平安云 - 云以致用智造未来

创建主密钥

<section class="section" id="CreateCMK__section_y35_dx3_mlb"><h2 class="doc-tairway">创建密钥：CreateCmk</h2> 描述 创建用户主密钥（Customer Master Key， CMK）。主密钥可以直接用来对小包数据进行加密（一般小于4KB），同时也用来产生数据密钥（DataKey，DK），该数据密钥可用来对本地大量磁盘数据进行加解密操作。 请求参数 <table class="table" id="CreateCMK__table_yp3_fx3_mlb"><caption></caption><colgroup><col><col><col><col></colgroup><thead class="thead"> <tr class="row"> <th class="entry" id="CreateCMK__table_yp3_fx3_mlb__entry__1"> 名称 </th> <th class="entry" id="CreateCMK__table_yp3_fx3_mlb__entry__2"> 类型 </th> <th class="entry" id="CreateCMK__table_yp3_fx3_mlb__entry__3"> 是否必需 </th> <th class="entry" id="CreateCMK__table_yp3_fx3_mlb__entry__4"> 描述 </th> </tr> </thead><tbody class="tbody"> <tr class="row"> <td class="entry" headers="CreateCMK__table_yp3_fx3_mlb__entry__1 "> description </td> <td class="entry" headers="CreateCMK__table_yp3_fx3_mlb__entry__2 "> String </td> <td class="entry" headers="CreateCMK__table_yp3_fx3_mlb__entry__3 "> 否 </td> <td class="entry" headers="CreateCMK__table_yp3_fx3_mlb__entry__4 "> 密钥的描述 </td> </tr> <tr class="row"> <td class="entry" headers="CreateCMK__table_yp3_fx3_mlb__entry__1 "> keyUsage </td> <td class="entry" headers="CreateCMK__table_yp3_fx3_mlb__entry__2 "> Integer </td> <td class="entry" headers="CreateCMK__table_yp3_fx3_mlb__entry__3 "> 是 </td> <td class="entry" headers="CreateCMK__table_yp3_fx3_mlb__entry__4 "> 密钥用途。目前该版本仅支持值为0，默认传0。注：（0："ENCRYPT/DECRYPT"） </td> </tr> <tr class="row"> <td class="entry" headers="CreateCMK__table_yp3_fx3_mlb__entry__1 "> alias </td> <td class="entry" headers="CreateCMK__table_yp3_fx3_mlb__entry__2 "> String </td> <td class="entry" headers="CreateCMK__table_yp3_fx3_mlb__entry__3 "> 是 </td> <td class="entry" headers="CreateCMK__table_yp3_fx3_mlb__entry__4 "> 密钥名称。注：唯一，不能重复 </td> </tr> <tr class="row"> <td class="entry" headers="CreateCMK__table_yp3_fx3_mlb__entry__1 "> algorithm </td> <td class="entry" headers="CreateCMK__table_yp3_fx3_mlb__entry__2 "> String </td> <td class="entry" headers="CreateCMK__table_yp3_fx3_mlb__entry__3 "> 是 </td> <td class="entry" headers="CreateCMK__table_yp3_fx3_mlb__entry__4 "> 加密算法。默认RSA（国际标准支持：RSA，国密标准支持SM2） </td> </tr> <tr class="row"> <td class="entry" headers="CreateCMK__table_yp3_fx3_mlb__entry__1 "> origin </td> <td class="entry" headers="CreateCMK__table_yp3_fx3_mlb__entry__2 "> Integer </td> <td class="entry" headers="CreateCMK__table_yp3_fx3_mlb__entry__3 "> 是 </td> <td class="entry" headers="CreateCMK__table_yp3_fx3_mlb__entry__4 "> 密钥材料来源。支持平安云KMS平台产生、外部导入两种来源。注：（0： "平台产生"),(1："外部导入") </td> </tr> </tbody></table> 返回参数 <table class="table" id="CreateCMK__table_zp3_fx3_mlb"><caption></caption><colgroup><col><col><col></colgroup><thead class="thead"> <tr class="row"> <th class="entry" id="CreateCMK__table_zp3_fx3_mlb__entry__1"> 名称 </th> <th class="entry" id="CreateCMK__table_zp3_fx3_mlb__entry__2"> 类型 </th> <th class="entry" id="CreateCMK__table_zp3_fx3_mlb__entry__3"> 描述 </th> </tr> </thead><tbody class="tbody"> <tr class="row"> <td class="entry" headers="CreateCMK__table_zp3_fx3_mlb__entry__1 "> code </td> <td class="entry" headers="CreateCMK__table_zp3_fx3_mlb__entry__2 "> String </td> <td class="entry" headers="CreateCMK__table_zp3_fx3_mlb__entry__3 "> 返回码，成功返回"SUCCESS" </td> </tr> <tr class="row"> <td class="entry" headers="CreateCMK__table_zp3_fx3_mlb__entry__1 "> keyMetadata </td> <td class="entry" headers="CreateCMK__table_zp3_fx3_mlb__entry__2 "> KeyMetadata </td> <td class="entry" headers="CreateCMK__table_zp3_fx3_mlb__entry__3 "> 返回密钥信息 </td> </tr> <tr class="row"> <td class="entry" headers="CreateCMK__table_zp3_fx3_mlb__entry__1 "> requestId </td> <td class="entry" headers="CreateCMK__table_zp3_fx3_mlb__entry__2 "> String </td> <td class="entry" headers="CreateCMK__table_zp3_fx3_mlb__entry__3 "> 当前请求Id </td> </tr> </tbody></table> KeyMetadata <table class="table" id="CreateCMK__table_aq3_fx3_mlb"><caption></caption><colgroup><col><col><col></colgroup><thead class="thead"> <tr class="row"> <th class="entry" id="CreateCMK__table_aq3_fx3_mlb__entry__1"> 名称 </th> <th class="entry" id="CreateCMK__table_aq3_fx3_mlb__entry__2"> 类型 </th> <th class="entry" id="CreateCMK__table_aq3_fx3_mlb__entry__3"> 描述 </th> </tr> </thead><tbody class="tbody"> <tr class="row"> <td class="entry" headers="CreateCMK__table_aq3_fx3_mlb__entry__1 "> keyId </td> <td class="entry" headers="CreateCMK__table_aq3_fx3_mlb__entry__2 "> String </td> <td class="entry" headers="CreateCMK__table_aq3_fx3_mlb__entry__3 "> 密钥的全局唯一标识符 </td> </tr> <tr class="row"> <td class="entry" headers="CreateCMK__table_aq3_fx3_mlb__entry__1 "> alias </td> <td class="entry" headers="CreateCMK__table_aq3_fx3_mlb__entry__2 "> String </td> <td class="entry" headers="CreateCMK__table_aq3_fx3_mlb__entry__3 "> 密钥名称 </td> </tr> <tr class="row"> <td class="entry" headers="CreateCMK__table_aq3_fx3_mlb__entry__1 "> keyUsage </td> <td class="entry" headers="CreateCMK__table_aq3_fx3_mlb__entry__2 "> String </td> <td class="entry" headers="CreateCMK__table_aq3_fx3_mlb__entry__3 "> 密钥用途，加密/解密 </td> </tr> <tr class="row"> <td class="entry" headers="CreateCMK__table_aq3_fx3_mlb__entry__1 "> description </td> <td class="entry" headers="CreateCMK__table_aq3_fx3_mlb__entry__2 "> String </td> <td class="entry" headers="CreateCMK__table_aq3_fx3_mlb__entry__3 "> 密钥描述 </td> </tr> <tr class="row"> <td class="entry" headers="CreateCMK__table_aq3_fx3_mlb__entry__1 "> creationDate </td> <td class="entry" headers="CreateCMK__table_aq3_fx3_mlb__entry__2 "> String </td> <td class="entry" headers="CreateCMK__table_aq3_fx3_mlb__entry__3 "> 密钥创建时间（yyyy-MM-dd HH:mm:ss） </td> </tr> <tr class="row"> <td class="entry" headers="CreateCMK__table_aq3_fx3_mlb__entry__1 "> deleteDate </td> <td class="entry" headers="CreateCMK__table_aq3_fx3_mlb__entry__2 "> String </td> <td class="entry" headers="CreateCMK__table_aq3_fx3_mlb__entry__3 "> 密钥预计被删除时间（yyyy-MM-dd HH:mm:ss）当该值为空时，表示密钥不会被删除。只有当密钥状态keyState是待删除PendingDeletion时，会返回这个参数 </td> </tr> <tr class="row"> <td class="entry" headers="CreateCMK__table_aq3_fx3_mlb__entry__1 "> ownerId </td> <td class="entry" headers="CreateCMK__table_aq3_fx3_mlb__entry__2 "> String </td> <td class="entry" headers="CreateCMK__table_aq3_fx3_mlb__entry__3 "> 密钥拥有者 </td> </tr> <tr class="row"> <td class="entry" headers="CreateCMK__table_aq3_fx3_mlb__entry__1 "> keyState </td> <td class="entry" headers="CreateCMK__table_aq3_fx3_mlb__entry__2 "> String </td> <td class="entry" headers="CreateCMK__table_aq3_fx3_mlb__entry__3 "> 密钥状态。0启用；1禁用；2待删除。 </td> </tr> <tr class="row"> <td class="entry" headers="CreateCMK__table_aq3_fx3_mlb__entry__1 "> origin </td> <td class="entry" headers="CreateCMK__table_aq3_fx3_mlb__entry__2 "> String </td> <td class="entry" headers="CreateCMK__table_aq3_fx3_mlb__entry__3 "> 密钥材料来源。 </td> </tr> </tbody></table> 请求示例 <pre class="pre codeblock"><code>https:// kms-cn-shanghai.yun.pingan.com/?action=CreateCmk &keyUsage=0 &origin=<origin> &alias=<your key alias> &algorithm=<algorithm> &description=<your key description> &<公共请求参数></code></pre> 返回示例 <pre class="pre codeblock"><code>{ "code":"SUCCESS", "keyMetadata":{ "keyUsage":"ENCRYPT_DECRYPT", "origin":"平安云产生", "keyState":"ENABLE|已启用", "keyId":"your key id", "description":"key description example", "alias":"your key alias", "ownerId":"123456", "creationDate":"2018-12-04 15:07:54" } "requestId":"53912b71-3435-409e-ad05-1882ced04f1f" }</code></pre> </section>

以上内容是否解决了您的问题？是否