3.1.5.1.1.1 Request Body

RollTransportKey handles the unwrapping of a TransportKey from a Protector by this KPS, as well as the generation of a new TransportKey and corresponding Protector for use in subsequent serialization of the object. The resulting new key protector will be owned by the original Owner, and Key Protection Service will be the Guardian

The request body for this method contains the following as defined in section 2.2.2.1.

Entry

Type

HealthCertificate

A certificate in X.509 format that is converted to a base64-encoded string.

IngressProtector

Entire ingress protector as serialized to a file (UTF-8 format, for example) and converted into a base64-encoded string.

TransferKeyEncryptionAlgorithm

The algorithm used to encrypt the wrapping key's transfer key defined in section 2.2.3.3.

WrappingKeyEncryptAlgorithm

The algorithm used to encrypt the wrapping key defined in section 2.2.3.4.

TransportKeyEncryptAlgorithm

The algorithm used to encrypt the transport key defined in section 2.2.3.5.