MR
Mayur Rathi
@mayurrathi
⭐ 5 GitHub stars

Azure Security Keyvault Keys Java

Azure Key Vault Keys Java SDK for cryptographic key management. Use when creating, managing, or using RSA/EC keys, performing encrypt/decrypt/sign/verify operations, or working with HSM-backed keys.

mkdir -p ./skills/azure-security-keyvault-keys-java && curl -sfL https://raw.githubusercontent.com/mayurrathi/awesome-agent-skills/main/skills/azure-security-keyvault-keys-java/SKILL.md -o ./skills/azure-security-keyvault-keys-java/SKILL.md

Run in terminal / PowerShell. Requires curl (Unix) or PowerShell 5+ (Windows).

Skill Content

# Azure Key Vault Keys (Java)


Manage cryptographic keys and perform cryptographic operations in Azure Key Vault and Managed HSM.


Installation


```xml

<dependency>

<groupId>com.azure</groupId>

<artifactId>azure-security-keyvault-keys</artifactId>

<version>4.9.0</version>

</dependency>

```


Client Creation


```java

import com.azure.security.keyvault.keys.KeyClient;

import com.azure.security.keyvault.keys.KeyClientBuilder;

import com.azure.security.keyvault.keys.cryptography.CryptographyClient;

import com.azure.security.keyvault.keys.cryptography.CryptographyClientBuilder;

import com.azure.identity.DefaultAzureCredentialBuilder;


// Key management client

KeyClient keyClient = new KeyClientBuilder()

.vaultUrl("https://<vault-name>.vault.azure.net")

.credential(new DefaultAzureCredentialBuilder().build())

.buildClient();


// Async client

KeyAsyncClient keyAsyncClient = new KeyClientBuilder()

.vaultUrl("https://<vault-name>.vault.azure.net")

.credential(new DefaultAzureCredentialBuilder().build())

.buildAsyncClient();


// Cryptography client (for encrypt/decrypt/sign/verify)

CryptographyClient cryptoClient = new CryptographyClientBuilder()

.keyIdentifier("https://<vault-name>.vault.azure.net/keys/<key-name>/<key-version>")

.credential(new DefaultAzureCredentialBuilder().build())

.buildClient();

```


Key Types


| Type | Description |

|------|-------------|

| `RSA` | RSA key (2048, 3072, 4096 bits) |

| `RSA_HSM` | RSA key in HSM |

| `EC` | Elliptic Curve key |

| `EC_HSM` | Elliptic Curve key in HSM |

| `OCT` | Symmetric key (Managed HSM only) |

| `OCT_HSM` | Symmetric key in HSM |


Create Keys


Create RSA Key


```java

import com.azure.security.keyvault.keys.models.*;


// Simple RSA key

KeyVaultKey rsaKey = keyClient.createRsaKey(new CreateRsaKeyOptions("my-rsa-key")

.setKeySize(2048));


System.out.println("Key name: " + rsaKey.getName());

System.out.println("Key ID: " + rsaKey.getId());

System.out.println("Key type: " + rsaKey.getKeyType());


// RSA key with options

KeyVaultKey rsaKeyWithOptions = keyClient.createRsaKey(new CreateRsaKeyOptions("my-rsa-key-2")

.setKeySize(4096)

.setExpiresOn(OffsetDateTime.now().plusYears(1))

.setNotBefore(OffsetDateTime.now())

.setEnabled(true)

.setKeyOperations(KeyOperation.ENCRYPT, KeyOperation.DECRYPT,

KeyOperation.WRAP_KEY, KeyOperation.UNWRAP_KEY)

.setTags(Map.of("environment", "production")));


// HSM-backed RSA key

KeyVaultKey hsmKey = keyClient.createRsaKey(new CreateRsaKeyOptions("my-hsm-key")

.setKeySize(2048)

.setHardwareProtected(true));

```


Create EC Key


```java

// EC key with P-256 curve

KeyVaultKey ecKey = keyClient.createEcKey(new CreateEcKeyOptions("my-ec-key")

.setCurveName(KeyCurveName.P_256));


// EC key with other curves

KeyVaultKey ecKey384 = keyClient.createEcKey(new CreateEcKeyOptions("my-ec-key-384")

.setCurveName(KeyCurveName.P_384));


KeyVaultKey ecKey521 = keyClient.createEcKey(new CreateEcKeyOptions("my-ec-key-521")

.setCurveName(KeyCurveName.P_521));


// HSM-backed EC key

KeyVaultKey ecHsmKey = keyClient.createEcKey(new CreateEcKeyOptions("my-ec-hsm-key")

.setCurveName(KeyCurveName.P_256)

.setHardwareProtected(true));

```


Create Symmetric Key (Managed HSM only)


```java

KeyVaultKey octKey = keyClient.createOctKey(new CreateOctKeyOptions("my-symmetric-key")

.setKeySize(256)

.setHardwareProtected(true));

```


Get Key


```java

// Get latest version

KeyVaultKey key = keyClient.getKey("my-key");


// Get specific version

KeyVaultKey keyVersion = keyClient.getKey("my-key", "<version-id>");


// Get only key properties (no key material)

KeyProperties keyProps = keyClient.getKey("my-key").getProperties();

```


Update Key Properties


```java

KeyVaultKey key = keyClient.getKey("my-key");


// Update properties

key.getProperties()

.setEnabled(false)

.setExpiresOn(OffsetDateTime.now().plusMonths(6))

.setTag

🎯 Best For

  • Security auditors
  • DevSecOps teams
  • Compliance officers
  • Claude users
  • Software engineers

💡 Use Cases

  • Auditing dependencies for known CVEs
  • Scanning API endpoints for auth gaps
  • Code quality improvement
  • Best practice enforcement

📖 How to Use This Skill

  1. 1

    Install the Skill

    Copy the install command from the Terminal tab and run it. The SKILL.md file downloads to your local skills directory.

  2. 2

    Load into Your AI Assistant

    Open Claude and reference the skill. Paste the SKILL.md content or use the system prompt tab.

  3. 3

    Apply Azure Security Keyvault Keys Java to Your Work

    Open your project in the AI assistant and ask it to apply the skill. Start with a small module to verify the output quality.

  4. 4

    Review and Refine

    Review AI suggestions before committing. Run tests, check for regressions, and iterate on the skill output.

❓ Frequently Asked Questions

Can this replace a dedicated SAST tool?

AI-based security review is complementary to SAST tools. Use it as a first-pass filter, not a replacement.

Is Azure Security Keyvault Keys Java compatible with Cursor and VS Code?

Yes — this skill works with any AI coding assistant including Cursor, VS Code with Copilot, and JetBrains IDEs.

Do I need specific dependencies for Azure Security Keyvault Keys Java?

Check the install command and Works With section. Most code skills only require the AI assistant and your codebase.

How do I install Azure Security Keyvault Keys Java?

Copy the install command from the Terminal tab and run it. The skill downloads to ./skills/azure-security-keyvault-keys-java/SKILL.md, ready to use.

Can I customize this skill for my team?

Absolutely. Edit the SKILL.md file to add team-specific instructions, examples, or workflows.

⚠️ Common Mistakes to Avoid

Only scanning surface-level issues

Deep security review requires understanding your app architecture, not just regex patterns.

Skipping validation

Always test AI-generated code changes, even for simple refactors.

Missing dependency updates

Check if the skill requires updated dependencies or new packages.

🔗 Related Skills

api-fuzzing-bug-bounty Api Fuzzing Bug Bountyapi-security-testing Api Security Testingattack-tree-construction Attack Tree Constructionaws-penetration-testing Aws Penetration Testingazure-security-keyvault-keys-dotnet Azure Security Keyvault Keys Dotnetazure-security-keyvault-secrets-java Azure Security Keyvault Secrets Java

📎 Related Skills

Api Fuzzing Bug Bounty
Api Security Testing
Attack Tree Construction
Aws Penetration Testing
Azure Security Keyvault Keys Dotnet
Azure Security Keyvault Secrets Java

📦 Source

mayurrathi/awesome-agent-skills

🛠️ Works With

Claude