[null,null,["上次更新時間:2025-08-29 (世界標準時間)。"],[[["\u003cp\u003eTinkey is a command-line tool for managing encryption keys, letting you encrypt or decrypt keysets using remote key management systems (KMS) like AWS KMS and Google Cloud KMS.\u003c/p\u003e\n"],["\u003cp\u003eYou can install Tinkey through prebuilt binaries, Homebrew, or by building it from the Tink source code using Bazel.\u003c/p\u003e\n"],["\u003cp\u003eTinkey provides a range of commands for key management tasks including adding, deleting, rotating, and enabling/disabling keys within keysets.\u003c/p\u003e\n"],["\u003cp\u003eTinkey also allows you to create, convert, and list keysets as well as manage their associated key templates.\u003c/p\u003e\n"],["\u003cp\u003eRequires Java 8 or later to function.\u003c/p\u003e\n"]]],["Tinkey, a key management utility, encrypts and decrypts keysets using remote Key Management Systems (KMS) like AWS and Google Cloud. It can be installed via prebuilt binaries, Homebrew, or by building from the source using Bazel. Tinkey's core functions include generating, adding, converting, creating, listing, deleting, enabling, disabling, and promoting keys within keysets. It also provides deprecated key rotation and destruction features. Use `tinkey \u003ccommand\u003e` for specific command information.\n"],null,["Tinkey is Tink's command line utility for managing keys. Tinkey lets you encrypt\nor decrypt keysets with key encryption keys stored in a remote KMS. Tinkey has\nbuilt-in support for AWS KMS and Google Cloud KMS. Adding support for other KMS\ndoesn't require modifying Tinkey.\n| **Note:** Tinkey requires Java 8 or later to run.\n\nInstallation\n\nYou can install Tinkey from prebuilt binaries, use Homebrew, or build Tinkey\nfrom the Tink source: \n\nPrebuilt binaries\n\nThe latest release of Tinkey is 1.12.0\n([download](https://storage.googleapis.com/tinkey/tinkey-1.12.0.tar.gz)). It works on Linux, macOS, and Windows.\n\nHomebrew\n\nTo install Tinkey with [Homebrew](https://brew.sh/), run the following\ncommand: \n\n brew tap tink-crypto/tink-tinkey https://github.com/tink-crypto/tink-tinkey\n brew install tinkey\n\nFrom source\n\nTo build the latest version of Tinkey from Tink's source code, use\n[Bazel](https://bazel.build) with\n[Bazelisk](https://github.com/bazelbuild/bazelisk): \n\n TINKEY_URL=\"https://github.com/tink-crypto/tink-tinkey/releases/download/v1.12.0/tink-tinkey-1.12.0.zip\"\n TINKEY_SHA256=\"425a551254847323078aaa80c0087bb228d7672e0c8663807aa06c50dcffa75a\"\n curl -LsS \"${TINKEY_URL}\" -o tinkey.zip\n echo \"${TINKEY_SHA256} tinkey.zip\" | sha256sum -c\n unzip tinkey.zip && cd \"tink-tinkey-1.12.0\"\n bazelisk build //:tinkey\n\nThis produces the binary `bazel-bin/tinkey`.\n\nCommand reference\n\nTinkey can be used to generate keys and do other management tasks like\nencrypting, decrypting, or rotating keys.\n\nThe syntax for using the commands listed in the table is `tinkey \u003ccommand\u003e\n[\u003cargs\u003e]`.\n| **Note:** For information about the arguments available or required for a command, run `tinkey \u003ccommand\u003e` without further arguments.\n\n| Command | Action |\n|------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|\n| `help` | Prints a help message for all available commands. |\n| `add-key` | Generates and adds a new key to a keyset. |\n| `convert-keyset` | Changes format, encrypts, decrypts a keyset. |\n| `create-keyset` | Creates a new keyset. |\n| `create-public-keyset` | Creates a public keyset from a private keyset. |\n| `list-key-templates` | Lists all supported key templates. |\n| `delete-key` | Deletes a specified key in a keyset. |\n| `destroy-key` | *Deprecated.* Destroys the key material of a specified key in a keyset. (This is deprecated: the behavior of Tink with keysets containing destroyed keys may depend on the Tink version) |\n| `disable-key` | Disables a specified key in a keyset. |\n| `enable-key` | Enables a specified key in a keyset. |\n| `list-keyset` | Lists keys in a keyset. |\n| `promote-key` | Promotes a specified key to primary. |\n| `rotate-keyset` | *\\[Deprecated\\]* Adds a new key and makes it the primary. (Instead, we recommend first adding a new key with `add-key` and later explicitly making it the primary with `promote-key`. In distributed systems, one needs to make sure the newly added key is available on every server before promoting it to primary.) |"]]
