Amazon Payment Cryptography · JSON Structure

Openapi Export Tr34 Key Block Structure

Parameter information for key material export using TR-34 standard.

Type: object Properties: 5 Required: 4
CryptographyFinancial ServicesPayment ProcessingPCI

ExportTr34KeyBlock is a JSON Structure definition published by Amazon Payment Cryptography, describing 5 properties, of which 4 are required. It conforms to the https://json-structure.org/meta/core/v0/# meta-schema.

Properties

CertificateAuthorityPublicKeyIdentifier ExportToken KeyBlockFormat RandomNonce WrappingKeyCertificate

Meta-schema: https://json-structure.org/meta/core/v0/#

JSON Structure

Raw ↑ 
{
  "$schema": "https://json-structure.org/meta/core/v0/#",
  "$id": "https://raw.githubusercontent.com/api-evangelist/amazon-payment-cryptography/refs/heads/main/json-structure/openapi-export-tr34-key-block-structure.json",
  "name": "ExportTr34KeyBlock",
  "description": "Parameter information for key material export using TR-34 standard.",
  "type": "object",
  "properties": {
    "CertificateAuthorityPublicKeyIdentifier": {
      "allOf": [
        {
          "$ref": "#/components/schemas/KeyArnOrKeyAliasType"
        },
        {
          "description": "The <code>KeyARN</code> of the certificate chain that signs the wrapping key certificate during TR-34 key export."
        }
      ]
    },
    "ExportToken": {
      "allOf": [
        {
          "$ref": "#/components/schemas/ExportTokenId"
        },
        {
          "description": "The export token to initiate key export from Amazon Web Services Payment Cryptography. It also contains the signing key certificate that will sign the wrapped key during TR-34 key block generation. Call <a>GetParametersForExport</a> to receive an export token. It expires after 7 days. You can use the same export token to export multiple keys from the same service account."
        }
      ]
    },
    "KeyBlockFormat": {
      "allOf": [
        {
          "$ref": "#/components/schemas/Tr34KeyBlockFormat"
        },
        {
          "description": "The format of key block that Amazon Web Services Payment Cryptography will use during key export."
        }
      ]
    },
    "RandomNonce": {
      "allOf": [
        {
          "$ref": "#/components/schemas/HexLength16"
        },
        {
          "description": "A random number value that is unique to the TR-34 key block generated using 2 pass. The operation will fail, if a random nonce value is not provided for a TR-34 key block generated using 2 pass."
        }
      ]
    },
    "WrappingKeyCertificate": {
      "allOf": [
        {
          "$ref": "#/components/schemas/CertificateType"
        },
        {
          "description": "The <code>KeyARN</code> of the wrapping key certificate. Amazon Web Services Payment Cryptography uses this certificate to wrap the key under export."
        }
      ]
    }
  },
  "required": [
    "CertificateAuthorityPublicKeyIdentifier",
    "ExportToken",
    "KeyBlockFormat",
    "WrappingKeyCertificate"
  ]
}