Module: AWSCDK::KMS::KeySpec
- Defined in:
- kms/key_spec.rb
Overview
The key spec, represents the cryptographic configuration of keys.
Constant Summary collapse
- SYMMETRIC_DEFAULT =
Deprecated.Note:
Default:
The default key spec.
Valid usage: ENCRYPT_DECRYPT
Jsii::Enum.new("aws-cdk-lib.aws_kms.KeySpec", "SYMMETRIC_DEFAULT")
- RSA_2048 =
Deprecated.Note:
Default:
RSA with 2048 bits of key.
Valid usage: ENCRYPT_DECRYPT and SIGN_VERIFY
Jsii::Enum.new("aws-cdk-lib.aws_kms.KeySpec", "RSA_2048")
- RSA_3072 =
Deprecated.Note:
Default:
RSA with 3072 bits of key.
Valid usage: ENCRYPT_DECRYPT and SIGN_VERIFY
Jsii::Enum.new("aws-cdk-lib.aws_kms.KeySpec", "RSA_3072")
- RSA_4096 =
Deprecated.Note:
Default:
RSA with 4096 bits of key.
Valid usage: ENCRYPT_DECRYPT and SIGN_VERIFY
Jsii::Enum.new("aws-cdk-lib.aws_kms.KeySpec", "RSA_4096")
- ECC_NIST_P256 =
Deprecated.Note:
Default:
NIST FIPS 186-4, Section 6.4, ECDSA signature using the curve specified by the key and SHA-256 for the message digest.
Valid usage: SIGN_VERIFY
Jsii::Enum.new("aws-cdk-lib.aws_kms.KeySpec", "ECC_NIST_P256")
- ECC_NIST_P384 =
Deprecated.Note:
Default:
NIST FIPS 186-4, Section 6.4, ECDSA signature using the curve specified by the key and SHA-384 for the message digest.
Valid usage: SIGN_VERIFY
Jsii::Enum.new("aws-cdk-lib.aws_kms.KeySpec", "ECC_NIST_P384")
- ECC_NIST_P521 =
Deprecated.Note:
Default:
NIST FIPS 186-4, Section 6.4, ECDSA signature using the curve specified by the key and SHA-512 for the message digest.
Valid usage: SIGN_VERIFY
Jsii::Enum.new("aws-cdk-lib.aws_kms.KeySpec", "ECC_NIST_P521")
- ECC_SECG_P256_K1 =
Deprecated.Note:
Default:
Standards for Efficient Cryptography 2, Section 2.4.1, ECDSA signature on the Koblitz curve.
Valid usage: SIGN_VERIFY
Jsii::Enum.new("aws-cdk-lib.aws_kms.KeySpec", "ECC_SECG_P256K1")
- HMAC_224 =
Deprecated.Note:
Default:
Hash-Based Message Authentication Code as defined in RFC 2104 using the message digest function SHA224.
Valid usage: GENERATE_VERIFY_MAC
Jsii::Enum.new("aws-cdk-lib.aws_kms.KeySpec", "HMAC_224")
- HMAC_256 =
Deprecated.Note:
Default:
Hash-Based Message Authentication Code as defined in RFC 2104 using the message digest function SHA256.
Valid usage: GENERATE_VERIFY_MAC
Jsii::Enum.new("aws-cdk-lib.aws_kms.KeySpec", "HMAC_256")
- HMAC_384 =
Deprecated.Note:
Default:
Hash-Based Message Authentication Code as defined in RFC 2104 using the message digest function SHA384.
Valid usage: GENERATE_VERIFY_MAC
Jsii::Enum.new("aws-cdk-lib.aws_kms.KeySpec", "HMAC_384")
- HMAC_512 =
Deprecated.Note:
Default:
Hash-Based Message Authentication Code as defined in RFC 2104 using the message digest function SHA512.
Valid usage: GENERATE_VERIFY_MAC
Jsii::Enum.new("aws-cdk-lib.aws_kms.KeySpec", "HMAC_512")
- SM2 =
Deprecated.Note:
Default:
Elliptic curve key spec available only in China Regions.
Valid usage: ENCRYPT_DECRYPT and SIGN_VERIFY
Jsii::Enum.new("aws-cdk-lib.aws_kms.KeySpec", "SM2")
- ML_DSA_44 =
Deprecated.Note:
Default:
ML-DSA-44 lattice-based digital signature algorithm.
Valid usage: SIGN_VERIFY
Jsii::Enum.new("aws-cdk-lib.aws_kms.KeySpec", "ML_DSA_44")
- ML_DSA_65 =
Deprecated.Note:
Default:
ML-DSA-65 lattice-based digital signature algorithm.
Valid usage: SIGN_VERIFY
Jsii::Enum.new("aws-cdk-lib.aws_kms.KeySpec", "ML_DSA_65")
- ML_DSA_87 =
Deprecated.Note:
Default:
ML-DSA-87 lattice-based digital signature algorithm.
Valid usage: SIGN_VERIFY
Jsii::Enum.new("aws-cdk-lib.aws_kms.KeySpec", "ML_DSA_87")
- ECC_NIST_EDWARDS25519 =
Deprecated.Note:
Default:
NIST-standard Edwards25519 (ed25519) elliptic curve key pair.
Valid usage: SIGN_VERIFY
Jsii::Enum.new("aws-cdk-lib.aws_kms.KeySpec", "ECC_NIST_EDWARDS25519")