Getting the Public RSA Wrapping Key
Learn how to get a public RSA wrapping key.
- On the Master Encryption Keys list page, find the key that you want to work with. If you need help finding the list page, see Listing Keys.
- Select Create Key under Master Encryption Keys.
- Enable Import external key to see the wrapping key information.
- Select the PUBLIC KEY----- copy icon (two overlapping squares) to view and copy the public RSA wrapping key.
- Save the copied wrapping key, and then continue Applying RSA-OAEP to Wrap the Key Material for a Symmetric Key.
Use the oci kms management wrapping-key get command to get details about the public RSA wrapping key associated with the vault in the endpoint.:
oci kms management wrapping-key get --endpoint <kmsmanagement_control_plane_URL> [OPTIONS]After you get the public wrapping key, wrap the AES key material by applying RSA-OAEP.
For a complete list of parameters and values for CLI commands, see the CLI Command Reference.
Use the GetWrappingKey API with the Management Endpoint to get the public RSA wrapping key.
Note
The Management Endpoint is used for management operations including Create, Update, List, Get, and Delete. The Management Endpoint is also called the control plane URL or the KMSMANAGEMENT endpoint.
The Cryptographic Endpoint is used for cryptographic operations including Encrypt, Decrypt, Generate Data Encryption Key, Sign, and Verify. The Cryptographic Endpoint is also called the data plane URL or the KMSCRYPTO endpoint.
You can find the management and cryptographic endpoints in a vault's details metadata. See Getting a Vault's Details for instructions.
For regional endpoints for the Key Management, Secret Management, and Secret Retrieval APIs, see API Reference and Endpoints.
For information about using the API and signing requests, see REST API documentation and Security Credentials. For information about SDKs, see SDKs and the CLI.