/* * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. * A copy of the License is located at * * http://aws.amazon.com/apache2.0 * * or in the "license" file accompanying this file. This file is distributed * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either * express or implied. See the License for the specific language governing * permissions and limitations under the License. */ package com.amazonaws.services.kms.model; import java.io.Serializable; import com.amazonaws.AmazonWebServiceRequest; /** *

* Verifies a digital signature that was generated by the Sign operation. *

*

*

* Verification confirms that an authorized user signed the message with the * specified KMS key and signing algorithm, and the message hasn't changed since * it was signed. If the signature is verified, the value of the * SignatureValid field in the response is True. If * the signature verification fails, the Verify operation fails * with an KMSInvalidSignatureException exception. *

*

* A digital signature is generated by using the private key in an asymmetric * KMS key. The signature is verified by using the public key in the same * asymmetric KMS key. For information about asymmetric KMS keys, see Asymmetric KMS keys in the Key Management Service Developer * Guide. *

*

* To use the Verify operation, specify the same asymmetric KMS * key, message, and signing algorithm that were used to produce the signature. * The message type does not need to be the same as the one used for signing, * but it must indicate whether the value of the Message parameter * should be hashed as part of the verification process. *

*

* You can also verify the digital signature by using the public key of the KMS * key outside of KMS. Use the GetPublicKey operation to download the * public key in the asymmetric KMS key and then use the public key to verify * the signature outside of KMS. The advantage of using the Verify * operation is that it is performed within KMS. As a result, it's easy to call, * the operation is performed within the FIPS boundary, it is logged in * CloudTrail, and you can use key policy and IAM policy to determine who is * authorized to use the KMS key to verify signatures. *

*

* To verify a signature outside of KMS with an SM2 public key (China Regions * only), you must specify the distinguishing ID. By default, KMS uses * 1234567812345678 as the distinguishing ID. For more information, * see Offline verification with SM2 key pairs. *

*

* The KMS key that you use for this operation must be in a compatible key * state. For details, see Key states of KMS keys in the Key Management Service Developer * Guide. *

*

* Cross-account use: Yes. To perform this operation with a KMS key in a * different Amazon Web Services account, specify the key ARN or alias ARN in * the value of the KeyId parameter. *

*

* Required permissions: kms:Verify (key policy) *

*

* Related operations: Sign *

*/ public class VerifyRequest extends AmazonWebServiceRequest implements Serializable { /** *

* Identifies the asymmetric KMS key that will be used to verify the * signature. This must be the same KMS key that was used to generate the * signature. If you specify a different KMS key, the signature verification * fails. *

*

* To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. * When using an alias name, prefix it with "alias/". To * specify a KMS key in a different Amazon Web Services account, you must * use the key ARN or alias ARN. *

*

* For example: *

* *

* To get the key ID and key ARN for a KMS key, use ListKeys or * DescribeKey. To get the alias name and alias ARN, use * ListAliases. *

*

* Constraints:
* Length: 1 - 2048
*/ private String keyId; /** *

* Specifies the message that was signed. You can submit a raw message of up * to 4096 bytes, or a hash digest of the message. If you submit a digest, * use the MessageType parameter with a value of * DIGEST. *

*

* If the message specified here is different from the message that was * signed, the signature verification fails. A message and its hash digest * are considered to be the same message. *

*

* Constraints:
* Length: 1 - 4096
*/ private java.nio.ByteBuffer message; /** *

* Tells KMS whether the value of the Message parameter should * be hashed as part of the signing algorithm. Use RAW for * unhashed messages; use DIGEST for message digests, which are * already hashed. *

*

* When the value of MessageType is RAW, KMS uses * the standard signing algorithm, which begins with a hash function. When * the value is DIGEST, KMS skips the hashing step in the * signing algorithm. *

* *

* Use the DIGEST value only when the value of the * Message parameter is a message digest. If you use the * DIGEST value with an unhashed message, the security of the * verification operation can be compromised. *

* *

* When the value of MessageTypeis DIGEST, the * length of the Message value must match the length of hashed * messages for the specified signing algorithm. *

*

* You can submit a message digest and omit the MessageType or * specify RAW so the digest is hashed again while signing. * However, if the signed message is hashed once while signing, but twice * while verifying, verification fails, even when the message hasn't * changed. *

*

* The hashing algorithm in that Verify uses is based on the * SigningAlgorithm value. *

* *

* Constraints:
* Allowed Values: RAW, DIGEST */ private String messageType; /** *

* The signature that the Sign operation generated. *

*

* Constraints:
* Length: 1 - 6144
*/ private java.nio.ByteBuffer signature; /** *

* The signing algorithm that was used to sign the message. If you submit a * different algorithm, the signature verification fails. *

*

* Constraints:
* Allowed Values: RSASSA_PSS_SHA_256, RSASSA_PSS_SHA_384, * RSASSA_PSS_SHA_512, RSASSA_PKCS1_V1_5_SHA_256, RSASSA_PKCS1_V1_5_SHA_384, * RSASSA_PKCS1_V1_5_SHA_512, ECDSA_SHA_256, ECDSA_SHA_384, ECDSA_SHA_512, * SM2DSA */ private String signingAlgorithm; /** *

* A list of grant tokens. *

*

* Use a grant token when your permission to call this operation comes from * a new grant that has not yet achieved eventual consistency. For * more information, see Grant token and Using a grant token in the Key Management Service Developer * Guide. *

*/ private java.util.List grantTokens = new java.util.ArrayList(); /** *

* Checks if your request will succeed. DryRun is an optional * parameter. *

*

* To learn more about how to use this parameter, see Testing your KMS API calls in the Key Management Service * Developer Guide. *

*/ private Boolean dryRun; /** *

* Identifies the asymmetric KMS key that will be used to verify the * signature. This must be the same KMS key that was used to generate the * signature. If you specify a different KMS key, the signature verification * fails. *

*

* To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. * When using an alias name, prefix it with "alias/". To * specify a KMS key in a different Amazon Web Services account, you must * use the key ARN or alias ARN. *

*

* For example: *

* *

* To get the key ID and key ARN for a KMS key, use ListKeys or * DescribeKey. To get the alias name and alias ARN, use * ListAliases. *

*

* Constraints:
* Length: 1 - 2048
* * @return

* Identifies the asymmetric KMS key that will be used to verify the * signature. This must be the same KMS key that was used to * generate the signature. If you specify a different KMS key, the * signature verification fails. *

*

* To specify a KMS key, use its key ID, key ARN, alias name, or * alias ARN. When using an alias name, prefix it with * "alias/". To specify a KMS key in a different Amazon * Web Services account, you must use the key ARN or alias ARN. *

*

* For example: *

* *

* To get the key ID and key ARN for a KMS key, use ListKeys * or DescribeKey. To get the alias name and alias ARN, use * ListAliases. *

*/ public String getKeyId() { return keyId; } /** *

* Identifies the asymmetric KMS key that will be used to verify the * signature. This must be the same KMS key that was used to generate the * signature. If you specify a different KMS key, the signature verification * fails. *

*

* To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. * When using an alias name, prefix it with "alias/". To * specify a KMS key in a different Amazon Web Services account, you must * use the key ARN or alias ARN. *

*

* For example: *

* *

* To get the key ID and key ARN for a KMS key, use ListKeys or * DescribeKey. To get the alias name and alias ARN, use * ListAliases. *

*

* Constraints:
* Length: 1 - 2048
* * @param keyId

* Identifies the asymmetric KMS key that will be used to verify * the signature. This must be the same KMS key that was used to * generate the signature. If you specify a different KMS key, * the signature verification fails. *

*

* To specify a KMS key, use its key ID, key ARN, alias name, or * alias ARN. When using an alias name, prefix it with * "alias/". To specify a KMS key in a different * Amazon Web Services account, you must use the key ARN or alias * ARN. *

*

* For example: *

* *

* To get the key ID and key ARN for a KMS key, use * ListKeys or DescribeKey. To get the alias name * and alias ARN, use ListAliases. *

*/ public void setKeyId(String keyId) { this.keyId = keyId; } /** *

* Identifies the asymmetric KMS key that will be used to verify the * signature. This must be the same KMS key that was used to generate the * signature. If you specify a different KMS key, the signature verification * fails. *

*

* To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN. * When using an alias name, prefix it with "alias/". To * specify a KMS key in a different Amazon Web Services account, you must * use the key ARN or alias ARN. *

*

* For example: *

* *

* To get the key ID and key ARN for a KMS key, use ListKeys or * DescribeKey. To get the alias name and alias ARN, use * ListAliases. *

*

* Returns a reference to this object so that method calls can be chained * together. *

* Constraints:
* Length: 1 - 2048
* * @param keyId

* Identifies the asymmetric KMS key that will be used to verify * the signature. This must be the same KMS key that was used to * generate the signature. If you specify a different KMS key, * the signature verification fails. *

*

* To specify a KMS key, use its key ID, key ARN, alias name, or * alias ARN. When using an alias name, prefix it with * "alias/". To specify a KMS key in a different * Amazon Web Services account, you must use the key ARN or alias * ARN. *

*

* For example: *

* *

* To get the key ID and key ARN for a KMS key, use * ListKeys or DescribeKey. To get the alias name * and alias ARN, use ListAliases. *

* @return A reference to this updated object so that method calls can be * chained together. */ public VerifyRequest withKeyId(String keyId) { this.keyId = keyId; return this; } /** *

* Specifies the message that was signed. You can submit a raw message of up * to 4096 bytes, or a hash digest of the message. If you submit a digest, * use the MessageType parameter with a value of * DIGEST. *

*

* If the message specified here is different from the message that was * signed, the signature verification fails. A message and its hash digest * are considered to be the same message. *

*

* Constraints:
* Length: 1 - 4096
* * @return

* Specifies the message that was signed. You can submit a raw * message of up to 4096 bytes, or a hash digest of the message. If * you submit a digest, use the MessageType parameter * with a value of DIGEST. *

*

* If the message specified here is different from the message that * was signed, the signature verification fails. A message and its * hash digest are considered to be the same message. *

*/ public java.nio.ByteBuffer getMessage() { return message; } /** *

* Specifies the message that was signed. You can submit a raw message of up * to 4096 bytes, or a hash digest of the message. If you submit a digest, * use the MessageType parameter with a value of * DIGEST. *

*

* If the message specified here is different from the message that was * signed, the signature verification fails. A message and its hash digest * are considered to be the same message. *

*

* Constraints:
* Length: 1 - 4096
* * @param message

* Specifies the message that was signed. You can submit a raw * message of up to 4096 bytes, or a hash digest of the message. * If you submit a digest, use the MessageType * parameter with a value of DIGEST. *

*

* If the message specified here is different from the message * that was signed, the signature verification fails. A message * and its hash digest are considered to be the same message. *

*/ public void setMessage(java.nio.ByteBuffer message) { this.message = message; } /** *

* Specifies the message that was signed. You can submit a raw message of up * to 4096 bytes, or a hash digest of the message. If you submit a digest, * use the MessageType parameter with a value of * DIGEST. *

*

* If the message specified here is different from the message that was * signed, the signature verification fails. A message and its hash digest * are considered to be the same message. *

*

* Returns a reference to this object so that method calls can be chained * together. *

* Constraints:
* Length: 1 - 4096
* * @param message

* Specifies the message that was signed. You can submit a raw * message of up to 4096 bytes, or a hash digest of the message. * If you submit a digest, use the MessageType * parameter with a value of DIGEST. *

*

* If the message specified here is different from the message * that was signed, the signature verification fails. A message * and its hash digest are considered to be the same message. *

* @return A reference to this updated object so that method calls can be * chained together. */ public VerifyRequest withMessage(java.nio.ByteBuffer message) { this.message = message; return this; } /** *

* Tells KMS whether the value of the Message parameter should * be hashed as part of the signing algorithm. Use RAW for * unhashed messages; use DIGEST for message digests, which are * already hashed. *

*

* When the value of MessageType is RAW, KMS uses * the standard signing algorithm, which begins with a hash function. When * the value is DIGEST, KMS skips the hashing step in the * signing algorithm. *

* *

* Use the DIGEST value only when the value of the * Message parameter is a message digest. If you use the * DIGEST value with an unhashed message, the security of the * verification operation can be compromised. *

* *

* When the value of MessageTypeis DIGEST, the * length of the Message value must match the length of hashed * messages for the specified signing algorithm. *

*

* You can submit a message digest and omit the MessageType or * specify RAW so the digest is hashed again while signing. * However, if the signed message is hashed once while signing, but twice * while verifying, verification fails, even when the message hasn't * changed. *

*

* The hashing algorithm in that Verify uses is based on the * SigningAlgorithm value. *

* *

* Constraints:
* Allowed Values: RAW, DIGEST * * @return

* Tells KMS whether the value of the Message parameter * should be hashed as part of the signing algorithm. Use * RAW for unhashed messages; use DIGEST * for message digests, which are already hashed. *

*

* When the value of MessageType is RAW, * KMS uses the standard signing algorithm, which begins with a hash * function. When the value is DIGEST, KMS skips the * hashing step in the signing algorithm. *

* *

* Use the DIGEST value only when the value of the * Message parameter is a message digest. If you use * the DIGEST value with an unhashed message, the * security of the verification operation can be compromised. *

* *

* When the value of MessageTypeis DIGEST, * the length of the Message value must match the * length of hashed messages for the specified signing algorithm. *

*

* You can submit a message digest and omit the * MessageType or specify RAW so the * digest is hashed again while signing. However, if the signed * message is hashed once while signing, but twice while verifying, * verification fails, even when the message hasn't changed. *

*

* The hashing algorithm in that Verify uses is based * on the SigningAlgorithm value. *

* * @see MessageType */ public String getMessageType() { return messageType; } /** *

* Tells KMS whether the value of the Message parameter should * be hashed as part of the signing algorithm. Use RAW for * unhashed messages; use DIGEST for message digests, which are * already hashed. *

*

* When the value of MessageType is RAW, KMS uses * the standard signing algorithm, which begins with a hash function. When * the value is DIGEST, KMS skips the hashing step in the * signing algorithm. *

* *

* Use the DIGEST value only when the value of the * Message parameter is a message digest. If you use the * DIGEST value with an unhashed message, the security of the * verification operation can be compromised. *

* *

* When the value of MessageTypeis DIGEST, the * length of the Message value must match the length of hashed * messages for the specified signing algorithm. *

*

* You can submit a message digest and omit the MessageType or * specify RAW so the digest is hashed again while signing. * However, if the signed message is hashed once while signing, but twice * while verifying, verification fails, even when the message hasn't * changed. *

*

* The hashing algorithm in that Verify uses is based on the * SigningAlgorithm value. *

* *

* Constraints:
* Allowed Values: RAW, DIGEST * * @param messageType

* Tells KMS whether the value of the Message * parameter should be hashed as part of the signing algorithm. * Use RAW for unhashed messages; use * DIGEST for message digests, which are already * hashed. *

*

* When the value of MessageType is RAW * , KMS uses the standard signing algorithm, which begins with a * hash function. When the value is DIGEST, KMS * skips the hashing step in the signing algorithm. *

* *

* Use the DIGEST value only when the value of the * Message parameter is a message digest. If you use * the DIGEST value with an unhashed message, the * security of the verification operation can be compromised. *

* *

* When the value of MessageTypeis * DIGEST, the length of the Message * value must match the length of hashed messages for the * specified signing algorithm. *

*

* You can submit a message digest and omit the * MessageType or specify RAW so the * digest is hashed again while signing. However, if the signed * message is hashed once while signing, but twice while * verifying, verification fails, even when the message hasn't * changed. *

*

* The hashing algorithm in that Verify uses is * based on the SigningAlgorithm value. *

* * @see MessageType */ public void setMessageType(String messageType) { this.messageType = messageType; } /** *

* Tells KMS whether the value of the Message parameter should * be hashed as part of the signing algorithm. Use RAW for * unhashed messages; use DIGEST for message digests, which are * already hashed. *

*

* When the value of MessageType is RAW, KMS uses * the standard signing algorithm, which begins with a hash function. When * the value is DIGEST, KMS skips the hashing step in the * signing algorithm. *

* *

* Use the DIGEST value only when the value of the * Message parameter is a message digest. If you use the * DIGEST value with an unhashed message, the security of the * verification operation can be compromised. *

* *

* When the value of MessageTypeis DIGEST, the * length of the Message value must match the length of hashed * messages for the specified signing algorithm. *

*

* You can submit a message digest and omit the MessageType or * specify RAW so the digest is hashed again while signing. * However, if the signed message is hashed once while signing, but twice * while verifying, verification fails, even when the message hasn't * changed. *

*

* The hashing algorithm in that Verify uses is based on the * SigningAlgorithm value. *

* *

* Returns a reference to this object so that method calls can be chained * together. *

* Constraints:
* Allowed Values: RAW, DIGEST * * @param messageType

* Tells KMS whether the value of the Message * parameter should be hashed as part of the signing algorithm. * Use RAW for unhashed messages; use * DIGEST for message digests, which are already * hashed. *

*

* When the value of MessageType is RAW * , KMS uses the standard signing algorithm, which begins with a * hash function. When the value is DIGEST, KMS * skips the hashing step in the signing algorithm. *

* *

* Use the DIGEST value only when the value of the * Message parameter is a message digest. If you use * the DIGEST value with an unhashed message, the * security of the verification operation can be compromised. *

* *

* When the value of MessageTypeis * DIGEST, the length of the Message * value must match the length of hashed messages for the * specified signing algorithm. *

*

* You can submit a message digest and omit the * MessageType or specify RAW so the * digest is hashed again while signing. However, if the signed * message is hashed once while signing, but twice while * verifying, verification fails, even when the message hasn't * changed. *

*

* The hashing algorithm in that Verify uses is * based on the SigningAlgorithm value. *

* * @return A reference to this updated object so that method calls can be * chained together. * @see MessageType */ public VerifyRequest withMessageType(String messageType) { this.messageType = messageType; return this; } /** *

* Tells KMS whether the value of the Message parameter should * be hashed as part of the signing algorithm. Use RAW for * unhashed messages; use DIGEST for message digests, which are * already hashed. *

*

* When the value of MessageType is RAW, KMS uses * the standard signing algorithm, which begins with a hash function. When * the value is DIGEST, KMS skips the hashing step in the * signing algorithm. *

* *

* Use the DIGEST value only when the value of the * Message parameter is a message digest. If you use the * DIGEST value with an unhashed message, the security of the * verification operation can be compromised. *

* *

* When the value of MessageTypeis DIGEST, the * length of the Message value must match the length of hashed * messages for the specified signing algorithm. *

*

* You can submit a message digest and omit the MessageType or * specify RAW so the digest is hashed again while signing. * However, if the signed message is hashed once while signing, but twice * while verifying, verification fails, even when the message hasn't * changed. *

*

* The hashing algorithm in that Verify uses is based on the * SigningAlgorithm value. *

* *

* Constraints:
* Allowed Values: RAW, DIGEST * * @param messageType

* Tells KMS whether the value of the Message * parameter should be hashed as part of the signing algorithm. * Use RAW for unhashed messages; use * DIGEST for message digests, which are already * hashed. *

*

* When the value of MessageType is RAW * , KMS uses the standard signing algorithm, which begins with a * hash function. When the value is DIGEST, KMS * skips the hashing step in the signing algorithm. *

* *

* Use the DIGEST value only when the value of the * Message parameter is a message digest. If you use * the DIGEST value with an unhashed message, the * security of the verification operation can be compromised. *

* *

* When the value of MessageTypeis * DIGEST, the length of the Message * value must match the length of hashed messages for the * specified signing algorithm. *

*

* You can submit a message digest and omit the * MessageType or specify RAW so the * digest is hashed again while signing. However, if the signed * message is hashed once while signing, but twice while * verifying, verification fails, even when the message hasn't * changed. *

*

* The hashing algorithm in that Verify uses is * based on the SigningAlgorithm value. *

* * @see MessageType */ public void setMessageType(MessageType messageType) { this.messageType = messageType.toString(); } /** *

* Tells KMS whether the value of the Message parameter should * be hashed as part of the signing algorithm. Use RAW for * unhashed messages; use DIGEST for message digests, which are * already hashed. *

*

* When the value of MessageType is RAW, KMS uses * the standard signing algorithm, which begins with a hash function. When * the value is DIGEST, KMS skips the hashing step in the * signing algorithm. *

* *

* Use the DIGEST value only when the value of the * Message parameter is a message digest. If you use the * DIGEST value with an unhashed message, the security of the * verification operation can be compromised. *

* *

* When the value of MessageTypeis DIGEST, the * length of the Message value must match the length of hashed * messages for the specified signing algorithm. *

*

* You can submit a message digest and omit the MessageType or * specify RAW so the digest is hashed again while signing. * However, if the signed message is hashed once while signing, but twice * while verifying, verification fails, even when the message hasn't * changed. *

*

* The hashing algorithm in that Verify uses is based on the * SigningAlgorithm value. *

* *

* Returns a reference to this object so that method calls can be chained * together. *

* Constraints:
* Allowed Values: RAW, DIGEST * * @param messageType

* Tells KMS whether the value of the Message * parameter should be hashed as part of the signing algorithm. * Use RAW for unhashed messages; use * DIGEST for message digests, which are already * hashed. *

*

* When the value of MessageType is RAW * , KMS uses the standard signing algorithm, which begins with a * hash function. When the value is DIGEST, KMS * skips the hashing step in the signing algorithm. *

* *

* Use the DIGEST value only when the value of the * Message parameter is a message digest. If you use * the DIGEST value with an unhashed message, the * security of the verification operation can be compromised. *

* *

* When the value of MessageTypeis * DIGEST, the length of the Message * value must match the length of hashed messages for the * specified signing algorithm. *

*

* You can submit a message digest and omit the * MessageType or specify RAW so the * digest is hashed again while signing. However, if the signed * message is hashed once while signing, but twice while * verifying, verification fails, even when the message hasn't * changed. *

*

* The hashing algorithm in that Verify uses is * based on the SigningAlgorithm value. *

* * @return A reference to this updated object so that method calls can be * chained together. * @see MessageType */ public VerifyRequest withMessageType(MessageType messageType) { this.messageType = messageType.toString(); return this; } /** *

* The signature that the Sign operation generated. *

*

* Constraints:
* Length: 1 - 6144
* * @return

* The signature that the Sign operation generated. *

*/ public java.nio.ByteBuffer getSignature() { return signature; } /** *

* The signature that the Sign operation generated. *

*

* Constraints:
* Length: 1 - 6144
* * @param signature

* The signature that the Sign operation generated. *

*/ public void setSignature(java.nio.ByteBuffer signature) { this.signature = signature; } /** *

* The signature that the Sign operation generated. *

*

* Returns a reference to this object so that method calls can be chained * together. *

* Constraints:
* Length: 1 - 6144
* * @param signature

* The signature that the Sign operation generated. *

* @return A reference to this updated object so that method calls can be * chained together. */ public VerifyRequest withSignature(java.nio.ByteBuffer signature) { this.signature = signature; return this; } /** *

* The signing algorithm that was used to sign the message. If you submit a * different algorithm, the signature verification fails. *

*

* Constraints:
* Allowed Values: RSASSA_PSS_SHA_256, RSASSA_PSS_SHA_384, * RSASSA_PSS_SHA_512, RSASSA_PKCS1_V1_5_SHA_256, RSASSA_PKCS1_V1_5_SHA_384, * RSASSA_PKCS1_V1_5_SHA_512, ECDSA_SHA_256, ECDSA_SHA_384, ECDSA_SHA_512, * SM2DSA * * @return

* The signing algorithm that was used to sign the message. If you * submit a different algorithm, the signature verification fails. *

* @see SigningAlgorithmSpec */ public String getSigningAlgorithm() { return signingAlgorithm; } /** *

* The signing algorithm that was used to sign the message. If you submit a * different algorithm, the signature verification fails. *

*

* Constraints:
* Allowed Values: RSASSA_PSS_SHA_256, RSASSA_PSS_SHA_384, * RSASSA_PSS_SHA_512, RSASSA_PKCS1_V1_5_SHA_256, RSASSA_PKCS1_V1_5_SHA_384, * RSASSA_PKCS1_V1_5_SHA_512, ECDSA_SHA_256, ECDSA_SHA_384, ECDSA_SHA_512, * SM2DSA * * @param signingAlgorithm

* The signing algorithm that was used to sign the message. If * you submit a different algorithm, the signature verification * fails. *

* @see SigningAlgorithmSpec */ public void setSigningAlgorithm(String signingAlgorithm) { this.signingAlgorithm = signingAlgorithm; } /** *

* The signing algorithm that was used to sign the message. If you submit a * different algorithm, the signature verification fails. *

*

* Returns a reference to this object so that method calls can be chained * together. *

* Constraints:
* Allowed Values: RSASSA_PSS_SHA_256, RSASSA_PSS_SHA_384, * RSASSA_PSS_SHA_512, RSASSA_PKCS1_V1_5_SHA_256, RSASSA_PKCS1_V1_5_SHA_384, * RSASSA_PKCS1_V1_5_SHA_512, ECDSA_SHA_256, ECDSA_SHA_384, ECDSA_SHA_512, * SM2DSA * * @param signingAlgorithm

* The signing algorithm that was used to sign the message. If * you submit a different algorithm, the signature verification * fails. *

* @return A reference to this updated object so that method calls can be * chained together. * @see SigningAlgorithmSpec */ public VerifyRequest withSigningAlgorithm(String signingAlgorithm) { this.signingAlgorithm = signingAlgorithm; return this; } /** *

* The signing algorithm that was used to sign the message. If you submit a * different algorithm, the signature verification fails. *

*

* Constraints:
* Allowed Values: RSASSA_PSS_SHA_256, RSASSA_PSS_SHA_384, * RSASSA_PSS_SHA_512, RSASSA_PKCS1_V1_5_SHA_256, RSASSA_PKCS1_V1_5_SHA_384, * RSASSA_PKCS1_V1_5_SHA_512, ECDSA_SHA_256, ECDSA_SHA_384, ECDSA_SHA_512, * SM2DSA * * @param signingAlgorithm

* The signing algorithm that was used to sign the message. If * you submit a different algorithm, the signature verification * fails. *

* @see SigningAlgorithmSpec */ public void setSigningAlgorithm(SigningAlgorithmSpec signingAlgorithm) { this.signingAlgorithm = signingAlgorithm.toString(); } /** *

* The signing algorithm that was used to sign the message. If you submit a * different algorithm, the signature verification fails. *

*

* Returns a reference to this object so that method calls can be chained * together. *

* Constraints:
* Allowed Values: RSASSA_PSS_SHA_256, RSASSA_PSS_SHA_384, * RSASSA_PSS_SHA_512, RSASSA_PKCS1_V1_5_SHA_256, RSASSA_PKCS1_V1_5_SHA_384, * RSASSA_PKCS1_V1_5_SHA_512, ECDSA_SHA_256, ECDSA_SHA_384, ECDSA_SHA_512, * SM2DSA * * @param signingAlgorithm

* The signing algorithm that was used to sign the message. If * you submit a different algorithm, the signature verification * fails. *

* @return A reference to this updated object so that method calls can be * chained together. * @see SigningAlgorithmSpec */ public VerifyRequest withSigningAlgorithm(SigningAlgorithmSpec signingAlgorithm) { this.signingAlgorithm = signingAlgorithm.toString(); return this; } /** *

* A list of grant tokens. *

*

* Use a grant token when your permission to call this operation comes from * a new grant that has not yet achieved eventual consistency. For * more information, see Grant token and Using a grant token in the Key Management Service Developer * Guide. *

* * @return

* A list of grant tokens. *

*

* Use a grant token when your permission to call this operation * comes from a new grant that has not yet achieved eventual * consistency. For more information, see Grant token and Using a grant token in the Key Management Service * Developer Guide. *

*/ public java.util.List getGrantTokens() { return grantTokens; } /** *

* A list of grant tokens. *

*

* Use a grant token when your permission to call this operation comes from * a new grant that has not yet achieved eventual consistency. For * more information, see Grant token and Using a grant token in the Key Management Service Developer * Guide. *

* * @param grantTokens

* A list of grant tokens. *

*

* Use a grant token when your permission to call this operation * comes from a new grant that has not yet achieved eventual * consistency. For more information, see Grant token and Using a grant token in the Key Management Service * Developer Guide. *

*/ public void setGrantTokens(java.util.Collection grantTokens) { if (grantTokens == null) { this.grantTokens = null; return; } this.grantTokens = new java.util.ArrayList(grantTokens); } /** *

* A list of grant tokens. *

*

* Use a grant token when your permission to call this operation comes from * a new grant that has not yet achieved eventual consistency. For * more information, see Grant token and Using a grant token in the Key Management Service Developer * Guide. *

*

* Returns a reference to this object so that method calls can be chained * together. * * @param grantTokens

* A list of grant tokens. *

*

* Use a grant token when your permission to call this operation * comes from a new grant that has not yet achieved eventual * consistency. For more information, see Grant token and Using a grant token in the Key Management Service * Developer Guide. *

* @return A reference to this updated object so that method calls can be * chained together. */ public VerifyRequest withGrantTokens(String... grantTokens) { if (getGrantTokens() == null) { this.grantTokens = new java.util.ArrayList(grantTokens.length); } for (String value : grantTokens) { this.grantTokens.add(value); } return this; } /** *

* A list of grant tokens. *

*

* Use a grant token when your permission to call this operation comes from * a new grant that has not yet achieved eventual consistency. For * more information, see Grant token and Using a grant token in the Key Management Service Developer * Guide. *

*

* Returns a reference to this object so that method calls can be chained * together. * * @param grantTokens

* A list of grant tokens. *

*

* Use a grant token when your permission to call this operation * comes from a new grant that has not yet achieved eventual * consistency. For more information, see Grant token and Using a grant token in the Key Management Service * Developer Guide. *

* @return A reference to this updated object so that method calls can be * chained together. */ public VerifyRequest withGrantTokens(java.util.Collection grantTokens) { setGrantTokens(grantTokens); return this; } /** *

* Checks if your request will succeed. DryRun is an optional * parameter. *

*

* To learn more about how to use this parameter, see Testing your KMS API calls in the Key Management Service * Developer Guide. *

* * @return

* Checks if your request will succeed. DryRun is an * optional parameter. *

*

* To learn more about how to use this parameter, see Testing your KMS API calls in the Key Management Service * Developer Guide. *

*/ public Boolean isDryRun() { return dryRun; } /** *

* Checks if your request will succeed. DryRun is an optional * parameter. *

*

* To learn more about how to use this parameter, see Testing your KMS API calls in the Key Management Service * Developer Guide. *

* * @return

* Checks if your request will succeed. DryRun is an * optional parameter. *

*

* To learn more about how to use this parameter, see Testing your KMS API calls in the Key Management Service * Developer Guide. *

*/ public Boolean getDryRun() { return dryRun; } /** *

* Checks if your request will succeed. DryRun is an optional * parameter. *

*

* To learn more about how to use this parameter, see Testing your KMS API calls in the Key Management Service * Developer Guide. *

* * @param dryRun

* Checks if your request will succeed. DryRun is an * optional parameter. *

*

* To learn more about how to use this parameter, see Testing your KMS API calls in the Key Management * Service Developer Guide. *

*/ public void setDryRun(Boolean dryRun) { this.dryRun = dryRun; } /** *

* Checks if your request will succeed. DryRun is an optional * parameter. *

*

* To learn more about how to use this parameter, see Testing your KMS API calls in the Key Management Service * Developer Guide. *

*

* Returns a reference to this object so that method calls can be chained * together. * * @param dryRun

* Checks if your request will succeed. DryRun is an * optional parameter. *

*

* To learn more about how to use this parameter, see Testing your KMS API calls in the Key Management * Service Developer Guide. *

* @return A reference to this updated object so that method calls can be * chained together. */ public VerifyRequest withDryRun(Boolean dryRun) { this.dryRun = dryRun; return this; } /** * Returns a string representation of this object; useful for testing and * debugging. * * @return A string representation of this object. * @see java.lang.Object#toString() */ @Override public String toString() { StringBuilder sb = new StringBuilder(); sb.append("{"); if (getKeyId() != null) sb.append("KeyId: " + getKeyId() + ","); if (getMessage() != null) sb.append("Message: " + getMessage() + ","); if (getMessageType() != null) sb.append("MessageType: " + getMessageType() + ","); if (getSignature() != null) sb.append("Signature: " + getSignature() + ","); if (getSigningAlgorithm() != null) sb.append("SigningAlgorithm: " + getSigningAlgorithm() + ","); if (getGrantTokens() != null) sb.append("GrantTokens: " + getGrantTokens() + ","); if (getDryRun() != null) sb.append("DryRun: " + getDryRun()); sb.append("}"); return sb.toString(); } @Override public int hashCode() { final int prime = 31; int hashCode = 1; hashCode = prime * hashCode + ((getKeyId() == null) ? 0 : getKeyId().hashCode()); hashCode = prime * hashCode + ((getMessage() == null) ? 0 : getMessage().hashCode()); hashCode = prime * hashCode + ((getMessageType() == null) ? 0 : getMessageType().hashCode()); hashCode = prime * hashCode + ((getSignature() == null) ? 0 : getSignature().hashCode()); hashCode = prime * hashCode + ((getSigningAlgorithm() == null) ? 0 : getSigningAlgorithm().hashCode()); hashCode = prime * hashCode + ((getGrantTokens() == null) ? 0 : getGrantTokens().hashCode()); hashCode = prime * hashCode + ((getDryRun() == null) ? 0 : getDryRun().hashCode()); return hashCode; } @Override public boolean equals(Object obj) { if (this == obj) return true; if (obj == null) return false; if (obj instanceof VerifyRequest == false) return false; VerifyRequest other = (VerifyRequest) obj; if (other.getKeyId() == null ^ this.getKeyId() == null) return false; if (other.getKeyId() != null && other.getKeyId().equals(this.getKeyId()) == false) return false; if (other.getMessage() == null ^ this.getMessage() == null) return false; if (other.getMessage() != null && other.getMessage().equals(this.getMessage()) == false) return false; if (other.getMessageType() == null ^ this.getMessageType() == null) return false; if (other.getMessageType() != null && other.getMessageType().equals(this.getMessageType()) == false) return false; if (other.getSignature() == null ^ this.getSignature() == null) return false; if (other.getSignature() != null && other.getSignature().equals(this.getSignature()) == false) return false; if (other.getSigningAlgorithm() == null ^ this.getSigningAlgorithm() == null) return false; if (other.getSigningAlgorithm() != null && other.getSigningAlgorithm().equals(this.getSigningAlgorithm()) == false) return false; if (other.getGrantTokens() == null ^ this.getGrantTokens() == null) return false; if (other.getGrantTokens() != null && other.getGrantTokens().equals(this.getGrantTokens()) == false) return false; if (other.getDryRun() == null ^ this.getDryRun() == null) return false; if (other.getDryRun() != null && other.getDryRun().equals(this.getDryRun()) == false) return false; return true; } }