Skip to content

/AWS1/CL_KMSGENERATERANDOMRSP

GenerateRandomResponse

CONSTRUCTOR

IMPORTING

Optional arguments:

iv_plaintext TYPE /AWS1/KMSPLAINTEXTTYPE /AWS1/KMSPLAINTEXTTYPE

The random byte string. When you use the HTTP API or the Amazon Web Services CLI, the value is Base64-encoded. Otherwise, it is not Base64-encoded.

If the response includes the CiphertextForRecipient field, the Plaintext field is null or empty.

iv_ciphertextforrecipient TYPE /AWS1/KMSCIPHERTEXTTYPE /AWS1/KMSCIPHERTEXTTYPE

The plaintext random bytes encrypted with the public key from the attestation document. This ciphertext can be decrypted only by using a private key from the attested environment.

This field is included in the response only when the Recipient parameter in the request includes a valid attestation document from an Amazon Web Services Nitro enclave or NitroTPM. For information about the interaction between KMS and Amazon Web Services Nitro Enclaves or Amazon Web Services NitroTPM, see Cryptographic attestation support in KMS in the Key Management Service Developer Guide.

Queryable Attributes

Plaintext

The random byte string. When you use the HTTP API or the Amazon Web Services CLI, the value is Base64-encoded. Otherwise, it is not Base64-encoded.

If the response includes the CiphertextForRecipient field, the Plaintext field is null or empty.

Accessible with the following methods

Method Description
GET_PLAINTEXT() Getter for PLAINTEXT, with configurable default
ASK_PLAINTEXT() Getter for PLAINTEXT w/ exceptions if field has no value
HAS_PLAINTEXT() Determine if PLAINTEXT has a value

CiphertextForRecipient

The plaintext random bytes encrypted with the public key from the attestation document. This ciphertext can be decrypted only by using a private key from the attested environment.

This field is included in the response only when the Recipient parameter in the request includes a valid attestation document from an Amazon Web Services Nitro enclave or NitroTPM. For information about the interaction between KMS and Amazon Web Services Nitro Enclaves or Amazon Web Services NitroTPM, see Cryptographic attestation support in KMS in the Key Management Service Developer Guide.

Accessible with the following methods

Method Description
GET_CIPHERTEXTFORRECIPIENT() Getter for CIPHERTEXTFORRECIPIENT, with configurable default
ASK_CIPHERTEXTFORRECIPIENT() Getter for CIPHERTEXTFORRECIPIENT w/ exceptions if field has
HAS_CIPHERTEXTFORRECIPIENT() Determine if CIPHERTEXTFORRECIPIENT has a value