GenerateDataKeyPair Method

Generates a data key pair that can be used outside of Amazon KMS.

Syntax

int GenerateDataKeyPair(const QString& qsKeyPairSpec, const QString& qsKeyId, bool bIncludePlaintext);

Remarks

This method generates a data key pair that can be used outside of Amazon KMS for encryption and decryption, or signing and verification. The private key of the generated key pair will be encrypted using the CMK specified by KeyId before it is returned. The key and its related information will be downloaded to the following KeyData* properties, refer to their documentation for more information:

The KeySpec parameter specifies the spec of the data key pair. Valid values are:

  • RSA_2048
  • RSA_3072
  • RSA_4096
  • ECC_NIST_P256 (secp256r1)
  • ECC_NIST_P384 (secp384r1)
  • ECC_NIST_P521 (secp521r1)
  • ECC_SECG_P256K1 (secp256k1)

The value passed for the KeyId parameter must be the Id or ARN of a CMK, or the name or ARN of an alias, in the current Region. If an ARN is provided, it can be for a CMK or alias in another account so long as the appropriate permissions are in place. The specified CMK must be symmetric. Any encryption context items present in the EncryptionContext* properties will be included in the request and used when encrypting the private key; they must be supplied again in order to decrypt it.

The IncludePlaintext parameter specifies whether the server should return a plaintext (i.e., unencrypted) copy of the data key pair's private key in addition to the encrypted copy. This can be useful if the private key will be used immediately.

This method will fail if any of the following are true regarding the specified CMK:

Error Handling

This method returns a result code; 0 indicates success, while a non-zero error code indicates that this method encountered an error during its execution. If an error occurs, the GetLastError() method can be called to retrieve the associated error message. (Note: This method's result code can also be obtained by calling the GetLastErrorCode() method after it returns.)

Copyright (c) 2022 /n software inc. - All rights reserved.
Cloud Keys 2020 Qt Edition - Version 20.0 [Build 8157]