5

I would appreciate clarification and advice on the following:

i am working on secure file transfer using SFTP protocol. We use PGP public/private key pair for file encryption and decryption . for a time being we keep our public/private key in local system. but as per requirement we want to keep these keys on Azure's keyVault . But i didn't found any document related to import my existing PGP public/private key in Azure's keyVault.

I am confused after reading MS Azure's documentation and related blog posts, where some sources claim Asymmetric key encryption is supported, but there is no official documentation on this.

geekHarry
  • 53
  • 1
  • 4

2 Answers2

0

It's obviously a late response but just for anyone landing here -

Do a Base64 encoding of the PGP key's content and store the encoded string in an Azure Key Vault Secret. Just decode the key before using it for encryption / decryption.

Naren
  • 797
  • 13
  • 12
-1

When you use Azure Key Vault, you can import or generate keys in hardware security modules (HSMs) that never leave the HSM boundary. This scenario is often referred to as bring your own key, or BYOK. The HSMs are FIPS 140-2 Level 2 validated. Azure Key Vault uses nCipher nShield family of HSMs to protect your keys.

Use the information in this topic to help you plan for, generate, and then transfer your own HSM-protected keys to use with Azure Key Vault.

This functionality is not available for Azure China.

You can read more about it in below docs:

https://learn.microsoft.com/en-us/azure/key-vault/key-vault-hsm-protected-keys#prerequisites-for-byokTo

https://id-3.co.uk/bring-your-own-key-what-is-it-and-what-are-its-benefits/

https://youtu.be/lOpaD4vShsU

Hope it helps.

Mohit Verma
  • 5,140
  • 2
  • 12
  • 27
  • 1
    I already learned this topic but there are nothing related to PGP key import and create in Azure's keyVault . Can you suggest me something related to PGP key in Azure keyVault ? – geekHarry Sep 11 '19 at 10:24