diff --git a/kms/apiv1/requests.go b/kms/apiv1/requests.go index 94d832f9..762d9dd8 100644 --- a/kms/apiv1/requests.go +++ b/kms/apiv1/requests.go @@ -100,7 +100,7 @@ type GetPublicKeyRequest struct { type CreateKeyRequest struct { // Name represents the key name or label used to identify a key. // - // Used by: awskms, cloudkms, pkcs11, yubikey. + // Used by: awskms, cloudkms, azurekms, pkcs11, yubikey. Name string // SignatureAlgorithm represents the type of key to create. @@ -110,11 +110,13 @@ type CreateKeyRequest struct { Bits int // ProtectionLevel specifies how cryptographic operations are performed. - // Used by: cloudkms + // Used by: cloudkms, azurekms. ProtectionLevel ProtectionLevel - // Whether the key may be exported from the HSM under a wrap key. - // Sets the CKA_EXTRACTABLE bit. + // Extractable defines if the new key may be exported from the HSM under a + // wrap key. On pkcs11 sets the CKA_EXTRACTABLE bit. + // + // Used by: pkcs11 Extractable bool } @@ -157,7 +159,9 @@ type StoreCertificateRequest struct { Name string Certificate *x509.Certificate - // Whether the key may be exported from the HSM under a wrap key. - // Sets the CKA_EXTRACTABLE bit. + // Extractable defines if the new certificate may be exported from the HSM + // under a wrap key. On pkcs11 sets the CKA_EXTRACTABLE bit. + // + // Used by: pkcs11 Extractable bool }