Signing Message
Function
This API enables you to create a digital signature for a message or message digest by using the privatekey in an asymmetric CMK.
Constraints
-
Only support asymmetric keys with key_usage of SIGN_VERIFY for signing operation.
URI
POST /v1.0/{project_id}/kms/sign
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
project_id |
Yes |
String |
Project ID. |
Request Parameters
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
X-Auth-Token |
Yes |
String |
User token. The token can be obtained by calling the IAM API (value of X-Subject-Token in the response header). |
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
key_id |
Yes |
String |
Key ID. It should be 36 bytes and match the regular expression ^[0-9a-z]{8}-[0-9a-z]{4}-[0-9a-z]{4}-[0-9a-z]{4}-[0-9a-z]{12}$. Example: 0d0466b0-e727-4d9c-b35d-f84bb474a37f |
|
message |
Yes |
String |
Specifies the message or message digest to sign. Messages can be 0-4096 bytes. To sign a larger message, provide the message digest.Using Base64-encoded binary data object. |
|
signing_algorithm |
Yes |
String |
Specifies the signing algorithm to use when signing the message. Choose an algorithm that is compatible with the type of the specified asymmetric CMK.It can be:
|
|
message_type |
No |
String |
Message Type. The default value is "DIGEST" It can be:
|
|
sequence |
No |
String |
36-byte sequence number of a request message. Example: 919c82d4-8046-4722-9094-35c3c6524cff |
Response Parameters
Status code: 200
|
Parameter |
Type |
Description |
|---|---|---|
|
key_id |
String |
CMK ID. |
|
signature |
String |
The cryptographic signature that was generated for the message. |
Status code: 400
|
Parameter |
Type |
Description |
|---|---|---|
|
error |
Object |
Error message. |
|
Parameter |
Type |
Description |
|---|---|---|
|
error_code |
String |
Error code. |
|
error_msg |
String |
Error information. |
Status code: 403
|
Parameter |
Type |
Description |
|---|---|---|
|
error |
Object |
Error message. |
|
Parameter |
Type |
Description |
|---|---|---|
|
error_code |
String |
Error code. |
|
error_msg |
String |
Error information. |
Status code: 404
|
Parameter |
Type |
Description |
|---|---|---|
|
error |
Object |
Error message. |
|
Parameter |
Type |
Description |
|---|---|---|
|
error_code |
String |
Error code. |
|
error_msg |
String |
Error information. |
Example Requests
{
"key_id" : "0d0466b0-e727-4d9c-b35d-f84bb474a37f",
"signing_algorithm" : "RSASSA_PKCS1_V1_5_SHA_256",
"message" : "MmFiZWE0ZjI3ZGIxYTkzY2RmYmEzM2YwMTA1YmJjYw=="
}
Example Responses
Status code: 200
Request processing succeeded.
{
"key_id" : "0d0466b0-e727-4d9c-b35d-f84bb474a37f",
"signature" : "jFUqQESGBc0j6k9BozzrP9YL4qk8/W9DZRvK6XXX..."
}
Status code: 400
Invalid request parameters.
{
"error" : {
"error_code" : "KMS.XXX",
"error_msg" : "XXX"
}
}
Status code: 403
Authentication failed.
{
"error" : {
"error_code" : "KMS.XXX",
"error_msg" : "XXX"
}
}
Status code: 404
The requested resource does not exist or is not found.
{
"error" : {
"error_code" : "KMS.XXX",
"error_msg" : "XXX"
}
}
Status Codes
|
Status Code |
Description |
|---|---|
|
200 |
Request processing succeeded. |
|
400 |
Invalid request parameters. |
|
403 |
Authentication failed. |
|
404 |
The requested resource does not exist or is not found. |
Error Codes
See Error Codes.
Last Article: Signature & Verification
Next Article: Verifying Signature
Did this article solve your problem?
Thank you for your score!Your feedback would help us improve the website.