KeySpec

class aws_cdk.aws_kms.KeySpec(value)

Bases: enum.Enum

The key spec, represents the cryptographic configuration of keys.

Attributes

ECC_NIST_P256

NIST FIPS 186-4, Section 6.4, ECDSA signature using the curve specified by the key and SHA-256 for the message digest.

Valid usage: SIGN_VERIFY

ECC_NIST_P384

NIST FIPS 186-4, Section 6.4, ECDSA signature using the curve specified by the key and SHA-384 for the message digest.

Valid usage: SIGN_VERIFY

ECC_NIST_P521

NIST FIPS 186-4, Section 6.4, ECDSA signature using the curve specified by the key and SHA-512 for the message digest.

Valid usage: SIGN_VERIFY

ECC_SECG_P256K1

Standards for Efficient Cryptography 2, Section 2.4.1, ECDSA signature on the Koblitz curve.

Valid usage: SIGN_VERIFY

RSA_2048

RSA with 2048 bits of key.

Valid usage: ENCRYPT_DECRYPT and SIGN_VERIFY

RSA_3072

RSA with 3072 bits of key.

Valid usage: ENCRYPT_DECRYPT and SIGN_VERIFY

RSA_4096

RSA with 4096 bits of key.

Valid usage: ENCRYPT_DECRYPT and SIGN_VERIFY

SYMMETRIC_DEFAULT

The default key spec.

Valid usage: ENCRYPT_DECRYPT