Hashicorp Vault create encryption key in transit from CLI code example

Example 1: Hashicorp Vault create encryption key in transit from CLI

#Encryption Key creation from CLI
vault write -f mytransit/keys/my-key

Example 2: encrypt and decrypt in hashicorp vault

#For encrypting the data in CLI
>>vault write <Transit Engine path>/encrypt/<Created encryption key name> plaintext=$(base64 <<< "My Name is Ankit Sambhare")
#for encryting the data in Powershell
>>vault write mytransit/encrypt/my-key plaintext=$([Convert]::ToBase64String([Text.Encoding]::Unicode.GetBytes("My Name is Ankit Sambhare")))

#Use below Website to check your encryption and decryption
https://www.base64decode.org/

#for Decrypting the ciphertext from CLI
>>vault write mytransit/decrypt/my-key ciphertext=vault:v1:Y0W/bCFfDPyl3b+Pqj+GD7+BRcbSYXZpNkAjEAYayhDBRfUDX+w6mfJKps2FLZmvJkoxUreQfmatUevthFNRdAs/lWEULpKmQRgCEr/g
Key          Value
---          -----
plaintext    TQB5ACAATgBhAG0AZQAgAGkAcwAgAEEAbgBrAGkAdAAgAFMAYQBtAGIAaABhAHIAZQA=

>>base64 --decode <<< "TQB5ACAATgBhAG0AZQAgAGkAcwAgAEEAbgBrAGkAdAAgAFMAYQBtAGIAaABhAHIAZQA=
"
#For decrypting the ciphertext from Powershell 1st command is same 
>>vault write mytransit/decrypt/my-key ciphertext=vault:v1:Y0W/bCFfDPyl3b+Pqj+GD7+BRcbSYXZpNkAjEAYayhDBRfUDX+w6mfJKps2FLZmvJkoxUreQfmatUevthFNRdAs/lWEULpKmQRgCEr/g | Out-File .\output

>>[System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String("$(Get-Content .\output | select -Skip 2 | Foreach {($_ -split '\s+',4)[1]})"))

Tags:

Misc Example