Skip to content

Get Parameters For Import

paymentcryptographycontrolplane_get_parameters_for_import R Documentation

Gets the import token and the wrapping key certificate in PEM format (base64 encoded) to initiate a TR-34 WrappedKeyBlock or a RSA WrappedKeyCryptogram import into Amazon Web Services Payment Cryptography

Description

Gets the import token and the wrapping key certificate in PEM format (base64 encoded) to initiate a TR-34 WrappedKeyBlock or a RSA WrappedKeyCryptogram import into Amazon Web Services Payment Cryptography.

The wrapping key certificate wraps the key under import. The import token and wrapping key certificate must be in place and operational before calling import_key. The import token expires in 30 days. You can use the same import token to import multiple keys into your service account.

To return a previously generated import token and wrapping key certificate instead of generating new ones, set ReuseLastGeneratedToken to true.

Cross-account use: This operation can't be used across different Amazon Web Services accounts.

Related operations:

  • get_parameters_for_export

  • import_key

Usage

paymentcryptographycontrolplane_get_parameters_for_import(
  KeyMaterialType, WrappingKeyAlgorithm, ReuseLastGeneratedToken)

Arguments

KeyMaterialType

[required] The method to use for key material import. Import token is only required for TR-34 WrappedKeyBlock (TR34_KEY_BLOCK) and RSA WrappedKeyCryptogram (KEY_CRYPTOGRAM).

Import token is not required for TR-31, root public key cerificate or trusted public key certificate.
WrappingKeyAlgorithm

[required] The wrapping key algorithm to generate a wrapping key certificate. This certificate wraps the key under import.

At this time, RSA_2048 is the allowed algorithm for TR-34 WrappedKeyBlock import. Additionally, RSA_2048, RSA_3072, RSA_4096 are the allowed algorithms for RSA WrappedKeyCryptogram import.
ReuseLastGeneratedToken

Specifies whether to reuse the existing import token and wrapping key certificate. If set to true and a valid import token exists for the same key material type and wrapping key algorithm with at least 7 days of remaining validity, the existing token and wrapping key certificate are returned. Otherwise, a new import token and wrapping key certificate are generated. The default value is false, which generates a new import token and wrapping key certificate on every call.

Value

A list with the following syntax:

list(
  WrappingKeyCertificate = "string",
  WrappingKeyCertificateChain = "string",
  WrappingKeyAlgorithm = "TDES_2KEY"|"TDES_3KEY"|"AES_128"|"AES_192"|"AES_256"|"HMAC_SHA256"|"HMAC_SHA384"|"HMAC_SHA512"|"HMAC_SHA224"|"RSA_2048"|"RSA_3072"|"RSA_4096"|"ECC_NIST_P256"|"ECC_NIST_P384"|"ECC_NIST_P521",
  ImportToken = "string",
  ParametersValidUntilTimestamp = as.POSIXct(
    "2015-01-01"
  )
)

Request syntax

svc$get_parameters_for_import(
  KeyMaterialType = "TR34_KEY_BLOCK"|"TR31_KEY_BLOCK"|"ROOT_PUBLIC_KEY_CERTIFICATE"|"TRUSTED_PUBLIC_KEY_CERTIFICATE"|"KEY_CRYPTOGRAM",
  WrappingKeyAlgorithm = "TDES_2KEY"|"TDES_3KEY"|"AES_128"|"AES_192"|"AES_256"|"HMAC_SHA256"|"HMAC_SHA384"|"HMAC_SHA512"|"HMAC_SHA224"|"RSA_2048"|"RSA_3072"|"RSA_4096"|"ECC_NIST_P256"|"ECC_NIST_P384"|"ECC_NIST_P521",
  ReuseLastGeneratedToken = TRUE|FALSE
)