Verifies a digital signature by using an asymmetric key.
Usage notes
The following table describes the signature algorithms for different types of customer master keys (CMKs).
CMK type | Signature algorithm | Description |
---|---|---|
| RSA_PSS_SHA_256 (default value) | RSASSA-PSS using SHA-256 and MGF1 with SHA-256 |
RSA_PKCS1_SHA_256 | RSASSA-PKCS1-v1_5 using SHA-256 | |
| ECDSA_SHA_256 (default value) | ECDSA on the P-256 Curve(secp256r1) with a SHA-256 digest |
EC_SM2 | SM2DSA (default value) | SM2 elliptic curve public key encryption algorithm |
Request message definition
message VerifyRequest {
string KeyId = 1;
bytes Signature = 2;
string Algorithm = 3;
bytes Message = 4;
string MessageType = 5;
}
Request parameters
Parameter | Type | Required | Example | Description |
---|---|---|---|---|
KeyId | string | Yes | 1234abcd-12ab-34cd-56ef-12345678**** | The ID of the customer master key (CMK). The ID must be globally unique. You can also set this parameter to an alias that is bound to the CMK. |
Algorithm | string | Yes | RSAES_OAEP_SHA_256 | The signature algorithm. Valid values:
Note The signature algorithm must be consistent with the algorithm that is returned by calling the Sign operation. |
MessageType | string | Yes | RAW | The message type. Valid values:
|
Message | bytes | Yes | Binary data | The message to sign.
|
Signature | bytes | Yes | Binary data | The signature value to be verified. |
Response message definition
message VerifyResponse {
string KeyId = 1;
bool Value = 2;
string RequestId = 3;
string Algorithm = 4;
string MessageType = 5;
}
Response parameters
Parameter | Type | Example | Description |
---|---|---|---|
Value | bool | true | Indicates whether the signature passed the verification. Valid values:
|
KeyId | string | 1234abcd-12ab-34cd-56ef-12345678**** | The ID of the CMK. The ID must be globally unique. If the KeyId parameter is set to an alias of the CMK, the ID of the CMK to which the alias is bound is returned. |
Algorithm | string | RSAES_OAEP_SHA_256 | The signature algorithm. |
MessageType | string | RAW | The type of the message. |
RequestId | string | 475f1620-b9d3-4d35-b5c6-3fbdd941423d | The ID of the request. |
Error codes
For more information about error codes, see Common error codes.