enum KeySpec
| Language | Type name |
|---|---|
 .NET | Amazon.CDK.AWS.KMS.KeySpec |
 Java | software.amazon.awscdk.services.kms.KeySpec |
 Python | aws_cdk.aws_kms.KeySpec |
 TypeScript (source) | @aws-cdk/aws-kms » KeySpec |
The key spec, represents the cryptographic configuration of keys.
Example
const key = new kms.Key(this, 'MyKey', {
keySpec: kms.KeySpec.ECC_SECG_P256K1, // Default to SYMMETRIC_DEFAULT
keyUsage: kms.KeyUsage.SIGN_VERIFY, // and ENCRYPT_DECRYPT
});
Members
| Name | Description |
|---|---|
| SYMMETRIC_DEFAULT | The default key spec. |
| RSA_2048 | RSA with 2048 bits of key. |
| RSA_3072 | RSA with 3072 bits of key. |
| RSA_4096 | RSA with 4096 bits of key. |
| ECC_NIST_P256 | NIST FIPS 186-4, Section 6.4, ECDSA signature using the curve specified by the key and SHA-256 for the message digest. |
| ECC_NIST_P384 | NIST FIPS 186-4, Section 6.4, ECDSA signature using the curve specified by the key and SHA-384 for the message digest. |
| ECC_NIST_P521 | NIST FIPS 186-4, Section 6.4, ECDSA signature using the curve specified by the key and SHA-512 for the message digest. |
| ECC_SECG_P256K1 | Standards for Efficient Cryptography 2, Section 2.4.1, ECDSA signature on the Koblitz curve. |
SYMMETRIC_DEFAULT
The default key spec.
Valid usage: ENCRYPT_DECRYPT
RSA_2048
RSA with 2048 bits of key.
Valid usage: ENCRYPT_DECRYPT and SIGN_VERIFY
RSA_3072
RSA with 3072 bits of key.
Valid usage: ENCRYPT_DECRYPT and SIGN_VERIFY
RSA_4096
RSA with 4096 bits of key.
Valid usage: ENCRYPT_DECRYPT and SIGN_VERIFY
ECC_NIST_P256
NIST FIPS 186-4, Section 6.4, ECDSA signature using the curve specified by the key and SHA-256 for the message digest.
Valid usage: SIGN_VERIFY
ECC_NIST_P384
NIST FIPS 186-4, Section 6.4, ECDSA signature using the curve specified by the key and SHA-384 for the message digest.
Valid usage: SIGN_VERIFY
ECC_NIST_P521
NIST FIPS 186-4, Section 6.4, ECDSA signature using the curve specified by the key and SHA-512 for the message digest.
Valid usage: SIGN_VERIFY
ECC_SECG_P256K1
Standards for Efficient Cryptography 2, Section 2.4.1, ECDSA signature on the Koblitz curve.
Valid usage: SIGN_VERIFY