tink icon indicating copy to clipboard operation
tink copied to clipboard
verified publisher icon tink-crypto

tinkey: support generation multiple keys in the keySet with one command.

Open xmlking opened this issue 4 years ago • 0 comments

today we have to run tinkey CLI multiple times to generate multi-key keySet file. e.g.:

tinkey create-keyset --key-template AES128_GCM  --out-format json --out aead_keyset.json
tinkey add-key  --in aead_keyset.json --in-format json --out aead_keyset2.json --out-format json  --key-template AES128_GCM
tinkey add-key  --in aead_keyset2.json --in-format json --out aead_keyset3.json --out-format json  --key-template AES128_GCM

it would be nice to support option to specify number of keys when generation same key types ( --key-template) in a single keyset file.

Use case: we have streaming app that encrypt each incoming record with one of the enabled key picked randomly from the keyset, and include KeyId along with encrypted message. on decryption side, it use same KeyId to decrypt.

xmlking avatar Dec 28 '21 16:12 xmlking