CfnKeyMixinProps
- class aws_cdk.mixins_preview.aws_paymentcryptography.mixins.CfnKeyMixinProps(*, derive_key_usage=None, enabled=None, exportable=None, key_attributes=None, key_check_value_algorithm=None, tags=None)
Bases:
objectProperties for CfnKeyPropsMixin.
- Parameters:
derive_key_usage (
Optional[str]) – The cryptographic usage of an ECDH derived key as defined in section A.5.2 of the TR-31 spec.enabled (
Union[bool,IResolvable,None]) – Specifies whether the key is enabled.exportable (
Union[bool,IResolvable,None]) – Specifies whether the key is exportable. This data is immutable after the key is created.key_attributes (
Union[IResolvable,KeyAttributesProperty,Dict[str,Any],None]) – The role of the key, the algorithm it supports, and the cryptographic operations allowed with the key. This data is immutable after the key is created.key_check_value_algorithm (
Optional[str]) – The algorithm that AWS Payment Cryptography uses to calculate the key check value (KCV). It is used to validate the key integrity. For TDES keys, the KCV is computed by encrypting 8 bytes, each with value of zero, with the key to be checked and retaining the 3 highest order bytes of the encrypted result. For AES keys, the KCV is computed using a CMAC algorithm where the input data is 16 bytes of zero and retaining the 3 highest order bytes of the encrypted result.tags (
Optional[Sequence[Union[CfnTag,Dict[str,Any]]]])
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview.aws_paymentcryptography import mixins as paymentcryptography_mixins cfn_key_mixin_props = paymentcryptography_mixins.CfnKeyMixinProps( derive_key_usage="deriveKeyUsage", enabled=False, exportable=False, key_attributes=paymentcryptography_mixins.CfnKeyPropsMixin.KeyAttributesProperty( key_algorithm="keyAlgorithm", key_class="keyClass", key_modes_of_use=paymentcryptography_mixins.CfnKeyPropsMixin.KeyModesOfUseProperty( decrypt=False, derive_key=False, encrypt=False, generate=False, no_restrictions=False, sign=False, unwrap=False, verify=False, wrap=False ), key_usage="keyUsage" ), key_check_value_algorithm="keyCheckValueAlgorithm", tags=[CfnTag( key="key", value="value" )] )
Attributes
- derive_key_usage
The cryptographic usage of an ECDH derived key as defined in section A.5.2 of the TR-31 spec.
- enabled
Specifies whether the key is enabled.
- exportable
Specifies whether the key is exportable.
This data is immutable after the key is created.
- key_attributes
The role of the key, the algorithm it supports, and the cryptographic operations allowed with the key.
This data is immutable after the key is created.
- key_check_value_algorithm
The algorithm that AWS Payment Cryptography uses to calculate the key check value (KCV).
It is used to validate the key integrity.
For TDES keys, the KCV is computed by encrypting 8 bytes, each with value of zero, with the key to be checked and retaining the 3 highest order bytes of the encrypted result. For AES keys, the KCV is computed using a CMAC algorithm where the input data is 16 bytes of zero and retaining the 3 highest order bytes of the encrypted result.