/sys/tools
The /sys/tools endpoints are a general set of tools.
Generate random bytes
This endpoint returns high-quality random bytes of the specified length.
| Method | Path |
|---|---|
POST | /sys/tools/random(/:source)(/:bytes) |
Parameters
-
bytes(int: 32)– Specifies the number of bytes to return. This value can be specified either in the request body, or as a part of the URL. -
format(string: "base64")– Specifies the output encoding. Valid options arehexorbase64. -
source(string: "platform")- Specifies the source of the requested bytes.platform, the default, sources bytes from the platform's entropy source.allmixes bytes from all available sources.
Sample payload
{
"format": "hex"
}
Sample request
$ curl \
--header "X-Vault-Token: ..." \
--request POST \
--data @payload.json \
http://127.0.0.1:8200/v1/sys/tools/random/164
Sample response
{
"data": {
"random_bytes": "dGhlIHF1aWNrIGJyb3duIGZveAo="
}
}
Hash data
This endpoint returns the cryptographic hash of given data using the specified algorithm.
| Method | Path |
|---|---|
POST | /sys/tools/hash(/:algorithm) |
Parameters
-
algorithm(string: "sha2-256")– Specifies the hash algorithm to use. This can also be specified as part of the URL. Currently-supported algorithms are:sha2-224sha2-256sha2-384sha2-512sha3-224sha3-256sha3-384sha3-512
Note: In FIPS 140-2 mode, the following algorithms are not certified
and thus should not be used: sha3-224, sha3-256, sha3-384, and
sha3-512.
-
input(string: <required>)– Specifies the base64 encoded input data. -
format(string: "hex")– Specifies the output encoding. This can be eitherhexorbase64.
Sample payload
{
"input": "adba32=="
}
Sample request
$ curl \
--header "X-Vault-Token: ..." \
--request POST \
--data @payload.json \
http://127.0.0.1:8200/v1/sys/tools/hash/sha2-512
Sample response
{
"data": {
"sum": "dGhlIHF1aWNrIGJyb3duIGZveAo="
}
}