[KeyVault]Change encoding way from ASCII/Default to UTF8 (#21753)

* [KeyVault]Change encoding way from ASCII/Default to UTF8

* Update Invoke-AzKeyVaultKeyOperation.md

* [KeyVault]Change encoding way from ASCII/Default to UTF8 for MHSM

* Remove breaking change message

* Update ChangeLog.md

* Update ChangeLog.md

* Update ChangeLog.md

* Remove RawResult

* Remove RawResult from help file

* Update Invoke-AzKeyVaultKeyOperation.md

Author: BethanyZhou

src/KeyVault/KeyVault/ChangeLog.md

@@ -18,10 +18,12 @@
         - Additional information about change #1
 -->
 ## Upcoming Release
+* Changed the encoding way from a string into byte array in `Invoke-AzKeyVaultKeyOperation` from ASCII to UTF8. UTF8 is backward-compatible with ASCII. [#21269]
+* Bug fix: Changed the decoding way from byte array into a string from system default encoding to UTF8 to match encoding way. [#21269]
 * Added parameter `PolicyPath` and `PolicyObject` in `Import-AzKeyVaultCertificate` to support custom policy [#20780]
 
 ## Version 4.9.3
-* Added breaking changes for `Invoke-AzKeyVaultKeyOperation`. The encoded/decoded way between string and bytes in `Invoke-AzKeyVaultKeyOperation` will change to UTF8. 
+* Added breaking change announcement for `Invoke-AzKeyVaultKeyOperation`. The encoded/decoded way between string and bytes in `Invoke-AzKeyVaultKeyOperation` will change to UTF8. 
     - This change will take effect on 5/23/2023
     - The change is expected to take effect from the version 5.0.0
 * Updated Azure.Core to 1.31.0.

src/KeyVault/KeyVault/Commands/Key/InvokeAzureKeyVaultOperation.cs renamed to src/KeyVault/KeyVault/Commands/Key/InvokeAzureKeyVaultKeyOperation.cs

@@ -1,6 +1,5 @@
 using Microsoft.Azure.Commands.KeyVault.Models;
 using Microsoft.Azure.Commands.ResourceManager.Common.ArgumentCompleters;
-using Microsoft.WindowsAzure.Commands.Common.CustomAttributes;
 
 using System;
 using System.Management.Automation;
@@ -15,7 +14,6 @@ namespace Microsoft.Azure.Commands.KeyVault.Commands.Key
     /// 3. Wraps a symmetric key using a specified key.
     /// 4. Unwraps a symmetric key using the specified key that was initially used for wrapping that key.
     /// </summary>
-    [GenericBreakingChange("The encoded/decoded way between string and bytes will change to UTF8.", "5.0.0", "05/23/2023")]
     [Cmdlet(VerbsLifecycle.Invoke, ResourceManager.Common.AzureRMConstants.AzurePrefix + "KeyVaultKeyOperation", SupportsShouldProcess = true, DefaultParameterSetName = ByVaultNameParameterSet)]
     [OutputType(typeof(PSKeyOperationResult))]
     public class InvokeAzureKeyVaultKeyOperation : KeyVaultKeyCmdletBase
@@ -83,7 +81,7 @@ public override void ExecuteCmdlet()
                     case Operations.Encrypt:
                         this.WriteObject(
                             this.Track2DataClient.Encrypt(VaultName, Name, Version,
-                                Encoding.ASCII.GetBytes(Value.ConvertToString()), Algorithm));
+                                Encoding.UTF8.GetBytes(Value.ConvertToString()), Algorithm));
                         break;
                     case Operations.Decrypt:
                         this.WriteObject(
@@ -93,7 +91,7 @@ public override void ExecuteCmdlet()
                     case Operations.Wrap:
                         this.WriteObject(
                             this.Track2DataClient.WrapKey(VaultName, Name, Version,
-                                Encoding.ASCII.GetBytes(Value.ConvertToString()), Algorithm));
+                                Encoding.UTF8.GetBytes(Value.ConvertToString()), Algorithm));
                         break;
                     case Operations.Unwrap:
                         this.WriteObject(
@@ -111,7 +109,7 @@ public override void ExecuteCmdlet()
                     case Operations.Encrypt:
                         this.WriteObject(
                             this.Track2DataClient.ManagedHsmKeyEncrypt(HsmName, Name, Version,
-                                Encoding.ASCII.GetBytes(Value.ConvertToString()), Algorithm));
+                                Encoding.UTF8.GetBytes(Value.ConvertToString()), Algorithm));
                         break;
                     case Operations.Decrypt:
                         this.WriteObject(
@@ -121,7 +119,7 @@ public override void ExecuteCmdlet()
                     case Operations.Wrap:
                         this.WriteObject(
                             this.Track2DataClient.ManagedHsmWrapKey(HsmName, Name, Version,
-                                Encoding.ASCII.GetBytes(Value.ConvertToString()), Algorithm));
+                                Encoding.UTF8.GetBytes(Value.ConvertToString()), Algorithm));
                         break;
                     case Operations.Unwrap:
                         this.WriteObject(

src/KeyVault/KeyVault/Models/Key/PSKeyOperationResult.cs

@@ -26,7 +26,7 @@ public PSKeyOperationResult(WrapResult wrapResult)
         public PSKeyOperationResult(UnwrapResult unwrapResult)
         {
             this.KeyId = unwrapResult.KeyId;
-            this.Result = System.Text.Encoding.Default.GetString(unwrapResult.Key);
+            this.Result = System.Text.Encoding.UTF8.GetString(unwrapResult.Key);
             this.Algorithm = unwrapResult.Algorithm.ToString();
         }
 
@@ -40,7 +40,7 @@ public PSKeyOperationResult(EncryptResult encryptResult)
         public PSKeyOperationResult(DecryptResult decryptResult)
         {
             this.KeyId = decryptResult.KeyId;
-            this.Result = System.Text.Encoding.Default.GetString(decryptResult.Plaintext);
+            this.Result = System.Text.Encoding.UTF8.GetString(decryptResult.Plaintext);
             this.Algorithm = decryptResult.Algorithm.ToString();
         }
     }

src/KeyVault/KeyVault/help/Invoke-AzKeyVaultKeyOperation.md

@@ -42,51 +42,39 @@ Invoke-AzKeyVaultKeyOperation cmdlet supports
 
 ## EXAMPLES
 
-### Encrypts using an encryption key
+### Example 1: Encrypts using an encryption key
 ```powershell
 $result = Invoke-AzKeyVaultKeyOperation -Operation Encrypt -Algorithm RSA1_5 -VaultName test-kv -Name test-key -Value (ConvertTo-SecureString -String "test" -AsPlainText -Force)
 $result | Format-List
 ```
 
 ```output
-KeyId     : https://test-kv.vault.azure.net/keys/test-key/375cdf20252043b79c8ca0c57b6c7679
-Result    : e01HmkipqwCZyQd2QZ5XOTSA3rlZ719qqHHadzepFGtvTSoDwr+sBPmODVqScvq5/MBS9YyT+u6AM5hsFKD+h2FJOB6Pj/nwO5MZ/tZ8F974qAxXXT2qvdNm6pHKhREgPlCHmz+L6xK/8KOF+LS1E9wmuAt8ZPsJ7BtcT2bcvR4VmeOaUhvxcuNMV675nsFpwHBv6GWSfQA+RkDCIpmv6msdpK8NG6+la+fSPA6EKMJkmqF3SZ6RhSOjg00S7jXEWncIzdp6RRKYZFKY+QhqLgFVABL876IW4nDGYgdVSG7KnH0K56QqtK5L4MhvU4XYE69I4WiWbZ7rcVLE3cO/9A==
+KeyId     : https://test-kv.vault.azure.net/keys/test-key/bd8b77352a2443d4983bd70e9f660bc6
+Result    : iVlA6rHicEm6F9vtU3jARzxWughOcRK9htj4UMy0ijd4a4hHwYrSy4lSXhiQTKSMpX+Qv3NTaz/fKNWdSoudCAwv2ZX/pYlSqZmDoAHzjUc
+            4wDQAAVZAUvOxHcpCQf3CrlvQK3XfsZeddeiD9laiUU3iB2Ivh3trX0G/Y29gL54THKsmlwXh5mBhxcXHaUv0erDzEVAGnC73FHlJoHCTdm
+            7eUMWvsnfhtd/BhcuBb/CeMy1QzHgoBTrByWms4KsTODBEZt41aVkdYxJDREsC8X6a/1vp9EeV+7jm3sZLl+Dm7XOpUjbR+/BUU7HKaw09i
+            BRQJGhXf7oyZOf3g6EPEQ==
 Algorithm : RSA1_5
 ```
 
-Encrypts string "test" using test-key stored in test-kv. The returned result is Base64 string format.
+Encrypts string "test" using test-key stored in test-kv. The `Result` is encrypted result in Base64 string format.
 
-### Decrypt encrypted data
+### Example 2: Decrypt encrypted data
 ```powershell
 $result
 $result = Invoke-AzKeyVaultKeyOperation -Operation Decrypt -Algorithm RSA1_5 -VaultName test-kv -Name test-key -Value (ConvertTo-SecureString -String $result.Result -AsPlainText -Force)
 $result | Format-List
 ```
 
 ```output
-KeyId     : https://test-kv.vault.azure.net/keys/test-key/375cdf20252043b79c8ca0c57b6c7679
+KeyId     : https://test-kv.vault.azure.net/keys/test-key/bd8b77352a2443d4983bd70e9f660bc6
 Result    : test
 Algorithm : RSA1_5
 ```
 
-Decrypts encrypted data that is encrypted using test-key stored in test-kv. 
-
-### Encrypts using an encryption key
-```powershell
-$result = Invoke-AzKeyVaultKeyOperation -Operation Encrypt -Algorithm RSA1_5 -VaultName test-kv -Name test-key -Value (ConvertTo-SecureString -String "test" -AsPlainText -Force) 
-
-$result | Format-List
-```
-
-```output
-KeyId     : https://test-kv.vault.azure.net/keys/test-key/375cdf20252043b79c8ca0c57b6c7679
-Result    : e01HmkipqwCZyQd2QZ5XOTSA3rlZ719qqHHadzepFGtvTSoDwr+sBPmODVqScvq5/MBS9YyT+u6AM5hsFKD+h2FJOB6Pj/nwO5MZ/tZ8F974qAxXXT2qvdNm6pHKhREgPlCHmz+L6xK/8KOF+LS1E9wmuAt8ZPsJ7BtcT2bcvR4VmeOaUhvxcuNMV675nsFpwHBv6GWSfQA+RkDCIpmv6msdpK8NG6+la+fSPA6EKMJkmqF3SZ6RhSOjg00S7jXEWncIzdp6RRKYZFKY+QhqLgFVABL876IW4nDGYgdVSG7KnH0K56QqtK5L4MhvU4XYE69I4WiWbZ7rcVLE3cO/9A==
-Algorithm : RSA1_5
-```
-
-Encrypts string "test" using test-key stored in test-kv. The returned result is Base64 string format.
+Decrypts encrypted data that is encrypted using test-key stored in test-kv. The `Result` is a plain string.
 
-### Wraps a symmetric key using a specified key
+### Example 3: Wraps a symmetric key using a specified key
 ```powershell
 $result = Invoke-AzKeyVaultKeyOperation -Operation Wrap -Algorithm RSA1_5 -VaultName test-kv -Name test-key -Value (ConvertTo-SecureString -String "ovQIlbB0DgWhZA7sgkPxbg9H-Ly-VlNGPSgGrrZvlIo" -AsPlainText -Force) 
 
@@ -95,13 +83,16 @@ $result | Format-List
 
 ```output
 KeyId     : https://test-kv.vault.azure.net/keys/test-key/375cdf20252043b79c8ca0c57b6c7679
-Result    : e01HmkipqwCZyQd2QZ5XOTSA3rlZ719qqHHadzepFGtvTSoDwr+sBPmODVqScvq5/MBS9YyT+u6AM5hsFKD+h2FJOB6Pj/nwO5MZ/tZ8F974qAxXXT2qvdNm6pHKhREgPlCHmz+L6xK/8KOF+LS1E9wmuAt8ZPsJ7BtcT2bcvR4VmeOaUhvxcuNMV675nsFpwHBv6GWSfQA+RkDCIpmv6msdpK8NG6+la+fSPA6EKMJkmqF3SZ6RhSOjg00S7jXEWncIzdp6RRKYZFKY+QhqLgFVABL876IW4nDGYgdVSG7KnH0K56QqtK5L4MhvU4XYE69I4WiWbZ7rcVLE3cO/9A==
+Result    : imHceWcmB5jufcz+qS+HwaXOvPiaeOQ2dF1Bh+2DByuw+AOyoL3wtwDSilP5BlR3DAB3byj4hlUqkEKcoHJpOGnU53mWeV0yhL+Wx0O4T9n
+            +e54Gtv/sfJD0CcMg+89mssi7hgU0u1IaaowzgSmP7ViRrSVGu8FniAR6hdf7j0JL7ON8IIFMy/+7yq00aJs/dspcESGjcZDry5pLzYphel
+            x7VAEbjuv1TuiHwu8cJYH/GsvROErOQbQ+aKcKlYTMzZRGdCA07xXltvFrTiCIvzeKE/lTJVIHH/Nv4aRne/ENRC2cx92r9XFhEBID6o5Td
+            kN09Wdjejo8nLDRw9XbtQ==
 Algorithm : RSA1_5
 ```
 
-Wraps a symmetric key using key named test-key stored in test-kv. The returned result is Base64 string.
+Wraps a symmetric key using key named test-key stored in test-kv. The `Result` is wrapped result in Base64 string format.
 
-### Unwraps a symmetric key using a specified key
+### Example 4: Unwraps a symmetric key using a specified key
 ```powershell
 Invoke-AzKeyVaultKeyOperation -Operation Unwrap -Algorithm RSA1_5 -VaultName test-kv -Name test-key -Value (ConvertTo-SecureString -String $result.Result -AsPlainText -Force) 
 ```
@@ -112,7 +103,7 @@ Result    : ovQIlbB0DgWhZA7sgkPxbg9H-Ly-VlNGPSgGrrZvlIo
 Algorithm : RSA1_5
 ```
 
- Unwraps a symmetric key using a specified key test-key stored in test-kv. 
+Unwraps a symmetric key using a specified key test-key stored in test-kv. The `Result` is a plain string.
 
 ## PARAMETERS