Key Management Service API, gRPC: AsymmetricSignatureCryptoService.Sign

Written by

Yandex Cloud

Updated at December 9, 2025

gRPC request
AsymmetricSignRequest
AsymmetricSignResponse

Signs data specified KMS key.

gRPC request

rpc Sign (AsymmetricSignRequest) returns (AsymmetricSignResponse)

AsymmetricSignRequest

{
  "key_id": "string",
  "message": "bytes"
}

Field

Description

key_id

string

Required field. ID of the asymmetric KMS key to use for signature.

The maximum string length in characters is 50.

message

bytes

Required field. Message to sign.
Should be encoded with base64.

The maximum string length in characters is 32768.

AsymmetricSignResponse

{
  "key_id": "string",
  "signature": "bytes"
}

Field

Description

key_id

string

ID of the asymmetric KMS key that was used for signature.

signature

bytes

Value of signature.
Signature value is produced in accordance with RFC 8017 for RSA
and is a DER-encoded object as defined by ANSI X9.62-2005 and RFC 3279 Section 2.2.3 for ECDSA.

Key Management Service API, gRPC: AsymmetricSignatureCryptoService.Sign

gRPC requestgRPC request

AsymmetricSignRequestAsymmetricSignRequest

AsymmetricSignResponseAsymmetricSignResponse

Was the article helpful?

gRPC request

AsymmetricSignRequest

AsymmetricSignResponse