Cryptographic operations with asymmetric keys

Asymmetric keys in Key Management Service (KMS) consist of a public and private key. You can use the public key to encrypt data and the private key to decrypt it. You can also use the private key to sign hashes and the public key to verify signatures.

Prerequisites

You can retrieve the public key in the web console. To sign hashes, use the Nebius AI Cloud CLI. To verify signatures, use a local cryptographic tool such as OpenSSL.

Install and configure the Nebius AI Cloud CLI.
Make sure you are in a group that has at least the editor role within your tenant or project; for example, the default editors group. Alternatively, you can have an access permit with the editor role assigned to the required key. To check your access rights, go to the Administration → IAM section in the web console.

How to get the public key

You can retrieve the public key to use it for encryption and signature verification.

Web console
CLI

In the web console, go to Cryptography → KMS.
Select Asymmetric keys and find the required key in the list. To choose a key that supports what you need, check the Algorithm column:
- Signing and verification: ECC (P-256)
- Encryption: RSA-4096
On the Key’s overview tab, next to Public key, click .
Save the public key contents to a local file, for example public_key.pem.

List asymmetric keys:
```
nebius kms asymmetric-key list
```
In the output, copy the ID of the required asymmetric key. To choose a key that supports what you need, check the spec.algorithm field:
- Signing and verification: ecdsa_nist_p256_sha_256, ecdsa_nist_p384_sha_384
- Encryption: rsa_4096_enc_oaep_sha_256

Run the following command:

nebius kms asymmetric-crypto get-public-key \
  --key-id <key_ID>

In the command, specify the ID of the asymmetric key. The output looks like the following:

key_id: kmsasymkey-e00***
public_key: |
  -----BEGIN PUBLIC KEY-----
  MFkwEwYHKoZ***
  -----END PUBLIC KEY-----

Save the public_key value to a local file, for example public_key.pem.

How to use asymmetric keys for encryption

For asymmetric encryption, the public key can be used to encrypt data and only the holder of the private key can decrypt data.

Encrypting data

Encrypt the data locally with your public key by using an external tool such as OpenSSL:

openssl pkeyutl \
  -in <plaintext_file> \
  -encrypt \
  -pubin \
  -inkey <path_to_public_key> \
  -pkeyopt rsa_padding_mode:oaep \
  -pkeyopt rsa_oaep_md:sha256 \
  -pkeyopt rsa_mgf1_md:sha256 | base64

In the command, specify the following parameters:

-in: Path to the file with the plaintext data to encrypt. The maximum plaintext size is 446 bytes.
-inkey: Path to the file containing the public key.

The output is the ciphertext in Base64. Save this value because it is required for decrypting the data.

How the maximum plaintext size is calculated

The maximum size of a plaintext message to encrypt can be calculated using the following formula:Message length = (k - 2) - 2 × hash lengthWhere:

k: Length of the encryption key, in bytes.
hash length: Length of the hash function, in bytes.

For the RSA-4096 (rsa_4096_enc_oaep_sha_256) algorithm:

k = 512, because an RSA-4096 key is 4096 bits long, which equals 512 bytes.
hash length = 32, because SHA-256 produces a 256-bit hash, which equals 32 bytes.

Message length = (512 - 2) - 2 × 32 = 446 bytes

Decrypting data

To decrypt data with an asymmetric KMS key:

Run the following command:
```
nebius kms asymmetric-crypto decrypt \
  --key-id <key_ID> \
  --ciphertext <ciphertext>
```
In the command, specify the following parameters:
- --key-id: ID of the asymmetric KMS key that was used for encryption. To get it, run:
  nebius kms asymmetric-key list
  In the output, copy the ID of the key that you used for encryption.
- --ciphertext: Encrypted data returned as ciphertext when you encrypted the data.
The output contains the Base64-encoded plaintext:
```
key_id: kmsasymkey-e00***
plaintext: SGVsbG8gd29ybGQ=
```
Decode the plaintext value from Base64. For example, to decode SGVsbG8gd29ybGQ=:
echo 'SGVsbG8gd29ybGQ=' | base64 -d

How to use asymmetric keys for digital signatures

Signing a hash

Use the private key of an asymmetric key pair to sign a hash that you generate yourself. The signature can be verified with the public key.

Generate a hash of the file or data that you want to sign and encode it in Base64.
openssl dgst <hash_function> -binary <path_to_file> | base64
In the command:
- <hash_function>: OpenSSL hash function to use when generating the hash. The value depends on the algorithm your key uses: set it to -sha256 for ecdsa_nist_p256_sha_256 keys and to -sha384 for ecdsa_nist_p384_sha_384 keys.
- <path_to_file>: Path to the file for which you want to generate the hash.
The command returns a hash value that you need to provide for signing.
Run the following command:
```
nebius kms asymmetric-crypto sign-hash \
  --key-id <key_ID> \
  --hash <hash>
```
In the command, specify the following parameters:
- --key-id: ID of the asymmetric KMS key to use to sign the hash. To get it, run:
  nebius kms asymmetric-key list
  In the output, copy the ID of the key that you want to use.
- --hash: The hash value that you generated, encoded in Base64.
The output looks like the following:
```
key_id: kmsasymkey-e00***
signature: MEUCIQDT6TEx+by5ytXEEGxAbN/h+zv***
```
Save the signature value to a local file, for example signature.b64.

Verifying a signature

You can verify a signature by using the public key of the asymmetric key pair and an external tool such as OpenSSL.

Decode the saved signature from Base64:
```
openssl base64 -d -A -in <path_to_signature_base64_file> -out <path_to_binary_signature_file>
```
KMS returns the signature as a Base64-encoded string, while OpenSSL expects a binary signature file. This command converts the saved Base64 value to a binary file that OpenSSL can use. For example:
```
openssl base64 -d -A -in signature.b64 -out signature.bin
```
Verify the signature.
```
openssl dgst \
  <hash_function> \
  -verify <path_to_public_key> \
  -signature <path_to_binary_signature_file> \
  <path_to_file>
```
In the command:
- <hash_function>: OpenSSL hash function parameter to use when verifying the signature. The value depends on the algorithm your key uses: set it to -sha256 for ecdsa_nist_p256_sha_256 keys and to -sha384 for ecdsa_nist_p384_sha_384 keys.
- -verify: Path to the public key.
- -signature: Path to the binary signature file.
- <path_to_file>: Path to the signed file.
If the signature is valid, OpenSSL returns:
```
Verified OK
```

​Prerequisites

​How to get the public key

​How to use asymmetric keys for encryption

​Encrypting data

​Decrypting data

​How to use asymmetric keys for digital signatures

​Signing a hash

​Verifying a signature