Reference documentation and code samples for the Certificate Authority v1 API enum CertificateAuthority.Types.SignHashAlgorithm.
The algorithm of a Cloud KMS CryptoKeyVersion of a
[CryptoKey][google.cloud.kms.v1.CryptoKey] with the
[CryptoKeyPurpose][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose] value
ASYMMETRIC_SIGN. These values correspond to the
[CryptoKeyVersionAlgorithm][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionAlgorithm]
values. For RSA signing algorithms, the PSS algorithms should be preferred,
use PKCS1 algorithms if required for compatibility. For further
recommendations, see
https://cloud.google.com/kms/docs/algorithms#algorithm_recommendations.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Missing the information I need","missingTheInformationINeed","thumb-down"],["Too complicated / too many steps","tooComplicatedTooManySteps","thumb-down"],["Out of date","outOfDate","thumb-down"],["Samples / code issue","samplesCodeIssue","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-07 UTC."],[[["\u003cp\u003eThis webpage provides documentation for the \u003ccode\u003eCertificateAuthority.Types.SignHashAlgorithm\u003c/code\u003e enum within the Google Cloud Private CA v1 API, detailing different signing algorithms used with Cloud KMS CryptoKeys.\u003c/p\u003e\n"],["\u003cp\u003eThe latest version of the documentation is 3.9.0, and the page contains version history and links to previous versions dating back to 1.0.0.\u003c/p\u003e\n"],["\u003cp\u003eThe enum values correspond to specific \u003ccode\u003eCryptoKeyVersionAlgorithm\u003c/code\u003e values, such as \u003ccode\u003eEcP256Sha256\u003c/code\u003e mapping to \u003ccode\u003eEC_SIGN_P256_SHA256\u003c/code\u003e, providing precise control over the cryptographic algorithms.\u003c/p\u003e\n"],["\u003cp\u003eThe documentation recommends using PSS algorithms for RSA signing when possible and PKCS1 only when needed for compatibility, with further recommendations available on the Google Cloud KMS website.\u003c/p\u003e\n"],["\u003cp\u003eThe \u003ccode\u003eSignHashAlgorithm\u003c/code\u003e enum specifies the types of signing algorithms that can be used with the \u003ccode\u003eCryptoKey\u003c/code\u003e, including \u003ccode\u003eEcP256Sha256\u003c/code\u003e, \u003ccode\u003eEcP384Sha384\u003c/code\u003e, \u003ccode\u003eRsaPkcs12048Sha256\u003c/code\u003e, \u003ccode\u003eRsaPss2048Sha256\u003c/code\u003e and others.\u003c/p\u003e\n"]]],[],null,[]]
