getParametersForImport method

Future<GetParametersForImportOutput> getParametersForImport({
  1. required KeyMaterialType keyMaterialType,
  2. required KeyAlgorithm wrappingKeyAlgorithm,
  3. bool? reuseLastGeneratedToken,
})

Gets the import token and the wrapping key certificate in PEM format (base64 encoded) to initiate a TR-34 WrappedKeyBlock or a RSA WrappedKeyCryptogram import into Amazon Web Services Payment Cryptography.

The wrapping key certificate wraps the key under import. The import token and wrapping key certificate must be in place and operational before calling ImportKey. The import token expires in 30 days. You can use the same import token to import multiple keys into your service account.

To return a previously generated import token and wrapping key certificate instead of generating new ones, set ReuseLastGeneratedToken to true.

Cross-account use: This operation can't be used across different Amazon Web Services accounts.

Related operations:

May throw AccessDeniedException. May throw ConflictException. May throw InternalServerException. May throw ResourceNotFoundException. May throw ServiceQuotaExceededException. May throw ServiceUnavailableException. May throw ThrottlingException. May throw ValidationException.

Parameter keyMaterialType : The method to use for key material import. Import token is only required for TR-34 WrappedKeyBlock (TR34_KEY_BLOCK) and RSA WrappedKeyCryptogram (KEY_CRYPTOGRAM).

Import token is not required for TR-31, root public key cerificate or trusted public key certificate.

Parameter wrappingKeyAlgorithm : The wrapping key algorithm to generate a wrapping key certificate. This certificate wraps the key under import.

At this time, RSA_2048 is the allowed algorithm for TR-34 WrappedKeyBlock import. Additionally, RSA_2048, RSA_3072, RSA_4096 are the allowed algorithms for RSA WrappedKeyCryptogram import.

Parameter reuseLastGeneratedToken : Specifies whether to reuse the existing import token and wrapping key certificate. If set to true and a valid import token exists for the same key material type and wrapping key algorithm with at least 7 days of remaining validity, the existing token and wrapping key certificate are returned. Otherwise, a new import token and wrapping key certificate are generated. The default value is false, which generates a new import token and wrapping key certificate on every call.

Implementation

Future<GetParametersForImportOutput> getParametersForImport({
  required KeyMaterialType keyMaterialType,
  required KeyAlgorithm wrappingKeyAlgorithm,
  bool? reuseLastGeneratedToken,
}) async {
  final headers = <String, String>{
    'Content-Type': 'application/x-amz-json-1.0',
    'X-Amz-Target': 'PaymentCryptographyControlPlane.GetParametersForImport'
  };
  final jsonResponse = await _protocol.send(
    method: 'POST',
    requestUri: '/',
    exceptionFnMap: _exceptionFns,
    // TODO queryParams
    headers: headers,
    payload: {
      'KeyMaterialType': keyMaterialType.value,
      'WrappingKeyAlgorithm': wrappingKeyAlgorithm.value,
      if (reuseLastGeneratedToken != null)
        'ReuseLastGeneratedToken': reuseLastGeneratedToken,
    },
  );

  return GetParametersForImportOutput.fromJson(jsonResponse.body);
}