Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update transit docs to add aes128/p384/p521 information #7718

Merged
merged 1 commit into from
Oct 23, 2019
Merged

Update transit docs to add aes128/p384/p521 information #7718

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 5 additions & 1 deletion website/source/api/secret/transit/index.html.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -51,14 +51,18 @@ values set here cannot be changed after key creation.
- `type` `(string: "aes256-gcm96")` – Specifies the type of key to create. The
currently-supported types are:

- `aes256-gcm96` – AES-256 wrapped with GCM using a 96-bit nonce size AEAD
- `aes128-gcm96` – AES-128 wrapped with GCM using a 96-bit nonce size AEAD
(symmetric, supports derivation and convergent encryption)
- `aes256-gcm96` – AES-256 wrapped with GCM using a 96-bit nonce size AEAD
(symmetric, supports derivation and convergent encryption, default)
- `chacha20-poly1305` – ChaCha20-Poly1305 AEAD (symmetric, supports
derivation and convergent encryption)
- `ed25519` – ED25519 (asymmetric, supports derivation). When using
derivation, a sign operation with the same context will derive the same
key and signature; this is a signing analogue to `convergent_encryption`.
- `ecdsa-p256` – ECDSA using the P-256 elliptic curve (asymmetric)
- `ecdsa-p384` – ECDSA using the P-384 elliptic curve (asymmetric)
- `ecdsa-p521` – ECDSA using the P-521 elliptic curve (asymmetric)
- `rsa-2048` - RSA with bit size of 2048 (asymmetric)
- `rsa-4096` - RSA with bit size of 4096 (asymmetric)

Expand Down
10 changes: 8 additions & 2 deletions website/source/docs/secrets/transit/index.html.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -55,13 +55,19 @@ time.
As of now, the transit secrets engine supports the following key types (all key
types also generate separate HMAC keys):

* `aes256-gcm96`: AES-GCM with a 256-bit AES key and a 96-bit nonce; supports
* `aes128-gcm96`: AES-GCM with a 128-bit AES key and a 96-bit nonce; supports
encryption, decryption, key derivation, and convergent encryption
* `aes256-gcm96`: AES-GCM with a 256-bit AES key and a 96-bit nonce; supports
encryption, decryption, key derivation, and convergent encryption (default)
* `chacha20-poly1305`: ChaCha20-Poly1305 with a 256-bit key; supports
encryption, decryption, key derivation, and convergent encryption
* `ed25519`: Ed25519; supports signing, signature verification, and key
derivation
* `ecdsa-p256`: ECDSA using curve P256; supports signing and signature
* `ecdsa-p256`: ECDSA using curve P-256; supports signing and signature
verification
* `ecdsa-p384`: ECDSA using curve P-384; supports signing and signature
verification
* `ecdsa-p521`: ECDSA using curve P-521; supports signing and signature
verification
* `rsa-2048`: 2048-bit RSA key; supports encryption, decryption, signing, and
signature verification
Expand Down