2017-03-09 02:47:35 +00:00
---
2020-01-18 00:18:09 +00:00
layout: api
page_title: Transit - Secrets Engines - HTTP API
description: This is the API documentation for the Vault Transit secrets engine.
2017-03-09 02:47:35 +00:00
---
2017-09-20 20:05:00 +00:00
# Transit Secrets Engine (API)
2017-03-09 02:47:35 +00:00
2017-09-20 20:05:00 +00:00
This is the API documentation for the Vault Transit secrets engine. For general
information about the usage and operation of the Transit secrets engine, please
2020-01-22 20:05:41 +00:00
see the [transit documentation](/docs/secrets/transit).
2017-03-09 02:47:35 +00:00
2017-09-20 20:05:00 +00:00
This documentation assumes the transit secrets engine is enabled at the
`/transit` path in Vault. Since it is possible to enable secrets engines at any
location, please update your API calls accordingly.
2017-03-09 02:47:35 +00:00
## Create Key
This endpoint creates a new named encryption key of the specified type. The
values set here cannot be changed after key creation.
2020-01-18 00:18:09 +00:00
| Method | Path |
| :----- | :-------------------- |
| `POST` | `/transit/keys/:name` |
2017-03-09 02:47:35 +00:00
### Parameters
- `name` `(string: <required>)` – Specifies the name of the encryption key to
create. This is specified as part of the URL.
- `convergent_encryption` `(bool: false)` – If enabled, the key will support
convergent encryption, where the same plaintext creates the same ciphertext.
This requires _derived_ to be set to `true`. When enabled, each
encryption(/decryption/rewrap/datakey) operation will derive a `nonce` value
2018-02-14 16:59:46 +00:00
rather than randomly generate it.
2017-03-09 02:47:35 +00:00
2017-04-20 22:18:55 +00:00
- `derived` `(bool: false)` – Specifies if key derivation is to be used. If
2017-03-09 02:47:35 +00:00
enabled, all encrypt/decrypt requests to this named key must provide a context
which is used for key derivation.
2020-01-18 00:18:09 +00:00
- `exportable` `(bool: false)` - Enables keys to be exportable. This
2017-12-14 17:51:50 +00:00
allows for all the valid keys in the key ring to be exported. Once set, this
cannot be disabled.
- `allow_plaintext_backup` `(bool: false)` - If set, enables taking backup of
named key in the plaintext format. Once set, this cannot be disabled.
2017-03-09 02:47:35 +00:00
- `type` `(string: "aes256-gcm96")` – Specifies the type of key to create. The
currently-supported types are:
2020-01-18 00:18:09 +00:00
- `aes128-gcm96` – AES-128 wrapped with GCM using a 96-bit nonce size AEAD
(symmetric, supports derivation and convergent encryption)
- `aes256-gcm96` – AES-256 wrapped with GCM using a 96-bit nonce size AEAD
(symmetric, supports derivation and convergent encryption, default)
- `chacha20-poly1305` – ChaCha20-Poly1305 AEAD (symmetric, supports
derivation and convergent encryption)
- `ed25519` – ED25519 (asymmetric, supports derivation). When using
derivation, a sign operation with the same context will derive the same
key and signature; this is a signing analogue to `convergent_encryption`.
- `ecdsa-p256` – ECDSA using the P-256 elliptic curve (asymmetric)
- `ecdsa-p384` – ECDSA using the P-384 elliptic curve (asymmetric)
- `ecdsa-p521` – ECDSA using the P-521 elliptic curve (asymmetric)
- `rsa-2048` - RSA with bit size of 2048 (asymmetric)
2020-02-15 22:40:50 +00:00
- `rsa-3072` - RSA with bit size of 3072 (asymmetric)
2020-01-18 00:18:09 +00:00
- `rsa-4096` - RSA with bit size of 4096 (asymmetric)
2022-09-06 15:17:58 +00:00
- `hmac` - HMAC (HMAC generation, verification)
2017-03-09 02:47:35 +00:00
2022-05-17 20:28:20 +00:00
~> **Note**: In FIPS 140-2 mode, the following algorithms are not certified
and thus should not be used: `chacha20-poly1305` and `ed25519`.
2022-09-06 15:17:58 +00:00
~> **Note**: All key types support HMAC through the use of a second randomly
generated key created key creation time or rotation. The HMAC key type only
supports HMAC, and behaves identically to other algorithms with
respect to the HMAC operations but supports key import. By default,
the HMAC key type uses a 256-bit key.
- `key_size` `(int: "0", optional)` - The key size in bytes for algorithms
that allow variable key sizes. Currently only applicable to HMAC, where
it must be between 16 and 512 bytes.
2022-02-17 20:17:59 +00:00
- `auto_rotate_period` `(duration: "0", optional)` – The period at which
2022-01-20 15:10:15 +00:00
this key should be rotated automatically. Setting this to "0" (the default)
will disable automatic key rotation. This value cannot be shorter than one
2022-06-13 12:51:07 +00:00
hour. Uses [duration format strings](/docs/concepts/duration-format).
2022-01-20 15:10:15 +00:00
2017-03-09 02:47:35 +00:00
### Sample Payload
```json
{
2022-05-17 20:28:20 +00:00
"type": "ecdsa-p256",
2017-03-09 02:47:35 +00:00
"derived": true
}
```
### Sample Request
2020-05-21 17:18:17 +00:00
```shell-session
2017-03-09 02:47:35 +00:00
$ curl \
--header "X-Vault-Token: ..." \
--request POST \
--data @payload.json \
2018-03-23 15:41:51 +00:00
http://127.0.0.1:8200/v1/transit/keys/my-key
2017-03-09 02:47:35 +00:00
```
2022-06-17 19:53:39 +00:00
## Import Key
This endpoint imports existing key material into a new transit-managed encryption key.
To import key material into an existing key, see the `import_version/` endpoint.
2022-07-21 16:19:13 +00:00
| Method | Path |
| :----- | :--------------------------- |
| `POST` | `/transit/keys/:name/import` |
2022-06-17 19:53:39 +00:00
### Parameters
- `name` `(string: <required>)` – Specifies the name of the encryption key to
create. This is specified as part of the URL.
- `ciphertext` `(string: <required>)` - A base64-encoded string that contains
2022-06-24 15:28:09 +00:00
two values: an ephemeral 256-bit AES key wrapped using the wrapping key
2022-06-17 19:53:39 +00:00
returned by Vault and the encryption of the import key material under the
provided AES key. The wrapped AES key should be the first 512 bytes of the
ciphertext, and the encrypted key material should be the remaining bytes.
2022-10-12 17:51:42 +00:00
See the BYOK section of the [Transit secrets engine documentation](/docs/secrets/transit#bring-your-own-key-byok)
for more information on constructing the ciphertext.
2022-06-17 19:53:39 +00:00
- `hash_function` `(string: "SHA256")` - The hash function used for the
RSA-OAEP step of creating the ciphertext. Supported hash functions are:
`SHA1`, `SHA224`, `SHA256`, `SHA384`, and `SHA512`. If not specified,
the hash function defaults to SHA256.
- `type` `(string: <required>)` – Specifies the type of key to create. The
currently-supported types are:
- `aes128-gcm96` – AES-128 wrapped with GCM using a 96-bit nonce size AEAD
(symmetric, supports derivation and convergent encryption)
- `aes256-gcm96` – AES-256 wrapped with GCM using a 96-bit nonce size AEAD
(symmetric, supports derivation and convergent encryption, default)
- `chacha20-poly1305` – ChaCha20-Poly1305 AEAD (symmetric, supports
derivation and convergent encryption)
- `ed25519` – ED25519 (asymmetric, supports derivation). When using
derivation, a sign operation with the same context will derive the same
key and signature; this is a signing analogue to `convergent_encryption`.
- `ecdsa-p256` – ECDSA using the P-256 elliptic curve (asymmetric)
- `ecdsa-p384` – ECDSA using the P-384 elliptic curve (asymmetric)
- `ecdsa-p521` – ECDSA using the P-521 elliptic curve (asymmetric)
- `rsa-2048` - RSA with bit size of 2048 (asymmetric)
- `rsa-3072` - RSA with bit size of 3072 (asymmetric)
- `rsa-4096` - RSA with bit size of 4096 (asymmetric)
- `allow_rotation` `(bool: false)` - If set, the imported key can be rotated
within Vault by using the `rotate` endpoint.
~> **NOTE**: Once an imported key is rotated within Vault, it will no longer
support importing key material with the `import_version` endpoint.
- `derived` `(bool: false)` – Specifies if key derivation is to be used. If
enabled, all encrypt/decrypt requests to this named key must provide a context
which is used for key derivation.
- `context` `(string: "")` - A base64-encoded string providing a context for
key derivation. Required if `derived` is set to `true`.
- `exportable` `(bool: false)` - Enables keys to be exportable. This
allows for all the valid keys in the key ring to be exported. Once set, this
cannot be disabled.
- `allow_plaintext_backup` `(bool: false)` - If set, enables taking backup of
named key in the plaintext format. Once set, this cannot be disabled.
- `auto_rotate_period` `(duration: "0", optional)` – The period at which
this key should be rotated automatically. Setting this to "0" (the default)
will disable automatic key rotation. This value cannot be shorter than one
hour.
### Sample Payload
```json
{
"type": "ed25519",
"ciphertext": "..."
}
```
### Sample Request
```shell-session
$ curl \
--header "X-Vault-Token: ..." \
--request POST \
--data @payload.json \
http://127.0.0.1:8200/v1/transit/keys/my-key/import
```
## Import Key Version
This endpoint imports new key material into an existing imported key.
2022-07-21 16:19:13 +00:00
| Method | Path |
| :----- | :----------------------------------- |
| `POST` | `/transit/keys/:name/import_version` |
2022-06-17 19:53:39 +00:00
~> **Note**: Keys whose material was generated by Vault do not support
importing key material. Only keys that were previously imported into
Vault can import new key material from an external source.
### Parameters
- `name` `(string: <required>)` – Specifies the name of the encryption key to
create. This is specified as part of the URL.
- `ciphertext` `(string: <required>)` - A base64-encoded string that contains
2022-06-24 15:28:09 +00:00
two values: an ephemeral 256-bit AES key wrapped using the wrapping key
2022-06-17 19:53:39 +00:00
returned by Vault and the encryption of the import key material under the
provided AES key. The wrapped AES key should be the first 512 bytes of the
ciphertext, and the encrypted key material should be the remaining bytes.
2022-10-12 17:51:42 +00:00
See the BYOK section of the [Transit secrets engine documentation](/docs/secrets/transit#bring-your-own-key-byok)
2022-06-17 19:53:39 +00:00
for more information on constructing the ciphertext.
- `hash_function` `(string: "SHA256")` - The hash function used for the
RSA-OAEP step of creating the ciphertext. Supported hash functions are:
`SHA1`, `SHA224`, `SHA256`, `SHA384`, and `SHA512`. If not specified,
the hash function defaults to SHA256.
### Sample Payload
```json
{
"ciphertext": "..."
}
```
### Sample Request
```shell-session
$ curl \
--header "X-Vault-Token: ..." \
--request POST \
--data @payload.json \
http://127.0.0.1:8200/v1/transit/keys/my-key/import_version
```
## Get Wrapping Key
This endpoint is used to retrieve the wrapping key to use for importing keys.
The returned key will be a 4096-bit RSA public key.
2022-07-21 16:19:13 +00:00
| Method | Path |
| :---- | :---------------------- |
| `GET` | `/transit/wrapping_key` |
2022-06-17 19:53:39 +00:00
### Sample Request
```shell-session
$ curl \
--header "X-Vault-Token: ..." \
--request GET \
http://127.0.0.1:8200/v1/transit/wrapping_key
```
### Sample Response
```json
{
"data": {
"public_key": "..."
},
}
```
2017-03-09 02:47:35 +00:00
## Read Key
This endpoint returns information about a named encryption key. The `keys`
object shows the creation time of each key version; the values are not the keys
themselves. Depending on the type of key, different information may be returned,
e.g. an asymmetric key will return its public key in a standard format for the
type.
2020-01-18 00:18:09 +00:00
| Method | Path |
| :----- | :-------------------- |
| `GET` | `/transit/keys/:name` |
2017-03-09 02:47:35 +00:00
### Parameters
- `name` `(string: <required>)` – Specifies the name of the encryption key to
read. This is specified as part of the URL.
### Sample Request
2020-05-21 17:18:17 +00:00
```shell-session
2017-03-09 02:47:35 +00:00
$ curl \
--header "X-Vault-Token: ..." \
2018-03-23 15:41:51 +00:00
http://127.0.0.1:8200/v1/transit/keys/my-key
2017-03-09 02:47:35 +00:00
```
### Sample Response
```json
{
"data": {
"type": "aes256-gcm96",
"deletion_allowed": false,
"derived": false,
"exportable": false,
2017-12-14 17:51:50 +00:00
"allow_plaintext_backup": false,
2017-03-09 02:47:35 +00:00
"keys": {
"1": 1442851412
},
2017-06-07 17:00:14 +00:00
"min_decryption_version": 1,
"min_encryption_version": 0,
2017-03-09 02:47:35 +00:00
"name": "foo",
"supports_encryption": true,
"supports_decryption": true,
"supports_derivation": true,
2022-06-17 19:53:39 +00:00
"supports_signing": false,
"imported": false
2017-03-09 02:47:35 +00:00
}
}
```
2020-08-07 17:11:11 +00:00
The `keys` attribute lists each version of the key, and the time that key was created as seconds since the Unix epoch.
The sample response shows a key that was created on September 22, 2015 7:50:12 PM GMT, and has not been rotated.
The fields `supports_encryption`, `supports_decryption`, `supports_derivation` and `supports_signing` are
derived from the type of the key, and indicate which operations may be performed with it.
2017-03-09 02:47:35 +00:00
## List Keys
This endpoint returns a list of keys. Only the key names are returned (not the
actual keys themselves).
2020-01-18 00:18:09 +00:00
| Method | Path |
| :----- | :-------------- |
| `LIST` | `/transit/keys` |
2017-03-09 02:47:35 +00:00
### Sample Request
2020-05-21 17:18:17 +00:00
```shell-session
2017-03-09 02:47:35 +00:00
$ curl \
--header "X-Vault-Token: ..." \
--request LIST \
2018-03-23 15:41:51 +00:00
http://127.0.0.1:8200/v1/transit/keys
2017-03-09 02:47:35 +00:00
```
### Sample Response
```json
{
"data": {
"keys": ["foo", "bar"]
},
"lease_duration": 0,
"lease_id": "",
"renewable": false
}
```
## Delete Key
This endpoint deletes a named encryption key. It will no longer be possible to
decrypt any data encrypted with the named key. Because this is a potentially
catastrophic operation, the `deletion_allowed` tunable must be set in the key's
`/config` endpoint.
2020-01-18 00:18:09 +00:00
| Method | Path |
| :------- | :-------------------- |
| `DELETE` | `/transit/keys/:name` |
2017-03-09 02:47:35 +00:00
### Parameters
- `name` `(string: <required>)` – Specifies the name of the encryption key to
delete. This is specified as part of the URL.
### Sample Request
2020-05-21 17:18:17 +00:00
```shell-session
2017-03-09 02:47:35 +00:00
$ curl \
--header "X-Vault-Token: ..." \
--request DELETE \
2018-03-23 15:41:51 +00:00
http://127.0.0.1:8200/v1/transit/keys/my-key
2017-03-09 02:47:35 +00:00
```
2017-05-09 13:57:23 +00:00
## Update Key Configuration
2017-03-09 02:47:35 +00:00
This endpoint allows tuning configuration values for a given key. (These values
are returned during a read operation on the named key.)
2020-01-18 00:18:09 +00:00
| Method | Path |
| :----- | :--------------------------- |
| `POST` | `/transit/keys/:name/config` |
2017-03-09 02:47:35 +00:00
### Parameters
- `min_decryption_version` `(int: 0)` – Specifies the minimum version of
ciphertext allowed to be decrypted. Adjusting this as part of a key rotation
policy can prevent old copies of ciphertext from being decrypted, should they
fall into the wrong hands. For signatures, this value controls the minimum
version of signature that can be verified against. For HMACs, this controls
2017-06-07 17:00:14 +00:00
the minimum version of a key allowed to be used as the key for verification.
- `min_encryption_version` `(int: 0)` – Specifies the minimum version of the
key that can be used to encrypt plaintext, sign payloads, or generate HMACs.
Must be `0` (which will use the latest version) or a value greater or equal
to `min_decryption_version`.
2017-03-09 02:47:35 +00:00
2017-12-14 17:51:50 +00:00
- `deletion_allowed` `(bool: false)` - Specifies if the key is allowed to be
2017-03-09 02:47:35 +00:00
deleted.
2020-01-18 00:18:09 +00:00
- `exportable` `(bool: false)` - Enables keys to be exportable. This
2017-12-14 17:51:50 +00:00
allows for all the valid keys in the key ring to be exported. Once set, this
cannot be disabled.
- `allow_plaintext_backup` `(bool: false)` - If set, enables taking backup of
named key in the plaintext format. Once set, this cannot be disabled.
2022-02-17 20:17:59 +00:00
- `auto_rotate_period` `(duration: "", optional)` – The period at which this
2022-01-20 15:10:15 +00:00
key should be rotated automatically. Setting this to "0" will disable automatic
key rotation. This value cannot be shorter than one hour. When no value is
2022-06-13 12:51:07 +00:00
provided, the period remains unchanged. Uses [duration format strings](/docs/concepts/duration-format).
2022-01-20 15:10:15 +00:00
2017-03-09 02:47:35 +00:00
### Sample Payload
```json
{
"deletion_allowed": true
}
```
### Sample Request
2020-05-21 17:18:17 +00:00
```shell-session
2017-03-09 02:47:35 +00:00
$ curl \
--header "X-Vault-Token: ..." \
--request POST \
--data @payload.json \
2018-03-23 15:41:51 +00:00
http://127.0.0.1:8200/v1/transit/keys/my-key/config
2017-03-09 02:47:35 +00:00
```
## Rotate Key
This endpoint rotates the version of the named key. After rotation, new
plaintext requests will be encrypted with the new version of the key. To upgrade
ciphertext to be encrypted with the latest version of the key, use the `rewrap`
endpoint. This is only supported with keys that support encryption and
decryption operations.
2022-09-06 15:17:58 +00:00
For algorithms with a configurable key size, the rotated key will use the same
key size as the previous version.
2022-06-17 19:53:39 +00:00
~> **Note**: For imported keys, rotation is only supported if the
`allow_rotation` field was set to `true` on import. Once an imported key is
rotated within Vault, it will not support further import operations.
2020-01-18 00:18:09 +00:00
| Method | Path |
| :----- | :--------------------------- |
| `POST` | `/transit/keys/:name/rotate` |
2017-03-09 02:47:35 +00:00
### Sample Request
2020-05-21 17:18:17 +00:00
```shell-session
2017-03-09 02:47:35 +00:00
$ curl \
--header "X-Vault-Token: ..." \
--request POST \
2018-03-23 15:41:51 +00:00
http://127.0.0.1:8200/v1/transit/keys/my-key/rotate
2017-03-09 02:47:35 +00:00
```
2017-05-10 13:27:03 +00:00
## Export Key
2017-03-09 02:47:35 +00:00
This endpoint returns the named key. The `keys` object shows the value of the
key for each version. If `version` is specified, the specific version will be
returned. If `latest` is provided as the version, the current key will be
provided. Depending on the type of key, different information may be returned.
The key must be exportable to support this operation and the version must still
be valid.
2020-01-18 00:18:09 +00:00
| Method | Path |
| :----- | :------------------------------------------- |
| `GET` | `/transit/export/:key_type/:name(/:version)` |
2017-03-09 02:47:35 +00:00
### Parameters
- `key_type` `(string: <required>)` – Specifies the type of the key to export.
This is specified as part of the URL. Valid values are:
2020-01-18 00:18:09 +00:00
- `encryption-key`
- `signing-key`
- `hmac-key`
2017-03-09 02:47:35 +00:00
- `name` `(string: <required>)` – Specifies the name of the key to read
information about. This is specified as part of the URL.
2017-05-10 13:27:03 +00:00
- `version` `(string: "")` – Specifies the version of the key to read. If omitted,
2017-03-09 02:47:35 +00:00
all versions of the key will be returned. This is specified as part of the
2017-05-10 13:27:03 +00:00
URL. If the version is set to `latest`, the current key will be returned.
2017-03-09 02:47:35 +00:00
### Sample Request
2020-05-21 17:18:17 +00:00
```shell-session
2017-03-09 02:47:35 +00:00
$ curl \
--header "X-Vault-Token: ..." \
2018-03-23 15:41:51 +00:00
http://127.0.0.1:8200/v1/transit/export/encryption-key/my-key/1
2017-03-09 02:47:35 +00:00
```
### Sample Response
```json
{
"data": {
"name": "foo",
"keys": {
"1": "eyXYGHbTmugUJn6EtYD/yVEoF6pCxm4R/cMEutUm3MY=",
"2": "Euzymqx6iXjS3/NuGKDCiM2Ev6wdhnU+rBiKnJ7YpHE="
}
}
}
```
## Encrypt Data
2017-11-21 17:25:28 +00:00
This endpoint encrypts the provided plaintext using the named key. This path
supports the `create` and `update` policy capabilities as follows: if the user
has the `create` capability for this endpoint in their policies, and the key
does not exist, it will be upserted with default values (whether the key
requires derivation depends on whether the context parameter is empty or not).
If the user only has `update` capability and the key does not exist, an error
will be returned.
2017-03-09 02:47:35 +00:00
2020-01-18 00:18:09 +00:00
| Method | Path |
| :----- | :----------------------- |
| `POST` | `/transit/encrypt/:name` |
2017-03-09 02:47:35 +00:00
### Parameters
- `name` `(string: <required>)` – Specifies the name of the encryption key to
encrypt against. This is specified as part of the URL.
- `plaintext` `(string: <required>)` – Specifies **base64 encoded** plaintext to
be encoded.
2022-10-24 17:41:02 +00:00
- `associated_data` `(string: "")` - Specifies **base64 encoded** associated
data (also known as additional data or AAD) to also be authenticated with
AEAD ciphers (`aes128-gcm96`, `aes256-gcm`, and `chacha20-poly1305`).
2017-03-09 02:47:35 +00:00
- `context` `(string: "")` – Specifies the **base64 encoded** context for key
derivation. This is required if key derivation is enabled for this key.
2017-06-07 17:00:14 +00:00
- `key_version` `(int: 0)` – Specifies the version of the key to use for
encryption. If not set, uses the latest version. Must be greater than or
equal to the key's `min_encryption_version`, if set.
2017-03-09 02:47:35 +00:00
- `nonce` `(string: "")` – Specifies the **base64 encoded** nonce value. This
must be provided if convergent encryption is enabled for this key and the key
was generated with Vault 0.6.1. Not required for keys created in 0.6.2+. The
value must be exactly 96 bits (12 bytes) long and the user must ensure that
for any given context (and thus, any given encryption key) this nonce value is
**never reused**.
- `batch_input` `(array<object>: nil)` – Specifies a list of items to be
encrypted in a single batch. When this parameter is set, if the parameters
'plaintext', 'context' and 'nonce' are also set, they will be ignored. The
format for the input is:
2020-01-18 00:18:09 +00:00
```json
[
{
"context": "c2FtcGxlY29udGV4dA==",
"plaintext": "dGhlIHF1aWNrIGJyb3duIGZveA=="
},
{
"context": "YW5vdGhlcnNhbXBsZWNvbnRleHQ=",
"plaintext": "dGhlIHF1aWNrIGJyb3duIGZveA=="
}
]
```
2017-03-09 02:47:35 +00:00
- `type` `(string: "aes256-gcm96")` – This parameter is required when encryption
key is expected to be created. When performing an upsert operation, the type
2017-11-21 17:25:28 +00:00
of key to create.
2017-03-09 02:47:35 +00:00
- `convergent_encryption` `(string: "")` – This parameter will only be used when
2020-01-18 00:18:09 +00:00
a key is expected to be created. Whether to support convergent encryption.
2017-03-09 02:47:35 +00:00
This is only supported when using a key with key derivation enabled and will
require all requests to carry both a context and 96-bit (12-byte) nonce. The
given nonce will be used in place of a randomly generated nonce. As a result,
when the same context and nonce are supplied, the same ciphertext is
generated. It is _very important_ when using this mode that you ensure that
2020-01-18 00:18:09 +00:00
all nonces are unique for a given context. Failing to do so will severely
2017-03-09 02:47:35 +00:00
impact the ciphertext's security.
2022-09-13 17:51:09 +00:00
- `partial_failure_response_code` `(int: 400)` Ordinarily, if a batch item fails
to encrypt due to a bad input, but other batch items succeed, the HTTP response
code is 400 (Bad Request). Some applications may want to treat partial failures
differently. Providing the parameter returns the given response code integer
instead of a 400 in this case. If all values fail HTTP 400 is still returned.
2022-06-17 19:53:39 +00:00
~>**NOTE:** All plaintext data **must be base64-encoded**. The reason for this
2019-11-11 18:01:31 +00:00
requirement is that Vault does not require that the plaintext is "text". It
could be a binary file such as a PDF or image. The easiest safe transport
mechanism for this data as part of a JSON payload is to base64-encode it.
2017-03-09 02:47:35 +00:00
### Sample Payload
2019-11-11 18:01:31 +00:00
Fist, encode the plaintext with base64:
2020-05-21 17:18:17 +00:00
```shell-session
2022-08-24 13:03:30 +00:00
$ echo "the quick brown fox" | base64
2019-11-11 18:01:31 +00:00
dGhlIHF1aWNrIGJyb3duIGZveAo=
```
Use the base64-encoded plaintext in the payload:
2017-03-09 02:47:35 +00:00
```json
{
2019-11-11 18:01:31 +00:00
"plaintext": "dGhlIHF1aWNrIGJyb3duIGZveAo="
2017-03-09 02:47:35 +00:00
}
```
2020-01-22 20:05:41 +00:00
!> Vault HTTP API imposes a maximum request size of 32MB to prevent a denial of service attack. This can be tuned per [`listener` block](/docs/configuration/listener/tcp) in the Vault server configuration.
2019-01-09 01:57:43 +00:00
2017-03-09 02:47:35 +00:00
### Sample Request
2020-05-21 17:18:17 +00:00
```shell-session
2017-03-09 02:47:35 +00:00
$ curl \
--header "X-Vault-Token: ..." \
--request POST \
--data @payload.json \
2018-03-23 15:41:51 +00:00
http://127.0.0.1:8200/v1/transit/encrypt/my-key
2017-03-09 02:47:35 +00:00
```
### Sample Response
```json
{
"data": {
2019-11-11 18:01:31 +00:00
"ciphertext": "vault:v1:XjsPWPjqPrBi1N2Ms2s1QM798YyFWnO4TR4lsFA="
2017-03-09 02:47:35 +00:00
}
}
```
## Decrypt Data
2017-11-21 17:25:28 +00:00
This endpoint decrypts the provided ciphertext using the named key.
2017-03-09 02:47:35 +00:00
2020-01-18 00:18:09 +00:00
| Method | Path |
| :----- | :----------------------- |
| `POST` | `/transit/decrypt/:name` |
2017-03-09 02:47:35 +00:00
### Parameters
- `name` `(string: <required>)` – Specifies the name of the encryption key to
decrypt against. This is specified as part of the URL.
- `ciphertext` `(string: <required>)` – Specifies the ciphertext to decrypt.
2022-10-24 17:41:02 +00:00
- `associated_data` `(string: "")` - Specifies **base64 encoded** associated
data (also known as additional data or AAD) to also be authenticated with
AEAD ciphers (`aes128-gcm96`, `aes256-gcm`, and `chacha20-poly1305`).
2017-03-09 02:47:35 +00:00
- `context` `(string: "")` – Specifies the **base64 encoded** context for key
derivation. This is required if key derivation is enabled.
- `nonce` `(string: "")` – Specifies a base64 encoded nonce value used during
encryption. Must be provided if convergent encryption is enabled for this key
and the key was generated with Vault 0.6.1. Not required for keys created in
0.6.2+.
- `batch_input` `(array<object>: nil)` – Specifies a list of items to be
decrypted in a single batch. When this parameter is set, if the parameters
'ciphertext', 'context' and 'nonce' are also set, they will be ignored. Format
for the input goes like this:
2020-01-18 00:18:09 +00:00
```json
[
{
"context": "c2FtcGxlY29udGV4dA==",
"ciphertext": "vault:v1:/DupSiSbX/ATkGmKAmhqD0tvukByrx6gmps7dVI="
},
{
"context": "YW5vdGhlcnNhbXBsZWNvbnRleHQ=",
"ciphertext": "vault:v1:XjsPWPjqPrBi1N2Ms2s1QM798YyFWnO4TR4lsFA="
}
]
```
2022-09-13 17:51:09 +00:00
- `partial_failure_response_code` `(int: 400)` Ordinarily, if a batch item fails
to encrypt due to a bad input, but other batch items succeed, the HTTP response
code is 400 (Bad Request). Some applications may want to treat partial failures
differently. Providing the parameter returns the given response code integer
instead of a 400 in this case. If all values fail HTTP 400 is still returned.
2017-03-09 02:47:35 +00:00
### Sample Payload
```json
{
"ciphertext": "vault:v1:XjsPWPjqPrBi1N2Ms2s1QM798YyFWnO4TR4lsFA="
}
```
### Sample Request
2020-05-21 17:18:17 +00:00
```shell-session
2017-03-09 02:47:35 +00:00
$ curl \
--header "X-Vault-Token: ..." \
--request POST \
--data @payload.json \
2018-03-23 15:41:51 +00:00
http://127.0.0.1:8200/v1/transit/decrypt/my-key
2017-03-09 02:47:35 +00:00
```
### Sample Response
```json
{
"data": {
"plaintext": "dGhlIHF1aWNrIGJyb3duIGZveAo="
}
}
```
## Rewrap Data
2017-04-19 16:29:33 +00:00
This endpoint rewraps the provided ciphertext using the latest version of the
2017-03-09 02:47:35 +00:00
named key. Because this never returns plaintext, it is possible to delegate this
functionality to untrusted users or scripts.
2020-01-18 00:18:09 +00:00
| Method | Path |
| :----- | :---------------------- |
| `POST` | `/transit/rewrap/:name` |
2017-03-09 02:47:35 +00:00
### Parameters
- `name` `(string: <required>)` – Specifies the name of the encryption key to
re-encrypt against. This is specified as part of the URL.
- `ciphertext` `(string: <required>)` – Specifies the ciphertext to re-encrypt.
- `context` `(string: "")` – Specifies the **base64 encoded** context for key
derivation. This is required if key derivation is enabled.
2017-06-07 17:00:14 +00:00
- `key_version` `(int: 0)` – Specifies the version of the key to use for the
operation. If not set, uses the latest version. Must be greater than or equal
to the key's `min_encryption_version`, if set.
2017-03-09 02:47:35 +00:00
- `nonce` `(string: "")` – Specifies a base64 encoded nonce value used during
encryption. Must be provided if convergent encryption is enabled for this key
and the key was generated with Vault 0.6.1. Not required for keys created in
0.6.2+.
- `batch_input` `(array<object>: nil)` – Specifies a list of items to be
decrypted in a single batch. When this parameter is set, if the parameters
'ciphertext', 'context' and 'nonce' are also set, they will be ignored. Format
for the input goes like this:
2020-01-18 00:18:09 +00:00
```json
[
{
"context": "c2FtcGxlY29udGV4dA==",
"ciphertext": "vault:v1:/DupSiSbX/ATkGmKAmhqD0tvukByrx6gmps7dVI="
},
{
"context": "YW5vdGhlcnNhbXBsZWNvbnRleHQ=",
"ciphertext": "vault:v1:XjsPWPjqPrBi1N2Ms2s1QM798YyFWnO4TR4lsFA="
}
]
```
2017-03-09 02:47:35 +00:00
### Sample Payload
```json
{
"ciphertext": "vault:v1:XjsPWPjqPrBi1N2Ms2s1QM798YyFWnO4TR4lsFA="
}
```
### Sample Request
2020-05-21 17:18:17 +00:00
```shell-session
2017-03-09 02:47:35 +00:00
$ curl \
--header "X-Vault-Token: ..." \
--request POST \
--data @payload.json \
2018-03-23 15:41:51 +00:00
http://127.0.0.1:8200/v1/transit/rewrap/my-key
2017-03-09 02:47:35 +00:00
```
### Sample Response
```json
{
"data": {
"ciphertext": "vault:v2:abcdefgh"
}
}
```
## Generate Data Key
This endpoint generates a new high-entropy key and the value encrypted with the
named key. Optionally return the plaintext of the key as well. Whether plaintext
is returned depends on the path; as a result, you can use Vault ACL policies to
control whether a user is allowed to retrieve the plaintext value of a key. This
is useful if you want an untrusted user or operation to generate keys that are
then made available to trusted users.
2020-01-18 00:18:09 +00:00
| Method | Path |
| :----- | :----------------------------- |
| `POST` | `/transit/datakey/:type/:name` |
2017-03-09 02:47:35 +00:00
### Parameters
- `type` `(string: <required>)` – Specifies the type of key to generate. If
`plaintext`, the plaintext key will be returned along with the ciphertext. If
`wrapped`, only the ciphertext value will be returned. This is specified as
part of the URL.
- `name` `(string: <required>)` – Specifies the name of the encryption key to
2017-10-27 20:43:26 +00:00
use to encrypt the datakey. This is specified as part of the URL.
2017-03-09 02:47:35 +00:00
- `context` `(string: "")` – Specifies the key derivation context, provided as a
base64-encoded string. This must be provided if derivation is enabled.
- `nonce` `(string: "")` – Specifies a nonce value, provided as base64 encoded.
Must be provided if convergent encryption is enabled for this key and the key
was generated with Vault 0.6.1. Not required for keys created in 0.6.2+. The
value must be exactly 96 bits (12 bytes) long and the user must ensure that
for any given context (and thus, any given encryption key) this nonce value is
**never reused**.
- `bits` `(int: 256)` – Specifies the number of bits in the desired key. Can be
128, 256, or 512.
### Sample Payload
```json
{
"context": "Ab3=="
}
```
### Sample Request
2020-05-21 17:18:17 +00:00
```shell-session
2017-03-09 02:47:35 +00:00
$ curl \
--header "X-Vault-Token: ..." \
--request POST \
--data @payload.json \
2018-03-23 15:41:51 +00:00
http://127.0.0.1:8200/v1/transit/datakey/plaintext/my-key
2017-03-09 02:47:35 +00:00
```
### Sample Response
```json
{
"data": {
"plaintext": "dGhlIHF1aWNrIGJyb3duIGZveAo=",
"ciphertext": "vault:v1:abcdefgh"
}
}
```
## Generate Random Bytes
This endpoint returns high-quality random bytes of the specified length.
2022-05-02 19:42:07 +00:00
| Method | Path |
| :----- | :----------------------------------- |
| `POST` | `/transit/random(/:source)(/:bytes)` |
2017-03-09 02:47:35 +00:00
### Parameters
- `bytes` `(int: 32)` – Specifies the number of bytes to return. This value can
be specified either in the request body, or as a part of the URL.
- `format` `(string: "base64")` – Specifies the output encoding. Valid options
are `hex` or `base64`.
2022-05-02 19:42:07 +00:00
- `source` `(string: "platform")` - Specifies the source of the requested bytes.
2022-06-13 12:51:07 +00:00
`platform`, the default, sources bytes from the platform's entropy source.
2022-05-02 19:42:07 +00:00
`seal` sources from entropy augmentation (enterprise only).
`all` mixes bytes from all available sources.
2017-03-09 02:47:35 +00:00
### Sample Payload
```json
{
"format": "hex"
}
```
### Sample Request
2020-05-21 17:18:17 +00:00
```shell-session
2017-03-09 02:47:35 +00:00
$ curl \
--header "X-Vault-Token: ..." \
--request POST \
--data @payload.json \
2018-03-23 15:41:51 +00:00
http://127.0.0.1:8200/v1/transit/random/164
2017-03-09 02:47:35 +00:00
```
### Sample Response
```json
{
"data": {
"random_bytes": "dGhlIHF1aWNrIGJyb3duIGZveAo="
}
}
```
## Hash Data
This endpoint returns the cryptographic hash of given data using the specified
algorithm.
2020-01-18 00:18:09 +00:00
| Method | Path |
| :----- | :--------------------------- |
| `POST` | `/transit/hash(/:algorithm)` |
2017-03-09 02:47:35 +00:00
### Parameters
- `algorithm` `(string: "sha2-256")` – Specifies the hash algorithm to use. This
can also be specified as part of the URL. Currently-supported algorithms are:
2020-01-18 00:18:09 +00:00
- `sha2-224`
- `sha2-256`
- `sha2-384`
- `sha2-512`
2021-12-08 18:29:33 +00:00
- `sha3-224`
- `sha3-256`
- `sha3-384`
- `sha3-512`
2017-03-09 02:47:35 +00:00
2022-05-17 20:28:20 +00:00
~> **Note**: In FIPS 140-2 mode, the following algorithms are not certified
and thus should not be used: `sha3-224`, `sha3-256`, `sha3-384`, and
`sha3-512`.
2017-03-09 02:47:35 +00:00
- `input` `(string: <required>)` – Specifies the **base64 encoded** input data.
- `format` `(string: "hex")` – Specifies the output encoding. This can be either
`hex` or `base64`.
### Sample Payload
```json
{
"input": "adba32=="
}
```
### Sample Request
2020-05-21 17:18:17 +00:00
```shell-session
2017-03-09 02:47:35 +00:00
$ curl \
--header "X-Vault-Token: ..." \
--request POST \
--data @payload.json \
2018-03-23 15:41:51 +00:00
http://127.0.0.1:8200/v1/transit/hash/sha2-512
2017-03-09 02:47:35 +00:00
```
### Sample Response
```json
{
"data": {
"sum": "dGhlIHF1aWNrIGJyb3duIGZveAo="
}
}
```
2017-06-07 17:00:14 +00:00
## Generate HMAC
2017-03-09 02:47:35 +00:00
This endpoint returns the digest of given data using the specified hash
2022-07-27 16:48:41 +00:00
algorithm and the named key. The key can be of any type supported by `transit`,
as each `transit` key version has an independent, random 256-bit HMAC secret key. If
2017-03-09 02:47:35 +00:00
the key is of a type that supports rotation, the latest (current) version will
be used.
2020-01-18 00:18:09 +00:00
| Method | Path |
| :----- | :--------------------------------- |
| `POST` | `/transit/hmac/:name(/:algorithm)` |
2017-03-09 02:47:35 +00:00
### Parameters
- `name` `(string: <required>)` – Specifies the name of the encryption key to
generate hmac against. This is specified as part of the URL.
2017-06-07 17:00:14 +00:00
- `key_version` `(int: 0)` – Specifies the version of the key to use for the
operation. If not set, uses the latest version. Must be greater than or equal
to the key's `min_encryption_version`, if set.
2017-03-09 02:47:35 +00:00
- `algorithm` `(string: "sha2-256")` – Specifies the hash algorithm to use. This
can also be specified as part of the URL. Currently-supported algorithms are:
2020-01-18 00:18:09 +00:00
- `sha2-224`
- `sha2-256`
- `sha2-384`
- `sha2-512`
2021-12-08 18:29:33 +00:00
- `sha3-224`
- `sha3-256`
- `sha3-384`
- `sha3-512`
2017-03-09 02:47:35 +00:00
2022-05-17 20:28:20 +00:00
~> **Note**: In FIPS 140-2 mode, the following algorithms are not certified
and thus should not be used: `sha3-224`, `sha3-256`, `sha3-384`, and
`sha3-512`.
2019-11-11 18:01:31 +00:00
- `input` `(string: "")` – Specifies the **base64 encoded** input data. One of
2019-03-04 20:26:20 +00:00
`input` or `batch_input` must be supplied.
2017-03-09 02:47:35 +00:00
2019-03-04 20:26:20 +00:00
- `batch_input` `(array<object>: nil)` – Specifies a list of items for processing.
2019-11-11 18:01:31 +00:00
When this parameter is set, if the parameter 'input' is also set, it will be
2020-01-18 00:18:09 +00:00
ignored. Responses are returned in the 'batch_results' array component of the
2019-11-11 18:01:31 +00:00
'data' element of the response. If the input data value of an item is invalid, the
corresponding item in the 'batch_results' will have the key 'error' with a value
2019-03-04 20:26:20 +00:00
describing the error. The format for batch_input is:
2020-01-18 00:18:09 +00:00
```json
{
"batch_input": [
{
"input": "adba32=="
},
{
"input": "aGVsbG8gd29ybGQuCg=="
}
]
}
```
2017-03-09 02:47:35 +00:00
### Sample Request
2020-05-21 17:18:17 +00:00
```shell-session
2017-03-09 02:47:35 +00:00
$ curl \
--header "X-Vault-Token: ..." \
--request POST \
--data @payload.json \
2018-03-23 15:41:51 +00:00
http://127.0.0.1:8200/v1/transit/hmac/my-key/sha2-512
2017-03-09 02:47:35 +00:00
```
2019-03-04 20:26:20 +00:00
### Sample Payload
```json
{
"input": "adba32=="
}
```
2017-03-09 02:47:35 +00:00
### Sample Response
```json
{
"data": {
"hmac": "dGhlIHF1aWNrIGJyb3duIGZveAo="
}
}
```
2019-03-04 20:26:20 +00:00
### Sample Payload with batch_input
```json
{
"batch_input": [
{
"input": "adba32=="
},
{
"input": "adba32=="
},
{},
{
"input": ""
}
]
}
```
### Sample Response for batch_input
```json
{
"data": {
"batch_results": [
{
"hmac": "vault:v1:1jFhRYWHiddSKgEFyVRpX8ieX7UU+748NBwHKecXE3hnGBoAxrfgoD5U0yAvji7b5X6V1fP"
},
{
"hmac": "vault:v1:1jFhRYWHiddSKgEFyVRpX8ieX7UU+748NBwHKecXE3hnGBoAxrfgoD5U0yAvji7b5X6V1fP"
},
{
"error": "missing input for HMAC"
},
{
"hmac": "vault:v1:/wsSP6iQ9ECO9RRkefKLXey9sDntzSjoiW0vBrWfUsYB0ISroyC6plUt/jN7gcOv9O+Ecow"
}
]
}
}
```
2017-06-07 17:00:14 +00:00
## Sign Data
2017-03-09 02:47:35 +00:00
This endpoint returns the cryptographic signature of the given data using the
named key and the specified hash algorithm. The key must be of a type that
supports signing.
2020-01-18 00:18:09 +00:00
| Method | Path |
| :----- | :-------------------------------------- |
| `POST` | `/transit/sign/:name(/:hash_algorithm)` |
2017-03-09 02:47:35 +00:00
### Parameters
- `name` `(string: <required>)` – Specifies the name of the encryption key to
2017-06-14 15:49:12 +00:00
use for signing. This is specified as part of the URL.
2017-03-09 02:47:35 +00:00
2017-06-07 17:00:14 +00:00
- `key_version` `(int: 0)` – Specifies the version of the key to use for
signing. If not set, uses the latest version. Must be greater than or equal
to the key's `min_encryption_version`, if set.
2018-03-15 16:17:02 +00:00
- `hash_algorithm` `(string: "sha2-256")` – Specifies the hash algorithm to use for
2017-07-28 13:30:27 +00:00
supporting key types (notably, not including `ed25519` which specifies its
own hash algorithm). This can also be specified as part of the URL.
Currently-supported algorithms are:
2017-03-09 02:47:35 +00:00
2020-01-18 00:18:09 +00:00
- `sha1`
- `sha2-224`
- `sha2-256`
- `sha2-384`
- `sha2-512`
2021-12-08 18:29:33 +00:00
- `sha3-224`
- `sha3-256`
- `sha3-384`
- `sha3-512`
2022-10-27 12:26:20 +00:00
- `none`
2017-03-09 02:47:35 +00:00
2022-05-17 20:28:20 +00:00
~> **Note**: In FIPS 140-2 mode, the following algorithms are not certified
and thus should not be used: `sha3-224`, `sha3-256`, `sha3-384`, and
`sha3-512`.
2020-05-01 18:46:04 +00:00
~> ** Warning:** `sha1` should be considered a compromised algorithm and used
2020-05-21 17:18:17 +00:00
only for legacy applications. Signing using SHA-1 can be blocked by operators by
2020-05-01 18:46:04 +00:00
assigning the following policy corresponding to a named key:
2020-08-17 17:30:06 +00:00
```hcl
path "/transit/sign/:name/sha1" {
capabilities = ["deny"]
2020-05-21 17:18:17 +00:00
}
2020-05-01 18:46:04 +00:00
```
2020-05-21 17:18:17 +00:00
2022-10-27 12:26:20 +00:00
~> **Note**: using `hash_algorithm=none` requires setting `prehashed=true`
and `signature_algorithm=pkcs1v15`. This generates a `PKCSv1_5_NoOID`
signature rather than the `PKCSv1_5_DERnull` signature type usually
created. See [RFC 3447 Section 9.2](https://www.rfc-editor.org/rfc/rfc3447#section-9.2).
2019-11-11 18:01:31 +00:00
- `input` `(string: "")` – Specifies the **base64 encoded** input data. One of
2019-03-04 20:26:20 +00:00
`input` or `batch_input` must be supplied.
- `batch_input` `(array<object>: nil)` – Specifies a list of items for processing.
2019-11-11 18:01:31 +00:00
When this parameter is set, any supplied 'input' or 'context' parameters will be
2020-01-18 00:18:09 +00:00
ignored. Responses are returned in the 'batch_results' array component of the
2019-11-11 18:01:31 +00:00
'data' element of the response. If the input data value of an item is invalid, the
corresponding item in the 'batch_results' will have the key 'error' with a value
2019-03-04 20:26:20 +00:00
describing the error. The format for batch_input is:
2020-01-18 00:18:09 +00:00
```json
{
"batch_input": [
{
"input": "adba32==",
"context": "abcd"
},
{
"input": "aGVsbG8gd29ybGQuCg==",
"context": "efgh"
}
]
}
```
2017-03-09 02:47:35 +00:00
2017-11-09 21:17:54 +00:00
- `context` `(string: "")` - Base64 encoded context for key derivation.
2020-01-18 00:18:09 +00:00
Required if key derivation is enabled; currently only available with ed25519
keys.
2017-11-09 21:17:54 +00:00
2018-05-21 13:08:22 +00:00
- `prehashed` `(bool: false)` - Set to `true` when the input is already hashed.
2020-02-15 22:40:50 +00:00
If the key type is `rsa-2048`, `rsa-3072` or `rsa-4096`, then the algorithm used to hash
2020-01-18 00:18:09 +00:00
the input should be indicated by the `hash_algorithm` parameter. Just as the
2018-05-21 13:08:22 +00:00
value to sign should be the base64-encoded representation of the exact binary
data you want signed, when set, `input` is expected to be base64-encoded
binary hashed data, not hex-formatted. (As an example, on the command line,
2020-01-18 00:18:09 +00:00
you could generate a suitable input via `openssl dgst -sha256 -binary | base64`.)
2018-03-15 16:17:02 +00:00
- `signature_algorithm` `(string: "pss")` – When using a RSA key, specifies the RSA
signature algorithm to use for signing. Supported signature types are:
2020-01-18 00:18:09 +00:00
- `pss`
- `pkcs1v15`
2017-11-09 21:17:54 +00:00
2019-01-23 17:31:34 +00:00
- `marshaling_algorithm` `(string: "asn1")` – Specifies the way in which the signature should be marshaled. This currently only applies to ECDSA keys. Supported types are:
2020-01-18 00:18:09 +00:00
- `asn1`: The default, used by OpenSSL and X.509
- `jws`: The version used by JWS (and thus for JWTs). Selecting this will
also change the output encoding to URL-safe Base64 encoding instead of
standard Base64-encoding.
2017-11-09 21:17:54 +00:00
2022-08-31 16:27:03 +00:00
- `salt_length` `(string: "auto")` – The salt length used to sign. This currently only applies to the RSA PSS signature scheme. Options are:
- `auto`: The default used by Golang (causing the salt to be as large as possible when signing)
- `hash`: Causes the salt length to equal the length of the hash used in the signature
- An integer between the minimum and the maximum permissible salt lengths for the given RSA key size.
2017-03-09 02:47:35 +00:00
### Sample Request
2020-05-21 17:18:17 +00:00
```shell-session
2017-03-09 02:47:35 +00:00
$ curl \
--header "X-Vault-Token: ..." \
--request POST \
--data @payload.json \
2018-03-23 15:41:51 +00:00
http://127.0.0.1:8200/v1/transit/sign/my-key/sha2-512
2017-03-09 02:47:35 +00:00
```
2019-03-04 20:26:20 +00:00
### Sample Payload
```json
{
"input": "adba32=="
}
```
2017-03-09 02:47:35 +00:00
### Sample Response
```json
{
"data": {
"signature": "vault:v1:MEUCIQCyb869d7KWuA0hBM9b5NJrmWzMW3/pT+0XYCM9VmGR+QIgWWF6ufi4OS2xo1eS2V5IeJQfsi59qeMWtgX0LipxEHI="
}
}
```
2019-03-04 20:26:20 +00:00
### Sample Payload with batch_input
2020-01-18 00:18:09 +00:00
Given an ed25519 key with derived keys set, the context parameter is expected for each batch_input item, and
the response will include the derived public key for each item.
2019-03-04 20:26:20 +00:00
```
{
"batch_input": [
{
"input": "adba32==",
"context": "efgh"
},
{
"input": "adba32==",
"context": "abcd"
},
{}
]
}
```
### Sample Response for batch_input
2020-01-18 00:18:09 +00:00
2019-03-04 20:26:20 +00:00
```
{
"data": {
"batch_results": [
{
"signature": "vault:v1:+R3cxAy6j4KriYzAyExU6p1glnyT/eLDSaUZO7gr8a8kgi/zSynNbOBSDJcGaAfLD1OF2hGupYBYTjmZMNoVAA==",
"publickey": "2fQIaaem7+EhSGs3jUebAS/8qP2+sUrmxOmgqZIZc0c="
},
{
"signature": "vault:v1:3hBwA88lnuAVJqb5rCCEstzKYaBTeSdejk356BTCE/nKwySOhzQH3mWCvJZwbRptNGa7ia5ykosYYdJz+aIKDA==",
"publickey": "goDXuePo7L9z6HOw+a54O4HeV189BLECK9nAUudwp4Y="
},
{
"error": "missing input"
}
]
},
}
```
2017-06-07 17:00:14 +00:00
## Verify Signed Data
2017-03-09 02:47:35 +00:00
This endpoint returns whether the provided signature is valid for the given
data.
2020-01-18 00:18:09 +00:00
| Method | Path |
| :----- | :---------------------------------------- |
| `POST` | `/transit/verify/:name(/:hash_algorithm)` |
2017-03-09 02:47:35 +00:00
### Parameters
2017-06-07 17:00:14 +00:00
- `name` `(string: <required>)` – Specifies the name of the encryption key that
was used to generate the signature or HMAC.
2017-03-09 02:47:35 +00:00
2018-03-15 16:17:02 +00:00
- `hash_algorithm` `(string: "sha2-256")` – Specifies the hash algorithm to use. This
2017-03-09 02:47:35 +00:00
can also be specified as part of the URL. Currently-supported algorithms are:
2020-01-18 00:18:09 +00:00
- `sha1`
- `sha2-224`
- `sha2-256`
- `sha2-384`
- `sha2-512`
2021-12-08 18:29:33 +00:00
- `sha3-224`
- `sha3-256`
- `sha3-384`
- `sha3-512`
2022-10-27 12:26:20 +00:00
- `none`
2017-03-09 02:47:35 +00:00
2022-05-17 20:28:20 +00:00
~> **Note**: In FIPS 140-2 mode, the following algorithms are not certified
and thus should not be used: `sha3-224`, `sha3-256`, `sha3-384`, and
`sha3-512`.
2020-05-01 18:46:04 +00:00
~> ** Warning:** `sha1` should be considered a compromised algorithm. Signatures
2020-05-21 17:18:17 +00:00
verified using the algorithm could be forgeries. Verification using SHA-1 can
be blocked by operators by assigning the following policy corresponding to a
2020-05-01 18:46:04 +00:00
named key:
2020-08-17 17:30:06 +00:00
```hcl
path "/transit/verify/:name/sha1" {
capabilities = ["deny"]
2020-05-21 17:18:17 +00:00
}
2020-05-01 18:46:04 +00:00
```
2022-10-27 12:26:20 +00:00
~> **Note**: using `hash_algorithm=none` requires setting `prehashed=true`
and `signature_algorithm=pkcs1v15`. This verifies a `PKCSv1_5_NoOID`
signature rather than the `PKCSv1_5_DERnull` signature type usually
verified. See [RFC 3447 Section 9.2](https://www.rfc-editor.org/rfc/rfc3447#section-9.2).
2019-11-11 18:01:31 +00:00
- `input` `(string: "")` – Specifies the **base64 encoded** input data. One of
2019-03-04 22:49:29 +00:00
`input` or `batch_input` must be supplied.
2019-11-11 18:01:31 +00:00
2017-03-09 02:47:35 +00:00
- `signature` `(string: "")` – Specifies the signature output from the
`/transit/sign` function. Either this must be supplied or `hmac` must be
supplied.
- `hmac` `(string: "")` – Specifies the signature output from the
`/transit/hmac` function. Either this must be supplied or `signature` must be
supplied.
2019-03-04 20:26:20 +00:00
- `batch_input` `(array<object>: nil)` – Specifies a list of items for processing.
2019-11-11 18:01:31 +00:00
When this parameter is set, any supplied 'input', 'hmac' or 'signature' parameters
2020-01-18 00:18:09 +00:00
will be ignored. 'batch_input' items should contain an 'input' parameter and
2019-03-04 20:26:20 +00:00
either an 'hmac' or 'signature' parameter. All items in the batch must consistently
2020-01-18 00:18:09 +00:00
supply either 'hmac' or 'signature' parameters. It is an error for some items to
2019-11-11 18:01:31 +00:00
supply 'hmac' while others supply 'signature'. Responses are returned in the
'batch_results' array component of the 'data' element of the response. If the
input data value of an item is invalid, the corresponding item in the 'batch_results'
2019-03-04 20:26:20 +00:00
will have the key 'error' with a value describing the error. The format for batch_input is:
2020-01-18 00:18:09 +00:00
```json
{
"batch_input": [
{
"input": "adba32==",
"hmac": "vault:v1:1jFhRYWHiddSKgEFyVRpX8ieX7UU+748NBwHKecXE3hnGBoAxrfgoD5U0yAvji7b5X6V1fP"
},
{
"input": "aGVsbG8gd29ybGQuCg==",
"hmac": "vault:v1:/wsSP6iQ9ECO9RRkefKLXey9sDntzSjoiW0vBrWfUsYB0ISroyC6plUt/jN7gcOv9O+Ecow"
}
]
}
```
2019-03-04 20:26:20 +00:00
2017-12-04 15:34:05 +00:00
- `context` `(string: "")` - Base64 encoded context for key derivation.
2020-01-18 00:18:09 +00:00
Required if key derivation is enabled; currently only available with ed25519
keys.
2017-11-09 21:17:54 +00:00
2017-12-04 15:34:05 +00:00
- `prehashed` `(bool: false)` - Set to `true` when the input is already
2020-02-15 22:40:50 +00:00
hashed. If the key type is `rsa-2048`, `rsa-3072` or `rsa-4096`, then the algorithm used
2020-01-18 00:18:09 +00:00
to hash the input should be indicated by the `hash_algorithm` parameter.
2018-03-15 16:17:02 +00:00
- `signature_algorithm` `(string: "pss")` – When using a RSA key, specifies the RSA
signature algorithm to use for signature verification. Supported signature types
are:
2020-01-18 00:18:09 +00:00
- `pss`
- `pkcs1v15`
2017-11-09 21:17:54 +00:00
2019-01-23 17:31:34 +00:00
- `marshaling_algorithm` `(string: "asn1")` – Specifies the way in which the signature was originally marshaled. This currently only applies to ECDSA keys. Supported types are:
2020-01-18 00:18:09 +00:00
- `asn1`: The default, used by OpenSSL and X.509
- `jws`: The version used by JWS (and thus for JWTs). Selecting this will
also expect the input encoding to URL-safe Base64 encoding instead of
standard Base64-encoding.
2019-01-23 17:31:34 +00:00
2022-08-31 16:27:03 +00:00
- `salt_length` `(string: "auto")` – The salt length used to sign. This currently only applies to the RSA PSS signature scheme. Options are:
- `auto`: The default used by Golang (causing the salt to be as large as possible when signing)
- `hash`: Causes the salt length to equal the length of the hash used in the signature
- An integer between the minimum and the maximum permissible salt lengths for the given RSA key size.
2017-03-09 02:47:35 +00:00
### Sample Request
2020-05-21 17:18:17 +00:00
```shell-session
2017-03-09 02:47:35 +00:00
$ curl \
--header "X-Vault-Token: ..." \
--request POST \
--data @payload.json \
2018-03-23 15:41:51 +00:00
http://127.0.0.1:8200/v1/transit/verify/my-key/sha2-512
2017-03-09 02:47:35 +00:00
```
2019-03-04 20:26:20 +00:00
### Sample Payload
```json
{
"input": "abcd13==",
"signature": "vault:v1:MEUCIQCyb869d7KWuA..."
}
```
2017-03-09 02:47:35 +00:00
### Sample Response
```json
{
"data": {
"valid": true
}
}
```
2017-12-14 17:51:50 +00:00
2019-03-04 20:26:20 +00:00
### Sample Payload with batch_input
```
{
"batch_input": [
{
"input": "adba32==",
"context": "abcd",
"signature": "vault:v1:3hBwA88lnuAVJqb5rCCEstzKYaBTeSdejk356BTCE/nKwySOhzQH3mWCvJZwbRptNGa7ia5ykosYYdJz+aIKDA=="
},
{
"input": "adba32==",
"context": "efgh",
"signature": "vault:v1:3hBwA88lnuAVJqb5rCCEstzKYaBTeSdejk356BTCE/nKwySOhzQH3mWCvJZwbRptNGa7ia5ykosYYdJz+aIKDA=="
},
{
"input": "",
"context": "abcd",
"signature": "vault:v1:C/pxm5V1RI6kqudLdbLdj5Bpm2P38FKgvxoV69oNXphvJukRcQIqjZO793jCa2JPYPG21Y7vquDWy/Ff4Ma4AQ=="
}
]
}
```
### Sample Response for batch_input
2020-01-18 00:18:09 +00:00
2019-03-04 20:26:20 +00:00
```
{
"data": {
"batch_results": [
{
"valid": true
},
{
"valid": false
},
{
"valid": true
}
]
},
}
```
2017-12-14 17:51:50 +00:00
## Backup Key
This endpoint returns a plaintext backup of a named key. The backup contains all
the configuration data and keys of all the versions along with the HMAC key.
The response from this endpoint can be used with the `/restore` endpoint to
restore the key.
2020-01-18 00:18:09 +00:00
| Method | Path |
| :----- | :---------------------- |
| `GET` | `/transit/backup/:name` |
2017-12-14 17:51:50 +00:00
### Parameters
2020-01-18 00:18:09 +00:00
- `name` `(string: <required>)` - Name of the key.
2017-12-14 17:51:50 +00:00
### Sample Request
2020-05-21 17:18:17 +00:00
```shell-session
2017-12-14 17:51:50 +00:00
$ curl \
--header "X-Vault-Token: ..." \
2018-03-23 15:41:51 +00:00
http://127.0.0.1:8200/v1/transit/backup/aes
2017-12-14 17:51:50 +00:00
```
### Sample Response
```json
{
"data": {
"backup": "eyJwb2xpY3kiOnsibmFtZSI6ImFlcyIsImtleXMiOnsiMSI6eyJrZXkiOiJXK3k4Z0dOMHdiTDJLOU95NXFPN1laMGtjdzMvR0ZiNWM4STBzdlNMMnFNPSIsImhtYWNfa2V5IjoiUDBTcjh1YTJaZERNUTdPd2h4RGp1Z0U5d0JSR3Q2QXl6K0t4TzN5Z2M5ST0iLCJ0aW1lIjoiMjAxNy0xMi0wOFQxMTo1MDowOC42MTM4MzctMDU6MDAiLCJlY194IjpudWxsLCJlY195IjpudWxsLCJlY19kIjpudWxsLCJyc2Ffa2V5IjpudWxsLCJwdWJsaWNfa2V5IjoiIiwiY3JlYXRpb25fdGltZSI6MTUxMjc1MTgwOH19LCJkZXJpdmVkIjpmYWxzZSwia2RmIjowLCJjb252ZXJnZW50X2VuY3J5cHRpb24iOmZhbHNlLCJleHBvcnRhYmxlIjpmYWxzZSwibWluX2RlY3J5cHRpb25fdmVyc2lvbiI6MSwibWluX2VuY3J5cHRpb25fdmVyc2lvbiI6MCwibGF0ZXN0X3ZlcnNpb24iOjEsImFyY2hpdmVfdmVyc2lvbiI6MSwiZGVsZXRpb25fYWxsb3dlZCI6ZmFsc2UsImNvbnZlcmdlbnRfdmVyc2lvbiI6MCwidHlwZSI6MCwiYmFja3VwX2luZm8iOnsidGltZSI6IjIwMTctMTItMDhUMTE6NTA6MjkuMjI4MTU3LTA1OjAwIiwidmVyc2lvbiI6MX0sInJlc3RvcmVfaW5mbyI6bnVsbH0sImFyY2hpdmVkX2tleXMiOnsia2V5cyI6W3sia2V5IjpudWxsLCJobWFjX2tleSI6bnVsbCwidGltZSI6IjAwMDEtMDEtMDFUMDA6MDA6MDBaIiwiZWNfeCI6bnVsbCwiZWNfeSI6bnVsbCwiZWNfZCI6bnVsbCwicnNhX2tleSI6bnVsbCwicHVibGljX2tleSI6IiIsImNyZWF0aW9uX3RpbWUiOjB9LHsia2V5IjoiVyt5OGdHTjB3YkwySzlPeTVxTzdZWjBrY3czL0dGYjVjOEkwc3ZTTDJxTT0iLCJobWFjX2tleSI6IlAwU3I4dWEyWmRETVE3T3doeERqdWdFOXdCUkd0NkF5eitLeE8zeWdjOUk9IiwidGltZSI6IjIwMTctMTItMDhUMTE6NTA6MDguNjEzODM3LTA1OjAwIiwiZWNfeCI6bnVsbCwiZWNfeSI6bnVsbCwiZWNfZCI6bnVsbCwicnNhX2tleSI6bnVsbCwicHVibGljX2tleSI6IiIsImNyZWF0aW9uX3RpbWUiOjE1MTI3NTE4MDh9XX19Cg=="
}
}
```
## Restore Key
This endpoint restores the backup as a named key. This will restore the key
configurations and all the versions of the named key along with HMAC keys. The
input to this endpoint should be the output of `/backup` endpoint.
2020-01-18 00:18:09 +00:00
~> For safety, by default the backend will refuse to restore to an existing
key. If you want to reuse a key name, it is recommended you delete the key
before restoring. It is a good idea to attempt restoring to a different key
name first to verify that the operation successfully completes.
2018-09-04 16:15:05 +00:00
2020-01-18 00:18:09 +00:00
| Method | Path |
| :----- | :------------------------- |
| `POST` | `/transit/restore(/:name)` |
2017-12-14 17:51:50 +00:00
### Parameters
2020-01-18 00:18:09 +00:00
- `backup` `(string: <required>)` - Backed up key data to be restored. This
should be the output from the `/backup` endpoint.
2017-12-14 17:51:50 +00:00
2020-01-18 00:18:09 +00:00
- `name` `(string: <optional>)` - If set, this will be the name of the
restored key.
2017-12-14 17:51:50 +00:00
2020-01-18 00:18:09 +00:00
- `force` `(bool: false)` - If set, force the restore to proceed even if a key
by this name already exists.
2018-09-25 20:20:59 +00:00
2017-12-14 17:51:50 +00:00
### Sample Payload
```json
"backup": "eyJwb2xpY3kiOnsibmFtZSI6ImFlcyIsImtleXMiOnsiMSI6eyJrZXkiOiJXK3k4Z0dOMHdiTDJLOU95NXFPN1laMGtjdzMvR0ZiNWM4STBzdlNMMnFNPSIsImhtYWNfa2V5IjoiUDBTcjh1YTJaZERNUTdPd2h4RGp1Z0U5d0JSR3Q2QXl6K0t4TzN5Z2M5ST0iLCJ0aW1lIjoiMjAxNy0xMi0wOFQxMTo1MDowOC42MTM4MzctMDU6MDAiLCJlY194IjpudWxsLCJlY195IjpudWxsLCJlY19kIjpudWxsLCJyc2Ffa2V5IjpudWxsLCJwdWJsaWNfa2V5IjoiIiwiY3JlYXRpb25fdGltZSI6MTUxMjc1MTgwOH19LCJkZXJpdmVkIjpmYWxzZSwia2RmIjowLCJjb252ZXJnZW50X2VuY3J5cHRpb24iOmZhbHNlLCJleHBvcnRhYmxlIjpmYWxzZSwibWluX2RlY3J5cHRpb25fdmVyc2lvbiI6MSwibWluX2VuY3J5cHRpb25fdmVyc2lvbiI6MCwibGF0ZXN0X3ZlcnNpb24iOjEsImFyY2hpdmVfdmVyc2lvbiI6MSwiZGVsZXRpb25fYWxsb3dlZCI6ZmFsc2UsImNvbnZlcmdlbnRfdmVyc2lvbiI6MCwidHlwZSI6MCwiYmFja3VwX2luZm8iOnsidGltZSI6IjIwMTctMTItMDhUMTE6NTA6MjkuMjI4MTU3LTA1OjAwIiwidmVyc2lvbiI6MX0sInJlc3RvcmVfaW5mbyI6bnVsbH0sImFyY2hpdmVkX2tleXMiOnsia2V5cyI6W3sia2V5IjpudWxsLCJobWFjX2tleSI6bnVsbCwidGltZSI6IjAwMDEtMDEtMDFUMDA6MDA6MDBaIiwiZWNfeCI6bnVsbCwiZWNfeSI6bnVsbCwiZWNfZCI6bnVsbCwicnNhX2tleSI6bnVsbCwicHVibGljX2tleSI6IiIsImNyZWF0aW9uX3RpbWUiOjB9LHsia2V5IjoiVyt5OGdHTjB3YkwySzlPeTVxTzdZWjBrY3czL0dGYjVjOEkwc3ZTTDJxTT0iLCJobWFjX2tleSI6IlAwU3I4dWEyWmRETVE3T3doeERqdWdFOXdCUkd0NkF5eitLeE8zeWdjOUk9IiwidGltZSI6IjIwMTctMTItMDhUMTE6NTA6MDguNjEzODM3LTA1OjAwIiwiZWNfeCI6bnVsbCwiZWNfeSI6bnVsbCwiZWNfZCI6bnVsbCwicnNhX2tleSI6bnVsbCwicHVibGljX2tleSI6IiIsImNyZWF0aW9uX3RpbWUiOjE1MTI3NTE4MDh9XX19Cg=="
```
### Sample Request
2020-05-21 17:18:17 +00:00
```shell-session
2017-12-14 17:51:50 +00:00
$ curl \
--header "X-Vault-Token: ..." \
--request POST \
--data @payload.json \
2018-03-23 15:41:51 +00:00
http://127.0.0.1:8200/v1/transit/restore
2017-12-14 17:51:50 +00:00
```
2018-10-17 16:05:05 +00:00
## Trim Key
This endpoint trims older key versions setting a minimum version for the
keyring. Once trimmed, previous versions of the key cannot be recovered.
2020-01-18 00:18:09 +00:00
| Method | Path |
| :----- | :------------------------- |
| `POST` | `/transit/keys/:name/trim` |
2018-10-17 16:05:05 +00:00
### Parameters
2019-09-18 13:29:58 +00:00
- `min_available_version` `(int: <required>)` - The minimum available version
for the key ring. All versions before this version will be permanently
deleted. This value can at most be equal to the lesser of
`min_decryption_version` and `min_encryption_version`. This is not allowed to
be set when either `min_encryption_version` or `min_decryption_version` is set
to zero.
2018-10-17 16:05:05 +00:00
### Sample Payload
```json
{
2020-04-17 18:20:17 +00:00
"min_available_version": 2
2018-10-17 16:05:05 +00:00
}
```
### Sample Request
2020-05-21 17:18:17 +00:00
```shell-session
2018-10-17 16:05:05 +00:00
$ curl \
--header "X-Vault-Token: ..." \
--request POST \
--data @payload.json \
http://127.0.0.1:8200/v1/transit/keys/my-key/trim
```
2019-06-04 22:40:56 +00:00
## Configure Cache
This endpoint is used to configure the transit engine's cache. Note that configuration
changes will not be applied until the transit plugin is reloaded which can be achieved
2020-01-18 00:18:09 +00:00
using the [`/sys/plugins/reload/backend`][sys-plugin-reload-backend] endpoint.
2019-06-04 22:40:56 +00:00
2020-01-18 00:18:09 +00:00
| Method | Path |
| :----- | :---------------------- |
| `POST` | `/transit/cache-config` |
2019-06-04 22:40:56 +00:00
### Parameters
- `size` `(int: 0)` - Specifies the size in terms of number of entries. A size of
`0` means unlimited. A _Least Recently Used_ (LRU) caching strategy is used for a
2021-09-13 21:44:56 +00:00
non-zero cache size. Must be 0 (default) or a value greater or equal to 10 (minimum cache size).
2019-06-04 22:40:56 +00:00
### Sample Payload
```json
{
"size": 456
}
```
### Sample Request
2020-05-21 17:18:17 +00:00
```shell-session
2019-06-04 22:40:56 +00:00
$ curl \
--header "X-Vault-Token: ..."
--request POST \
--data @payload.json \
http://127.0.0.1:8200/v1/transit/cache-config
```
## Read Transit Cache Configuration
This endpoint retrieves configurations for the transit engine's cache.
2020-01-18 00:18:09 +00:00
| Method | Path |
| :----- | :---------------------- |
| `GET` | `/transit/cache-config` |
2019-06-04 22:40:56 +00:00
### Sample Request
2020-05-21 17:18:17 +00:00
```shell-session
2019-06-04 22:40:56 +00:00
$ curl \
--header "X-Vault-Token: ..."
--request GET \
http://127.0.0.1:8200/v1/transit/cache-config
```
### Sample Response
```json
"data": {
"size": 0
},
```
2022-09-22 15:11:04 +00:00
[sys-plugin-reload-backend]: /api-docs/system/plugins-reload-backend#reload-plugins