Exact format of ECDSA_SHA_256 public keys

0

When I do a GetPublicKey of an asymmetric CMK key, I get back 91 bytes. It looks like the last 65 bytes is the actual public key I need (starting at "04"). Can someone describe the format of this key in any detail? Thank you.

Maurice

asked 4 years ago237 views
2 Answers
1
Accepted Answer

Hi Maurice:

KMS returns the public key as a Subject Public Key Info (SPKI) structure, as defined by RFC 5280 and its various references. We specifically return the key in the binary Distinguished Encoding Rules (DER) ASN.1 format.

This format should be supported by most, if not all, common cryptographic libraries.

Thanks for your feedback on how this wasn't as clear as it should have been - I'm going to work to get the KMS documentation updated to clarify.

Please let me know if I can be of further assistance.

Benjamin
AWS KMS Team

AWS
answered 4 years ago
0

Thank you. Works for me.

answered 4 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions