AWS SDK Version 4 for .NET
API Reference

AWS services or capabilities described in AWS Documentation may vary by region/location. Click Getting Started with Amazon AWS to see specific differences applicable to the China (Beijing) Region.

This is the response object from the GenerateRandom operation.

Inheritance Hierarchy

System.Object
  Amazon.Runtime.AmazonWebServiceResponse
    Amazon.KeyManagementService.Model.GenerateRandomResponse

Namespace: Amazon.KeyManagementService.Model
Assembly: AWSSDK.KeyManagementService.dll
Version: 3.x.y.z

Syntax

C# 
public class GenerateRandomResponse : AmazonWebServiceResponse

The GenerateRandomResponse type exposes the following members

Constructors

NameDescription
Public Method GenerateRandomResponse()

Properties

NameTypeDescription
Public Property CiphertextForRecipient System.IO.MemoryStream

Gets and sets the property CiphertextForRecipient.

The plaintext random bytes encrypted with the public key from the attestation document. This ciphertext can be decrypted only by using a private key from the attested environment.

This field is included in the response only when the Recipient parameter in the request includes a valid attestation document from an Amazon Web Services Nitro enclave or NitroTPM. For information about the interaction between KMS and Amazon Web Services Nitro Enclaves or Amazon Web Services NitroTPM, see Cryptographic attestation support in KMS in the Key Management Service Developer Guide.

Public Property ContentLength System.Int64 Inherited from Amazon.Runtime.AmazonWebServiceResponse.
Public Property HttpStatusCode System.Net.HttpStatusCode Inherited from Amazon.Runtime.AmazonWebServiceResponse.
Public Property Plaintext System.IO.MemoryStream

Gets and sets the property Plaintext.

The random byte string. When you use the HTTP API or the Amazon Web Services CLI, the value is Base64-encoded. Otherwise, it is not Base64-encoded.

If the response includes the CiphertextForRecipient field, the Plaintext field is null or empty.

Public Property ResponseMetadata Amazon.Runtime.ResponseMetadata Inherited from Amazon.Runtime.AmazonWebServiceResponse.

Examples

The following example generates 32 bytes of random data.

To generate random data


var client = new AmazonKeyManagementServiceClient();
var response = client.GenerateRandom(new GenerateRandomRequest 
{
    NumberOfBytes = 32 // The length of the random data, specified in number of bytes.
});

MemoryStream plaintext = response.Plaintext; // The random data.

The following example includes the Recipient parameter with a signed attestation document from an AWS Nitro enclave or NitroTPM. Instead of returning a plaintext (unencrypted) byte string, GenerateRandom returns the byte string encrypted by the public key from the attestation document.

To generate random data for a Nitro enclave or NitroTPM


var client = new AmazonKeyManagementServiceClient();
var response = client.GenerateRandom(new GenerateRandomRequest 
{
    NumberOfBytes = 1024, // The length of the random byte string
    Recipient = new RecipientInfo {
        AttestationDocument = new MemoryStream(<attestation document>),
        KeyEncryptionAlgorithm = "RSAES_OAEP_SHA_256"
    } // Specifies the attestation document from the Nitro enclave or NitroTPM and the encryption algorithm to use with the public key from the attestation document
});

MemoryStream ciphertextForRecipient = response.CiphertextForRecipient; // The random data encrypted under the public key from the attestation document
MemoryStream plaintext = response.Plaintext; // This field is null or empty

Version Information

.NET:
Supported in: 8.0 and newer, Core 3.1

.NET Standard:
Supported in: 2.0

.NET Framework:
Supported in: 4.7.2 and newer