Key Management Service API, REST: SymmetricCrypto.reEncrypt
Re-encrypts a ciphertext with the specified KMS key.
HTTP request
POST https://kms.api.cloud.yandex.net/kms/v1/keys/{keyId}:reEncrypt
Path parameters
Parameter | Description |
---|---|
keyId | Required. ID of the new key to be used for encryption. The maximum string length in characters is 50. |
Body parameters
{
"versionId": "string",
"aadContext": "string",
"sourceKeyId": "string",
"sourceAadContext": "string",
"ciphertext": "string"
}
Field | Description |
---|---|
versionId | string ID of the version of the new key to be used for encryption. Defaults to the primary version if not specified. The maximum string length in characters is 50. |
aadContext | string (byte) Additional authenticated data to be required for decryption. Should be encoded with base64. The maximum string length in characters is 8192. |
sourceKeyId | string Required. ID of the key that the ciphertext is currently encrypted with. May be the same as for the new key. The maximum string length in characters is 50. |
sourceAadContext | string (byte) Additional authenticated data provided with the initial encryption request. Should be encoded with base64. The maximum string length in characters is 8192. |
ciphertext | string (byte) Required. Ciphertext to re-encrypt. Should be encoded with base64. |
Response
HTTP Code: 200 - OK
{
"keyId": "string",
"versionId": "string",
"sourceKeyId": "string",
"sourceVersionId": "string",
"ciphertext": "string"
}
Field | Description |
---|---|
keyId | string ID of the key that the ciphertext is encrypted with now. |
versionId | string ID of key version that was used for encryption. |
sourceKeyId | string ID of the key that the ciphertext was encrypted with previously. |
sourceVersionId | string ID of the key version that was used to decrypt the re-encrypted ciphertext. |
ciphertext | string (byte) Resulting re-encrypted ciphertext. |