Powered by Redocly

Crypto Misc

Invoke the bcrypt-pw operation

Encode password using bcrypt password-hashing function version 2y. Note that bcrypt truncates passwords longer than 72 characters.

SecurityaccessToken
Request
Request Body schema:
password
required
string
Responses
200

OK

400

Bad Request

401

Unauthorized

403

Forbidden

404

Not Found

503

Service Unavailable (strongbox sealed)

post/v1/state/strongbox/crypto-functions/bcrypt-pw
Request samples 
password: reallysecret
Response samples 
hash: $2y$05$yBvWLrn/ks2sg3x6X5rUeegEmbqswgA/wqLR1b0yrNXMv4o3f3Ah6

Invoke the bcrypt-verify operation

SecurityaccessToken
Request
Request Body schema:
password
required
string
hash
required
string
Responses
200

OK

400

Bad Request

401

Unauthorized

403

Forbidden

404

Not Found

503

Service Unavailable (strongbox sealed)

post/v1/state/strongbox/crypto-functions/bcrypt-verify
Request samples 
password: hej hop
hash: $2y$05$yBvWLrn/ks2sg3x6X5rUeegEmbqswgA/wqLR1b0yrNXMv4o3f3Ah6
Response samples 
valid: true

Invoke the hash-data operation

SecurityaccessToken
Request
Request Body schema:
text
required
string <plaintext>
algorithm
string <hmac-digest-type>
Default: "sha256"
  • sha1
  • sha224
  • sha256
  • sha384
  • sha512
  • sha3-224
  • sha3-256
  • sha3-384
  • sha3-512

Digest types, sha1 should be avoided.

format
string <hex-base-type>
Default: "base64"
  • hex: Encode binary data using hex decimal format, e.g., af:03:ff
  • base64: Encode binary using base64 encoding.
Responses
200

OK

400

Bad Request

401

Unauthorized

403

Forbidden

404

Not Found

503

Service Unavailable (strongbox sealed)

post/v1/state/strongbox/crypto-functions/hash-data
Request samples 
text: Zm9vIGJhcgo=
algorithm: sha256
format: base64
Response samples 
hash: 795b303f69d06b2b3edbded518af4e2f53ea09728ef1d12176839bd840ee2198695e1ccd9f27a2839ef11a774b795a0af944037efcf5b20b243d1f5e86148483

Invoke the random-bytes operation

SecurityaccessToken
Request
Request Body schema:
bytes
required
integer <uint32>
format
string <hex-base-type>
Default: "base64"
  • hex: Encode binary data using hex decimal format, e.g., af:03:ff
  • base64: Encode binary using base64 encoding.
Responses
200

OK

400

Bad Request

401

Unauthorized

403

Forbidden

404

Not Found

503

Service Unavailable (strongbox sealed)

post/v1/state/strongbox/crypto-functions/random-bytes
Request samples 
bytes: 32
format: base64
Response samples 
bytes: NA++lSxaE4zdQwQ1aMHIGQ76vcCvKuFp2n52h0PG7/0=

Invoke the random-uuids operation

Generate one or more random UUIDs in a chosen version and format.

  • v4: 122 random bits (RFC 4122). General-purpose random ID.
  • v7: millisecond timestamp + random bits. Lexicographically sortable and collision-resistant.

Format controls how the UUID is serialized (canonical hex, Base64, etc.).

SecurityaccessToken
Request
Request Body schema:
version
string <enumeration>
Default: "v4"
  • v4: UUIDv4 - 122 random bits as per RFC 4122.
  • v7: UUIDv7 - Unix time in milliseconds + random component. Monotonic at ms level.

Which UUID version to generate:

  • v4 - pure random (RFC 4122).
  • v7 - timestamp + randomness (draft), good for indexing/sorting.

If unsure, use v4. Use v7 if you want time-ordering in DBs.

count
integer <uint16>
Default: 1

Number of UUIDs to generate per call. Allowed range: 1..1000.

format
string <enumeration>
Default: "canonical"
  • canonical: Hex with hyphens, lowercase.
  • no-hyphen: 32 hex characters, no hyphens.
  • base64: Standard Base64 of the 16-byte UUID.
  • base64url: URL-safe Base64 (unpadded).
  • base32crockford: Base32 Crockford alphabet.
  • ulid: ULID, lowercase, no hyphens.
  • guid: Microsoft GUID format with {}.

Output serialization format:

  • canonical - hex with hyphens (8-4-4-4-12), lowercase.
  • no-hyphen - 32 hex characters, no hyphens.
  • base64 - 16 raw bytes encoded in standard Base64 (with = padding).
  • base64url - URL-safe Base64 (no + or /), without padding.
  • bytes - raw 16 bytes.

Note: if uuids is of type string in the output, these will be represented as standard Base64 (effectively same as base64). To return true binary values, model uuids as binary instead.

  • base32crockford - Base32 Crockford alphabet (ULID-friendly).
  • guid - Microsoft GUID style with curly braces, e.g. {xxxxxxxx-xxxx-...}.
uppercase
boolean
Default: false

Render hex digits in UPPERCASE where applicable.

Applies only to hex-based formats (canonical, no-hyphen, guid, urn). Ignored for Base64/Base32/bytes.

Responses
200

OK

400

Bad Request

401

Unauthorized

403

Forbidden

404

Not Found

503

Service Unavailable (strongbox sealed)

post/v1/state/strongbox/crypto-functions/random-uuids
Request samples 
version: v4
count: 1
format: canonical
uppercase: false
Response samples 
uuids:
  - c95ec1f5-8239-432c-8b40-73dc2400bf50
➔ Next to Entities