PaymentCryptographyControlPlane / Client / get_parameters_for_import

get_parameters_for_import#

PaymentCryptographyControlPlane.Client.get_parameters_for_import(**kwargs)#

Gets the import token and the wrapping key certificate to initiate a TR-34 key import into Amazon Web Services Payment Cryptography.

The wrapping key certificate wraps the key under import within the TR-34 key payload. The import token and wrapping key certificate must be in place and operational before calling ImportKey. The import token expires in 7 days. The same import token can be used to import multiple keys into your service account.

Cross-account use: This operation can’t be used across different Amazon Web Services accounts.

Related operations:

  • GetParametersForExport

  • ImportKey

See also: AWS API Documentation

Request Syntax

response = client.get_parameters_for_import(
    KeyMaterialType='TR34_KEY_BLOCK'|'TR31_KEY_BLOCK'|'ROOT_PUBLIC_KEY_CERTIFICATE'|'TRUSTED_PUBLIC_KEY_CERTIFICATE',
    WrappingKeyAlgorithm='TDES_2KEY'|'TDES_3KEY'|'AES_128'|'AES_192'|'AES_256'|'RSA_2048'|'RSA_3072'|'RSA_4096'
)
Parameters:

  • KeyMaterialType (string) –

    [REQUIRED]

    The key block format type such as TR-34 or TR-31 to use during key material import. Import token is only required for TR-34 key import TR34_KEY_BLOCK. Import token is not required for TR-31 key import.

  • WrappingKeyAlgorithm (string) –

    [REQUIRED]

    The wrapping key algorithm to generate a wrapping key certificate. This certificate wraps the key under import within the TR-34 key block cryptogram. RSA_2048 is the only wrapping key algorithm allowed.

Return type:

dict

Returns:

Response Syntax

{
    'ImportToken': 'string',
    'ParametersValidUntilTimestamp': datetime(2015, 1, 1),
    'WrappingKeyAlgorithm': 'TDES_2KEY'|'TDES_3KEY'|'AES_128'|'AES_192'|'AES_256'|'RSA_2048'|'RSA_3072'|'RSA_4096',
    'WrappingKeyCertificate': 'string',
    'WrappingKeyCertificateChain': 'string'
}

Response Structure

  • (dict) –

    • ImportToken (string) –

      The import token to initiate key import into Amazon Web Services Payment Cryptography. The import token expires after 7 days. You can use the same import token to import multiple keys to the same service account.

    • ParametersValidUntilTimestamp (datetime) –

      The validity period of the import token.

    • WrappingKeyAlgorithm (string) –

      The algorithm of the wrapping key for use within TR-34 key block. RSA_2048 is the only wrapping key algorithm allowed.

    • WrappingKeyCertificate (string) –

      The wrapping key certificate of the wrapping key for use within the TR-34 key block. The certificate expires in 7 days.

    • WrappingKeyCertificateChain (string) –

      The Amazon Web Services Payment Cryptography certificate chain that signed the wrapping key certificate. This is the root certificate authority (CA) within your service account.

Exceptions

  • PaymentCryptographyControlPlane.Client.exceptions.ServiceQuotaExceededException

  • PaymentCryptographyControlPlane.Client.exceptions.ServiceUnavailableException

  • PaymentCryptographyControlPlane.Client.exceptions.ValidationException

  • PaymentCryptographyControlPlane.Client.exceptions.ConflictException

  • PaymentCryptographyControlPlane.Client.exceptions.AccessDeniedException

  • PaymentCryptographyControlPlane.Client.exceptions.ResourceNotFoundException

  • PaymentCryptographyControlPlane.Client.exceptions.ThrottlingException

  • PaymentCryptographyControlPlane.Client.exceptions.InternalServerException