# /sys/tools The `/sys/tools` endpoints are a general set of tools. ### Generate random bytes This endpoint returns high-quality random bytes of the specified length. | Method | Path | | ------ | -------------------------------------- | | `POST` | `/sys/tools/random(/:source)(/:bytes)` | #### Parameters * `bytes` `(int: 32)` – Specifies the number of bytes to return. This value can be specified either in the request body, or as a part of the URL. * `format` `(string: "base64")` – Specifies the output encoding. Valid options are `hex` or `base64`. * `source` `(string: "platform")` - Specifies the source of the requested bytes. `platform`, the default, sources bytes from the platform's entropy source. `seal` sources from entropy augmentation (enterprise only). `all` mixes bytes from all available sources. #### Sample payload ```json { "format": "hex" } ``` #### Sample request ```shell-session $ curl \ --header "X-Vault-Token: ..." \ --request POST \ --data @payload.json \ http://127.0.0.1:8200/v1/sys/tools/random/164 ``` #### Sample response ```json { "data": { "random_bytes": "dGhlIHF1aWNrIGJyb3duIGZveAo=" } } ``` ### Hash data This endpoint returns the cryptographic hash of given data using the specified algorithm. | Method | Path | | ------ | ------------------------------ | | `POST` | `/sys/tools/hash(/:algorithm)` | #### Parameters * `algorithm` `(string: "sha2-256")` – Specifies the hash algorithm to use. This can also be specified as part of the URL. Currently-supported algorithms are: * `sha2-224` * `sha2-256` * `sha2-384` * `sha2-512` * `sha3-224` * `sha3-256` * `sha3-384` * `sha3-512` \~> **Note**: In FIPS 140-2 mode, the following algorithms are not certified and thus should not be used: `sha3-224`, `sha3-256`, `sha3-384`, and `sha3-512`. * `input` `(string: )` – Specifies the **base64 encoded** input data. * `format` `(string: "hex")` – Specifies the output encoding. This can be either `hex` or `base64`. #### Sample payload ```json { "input": "adba32==" } ``` #### Sample request ```shell-session $ curl \ --header "X-Vault-Token: ..." \ --request POST \ --data @payload.json \ http://127.0.0.1:8200/v1/sys/tools/hash/sha2-512 ``` #### Sample response ```json { "data": { "sum": "dGhlIHF1aWNrIGJyb3duIGZveAo=" } } ```