2015-04-17 19:56:03 +00:00
|
|
|
---
|
|
|
|
layout: "docs"
|
2015-04-28 18:32:04 +00:00
|
|
|
page_title: "Secret Backend: Transit"
|
2015-04-17 19:56:03 +00:00
|
|
|
sidebar_current: "docs-secrets-transit"
|
|
|
|
description: |-
|
|
|
|
The transit secret backend for Vault encrypts/decrypts data in-transit. It doesn't store any secrets.
|
|
|
|
---
|
|
|
|
|
|
|
|
# Transit Secret Backend
|
|
|
|
|
|
|
|
Name: `transit`
|
|
|
|
|
2016-09-21 14:29:42 +00:00
|
|
|
The transit secret backend handles cryptographic functions on data in-transit.
|
|
|
|
Vault doesn't store the data sent to the backend. It can also be viewed as
|
|
|
|
"cryptography as a service."
|
2015-04-17 19:56:03 +00:00
|
|
|
|
2016-09-21 14:29:42 +00:00
|
|
|
The primary use case for `transit` is to encrypt data from applications while
|
|
|
|
still storing that encrypted data in some primary data store. This relieves the
|
|
|
|
burden of proper encryption/decryption from application developers and pushes
|
|
|
|
the burden onto the operators of Vault. Operators of Vault generally include
|
|
|
|
the security team at an organization, which means they can ensure that data is
|
|
|
|
encrypted/decrypted properly. Additionally, since encrypt/decrypt operations
|
|
|
|
must enter the audit log, any decryption event is recorded.
|
2015-04-17 19:56:03 +00:00
|
|
|
|
2016-09-21 14:29:42 +00:00
|
|
|
`transit` can also sign and verify data; generate hashes and HMACs of data; and
|
|
|
|
act as a source of random bytes.
|
2015-09-21 16:24:17 +00:00
|
|
|
|
|
|
|
Due to Vault's flexible ACLs, other interesting use-cases are possible. For
|
|
|
|
instance, one set of Internet-facing servers can be given permission to encrypt
|
|
|
|
with a named key but not decrypt with it; a separate set of servers not
|
|
|
|
directly connected to the Internet can then perform decryption, reducing the
|
|
|
|
data's attack surface.
|
|
|
|
|
2016-06-20 17:17:48 +00:00
|
|
|
Key derivation is supported, which allows the same key to be used for multiple
|
|
|
|
purposes by deriving a new key based on a user-supplied context value. In this
|
|
|
|
mode, convergent encryption can optionally be supported, which allows the same
|
2016-08-07 19:53:40 +00:00
|
|
|
input values to produce the same ciphertext.
|
2016-06-20 17:17:48 +00:00
|
|
|
|
|
|
|
The backend also supports key rotation, which allows a new version of the named
|
|
|
|
key to be generated. All data encrypted with the key will use the newest
|
|
|
|
version of the key; previously encrypted data can be decrypted using old
|
|
|
|
versions of the key. Administrators can control which previous versions of a
|
|
|
|
key are available for decryption, to prevent an attacker gaining an old copy of
|
|
|
|
ciphertext to be able to successfully decrypt it. At any time, a legitimate
|
|
|
|
user can "rewrap" the data, providing an old version of the ciphertext and
|
|
|
|
receiving a new version encrypted with the latest key. Because rewrapping does
|
|
|
|
not expose the plaintext, using Vault's ACL system, this can even be safely
|
|
|
|
performed by unprivileged users or cron jobs.
|
2015-09-21 16:24:17 +00:00
|
|
|
|
|
|
|
Datakey generation allows processes to request a high-entropy key of a given
|
|
|
|
bit length be returned to them, encrypted with the named key. Normally this will
|
|
|
|
also return the key in plaintext to allow for immediate use, but this can be
|
|
|
|
disabled to accommodate auditing requirements.
|
|
|
|
|
|
|
|
N.B.: As part of adding rotation support, the initial version of a named key
|
2016-06-20 17:17:48 +00:00
|
|
|
produces ciphertext starting with version 1, i.e. containing `:v1:`. Keys from
|
|
|
|
very old versions of Vault, when rotated, will jump to version 2 despite their
|
|
|
|
previous ciphertext output containing `:v0:`. Decryption, however, treats
|
|
|
|
version 0 and version 1 the same, so old ciphertext will still work.
|
2015-04-17 19:56:03 +00:00
|
|
|
|
|
|
|
This page will show a quick start for this backend. For detailed documentation
|
2015-07-13 10:12:09 +00:00
|
|
|
on every path, use `vault path-help` after mounting the backend.
|
2015-04-17 19:56:03 +00:00
|
|
|
|
|
|
|
## Quick Start
|
|
|
|
|
2015-04-27 02:36:36 +00:00
|
|
|
The first step to using the transit backend is to mount it. Unlike the `generic`
|
|
|
|
backend, the `transit` backend is not mounted by default.
|
|
|
|
|
|
|
|
```
|
|
|
|
$ vault mount transit
|
|
|
|
Successfully mounted 'transit' at 'transit'!
|
|
|
|
```
|
|
|
|
|
|
|
|
The next step is to create a named encryption key. A named key is used so that
|
|
|
|
many different applications can use the transit backend with independent keys.
|
|
|
|
This is done by doing a write against the backend:
|
|
|
|
|
|
|
|
```
|
2015-07-05 21:47:16 +00:00
|
|
|
$ vault write -f transit/keys/foo
|
2015-04-27 20:52:47 +00:00
|
|
|
Success! Data written to: transit/keys/foo
|
2015-04-27 02:36:36 +00:00
|
|
|
```
|
|
|
|
|
|
|
|
This will create the "foo" named key in the transit backend. We can inspect
|
|
|
|
the settings of the "foo" key by reading it:
|
|
|
|
|
|
|
|
```
|
2015-04-27 20:52:47 +00:00
|
|
|
$ vault read transit/keys/foo
|
2016-04-05 13:16:47 +00:00
|
|
|
Key Value
|
2017-01-11 16:05:06 +00:00
|
|
|
deletion_allowed false
|
|
|
|
derived false
|
2017-01-23 16:04:43 +00:00
|
|
|
exportable false
|
2017-01-11 16:05:06 +00:00
|
|
|
keys map[1:1484070923]
|
|
|
|
latest_version 1
|
|
|
|
min_decryption_version 1
|
|
|
|
name foo
|
|
|
|
supports_decryption true
|
|
|
|
supports_derivation true
|
|
|
|
supports_encryption true
|
|
|
|
supports_signing false
|
|
|
|
type aes256-gcm96
|
2015-06-18 01:45:29 +00:00
|
|
|
````
|
|
|
|
|
2015-04-27 02:36:36 +00:00
|
|
|
Now, if we wanted to encrypt a piece of plain text, we use the encrypt
|
|
|
|
endpoint using our named key:
|
|
|
|
|
|
|
|
```
|
2015-06-13 16:03:57 +00:00
|
|
|
$ echo -n "the quick brown fox" | base64 | vault write transit/encrypt/foo plaintext=-
|
2015-04-27 21:58:53 +00:00
|
|
|
Key Value
|
2015-09-21 16:24:17 +00:00
|
|
|
ciphertext vault:v1:czEwyKqGZY/limnuzDCUUe5AK0tbBObWqeZgFqxCuIqq7A84SeiOq3sKD0Y/KUvv
|
2015-04-27 02:36:36 +00:00
|
|
|
```
|
|
|
|
|
|
|
|
The encryption endpoint expects the plaintext to be provided as a base64 encoded
|
|
|
|
strings, so we must first convert it. Vault does not store the plaintext or the
|
|
|
|
ciphertext, but only handles it _in transit_ for processing. The application
|
|
|
|
is free to store the ciphertext in a database or file at rest.
|
|
|
|
|
|
|
|
To decrypt, we simply use the decrypt endpoint using the same named key:
|
|
|
|
|
|
|
|
```
|
2015-09-21 16:24:17 +00:00
|
|
|
$ vault write transit/decrypt/foo ciphertext=vault:v1:czEwyKqGZY/limnuzDCUUe5AK0tbBObWqeZgFqxCuIqq7A84SeiOq3sKD0Y/KUvv
|
2015-04-27 21:58:53 +00:00
|
|
|
Key Value
|
|
|
|
plaintext dGhlIHF1aWNrIGJyb3duIGZveAo=
|
|
|
|
|
2016-04-05 13:20:43 +00:00
|
|
|
$ echo "dGhlIHF1aWNrIGJyb3duIGZveAo=" | base64 -d
|
2015-04-27 02:36:36 +00:00
|
|
|
the quick brown fox
|
|
|
|
```
|
|
|
|
|
|
|
|
Using ACLs, it is possible to restrict using the transit backend such
|
|
|
|
that trusted operators can manage the named keys, and applications can
|
|
|
|
only encrypt or decrypt using the named keys they need access to.
|
|
|
|
|
|
|
|
## API
|
|
|
|
|
2015-04-27 20:52:47 +00:00
|
|
|
### /transit/keys/
|
2015-04-27 19:30:46 +00:00
|
|
|
#### POST
|
2015-04-27 02:36:36 +00:00
|
|
|
|
2015-04-27 19:30:46 +00:00
|
|
|
<dl class="api">
|
2015-04-27 02:36:36 +00:00
|
|
|
<dt>Description</dt>
|
|
|
|
<dd>
|
2016-09-21 14:29:42 +00:00
|
|
|
Creates a new named encryption key of the specified type. The values set
|
|
|
|
here cannot be changed after key creation.
|
2015-04-27 02:36:36 +00:00
|
|
|
</dd>
|
|
|
|
|
|
|
|
<dt>Method</dt>
|
|
|
|
<dd>POST</dd>
|
|
|
|
|
|
|
|
<dt>URL</dt>
|
2015-04-27 20:52:47 +00:00
|
|
|
<dd>`/transit/keys/<name>`</dd>
|
2015-04-27 02:36:36 +00:00
|
|
|
|
|
|
|
<dt>Parameters</dt>
|
|
|
|
<dd>
|
2015-07-05 21:47:16 +00:00
|
|
|
<ul>
|
2016-09-21 14:29:42 +00:00
|
|
|
<li>
|
|
|
|
<span class="param">type</span>
|
|
|
|
<span class="param-flags">required</span>
|
|
|
|
The type of key to create. The currently-supported types are:
|
|
|
|
<ul>
|
|
|
|
<li>`aes256-gcm96`: AES-256 wrapped with GCM using a 12-byte nonce size (symmetric)</li>
|
|
|
|
<li>`ecdsa-p256`: ECDSA using the P-256 elliptic curve (asymmetric)</li>
|
|
|
|
</ul>
|
2017-01-11 16:05:06 +00:00
|
|
|
Defaults to `aes256-gcm96`.
|
2016-09-21 14:29:42 +00:00
|
|
|
</li>
|
2015-07-05 21:47:16 +00:00
|
|
|
<li>
|
|
|
|
<span class="param">derived</span>
|
|
|
|
<span class="param-flags">optional</span>
|
2016-06-20 17:17:48 +00:00
|
|
|
Boolean flag indicating if key derivation MUST be used. If enabled, all
|
|
|
|
encrypt/decrypt requests to this named key must provide a context
|
|
|
|
which is used for key derivation. Defaults to false.
|
|
|
|
</li>
|
|
|
|
<li>
|
|
|
|
<span class="param">convergent_encryption</span>
|
|
|
|
<span class="param-flags">optional</span>
|
|
|
|
If set, the key will support convergent encryption, where the same
|
|
|
|
plaintext creates the same ciphertext. This requires _derived_ to be
|
2016-08-07 19:53:40 +00:00
|
|
|
set to `true`. When enabled, each
|
2016-08-26 21:01:43 +00:00
|
|
|
encryption(/decryption/rewrap/datakey) operation will derive a `nonce`
|
|
|
|
value rather than randomly generate it. Note that while this is useful
|
|
|
|
for particular situations, all nonce values used with a given context
|
|
|
|
value **must be unique** or it will compromise the security of your
|
|
|
|
key, and the key space for nonces is 96 bit -- not as large as the AES
|
|
|
|
key itself. Defaults to false.
|
2015-07-05 21:47:16 +00:00
|
|
|
</li>
|
2017-01-23 16:04:43 +00:00
|
|
|
<li>
|
|
|
|
<span class="param">exportable</span>
|
|
|
|
<span class="param-flags">optional</span>
|
|
|
|
Boolean flag indicating if the key is exportable. Defaults to false.
|
|
|
|
</li>
|
2015-07-05 21:47:16 +00:00
|
|
|
</ul>
|
2015-04-27 02:36:36 +00:00
|
|
|
</dd>
|
|
|
|
|
|
|
|
<dt>Returns</dt>
|
|
|
|
<dd>
|
2015-06-18 01:45:29 +00:00
|
|
|
A `204` response code.
|
2015-04-27 02:36:36 +00:00
|
|
|
</dd>
|
|
|
|
</dl>
|
|
|
|
|
2015-04-27 19:30:46 +00:00
|
|
|
#### GET
|
2015-04-27 02:36:36 +00:00
|
|
|
|
2015-04-27 19:30:46 +00:00
|
|
|
<dl class="api">
|
2015-04-27 02:36:36 +00:00
|
|
|
<dt>Description</dt>
|
|
|
|
<dd>
|
2015-09-21 16:24:17 +00:00
|
|
|
Returns information about a named encryption key. The `keys` object shows
|
|
|
|
the creation time of each key version; the values are not the keys
|
2016-09-21 14:29:42 +00:00
|
|
|
themselves. Depending on the type of key, different information may be
|
|
|
|
returned, e.g. an asymmetric key will return its public key in a standard
|
|
|
|
format for the type.
|
2015-04-27 02:36:36 +00:00
|
|
|
</dd>
|
|
|
|
|
|
|
|
<dt>Method</dt>
|
|
|
|
<dd>GET</dd>
|
|
|
|
|
|
|
|
<dt>URL</dt>
|
2015-04-27 20:52:47 +00:00
|
|
|
<dd>`/transit/keys/<name>`</dd>
|
2015-04-27 02:36:36 +00:00
|
|
|
|
|
|
|
<dt>Parameters</dt>
|
|
|
|
<dd>
|
|
|
|
None
|
|
|
|
</dd>
|
|
|
|
|
|
|
|
<dt>Returns</dt>
|
|
|
|
<dd>
|
|
|
|
|
|
|
|
```javascript
|
2015-10-12 16:10:22 +00:00
|
|
|
{
|
|
|
|
"data": {
|
2016-09-21 14:29:42 +00:00
|
|
|
"type": "aes256-gcm96",
|
2015-09-21 16:24:17 +00:00
|
|
|
"deletion_allowed": false,
|
|
|
|
"derived": false,
|
2017-01-23 16:04:43 +00:00
|
|
|
"exportable": false,
|
2015-09-21 16:24:17 +00:00
|
|
|
"keys": {
|
2015-10-12 16:10:22 +00:00
|
|
|
"1": 1442851412
|
2015-09-21 16:24:17 +00:00
|
|
|
},
|
|
|
|
"min_decryption_version": 0,
|
2017-01-11 16:05:06 +00:00
|
|
|
"name": "foo",
|
|
|
|
"supports_encryption": true,
|
|
|
|
"supports_decryption": true,
|
|
|
|
"supports_derivation": true,
|
|
|
|
"supports_signing": false
|
2015-10-12 16:10:22 +00:00
|
|
|
}
|
2015-04-27 02:36:36 +00:00
|
|
|
}
|
|
|
|
```
|
|
|
|
|
|
|
|
</dd>
|
|
|
|
</dl>
|
|
|
|
|
2016-10-18 14:13:01 +00:00
|
|
|
#### LIST
|
|
|
|
|
|
|
|
<dl class="api">
|
|
|
|
<dt>Description</dt>
|
|
|
|
<dd>
|
|
|
|
Returns a list of keys. Only the key names are returned.
|
|
|
|
</dd>
|
|
|
|
|
|
|
|
<dt>Method</dt>
|
|
|
|
<dd>LIST/GET</dd>
|
|
|
|
|
|
|
|
<dt>URL</dt>
|
|
|
|
<dd>`/transit/keys` (LIST) or `/transit/keys?list=true` (GET)</dd>
|
|
|
|
|
|
|
|
<dt>Parameters</dt>
|
|
|
|
<dd>
|
|
|
|
None
|
|
|
|
</dd>
|
|
|
|
|
|
|
|
<dt>Returns</dt>
|
|
|
|
<dd>
|
|
|
|
|
|
|
|
```javascript
|
|
|
|
{
|
|
|
|
"data": {
|
|
|
|
"keys": ["foo", "bar"]
|
|
|
|
},
|
|
|
|
"lease_duration": 0,
|
|
|
|
"lease_id": "",
|
|
|
|
"renewable": false
|
|
|
|
}
|
|
|
|
```
|
|
|
|
|
|
|
|
</dd>
|
|
|
|
</dl>
|
|
|
|
|
2015-04-27 19:30:46 +00:00
|
|
|
#### DELETE
|
2015-04-27 02:36:36 +00:00
|
|
|
|
2015-04-27 19:30:46 +00:00
|
|
|
<dl class="api">
|
2015-04-27 02:36:36 +00:00
|
|
|
<dt>Description</dt>
|
|
|
|
<dd>
|
2016-02-18 17:45:18 +00:00
|
|
|
Deletes a named encryption key.
|
2016-02-02 14:26:25 +00:00
|
|
|
It will no longer be possible to decrypt any data encrypted with the
|
|
|
|
named key. Because this is a potentially catastrophic operation, the
|
|
|
|
`deletion_allowed` tunable must be set in the key's `/config` endpoint.
|
2015-04-27 02:36:36 +00:00
|
|
|
</dd>
|
|
|
|
|
|
|
|
<dt>Method</dt>
|
|
|
|
<dd>DELETE</dd>
|
|
|
|
|
|
|
|
<dt>URL</dt>
|
2015-04-27 20:52:47 +00:00
|
|
|
<dd>`/transit/keys/<name>`</dd>
|
2015-04-27 02:36:36 +00:00
|
|
|
|
|
|
|
<dt>Parameters</dt>
|
|
|
|
<dd>
|
|
|
|
None
|
|
|
|
</dd>
|
|
|
|
|
|
|
|
<dt>Returns</dt>
|
|
|
|
<dd>
|
|
|
|
A `204` response code.
|
|
|
|
</dd>
|
|
|
|
</dl>
|
|
|
|
|
2015-09-21 16:24:17 +00:00
|
|
|
### /transit/keys/config
|
|
|
|
#### POST
|
|
|
|
|
|
|
|
<dl class="api">
|
|
|
|
<dt>Description</dt>
|
|
|
|
<dd>
|
|
|
|
Allows tuning configuration values for a given key. (These values are
|
2016-02-18 17:45:18 +00:00
|
|
|
returned during a read operation on the named key.)
|
2015-09-21 16:24:17 +00:00
|
|
|
</dd>
|
|
|
|
|
|
|
|
<dt>Method</dt>
|
|
|
|
<dd>POST</dd>
|
|
|
|
|
|
|
|
<dt>URL</dt>
|
|
|
|
<dd>`/transit/keys/<name>/config`</dd>
|
|
|
|
|
|
|
|
<dt>Parameters</dt>
|
|
|
|
<dd>
|
|
|
|
<ul>
|
|
|
|
<li>
|
|
|
|
<span class="param">min_decryption_version</span>
|
|
|
|
<span class="param-flags">optional</span>
|
|
|
|
The minimum version of ciphertext allowed to be decrypted. Adjusting
|
|
|
|
this as part of a key rotation policy can prevent old copies of
|
|
|
|
ciphertext from being decrypted, should they fall into the wrong hands.
|
2016-09-21 14:29:42 +00:00
|
|
|
For signatures, this value controls the minimum version of signature
|
|
|
|
that can be verified against. For HMACs, this controls the minimum
|
|
|
|
version of a key allowed to be used as the key for the HMAC function.
|
2015-09-21 16:24:17 +00:00
|
|
|
Defaults to 0.
|
|
|
|
</li>
|
|
|
|
<li>
|
2016-09-21 14:29:42 +00:00
|
|
|
<span class="param">allow_deletion</span>
|
2015-09-21 16:24:17 +00:00
|
|
|
<span class="param-flags">optional</span>
|
|
|
|
When set, the key is allowed to be deleted. Defaults to false.
|
|
|
|
</li>
|
|
|
|
</ul>
|
|
|
|
</dd>
|
|
|
|
|
|
|
|
<dt>Returns</dt>
|
|
|
|
<dd>
|
|
|
|
A `204` response code.
|
|
|
|
</dd>
|
|
|
|
</dl>
|
|
|
|
|
|
|
|
### /transit/keys/rotate/
|
|
|
|
#### POST
|
|
|
|
|
|
|
|
<dl class="api">
|
|
|
|
<dt>Description</dt>
|
|
|
|
<dd>
|
|
|
|
Rotates the version of the named key. After rotation, new plaintext
|
|
|
|
requests will be encrypted with the new version of the key. To upgrade
|
|
|
|
ciphertext to be encrypted with the latest version of the key, use the
|
2016-09-21 14:29:42 +00:00
|
|
|
`rewrap` endpoint. This is only supported with keys that support encryption
|
|
|
|
and decryption operations.
|
2015-09-21 16:24:17 +00:00
|
|
|
</dd>
|
|
|
|
|
|
|
|
<dt>Method</dt>
|
|
|
|
<dd>POST</dd>
|
|
|
|
|
|
|
|
<dt>URL</dt>
|
|
|
|
<dd>`/transit/keys/<name>/rotate`</dd>
|
|
|
|
|
|
|
|
<dt>Parameters</dt>
|
|
|
|
<dd>
|
|
|
|
None
|
|
|
|
</dd>
|
|
|
|
|
|
|
|
<dt>Returns</dt>
|
|
|
|
<dd>
|
|
|
|
A `204` response code.
|
|
|
|
</dd>
|
|
|
|
</dl>
|
|
|
|
|
2017-01-24 03:26:38 +00:00
|
|
|
### /transit/export/encryption-key/\<name\>(/\<version\>)
|
|
|
|
### /transit/export/signing-key/\<name\>(/\<version\>)
|
|
|
|
### /transit/export/hmac-key/\<name\>(/\<version\>)
|
2017-01-23 16:04:43 +00:00
|
|
|
#### GET
|
|
|
|
|
|
|
|
<dl class="api">
|
|
|
|
<dt>Description</dt>
|
|
|
|
<dd>
|
|
|
|
Returns the named key. The `keys` object shows the value of the key for
|
|
|
|
each version. If `version` is specified, the specific version will be
|
|
|
|
returned. If `latest` is provided as the version, the current key will be
|
|
|
|
provided. Depending on the type of key, different information may be
|
|
|
|
returned. The key must be exportable to support this operation and the
|
|
|
|
version must still be valid.
|
|
|
|
</dd>
|
|
|
|
|
|
|
|
<dt>Method</dt>
|
|
|
|
<dd>GET</dd>
|
|
|
|
|
|
|
|
<dt>URL</dt>
|
|
|
|
<dd>`/transit/export/<key-type>/<name>/<version>`</dd>
|
|
|
|
|
|
|
|
<dt>Parameters</dt>
|
|
|
|
<dd>
|
|
|
|
None
|
|
|
|
</dd>
|
|
|
|
|
|
|
|
<dt>Returns</dt>
|
|
|
|
<dd>
|
|
|
|
|
|
|
|
```javascript
|
|
|
|
{
|
|
|
|
"data": {
|
|
|
|
"name": "foo",
|
|
|
|
"keys": {
|
|
|
|
"1": "eyXYGHbTmugUJn6EtYD/yVEoF6pCxm4R/cMEutUm3MY=",
|
|
|
|
"2": "Euzymqx6iXjS3/NuGKDCiM2Ev6wdhnU+rBiKnJ7YpHE="
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
```
|
|
|
|
|
|
|
|
</dd>
|
|
|
|
</dl>
|
|
|
|
|
2015-04-27 19:30:46 +00:00
|
|
|
### /transit/encrypt/
|
|
|
|
#### POST
|
2015-04-27 02:36:36 +00:00
|
|
|
|
2015-04-27 19:30:46 +00:00
|
|
|
<dl class="api">
|
2015-04-27 02:36:36 +00:00
|
|
|
<dt>Description</dt>
|
|
|
|
<dd>
|
2016-09-21 14:29:42 +00:00
|
|
|
Encrypts the provided plaintext using the named key. Currently, this only
|
|
|
|
supports symmetric keys. This path supports the `create` and `update`
|
|
|
|
policy capabilities as follows: if the user has the `create` capability for
|
|
|
|
this endpoint in their policies, and the key does not exist, it will be
|
|
|
|
upserted with default values (whether the key requires derivation depends
|
|
|
|
on whether the context parameter is empty or not). If the user only has
|
|
|
|
`update` capability and the key does not exist, an error will be returned.
|
2015-04-27 02:36:36 +00:00
|
|
|
</dd>
|
|
|
|
|
|
|
|
<dt>Method</dt>
|
|
|
|
<dd>POST</dd>
|
|
|
|
|
|
|
|
<dt>URL</dt>
|
|
|
|
<dd>`/transit/encrypt/<name>`</dd>
|
|
|
|
|
|
|
|
<dt>Parameters</dt>
|
|
|
|
<dd>
|
|
|
|
<ul>
|
|
|
|
<li>
|
|
|
|
<span class="param">plaintext</span>
|
|
|
|
<span class="param-flags">required</span>
|
2016-09-21 14:29:42 +00:00
|
|
|
The plaintext to encrypt, provided as a base64-encoded string.
|
2015-04-27 02:36:36 +00:00
|
|
|
</li>
|
2015-07-05 21:47:16 +00:00
|
|
|
<li>
|
|
|
|
<span class="param">context</span>
|
|
|
|
<span class="param-flags">optional</span>
|
2016-09-21 14:29:42 +00:00
|
|
|
The key derivation context, provided as a base64-encoded string.
|
2015-09-21 16:24:17 +00:00
|
|
|
Must be provided if derivation is enabled.
|
2015-07-05 21:47:16 +00:00
|
|
|
</li>
|
2016-08-07 19:53:40 +00:00
|
|
|
<li>
|
|
|
|
<span class="param">nonce</span>
|
|
|
|
<span class="param-flags">optional</span>
|
|
|
|
The nonce value, provided as base64 encoded. Must be provided if
|
2016-08-26 21:01:43 +00:00
|
|
|
convergent encryption is enabled for this key and the key was generated
|
|
|
|
with Vault 0.6.1. Not required for keys created in 0.6.2+. The value
|
|
|
|
must be exactly 96 bits (12 bytes) long and the user must ensure that
|
|
|
|
for any given context (and thus, any given encryption key) this nonce
|
|
|
|
value is **never reused**.
|
2016-08-07 19:53:40 +00:00
|
|
|
</li>
|
2015-04-27 02:36:36 +00:00
|
|
|
</ul>
|
|
|
|
</dd>
|
|
|
|
|
|
|
|
<dt>Returns</dt>
|
|
|
|
<dd>
|
|
|
|
|
|
|
|
```javascript
|
|
|
|
{
|
2015-10-12 16:10:22 +00:00
|
|
|
"data": {
|
|
|
|
"ciphertext": "vault:v1:abcdefgh"
|
|
|
|
}
|
2015-04-27 02:36:36 +00:00
|
|
|
}
|
|
|
|
```
|
|
|
|
|
|
|
|
</dd>
|
|
|
|
</dl>
|
|
|
|
|
2015-04-27 19:30:46 +00:00
|
|
|
### /transit/decrypt/
|
|
|
|
#### POST
|
2015-04-27 02:36:36 +00:00
|
|
|
|
2015-04-27 19:30:46 +00:00
|
|
|
<dl class="api">
|
2015-04-27 02:36:36 +00:00
|
|
|
<dt>Description</dt>
|
|
|
|
<dd>
|
2016-09-21 14:29:42 +00:00
|
|
|
Decrypts the provided ciphertext using the named key. Currently, this only
|
|
|
|
supports symmetric keys.
|
2015-04-27 02:36:36 +00:00
|
|
|
</dd>
|
|
|
|
|
|
|
|
<dt>Method</dt>
|
|
|
|
<dd>POST</dd>
|
|
|
|
|
|
|
|
<dt>URL</dt>
|
|
|
|
<dd>`/transit/decrypt/<name>`</dd>
|
|
|
|
|
|
|
|
<dt>Parameters</dt>
|
|
|
|
<dd>
|
|
|
|
<ul>
|
|
|
|
<li>
|
|
|
|
<span class="param">ciphertext</span>
|
|
|
|
<span class="param-flags">required</span>
|
|
|
|
The ciphertext to decrypt, provided as returned by encrypt.
|
|
|
|
</li>
|
2015-07-05 21:47:16 +00:00
|
|
|
<li>
|
|
|
|
<span class="param">context</span>
|
|
|
|
<span class="param-flags">optional</span>
|
2016-09-21 14:29:42 +00:00
|
|
|
The key derivation context, provided as a base64-encoded string.
|
2015-09-21 16:24:17 +00:00
|
|
|
Must be provided if derivation is enabled.
|
2015-07-05 21:47:16 +00:00
|
|
|
</li>
|
2016-08-07 19:53:40 +00:00
|
|
|
<li>
|
|
|
|
<span class="param">nonce</span>
|
|
|
|
<span class="param-flags">optional</span>
|
|
|
|
The nonce value used during encryption, provided as base64 encoded.
|
2016-08-26 21:01:43 +00:00
|
|
|
Must be provided if convergent encryption is enabled for this key and
|
|
|
|
the key was created with Vault 0.6.1. Not required for keys created in
|
|
|
|
0.6.2+.
|
2016-08-07 19:53:40 +00:00
|
|
|
</li>
|
2015-04-27 02:36:36 +00:00
|
|
|
</ul>
|
|
|
|
</dd>
|
|
|
|
|
|
|
|
<dt>Returns</dt>
|
|
|
|
<dd>
|
|
|
|
|
|
|
|
```javascript
|
|
|
|
{
|
2015-10-12 16:10:22 +00:00
|
|
|
"data": {
|
|
|
|
"plaintext": "dGhlIHF1aWNrIGJyb3duIGZveAo="
|
|
|
|
}
|
2015-04-27 02:36:36 +00:00
|
|
|
}
|
|
|
|
```
|
|
|
|
|
|
|
|
</dd>
|
|
|
|
</dl>
|
2015-09-21 16:24:17 +00:00
|
|
|
|
|
|
|
### /transit/rewrap/
|
|
|
|
#### POST
|
|
|
|
|
|
|
|
<dl class="api">
|
|
|
|
<dt>Description</dt>
|
|
|
|
<dd>
|
|
|
|
Rewrap the provided ciphertext using the latest version of the named key.
|
|
|
|
Because this never returns plaintext, it is possible to delegate this
|
|
|
|
functionality to untrusted users or scripts.
|
|
|
|
</dd>
|
|
|
|
|
|
|
|
<dt>Method</dt>
|
|
|
|
<dd>POST</dd>
|
|
|
|
|
|
|
|
<dt>URL</dt>
|
|
|
|
<dd>`/transit/rewrap/<name>`</dd>
|
|
|
|
|
|
|
|
<dt>Parameters</dt>
|
|
|
|
<dd>
|
|
|
|
<ul>
|
|
|
|
<li>
|
|
|
|
<span class="param">ciphertext</span>
|
|
|
|
<span class="param-flags">required</span>
|
|
|
|
The ciphertext to decrypt, provided as returned by encrypt.
|
|
|
|
</li>
|
|
|
|
<li>
|
|
|
|
<span class="param">context</span>
|
|
|
|
<span class="param-flags">optional</span>
|
2016-09-21 14:29:42 +00:00
|
|
|
The key derivation context, provided as base64-encoded string.
|
2015-09-21 16:24:17 +00:00
|
|
|
Must be provided if derivation is enabled.
|
|
|
|
</li>
|
2016-08-07 19:53:40 +00:00
|
|
|
<li>
|
|
|
|
<span class="param">nonce</span>
|
|
|
|
<span class="param-flags">optional</span>
|
|
|
|
The nonce value used during encryption, provided as base64 encoded.
|
2016-08-26 21:01:43 +00:00
|
|
|
Must be provided if convergent encryption is enabled for this key and
|
|
|
|
the key was created with Vault 0.6.1. Not required for keys created in
|
|
|
|
0.6.2+.
|
2016-08-07 19:53:40 +00:00
|
|
|
</li>
|
2015-09-21 16:24:17 +00:00
|
|
|
</ul>
|
|
|
|
</dd>
|
|
|
|
|
|
|
|
<dt>Returns</dt>
|
|
|
|
<dd>
|
|
|
|
|
|
|
|
```javascript
|
|
|
|
{
|
|
|
|
"data": {
|
2015-10-12 16:10:22 +00:00
|
|
|
"ciphertext": "vault:v2:abcdefgh"
|
2015-09-21 16:24:17 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
```
|
|
|
|
|
|
|
|
</dd>
|
|
|
|
</dl>
|
|
|
|
|
|
|
|
### /transit/datakey/
|
|
|
|
#### POST
|
|
|
|
|
|
|
|
<dl class="api">
|
|
|
|
<dt>Description</dt>
|
|
|
|
<dd>
|
2016-03-20 04:24:17 +00:00
|
|
|
Generate a new high-entropy key and the value encrypted with the named
|
2015-09-21 16:24:17 +00:00
|
|
|
key. Optionally return the plaintext of the key as well. Whether plaintext
|
|
|
|
is returned depends on the path; as a result, you can use Vault ACL
|
|
|
|
policies to control whether a user is allowed to retrieve the plaintext
|
|
|
|
value of a key. This is useful if you want an untrusted user or operation
|
|
|
|
to generate keys that are then made available to trusted users.
|
|
|
|
</dd>
|
|
|
|
|
|
|
|
<dt>Method</dt>
|
|
|
|
<dd>POST</dd>
|
|
|
|
|
|
|
|
<dt>URL</dt>
|
|
|
|
<dd>`/transit/datakey/<plaintext|wrapped>/<name>`</dd>
|
|
|
|
|
|
|
|
<dt>Parameters</dt>
|
|
|
|
<dd>
|
|
|
|
<ul>
|
|
|
|
<li>
|
|
|
|
<span class="param">plaintext|wrapped (path parameter)</span>
|
|
|
|
<span class="param-flags">required</span>
|
|
|
|
If `plaintext`, the plaintext key will be returned along with the
|
|
|
|
ciphertext. If `wrapped`, only the ciphertext value will be returned.
|
|
|
|
</li>
|
|
|
|
<li>
|
|
|
|
<span class="param">context</span>
|
|
|
|
<span class="param-flags">optional</span>
|
2016-09-21 14:29:42 +00:00
|
|
|
The key derivation context, provided as a base64-encoded string.
|
2015-09-21 16:24:17 +00:00
|
|
|
Must be provided if derivation is enabled.
|
|
|
|
</li>
|
2016-08-07 19:53:40 +00:00
|
|
|
<li>
|
|
|
|
<span class="param">nonce</span>
|
|
|
|
<span class="param-flags">optional</span>
|
|
|
|
The nonce value, provided as base64 encoded. Must be provided if
|
2016-08-26 21:01:43 +00:00
|
|
|
convergent encryption is enabled for this key and the key was generated
|
|
|
|
with Vault 0.6.1. Not required for keys created in 0.6.2+. The value
|
|
|
|
must be exactly 96 bits (12 bytes) long and the user must ensure that
|
|
|
|
for any given context (and thus, any given encryption key) this nonce
|
|
|
|
value is **never reused**.
|
2016-08-07 19:53:40 +00:00
|
|
|
</li>
|
2015-09-21 16:24:17 +00:00
|
|
|
<li>
|
|
|
|
<span class="param">bits</span>
|
|
|
|
<span class="param-flags">optional</span>
|
|
|
|
The number of bits in the desired key. Can be 128, 256, or 512; if not
|
|
|
|
given, defaults to 256.
|
|
|
|
</li>
|
|
|
|
</ul>
|
|
|
|
</dd>
|
|
|
|
|
|
|
|
<dt>Returns</dt>
|
|
|
|
<dd>
|
|
|
|
|
|
|
|
```javascript
|
|
|
|
{
|
2015-10-12 16:10:22 +00:00
|
|
|
"data": {
|
|
|
|
"plaintext": "dGhlIHF1aWNrIGJyb3duIGZveAo=",
|
|
|
|
"ciphertext": "vault:v1:abcdefgh"
|
|
|
|
}
|
2015-09-21 16:24:17 +00:00
|
|
|
}
|
|
|
|
```
|
|
|
|
|
|
|
|
</dd>
|
|
|
|
</dl>
|
2016-09-21 14:29:42 +00:00
|
|
|
|
|
|
|
### /transit/random
|
|
|
|
#### POST
|
|
|
|
|
|
|
|
<dl class="api">
|
|
|
|
<dt>Description</dt>
|
|
|
|
<dd>
|
|
|
|
Return high-quality random bytes of the specified length.
|
|
|
|
</dd>
|
|
|
|
|
|
|
|
<dt>Method</dt>
|
|
|
|
<dd>POST</dd>
|
|
|
|
|
|
|
|
<dt>URL</dt>
|
|
|
|
<dd>`/transit/random(/<bytes>)`</dd>
|
|
|
|
|
|
|
|
<dt>Parameters</dt>
|
|
|
|
<dd>
|
|
|
|
<ul>
|
|
|
|
<li>
|
|
|
|
<span class="param">bytes</span>
|
|
|
|
<span class="param-flags">optional</span>
|
|
|
|
The number of bytes to return. Defaults to 32 (256 bits). This value
|
|
|
|
can be specified either in the request body, or as a part of the URL
|
|
|
|
with a format like `/transit/random/48`.
|
|
|
|
</li>
|
|
|
|
<li>
|
|
|
|
<span class="param">format</span>
|
|
|
|
<span class="param-flags">optional</span>
|
|
|
|
The output encoding; can be either `hex` or `base64`. Defaults to
|
|
|
|
`base64`.
|
|
|
|
</li>
|
|
|
|
</ul>
|
|
|
|
</dd>
|
|
|
|
|
|
|
|
<dt>Returns</dt>
|
|
|
|
<dd>
|
|
|
|
|
|
|
|
```javascript
|
|
|
|
{
|
|
|
|
"data": {
|
|
|
|
"random_bytes": "dGhlIHF1aWNrIGJyb3duIGZveAo="
|
|
|
|
}
|
|
|
|
}
|
|
|
|
```
|
|
|
|
|
|
|
|
</dd>
|
|
|
|
</dl>
|
|
|
|
|
|
|
|
### /transit/hash
|
|
|
|
#### POST
|
|
|
|
|
|
|
|
<dl class="api">
|
|
|
|
<dt>Description</dt>
|
|
|
|
<dd>
|
|
|
|
Returns the hash of given data using the specified algorithm. The algorithm
|
|
|
|
can be specified as part of the URL or given via a parameter; the URL value
|
|
|
|
takes precedence if both are set.
|
|
|
|
</dd>
|
|
|
|
|
|
|
|
<dt>Method</dt>
|
|
|
|
<dd>POST</dd>
|
|
|
|
|
|
|
|
<dt>URL</dt>
|
|
|
|
<dd>`/transit/hash(/<algorithm>)`</dd>
|
|
|
|
|
|
|
|
<dt>Parameters</dt>
|
|
|
|
<dd>
|
|
|
|
<ul>
|
|
|
|
<li>
|
|
|
|
<span class="param">input</span>
|
|
|
|
<span class="param-flags">required</span>
|
|
|
|
The base64-encoded input data.
|
|
|
|
</li>
|
|
|
|
<li>
|
|
|
|
<span class="param">algorithm</span>
|
|
|
|
<span class="param-flags">optional</span>
|
|
|
|
The hash algorithm to use. This can also be specified in the URL.
|
|
|
|
Currently-supported algorithms are:
|
|
|
|
<ul>
|
|
|
|
<li>`sha2-224`</li>
|
|
|
|
<li>`sha2-256`</li>
|
|
|
|
<li>`sha2-384`</li>
|
|
|
|
<li>`sha2-512`</li>
|
|
|
|
</ul>
|
|
|
|
Defaults to `sha2-256`.
|
|
|
|
</li>
|
|
|
|
<li>
|
|
|
|
<span class="param">format</span>
|
|
|
|
<span class="param-flags">optional</span>
|
|
|
|
The output encoding; can be either `hex` or `base64`. Defaults to
|
|
|
|
`hex`.
|
|
|
|
</li>
|
|
|
|
</ul>
|
|
|
|
</dd>
|
|
|
|
|
|
|
|
<dt>Returns</dt>
|
|
|
|
<dd>
|
|
|
|
|
|
|
|
```javascript
|
|
|
|
{
|
|
|
|
"data": {
|
|
|
|
"sum": "dGhlIHF1aWNrIGJyb3duIGZveAo="
|
|
|
|
}
|
|
|
|
}
|
|
|
|
```
|
|
|
|
|
|
|
|
</dd>
|
|
|
|
</dl>
|
|
|
|
|
|
|
|
### /transit/hmac/
|
|
|
|
#### POST
|
|
|
|
|
|
|
|
<dl class="api">
|
|
|
|
<dt>Description</dt>
|
|
|
|
<dd>
|
|
|
|
Returns the digest of given data using the specified hash algorithm and the
|
|
|
|
named key. The key can be of any type supported by `transit`; the raw key
|
|
|
|
will be marshalled into bytes to be used for the HMAC function. If the key
|
|
|
|
is of a type that supports rotation, the latest (current) version will be
|
|
|
|
used.
|
|
|
|
</dd>
|
|
|
|
|
|
|
|
<dt>Method</dt>
|
|
|
|
<dd>POST</dd>
|
|
|
|
|
|
|
|
<dt>URL</dt>
|
|
|
|
<dd>`/transit/hmac/<name>(/<algorithm>)`</dd>
|
|
|
|
|
|
|
|
<dt>Parameters</dt>
|
|
|
|
<dd>
|
|
|
|
<ul>
|
|
|
|
<li>
|
|
|
|
<span class="param">input</span>
|
|
|
|
<span class="param-flags">required</span>
|
|
|
|
The base64-encoded input data.
|
|
|
|
</li>
|
|
|
|
<li>
|
|
|
|
<span class="param">algorithm</span>
|
|
|
|
<span class="param-flags">optional</span>
|
|
|
|
The hash algorithm to use. This can also be specified in the URL.
|
|
|
|
Currently-supported algorithms are:
|
|
|
|
<ul>
|
|
|
|
<li>`sha2-224`</li>
|
|
|
|
<li>`sha2-256`</li>
|
|
|
|
<li>`sha2-384`</li>
|
|
|
|
<li>`sha2-512`</li>
|
|
|
|
</ul>
|
|
|
|
Defaults to `sha2-256`.
|
|
|
|
</li>
|
|
|
|
<li>
|
|
|
|
<span class="param">format</span>
|
|
|
|
<span class="param-flags">optional</span>
|
|
|
|
The output encoding; can be either `hex` or `base64`. Defaults to
|
|
|
|
`hex`.
|
|
|
|
</li>
|
|
|
|
</ul>
|
|
|
|
</dd>
|
|
|
|
|
|
|
|
<dt>Returns</dt>
|
|
|
|
<dd>
|
|
|
|
|
|
|
|
```javascript
|
|
|
|
{
|
|
|
|
"data": {
|
|
|
|
"hmac": "dGhlIHF1aWNrIGJyb3duIGZveAo="
|
|
|
|
}
|
|
|
|
}
|
|
|
|
```
|
|
|
|
|
|
|
|
</dd>
|
|
|
|
</dl>
|
|
|
|
|
|
|
|
### /transit/sign/
|
|
|
|
#### POST
|
|
|
|
|
|
|
|
<dl class="api">
|
|
|
|
<dt>Description</dt>
|
|
|
|
<dd>
|
|
|
|
Returns the cryptographic signature of the given data using the named key
|
|
|
|
and the specified hash algorithm. The key must be of a type that supports
|
|
|
|
signing.
|
|
|
|
</dd>
|
|
|
|
|
|
|
|
<dt>Method</dt>
|
|
|
|
<dd>POST</dd>
|
|
|
|
|
|
|
|
<dt>URL</dt>
|
|
|
|
<dd>`/transit/sign/<name>(/<algorithm>)`</dd>
|
|
|
|
|
|
|
|
<dt>Parameters</dt>
|
|
|
|
<dd>
|
|
|
|
<ul>
|
|
|
|
<li>
|
|
|
|
<span class="param">input</span>
|
|
|
|
<span class="param-flags">required</span>
|
|
|
|
The base64-encoded input data.
|
|
|
|
</li>
|
|
|
|
<li>
|
|
|
|
<span class="param">algorithm</span>
|
|
|
|
<span class="param-flags">optional</span>
|
|
|
|
The hash algorithm to use. This can also be specified in the URL.
|
|
|
|
Currently-supported algorithms are:
|
|
|
|
<ul>
|
|
|
|
<li>`sha2-224`</li>
|
|
|
|
<li>`sha2-256`</li>
|
|
|
|
<li>`sha2-384`</li>
|
|
|
|
<li>`sha2-512`</li>
|
|
|
|
</ul>
|
|
|
|
Defaults to `sha2-256`.
|
|
|
|
</li>
|
|
|
|
</ul>
|
|
|
|
</dd>
|
|
|
|
|
|
|
|
<dt>Returns</dt>
|
|
|
|
<dd>
|
|
|
|
|
|
|
|
```javascript
|
|
|
|
{
|
|
|
|
"data": {
|
|
|
|
"signature": "vault:v1:MEUCIQCyb869d7KWuA0hBM9b5NJrmWzMW3/pT+0XYCM9VmGR+QIgWWF6ufi4OS2xo1eS2V5IeJQfsi59qeMWtgX0LipxEHI="
|
|
|
|
}
|
|
|
|
}
|
|
|
|
```
|
|
|
|
|
|
|
|
</dd>
|
|
|
|
</dl>
|
|
|
|
|
|
|
|
### /transit/verify/
|
|
|
|
#### POST
|
|
|
|
|
|
|
|
<dl class="api">
|
|
|
|
<dt>Description</dt>
|
|
|
|
<dd>
|
|
|
|
Returns whether the provided signature is valid for the given data.
|
|
|
|
</dd>
|
|
|
|
|
|
|
|
<dt>Method</dt>
|
|
|
|
<dd>POST</dd>
|
|
|
|
|
|
|
|
<dt>URL</dt>
|
|
|
|
<dd>`/transit/verify/<name>(/<algorithm>)`</dd>
|
|
|
|
|
|
|
|
<dt>Parameters</dt>
|
|
|
|
<dd>
|
|
|
|
<ul>
|
|
|
|
<li>
|
|
|
|
<span class="param">input</span>
|
|
|
|
<span class="param-flags">required</span>
|
|
|
|
The base64-encoded input data.
|
|
|
|
</li>
|
|
|
|
<li>
|
|
|
|
<span class="param">signature</span>
|
|
|
|
<span class="param-flags">required</span>
|
2016-11-07 18:44:14 +00:00
|
|
|
The signature output from the `/transit/sign` function. Either this must be supplied or `hmac` must be supplied.
|
|
|
|
</li>
|
|
|
|
<li>
|
|
|
|
<span class="param">hmac</span>
|
|
|
|
<span class="param-flags">required</span>
|
|
|
|
The signature output from the `/transit/hmac` function. Either this must be supplied or `signature` must be supplied.
|
2016-09-21 14:29:42 +00:00
|
|
|
</li>
|
|
|
|
<li>
|
|
|
|
<span class="param">algorithm</span>
|
|
|
|
<span class="param-flags">optional</span>
|
|
|
|
The hash algorithm to use. This can also be specified in the URL.
|
|
|
|
Currently-supported algorithms are:
|
|
|
|
<ul>
|
|
|
|
<li>`sha2-224`</li>
|
|
|
|
<li>`sha2-256`</li>
|
|
|
|
<li>`sha2-384`</li>
|
|
|
|
<li>`sha2-512`</li>
|
|
|
|
</ul>
|
|
|
|
Defaults to `sha2-256`.
|
|
|
|
</li>
|
|
|
|
</ul>
|
|
|
|
</dd>
|
|
|
|
|
|
|
|
<dt>Returns</dt>
|
|
|
|
<dd>
|
|
|
|
|
|
|
|
```javascript
|
|
|
|
{
|
|
|
|
"data": {
|
|
|
|
"valid": true
|
|
|
|
}
|
|
|
|
}
|
|
|
|
```
|
|
|
|
|
|
|
|
</dd>
|
|
|
|
</dl>
|