Vault | Java SDK | Keys Endpoints
Keys Endpoints
Symmetric generate
symmetricGenerate(SymmetricGenerateRequest request)Generate a symmetric key.
SymmetricGenerateRequest generateRequest = new SymmetricGenerateRequest.SymmetricGenerateRequestBuilder(
SymmetricAlgorithm.AES128_CFB,
KeyPurpose.ENCRYPTION,
"keyname"
).build();
SymmetricGenerateResponse generateResp = client.symmetricGenerate(generateRequest);Asymmetric generate
asymmetricGenerate(AsymmetricGenerateRequest request)Generate an asymmetric key.
AsymmetricGenerateRequest generateRequest = new AsymmetricGenerateRequest.AsymmetricGenerateRequestBuilder(
AsymmetricAlgorithm.ED25519,
KeyPurpose.SIGNING,
"keyname"
).build();
AsymmetricGenerateResponse generateResp = client.asymmetricGenerate(generateRequest);Asymmetric store
asymmetricStore(AsymmetricStoreRequest request)Import an asymmetric key.
AsymmetricStoreRequest storeRequest = new AsymmetricStoreRequest.AsymmetricStoreRequestBuilder(
"encodedprivatekey",
"encodedpublickey",
AsymmetricAlgorithm.ED25519,
KeyPurpose.SIGNING,
"keyname"
).build();
AsymmetricStoreResponse storeResp = client.asymmetricStore(storeRequest);Symmetric store
symmetricStore(SymmetricStoreRequest request)Import a symmetric key.
SymmetricStoreRequest storeRequest = new SymmetricStoreRequest.SymmetricStoreRequestBuilder(
"encodedkey"
SymmetricAlgorithm.AES,
KeyPurpose.ENCRYPTION,
"keyname"
).build();
SymmetricStoreResponse storeResp = client.symmetricStore(storeRequest);Key rotate
keyRotate(KeyRotateRequest request)Manually rotate a symmetric or asymmetric key.
KeyRotateResponse rotateResponse = client.keyRotate(
new KeyRotateRequest.KeyRotateRequestBuilder("keyid", ItemVersionState.SUSPENDED).build()
);Encrypt
encrypt(EncryptRequest request)Encrypt a message using a key.
EncryptResponse encryptResponse = client.encrypt(
new EncryptRequest.EncryptRequestBuilder("keyid", "base64message").setVersion(2).build()
);Decrypt
decrypt(DecryptRequest request)Decrypt a message using a key.
DecryptResponse decryptResponse = client.decrypt(
new DecryptRequest.DecryptRequestBuilder("keyid", "validciphertext")
.setVersion(2)
.build()
);Sign
sign(String id, String message)Sign a message using a key.
SignResponse signResponse = client.sign("keyid", "base64data2sign");Sign
sign(String id, String message, int version)sign a message
SignResponse signResponse = client.sign("keyid", "base64data2sign", 2);Verify
verify(String id, String message, String signature)Verify a signature using a key.
VerifyResponse verifyResponse = client.verify("keyid", "data2verify", "signature");Verify
verify(String id, String message, String signature, Integer version)Verify a signature using a key.
VerifyResponse verifyResponse = client.verify("keyid", "data2verify", "signature", 1);Encrypt structured
encryptStructured(EncryptStructuredRequest request)Encrypt parts of a JSON object.
var request = new EncryptStructuredRequest.Builder<SomeModel>(
key,
data,
"$.field1[2:4]"
).build();
var encrypted = client.encryptStructured(request);Decrypt structured
decryptStructured(EncryptStructuredRequest request)Decrypt parts of a JSON object.
var request = new EncryptStructuredRequest.Builder<SomeModel>(
key,
data,
"$.field1[2:4]"
).build();
var encrypted = client.decryptStructured(request);