AWSKMSGenerateDataKeyWithoutPlaintextRequest

@interface AWSKMSGenerateDataKeyWithoutPlaintextRequest
  • Specifies the encryption context that will be used when encrypting the data key.

    An encryption context is a collection of non-secret key-value pairs that represents additional authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact case-sensitive match) encryption context to decrypt the data. An encryption context is optional when encrypting with a symmetric CMK, but it is highly recommended.

    For more information, see Encryption Context in the AWS Key Management Service Developer Guide.

    Declaration

    Objective-C

    @property (readwrite, strong, nonatomic)
        NSDictionary<NSString *, NSString *> *_Nullable encryptionContext;

    Swift

    var encryptionContext: [String : String]? { get set }
  • A list of grant tokens.

    For more information, see Grant Tokens in the AWS Key Management Service Developer Guide.

    Declaration

    Objective-C

    @property (readwrite, strong, nonatomic)
        NSArray<NSString *> *_Nullable grantTokens;

    Swift

    var grantTokens: [String]? { get set }
  • The identifier of the symmetric customer master key (CMK) that encrypts the data key.

    To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix it with "alias/". To specify a CMK in a different AWS account, you must use the key ARN or alias ARN.

    For example:

    • Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab

    • Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab

    • Alias name: alias/ExampleAlias

    • Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias

    To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

    Declaration

    Objective-C

    @property (readwrite, strong, nonatomic) NSString *_Nullable keyId;

    Swift

    var keyId: String? { get set }
  • The length of the data key. Use AES_128 to generate a 128-bit symmetric key, or AES_256 to generate a 256-bit symmetric key.

    Declaration

    Objective-C

    @property (assign, readwrite, nonatomic) AWSKMSDataKeySpec keySpec;

    Swift

    var keySpec: AWSKMSDataKeySpec { get set }
  • The length of the data key in bytes. For example, use the value 64 to generate a 512-bit data key (64 bytes is 512 bits). For common key lengths (128-bit and 256-bit symmetric keys), we recommend that you use the KeySpec field instead of this one.

    Declaration

    Objective-C

    @property (readwrite, strong, nonatomic) NSNumber *_Nullable numberOfBytes;

    Swift

    var numberOfBytes: NSNumber? { get set }