-
We are using AWS KMS to handle generating and decrypting/encrypting data keys for our application. I noticed that the docs show how to use |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments
-
Actually, you cannot provide AWS KMS key because Themis will not have access to this key (due to KMS restrictions and general approach of KMS). AWS has data encryption keys too and these keys you can pass to Themis. But for now, we don't have any wrappers or API that accepts encrypted DEK and credentials to any KMS to decrypt it using KEK via KMS. We will be glad if you do it by yourself and contribute it to the Themis. |
Beta Was this translation helpful? Give feedback.
-
However, you can try to use key from AWS KMS as "passphrase" for Themis, using |
Beta Was this translation helpful? Give feedback.
However, you can try to use key from AWS KMS as "passphrase" for Themis, using
secureCellSealWithPassphraseEncrypt64
API:https://docs.cossacklabs.com/themis/languages/react-native/features/#seal-mode