ImportTr34KeyBlock

Parameter information for key material import using the asymmetric TR-34 key exchange method.

Contents

CertificateAuthorityPublicKeyIdentifier

The KeyARN of the certificate chain that signs the signing key certificate during TR-34 key import.

Type: String

Length Constraints: Minimum length of 7. Maximum length of 322.

Pattern: arn:aws:payment-cryptography:[a-z]{2}-[a-z]{1,16}-[0-9]+:[0-9]{12}:(key/[0-9a-zA-Z]{16,64}|alias/[a-zA-Z0-9/_-]+)$|^alias/[a-zA-Z0-9/_-]+

Required: Yes

ImportToken

The import token that initiates key import using the asymmetric TR-34 key exchange method into AWS Payment Cryptography. It expires after 7 days. You can use the same import token to import multiple keys to the same service account.

Type: String

Pattern: import-token-[0-9a-zA-Z]{16,64}

Required: Yes

KeyBlockFormat

The key block format to use during key import. The only value allowed is X9_TR34_2012.

Type: String

Valid Values: X9_TR34_2012

Required: Yes

SigningKeyCertificate

The public key component in PEM certificate format of the private key that signs the KDH TR-34 WrappedKeyBlock.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 32768.

Pattern: [^\[;\]<>]+

Required: Yes

WrappedKeyBlock

The TR-34 wrapped key block to import.

Type: String

Length Constraints: Minimum length of 2. Maximum length of 4096.

Pattern: [0-9A-F]+

Required: Yes

RandomNonce

A random number value that is unique to the TR-34 key block generated using 2 pass. The operation will fail, if a random nonce value is not provided for a TR-34 key block generated using 2 pass.

Type: String

Length Constraints: Fixed length of 16.

Pattern: [0-9A-F]+

Required: No

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following:

• AWS SDK for C++

• AWS SDK for Java V2

• AWS SDK for Ruby V3