Hi there! Are you looking for the official Deno documentation? Try docs.deno.com for all your Deno learning needs.

VerifyRequest

import type { VerifyRequest } from "https://aws-api.deno.dev/v0.3/services/kms.ts?docs=full";
interface VerifyRequest {
GrantTokens?: string[] | null;
KeyId: string;
Message: Uint8Array | string;
MessageType?: MessageType | null;
Signature: Uint8Array | string;
SigningAlgorithm: SigningAlgorithmSpec;
}

§Properties

§
GrantTokens?: string[] | null
[src]

A list of grant tokens.

Use a grant token when your permission to call this operation comes from a new grant that has not yet achieved eventual consistency. For more information, see Grant token and Using a grant token in the Key Management Service Developer Guide.

§
KeyId: string
[src]

Identifies the asymmetric KMS key that will be used to verify the signature. This must be the same KMS key that was used to generate the signature. If you specify a different KMS key, the signature verification fails.

To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix it with "alias/". To specify a KMS key in a different Amazon Web Services account, you must use the key ARN or alias ARN.

For example:

  • Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
  • Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
  • Alias name: alias/ExampleAlias
  • Alias ARN: arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias

To get the key ID and key ARN for a KMS key, use "ListKeys" or "DescribeKey". To get the alias name and alias ARN, use "ListAliases".

§
Message: Uint8Array | string
[src]

Specifies the message that was signed. You can submit a raw message of up to 4096 bytes, or a hash digest of the message. If you submit a digest, use the MessageType parameter with a value of DIGEST.

If the message specified here is different from the message that was signed, the signature verification fails. A message and its hash digest are considered to be the same message.

§
MessageType?: MessageType | null
[src]

Tells KMS whether the value of the Message parameter is a message or message digest. The default value, RAW, indicates a message. To indicate a message digest, enter DIGEST.

! IMPORTANT: ! Use the DIGEST value only when the value of the Message parameter is a message digest. ! If you use the DIGEST value with a raw message, the security of the verification operation can be compromised.

§
Signature: Uint8Array | string
[src]

The signature that the Sign operation generated.

§
SigningAlgorithm: SigningAlgorithmSpec
[src]

The signing algorithm that was used to sign the message. If you submit a different algorithm, the signature verification fails.