Struct: kms.VerifyInput

import "../ibm-cos-sdk-go/service/kms"

Implemented Interfaces

s3crypto.Cipher, s3manager.ReadSeekerWriteTo, request.Validator, s3manager.WriterReadFrom

Structure Field Summary collapse

Service Operations collapse

Structure Field Details

GrantTokens []*string `type:"list"`

A list of grant tokens.

For more information, see Grant Tokens (docs.aws.amazon.com/kms/latest/developerguide/concepts.html#grant_token) in the AWS Key Management Service Developer Guide.

KeyId *string `min:"1" type:"string" required:"true"`

Identifies the asymmetric KMS key that will be used to verify the signature. This must be the same KMS key that was used to generate the signature. If you specify a different KMS key, the signature verification fails.

To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with “alias/”. To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.

For example:

  • Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab

  • Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab

  • Alias name: alias/ExampleAlias

  • Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias

To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

KeyId is a required field

Message []byte `min:"1" type:"blob" required:"true" sensitive:"true"`

Specifies the message that was signed. You can submit a raw message of up to 4096 bytes, or a hash digest of the message. If you submit a digest, use the MessageType parameter with a value of DIGEST.

If the message specified here is different from the message that was signed, the signature verification fails. A message and its hash digest are considered to be the same message.

Message is a sensitive parameter and its value will be replaced with “sensitive” in string returned by VerifyInput's String and GoString methods.

Message is automatically base64 encoded/decoded by the SDK.

Message is a required field

MessageType *string `type:"string" enum:"MessageType"`

Tells AWS KMS whether the value of the Message parameter is a message or message digest. The default value, RAW, indicates a message. To indicate a message digest, enter DIGEST.

Use the DIGEST value only when the value of the Message parameter is a message digest. If you use the DIGEST value with a raw message, the security of the verification operation can be compromised.

Signature []byte `min:"1" type:"blob" required:"true"`

The signature that the Sign operation generated. Signature is automatically base64 encoded/decoded by the SDK.

Signature is a required field

SigningAlgorithm *string `type:"string" required:"true" enum:"SigningAlgorithmSpec"`

The signing algorithm that was used to sign the message. If you submit a different algorithm, the signature verification fails.

SigningAlgorithm is a required field

_ struct{} `type:"structure"`

Method Details

func (s VerifyInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as “sensitive” in the API will not be included in the string output. The member name will be present, but the value will be replaced with “sensitive”.



17331
17332
17333
// File 'service/kms/api.go', line 17331

func (s VerifyInput) GoString() string { return s.String() }

func (s *VerifyInput) SetGrantTokens(v []*string) *VerifyInput

SetGrantTokens sets the GrantTokens field's value.



17367
17368
17369
17370
// File 'service/kms/api.go', line 17367

func (s *VerifyInput) SetGrantTokens(v []*string) *VerifyInput { s.GrantTokens = v return s }

func (s *VerifyInput) SetKeyId(v string) *VerifyInput

SetKeyId sets the KeyId field's value.



17373
17374
17375
17376
// File 'service/kms/api.go', line 17373

func (s *VerifyInput) SetKeyId(v string) *VerifyInput { s.KeyId = &v return s }

func (s *VerifyInput) SetMessage(v []byte) *VerifyInput

SetMessage sets the Message field's value.



17379
17380
17381
17382
// File 'service/kms/api.go', line 17379

func (s *VerifyInput) SetMessage(v []byte) *VerifyInput { s.Message = v return s }

func (s *VerifyInput) SetMessageType(v string) *VerifyInput

SetMessageType sets the MessageType field's value.



17385
17386
17387
17388
// File 'service/kms/api.go', line 17385

func (s *VerifyInput) SetMessageType(v string) *VerifyInput { s.MessageType = &v return s }

func (s *VerifyInput) SetSignature(v []byte) *VerifyInput

SetSignature sets the Signature field's value.



17391
17392
17393
17394
// File 'service/kms/api.go', line 17391

func (s *VerifyInput) SetSignature(v []byte) *VerifyInput { s.Signature = v return s }

func (s *VerifyInput) SetSigningAlgorithm(v string) *VerifyInput

SetSigningAlgorithm sets the SigningAlgorithm field's value.



17397
17398
17399
17400
// File 'service/kms/api.go', line 17397

func (s *VerifyInput) SetSigningAlgorithm(v string) *VerifyInput { s.SigningAlgorithm = &v return s }

func (s VerifyInput) String() string

String returns the string representation.

API parameter values that are decorated as “sensitive” in the API will not be included in the string output. The member name will be present, but the value will be replaced with “sensitive”.



17322
17323
17324
// File 'service/kms/api.go', line 17322

func (s VerifyInput) String() string { return awsutil.Prettify(s) }

func (s *VerifyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.



17336
17337
17338
17339
17340
17341
17342
17343
17344
17345
17346
17347
17348
17349
17350
17351
17352
17353
17354
17355
17356
17357
17358
17359
17360
17361
17362
17363
17364
// File 'service/kms/api.go', line 17336

func (s *VerifyInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "VerifyInput"} if s.KeyId == nil { invalidParams.Add(request.NewErrParamRequired("KeyId")) } if s.KeyId != nil && len(*s.KeyId) < 1 { invalidParams.Add(request.NewErrParamMinLen("KeyId", 1)) } if s.Message == nil { invalidParams.Add(request.NewErrParamRequired("Message")) } if s.Message != nil && len(s.Message) < 1 { invalidParams.Add(request.NewErrParamMinLen("Message", 1)) } if s.Signature == nil { invalidParams.Add(request.NewErrParamRequired("Signature")) } if s.Signature != nil && len(s.Signature) < 1 { invalidParams.Add(request.NewErrParamMinLen("Signature", 1)) } if s.SigningAlgorithm == nil { invalidParams.Add(request.NewErrParamRequired("SigningAlgorithm")) } if invalidParams.Len() > 0 { return invalidParams } return nil }