<p class="shortdesc"></p> <section class="section" id="IMPORTKEYMATERIAL__section_hv1_f2j_mlb"><h2 class="doc-tairway">ImportKeyMaterial </h2> <p class="p"><strong class="ph b">Description</strong></p> <p class="p">When you call CreateKey to create a customer master key (CMK), select EXTERNAL as the key material origin. Then you can use the ImportKeyMaterial API to import key material into that CMK. The status of the CMK before importing must be pending import. </p> <div class="note note note_note"><span class="note__title">Note:</span> <ol class="ol" id="IMPORTKEYMATERIAL__ol_mnq_ddj_mlb"> <li class="li">Before importing the key material into a CMK, you need to call GetParametersForImport to get the parameters for importing the key material, namely the public key used to encrypt the key material and the import token; </li> <li class="li">The key material you import must be a 256-bit symmetric key; </li> <li class="li">You can set an expiration time for the key material when you import it, or set it to never expire; </li> <li class="li">You can reimport the key material for a specified CMK at any time, and reset the expiration time. However, you must reimport the same key material. You cannot change the key material for a specified CMK; </li> <li class="li">If the imported key material expires or is deleted, you cannot use the specified CMK. To use that CMK, you need to reimport the same key material; </li> <li class="li">You can import the same key material into different CMKs. You cannot, however, use one CMK to decrypt data or data keys encrypted under another CMK. </li> </ol> </div> <p class="p"><strong class="ph b">Request Parameters</strong></p> <table class="table" id="IMPORTKEYMATERIAL__table_nnq_ddj_mlb"><caption></caption><colgroup><col><col><col><col></colgroup><thead class="thead"> <tr class="row"> <th class="entry" id="IMPORTKEYMATERIAL__table_nnq_ddj_mlb__entry__1">Name </th> <th class="entry" id="IMPORTKEYMATERIAL__table_nnq_ddj_mlb__entry__2">Type </th> <th class="entry" id="IMPORTKEYMATERIAL__table_nnq_ddj_mlb__entry__3">Necessary or Not </th> <th class="entry" id="IMPORTKEYMATERIAL__table_nnq_ddj_mlb__entry__4">Description </th> </tr> </thead><tbody class="tbody"> <tr class="row"> <td class="entry" headers="IMPORTKEYMATERIAL__table_nnq_ddj_mlb__entry__1 "> <p class="p">encryptedKeyMaterial </p> </td> <td class="entry" headers="IMPORTKEYMATERIAL__table_nnq_ddj_mlb__entry__2 "> <p class="p">String </p> </td> <td class="entry" headers="IMPORTKEYMATERIAL__table_nnq_ddj_mlb__entry__3 "> <p class="p">Yes </p> </td> <td class="entry" headers="IMPORTKEYMATERIAL__table_nnq_ddj_mlb__entry__4 "> <p class="p">Encrypted key material in hexadecimal. </p> </td> </tr> <tr class="row"> <td class="entry" headers="IMPORTKEYMATERIAL__table_nnq_ddj_mlb__entry__1 "> <p class="p">importToken </p> </td> <td class="entry" headers="IMPORTKEYMATERIAL__table_nnq_ddj_mlb__entry__2 "> <p class="p">String </p> </td> <td class="entry" headers="IMPORTKEYMATERIAL__table_nnq_ddj_mlb__entry__3 "> <p class="p">Yes </p> </td> <td class="entry" headers="IMPORTKEYMATERIAL__table_nnq_ddj_mlb__entry__4 "> <p class="p">Import token obtained by calling GetParametersForImport. </p> </td> </tr> <tr class="row"> <td class="entry" headers="IMPORTKEYMATERIAL__table_nnq_ddj_mlb__entry__1 "> <p class="p">keyMaterialExpireUnix </p> </td> <td class="entry" headers="IMPORTKEYMATERIAL__table_nnq_ddj_mlb__entry__2 "> <p class="p">Timestamp </p> </td> <td class="entry" headers="IMPORTKEYMATERIAL__table_nnq_ddj_mlb__entry__3 "> <p class="p">No </p> </td> <td class="entry" headers="IMPORTKEYMATERIAL__table_nnq_ddj_mlb__entry__4 "> <p class="p">Expiration time of the key material. </p> <p class="p">If you do not specify this parameter, or the value is 0, the key material never expires. </p> <p class="p">This value cannot be set earlier than the time you send the API call (server time). </p> </td> </tr> </tbody></table> <p class="p"><strong class="ph b">Return Parameters</strong></p> <table class="table" id="IMPORTKEYMATERIAL__table_onq_ddj_mlb"><caption></caption><colgroup><col><col><col></colgroup><thead class="thead"> <tr class="row"> <th class="entry" id="IMPORTKEYMATERIAL__table_onq_ddj_mlb__entry__1">Name </th> <th class="entry" id="IMPORTKEYMATERIAL__table_onq_ddj_mlb__entry__2">Type </th> <th class="entry" id="IMPORTKEYMATERIAL__table_onq_ddj_mlb__entry__3">Description </th> </tr> </thead><tbody class="tbody"> <tr class="row"> <td class="entry" headers="IMPORTKEYMATERIAL__table_onq_ddj_mlb__entry__1 "> <p class="p">code </p> </td> <td class="entry" headers="IMPORTKEYMATERIAL__table_onq_ddj_mlb__entry__2 "> <p class="p">String </p> </td> <td class="entry" headers="IMPORTKEYMATERIAL__table_onq_ddj_mlb__entry__3 "> <p class="p">Return code. “SUCCESS” will be returned if the request is succeeded. </p> </td> </tr> <tr class="row"> <td class="entry" headers="IMPORTKEYMATERIAL__table_onq_ddj_mlb__entry__1 "> <p class="p">requestId </p> </td> <td class="entry" headers="IMPORTKEYMATERIAL__table_onq_ddj_mlb__entry__2 "> <p class="p">String </p> </td> <td class="entry" headers="IMPORTKEYMATERIAL__table_onq_ddj_mlb__entry__3 "> <p class="p">ID of the current request. </p> </td> </tr> </tbody></table> <p class="p"><strong class="ph b">Request Example</strong></p> <pre class="pre codeblock"><code>https://kms-cn-shanghai.yun.pingan.com/?action=ImportKeyMaterial &importToken=<your import token> &encryptedKeyMaterial=<your encrypted key material> &keyMaterialExpireUnix=1543911476027 &<公共请求参数> </code></pre> <p class="p"><strong class="ph b">Return Example</strong></p> <pre class="pre codeblock"><code>{       "code": "SUCCESS",       "requestId": "be536733-a5e5-4a7e-92c6-395ce37830fc" } </code></pre> </section>