404

[ Avaa Bypassed ]




Upload:

Command:

botdev@3.14.146.45: ~ $
**Example 1: To generate a digital signature for a message**

The following ``sign`` example generates a cryptographic signature for a short message. The output of the command includes a base-64 encoded ``Signature`` field that you can verify by using the ``verify`` command.

You must specify a message to sign and a signing algorithm that your asymmetric KMS key supports. To get the signing algorithms for your KMS key, use the ``describe-key`` command. 

In AWS CLI 2.0, the value of the ``message`` parameter must be Base64-encoded. Or, you can save the message in a file and use the ``fileb://`` prefix, which tells the AWS CLI to read binary data from the file.

Before running this command, replace the example key ID with a valid key ID from your AWS account. The key ID must represent an asymmetric KMS key with a key usage of SIGN_VERIFY. ::

    msg=(echo 'Hello World' | base64)
    
    aws kms sign \
        --key-id 1234abcd-12ab-34cd-56ef-1234567890ab \
        --message fileb://UnsignedMessage \
        --message-type RAW \
        --signing-algorithm RSASSA_PKCS1_V1_5_SHA_256

Output::

    {
        "KeyId": "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab",
        "Signature": "ABCDEFhpyVYyTxbafE74ccSvEJLJr3zuoV1Hfymz4qv+/fxmxNLA7SE1SiF8lHw80fKZZ3bJ...",
        "SigningAlgorithm": "RSASSA_PKCS1_V1_5_SHA_256"
    }

For more information about using asymmetric KMS keys in AWS KMS, see `Asymmetric keys in AWS KMS <https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html>`__ in the *AWS Key Management Service Developer Guide*.

**Example 2: To save a digital signature in a file (Linux and macOs)**

The following ``sign`` example generates a cryptographic signature for a short message stored in a local file. The command also gets the ``Signature`` property from the response, Base64-decodes it and saves it in the ExampleSignature file. You can use the signature file in a ``verify`` command that verifies the signature.

The ``sign`` command requires a Base64-encoded message and a signing algorithm that your asymmetric KMS key supports. To get the signing algorithms that your KMS key supports, use the ``describe-key`` command.

Before running this command, replace the example key ID with a valid key ID from your AWS account. The key ID must represent an asymmetric KMS key with a key usage of SIGN_VERIFY. ::

    echo 'hello world' | base64 > EncodedMessage
    
    aws kms sign \
        --key-id 1234abcd-12ab-34cd-56ef-1234567890ab \
        --message fileb://EncodedMessage \
        --message-type RAW \
        --signing-algorithm RSASSA_PKCS1_V1_5_SHA_256 \
        --output text \
        --query Signature | base64 --decode > ExampleSignature

This command produces no output. This example extracts the ``Signature`` property of the output and saves it in a file.

For more information about using asymmetric KMS keys in AWS KMS, see `Asymmetric keys in AWS KMS <https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html>`__ in the *AWS Key Management Service Developer Guide*.

Filemanager

Name Type Size Permission Actions
cancel-key-deletion.rst File 884 B 0644
connect-custom-key-store.rst File 1.08 KB 0755
create-alias.rst File 729 B 0644
create-custom-key-store.rst File 3.75 KB 0755
create-grant.rst File 1.18 KB 0755
create-key.rst File 12.17 KB 0644
decrypt.rst File 4.44 KB 0644
delete-alias.rst File 502 B 0644
delete-custom-key-store.rst File 1.47 KB 0755
delete-imported-key-material.rst File 656 B 0644
describe-custom-key-stores.rst File 5.32 KB 0755
describe-key.rst File 5.76 KB 0644
disable-key-rotation.rst File 679 B 0644
disable-key.rst File 503 B 0644
disconnect-custom-key-store.rst File 1.25 KB 0644
enable-key-rotation.rst File 708 B 0644
enable-key.rst File 1.02 KB 0644
encrypt.rst File 3.47 KB 0644
generate-data-key-pair-without-plaintext.rst File 1.66 KB 0644
generate-data-key-pair.rst File 1.73 KB 0644
generate-data-key-without-plaintext.rst File 1.35 KB 0644
generate-data-key.rst File 3.17 KB 0644
generate-random.rst File 3.16 KB 0644
get-key-policy.rst File 956 B 0644
get-key-rotation-status.rst File 656 B 0644
get-parameters-for-import.rst File 1.36 KB 0644
get-public-key.rst File 2.31 KB 0644
import-key-material.rst File 1.51 KB 0644
list-aliases.rst File 2.72 KB 0755
list-grants.rst File 2.55 KB 0755
list-key-policies.rst File 926 B 0644
list-keys.rst File 1.04 KB 0644
list-resource-tags.rst File 980 B 0644
list-retirable-grants.rst File 2.92 KB 0644
put-key-policy.rst File 3.44 KB 0755
re-encrypt.rst File 3.82 KB 0644
retire-grant.rst File 810 B 0644
revoke-grant.rst File 776 B 0644
schedule-key-deletion.rst File 1.44 KB 0644
sign.rst File 3.08 KB 0644
tag-resource.rst File 891 B 0644
untag-resource.rst File 836 B 0644
update-alias.rst File 814 B 0644
update-custom-key-store.rst File 6.61 KB 0755
update-key-description.rst File 1.85 KB 0644
verify.rst File 1.38 KB 0644