azure.keyvault.generated.models module

class azure.keyvault.generated.models.Attributes(enabled=None, not_before=None, expires=None)[source]

Bases: msrest.serialization.Model

The object attributes managed by the KeyVault service.

Variables are only populated by the server, and will be ignored when sending a request.

Parameters:
  • enabled (bool) – Determines whether the object is enabled.
  • not_before (datetime) – Not before date in UTC.
  • expires (datetime) – Expiry date in UTC.
Variables:
class azure.keyvault.generated.models.JsonWebKey(kid=None, kty=None, key_ops=None, n=None, e=None, d=None, dp=None, dq=None, qi=None, p=None, q=None, k=None, t=None)[source]

Bases: msrest.serialization.Model

As of http://tools.ietf.org/html/draft-ietf-jose-json-web-key-18.

Parameters:
  • kid (str) – Key identifier.
  • kty (str or JsonWebKeyType) – Supported JsonWebKey key types (kty) for Elliptic Curve, RSA, HSM, Octet. Kty is usually set to RSA. Possible values include: ‘EC’, ‘RSA’, ‘RSA-HSM’, ‘oct’
  • key_ops (list of str) –
  • n (bytes) – RSA modulus.
  • e (bytes) – RSA public exponent.
  • d (bytes) – RSA private exponent.
  • dp (bytes) – RSA private key parameter.
  • dq (bytes) – RSA private key parameter.
  • qi (bytes) – RSA private key parameter.
  • p (bytes) – RSA secret prime.
  • q (bytes) – RSA secret prime, with p < q.
  • k (bytes) – Symmetric key.
  • t (bytes) – HSM Token, used with ‘Bring Your Own Key’.
class azure.keyvault.generated.models.KeyAttributes(enabled=None, not_before=None, expires=None)[source]

Bases: azure.keyvault.generated.models.attributes.Attributes

The attributes of a key managed by the key vault service.

Variables are only populated by the server, and will be ignored when sending a request.

Parameters:
  • enabled (bool) – Determines whether the object is enabled.
  • not_before (datetime) – Not before date in UTC.
  • expires (datetime) – Expiry date in UTC.
Variables:
class azure.keyvault.generated.models.KeyBundle(key=None, attributes=None, tags=None)[source]

Bases: msrest.serialization.Model

A KeyBundle consisting of a WebKey plus its attributes.

Variables are only populated by the server, and will be ignored when sending a request.

Parameters:
  • key (JsonWebKey) – The Json web key.
  • attributes (KeyAttributes) – The key management attributes.
  • tags (dict) – Application specific metadata in the form of key-value pairs.
Variables:

managed (bool) – True if the key’s lifetime is managed by key vault. If this is a key backing a certificate, then managed will be true.

class azure.keyvault.generated.models.KeyItem(kid=None, attributes=None, tags=None)[source]

Bases: msrest.serialization.Model

The key item containing key metadata.

Variables are only populated by the server, and will be ignored when sending a request.

Parameters:
  • kid (str) – Key identifier.
  • attributes (KeyAttributes) – The key management attributes.
  • tags (dict) – Application specific metadata in the form of key-value pairs.
Variables:

managed (bool) – True if the key’s lifetime is managed by key vault. If this is a key backing a certificate, then managed will be true.

class azure.keyvault.generated.models.SecretAttributes(enabled=None, not_before=None, expires=None)[source]

Bases: azure.keyvault.generated.models.attributes.Attributes

The secret management attributes.

Variables are only populated by the server, and will be ignored when sending a request.

Parameters:
  • enabled (bool) – Determines whether the object is enabled.
  • not_before (datetime) – Not before date in UTC.
  • expires (datetime) – Expiry date in UTC.
Variables:
class azure.keyvault.generated.models.SecretBundle(value=None, id=None, content_type=None, attributes=None, tags=None)[source]

Bases: msrest.serialization.Model

A secret consisting of a value, id and its attributes.

Variables are only populated by the server, and will be ignored when sending a request.

Parameters:
  • value (str) – The secret value.
  • id (str) – The secret id.
  • content_type (str) – The content type of the secret.
  • attributes (SecretAttributes) – The secret management attributes.
  • tags (dict) – Application specific metadata in the form of key-value pairs.
Variables:
  • kid (str) – If this is a secret backing a KV certificate, then this field specifies the corresponding key backing the KV certificate.
  • managed (bool) – True if the secret’s lifetime is managed by key vault. If this is a secret backing a certificate, then managed will be true.
class azure.keyvault.generated.models.SecretItem(id=None, attributes=None, tags=None, content_type=None)[source]

Bases: msrest.serialization.Model

The secret item containing secret metadata.

Variables are only populated by the server, and will be ignored when sending a request.

Parameters:
  • id (str) – Secret identifier.
  • attributes (SecretAttributes) – The secret management attributes.
  • tags (dict) – Application specific metadata in the form of key-value pairs.
  • content_type (str) – Type of the secret value such as a password.
Variables:

managed (bool) – True if the secret’s lifetime is managed by key vault. If this is a key backing a certificate, then managed will be true.

class azure.keyvault.generated.models.CertificateAttributes(enabled=None, not_before=None, expires=None)[source]

Bases: azure.keyvault.generated.models.attributes.Attributes

The certificate management attributes.

Variables are only populated by the server, and will be ignored when sending a request.

Parameters:
  • enabled (bool) – Determines whether the object is enabled.
  • not_before (datetime) – Not before date in UTC.
  • expires (datetime) – Expiry date in UTC.
Variables:
class azure.keyvault.generated.models.CertificateItem(id=None, attributes=None, tags=None, x509_thumbprint=None)[source]

Bases: msrest.serialization.Model

The certificate item containing certificate metadata.

Parameters:
  • id (str) – Certificate identifier.
  • attributes (CertificateAttributes) – The certificate management attributes.
  • tags (dict) – Application specific metadata in the form of key-value pairs.
  • x509_thumbprint (bytes) – Thumbprint of the certificate.
class azure.keyvault.generated.models.CertificateIssuerItem(id=None, provider=None)[source]

Bases: msrest.serialization.Model

The certificate issuer item containing certificate issuer metadata.

Parameters:
  • id (str) – Certificate Identifier.
  • provider (str) – The issuer provider.
class azure.keyvault.generated.models.KeyProperties(exportable=None, key_type=None, key_size=None, reuse_key=None)[source]

Bases: msrest.serialization.Model

Properties of the key pair backing a certificate.

Parameters:
  • exportable (bool) – Indicates if the private key can be exported.
  • key_type (str) – The key type.
  • key_size (int) – The key size in bytes. For example; 1024 or 2048.
  • reuse_key (bool) – Indicates if the same key pair will be used on certificate renewal.
class azure.keyvault.generated.models.SecretProperties(content_type=None)[source]

Bases: msrest.serialization.Model

Properties of the key backing a certificate.

Parameters:content_type (str) – The media type (MIME type).
class azure.keyvault.generated.models.SubjectAlternativeNames(emails=None, dns_names=None, upns=None)[source]

Bases: msrest.serialization.Model

The subject alternate names of a X509 object.

Parameters:
  • emails (list of str) – Email addresses.
  • dns_names (list of str) – Domain names.
  • upns (list of str) – User principal names.
class azure.keyvault.generated.models.X509CertificateProperties(subject=None, ekus=None, subject_alternative_names=None, key_usage=None, validity_in_months=None)[source]

Bases: msrest.serialization.Model

Properties of the X509 component of a certificate.

Parameters:
  • subject (str) – The subject name. Should be a valid X509 distinguished Name.
  • ekus (list of str) – The enhanced key usage.
  • subject_alternative_names (SubjectAlternativeNames) – The subject alternative names.
  • key_usage (list of str or KeyUsageType) – List of key usages.
  • validity_in_months (int) – The duration that the ceritifcate is valid in months.
class azure.keyvault.generated.models.Trigger(lifetime_percentage=None, days_before_expiry=None)[source]

Bases: msrest.serialization.Model

A condition to be satisfied for an action to be executed.

Parameters:
  • lifetime_percentage (int) – Percentage of lifetime at which to trigger. Value should be between 1 and 99.
  • days_before_expiry (int) – Days before expiry.
class azure.keyvault.generated.models.Action(action_type=None)[source]

Bases: msrest.serialization.Model

The action that will be executed.

Parameters:action_type (str or ActionType) – The type of the action. Possible values include: ‘EmailContacts’, ‘AutoRenew’
class azure.keyvault.generated.models.LifetimeAction(trigger=None, action=None)[source]

Bases: msrest.serialization.Model

Action and its trigger that will be performed by Key Vault over the lifetime of a certificate.

Parameters:
  • trigger (Trigger) – The condition that will execute the action.
  • action (Action) – The action that will be executed.
class azure.keyvault.generated.models.IssuerParameters(name=None, certificate_type=None)[source]

Bases: msrest.serialization.Model

Parameters for the issuer of the X509 component of a certificate.

Parameters:
  • name (str) – Name of the referenced issuer object or reserved names; for example, ‘Self’ or ‘Unknown’.
  • certificate_type (str) – Type of certificate to be requested from the issuer provider.
class azure.keyvault.generated.models.CertificatePolicy(key_properties=None, secret_properties=None, x509_certificate_properties=None, lifetime_actions=None, issuer_parameters=None, attributes=None)[source]

Bases: msrest.serialization.Model

Management policy for a certificate.

Variables are only populated by the server, and will be ignored when sending a request.

Variables:

id (str) – The certificate id.

Parameters:
  • key_properties (KeyProperties) – Properties of the key backing a certificate.
  • secret_properties (SecretProperties) – Properties of the secret backing a certificate.
  • x509_certificate_properties (X509CertificateProperties) – Properties of the X509 component of a certificate.
  • lifetime_actions (list of LifetimeAction) – Actions that will be performed by Key Vault over the lifetime of a certificate.
  • issuer_parameters (IssuerParameters) – Parameters for the issuer of the X509 component of a certificate.
  • attributes (CertificateAttributes) – The certificate attributes.
class azure.keyvault.generated.models.CertificateBundle(cer=None, content_type=None, attributes=None, tags=None)[source]

Bases: msrest.serialization.Model

A certificate bundle consists of a certificate (X509) plus its attributes.

Variables are only populated by the server, and will be ignored when sending a request.

Variables:
  • id (str) – The certificate id.
  • kid (str) – The key id.
  • sid (str) – The secret id.
  • x509_thumbprint (bytes) – Thumbprint of the certificate.
  • policy (CertificatePolicy) – The management policy.
Parameters:
  • cer (bytearray) – CER contents of x509 certificate.
  • content_type (str) – The content type of the secret.
  • attributes (CertificateAttributes) – The certificate attributes.
  • tags (dict) – Application specific metadata in the form of key-value pairs
class azure.keyvault.generated.models.Error[source]

Bases: msrest.serialization.Model

The key vault server error.

Variables are only populated by the server, and will be ignored when sending a request.

Variables:
  • code (str) – The error code.
  • message (str) – The error message.
  • inner_error (Error) –
class azure.keyvault.generated.models.CertificateOperation(issuer_parameters=None, csr=None, cancellation_requested=None, status=None, status_details=None, error=None, target=None, request_id=None)[source]

Bases: msrest.serialization.Model

A certificate operation is returned in case of asynchronous requests.

Variables are only populated by the server, and will be ignored when sending a request.

Variables:

id (str) – The certificate id.

Parameters:
  • issuer_parameters (IssuerParameters) – Parameters for the issuer of the X509 component of a certificate.
  • csr (bytearray) – The certificate signing request (CSR) that is being used in the certificate operation.
  • cancellation_requested (bool) – Indicates if cancellation was requested on the certificate operation.
  • status (str) – Status of the certificate operation.
  • status_details (str) – The status details of the certificate operation.
  • error (Error) – Error encountered, if any, during the certificate operation.
  • target (str) – Location which contains the result of the certificate operation.
  • request_id (str) – Identifier for the certificate operation.
class azure.keyvault.generated.models.IssuerCredentials(account_id=None, password=None)[source]

Bases: msrest.serialization.Model

The credentials to be used for the certificate issuer.

Parameters:
  • account_id (str) – The user name/account name/account id.
  • password (str) – The password/secret/account key.
class azure.keyvault.generated.models.AdministratorDetails(first_name=None, last_name=None, email_address=None, phone=None)[source]

Bases: msrest.serialization.Model

Details of the organization administrator of the certificate issuer.

Parameters:
  • first_name (str) – First name.
  • last_name (str) – Last name.
  • email_address (str) – Email addresss.
  • phone (str) – Phone number.
class azure.keyvault.generated.models.OrganizationDetails(id=None, admin_details=None)[source]

Bases: msrest.serialization.Model

Details of the organization of the certificate issuer.

Parameters:
  • id (str) – Id of the organization.
  • admin_details (list of AdministratorDetails) – Details of the organization administrator.
class azure.keyvault.generated.models.IssuerAttributes(enabled=None)[source]

Bases: msrest.serialization.Model

The attributes of an issuer managed by the Key Vault service.

Variables are only populated by the server, and will be ignored when sending a request.

Parameters:

enabled (bool) – Determines whether the issuer is enabled.

Variables:
class azure.keyvault.generated.models.IssuerBundle(provider=None, credentials=None, organization_details=None, attributes=None)[source]

Bases: msrest.serialization.Model

The issuer for Key Vault certificate.

Variables are only populated by the server, and will be ignored when sending a request.

Variables:

id (str) – Identifier for the issuer object.

Parameters:
  • provider (str) – The issuer provider.
  • credentials (IssuerCredentials) – The credentials to be used for the issuer.
  • organization_details (OrganizationDetails) – Details of the organization as provided to the issuer.
  • attributes (IssuerAttributes) – Attributes of the issuer object.
class azure.keyvault.generated.models.Contact(email_address=None, name=None, phone=None)[source]

Bases: msrest.serialization.Model

The contact information for the vault certificates.

Parameters:
  • email_address (str) – Email addresss.
  • name (str) – Name.
  • phone (str) – Phone number.
class azure.keyvault.generated.models.Contacts(contact_list=None)[source]

Bases: msrest.serialization.Model

The contacts for the vault certificates.

Variables are only populated by the server, and will be ignored when sending a request.

Variables:id (str) – Identifier for the contacts collection.
Parameters:contact_list (list of Contact) – The contact list for the vault certificates.
class azure.keyvault.generated.models.KeyCreateParameters(kty, key_size=None, key_ops=None, key_attributes=None, tags=None)[source]

Bases: msrest.serialization.Model

The key create parameters.

Parameters:
  • kty (str or JsonWebKeyType) – The type of key to create. For valid key types, see JsonWebKeyType. Supported JsonWebKey key types (kty) for Elliptic Curve, RSA, HSM, Octet. Possible values include: ‘EC’, ‘RSA’, ‘RSA-HSM’, ‘oct’
  • key_size (int) – The key size in bytes. For example, 1024 or 2048.
  • key_ops (list of str or JsonWebKeyOperation) –
  • key_attributes (KeyAttributes) –
  • tags (dict) – Application specific metadata in the form of key-value pairs.
class azure.keyvault.generated.models.KeyImportParameters(key, hsm=None, key_attributes=None, tags=None)[source]

Bases: msrest.serialization.Model

The key import parameters.

Parameters:
  • hsm (bool) – Whether to import as a hardware key (HSM) or software key.
  • key (JsonWebKey) – The Json web key
  • key_attributes (KeyAttributes) – The key management attributes.
  • tags (dict) – Application specific metadata in the form of key-value pairs.
class azure.keyvault.generated.models.KeyOperationsParameters(algorithm, value)[source]

Bases: msrest.serialization.Model

The key operations parameters.

Parameters:
class azure.keyvault.generated.models.KeySignParameters(algorithm, value)[source]

Bases: msrest.serialization.Model

The key operations parameters.

Parameters:
  • algorithm (str or JsonWebKeySignatureAlgorithm) – The signing/verification algorithm identifier. For more information on possible algorithm types, see JsonWebKeySignatureAlgorithm. Possible values include: ‘RS256’, ‘RS384’, ‘RS512’, ‘RSNULL’
  • value (bytes) –
class azure.keyvault.generated.models.KeyVerifyParameters(algorithm, digest, signature)[source]

Bases: msrest.serialization.Model

The key verify parameters.

Parameters:
  • algorithm (str or JsonWebKeySignatureAlgorithm) – The signing/verification algorithm. For more information on possible algorithm types, see JsonWebKeySignatureAlgorithm. Possible values include: ‘RS256’, ‘RS384’, ‘RS512’, ‘RSNULL’
  • digest (bytes) – The digest used for signing.
  • signature (bytes) – The signature to be verified.
class azure.keyvault.generated.models.KeyUpdateParameters(key_ops=None, key_attributes=None, tags=None)[source]

Bases: msrest.serialization.Model

The key update parameters.

Parameters:
  • key_ops (list of str or JsonWebKeyOperation) – Json web key operations. For more information on possible key operations, see JsonWebKeyOperation.
  • key_attributes (KeyAttributes) –
  • tags (dict) – Application specific metadata in the form of key-value pairs.
class azure.keyvault.generated.models.KeyRestoreParameters(key_bundle_backup)[source]

Bases: msrest.serialization.Model

The key restore parameters.

Parameters:key_bundle_backup (bytes) – The backup blob associated with a key bundle.
class azure.keyvault.generated.models.SecretSetParameters(value, tags=None, content_type=None, secret_attributes=None)[source]

Bases: msrest.serialization.Model

The secret set parameters.

Parameters:
  • value (str) – The value of the secret.
  • tags (dict) – Application specific metadata in the form of key-value pairs.
  • content_type (str) – Type of the secret value such as a password.
  • secret_attributes (SecretAttributes) – The secret management attributes.
class azure.keyvault.generated.models.SecretUpdateParameters(content_type=None, secret_attributes=None, tags=None)[source]

Bases: msrest.serialization.Model

The secret update parameters.

Parameters:
  • content_type (str) – Type of the secret value such as a password.
  • secret_attributes (SecretAttributes) – The secret management attributes.
  • tags (dict) – Application specific metadata in the form of key-value pairs.
class azure.keyvault.generated.models.CertificateCreateParameters(certificate_policy=None, certificate_attributes=None, tags=None)[source]

Bases: msrest.serialization.Model

The certificate create parameters.

Parameters:
  • certificate_policy (CertificatePolicy) – The management policy for the certificate.
  • certificate_attributes (CertificateAttributes) – The attributes of the certificate (optional).
  • tags (dict) – Application specific metadata in the form of key-value pairs.
class azure.keyvault.generated.models.CertificateImportParameters(base64_encoded_certificate, password=None, certificate_policy=None, certificate_attributes=None, tags=None)[source]

Bases: msrest.serialization.Model

The certificate import parameters.

Parameters:
  • base64_encoded_certificate (str) – Base64 encoded representation of the certificate object to import. This certificate needs to contain the private key.
  • password (str) – If the private key in base64EncodedCertificate is encrypted, the password used for encryption.
  • certificate_policy (CertificatePolicy) – The management policy for the certificate.
  • certificate_attributes (CertificateAttributes) – The attributes of the certificate (optional).
  • tags (dict) – Application specific metadata in the form of key-value pairs.
class azure.keyvault.generated.models.CertificateUpdateParameters(certificate_policy=None, certificate_attributes=None, tags=None)[source]

Bases: msrest.serialization.Model

The certificate update parameters.

Parameters:
  • certificate_policy (CertificatePolicy) – The management policy for the certificate.
  • certificate_attributes (CertificateAttributes) – The attributes of the certificate (optional).
  • tags (dict) – Application specific metadata in the form of key-value pairs.
class azure.keyvault.generated.models.CertificateMergeParameters(x509_certificates, certificate_attributes=None, tags=None)[source]

Bases: msrest.serialization.Model

The certificate merge parameters.

Parameters:
  • x509_certificates (list of bytearray) – The certificate or the certificate chain to merge.
  • certificate_attributes (CertificateAttributes) – The attributes of the certificate (optional).
  • tags (dict) – Application specific metadata in the form of key-value pairs.
class azure.keyvault.generated.models.CertificateIssuerSetParameters(provider, credentials=None, organization_details=None, attributes=None)[source]

Bases: msrest.serialization.Model

The certificate issuer set parameters.

Parameters:
  • provider (str) – The issuer provider.
  • credentials (IssuerCredentials) – The credentials to be used for the issuer.
  • organization_details (OrganizationDetails) – Details of the organization as provided to the issuer.
  • attributes (IssuerAttributes) – Attributes of the issuer object.
class azure.keyvault.generated.models.CertificateIssuerUpdateParameters(provider=None, credentials=None, organization_details=None, attributes=None)[source]

Bases: msrest.serialization.Model

The certificate issuer update parameters.

Parameters:
  • provider (str) – The issuer provider.
  • credentials (IssuerCredentials) – The credentials to be used for the issuer.
  • organization_details (OrganizationDetails) – Details of the organization as provided to the issuer.
  • attributes (IssuerAttributes) – Attributes of the issuer object.
class azure.keyvault.generated.models.CertificateOperationUpdateParameter(cancellation_requested)[source]

Bases: msrest.serialization.Model

The certificate operation update parameters.

Parameters:cancellation_requested (bool) – Indicates if cancellation was requested on the certificate operation.
class azure.keyvault.generated.models.KeyOperationResult[source]

Bases: msrest.serialization.Model

The key operation result.

Variables are only populated by the server, and will be ignored when sending a request.

Variables:
  • kid (str) – Key identifier
  • result (bytes) –
class azure.keyvault.generated.models.KeyVerifyResult[source]

Bases: msrest.serialization.Model

The key verify result.

Variables are only populated by the server, and will be ignored when sending a request.

Variables:value (bool) – True if the signature is verified, otherwise false.
class azure.keyvault.generated.models.BackupKeyResult[source]

Bases: msrest.serialization.Model

The backup key result, containing the backup blob.

Variables are only populated by the server, and will be ignored when sending a request.

Variables:value (bytes) – The backup blob containing the backed up key.
class azure.keyvault.generated.models.PendingCertificateSigningRequestResult[source]

Bases: msrest.serialization.Model

The pending certificate signing request result.

Variables are only populated by the server, and will be ignored when sending a request.

Variables:value (str) – The pending certificate signing request as Base64 encoded string.
class azure.keyvault.generated.models.KeyVaultError[source]

Bases: msrest.serialization.Model

The key vault error exception.

Variables are only populated by the server, and will be ignored when sending a request.

Variables:error (Error) –
exception azure.keyvault.generated.models.KeyVaultErrorException(deserialize, response, *args)[source]

Bases: msrest.exceptions.HttpOperationError

Server responsed with exception of type: ‘KeyVaultError’.

Parameters:
  • deserialize – A deserializer
  • response – Server response to be deserialized.
class azure.keyvault.generated.models.KeyItemPaged(*args, **kwargs)[source]

Bases: msrest.paging.Paged

A paging container for iterating over a list of KeyItem object

class azure.keyvault.generated.models.SecretItemPaged(*args, **kwargs)[source]

Bases: msrest.paging.Paged

A paging container for iterating over a list of SecretItem object

class azure.keyvault.generated.models.CertificateItemPaged(*args, **kwargs)[source]

Bases: msrest.paging.Paged

A paging container for iterating over a list of CertificateItem object

class azure.keyvault.generated.models.CertificateIssuerItemPaged(*args, **kwargs)[source]

Bases: msrest.paging.Paged

A paging container for iterating over a list of CertificateIssuerItem object

class azure.keyvault.generated.models.JsonWebKeyType[source]

Bases: enum.Enum

An enumeration.

ec = 'EC'
oct = 'oct'
rsa = 'RSA'
rsa_hsm = 'RSA-HSM'
class azure.keyvault.generated.models.KeyUsageType[source]

Bases: enum.Enum

An enumeration.

c_rl_sign = 'cRLSign'
data_encipherment = 'dataEncipherment'
decipher_only = 'decipherOnly'
digital_signature = 'digitalSignature'
encipher_only = 'encipherOnly'
key_agreement = 'keyAgreement'
key_cert_sign = 'keyCertSign'
key_encipherment = 'keyEncipherment'
non_repudiation = 'nonRepudiation'
class azure.keyvault.generated.models.ActionType[source]

Bases: enum.Enum

An enumeration.

auto_renew = 'AutoRenew'
email_contacts = 'EmailContacts'
class azure.keyvault.generated.models.JsonWebKeyOperation[source]

Bases: enum.Enum

An enumeration.

decrypt = 'decrypt'
encrypt = 'encrypt'
sign = 'sign'
unwrap_key = 'unwrapKey'
verify = 'verify'
wrap_key = 'wrapKey'
class azure.keyvault.generated.models.JsonWebKeyEncryptionAlgorithm[source]

Bases: enum.Enum

An enumeration.

rsa1_5 = 'RSA1_5'
rsa_oaep = 'RSA-OAEP'
class azure.keyvault.generated.models.JsonWebKeySignatureAlgorithm[source]

Bases: enum.Enum

An enumeration.

rs256 = 'RS256'
rs384 = 'RS384'
rs512 = 'RS512'
rsnull = 'RSNULL'