Class: Aws::KMS::Types::SignRequest

Inherits:
Struct
  • Object
show all
Includes:
Structure
Defined in:
lib/aws-sdk-kms/types.rb

Overview

Note:

When making an API call, you may pass SignRequest data as a hash:

{
  key_id: "KeyIdType", # required
  message: "data", # required
  message_type: "RAW", # accepts RAW, DIGEST
  grant_tokens: ["GrantTokenType"],
  signing_algorithm: "RSASSA_PSS_SHA_256", # required, accepts RSASSA_PSS_SHA_256, RSASSA_PSS_SHA_384, RSASSA_PSS_SHA_512, RSASSA_PKCS1_V1_5_SHA_256, RSASSA_PKCS1_V1_5_SHA_384, RSASSA_PKCS1_V1_5_SHA_512, ECDSA_SHA_256, ECDSA_SHA_384, ECDSA_SHA_512, SM2DSA
}

Constant Summary collapse

SENSITIVE =
[:message]

Instance Attribute Summary collapse

Instance Attribute Details

#grant_tokensArray<String>

A list of grant tokens.

Use a grant token when your permission to call this operation comes from a new grant that has not yet achieved *eventual consistency*. For more information, see [Grant token] and [Using a grant token] in the *Key Management Service Developer Guide*.

[1]: docs.aws.amazon.com/kms/latest/developerguide/grants.html#grant_token [2]: docs.aws.amazon.com/kms/latest/developerguide/grant-manage.html#using-grant-token

Returns:

  • (Array<String>)

5042
5043
5044
5045
5046
5047
5048
5049
5050
# File 'lib/aws-sdk-kms/types.rb', line 5042

class SignRequest < Struct.new(
  :key_id,
  :message,
  :message_type,
  :grant_tokens,
  :signing_algorithm)
  SENSITIVE = [:message]
  include Aws::Structure
end

#key_idString

Identifies an asymmetric KMS key. KMS uses the private key in the asymmetric KMS key to sign the message. The `KeyUsage` type of the KMS key must be `SIGN_VERIFY`. To find the `KeyUsage` of a KMS key, use the DescribeKey operation.

To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with `“alias/”`. To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.

For example:

  • Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`

  • Key ARN: `arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`

  • Alias name: `alias/ExampleAlias`

  • Alias ARN: `arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias`

To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

Returns:

  • (String)

5042
5043
5044
5045
5046
5047
5048
5049
5050
# File 'lib/aws-sdk-kms/types.rb', line 5042

class SignRequest < Struct.new(
  :key_id,
  :message,
  :message_type,
  :grant_tokens,
  :signing_algorithm)
  SENSITIVE = [:message]
  include Aws::Structure
end

#messageString

Specifies the message or message digest to sign. Messages can be 0-4096 bytes. To sign a larger message, provide the message digest.

If you provide a message, KMS generates a hash digest of the message and then signs it.

Returns:

  • (String)

5042
5043
5044
5045
5046
5047
5048
5049
5050
# File 'lib/aws-sdk-kms/types.rb', line 5042

class SignRequest < Struct.new(
  :key_id,
  :message,
  :message_type,
  :grant_tokens,
  :signing_algorithm)
  SENSITIVE = [:message]
  include Aws::Structure
end

#message_typeString

Tells KMS whether the value of the `Message` parameter is a message or message digest. The default value, RAW, indicates a message. To indicate a message digest, enter `DIGEST`.

Returns:

  • (String)

5042
5043
5044
5045
5046
5047
5048
5049
5050
# File 'lib/aws-sdk-kms/types.rb', line 5042

class SignRequest < Struct.new(
  :key_id,
  :message,
  :message_type,
  :grant_tokens,
  :signing_algorithm)
  SENSITIVE = [:message]
  include Aws::Structure
end

#signing_algorithmString

Specifies the signing algorithm to use when signing the message.

Choose an algorithm that is compatible with the type and size of the specified asymmetric KMS key.

Returns:

  • (String)

5042
5043
5044
5045
5046
5047
5048
5049
5050
# File 'lib/aws-sdk-kms/types.rb', line 5042

class SignRequest < Struct.new(
  :key_id,
  :message,
  :message_type,
  :grant_tokens,
  :signing_algorithm)
  SENSITIVE = [:message]
  include Aws::Structure
end