1

I'm not sure if I am going mad or something has updated but this is the issue:

I am trying to upload private keys into Azure key vault (as secrets) from the Powershell CLI, which I have done many times before without a problem but now it doesn't work.

I start with the command az keyvault secret set --name my-secret-name --vault-name example_name --value "" and then copy and paste the PEM key from a SQL Server query, which has \r\n in it and paste it directly between the quotes in Powershell. By splitting the quotes, it is supposed to be permitted to cross multiple lines but what is happening is that as soon as it encounters the first \r\n, powershell is closing the quote so only the first line is submitted and uploaded to the key vault, the rest of the lines obviously produce syntax errors.

I have tried creating a variable directly like $something = "----BEGIN RSA PRIVATE KEY.." over several lines and also using the Secure-String method and both seem to work in that I can then write that back to the console but calling az keyvault secret passing it the variable instead seems to still break it and only send the first line again.

If I query some older keys, that were all uploaded from Powershell, they correctly contain the line endings which are rendered with az keyvault secret show as \r\n so it def should work.

Luke Briner
  • 708
  • 4
  • 21

1 Answers1

1

js2010 provided a crucial pointer in a comment:

On Windows, you must paste via Ctrl-V rather than via right-clicking in order for a multi-line string to be pasted correctly - see GitHub issue #579 for background information.

On Unix-like platforms, you may need to start with just the opening " (or, preferably in this case, ') before pasting - this will allow a multi-line string to be pasted without accidentally submitting the command with the first embedded newline.

  • After pasting, type the closing " (or ') and submit (by pressing Enter, as usual).

Important:

  • On Windows, if you pre-typed both the opening and the closing quote - "" or '', be sure to place the cursor between those quotes before pasting.

  • If the pasted string may contain the same kinds of quotes used as the delimiters, you must use the here-string-based approach instead - see the next section.

Use a here-string, if any of the following apply:

  • The pasted string itself contains quote characters that would interfere with using a regular "..." or '...' string.
  • You want to see the pasted string on its own block of lines.
  • You want to use right-click pasting on Windows.

Type the opening delimiter of a here-string - @" or @' - followed by pressing Enter before pasting.

In order to submit the pasted string you must then press Enter in order start a new line for the closing delimiter (on Windows, if you pasted via right-clicking, you'll have to scroll to the end of the last pasted line first), type that closing delimiter - "@ or '@ - and then press Enter again.

mklement0
  • 382,024
  • 64
  • 607
  • 775
  • I tried this and it behaves the same way. It is like as soon as Powershell encounters the first \r\n, it somehow closes the string. – Luke Briner Feb 25 '22 at 14:57
  • @LukeBriner, is this a regular, local PowerShell console session? What version? Does `Get-Module PSReadLine` indicate that the `PSReadLine` module is loaded? Have you tried with a _here-string_? – mklement0 Feb 25 '22 at 15:08
  • Yes, just a local console. PSReadLine is 2.0.0. I tried here-string but it had the same sort of problem – Luke Briner Feb 25 '22 at 17:32
  • js2010 is correct: Ctrl-V pasting must be used. Are you pasting by right-clicking? Please see my update. – mklement0 Feb 25 '22 at 17:33
  • @LukeBriner, I've updated the answer to hopefully paint the full picture. All these techniques work for me (WinPS 5.1 with PSReadLine 2.0, PowerShell (Core) 7.3.0-preview2 with PSReadLine 2.1, the latter also on macOS and Ubuntu). Please try the techniques exactly as described and if that still doesn't work, provide specific feedback. – mklement0 Feb 25 '22 at 18:24
  • Still not working. I am going to try and run up the app that would do this in code rather than powershell just to confirm there is nothing weird about this specific key. – Luke Briner Feb 28 '22 at 13:16
  • It works fine in the app and uploads correctly without any modification to the key but I still can't paste it. It isn't the end of the world but is still very confusing. – Luke Briner Feb 28 '22 at 13:22
  • @LukeBriner, mysterious indeed. The only other thing I can think of is to examine the pasted string for hidden control characters, but I'm not even sure their presence would explain the symptom. – mklement0 Feb 28 '22 at 13:44