AWS SDK Version 3 for .NET
API Reference

AWS services or capabilities described in AWS Documentation may vary by region/location. Click Getting Started with Amazon AWS to see specific differences applicable to the China (Beijing) Region.

This is the response object from the GenerateDataKeyPairWithoutPlaintext operation.

Inheritance Hierarchy

System.Object
  Amazon.Runtime.AmazonWebServiceResponse
    Amazon.KeyManagementService.Model.GenerateDataKeyPairWithoutPlaintextResponse

Namespace: Amazon.KeyManagementService.Model
Assembly: AWSSDK.KeyManagementService.dll
Version: 3.x.y.z

Syntax

C# 
public class GenerateDataKeyPairWithoutPlaintextResponse : AmazonWebServiceResponse

The GenerateDataKeyPairWithoutPlaintextResponse type exposes the following members

Constructors

NameDescription
Public Method GenerateDataKeyPairWithoutPlaintextResponse()

Properties

NameTypeDescription
Public Property ContentLength System.Int64 Inherited from Amazon.Runtime.AmazonWebServiceResponse.
Public Property HttpStatusCode System.Net.HttpStatusCode Inherited from Amazon.Runtime.AmazonWebServiceResponse.
Public Property KeyId System.String

Gets and sets the property KeyId.

The Amazon Resource Name (key ARN) of the KMS key that encrypted the private key.

Public Property KeyPairSpec Amazon.KeyManagementService.DataKeyPairSpec

Gets and sets the property KeyPairSpec.

The type of data key pair that was generated.

Public Property PrivateKeyCiphertextBlob System.IO.MemoryStream

Gets and sets the property PrivateKeyCiphertextBlob.

The encrypted copy of the private key. When you use the HTTP API or the Amazon Web Services CLI, the value is Base64-encoded. Otherwise, it is not Base64-encoded.

Public Property PublicKey System.IO.MemoryStream

Gets and sets the property PublicKey.

The public key (in plaintext). When you use the HTTP API or the Amazon Web Services CLI, the value is Base64-encoded. Otherwise, it is not Base64-encoded.

Public Property ResponseMetadata Amazon.Runtime.ResponseMetadata Inherited from Amazon.Runtime.AmazonWebServiceResponse.

Examples

This example returns an asymmetric elliptic curve (ECC) data key pair. The private key is encrypted under the symmetric encryption KMS key that you specify. This operation doesn't return a plaintext (unencrypted) private key.

To generate an asymmetric data key pair without a plaintext key


var client = new AmazonKeyManagementServiceClient();
var response = client.GenerateDataKeyPairWithoutPlaintext(new GenerateDataKeyPairWithoutPlaintextRequest 
{
    KeyId = "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab", // The symmetric encryption KMS key that encrypts the private key of the ECC data key pair.
    KeyPairSpec = "ECC_NIST_P521" // The requested key spec of the ECC asymmetric data key pair.
});

string keyId = response.KeyId; // The key ARN of the symmetric encryption KMS key that encrypted the private key in the ECC asymmetric data key pair.
string keyPairSpec = response.KeyPairSpec; // The actual key spec of the ECC asymmetric data key pair.
MemoryStream privateKeyCiphertextBlob = response.PrivateKeyCiphertextBlob; // The encrypted private key of the asymmetric ECC data key pair.
MemoryStream publicKey = response.PublicKey; // The public key (plaintext).

Version Information

.NET Core App:
Supported in: 3.1

.NET Standard:
Supported in: 2.0

.NET Framework:
Supported in: 4.5, 4.0, 3.5