Help Center/ Data Encryption Workshop/ User Guide/ KMS/ Using a Key/ Encrypting and Decrypting Small-size Data Online Using a Custom Key
Updated on 2026-04-28 GMT+08:00
View PDF
Share

Encrypting and Decrypting Small-size Data Online Using a Custom Key

This section describes how to use the online tool to encrypt or decrypt small-size data (4 KB or smaller) on the KMS console.

Prerequisites

The custom key is in Enabled status.

Constraints

  • Default keys cannot be used to encrypt or decrypt such data with the tool.
  • Asymmetric keys cannot be used to encrypt or decrypt such data with the tool.

Encrypting Data

  1. Log in to the DEW console.
  2. Click in the upper left corner and select a region or project.
  3. Click the name of the target custom key to access the key details page. Click the Tool tab.
  4. Click Encrypt. In the text box on the left, enter the data to be encrypted, as shown in Figure 1.

    Figure 1 Encrypting data

  5. Click Execute. The encrypted data is displayed in the Encryption/Decryption Result area.

    • Use the current CMK to encrypt the data.

Decrypting Data

  1. Click a non-default key in the Enabled state and go to the Tool tab.
  2. Click Decrypt and enter the data to be decrypted in the text box, as shown in Figure 2.

    • The tool will identify the original encryption CMK and use it to decrypt the data.
    • If the key has been deleted, the decryption will fail.
    Figure 2 Decrypting data

  3. Click Execute. The decrypted data is displayed in the Encryption/Decryption Result area.

    • The information to be encrypted using commands or APIs cannot contain special characters. Otherwise, the decryption result may fail to be displayed on the console.

    • Enter the plaintext on the console, the text will be encoded to Base64 format before encryption.

      The decryption result returned via API will be in Base64 format. Perform Base64 decoding to obtain the plaintext entered on the console.

    • You can call APIs to use a default master key to encrypt or decrypt small-volume data. For details, see Data Encryption Workshop API Reference.
    • After an API is called to encrypt data, the online tool cannot be used to decrypt the data.

Related Operations

  • Clearing the entered data: In the lower right corner of the encryption area, click Clear.
  • Copying the ciphertext generated after encryption: In the Encryption result area, copy the ciphertext, and paste and save it to a local file.
  • Copying the plaintext generated after decryption: In the Decryption result area, copy the plaintext, and paste and save it to a local file.
Parent Topic: Using a Key