除了我给sign（）的数据是32字节编码为urlsafe-base64。不知道他们从哪里得到44分。在

#!/usr/bin/env python3

from azure.keyvault import KeyVaultClient
from msrestazure.azure_active_directory import MSIAuthentication
from base64 import urlsafe_b64encode
from hashlib import blake2b
from binascii import unhexlify

kvclient = KeyVaultClient(MSIAuthentication(resource='https://vault.azure.net'));
op = urlsafe_b64encode(blake2b(unhexlify('00112233'), digest_size=32).digest())
print(op)
sig = kvclient.sign('https://REDACTED1.vault.azure.net', 'REDACTED2', 'REDACTED3', 'ES256', op)

$ ./aclient.py
b'QO46UZnfhhh93VCTkagtPzWj1Z-4PvmzmKdsmA4fepY='
Traceback (most recent call last):
  File "./aclient.py", line 12, in <module>
    sig = kvclient.sign('https://REDACTED1.vault.azure.net', 'REDACTED2', 'REDACTED3', 'ES256', op)
  File "/home/dev/hsm/lib/python3.6/site-packages/azure/keyvault/v7_0/key_vault_client.py", line 1022, in sign
    raise models.KeyVaultErrorException(self._deserialize, response)
azure.keyvault.v7_0.models.keyvault.v7_0.models.key_vault_error_py3.KeyVaultErrorException: (BadParameter) Invalid length of 'value': 44 bytes. ES256 requires 32 bytes, encoded with base64url.

其中的身份验证/令牌通过系统分配的托管标识进行处理-ES256用于ECC P256密钥签名。R1是我的keyvault域主机名，R2是keyname，r3是keyversion。我正在使用来自Azure SDK for Python - Keyvault的文档。我还尝试了python的标准base64 encode函数来代替“urlsafe”函数，我得到了相同的结果。在