AWSKMSVerifyRequest

Objective-C

@interface AWSKMSVerifyRequest

Swift

class AWSKMSVerifyRequest
  • A list of grant tokens.

    For more information, see Grant Tokens in the AWS Key Management Service Developer Guide.

    Declaration

    Objective-C

    @property (nonatomic, strong) NSArray<NSString *> *_Nullable grantTokens;

    Swift

    var grantTokens: [String]? { get set }
  • Identifies the asymmetric CMK that will be used to verify the signature. This must be the same CMK that was used to generate the signature. If you specify a different CMK, the signature verification fails.

    To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix it with "alias/". To specify a CMK in a different AWS account, you must use the key ARN or alias ARN.

    For example:

    • Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab

    • Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab

    • Alias name: alias/ExampleAlias

    • Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias

    To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

    Declaration

    Objective-C

    @property (nonatomic, strong) NSString *_Nullable keyId;

    Swift

    var keyId: String? { get set }
  • Specifies the message that was signed. You can submit a raw message of up to 4096 bytes, or a hash digest of the message. If you submit a digest, use the MessageType parameter with a value of DIGEST.

    If the message specified here is different from the message that was signed, the signature verification fails. A message and its hash digest are considered to be the same message.

    Declaration

    Objective-C

    @property (nonatomic, strong) NSData *_Nullable message;

    Swift

    var message: Data? { get set }
  • Tells AWS KMS whether the value of the Message parameter is a message or message digest. The default value, RAW, indicates a message. To indicate a message digest, enter DIGEST.

    Use the DIGEST value only when the value of the Message parameter is a message digest. If you use the DIGEST value with a raw message, the security of the verification operation can be compromised.

    Declaration

    Objective-C

    @property (nonatomic) AWSKMSMessageType messageType;

    Swift

    var messageType: AWSKMSMessageType { get set }
  • The signature that the Sign operation generated.

    Declaration

    Objective-C

    @property (nonatomic, strong) NSData *_Nullable signature;

    Swift

    var signature: Data? { get set }
  • The signing algorithm that was used to sign the message. If you submit a different algorithm, the signature verification fails.

    Declaration

    Objective-C

    @property (nonatomic) AWSKMSSigningAlgorithmSpec signingAlgorithm;

    Swift

    var signingAlgorithm: AWSKMSSigningAlgorithmSpec { get set }