导入密钥材料

<p class="shortdesc"></p> <section class="section" id="IMPORTKEYMATERIAL__section_hv1_f2j_mlb"><h2 class="doc-tairway">导入密钥材料:ImportKeyMaterial</h2> <p class="p"><strong class="ph b">描述</strong></p> <p class="p">调用CreateKey创建主密钥时,选择密钥材料来源为外部。该API用于将密钥材料导入符合上述描述的CMK中,并且要求导入前该CMK的密钥状态为 “待导入”。</p> <div class="note note note_note"><span class="note__title">说明:</span> <ol class="ol" id="IMPORTKEYMATERIAL__ol_mnq_ddj_mlb"> <li class="li">在进行密钥材料导入CMK之前,您需要先调用GetParametersForImport获取导入密钥材料需要的参数,即用于加密密钥材料的公钥(public key)和导入令牌(import token);</li> <li class="li">导入的密钥材料仅支持256位的对称密钥;</li> <li class="li">导入密钥材料时您可以设置密钥材料过期时间,也可以设置其永不过期;</li> <li class="li">您能随时为指定的CMK重新导入密钥材料,并重新指定过期时间。但必须导入相同的密钥材料,某个指定的CMK不可以更换密钥材料;</li> <li class="li">导入的密钥材料过期或者被删除后,指定的CMK将无法使用,需要再次导入相同的密钥材料才可正常使用;</li> <li class="li">同样的密钥材料可导入不同的CMK中,但使用其中一个CMK加密的数据或Datakey,无法使用另一个CMK解密。</li> </ol> </div> <p class="p"><strong class="ph b">请求参数</strong></p> <table class="table" id="IMPORTKEYMATERIAL__table_nnq_ddj_mlb"><caption></caption><colgroup><col><col><col><col></colgroup><thead class="thead"> <tr class="row"> <th class="entry" id="IMPORTKEYMATERIAL__table_nnq_ddj_mlb__entry__1">名称</th> <th class="entry" id="IMPORTKEYMATERIAL__table_nnq_ddj_mlb__entry__2">类型</th> <th class="entry" id="IMPORTKEYMATERIAL__table_nnq_ddj_mlb__entry__3">是否必须</th> <th class="entry" id="IMPORTKEYMATERIAL__table_nnq_ddj_mlb__entry__4">描述</th> </tr> </thead><tbody class="tbody"> <tr class="row"> <td class="entry" headers="IMPORTKEYMATERIAL__table_nnq_ddj_mlb__entry__1 "> <p class="p">encryptedKeyMaterial</p> </td> <td class="entry" headers="IMPORTKEYMATERIAL__table_nnq_ddj_mlb__entry__2 "> <p class="p">String</p> </td> <td class="entry" headers="IMPORTKEYMATERIAL__table_nnq_ddj_mlb__entry__3 "> <p class="p">是</p> </td> <td class="entry" headers="IMPORTKEYMATERIAL__table_nnq_ddj_mlb__entry__4 "> <p class="p">十六进制表示的加密后的密钥材料</p> </td> </tr> <tr class="row"> <td class="entry" headers="IMPORTKEYMATERIAL__table_nnq_ddj_mlb__entry__1 "> <p class="p">importToken</p> </td> <td class="entry" headers="IMPORTKEYMATERIAL__table_nnq_ddj_mlb__entry__2 "> <p class="p">String</p> </td> <td class="entry" headers="IMPORTKEYMATERIAL__table_nnq_ddj_mlb__entry__3 "> <p class="p">是</p> </td> <td class="entry" headers="IMPORTKEYMATERIAL__table_nnq_ddj_mlb__entry__4 "> <p class="p">通过调用GetParametersForImport获得的导入令牌</p> </td> </tr> <tr class="row"> <td class="entry" headers="IMPORTKEYMATERIAL__table_nnq_ddj_mlb__entry__1 "> <p class="p">keyMaterialExpireUnix</p> </td> <td class="entry" headers="IMPORTKEYMATERIAL__table_nnq_ddj_mlb__entry__2 "> <p class="p">Timestamp</p> </td> <td class="entry" headers="IMPORTKEYMATERIAL__table_nnq_ddj_mlb__entry__3 "> <p class="p">否</p> </td> <td class="entry" headers="IMPORTKEYMATERIAL__table_nnq_ddj_mlb__entry__4 "> <p class="p">密钥材料过期时间</p> <p class="p">不指定该参数,或取值为0表示密钥材料不会过期</p> <p class="p">取值不可早于调用该API的时间(以服务器时间为准)</p> </td> </tr> </tbody></table> <p class="p"><strong class="ph b">返回参数</strong></p> <table class="table" id="IMPORTKEYMATERIAL__table_onq_ddj_mlb"><caption></caption><colgroup><col><col><col></colgroup><thead class="thead"> <tr class="row"> <th class="entry" id="IMPORTKEYMATERIAL__table_onq_ddj_mlb__entry__1">名称</th> <th class="entry" id="IMPORTKEYMATERIAL__table_onq_ddj_mlb__entry__2">类型</th> <th class="entry" id="IMPORTKEYMATERIAL__table_onq_ddj_mlb__entry__3">描述</th> </tr> </thead><tbody class="tbody"> <tr class="row"> <td class="entry" headers="IMPORTKEYMATERIAL__table_onq_ddj_mlb__entry__1 "> <p class="p">code</p> </td> <td class="entry" headers="IMPORTKEYMATERIAL__table_onq_ddj_mlb__entry__2 "> <p class="p">String</p> </td> <td class="entry" headers="IMPORTKEYMATERIAL__table_onq_ddj_mlb__entry__3 "> <p class="p">返回码,成功返回"SUCCESS"</p> </td> </tr> <tr class="row"> <td class="entry" headers="IMPORTKEYMATERIAL__table_onq_ddj_mlb__entry__1 "> <p class="p">requestId</p> </td> <td class="entry" headers="IMPORTKEYMATERIAL__table_onq_ddj_mlb__entry__2 "> <p class="p">String</p> </td> <td class="entry" headers="IMPORTKEYMATERIAL__table_onq_ddj_mlb__entry__3 "> <p class="p">当前请求Id</p> </td> </tr> </tbody></table> <p class="p"><strong class="ph b">请求示例</strong></p> <pre class="pre codeblock"><code>https://kms-cn-shanghai.yun.pingan.com/?action=ImportKeyMaterial &importToken=<your import token> &encryptedKeyMaterial=<your encrypted key material> &keyMaterialExpireUnix=1543911476027 &<公共请求参数></code></pre> <p class="p"><strong class="ph b">返回示例</strong></p> <pre class="pre codeblock"><code>{       "code": "SUCCESS",       "requestId": "be536733-a5e5-4a7e-92c6-395ce37830fc" }</code></pre> </section>
以上内容是否解决了您的问题?
请补全提交信息!
咨询·建议

电话咨询

400-151-8800

邮件咨询

cloud@pingan.com

在线客服

工单支持

解决云产品相关技术问题