Struct aws_sdk_kms::input::VerifyInput

#[non_exhaustive]
pub struct VerifyInput {
    pub key_id: Option<String>,
    pub message: Option<Blob>,
    pub message_type: Option<MessageType>,
    pub signature: Option<Blob>,
    pub signing_algorithm: Option<SigningAlgorithmSpec>,
    pub grant_tokens: Option<Vec<String>>,
}

Fields (Non-exhaustive)

Non-exhaustive structs could have additional fields added in future. Therefore, non-exhaustive structs cannot be constructed in external crates using the traditional Struct { .. } syntax; cannot be matched against without a wildcard ..; and struct update syntax will not work.

key_id: Option<String>

Identifies the asymmetric KMS key that will be used to verify the signature. This must be the same KMS key that was used to generate the signature. If you specify a different KMS key, the signature verification fails.

To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with "alias/". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.

For example:

• Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab

• Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab

• Alias name: alias/ExampleAlias

• Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias

To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

message: Option<Blob>

Specifies the message that was signed. You can submit a raw message of up to 4096 bytes, or a hash digest of the message. If you submit a digest, use the MessageType parameter with a value of DIGEST.

If the message specified here is different from the message that was signed, the signature verification fails. A message and its hash digest are considered to be the same message.

message_type: Option<MessageType>

Tells KMS whether the value of the Message parameter is a message or message digest. The default value, RAW, indicates a message. To indicate a message digest, enter DIGEST.

Use the DIGEST value only when the value of the Message parameter is a message digest. If you use the DIGEST value with a raw message, the security of the verification operation can be compromised.

signature: Option<Blob>

The signature that the Sign operation generated.

signing_algorithm: Option<SigningAlgorithmSpec>

The signing algorithm that was used to sign the message. If you submit a different algorithm, the signature verification fails.

grant_tokens: Option<Vec<String>>

A list of grant tokens.

Use a grant token when your permission to call this operation comes from a new grant that has not yet achieved eventual consistency. For more information, see Grant token and Using a grant token in the Key Management Service Developer Guide.

Implementations

impl VerifyInput

pub async fn make_operation(
    &self,
    _config: &Config
) -> Result<Operation<Verify, AwsErrorRetryPolicy>, BuildError>

Consumes the builder and constructs an Operation<Verify>

pub fn builder() -> Builder

Creates a new builder-style object to manufacture VerifyInput

impl VerifyInput

pub fn key_id(&self) -> Option<&str>

Identifies the asymmetric KMS key that will be used to verify the signature. This must be the same KMS key that was used to generate the signature. If you specify a different KMS key, the signature verification fails.

To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with "alias/". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.

For example:

• Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab

• Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab

• Alias name: alias/ExampleAlias

• Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias

To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To get the alias name and alias ARN, use ListAliases.

pub fn message(&self) -> Option<&Blob>

Specifies the message that was signed. You can submit a raw message of up to 4096 bytes, or a hash digest of the message. If you submit a digest, use the MessageType parameter with a value of DIGEST.

If the message specified here is different from the message that was signed, the signature verification fails. A message and its hash digest are considered to be the same message.

pub fn message_type(&self) -> Option<&MessageType>

Tells KMS whether the value of the Message parameter is a message or message digest. The default value, RAW, indicates a message. To indicate a message digest, enter DIGEST.

Use the DIGEST value only when the value of the Message parameter is a message digest. If you use the DIGEST value with a raw message, the security of the verification operation can be compromised.

pub fn signature(&self) -> Option<&Blob>

The signature that the Sign operation generated.

pub fn signing_algorithm(&self) -> Option<&SigningAlgorithmSpec>

The signing algorithm that was used to sign the message. If you submit a different algorithm, the signature verification fails.

pub fn grant_tokens(&self) -> Option<&[String]>

A list of grant tokens.

Use a grant token when your permission to call this operation comes from a new grant that has not yet achieved eventual consistency. For more information, see Grant token and Using a grant token in the Key Management Service Developer Guide.

Trait Implementations

impl Clone for VerifyInput

fn clone(&self) -> VerifyInput

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for VerifyInput

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl PartialEq<VerifyInput> for VerifyInput

fn eq(&self, other: &VerifyInput) -> bool

This method tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &VerifyInput) -> bool

This method tests for !=.

impl StructuralPartialEq for VerifyInput