AWS SDK Version 3 for .NET
API Reference

AWS services or capabilities described in AWS Documentation may vary by region/location. Click Getting Started with Amazon AWS to see specific differences applicable to the China (Beijing) Region.

This is the response object from the GetPublicKey operation.

Inheritance Hierarchy

System.Object
  Amazon.Runtime.AmazonWebServiceResponse
    Amazon.KeyManagementService.Model.GetPublicKeyResponse

Namespace: Amazon.KeyManagementService.Model
Assembly: AWSSDK.KeyManagementService.dll
Version: 3.x.y.z

Syntax

C#
public class GetPublicKeyResponse : AmazonWebServiceResponse

The GetPublicKeyResponse type exposes the following members

Constructors

NameDescription
Public Method GetPublicKeyResponse()

Properties

NameTypeDescription
Public Property ContentLength System.Int64 Inherited from Amazon.Runtime.AmazonWebServiceResponse.
Public Property CustomerMasterKeySpec Amazon.KeyManagementService.CustomerMasterKeySpec

Gets and sets the property CustomerMasterKeySpec.

Instead, use the KeySpec field in the GetPublicKey response.

The KeySpec and CustomerMasterKeySpec fields have the same value. We recommend that you use the KeySpec field in your code. However, to avoid breaking changes, KMS supports both fields.

Public Property EncryptionAlgorithms System.Collections.Generic.List<System.String>

Gets and sets the property EncryptionAlgorithms.

The encryption algorithms that KMS supports for this key.

This information is critical. If a public key encrypts data outside of KMS by using an unsupported encryption algorithm, the ciphertext cannot be decrypted.

This field appears in the response only when the KeyUsage of the public key is ENCRYPT_DECRYPT.

Public Property HttpStatusCode System.Net.HttpStatusCode Inherited from Amazon.Runtime.AmazonWebServiceResponse.
Public Property KeyAgreementAlgorithms System.Collections.Generic.List<System.String>

Gets and sets the property KeyAgreementAlgorithms.

The key agreement algorithm used to derive a shared secret. This field is present only when the KMS key has a KeyUsage value of KEY_AGREEMENT.

Public Property KeyId System.String

Gets and sets the property KeyId.

The Amazon Resource Name (key ARN) of the asymmetric KMS key from which the public key was downloaded.

Public Property KeySpec Amazon.KeyManagementService.KeySpec

Gets and sets the property KeySpec.

The type of the of the public key that was downloaded.

Public Property KeyUsage Amazon.KeyManagementService.KeyUsageType

Gets and sets the property KeyUsage.

The permitted use of the public key. Valid values for asymmetric key pairs are ENCRYPT_DECRYPT, SIGN_VERIFY, and KEY_AGREEMENT.

This information is critical. For example, if a public key with SIGN_VERIFY key usage encrypts data outside of KMS, the ciphertext cannot be decrypted.

Public Property PublicKey System.IO.MemoryStream

Gets and sets the property PublicKey.

The exported public key.

The value is a DER-encoded X.509 public key, also known as SubjectPublicKeyInfo (SPKI), as defined in RFC 5280. When you use the HTTP API or the Amazon Web Services CLI, the value is Base64-encoded. Otherwise, it is not Base64-encoded.

Public Property ResponseMetadata Amazon.Runtime.ResponseMetadata Inherited from Amazon.Runtime.AmazonWebServiceResponse.
Public Property SigningAlgorithms System.Collections.Generic.List<System.String>

Gets and sets the property SigningAlgorithms.

The signing algorithms that KMS supports for this key.

This field appears in the response only when the KeyUsage of the public key is SIGN_VERIFY.

Examples

This example gets the public key of an asymmetric RSA KMS key used for encryption and decryption. The operation returns the key spec, key usage, and encryption or signing algorithms to help you use the public key correctly outside of AWS KMS.

To download the public key of an asymmetric KMS key


var client = new AmazonKeyManagementServiceClient();
var response = client.GetPublicKey(new GetPublicKeyRequest 
{
    KeyId = "arn:aws:kms:us-west-2:111122223333:key/0987dcba-09fe-87dc-65ba-ab0987654321" // The key ARN of the asymmetric KMS key.
});

string customerMasterKeySpec = response.CustomerMasterKeySpec; // The key spec of the asymmetric KMS key from which the public key was downloaded.
List<string> encryptionAlgorithms = response.EncryptionAlgorithms; // The encryption algorithms supported by the asymmetric KMS key that was downloaded.
string keyId = response.KeyId; // The key ARN of the asymmetric KMS key from which the public key was downloaded.
string keyUsage = response.KeyUsage; // The key usage of the asymmetric KMS key from which the public key was downloaded.
MemoryStream publicKey = response.PublicKey; // The public key (plaintext) of the asymmetric KMS key.

            

Version Information

.NET:
Supported in: 8.0 and newer, Core 3.1

.NET Standard:
Supported in: 2.0

.NET Framework:
Supported in: 4.5 and newer, 3.5