Struct rusoto_kms::DecryptRequest
source · [−]pub struct DecryptRequest {
pub ciphertext_blob: Bytes,
pub encryption_algorithm: Option<String>,
pub encryption_context: Option<HashMap<String, String>>,
pub grant_tokens: Option<Vec<String>>,
pub key_id: Option<String>,
}
Fields
ciphertext_blob: Bytes
Ciphertext to be decrypted. The blob includes metadata.
encryption_algorithm: Option<String>
Specifies the encryption algorithm that will be used to decrypt the ciphertext. Specify the same algorithm that was used to encrypt the data. If you specify a different algorithm, the Decrypt
operation fails.
This parameter is required only when the ciphertext was encrypted under an asymmetric CMK. The default value, SYMMETRIC_DEFAULT
, represents the only supported algorithm that is valid for symmetric CMKs.
encryption_context: Option<HashMap<String, String>>
Specifies the encryption context to use when decrypting the data. An encryption context is valid only for cryptographic operations with a symmetric CMK. The standard asymmetric encryption algorithms that AWS KMS uses do not support an encryption context.
An encryption context is a collection of non-secret key-value pairs that represents additional authenticated data. When you use an encryption context to encrypt data, you must specify the same (an exact case-sensitive match) encryption context to decrypt the data. An encryption context is optional when encrypting with a symmetric CMK, but it is highly recommended.
For more information, see Encryption Context in the AWS Key Management Service Developer Guide.
grant_tokens: Option<Vec<String>>
A list of grant tokens.
Use a grant token when your permission to call this operation comes from a newly created grant that has not yet achieved eventual consistency. Use a grant token when your permission to call this operation comes from a new grant that has not yet achieved eventual consistency. For more information, see Grant token in the AWS Key Management Service Developer Guide.
key_id: Option<String>
Specifies the customer master key (CMK) that AWS KMS uses to decrypt the ciphertext. Enter a key ID of the CMK that was used to encrypt the ciphertext.
This parameter is required only when the ciphertext was encrypted under an asymmetric CMK. If you used a symmetric CMK, AWS KMS can get the CMK from metadata that it adds to the symmetric ciphertext blob. However, it is always recommended as a best practice. This practice ensures that you use the CMK that you intend.
To specify a CMK, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with "alias/"
. To specify a CMK in a different AWS account, you must use the key ARN or alias ARN.
For example:
-
Key ID:
1234abcd-12ab-34cd-56ef-1234567890ab
-
Key ARN:
arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
-
Alias name:
alias/ExampleAlias
-
Alias ARN:
arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias
To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.
Trait Implementations
sourceimpl Clone for DecryptRequest
impl Clone for DecryptRequest
sourcefn clone(&self) -> DecryptRequest
fn clone(&self) -> DecryptRequest
Returns a copy of the value. Read more
1.0.0 · sourcefn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
Performs copy-assignment from source
. Read more
sourceimpl Debug for DecryptRequest
impl Debug for DecryptRequest
sourceimpl Default for DecryptRequest
impl Default for DecryptRequest
sourcefn default() -> DecryptRequest
fn default() -> DecryptRequest
Returns the “default value” for a type. Read more
sourceimpl PartialEq<DecryptRequest> for DecryptRequest
impl PartialEq<DecryptRequest> for DecryptRequest
sourcefn eq(&self, other: &DecryptRequest) -> bool
fn eq(&self, other: &DecryptRequest) -> bool
This method tests for self
and other
values to be equal, and is used
by ==
. Read more
sourcefn ne(&self, other: &DecryptRequest) -> bool
fn ne(&self, other: &DecryptRequest) -> bool
This method tests for !=
.
sourceimpl Serialize for DecryptRequest
impl Serialize for DecryptRequest
impl StructuralPartialEq for DecryptRequest
Auto Trait Implementations
impl RefUnwindSafe for DecryptRequest
impl Send for DecryptRequest
impl Sync for DecryptRequest
impl Unpin for DecryptRequest
impl UnwindSafe for DecryptRequest
Blanket Implementations
sourceimpl<T> BorrowMut<T> for T where
T: ?Sized,
impl<T> BorrowMut<T> for T where
T: ?Sized,
const: unstable · sourcefn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more
sourceimpl<T> Instrument for T
impl<T> Instrument for T
sourcefn instrument(self, span: Span) -> Instrumented<Self>
fn instrument(self, span: Span) -> Instrumented<Self>
sourcefn in_current_span(self) -> Instrumented<Self>
fn in_current_span(self) -> Instrumented<Self>
sourceimpl<T> ToOwned for T where
T: Clone,
impl<T> ToOwned for T where
T: Clone,
type Owned = T
type Owned = T
The resulting type after obtaining ownership.
sourcefn clone_into(&self, target: &mut T)
fn clone_into(&self, target: &mut T)
toowned_clone_into
)Uses borrowed data to replace owned data, usually by cloning. Read more
sourceimpl<T> WithSubscriber for T
impl<T> WithSubscriber for T
sourcefn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self> where
S: Into<Dispatch>,
fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self> where
S: Into<Dispatch>,
Attaches the provided Subscriber
to this type, returning a
WithDispatch
wrapper. Read more
sourcefn with_current_subscriber(self) -> WithDispatch<Self>
fn with_current_subscriber(self) -> WithDispatch<Self>
Attaches the current default Subscriber
to this type, returning a
WithDispatch
wrapper. Read more