoft.azure</groupId>
    <artifactId>azure-keyvault-complete</artifactId>
    <version>1.2.3</version>
    <type>pom</type>
</dependency>

Pre-requisites

• A Java Developer Kit (JDK), v 1.7 or later
• Maven

Building and Testing

Clone the repo, then run mvn compile from the root directory.

To run the recorded tests:

1. If you have not already, you need to install the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files package.
2. run mvn jetty:run to start a jetty server. This starts a service that will block the terminal so you will likely want to open a second terminal to run the actual tests.
3. In your second terminal run mvn test.

Contributing

If you would like to become an active contributor to this project please follow the instructions provided in Microsoft Azure Projects Contribution Guidelines.

1. Fork it
2. Create your feature branch (git checkout -b my-new-feature)
3. Commit your changes (git commit -am 'Add some feature')
4. Push to the branch (git push origin my-new-feature)
5. Create new Pull Request

Previous Versions

Version	Comments
1.1.2	Version 1.1.2 release
1.1.1	Version 1.1.1 release
1.1	Version 1.1 release
1.1-beta-1	Version 1.1.0 beta release
1.1-alpha-2	Version 1.1.0 alpha release
1.0.0	Version 1.0.0 release

More information

• Azure Key Vault Java Documentation
• What is Key Vault?
• Get started with Azure Key Vault
• Azure Key Vault General Documentation
• Azure Key Vault REST API Reference
• Azure Active Directory Documenation