{
"$schema": "https://json-schema.org/draft/2020-12/schema",
"$id": "https://raw.githubusercontent.com/api-evangelist/amazon-payment-cryptography/refs/heads/main/json-schema/openapi-export-tr34-key-block-schema.json",
"title": "ExportTr34KeyBlock",
"description": "Parameter information for key material export using TR-34 standard.",
"type": "object",
"properties": {
"CertificateAuthorityPublicKeyIdentifier": {
"allOf": [
{
"$ref": "#/components/schemas/KeyArnOrKeyAliasType"
},
{
"description": "The KeyARN of the certificate chain that signs the wrapping key certificate during TR-34 key export."
}
]
},
"ExportToken": {
"allOf": [
{
"$ref": "#/components/schemas/ExportTokenId"
},
{
"description": "The export token to initiate key export from Amazon Web Services Payment Cryptography. It also contains the signing key certificate that will sign the wrapped key during TR-34 key block generation. Call GetParametersForExport to receive an export token. It expires after 7 days. You can use the same export token to export multiple keys from the same service account."
}
]
},
"KeyBlockFormat": {
"allOf": [
{
"$ref": "#/components/schemas/Tr34KeyBlockFormat"
},
{
"description": "The format of key block that Amazon Web Services Payment Cryptography will use during key export."
}
]
},
"RandomNonce": {
"allOf": [
{
"$ref": "#/components/schemas/HexLength16"
},
{
"description": "A random number value that is unique to the TR-34 key block generated using 2 pass. The operation will fail, if a random nonce value is not provided for a TR-34 key block generated using 2 pass."
}
]
},
"WrappingKeyCertificate": {
"allOf": [
{
"$ref": "#/components/schemas/CertificateType"
},
{
"description": "The KeyARN of the wrapping key certificate. Amazon Web Services Payment Cryptography uses this certificate to wrap the key under export."
}
]
}
},
"required": [
"CertificateAuthorityPublicKeyIdentifier",
"ExportToken",
"KeyBlockFormat",
"WrappingKeyCertificate"
]
}