Hi there.
I’m new to Vault, have some question.
Q1) Why does Convergent Encryption is working without Nonce Parameter
(I omit Nonce
in my REST API Request.)?
Q2) Because my convergent key is Version3?
Q3) Is convergent key in Version 3 generate Nonce using context
or plaintext
?
Q4) So Can I omit the Nonce
parameter in Convergent Encryption?
Q5) Can I use this Context
Parameters like below?
- Context = SHA256($hiddenConstantValue)
Q6) vault read transit/keys/$endpoint
, convergent_encryption_version
return -1 in my request. Who know why?
Thanks in advance for the reply.
I think the docs answer most of your questions, have you read this?
&
1 Like
Thanks to your reply.
Yep, I read it, So enought to answer about Q1, 2 ,3, and 4.
I wish to know “Is it ok to do like Q5”.
Does context
need to variably value??
and
Anyone who know Q6? Could you please asnwer me?
That’s invalid syntax. I don’t think any Vault CLI takes a comma(,)
What are you trying to read?
I wish to know my Key’s Convergent Encryption Version.
vault read transit/keys/$endpoint
<< return the Key Information(Key Meta-Data)
and convergent_encryption_version
is in returned Message(Key Information).
In my case convergent_encryption_version
is “-1” not 1, 2 or 3.