Oracle Cloud Infrastructure v1.41.0, Jun 19 24

Oracle Cloud Infrastructure v1.41.0 published on Wednesday, Jun 19, 2024 by Pulumi

oci.Kms.Verify

Explore with Pulumi AI

Oracle Cloud Infrastructure v1.41.0 published on Wednesday, Jun 19, 2024 by Pulumi

Verifies a digital signature that was generated by the Sign operation by using the public key of the same asymmetric key that was used to sign the data. If you want to validate the digital signature outside of the service, you can do so by using the public key of the asymmetric key. This operation is not supported for keys having protection mode EXTERNAL.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as oci from "@pulumi/oci";

const testVerify = new oci.kms.Verify("test_verify", {
    cryptoEndpoint: verifyMessageCryptoEndpoint,
    keyId: testKey.id,
    keyVersionId: testKeyVersion.id,
    message: verifyMessage,
    signature: verifySignature,
    signingAlgorithm: verifySigningAlgorithm,
    messageType: verifyMessageType,
});

import pulumi
import pulumi_oci as oci

test_verify = oci.kms.Verify("test_verify",
    crypto_endpoint=verify_message_crypto_endpoint,
    key_id=test_key["id"],
    key_version_id=test_key_version["id"],
    message=verify_message,
    signature=verify_signature,
    signing_algorithm=verify_signing_algorithm,
    message_type=verify_message_type)

package main

import (
	"github.com/pulumi/pulumi-oci/sdk/go/oci/Kms"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := Kms.NewVerify(ctx, "test_verify", &Kms.VerifyArgs{
			CryptoEndpoint:   pulumi.Any(verifyMessageCryptoEndpoint),
			KeyId:            pulumi.Any(testKey.Id),
			KeyVersionId:     pulumi.Any(testKeyVersion.Id),
			Message:          pulumi.Any(verifyMessage),
			Signature:        pulumi.Any(verifySignature),
			SigningAlgorithm: pulumi.Any(verifySigningAlgorithm),
			MessageType:      pulumi.Any(verifyMessageType),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Oci = Pulumi.Oci;

return await Deployment.RunAsync(() => 
{
    var testVerify = new Oci.Kms.Verify("test_verify", new()
    {
        CryptoEndpoint = verifyMessageCryptoEndpoint,
        KeyId = testKey.Id,
        KeyVersionId = testKeyVersion.Id,
        Message = verifyMessage,
        Signature = verifySignature,
        SigningAlgorithm = verifySigningAlgorithm,
        MessageType = verifyMessageType,
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.oci.Kms.Verify;
import com.pulumi.oci.Kms.VerifyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var testVerify = new Verify("testVerify", VerifyArgs.builder()
            .cryptoEndpoint(verifyMessageCryptoEndpoint)
            .keyId(testKey.id())
            .keyVersionId(testKeyVersion.id())
            .message(verifyMessage)
            .signature(verifySignature)
            .signingAlgorithm(verifySigningAlgorithm)
            .messageType(verifyMessageType)
            .build());

    }
}

resources:
  testVerify:
    type: oci:Kms:Verify
    name: test_verify
    properties:
      cryptoEndpoint: ${verifyMessageCryptoEndpoint}
      keyId: ${testKey.id}
      keyVersionId: ${testKeyVersion.id}
      message: ${verifyMessage}
      signature: ${verifySignature}
      signingAlgorithm: ${verifySigningAlgorithm}
      messageType: ${verifyMessageType}

Create Verify Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new Verify(name: string, args: VerifyArgs, opts?: CustomResourceOptions);

@overload
def Verify(resource_name: str,
           args: VerifyArgs,
           opts: Optional[ResourceOptions] = None)

@overload
def Verify(resource_name: str,
           opts: Optional[ResourceOptions] = None,
           crypto_endpoint: Optional[str] = None,
           key_id: Optional[str] = None,
           key_version_id: Optional[str] = None,
           message: Optional[str] = None,
           signature: Optional[str] = None,
           signing_algorithm: Optional[str] = None,
           message_type: Optional[str] = None)

func NewVerify(ctx *Context, name string, args VerifyArgs, opts ...ResourceOption) (*Verify, error)

public Verify(string name, VerifyArgs args, CustomResourceOptions? opts = null)

public Verify(String name, VerifyArgs args)
public Verify(String name, VerifyArgs args, CustomResourceOptions options)

type: oci:Kms:Verify
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args VerifyArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args VerifyArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args VerifyArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args VerifyArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args VerifyArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var verifyResource = new Oci.Kms.Verify("verifyResource", new()
{
    CryptoEndpoint = "string",
    KeyId = "string",
    KeyVersionId = "string",
    Message = "string",
    Signature = "string",
    SigningAlgorithm = "string",
    MessageType = "string",
});

example, err := Kms.NewVerify(ctx, "verifyResource", &Kms.VerifyArgs{
	CryptoEndpoint:   pulumi.String("string"),
	KeyId:            pulumi.String("string"),
	KeyVersionId:     pulumi.String("string"),
	Message:          pulumi.String("string"),
	Signature:        pulumi.String("string"),
	SigningAlgorithm: pulumi.String("string"),
	MessageType:      pulumi.String("string"),
})

var verifyResource = new Verify("verifyResource", VerifyArgs.builder()
    .cryptoEndpoint("string")
    .keyId("string")
    .keyVersionId("string")
    .message("string")
    .signature("string")
    .signingAlgorithm("string")
    .messageType("string")
    .build());

verify_resource = oci.kms.Verify("verifyResource",
    crypto_endpoint="string",
    key_id="string",
    key_version_id="string",
    message="string",
    signature="string",
    signing_algorithm="string",
    message_type="string")

const verifyResource = new oci.kms.Verify("verifyResource", {
    cryptoEndpoint: "string",
    keyId: "string",
    keyVersionId: "string",
    message: "string",
    signature: "string",
    signingAlgorithm: "string",
    messageType: "string",
});

type: oci:Kms:Verify
properties:
    cryptoEndpoint: string
    keyId: string
    keyVersionId: string
    message: string
    messageType: string
    signature: string
    signingAlgorithm: string

Verify Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The Verify resource accepts the following input properties:

CryptoEndpoint string

The service endpoint to perform cryptographic operations against. Cryptographic operations include 'Encrypt,' 'Decrypt,', 'GenerateDataEncryptionKey', 'Sign' and 'Verify' operations. see Vault Crypto endpoint.

KeyId string

The OCID of the key used to sign the message.

KeyVersionId string

The OCID of the key version used to sign the message.

Message string

The base64-encoded binary data object denoting the message or message digest to sign. You can have a message up to 4096 bytes in size. To sign a larger message, provide the message digest.

Signature string

The base64-encoded binary data object denoting the cryptographic signature generated for the message.

SigningAlgorithm string

The algorithm to use to sign the message or message digest. For RSA keys, supported signature schemes include PKCS #1 and RSASSA-PSS, along with different hashing algorithms. For ECDSA keys, ECDSA is the supported signature scheme with different hashing algorithms. When you pass a message digest for signing, ensure that you specify the same hashing algorithm as used when creating the message digest.

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

MessageType string

Denotes whether the value of the message parameter is a raw message or a message digest. The default value, RAW, indicates a message. To indicate a message digest, use DIGEST.

CryptoEndpoint string

KeyId string

The OCID of the key used to sign the message.

KeyVersionId string

The OCID of the key version used to sign the message.

Message string

The base64-encoded binary data object denoting the message or message digest to sign. You can have a message up to 4096 bytes in size. To sign a larger message, provide the message digest.

Signature string

The base64-encoded binary data object denoting the cryptographic signature generated for the message.

SigningAlgorithm string

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

MessageType string

Denotes whether the value of the message parameter is a raw message or a message digest. The default value, RAW, indicates a message. To indicate a message digest, use DIGEST.

cryptoEndpoint String

keyId String

The OCID of the key used to sign the message.

keyVersionId String

The OCID of the key version used to sign the message.

message String

The base64-encoded binary data object denoting the message or message digest to sign. You can have a message up to 4096 bytes in size. To sign a larger message, provide the message digest.

signature String

The base64-encoded binary data object denoting the cryptographic signature generated for the message.

signingAlgorithm String

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

messageType String

Denotes whether the value of the message parameter is a raw message or a message digest. The default value, RAW, indicates a message. To indicate a message digest, use DIGEST.

cryptoEndpoint string

keyId string

The OCID of the key used to sign the message.

keyVersionId string

The OCID of the key version used to sign the message.

message string

The base64-encoded binary data object denoting the message or message digest to sign. You can have a message up to 4096 bytes in size. To sign a larger message, provide the message digest.

signature string

The base64-encoded binary data object denoting the cryptographic signature generated for the message.

signingAlgorithm string

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

messageType string

Denotes whether the value of the message parameter is a raw message or a message digest. The default value, RAW, indicates a message. To indicate a message digest, use DIGEST.

crypto_endpoint str

key_id str

The OCID of the key used to sign the message.

key_version_id str

The OCID of the key version used to sign the message.

message str

The base64-encoded binary data object denoting the message or message digest to sign. You can have a message up to 4096 bytes in size. To sign a larger message, provide the message digest.

signature str

The base64-encoded binary data object denoting the cryptographic signature generated for the message.

signing_algorithm str

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

message_type str

Denotes whether the value of the message parameter is a raw message or a message digest. The default value, RAW, indicates a message. To indicate a message digest, use DIGEST.

cryptoEndpoint String

keyId String

The OCID of the key used to sign the message.

keyVersionId String

The OCID of the key version used to sign the message.

message String

The base64-encoded binary data object denoting the message or message digest to sign. You can have a message up to 4096 bytes in size. To sign a larger message, provide the message digest.

signature String

The base64-encoded binary data object denoting the cryptographic signature generated for the message.

signingAlgorithm String

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

messageType String

Denotes whether the value of the message parameter is a raw message or a message digest. The default value, RAW, indicates a message. To indicate a message digest, use DIGEST.

Outputs

All input properties are implicitly available as output properties. Additionally, the Verify resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.
IsSignatureValid bool: A Boolean value that indicates whether the signature was verified.

Id string: The provider-assigned unique ID for this managed resource.
IsSignatureValid bool: A Boolean value that indicates whether the signature was verified.

id String: The provider-assigned unique ID for this managed resource.
isSignatureValid Boolean: A Boolean value that indicates whether the signature was verified.

id string: The provider-assigned unique ID for this managed resource.
isSignatureValid boolean: A Boolean value that indicates whether the signature was verified.

id str: The provider-assigned unique ID for this managed resource.
is_signature_valid bool: A Boolean value that indicates whether the signature was verified.

id String: The provider-assigned unique ID for this managed resource.
isSignatureValid Boolean: A Boolean value that indicates whether the signature was verified.

Look up Existing Verify Resource

Get an existing Verify resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: VerifyState, opts?: CustomResourceOptions): Verify

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        crypto_endpoint: Optional[str] = None,
        is_signature_valid: Optional[bool] = None,
        key_id: Optional[str] = None,
        key_version_id: Optional[str] = None,
        message: Optional[str] = None,
        message_type: Optional[str] = None,
        signature: Optional[str] = None,
        signing_algorithm: Optional[str] = None) -> Verify

func GetVerify(ctx *Context, name string, id IDInput, state *VerifyState, opts ...ResourceOption) (*Verify, error)

public static Verify Get(string name, Input<string> id, VerifyState? state, CustomResourceOptions? opts = null)

public static Verify get(String name, Output<String> id, VerifyState state, CustomResourceOptions options)

Resource lookup is not supported in YAML

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

CryptoEndpoint string

IsSignatureValid bool

A Boolean value that indicates whether the signature was verified.

KeyId string

The OCID of the key used to sign the message.

KeyVersionId string

The OCID of the key version used to sign the message.

Message string

The base64-encoded binary data object denoting the message or message digest to sign. You can have a message up to 4096 bytes in size. To sign a larger message, provide the message digest.

MessageType string

Denotes whether the value of the message parameter is a raw message or a message digest. The default value, RAW, indicates a message. To indicate a message digest, use DIGEST.

Signature string

The base64-encoded binary data object denoting the cryptographic signature generated for the message.

SigningAlgorithm string

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

CryptoEndpoint string

IsSignatureValid bool

A Boolean value that indicates whether the signature was verified.

KeyId string

The OCID of the key used to sign the message.

KeyVersionId string

The OCID of the key version used to sign the message.

Message string

The base64-encoded binary data object denoting the message or message digest to sign. You can have a message up to 4096 bytes in size. To sign a larger message, provide the message digest.

MessageType string

Denotes whether the value of the message parameter is a raw message or a message digest. The default value, RAW, indicates a message. To indicate a message digest, use DIGEST.

Signature string

The base64-encoded binary data object denoting the cryptographic signature generated for the message.

SigningAlgorithm string

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

cryptoEndpoint String

isSignatureValid Boolean

A Boolean value that indicates whether the signature was verified.

keyId String

The OCID of the key used to sign the message.

keyVersionId String

The OCID of the key version used to sign the message.

message String

The base64-encoded binary data object denoting the message or message digest to sign. You can have a message up to 4096 bytes in size. To sign a larger message, provide the message digest.

messageType String

Denotes whether the value of the message parameter is a raw message or a message digest. The default value, RAW, indicates a message. To indicate a message digest, use DIGEST.

signature String

The base64-encoded binary data object denoting the cryptographic signature generated for the message.

signingAlgorithm String

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

cryptoEndpoint string

isSignatureValid boolean

A Boolean value that indicates whether the signature was verified.

keyId string

The OCID of the key used to sign the message.

keyVersionId string

The OCID of the key version used to sign the message.

message string

The base64-encoded binary data object denoting the message or message digest to sign. You can have a message up to 4096 bytes in size. To sign a larger message, provide the message digest.

messageType string

Denotes whether the value of the message parameter is a raw message or a message digest. The default value, RAW, indicates a message. To indicate a message digest, use DIGEST.

signature string

The base64-encoded binary data object denoting the cryptographic signature generated for the message.

signingAlgorithm string

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

crypto_endpoint str

is_signature_valid bool

A Boolean value that indicates whether the signature was verified.

key_id str

The OCID of the key used to sign the message.

key_version_id str

The OCID of the key version used to sign the message.

message str

The base64-encoded binary data object denoting the message or message digest to sign. You can have a message up to 4096 bytes in size. To sign a larger message, provide the message digest.

message_type str

Denotes whether the value of the message parameter is a raw message or a message digest. The default value, RAW, indicates a message. To indicate a message digest, use DIGEST.

signature str

The base64-encoded binary data object denoting the cryptographic signature generated for the message.

signing_algorithm str

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

cryptoEndpoint String

isSignatureValid Boolean

A Boolean value that indicates whether the signature was verified.

keyId String

The OCID of the key used to sign the message.

keyVersionId String

The OCID of the key version used to sign the message.

message String

The base64-encoded binary data object denoting the message or message digest to sign. You can have a message up to 4096 bytes in size. To sign a larger message, provide the message digest.

messageType String

Denotes whether the value of the message parameter is a raw message or a message digest. The default value, RAW, indicates a message. To indicate a message digest, use DIGEST.

signature String

The base64-encoded binary data object denoting the cryptographic signature generated for the message.

signingAlgorithm String

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

Import

Verify can be imported using the id, e.g.

$ pulumi import oci:Kms/verify:Verify test_verify "id"

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: oci pulumi/pulumi-oci
License: Apache-2.0
Notes: This Pulumi package is based on the oci Terraform Provider.

Oracle Cloud Infrastructure v1.41.0 published on Wednesday, Jun 19, 2024 by Pulumi

pulumi/pulumi-oci

oci.Kms.Verify

On this page

On this page

Example Usage

Create Verify Resource

Constructor syntax

Parameters

Constructor example

Verify Resource Properties

Inputs

Outputs

Look up Existing Verify Resource

Import

Package Details

On this page

On this page