Struct: kms.VerifyInput

import "../ibm-cos-sdk-go/service/kms"

Implemented Interfaces

s3crypto.Cipher, s3manager.ReadSeekerWriteTo, request.Validator, s3manager.WriterReadFrom

Structure Field Summary

• GrantTokens []*string

  A list of grant tokens.

• KeyId *string

  Identifies the asymmetric KMS key that will be used to verify the signature.

• Message []byte

  Specifies the message that was signed.

• MessageType *string

  Tells AWS KMS whether the value of the Message parameter is a message or message digest.

• Signature []byte

  The signature that the Sign operation generated.

• SigningAlgorithm *string

  The signing algorithm that was used to sign the message.

• _ struct{}

Service Operations

• GoString() string operation

  GoString returns the string representation.

• SetGrantTokens([]*string) *VerifyInput operation

  SetGrantTokens sets the GrantTokens field's value.

• SetKeyId(string) *VerifyInput operation

  SetKeyId sets the KeyId field's value.

• SetMessage([]byte) *VerifyInput operation

  SetMessage sets the Message field's value.

• SetMessageType(string) *VerifyInput operation

  SetMessageType sets the MessageType field's value.

• SetSignature([]byte) *VerifyInput operation

  SetSignature sets the Signature field's value.

• SetSigningAlgorithm(string) *VerifyInput operation

  SetSigningAlgorithm sets the SigningAlgorithm field's value.

• String() string operation

  String returns the string representation.

• Validate() error operation

  Validate inspects the fields of the type to determine if they are valid.

Structure Field Details

GrantTokens []*string `type:"list"`

A list of grant tokens.

For more information, see Grant Tokens (docs.aws.amazon.com/kms/latest/developerguide/concepts.html#grant_token) in the AWS Key Management Service Developer Guide.

KeyId *string `min:"1" type:"string" required:"true"`

Identifies the asymmetric KMS key that will be used to verify the signature. This must be the same KMS key that was used to generate the signature. If you specify a different KMS key, the signature verification fails.

To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with “alias/”. To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.

For example:

• Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab

• Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab

• Alias name: alias/ExampleAlias

• Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias

To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

KeyId is a required field

Message []byte `min:"1" type:"blob" required:"true" sensitive:"true"`

Specifies the message that was signed. You can submit a raw message of up to 4096 bytes, or a hash digest of the message. If you submit a digest, use the MessageType parameter with a value of DIGEST.

If the message specified here is different from the message that was signed, the signature verification fails. A message and its hash digest are considered to be the same message.

Message is a sensitive parameter and its value will be replaced with “sensitive” in string returned by VerifyInput's String and GoString methods.

Message is automatically base64 encoded/decoded by the SDK.

Message is a required field

MessageType *string `type:"string" enum:"MessageType"`

Tells AWS KMS whether the value of the Message parameter is a message or message digest. The default value, RAW, indicates a message. To indicate a message digest, enter DIGEST.

Use the DIGEST value only when the value of the Message parameter is a message digest. If you use the DIGEST value with a raw message, the security of the verification operation can be compromised.

Signature []byte `min:"1" type:"blob" required:"true"`

The signature that the Sign operation generated. Signature is automatically base64 encoded/decoded by the SDK.

Signature is a required field

SigningAlgorithm *string `type:"string" required:"true" enum:"SigningAlgorithmSpec"`

The signing algorithm that was used to sign the message. If you submit a different algorithm, the signature verification fails.

SigningAlgorithm is a required field

_ struct{} `type:"structure"`

Method Details

func (s VerifyInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as “sensitive” in the API will not be included in the string output. The member name will be present, but the value will be replaced with “sensitive”.

// File 'service/kms/api.go', line 17331

func (s VerifyInput) GoString() string {
	return s.String()
}

func (s *VerifyInput) SetGrantTokens(v []*string) *VerifyInput

SetGrantTokens sets the GrantTokens field's value.

// File 'service/kms/api.go', line 17367

func (s *VerifyInput) SetGrantTokens(v []*string) *VerifyInput {
	s.GrantTokens = v
	return s
}

func (s *VerifyInput) SetKeyId(v string) *VerifyInput

SetKeyId sets the KeyId field's value.

// File 'service/kms/api.go', line 17373

func (s *VerifyInput) SetKeyId(v string) *VerifyInput {
	s.KeyId = &v
	return s
}

func (s *VerifyInput) SetMessage(v []byte) *VerifyInput

SetMessage sets the Message field's value.

// File 'service/kms/api.go', line 17379

func (s *VerifyInput) SetMessage(v []byte) *VerifyInput {
	s.Message = v
	return s
}

func (s *VerifyInput) SetMessageType(v string) *VerifyInput

SetMessageType sets the MessageType field's value.

// File 'service/kms/api.go', line 17385

func (s *VerifyInput) SetMessageType(v string) *VerifyInput {
	s.MessageType = &v
	return s
}

func (s *VerifyInput) SetSignature(v []byte) *VerifyInput

SetSignature sets the Signature field's value.

// File 'service/kms/api.go', line 17391

func (s *VerifyInput) SetSignature(v []byte) *VerifyInput {
	s.Signature = v
	return s
}

func (s *VerifyInput) SetSigningAlgorithm(v string) *VerifyInput

SetSigningAlgorithm sets the SigningAlgorithm field's value.

// File 'service/kms/api.go', line 17397

func (s *VerifyInput) SetSigningAlgorithm(v string) *VerifyInput {
	s.SigningAlgorithm = &v
	return s
}

func (s VerifyInput) String() string

String returns the string representation.

API parameter values that are decorated as “sensitive” in the API will not be included in the string output. The member name will be present, but the value will be replaced with “sensitive”.

// File 'service/kms/api.go', line 17322

func (s VerifyInput) String() string {
	return awsutil.Prettify(s)
}

func (s *VerifyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

// File 'service/kms/api.go', line 17336

func (s *VerifyInput) Validate() error {
	invalidParams := request.ErrInvalidParams{Context: "VerifyInput"}
	if s.KeyId == nil {
		invalidParams.Add(request.NewErrParamRequired("KeyId"))
	}
	if s.KeyId != nil && len(*s.KeyId) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("KeyId", 1))
	}
	if s.Message == nil {
		invalidParams.Add(request.NewErrParamRequired("Message"))
	}
	if s.Message != nil && len(s.Message) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("Message", 1))
	}
	if s.Signature == nil {
		invalidParams.Add(request.NewErrParamRequired("Signature"))
	}
	if s.Signature != nil && len(s.Signature) < 1 {
		invalidParams.Add(request.NewErrParamMinLen("Signature", 1))
	}
	if s.SigningAlgorithm == nil {
		invalidParams.Add(request.NewErrParamRequired("SigningAlgorithm"))
	}

	if invalidParams.Len() > 0 {
		return invalidParams
	}
	return nil
}