Key Management Service API, gRPC: SymmetricCryptoService.ReEncrypt
Re-encrypts a ciphertext with the specified KMS key.
gRPC request
rpc ReEncrypt (SymmetricReEncryptRequest) returns (SymmetricReEncryptResponse)
SymmetricReEncryptRequest
{
"keyId": "string",
"versionId": "string",
"aadContext": "bytes",
"sourceKeyId": "string",
"sourceAadContext": "bytes",
"ciphertext": "bytes"
}
Field |
Description |
keyId |
string Required field. ID of the new key to be used for encryption. |
versionId |
string ID of the version of the new key to be used for encryption. |
aadContext |
bytes Additional authenticated data to be required for decryption. |
sourceKeyId |
string Required field. ID of the key that the ciphertext is currently encrypted with. May be the same as for the new key. |
sourceAadContext |
bytes Additional authenticated data provided with the initial encryption request. |
ciphertext |
bytes Required field. Ciphertext to re-encrypt. |
SymmetricReEncryptResponse
{
"keyId": "string",
"versionId": "string",
"sourceKeyId": "string",
"sourceVersionId": "string",
"ciphertext": "bytes"
}
Field |
Description |
keyId |
string ID of the key that the ciphertext is encrypted with now. |
versionId |
string ID of key version that was used for encryption. |
sourceKeyId |
string ID of the key that the ciphertext was encrypted with previously. |
sourceVersionId |
string ID of the key version that was used to decrypt the re-encrypted ciphertext. |
ciphertext |
bytes Resulting re-encrypted ciphertext. |