EcdhDerivationAttributes
Parameters required to establish ECDH based key exchange.
Contents
- CertificateAuthorityPublicKeyIdentifier
-
The
keyArnof the certificate that signed the client'sPublicKeyCertificate.Type: String
Length Constraints: Minimum length of 7. Maximum length of 322.
Pattern:
arn:aws:payment-cryptography:[a-z]{2}-[a-z]{1,16}-[0-9]+:[0-9]{12}:(key/[0-9a-zA-Z]{16,64}|alias/[a-zA-Z0-9/_-]+)$|^alias/[a-zA-Z0-9/_-]+Required: Yes
- KeyAlgorithm
-
The key algorithm of the derived ECDH key.
Type: String
Valid Values:
TDES_2KEY | TDES_3KEY | AES_128 | AES_192 | AES_256Required: Yes
- KeyDerivationFunction
-
The key derivation function to use for deriving a key using ECDH.
Type: String
Valid Values:
NIST_SP800 | ANSI_X963Required: Yes
- KeyDerivationHashAlgorithm
-
The hash type to use for deriving a key using ECDH.
Type: String
Valid Values:
SHA_256 | SHA_384 | SHA_512Required: Yes
- PublicKeyCertificate
-
The client's public key certificate in PEM format (base64 encoded) to use for ECDH key derivation.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 32768.
Pattern:
[^\[;\]<>]+Required: Yes
-
A byte string containing information that binds the ECDH derived key to the two parties involved or to the context of the key.
It may include details like identities of the two parties deriving the key, context of the operation, session IDs, and optionally a nonce. It must not contain zero bytes, and re-using shared information for multiple ECDH key derivations is not recommended.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 2048.
Pattern:
(?:[0-9a-fA-F][0-9a-fA-F])+Required: Yes
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
