You need to enable JavaScript to run this app.
导航
密钥管理系统
  • 文档首页
    • /密钥管理系统/API参考/密钥管理/密钥管理/GenerateDataKey - 生成数据密钥
GenerateDataKey - 生成数据密钥
最近更新时间:2025.12.01 20:00:13首次发布时间:2024.08.29 17:19:53
复制全文
我的收藏
有用
有用
无用
无用

生成数据密钥

调试

API Explorer
您可以通过 API Explorer 在线发起调用,无需关注签名生成过程,快速获取调用结果。
去调试

请求参数

下表仅列出该接口特有的请求参数和部分公共参数。更多信息请见公共参数

参数
类型
是否必填
示例值
描述
Action
String

GenerateDataKey

要执行的操作,取值:GenerateDataKey。

Version
String

2021-02-18

API的版本,取值:2021-02-18。

KeyringName
String

keyring-test

密钥环名称,长度为 2 - 31 个字符。合法字符:[a-zA-Z0-9-_]

KeyName
String

key-test

主密钥名称,长度为 2 - 31 个字符。合法字符:[a-zA-Z0-9-_]

KeyID
String

0324d9b3-c5d9-4b6f-94e7-884010a16fee

主密钥ID,二选一:
KeyringName 和 KeyName
KeyID

EncryptionContext
String

{"user":"alice","path":"path/to/alice/plaintext.txt"}

key/value的JSON字符串。如果指定了该参数,则在调用Decrypt时需要提供同样的参数。

NumberOfBytes
Integer

32

生成数据密钥的长度,取值:[1, 1024]

返回参数

下表仅列出本接口特有的返回参数。更多信息请参见返回结构

参数
类型
示例值
描述
Plaintext
String

kFw2RqALpWkHzLBNY8Q6x2F0viIebT4uIPkUOpCiitxZcA9ADwCoVVXLdfe3jJA997rWGYa7b6ifbjK06NSVpV9Nf5PnqHQvLy8cJkP0YHBp2dMhRtSP6JVDyShKhQN8yJyYMaKaD3URH7o8Xv1QltKHjpr18+w9ZrxWu1i54y2+2bRzUO9oPZt4breNSBN7mLqCutfL3EQuwKH0Zb0wpRdcKSwMpVbrnGGjV/hFxblAhmeJe4e32IUQKj0vVbTV1s2hY3jYguZ49Hl4JjVDbqqnM/nU79nHubQ/MoD5vFKe/sLX+sGgkGbx0SOa1wqQvk0FBNgkInNTzXGoyEWGd4OE8+cBaPmOxjRCsL51ckTHKkqGLIXZAigIH3B1A/BM5B51yjxS4xuyx0kk9vLQvYWCAY7g5N9DN5Rz10OdgX4ziyr80WufXziSvjdYf46Q+m3kzdeyknHP/JFpBP3E85FUxtrIARR4IAruHt6FwPEMIAs1NKCkEfDvGhEBds4CwbHSKJM916TBTLUwMZMJGSAMJgGVKLbh3VV8hVZWsK1+e6D7Vi/DvBYOjWovjTZ6UJH6nrBhXkcptWXO0y1mhG37sijm2w8B0PvqHyHYVXSP0mYMX2709awZ5MInO0X35nZi4iuwlxHcoFQbAXAKlpCMMfItYyOPrejRqdhcBb4=

数据密钥明文,Base64编码

CiphertextBlob
String

43y7grE9TjamX4P7ZOHFbwAAfdbxOzMLcyZqlPRh9rMVL2exoGbn53zKUTyt0jZD+Q5YWTmQf/z0Dm6WS+JvSKB3qchbUDVTZPrhUA0amFtBks6+s/rFXtUeBA4iirycN9j0/+BBmHVqAKiPFGJ4/83LdFA2MgoAMdcUaM6nhMZ7XCMaTvAH//Okx0bLJ2dqKf1R9DSFbcQtyYQBaJBfXMzM0cN5wya9M1KlXZZqqDGJQwLCf1ecuP3590dS1uvTJ9XQLlJUQWI/pLG2RxqKh00DlQf5E0+riLol5ocsMeDLefgc3w6pQ6lIOR4JsBsJZH1867r62x+dh8nAEY0AtOuVo8jjtS62QBoFtbI7WSekZUBVr2yao4817+xOC+oUF7JlZxuzPheFUsxkaiXvNxt08QiSZkX9qcjod5IaL4WqouffBf8XsWsoEqJlEW5hHnEJUzSzwrnpx/pz2km5rTvSMeczoLOM3Yo1o3oCv18Xg5FW2/SRHrBi6hjyGdMPhIwiMUENiBhgC4RFEqSWKdLTY2kgT0EO6H44X7piuz3qVyuiDlcM/thDrpJObNSEeaDkWgtPVacmoJ3Qh6xrCS4NyM8nOhp3lTYuOP1lGLn8Xlc14Kn95+qtdP3vQgyz9s4mMvuOzDa085QJxCZjpB/D1cIowf/hISKUioZwDtjLcnYAShV4p3LjW3JO5QC/wipdaug7x+RwjcWGIA4zLt54fIukKCcfI8QwwuHg7rwUPW1fpXiGuDKKWBt7egzJ2/4RU9wKiHiLSnsbNxw=

数据密钥密文,Base64编码

请求示例

POST /?Action=GenerateDataKey&Version=2021-02-18 HTTP/1.1
Host: kms.cn-beijing.volcengineapi.com
Content-Type: application/json; charset=UTF-8
X-Date: 20250710T070808Z
X-Content-Sha256: 287e874e******d653b44d21e
Authorization: HMAC-SHA256 Credential=Adfks******wekfwe/20250710/cn-beijing/kms/request, SignedHeaders=host;x-content-sha256;x-date, Signature=47a7d934ff7b37c03938******cd7b8278a40a1057690c401e92246a0e41085f

{}

返回示例

{
  "ResponseMetadata": {
    "RequestId": "202407081310481390470331439FAD82",
    "Action": "GenerateDataKey",
    "Version": "2021-02-18",
    "Service": "kms",
    "Region": "cn-beijing"
  },
  "Result": {
    "Plaintext": "kFw2RqALpWkHzLBNY8Q6x2F0viIebT4uIPkUOpCiitxZcA9ADwCoVVXLdfe3jJA997rWGYa7b6ifbjK06NSVpV9Nf5PnqHQvLy8cJkP0YHBp2dMhRtSP6JVDyShKhQN8yJyYMaKaD3URH7o8Xv1QltKHjpr18+w9ZrxWu1i54y2+2bRzUO9oPZt4breNSBN7mLqCutfL3EQuwKH0Zb0wpRdcKSwMpVbrnGGjV/hFxblAhmeJe4e32IUQKj0vVbTV1s2hY3jYguZ49Hl4JjVDbqqnM/nU79nHubQ/MoD5vFKe/sLX+sGgkGbx0SOa1wqQvk0FBNgkInNTzXGoyEWGd4OE8+cBaPmOxjRCsL51ckTHKkqGLIXZAigIH3B1A/BM5B51yjxS4xuyx0kk9vLQvYWCAY7g5N9DN5Rz10OdgX4ziyr80WufXziSvjdYf46Q+m3kzdeyknHP/JFpBP3E85FUxtrIARR4IAruHt6FwPEMIAs1NKCkEfDvGhEBds4CwbHSKJM916TBTLUwMZMJGSAMJgGVKLbh3VV8hVZWsK1+e6D7Vi/DvBYOjWovjTZ6UJH6nrBhXkcptWXO0y1mhG37sijm2w8B0PvqHyHYVXSP0mYMX2709awZ5MInO0X35nZi4iuwlxHcoFQbAXAKlpCMMfItYyOPrejRqdhcBb4=",
    "CiphertextBlob": "43y7grE9TjamX4P7ZOHFbwAAfdbxOzMLcyZqlPRh9rMVL2exoGbn53zKUTyt0jZD+Q5YWTmQf/z0Dm6WS+JvSKB3qchbUDVTZPrhUA0amFtBks6+s/rFXtUeBA4iirycN9j0/+BBmHVqAKiPFGJ4/83LdFA2MgoAMdcUaM6nhMZ7XCMaTvAH//Okx0bLJ2dqKf1R9DSFbcQtyYQBaJBfXMzM0cN5wya9M1KlXZZqqDGJQwLCf1ecuP3590dS1uvTJ9XQLlJUQWI/pLG2RxqKh00DlQf5E0+riLol5ocsMeDLefgc3w6pQ6lIOR4JsBsJZH1867r62x+dh8nAEY0AtOuVo8jjtS62QBoFtbI7WSekZUBVr2yao4817+xOC+oUF7JlZxuzPheFUsxkaiXvNxt08QiSZkX9qcjod5IaL4WqouffBf8XsWsoEqJlEW5hHnEJUzSzwrnpx/pz2km5rTvSMeczoLOM3Yo1o3oCv18Xg5FW2/SRHrBi6hjyGdMPhIwiMUENiBhgC4RFEqSWKdLTY2kgT0EO6H44X7piuz3qVyuiDlcM/thDrpJObNSEeaDkWgtPVacmoJ3Qh6xrCS4NyM8nOhp3lTYuOP1lGLn8Xlc14Kn95+qtdP3vQgyz9s4mMvuOzDa085QJxCZjpB/D1cIowf/hISKUioZwDtjLcnYAShV4p3LjW3JO5QC/wipdaug7x+RwjcWGIA4zLt54fIukKCcfI8QwwuHg7rwUPW1fpXiGuDKKWBt7egzJ2/4RU9wKiHiLSnsbNxw="
  }
}

错误码

下表为您列举了该接口与业务逻辑相关的错误码。公共错误码请参见公共错误码文档。

状态码
错误码
错误信息
说明
400
InvalidParameter

The request parameter %s is invalid.

400
InvalidKeyStatus

Current key status: %s does not allow to perform this action

400
MissingParameter

The request is missing %s parameter.

400
XksProxyUriUnreachable

The external key store proxy is in an unhealthy state. If you see this message repeatedly, notify your external key store proxy administrator.

400
XksProxyIncorrectAuthenticationCredential

The external key store proxy rejected the request because it could not authenticate CloudKMS. Verify the XKS proxy authentication credentials for your external key store and update if necessary.

400
CustomKeyStoreInvalidState

The request was rejected because of the ConnectionState of the custom key store. To get the ConnectionState of a custom key store, use the DescribeCustomKeyStores operation.

400
XksProxyInvalidResponse

CloudKMS cannot interpret the response from the external key store proxy. If you see this error repeatedly, report it to your external key store proxy administrator.

400
XksProxyInvalidUriPath

The external key store proxy rejected the request because of an invalid URI path. Verify the URI path for your external key store and update if necessary.

403
KeyMaterialExpire

Key expire in, %s

403
Reject.Throttling.CMK

The request of CMK: %s upper limit is exceeded.

403
AccessDenied

User is not authorized to do this action

403
KMS_ServiceNotOpen

KMS service not open yet, please open the service and try again later.

403
XksProxyAccessDenied

The external key store proxy denied access to the operation. Verify that the user and the external key are both authorized for this operation, and try the request again.

403
Reject.Service.Overdue

Your account is overdue, please charge your account and try again later.

404
Not Found

Not found %s [%s].

500
UndefinedError

Undefined Internal Error. Pls Contact With Admin.