/sys/tools

The /sys/tools endpoints are a general set of tools.

This endpoint returns high-quality random bytes of the specified length.

Method

Path

POST

/sys/tools/random(/:source)(/:bytes)

bytes (int: 32) – Specifies the number of bytes to return. This value can be specified either in the request body, or as a part of the URL.
format (string: "base64") – Specifies the output encoding. Valid options are hex or base64.
source (string: "platform") - Specifies the source of the requested bytes. platform, the default, sources bytes from the platform's entropy source. seal sources from entropy augmentation (enterprise only). all mixes bytes from all available sources.

{
  "format": "hex"
}

$ curl \
    --header "X-Vault-Token: ..." \
    --request POST \
    --data @payload.json \
    http://127.0.0.1:8200/v1/sys/tools/random/164

{
  "data": {
    "random_bytes": "dGhlIHF1aWNrIGJyb3duIGZveAo="
  }
}

This endpoint returns the cryptographic hash of given data using the specified algorithm.

Method

Path

POST

/sys/tools/hash(/:algorithm)

algorithm (string: "sha2-256") – Specifies the hash algorithm to use. This can also be specified as part of the URL. Currently-supported algorithms are:
- sha2-224
- sha2-256
- sha2-384
- sha2-512
- sha3-224
- sha3-256
- sha3-384
- sha3-512
~> Note: In FIPS 140-2 mode, the following algorithms are not certified and thus should not be used: sha3-224, sha3-256, sha3-384, and sha3-512.
input (string: <required>) – Specifies the base64 encoded input data.
format (string: "hex") – Specifies the output encoding. This can be either hex or base64.

{
  "input": "adba32=="
}

$ curl \
    --header "X-Vault-Token: ..." \
    --request POST \
    --data @payload.json \
    http://127.0.0.1:8200/v1/sys/tools/hash/sha2-512

{
  "data": {
    "sum": "dGhlIHF1aWNrIGJyb3duIGZveAo="
  }
}

Last updated 1 year ago