By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Exact format of ECDSA_SHA_256 public keys

0

When I do a GetPublicKey of an asymmetric CMK key, I get back 91 bytes. It looks like the last 65 bytes is the actual public key I need (starting at "04"). Can someone describe the format of this key in any detail? Thank you.

Maurice

Topics
Security, Identity, & Compliance
Tags
AWS Key Management Service
Language
English
mauricebizzarri
asked 4 years ago273 views
2 Answers
1
Accepted Answer

Hi Maurice:

KMS returns the public key as a Subject Public Key Info (SPKI) structure, as defined by RFC 5280 and its various references. We specifically return the key in the binary Distinguished Encoding Rules (DER) ASN.1 format.

This format should be supported by most, if not all, common cryptographic libraries.

Thanks for your feedback on how this wasn't as clear as it should have been - I'm going to work to get the KMS documentation updated to clarify.

Please let me know if I can be of further assistance.

Benjamin
AWS KMS Team

AWS
AWS-User-2395763
answered 4 years ago
0

Thank you. Works for me.

mauricebizzarri
answered 4 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content