AWS SDK for C++  1.8.95
AWS SDK for C++
Public Member Functions | List of all members
Aws::KMS::Model::DecryptRequest Class Reference

#include <DecryptRequest.h>

+ Inheritance diagram for Aws::KMS::Model::DecryptRequest:

Public Member Functions

 DecryptRequest ()
 
virtual const char * GetServiceRequestName () const override
 
Aws::String SerializePayload () const override
 
Aws::Http::HeaderValueCollection GetRequestSpecificHeaders () const override
 
const Aws::Utils::ByteBufferGetCiphertextBlob () const
 
bool CiphertextBlobHasBeenSet () const
 
void SetCiphertextBlob (const Aws::Utils::ByteBuffer &value)
 
void SetCiphertextBlob (Aws::Utils::ByteBuffer &&value)
 
DecryptRequestWithCiphertextBlob (const Aws::Utils::ByteBuffer &value)
 
DecryptRequestWithCiphertextBlob (Aws::Utils::ByteBuffer &&value)
 
const Aws::Map< Aws::String, Aws::String > & GetEncryptionContext () const
 
bool EncryptionContextHasBeenSet () const
 
void SetEncryptionContext (const Aws::Map< Aws::String, Aws::String > &value)
 
void SetEncryptionContext (Aws::Map< Aws::String, Aws::String > &&value)
 
DecryptRequestWithEncryptionContext (const Aws::Map< Aws::String, Aws::String > &value)
 
DecryptRequestWithEncryptionContext (Aws::Map< Aws::String, Aws::String > &&value)
 
DecryptRequestAddEncryptionContext (const Aws::String &key, const Aws::String &value)
 
DecryptRequestAddEncryptionContext (Aws::String &&key, const Aws::String &value)
 
DecryptRequestAddEncryptionContext (const Aws::String &key, Aws::String &&value)
 
DecryptRequestAddEncryptionContext (Aws::String &&key, Aws::String &&value)
 
DecryptRequestAddEncryptionContext (const char *key, Aws::String &&value)
 
DecryptRequestAddEncryptionContext (Aws::String &&key, const char *value)
 
DecryptRequestAddEncryptionContext (const char *key, const char *value)
 
const Aws::Vector< Aws::String > & GetGrantTokens () const
 
bool GrantTokensHasBeenSet () const
 
void SetGrantTokens (const Aws::Vector< Aws::String > &value)
 
void SetGrantTokens (Aws::Vector< Aws::String > &&value)
 
DecryptRequestWithGrantTokens (const Aws::Vector< Aws::String > &value)
 
DecryptRequestWithGrantTokens (Aws::Vector< Aws::String > &&value)
 
DecryptRequestAddGrantTokens (const Aws::String &value)
 
DecryptRequestAddGrantTokens (Aws::String &&value)
 
DecryptRequestAddGrantTokens (const char *value)
 
const Aws::StringGetKeyId () const
 
bool KeyIdHasBeenSet () const
 
void SetKeyId (const Aws::String &value)
 
void SetKeyId (Aws::String &&value)
 
void SetKeyId (const char *value)
 
DecryptRequestWithKeyId (const Aws::String &value)
 
DecryptRequestWithKeyId (Aws::String &&value)
 
DecryptRequestWithKeyId (const char *value)
 
const EncryptionAlgorithmSpecGetEncryptionAlgorithm () const
 
bool EncryptionAlgorithmHasBeenSet () const
 
void SetEncryptionAlgorithm (const EncryptionAlgorithmSpec &value)
 
void SetEncryptionAlgorithm (EncryptionAlgorithmSpec &&value)
 
DecryptRequestWithEncryptionAlgorithm (const EncryptionAlgorithmSpec &value)
 
DecryptRequestWithEncryptionAlgorithm (EncryptionAlgorithmSpec &&value)
 
- Public Member Functions inherited from Aws::KMS::KMSRequest
virtual ~KMSRequest ()
 
void AddParametersToRequest (Aws::Http::HttpRequest &httpRequest) const
 
Aws::Http::HeaderValueCollection GetHeaders () const override
 
- Public Member Functions inherited from Aws::AmazonSerializableWebServiceRequest
 AmazonSerializableWebServiceRequest ()
 
virtual ~AmazonSerializableWebServiceRequest ()
 
std::shared_ptr< Aws::IOStreamGetBody () const override
 
- Public Member Functions inherited from Aws::AmazonWebServiceRequest
 AmazonWebServiceRequest ()
 
virtual ~AmazonWebServiceRequest ()=default
 
virtual void AddQueryStringParameters (Aws::Http::URI &uri) const
 
virtual void PutToPresignedUrl (Aws::Http::URI &uri) const
 
virtual bool IsStreaming () const
 
virtual bool IsEventStreamRequest () const
 
virtual bool SignBody () const
 
virtual bool IsChunked () const
 
virtual void SetRequestSignedHandler (const RequestSignedHandler &handler)
 
virtual const RequestSignedHandlerGetRequestSignedHandler () const
 
const Aws::IOStreamFactoryGetResponseStreamFactory () const
 
void SetResponseStreamFactory (const Aws::IOStreamFactory &factory)
 
virtual void SetDataReceivedEventHandler (const Aws::Http::DataReceivedEventHandler &dataReceivedEventHandler)
 
virtual void SetDataSentEventHandler (const Aws::Http::DataSentEventHandler &dataSentEventHandler)
 
virtual void SetContinueRequestHandler (const Aws::Http::ContinueRequestHandler &continueRequestHandler)
 
virtual void SetDataReceivedEventHandler (Aws::Http::DataReceivedEventHandler &&dataReceivedEventHandler)
 
virtual void SetDataSentEventHandler (Aws::Http::DataSentEventHandler &&dataSentEventHandler)
 
virtual void SetContinueRequestHandler (Aws::Http::ContinueRequestHandler &&continueRequestHandler)
 
virtual void SetRequestRetryHandler (const RequestRetryHandler &handler)
 
virtual void SetRequestRetryHandler (RequestRetryHandler &&handler)
 
virtual const Aws::Http::DataReceivedEventHandlerGetDataReceivedEventHandler () const
 
virtual const Aws::Http::DataSentEventHandlerGetDataSentEventHandler () const
 
virtual const Aws::Http::ContinueRequestHandlerGetContinueRequestHandler () const
 
virtual const RequestRetryHandlerGetRequestRetryHandler () const
 
virtual bool ShouldComputeContentMd5 () const
 

Additional Inherited Members

- Protected Member Functions inherited from Aws::AmazonWebServiceRequest
virtual void DumpBodyToUrl (Aws::Http::URI &uri) const
 

Detailed Description

Definition at line 25 of file DecryptRequest.h.

Constructor & Destructor Documentation

◆ DecryptRequest()

Aws::KMS::Model::DecryptRequest::DecryptRequest ( )

Member Function Documentation

◆ AddEncryptionContext() [1/7]

DecryptRequest& Aws::KMS::Model::DecryptRequest::AddEncryptionContext ( const Aws::String key,
const Aws::String value 
)
inline

Specifies the encryption context to use when decrypting the data. An encryption context is valid only for cryptographic operations with a symmetric CMK. The standard asymmetric encryption algorithms that AWS KMS uses do not support an encryption context.

An encryption context is a collection of non-secret key-value pairs that represents additional authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact case-sensitive match) encryption context to decrypt the data. An encryption context is optional when encrypting with a symmetric CMK, but it is highly recommended.

For more information, see Encryption Context in the AWS Key Management Service Developer Guide.

Definition at line 189 of file DecryptRequest.h.

◆ AddEncryptionContext() [2/7]

DecryptRequest& Aws::KMS::Model::DecryptRequest::AddEncryptionContext ( Aws::String &&  key,
const Aws::String value 
)
inline

Specifies the encryption context to use when decrypting the data. An encryption context is valid only for cryptographic operations with a symmetric CMK. The standard asymmetric encryption algorithms that AWS KMS uses do not support an encryption context.

An encryption context is a collection of non-secret key-value pairs that represents additional authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact case-sensitive match) encryption context to decrypt the data. An encryption context is optional when encrypting with a symmetric CMK, but it is highly recommended.

For more information, see Encryption Context in the AWS Key Management Service Developer Guide.

Definition at line 206 of file DecryptRequest.h.

◆ AddEncryptionContext() [3/7]

DecryptRequest& Aws::KMS::Model::DecryptRequest::AddEncryptionContext ( const Aws::String key,
Aws::String &&  value 
)
inline

Specifies the encryption context to use when decrypting the data. An encryption context is valid only for cryptographic operations with a symmetric CMK. The standard asymmetric encryption algorithms that AWS KMS uses do not support an encryption context.

An encryption context is a collection of non-secret key-value pairs that represents additional authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact case-sensitive match) encryption context to decrypt the data. An encryption context is optional when encrypting with a symmetric CMK, but it is highly recommended.

For more information, see Encryption Context in the AWS Key Management Service Developer Guide.

Definition at line 223 of file DecryptRequest.h.

◆ AddEncryptionContext() [4/7]

DecryptRequest& Aws::KMS::Model::DecryptRequest::AddEncryptionContext ( Aws::String &&  key,
Aws::String &&  value 
)
inline

Specifies the encryption context to use when decrypting the data. An encryption context is valid only for cryptographic operations with a symmetric CMK. The standard asymmetric encryption algorithms that AWS KMS uses do not support an encryption context.

An encryption context is a collection of non-secret key-value pairs that represents additional authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact case-sensitive match) encryption context to decrypt the data. An encryption context is optional when encrypting with a symmetric CMK, but it is highly recommended.

For more information, see Encryption Context in the AWS Key Management Service Developer Guide.

Definition at line 240 of file DecryptRequest.h.

◆ AddEncryptionContext() [5/7]

DecryptRequest& Aws::KMS::Model::DecryptRequest::AddEncryptionContext ( const char *  key,
Aws::String &&  value 
)
inline

Specifies the encryption context to use when decrypting the data. An encryption context is valid only for cryptographic operations with a symmetric CMK. The standard asymmetric encryption algorithms that AWS KMS uses do not support an encryption context.

An encryption context is a collection of non-secret key-value pairs that represents additional authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact case-sensitive match) encryption context to decrypt the data. An encryption context is optional when encrypting with a symmetric CMK, but it is highly recommended.

For more information, see Encryption Context in the AWS Key Management Service Developer Guide.

Definition at line 257 of file DecryptRequest.h.

◆ AddEncryptionContext() [6/7]

DecryptRequest& Aws::KMS::Model::DecryptRequest::AddEncryptionContext ( Aws::String &&  key,
const char *  value 
)
inline

Specifies the encryption context to use when decrypting the data. An encryption context is valid only for cryptographic operations with a symmetric CMK. The standard asymmetric encryption algorithms that AWS KMS uses do not support an encryption context.

An encryption context is a collection of non-secret key-value pairs that represents additional authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact case-sensitive match) encryption context to decrypt the data. An encryption context is optional when encrypting with a symmetric CMK, but it is highly recommended.

For more information, see Encryption Context in the AWS Key Management Service Developer Guide.

Definition at line 274 of file DecryptRequest.h.

◆ AddEncryptionContext() [7/7]

DecryptRequest& Aws::KMS::Model::DecryptRequest::AddEncryptionContext ( const char *  key,
const char *  value 
)
inline

Specifies the encryption context to use when decrypting the data. An encryption context is valid only for cryptographic operations with a symmetric CMK. The standard asymmetric encryption algorithms that AWS KMS uses do not support an encryption context.

An encryption context is a collection of non-secret key-value pairs that represents additional authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact case-sensitive match) encryption context to decrypt the data. An encryption context is optional when encrypting with a symmetric CMK, but it is highly recommended.

For more information, see Encryption Context in the AWS Key Management Service Developer Guide.

Definition at line 291 of file DecryptRequest.h.

◆ AddGrantTokens() [1/3]

DecryptRequest& Aws::KMS::Model::DecryptRequest::AddGrantTokens ( const Aws::String value)
inline

A list of grant tokens.

For more information, see Grant Tokens in the AWS Key Management Service Developer Guide.

Definition at line 341 of file DecryptRequest.h.

◆ AddGrantTokens() [2/3]

DecryptRequest& Aws::KMS::Model::DecryptRequest::AddGrantTokens ( Aws::String &&  value)
inline

A list of grant tokens.

For more information, see Grant Tokens in the AWS Key Management Service Developer Guide.

Definition at line 348 of file DecryptRequest.h.

◆ AddGrantTokens() [3/3]

DecryptRequest& Aws::KMS::Model::DecryptRequest::AddGrantTokens ( const char *  value)
inline

A list of grant tokens.

For more information, see Grant Tokens in the AWS Key Management Service Developer Guide.

Definition at line 355 of file DecryptRequest.h.

◆ CiphertextBlobHasBeenSet()

bool Aws::KMS::Model::DecryptRequest::CiphertextBlobHasBeenSet ( ) const
inline

Ciphertext to be decrypted. The blob includes metadata.

Definition at line 49 of file DecryptRequest.h.

◆ EncryptionAlgorithmHasBeenSet()

bool Aws::KMS::Model::DecryptRequest::EncryptionAlgorithmHasBeenSet ( ) const
inline

Specifies the encryption algorithm that will be used to decrypt the ciphertext. Specify the same algorithm that was used to encrypt the data. If you specify a different algorithm, the Decrypt operation fails.

This parameter is required only when the ciphertext was encrypted under an asymmetric CMK. The default value, SYMMETRIC_DEFAULT, represents the only supported algorithm that is valid for symmetric CMKs.

Definition at line 561 of file DecryptRequest.h.

◆ EncryptionContextHasBeenSet()

bool Aws::KMS::Model::DecryptRequest::EncryptionContextHasBeenSet ( ) const
inline

Specifies the encryption context to use when decrypting the data. An encryption context is valid only for cryptographic operations with a symmetric CMK. The standard asymmetric encryption algorithms that AWS KMS uses do not support an encryption context.

An encryption context is a collection of non-secret key-value pairs that represents additional authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact case-sensitive match) encryption context to decrypt the data. An encryption context is optional when encrypting with a symmetric CMK, but it is highly recommended.

For more information, see Encryption Context in the AWS Key Management Service Developer Guide.

Definition at line 104 of file DecryptRequest.h.

◆ GetCiphertextBlob()

const Aws::Utils::ByteBuffer& Aws::KMS::Model::DecryptRequest::GetCiphertextBlob ( ) const
inline

Ciphertext to be decrypted. The blob includes metadata.

Definition at line 44 of file DecryptRequest.h.

◆ GetEncryptionAlgorithm()

const EncryptionAlgorithmSpec& Aws::KMS::Model::DecryptRequest::GetEncryptionAlgorithm ( ) const
inline

Specifies the encryption algorithm that will be used to decrypt the ciphertext. Specify the same algorithm that was used to encrypt the data. If you specify a different algorithm, the Decrypt operation fails.

This parameter is required only when the ciphertext was encrypted under an asymmetric CMK. The default value, SYMMETRIC_DEFAULT, represents the only supported algorithm that is valid for symmetric CMKs.

Definition at line 551 of file DecryptRequest.h.

◆ GetEncryptionContext()

const Aws::Map<Aws::String, Aws::String>& Aws::KMS::Model::DecryptRequest::GetEncryptionContext ( ) const
inline

Specifies the encryption context to use when decrypting the data. An encryption context is valid only for cryptographic operations with a symmetric CMK. The standard asymmetric encryption algorithms that AWS KMS uses do not support an encryption context.

An encryption context is a collection of non-secret key-value pairs that represents additional authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact case-sensitive match) encryption context to decrypt the data. An encryption context is optional when encrypting with a symmetric CMK, but it is highly recommended.

For more information, see Encryption Context in the AWS Key Management Service Developer Guide.

Definition at line 87 of file DecryptRequest.h.

◆ GetGrantTokens()

const Aws::Vector<Aws::String>& Aws::KMS::Model::DecryptRequest::GetGrantTokens ( ) const
inline

A list of grant tokens.

For more information, see Grant Tokens in the AWS Key Management Service Developer Guide.

Definition at line 299 of file DecryptRequest.h.

◆ GetKeyId()

const Aws::String& Aws::KMS::Model::DecryptRequest::GetKeyId ( ) const
inline

Specifies the customer master key (CMK) that AWS KMS will use to decrypt the ciphertext. Enter a key ID of the CMK that was used to encrypt the ciphertext.

If you specify a KeyId value, the Decrypt operation succeeds only if the specified CMK was used to encrypt the ciphertext.

This parameter is required only when the ciphertext was encrypted under an asymmetric CMK. Otherwise, AWS KMS uses the metadata that it adds to the ciphertext blob to determine which CMK was used to encrypt the ciphertext. However, you can use this parameter to ensure that a particular CMK (of any kind) is used to decrypt the ciphertext.

To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix it with "alias/".

For example:

  • Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab

  • Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab

  • Alias name: alias/ExampleAlias

  • Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias

To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

Definition at line 379 of file DecryptRequest.h.

◆ GetRequestSpecificHeaders()

Aws::Http::HeaderValueCollection Aws::KMS::Model::DecryptRequest::GetRequestSpecificHeaders ( ) const
overridevirtual

Reimplemented from Aws::KMS::KMSRequest.

◆ GetServiceRequestName()

virtual const char* Aws::KMS::Model::DecryptRequest::GetServiceRequestName ( ) const
inlineoverridevirtual

Implements Aws::AmazonWebServiceRequest.

Definition at line 34 of file DecryptRequest.h.

◆ GrantTokensHasBeenSet()

bool Aws::KMS::Model::DecryptRequest::GrantTokensHasBeenSet ( ) const
inline

A list of grant tokens.

For more information, see Grant Tokens in the AWS Key Management Service Developer Guide.

Definition at line 306 of file DecryptRequest.h.

◆ KeyIdHasBeenSet()

bool Aws::KMS::Model::DecryptRequest::KeyIdHasBeenSet ( ) const
inline

Specifies the customer master key (CMK) that AWS KMS will use to decrypt the ciphertext. Enter a key ID of the CMK that was used to encrypt the ciphertext.

If you specify a KeyId value, the Decrypt operation succeeds only if the specified CMK was used to encrypt the ciphertext.

This parameter is required only when the ciphertext was encrypted under an asymmetric CMK. Otherwise, AWS KMS uses the metadata that it adds to the ciphertext blob to determine which CMK was used to encrypt the ciphertext. However, you can use this parameter to ensure that a particular CMK (of any kind) is used to decrypt the ciphertext.

To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix it with "alias/".

For example:

  • Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab

  • Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab

  • Alias name: alias/ExampleAlias

  • Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias

To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

Definition at line 402 of file DecryptRequest.h.

◆ SerializePayload()

Aws::String Aws::KMS::Model::DecryptRequest::SerializePayload ( ) const
overridevirtual

Convert payload into String.

Implements Aws::AmazonSerializableWebServiceRequest.

◆ SetCiphertextBlob() [1/2]

void Aws::KMS::Model::DecryptRequest::SetCiphertextBlob ( const Aws::Utils::ByteBuffer value)
inline

Ciphertext to be decrypted. The blob includes metadata.

Definition at line 54 of file DecryptRequest.h.

◆ SetCiphertextBlob() [2/2]

void Aws::KMS::Model::DecryptRequest::SetCiphertextBlob ( Aws::Utils::ByteBuffer &&  value)
inline

Ciphertext to be decrypted. The blob includes metadata.

Definition at line 59 of file DecryptRequest.h.

◆ SetEncryptionAlgorithm() [1/2]

void Aws::KMS::Model::DecryptRequest::SetEncryptionAlgorithm ( const EncryptionAlgorithmSpec value)
inline

Specifies the encryption algorithm that will be used to decrypt the ciphertext. Specify the same algorithm that was used to encrypt the data. If you specify a different algorithm, the Decrypt operation fails.

This parameter is required only when the ciphertext was encrypted under an asymmetric CMK. The default value, SYMMETRIC_DEFAULT, represents the only supported algorithm that is valid for symmetric CMKs.

Definition at line 571 of file DecryptRequest.h.

◆ SetEncryptionAlgorithm() [2/2]

void Aws::KMS::Model::DecryptRequest::SetEncryptionAlgorithm ( EncryptionAlgorithmSpec &&  value)
inline

Specifies the encryption algorithm that will be used to decrypt the ciphertext. Specify the same algorithm that was used to encrypt the data. If you specify a different algorithm, the Decrypt operation fails.

This parameter is required only when the ciphertext was encrypted under an asymmetric CMK. The default value, SYMMETRIC_DEFAULT, represents the only supported algorithm that is valid for symmetric CMKs.

Definition at line 581 of file DecryptRequest.h.

◆ SetEncryptionContext() [1/2]

void Aws::KMS::Model::DecryptRequest::SetEncryptionContext ( const Aws::Map< Aws::String, Aws::String > &  value)
inline

Specifies the encryption context to use when decrypting the data. An encryption context is valid only for cryptographic operations with a symmetric CMK. The standard asymmetric encryption algorithms that AWS KMS uses do not support an encryption context.

An encryption context is a collection of non-secret key-value pairs that represents additional authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact case-sensitive match) encryption context to decrypt the data. An encryption context is optional when encrypting with a symmetric CMK, but it is highly recommended.

For more information, see Encryption Context in the AWS Key Management Service Developer Guide.

Definition at line 121 of file DecryptRequest.h.

◆ SetEncryptionContext() [2/2]

void Aws::KMS::Model::DecryptRequest::SetEncryptionContext ( Aws::Map< Aws::String, Aws::String > &&  value)
inline

Specifies the encryption context to use when decrypting the data. An encryption context is valid only for cryptographic operations with a symmetric CMK. The standard asymmetric encryption algorithms that AWS KMS uses do not support an encryption context.

An encryption context is a collection of non-secret key-value pairs that represents additional authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact case-sensitive match) encryption context to decrypt the data. An encryption context is optional when encrypting with a symmetric CMK, but it is highly recommended.

For more information, see Encryption Context in the AWS Key Management Service Developer Guide.

Definition at line 138 of file DecryptRequest.h.

◆ SetGrantTokens() [1/2]

void Aws::KMS::Model::DecryptRequest::SetGrantTokens ( const Aws::Vector< Aws::String > &  value)
inline

A list of grant tokens.

For more information, see Grant Tokens in the AWS Key Management Service Developer Guide.

Definition at line 313 of file DecryptRequest.h.

◆ SetGrantTokens() [2/2]

void Aws::KMS::Model::DecryptRequest::SetGrantTokens ( Aws::Vector< Aws::String > &&  value)
inline

A list of grant tokens.

For more information, see Grant Tokens in the AWS Key Management Service Developer Guide.

Definition at line 320 of file DecryptRequest.h.

◆ SetKeyId() [1/3]

void Aws::KMS::Model::DecryptRequest::SetKeyId ( const Aws::String value)
inline

Specifies the customer master key (CMK) that AWS KMS will use to decrypt the ciphertext. Enter a key ID of the CMK that was used to encrypt the ciphertext.

If you specify a KeyId value, the Decrypt operation succeeds only if the specified CMK was used to encrypt the ciphertext.

This parameter is required only when the ciphertext was encrypted under an asymmetric CMK. Otherwise, AWS KMS uses the metadata that it adds to the ciphertext blob to determine which CMK was used to encrypt the ciphertext. However, you can use this parameter to ensure that a particular CMK (of any kind) is used to decrypt the ciphertext.

To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix it with "alias/".

For example:

  • Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab

  • Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab

  • Alias name: alias/ExampleAlias

  • Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias

To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

Definition at line 425 of file DecryptRequest.h.

◆ SetKeyId() [2/3]

void Aws::KMS::Model::DecryptRequest::SetKeyId ( Aws::String &&  value)
inline

Specifies the customer master key (CMK) that AWS KMS will use to decrypt the ciphertext. Enter a key ID of the CMK that was used to encrypt the ciphertext.

If you specify a KeyId value, the Decrypt operation succeeds only if the specified CMK was used to encrypt the ciphertext.

This parameter is required only when the ciphertext was encrypted under an asymmetric CMK. Otherwise, AWS KMS uses the metadata that it adds to the ciphertext blob to determine which CMK was used to encrypt the ciphertext. However, you can use this parameter to ensure that a particular CMK (of any kind) is used to decrypt the ciphertext.

To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix it with "alias/".

For example:

  • Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab

  • Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab

  • Alias name: alias/ExampleAlias

  • Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias

To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

Definition at line 448 of file DecryptRequest.h.

◆ SetKeyId() [3/3]

void Aws::KMS::Model::DecryptRequest::SetKeyId ( const char *  value)
inline

Specifies the customer master key (CMK) that AWS KMS will use to decrypt the ciphertext. Enter a key ID of the CMK that was used to encrypt the ciphertext.

If you specify a KeyId value, the Decrypt operation succeeds only if the specified CMK was used to encrypt the ciphertext.

This parameter is required only when the ciphertext was encrypted under an asymmetric CMK. Otherwise, AWS KMS uses the metadata that it adds to the ciphertext blob to determine which CMK was used to encrypt the ciphertext. However, you can use this parameter to ensure that a particular CMK (of any kind) is used to decrypt the ciphertext.

To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix it with "alias/".

For example:

  • Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab

  • Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab

  • Alias name: alias/ExampleAlias

  • Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias

To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

Definition at line 471 of file DecryptRequest.h.

◆ WithCiphertextBlob() [1/2]

DecryptRequest& Aws::KMS::Model::DecryptRequest::WithCiphertextBlob ( const Aws::Utils::ByteBuffer value)
inline

Ciphertext to be decrypted. The blob includes metadata.

Definition at line 64 of file DecryptRequest.h.

◆ WithCiphertextBlob() [2/2]

DecryptRequest& Aws::KMS::Model::DecryptRequest::WithCiphertextBlob ( Aws::Utils::ByteBuffer &&  value)
inline

Ciphertext to be decrypted. The blob includes metadata.

Definition at line 69 of file DecryptRequest.h.

◆ WithEncryptionAlgorithm() [1/2]

DecryptRequest& Aws::KMS::Model::DecryptRequest::WithEncryptionAlgorithm ( const EncryptionAlgorithmSpec value)
inline

Specifies the encryption algorithm that will be used to decrypt the ciphertext. Specify the same algorithm that was used to encrypt the data. If you specify a different algorithm, the Decrypt operation fails.

This parameter is required only when the ciphertext was encrypted under an asymmetric CMK. The default value, SYMMETRIC_DEFAULT, represents the only supported algorithm that is valid for symmetric CMKs.

Definition at line 591 of file DecryptRequest.h.

◆ WithEncryptionAlgorithm() [2/2]

DecryptRequest& Aws::KMS::Model::DecryptRequest::WithEncryptionAlgorithm ( EncryptionAlgorithmSpec &&  value)
inline

Specifies the encryption algorithm that will be used to decrypt the ciphertext. Specify the same algorithm that was used to encrypt the data. If you specify a different algorithm, the Decrypt operation fails.

This parameter is required only when the ciphertext was encrypted under an asymmetric CMK. The default value, SYMMETRIC_DEFAULT, represents the only supported algorithm that is valid for symmetric CMKs.

Definition at line 601 of file DecryptRequest.h.

◆ WithEncryptionContext() [1/2]

DecryptRequest& Aws::KMS::Model::DecryptRequest::WithEncryptionContext ( const Aws::Map< Aws::String, Aws::String > &  value)
inline

Specifies the encryption context to use when decrypting the data. An encryption context is valid only for cryptographic operations with a symmetric CMK. The standard asymmetric encryption algorithms that AWS KMS uses do not support an encryption context.

An encryption context is a collection of non-secret key-value pairs that represents additional authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact case-sensitive match) encryption context to decrypt the data. An encryption context is optional when encrypting with a symmetric CMK, but it is highly recommended.

For more information, see Encryption Context in the AWS Key Management Service Developer Guide.

Definition at line 155 of file DecryptRequest.h.

◆ WithEncryptionContext() [2/2]

DecryptRequest& Aws::KMS::Model::DecryptRequest::WithEncryptionContext ( Aws::Map< Aws::String, Aws::String > &&  value)
inline

Specifies the encryption context to use when decrypting the data. An encryption context is valid only for cryptographic operations with a symmetric CMK. The standard asymmetric encryption algorithms that AWS KMS uses do not support an encryption context.

An encryption context is a collection of non-secret key-value pairs that represents additional authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact case-sensitive match) encryption context to decrypt the data. An encryption context is optional when encrypting with a symmetric CMK, but it is highly recommended.

For more information, see Encryption Context in the AWS Key Management Service Developer Guide.

Definition at line 172 of file DecryptRequest.h.

◆ WithGrantTokens() [1/2]

DecryptRequest& Aws::KMS::Model::DecryptRequest::WithGrantTokens ( const Aws::Vector< Aws::String > &  value)
inline

A list of grant tokens.

For more information, see Grant Tokens in the AWS Key Management Service Developer Guide.

Definition at line 327 of file DecryptRequest.h.

◆ WithGrantTokens() [2/2]

DecryptRequest& Aws::KMS::Model::DecryptRequest::WithGrantTokens ( Aws::Vector< Aws::String > &&  value)
inline

A list of grant tokens.

For more information, see Grant Tokens in the AWS Key Management Service Developer Guide.

Definition at line 334 of file DecryptRequest.h.

◆ WithKeyId() [1/3]

DecryptRequest& Aws::KMS::Model::DecryptRequest::WithKeyId ( const Aws::String value)
inline

Specifies the customer master key (CMK) that AWS KMS will use to decrypt the ciphertext. Enter a key ID of the CMK that was used to encrypt the ciphertext.

If you specify a KeyId value, the Decrypt operation succeeds only if the specified CMK was used to encrypt the ciphertext.

This parameter is required only when the ciphertext was encrypted under an asymmetric CMK. Otherwise, AWS KMS uses the metadata that it adds to the ciphertext blob to determine which CMK was used to encrypt the ciphertext. However, you can use this parameter to ensure that a particular CMK (of any kind) is used to decrypt the ciphertext.

To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix it with "alias/".

For example:

  • Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab

  • Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab

  • Alias name: alias/ExampleAlias

  • Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias

To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

Definition at line 494 of file DecryptRequest.h.

◆ WithKeyId() [2/3]

DecryptRequest& Aws::KMS::Model::DecryptRequest::WithKeyId ( Aws::String &&  value)
inline

Specifies the customer master key (CMK) that AWS KMS will use to decrypt the ciphertext. Enter a key ID of the CMK that was used to encrypt the ciphertext.

If you specify a KeyId value, the Decrypt operation succeeds only if the specified CMK was used to encrypt the ciphertext.

This parameter is required only when the ciphertext was encrypted under an asymmetric CMK. Otherwise, AWS KMS uses the metadata that it adds to the ciphertext blob to determine which CMK was used to encrypt the ciphertext. However, you can use this parameter to ensure that a particular CMK (of any kind) is used to decrypt the ciphertext.

To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix it with "alias/".

For example:

  • Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab

  • Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab

  • Alias name: alias/ExampleAlias

  • Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias

To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

Definition at line 517 of file DecryptRequest.h.

◆ WithKeyId() [3/3]

DecryptRequest& Aws::KMS::Model::DecryptRequest::WithKeyId ( const char *  value)
inline

Specifies the customer master key (CMK) that AWS KMS will use to decrypt the ciphertext. Enter a key ID of the CMK that was used to encrypt the ciphertext.

If you specify a KeyId value, the Decrypt operation succeeds only if the specified CMK was used to encrypt the ciphertext.

This parameter is required only when the ciphertext was encrypted under an asymmetric CMK. Otherwise, AWS KMS uses the metadata that it adds to the ciphertext blob to determine which CMK was used to encrypt the ciphertext. However, you can use this parameter to ensure that a particular CMK (of any kind) is used to decrypt the ciphertext.

To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix it with "alias/".

For example:

  • Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab

  • Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab

  • Alias name: alias/ExampleAlias

  • Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias

To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

Definition at line 540 of file DecryptRequest.h.


The documentation for this class was generated from the following file: