The algorithm of the key on the HSM.

When the key use is sig, the algorithm represents a signing algorithm such as ES256.

When the key use is enc, the algorithm represents an encryption algorithm such as RSA-OAEP-256.

See the following links for more details.

• RFC 7517 JSON Web Key (JWK), 4.4. "alg" (Algorithm) Parameter

• RFC 7518 JSON Web Algorithms (JWA), 3.1. "alg" (Algorithm) Header Parameter Values for JWS

• RFC 7518 JSON Web Algorithms (JWA), 4.1. "alg" (Algorithm) Header Parameter Values for JWE

The handle for the key on the HSM.

A handle is a base64url-encoded 256-bit random value (43 letters) which is assigned by Authlete on the call of the /hsk/create API.

A handle is needed to call the /hsk/get/{handle} API and the /hsk/delete/{handle} API.

The name of the HSM.

The identifier for the HSM that sits behind the Authlete server. For example, google.

The key ID for the key on the HSM.

See RFC 7517 JSON Web Key (JWK), 4.5. "kid" (Key ID) Parameter for more details.

The key type of the key on the HSM.

See RFC 7517 JSON Web Key (JWK), 4.1. "kty" (Key Type) Parameter for more details.

The public key that corresponds to the key on the HSM.

Get the use of the key on the HSM.

When the key use is sig (signature), the private key on the HSM is used to sign data and the corresponding public key is used to verify the signature.

When the key use is enc (encryption), the private key on the HSM is used to decrypt encrypted data which have been encrypted with the corresponding public key.

See RFC 7517 JSON Web Key (JWK), 4.2. "use" (Public Key Use) Parameter for more details.