Import a key

Learn how to import a key

Pangea Vault can be used to store user-created keys. After a key is stored in the Vault, its private key material will never be exposed by the Vault service.

Importing an asymmetric key pair

To import an asymmetric key pair, you must provide both the public and private key material. Once imported, the private key material will never be exposed by the Vault service.

The purposes and algorithms supported for asymmetric keys are:

signing algorithms:
- ED25519
- RSA-PKCS1V15-2048-SHA256
- ES256
- ES384
- ES512
- ED25519-DILITHIUM2-BETA
- ED448-DILITHIUM3-BETA
encryption algorithms:
- RSA-OAEP-2048-SHA256
jwt algorithms:
- ES256
- ES384
- ES512

POST/v1/key/store

curl -sSLX POST 'https://vault.'"$PANGEA_DOMAIN"'/v1/key/store' \
-H 'Authorization: Bearer '"$PANGEA_VAULT_TOKEN" \
-H 'Content-Type: application/json' \
-d '{"type":"asymmetric_key","purpose":"signing","public_key":"a_public_key","private_key":"a_private_key","algorithm":"ED25519"}'

Importing a symmetric key

To import a symmetric key, you must provide the key. This key will never be exposed to the user.

The purposes and algorithms supported for symmetric keys are:

encryption algorithms:
- AES-CFB-128
- AES-CFB-256
- AES-GCM-256
- AES-CBC-128
- AES-CBC-256
jwt algorithms:
- HS256
- HS384
- HS512

POST/v1/key/store

curl -sSLX POST 'https://vault.'"$PANGEA_DOMAIN"'/v1/key/store' \
-H 'Authorization: Bearer '"$PANGEA_VAULT_TOKEN" \
-H 'Content-Type: application/json' \
-d '{"type":"symmetric_key","purpose":"encryption","key":"aGV5","algorithm":"AES-CFB-128"}'

Was this article helpful?

Import a key

Learn how to import a key

Importing an asymmetric key pair​

Importing a symmetric key​

Importing an asymmetric key pair

Importing a symmetric key