AWSKMSSignRequest

@interface AWSKMSSignRequest
  • A list of grant tokens.

    For more information, see Grant Tokens in the AWS Key Management Service Developer Guide.

    Declaration

    Objective-C

    @property (readwrite, strong, nonatomic)
        NSArray<NSString *> *_Nullable grantTokens;

    Swift

    var grantTokens: [String]? { get set }
  • Identifies an asymmetric CMK. AWS KMS uses the private key in the asymmetric CMK to sign the message. The KeyUsage type of the CMK must be SIGN_VERIFY. To find the KeyUsage of a CMK, use the DescribeKey operation.

    To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix it with "alias/". To specify a CMK in a different AWS account, you must use the key ARN or alias ARN.

    For example:

    • Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab

    • Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab

    • Alias name: alias/ExampleAlias

    • Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias

    To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

    Declaration

    Objective-C

    @property (readwrite, strong, nonatomic) NSString *_Nullable keyId;

    Swift

    var keyId: String? { get set }
  • Specifies the message or message digest to sign. Messages can be 0-4096 bytes. To sign a larger message, provide the message digest.

    If you provide a message, AWS KMS generates a hash digest of the message and then signs it.

    Declaration

    Objective-C

    @property (readwrite, strong, nonatomic) NSData *_Nullable message;

    Swift

    var message: Data? { get set }
  • Tells AWS KMS whether the value of the Message parameter is a message or message digest. The default value, RAW, indicates a message. To indicate a message digest, enter DIGEST.

    Declaration

    Objective-C

    @property (assign, readwrite, nonatomic) AWSKMSMessageType messageType;

    Swift

    var messageType: AWSKMSMessageType { get set }
  • Specifies the signing algorithm to use when signing the message.

    Choose an algorithm that is compatible with the type and size of the specified asymmetric CMK.

    Declaration

    Objective-C

    @property (assign, readwrite, nonatomic)
        AWSKMSSigningAlgorithmSpec signingAlgorithm;

    Swift

    var signingAlgorithm: AWSKMSSigningAlgorithmSpec { get set }