Full name: projects.locations.keyRings.cryptoKeys.cryptoKeyVersions.asymmetricSign
Signs data using a CryptoKeyVersion
with CryptoKey.purpose
ASYMMETRIC_SIGN, producing a signature that can be verified with the public key retrieved from cryptoKeyVersions.getPublicKey
.
HTTP request
POST https://cloudkms.googleapis.com/v1/{name=projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*}:asymmetricSign
The URL uses gRPC Transcoding syntax.
Path parameters
Parameters | |
---|---|
name |
Required. The resource name of the Authorization requires the following IAM permission on the specified resource
|
Request body
The request body contains data with the following structure:
JSON representation | |
---|---|
{
"digest": {
object ( |
Fields | |
---|---|
digest |
Required. The digest of the data to sign. The digest must be produced with the same digest algorithm as specified by the key version's |
digestCrc32c |
Optional. An optional CRC32C checksum of the NOTE: This field is in Beta. |
Response body
If successful, the response body contains data with the following structure:
Response message for KeyManagementService.AsymmetricSign
.
JSON representation | |
---|---|
{ "signature": string, "signatureCrc32c": string, "verifiedDigestCrc32c": boolean, "name": string } |
Fields | |
---|---|
signature |
The created signature. A base64-encoded string. |
signatureCrc32c |
Integrity verification field. A CRC32C checksum of the returned NOTE: This field is in Beta. |
verifiedDigestCrc32c |
Integrity verification field. A flag indicating whether NOTE: This field is in Beta. |
name |
The resource name of the NOTE: This field is in Beta. |
Authorization Scopes
Requires one of the following OAuth scopes:
https://www.googleapis.com/auth/cloudkms
https://www.googleapis.com/auth/cloud-platform
For more information, see the Authentication Overview.
Digest
A Digest
holds a cryptographic message digest.
JSON representation | |
---|---|
{ // Union field |
Fields | ||
---|---|---|
Union field digest . Required. The message digest. digest can be only one of the following: |
||
sha256 |
A message digest produced with the SHA-256 algorithm. A base64-encoded string. |
|
sha384 |
A message digest produced with the SHA-384 algorithm. A base64-encoded string. |
|
sha512 |
A message digest produced with the SHA-512 algorithm. A base64-encoded string. |