I’m new to Vault, have some question.
Q1) Why does Convergent Encryption is working without
Nonce Parameter(I omit
Nonce in my REST API Request.)?
Q2) Because my convergent key is Version3?
Q3) Is convergent key in Version 3 generate Nonce using
Q4) So Can I omit the
Nonce parameter in Convergent Encryption?
Q5) Can I use this
Context Parameters like below?
- Context = SHA256($hiddenConstantValue)
vault read transit/keys/$endpoint,
convergent_encryption_version return -1 in my request. Who know why?
Thanks in advance for the reply.
I think the docs answer most of your questions, have you read this?
Thanks to your reply.
Yep, I read it, So enought to answer about Q1, 2 ,3, and 4.
I wish to know “Is it ok to do like Q5”.
context need to variably value??
Anyone who know Q6? Could you please asnwer me?
That’s invalid syntax. I don’t think any Vault CLI takes a comma(,)
What are you trying to read?
I wish to know my Key’s Convergent Encryption Version.
vault read transit/keys/$endpoint << return the Key Information(Key Meta-Data)
convergent_encryption_version is in returned Message(Key Information).
In my case
convergent_encryption_version is “-1” not 1, 2 or 3.