3.1.5.1.1.1 Request Body
RollTransportKey handles the unwrapping of a TransportKey from a Protector by this KPS, as well as the generation of a new TransportKey and corresponding Protector for use in subsequent serialization of the object. The resulting new key protector will be owned by the original Owner, and Key Protection Service will be the Guardian.
The request body for this method contains the following as defined in section 2.2.2.1.
|
Entry |
Type |
|---|---|
|
HealthCertificate |
A certificate in X.509 format that is converted to a base64-encoded string. |
|
IngressProtector |
Entire ingress protector as serialized to a file (UTF-8 format, for example) and converted into a base64-encoded string. |
|
TransferKeyEncryptionAlgorithm |
The algorithm used to encrypt the wrapping key's transfer key defined in section 2.2.3.3. |
|
WrappingKeyEncryptAlgorithm |
The algorithm used to encrypt the wrapping key defined in section 2.2.3.4. |
|
TransportKeyEncryptAlgorithm |
The algorithm used to encrypt the transport key defined in section 2.2.3.5. |