1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167

// Code generated by software.amazon.smithy.rust.codegen.smithy-rs. DO NOT EDIT.
pub use crate::operation::export_key::_export_key_output::ExportKeyOutputBuilder;

pub use crate::operation::export_key::_export_key_input::ExportKeyInputBuilder;

impl ExportKeyInputBuilder {
    /// Sends a request with this input using the given client.
    pub async fn send_with(
        self,
        client: &crate::Client,
    ) -> ::std::result::Result<
        crate::operation::export_key::ExportKeyOutput,
        ::aws_smithy_runtime_api::client::result::SdkError<
            crate::operation::export_key::ExportKeyError,
            ::aws_smithy_runtime_api::client::orchestrator::HttpResponse,
        >,
    > {
        let mut fluent_builder = client.export_key();
        fluent_builder.inner = self;
        fluent_builder.send().await
    }
}
/// Fluent builder constructing a request to `ExportKey`.
///
/// <p>Exports a key from Amazon Web Services Payment Cryptography using either ANSI X9 TR-34 or TR-31 key export standard.</p>
/// <p>Amazon Web Services Payment Cryptography simplifies main or root key exchange process by eliminating the need of a paper-based key exchange process. It takes a modern and secure approach based of the ANSI X9 TR-34 key exchange standard.</p>
/// <p>You can use <code>ExportKey</code> to export main or root keys such as KEK (Key Encryption Key), using asymmetric key exchange technique following ANSI X9 TR-34 standard. The ANSI X9 TR-34 standard uses asymmetric keys to establishes bi-directional trust between the two parties exchanging keys. After which you can export working keys using the ANSI X9 TR-31 symmetric key exchange standard as mandated by PCI PIN. Using this operation, you can share your Amazon Web Services Payment Cryptography generated keys with other service partners to perform cryptographic operations outside of Amazon Web Services Payment Cryptography </p>
/// <p> <b>TR-34 key export</b> </p>
/// <p>Amazon Web Services Payment Cryptography uses TR-34 asymmetric key exchange standard to export main keys such as KEK. In TR-34 terminology, the sending party of the key is called Key Distribution Host (KDH) and the receiving party of the key is called Key Receiving Host (KRH). In key export process, KDH is Amazon Web Services Payment Cryptography which initiates key export. KRH is the user receiving the key. Before you initiate TR-34 key export, you must obtain an export token by calling <code>GetParametersForExport</code>. This operation also returns the signing key certificate that KDH uses to sign the wrapped key to generate a TR-34 wrapped key block. The export token expires after 7 days.</p>
/// <p>Set the following parameters:</p>
/// <dl>
/// <dt>
/// CertificateAuthorityPublicKeyIdentifier
/// </dt>
/// <dd>
/// <p>The <code>KeyARN</code> of the certificate chain that will sign the wrapping key certificate. This must exist within Amazon Web Services Payment Cryptography before you initiate TR-34 key export. If it does not exist, you can import it by calling <code>ImportKey</code> for <code>RootCertificatePublicKey</code>.</p>
/// </dd>
/// <dt>
/// ExportToken
/// </dt>
/// <dd>
/// <p>Obtained from KDH by calling <code>GetParametersForExport</code>.</p>
/// </dd>
/// <dt>
/// WrappingKeyCertificate
/// </dt>
/// <dd>
/// <p>Amazon Web Services Payment Cryptography uses this to wrap the key under export.</p>
/// </dd>
/// </dl>
/// <p>When this operation is successful, Amazon Web Services Payment Cryptography returns the TR-34 wrapped key block. </p>
/// <p> <b>TR-31 key export</b> </p>
/// <p>Amazon Web Services Payment Cryptography uses TR-31 symmetric key exchange standard to export working keys. In TR-31, you must use a main key such as KEK to encrypt or wrap the key under export. To establish a KEK, you can use <code>CreateKey</code> or <code>ImportKey</code>. When this operation is successful, Amazon Web Services Payment Cryptography returns a TR-31 wrapped key block. </p>
/// <p> <b>Cross-account use:</b> This operation can't be used across different Amazon Web Services accounts.</p>
/// <p> <b>Related operations:</b> </p>
/// <ul>
/// <li> <p> <code>GetParametersForExport</code> </p> </li>
/// <li> <p> <code>ImportKey</code> </p> </li>
/// </ul>
#[derive(::std::clone::Clone, ::std::fmt::Debug)]
pub struct ExportKeyFluentBuilder {
    handle: ::std::sync::Arc<crate::client::Handle>,
    inner: crate::operation::export_key::builders::ExportKeyInputBuilder,
    config_override: ::std::option::Option<crate::config::Builder>,
}
impl crate::client::customize::internal::CustomizableSend<crate::operation::export_key::ExportKeyOutput, crate::operation::export_key::ExportKeyError>
    for ExportKeyFluentBuilder
{
    fn send(
        self,
        config_override: crate::config::Builder,
    ) -> crate::client::customize::internal::BoxFuture<
        crate::client::customize::internal::SendResult<crate::operation::export_key::ExportKeyOutput, crate::operation::export_key::ExportKeyError>,
    > {
        ::std::boxed::Box::pin(async move { self.config_override(config_override).send().await })
    }
}
impl ExportKeyFluentBuilder {
    /// Creates a new `ExportKey`.
    pub(crate) fn new(handle: ::std::sync::Arc<crate::client::Handle>) -> Self {
        Self {
            handle,
            inner: ::std::default::Default::default(),
            config_override: ::std::option::Option::None,
        }
    }
    /// Access the ExportKey as a reference.
    pub fn as_input(&self) -> &crate::operation::export_key::builders::ExportKeyInputBuilder {
        &self.inner
    }
    /// Sends the request and returns the response.
    ///
    /// If an error occurs, an `SdkError` will be returned with additional details that
    /// can be matched against.
    ///
    /// By default, any retryable failures will be retried twice. Retry behavior
    /// is configurable with the [RetryConfig](aws_smithy_types::retry::RetryConfig), which can be
    /// set when configuring the client.
    pub async fn send(
        self,
    ) -> ::std::result::Result<
        crate::operation::export_key::ExportKeyOutput,
        ::aws_smithy_runtime_api::client::result::SdkError<
            crate::operation::export_key::ExportKeyError,
            ::aws_smithy_runtime_api::client::orchestrator::HttpResponse,
        >,
    > {
        let input = self
            .inner
            .build()
            .map_err(::aws_smithy_runtime_api::client::result::SdkError::construction_failure)?;
        let runtime_plugins = crate::operation::export_key::ExportKey::operation_runtime_plugins(
            self.handle.runtime_plugins.clone(),
            &self.handle.conf,
            self.config_override,
        );
        crate::operation::export_key::ExportKey::orchestrate(&runtime_plugins, input).await
    }

    /// Consumes this builder, creating a customizable operation that can be modified before being sent.
    pub fn customize(
        self,
    ) -> crate::client::customize::CustomizableOperation<
        crate::operation::export_key::ExportKeyOutput,
        crate::operation::export_key::ExportKeyError,
        Self,
    > {
        crate::client::customize::CustomizableOperation::new(self)
    }
    pub(crate) fn config_override(mut self, config_override: impl Into<crate::config::Builder>) -> Self {
        self.set_config_override(Some(config_override.into()));
        self
    }

    pub(crate) fn set_config_override(&mut self, config_override: Option<crate::config::Builder>) -> &mut Self {
        self.config_override = config_override;
        self
    }
    /// <p>The key block format type, for example, TR-34 or TR-31, to use during key material export.</p>
    pub fn key_material(mut self, input: crate::types::ExportKeyMaterial) -> Self {
        self.inner = self.inner.key_material(input);
        self
    }
    /// <p>The key block format type, for example, TR-34 or TR-31, to use during key material export.</p>
    pub fn set_key_material(mut self, input: ::std::option::Option<crate::types::ExportKeyMaterial>) -> Self {
        self.inner = self.inner.set_key_material(input);
        self
    }
    /// <p>The key block format type, for example, TR-34 or TR-31, to use during key material export.</p>
    pub fn get_key_material(&self) -> &::std::option::Option<crate::types::ExportKeyMaterial> {
        self.inner.get_key_material()
    }
    /// <p>The <code>KeyARN</code> of the key under export from Amazon Web Services Payment Cryptography.</p>
    pub fn export_key_identifier(mut self, input: impl ::std::convert::Into<::std::string::String>) -> Self {
        self.inner = self.inner.export_key_identifier(input.into());
        self
    }
    /// <p>The <code>KeyARN</code> of the key under export from Amazon Web Services Payment Cryptography.</p>
    pub fn set_export_key_identifier(mut self, input: ::std::option::Option<::std::string::String>) -> Self {
        self.inner = self.inner.set_export_key_identifier(input);
        self
    }
    /// <p>The <code>KeyARN</code> of the key under export from Amazon Web Services Payment Cryptography.</p>
    pub fn get_export_key_identifier(&self) -> &::std::option::Option<::std::string::String> {
        self.inner.get_export_key_identifier()
    }
}