- Product Introduction
- Purchase Guide
- Console Guide
- TCCLI Management Guide
- Best Practices
- API documentation
- History
- Introduction
- API Category
- Making API Requests
- Key APIs
- PostQuantumCryptoEncrypt
- PostQuantumCryptoDecrypt
- UpdateKeyDescription
- UpdateAlias
- ReEncrypt
- ListKeys
- ListKeyDetail
- GetServiceStatus
- GetKeyRotationStatus
- GenerateDataKey
- Encrypt
- EnableKeys
- EnableKeyRotation
- EnableKey
- DisableKeys
- DisableKeyRotation
- DisableKey
- DescribeKeys
- DescribeKey
- Decrypt
- CreateKey
- ScheduleKeyDeletion
- CancelKeyDeletion
- ImportKeyMaterial
- GetParametersForImport
- DeleteImportedKeyMaterial
- GenerateRandom
- ListAlgorithms
- UnbindCloudResource
- BindCloudResource
- GetRegions
- CancelKeyArchive
- ArchiveKey
- Asymmetric Key APIs
- White-Box Key APIs
- Data Types
- Error Codes
- Service Level Agreement
- FAQS
- KMS Policy
- Contact Us
- Glossary
- Product Introduction
- Purchase Guide
- Console Guide
- TCCLI Management Guide
- Best Practices
- API documentation
- History
- Introduction
- API Category
- Making API Requests
- Key APIs
- PostQuantumCryptoEncrypt
- PostQuantumCryptoDecrypt
- UpdateKeyDescription
- UpdateAlias
- ReEncrypt
- ListKeys
- ListKeyDetail
- GetServiceStatus
- GetKeyRotationStatus
- GenerateDataKey
- Encrypt
- EnableKeys
- EnableKeyRotation
- EnableKey
- DisableKeys
- DisableKeyRotation
- DisableKey
- DescribeKeys
- DescribeKey
- Decrypt
- CreateKey
- ScheduleKeyDeletion
- CancelKeyDeletion
- ImportKeyMaterial
- GetParametersForImport
- DeleteImportedKeyMaterial
- GenerateRandom
- ListAlgorithms
- UnbindCloudResource
- BindCloudResource
- GetRegions
- CancelKeyArchive
- ArchiveKey
- Asymmetric Key APIs
- White-Box Key APIs
- Data Types
- Error Codes
- Service Level Agreement
- FAQS
- KMS Policy
- Contact Us
- Glossary
1. API Description
Domain name for API request: kms.tencentcloudapi.com.
This API is used to generate a signature with an asymmetric key.
Note that only when KeyUsage is ASYMMETRIC_SIGN_VERIFY_${ALGORITHM} (e.g., ASYMMETRIC_SIGN_VERIFY_SM2 and ASYMMETRIC_SIGN_VERIFY_ECC), the key can be used for signing.
A maximum of 100 requests can be initiated per second for this API.
We recommend you to use API Explorer
Try it
API Explorer provides a range of capabilities, including online call, signature authentication, SDK code generation, and API quick search. It enables you to view the request, response, and auto-generated examples.
2. Input Parameters
The following request parameter list only provides API request parameters and some common parameters. For the complete common parameter list, see Common Request Parameters.
| Parameter Name | Required | Type | Description |
|---|---|---|---|
| Action | Yes | String | Common Params. The value used for this API: SignByAsymmetricKey. |
| Version | Yes | String | Common Params. The value used for this API: 2019-01-18. |
| Region | No | String | Common Params. This parameter is not required for this API. |
| Algorithm | Yes | String | Signature algorithm. The valid values include SM2DSA, ECC_P256_R1, RSA_PSS_SHA_256, and RSA_PKCS1_SHA_256, etc. You can get a full list of supported algorithms using the ListAlgorithms API. |
| Message | Yes | String | Full message or message abstract. Before Base64 encoding, an original message can contain up to 4,096 bytes while a message abstract must be 32 bytes. |
| KeyId | Yes | String | Unique ID of a key |
| MessageType | No | String | Message type. Valid values: RAW (indicating an original message; used by default if the parameter is not passed in) and DIGEST. |
3. Output Parameters
| Parameter Name | Type | Description |
|---|---|---|
| Signature | String | Base64-encoded signature |
| RequestId | String | The unique request ID, which is returned for each request. RequestId is required for locating a problem. |
4. Example
Example1 Generating a signature with an asymmetric key
Input Example
https://kms.tencentcloudapi.com/?Action=SignByAsymmetricKey
&Algorithm=SM2DSA
&Message=Zsfw9GLu7dnR8tRr3BDk4kFnxIdc8veiKX2gK49LqOA%3D
&KeyId=6cdf26d1-44ff-11eb-841c-5254006d0810
&MessageType=DIGEST
&<Common request parameters>
Output Example
{
"Response": {
"RequestId": "e86d6131-2830-4e1c-9d03-d421affd646c",
"Signature": "MEUCICr/JCV52BqGvI0iYxdZ1eL8zzJjx39mWNv2ZWdLOMvRAiEApO6os3Wj0Tg302fbTBr02IxHO1aCr0Zr41t4hi6yTG8="
}
}
5. Developer Resources
SDK
TencentCloud API 3.0 integrates SDKs that support various programming languages to make it easier for you to call APIs.
- Tencent Cloud SDK 3.0 for Python
- Tencent Cloud SDK 3.0 for Java
- Tencent Cloud SDK 3.0 for PHP
- Tencent Cloud SDK 3.0 for Go
- Tencent Cloud SDK 3.0 for NodeJS
- Tencent Cloud SDK 3.0 for .NET
- Tencent Cloud SDK 3.0 for C++
Command Line Interface
6. Error Code
The following only lists the error codes related to the API business logic. For other error codes, see Common Error Codes.
| Error Code | Description |
|---|---|
| AuthFailure | CAM signature/authentication error |
| InternalError | Internal error. |
| InvalidParameter | Invalid parameter. |
| InvalidParameterValue.InvalidKeyId | Invalid KeyId. |
| MissingParameter | Missing parameters. Please check and try again. |
| ResourceUnavailable.CmkNotFound | The CMK does not exist. |
| ResourceUnavailable.CmkStateNotSupport | This operation cannot be performed under the current CMK status. |
Yes
No
Was this page helpful?