A community member has associated this post with a similar question:
how to import only the public side of an RSA key
Only moderators can edit this content.
How to import only the public side of an RSA key
We need to export data via Azure Blobs that should be encrypted with an RSA public key provided by the recipent. However, Azure does not appear to provide good support for just the public side of an RSA key.
The only way I can find to import just the public side is as a Key Vault Secret. Unfortunately, secrets don't seem to support preferred encryption operations:
- Blob/Container Encryption Scopes
- Key Wrapping
Much of the security provided by RSA keys is derived from the data producer not having the private side of the key. Seems like essential functionality that Azure should support.
So... is there a way to import just the public side of an RSA key into a Key Vault Key?
If not, is there a way to do Encryption Scopes or Key Wrapping with a secret?