Module: AWSCDK::KMS::KeySpec

Defined in:
kms/key_spec.rb

Overview

The key spec, represents the cryptographic configuration of keys.

Constant Summary collapse

SYMMETRIC_DEFAULT =
Deprecated.
Note:

Default:

The default key spec.

Valid usage: ENCRYPT_DECRYPT

Jsii::Enum.new("aws-cdk-lib.aws_kms.KeySpec", "SYMMETRIC_DEFAULT")
RSA_2048 =
Deprecated.
Note:

Default:

RSA with 2048 bits of key.

Valid usage: ENCRYPT_DECRYPT and SIGN_VERIFY

Jsii::Enum.new("aws-cdk-lib.aws_kms.KeySpec", "RSA_2048")
RSA_3072 =
Deprecated.
Note:

Default:

RSA with 3072 bits of key.

Valid usage: ENCRYPT_DECRYPT and SIGN_VERIFY

Jsii::Enum.new("aws-cdk-lib.aws_kms.KeySpec", "RSA_3072")
RSA_4096 =
Deprecated.
Note:

Default:

RSA with 4096 bits of key.

Valid usage: ENCRYPT_DECRYPT and SIGN_VERIFY

Jsii::Enum.new("aws-cdk-lib.aws_kms.KeySpec", "RSA_4096")
ECC_NIST_P256 =
Deprecated.
Note:

Default:

NIST FIPS 186-4, Section 6.4, ECDSA signature using the curve specified by the key and SHA-256 for the message digest.

Valid usage: SIGN_VERIFY

Jsii::Enum.new("aws-cdk-lib.aws_kms.KeySpec", "ECC_NIST_P256")
ECC_NIST_P384 =
Deprecated.
Note:

Default:

NIST FIPS 186-4, Section 6.4, ECDSA signature using the curve specified by the key and SHA-384 for the message digest.

Valid usage: SIGN_VERIFY

Jsii::Enum.new("aws-cdk-lib.aws_kms.KeySpec", "ECC_NIST_P384")
ECC_NIST_P521 =
Deprecated.
Note:

Default:

NIST FIPS 186-4, Section 6.4, ECDSA signature using the curve specified by the key and SHA-512 for the message digest.

Valid usage: SIGN_VERIFY

Jsii::Enum.new("aws-cdk-lib.aws_kms.KeySpec", "ECC_NIST_P521")
ECC_SECG_P256_K1 =
Deprecated.
Note:

Default:

Standards for Efficient Cryptography 2, Section 2.4.1, ECDSA signature on the Koblitz curve.

Valid usage: SIGN_VERIFY

Jsii::Enum.new("aws-cdk-lib.aws_kms.KeySpec", "ECC_SECG_P256K1")
HMAC_224 =
Deprecated.
Note:

Default:

Hash-Based Message Authentication Code as defined in RFC 2104 using the message digest function SHA224.

Valid usage: GENERATE_VERIFY_MAC

Jsii::Enum.new("aws-cdk-lib.aws_kms.KeySpec", "HMAC_224")
HMAC_256 =
Deprecated.
Note:

Default:

Hash-Based Message Authentication Code as defined in RFC 2104 using the message digest function SHA256.

Valid usage: GENERATE_VERIFY_MAC

Jsii::Enum.new("aws-cdk-lib.aws_kms.KeySpec", "HMAC_256")
HMAC_384 =
Deprecated.
Note:

Default:

Hash-Based Message Authentication Code as defined in RFC 2104 using the message digest function SHA384.

Valid usage: GENERATE_VERIFY_MAC

Jsii::Enum.new("aws-cdk-lib.aws_kms.KeySpec", "HMAC_384")
HMAC_512 =
Deprecated.
Note:

Default:

Hash-Based Message Authentication Code as defined in RFC 2104 using the message digest function SHA512.

Valid usage: GENERATE_VERIFY_MAC

Jsii::Enum.new("aws-cdk-lib.aws_kms.KeySpec", "HMAC_512")
SM2 =
Deprecated.
Note:

Default:

Elliptic curve key spec available only in China Regions.

Valid usage: ENCRYPT_DECRYPT and SIGN_VERIFY

Jsii::Enum.new("aws-cdk-lib.aws_kms.KeySpec", "SM2")
ML_DSA_44 =
Deprecated.
Note:

Default:

ML-DSA-44 lattice-based digital signature algorithm.

Valid usage: SIGN_VERIFY

Jsii::Enum.new("aws-cdk-lib.aws_kms.KeySpec", "ML_DSA_44")
ML_DSA_65 =
Deprecated.
Note:

Default:

ML-DSA-65 lattice-based digital signature algorithm.

Valid usage: SIGN_VERIFY

Jsii::Enum.new("aws-cdk-lib.aws_kms.KeySpec", "ML_DSA_65")
ML_DSA_87 =
Deprecated.
Note:

Default:

ML-DSA-87 lattice-based digital signature algorithm.

Valid usage: SIGN_VERIFY

Jsii::Enum.new("aws-cdk-lib.aws_kms.KeySpec", "ML_DSA_87")
ECC_NIST_EDWARDS25519 =
Deprecated.
Note:

Default:

NIST-standard Edwards25519 (ed25519) elliptic curve key pair.

Valid usage: SIGN_VERIFY

Jsii::Enum.new("aws-cdk-lib.aws_kms.KeySpec", "ECC_NIST_EDWARDS25519")