AWS cli documentation change
Summary
Added documentation for ED25519_SHA_512 and ED25519_PH_SHA_512 verification algorithms with message type requirements
Security assessment
Adds documentation for verifying signatures using modern EdDSA algorithms. While this enhances security documentation, there is no indication of fixing a specific security issue.
Diff
diff --git a/cli/latest/reference/kms/verify.md b/cli/latest/reference/kms/verify.md index bc07649ed..dfa74f950 100644 --- a//cli/latest/reference/kms/verify.md +++ b//cli/latest/reference/kms/verify.md @@ -15 +15 @@ - * [AWS CLI 2.31.31 Command Reference](../../index.html) » + * [AWS CLI 2.31.32 Command Reference](../../index.html) » @@ -164,0 +165,7 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/kms-20 +> +> When using ECC_NIST_EDWARDS25519 KMS keys: +> +> * ED25519_SHA_512 signing algorithm requires KMS `MessageType:RAW` +> * ED25519_PH_SHA_512 signing algorithm requires KMS `MessageType:DIGEST` +> + @@ -217,0 +225,2 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/kms-20 +> * `ED25519_SHA_512` +> * `ED25519_PH_SHA_512` @@ -426,0 +436,2 @@ SigningAlgorithm -> (string) +> * `ED25519_SHA_512` +> * `ED25519_PH_SHA_512` @@ -440 +451 @@ SigningAlgorithm -> (string) - * [AWS CLI 2.31.31 Command Reference](../../index.html) » + * [AWS CLI 2.31.32 Command Reference](../../index.html) »