Reference documentation and code samples for the Certificate Authority v1 API enum CertificateAuthority.Types.SignHashAlgorithm.
The algorithm of a Cloud KMS CryptoKeyVersion of a
[CryptoKey][google.cloud.kms.v1.CryptoKey] with the
[CryptoKeyPurpose][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose] value
ASYMMETRIC_SIGN. These values correspond to the
[CryptoKeyVersionAlgorithm][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionAlgorithm]
values. For RSA signing algorithms, the PSS algorithms should be preferred,
use PKCS1 algorithms if required for compatibility. For further
recommendations, see
https://cloud.google.com/kms/docs/algorithms#algorithm_recommendations.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-04 UTC."],[[["\u003cp\u003eThis webpage provides documentation for the \u003ccode\u003eCertificateAuthority.Types.SignHashAlgorithm\u003c/code\u003e enum within the Google Cloud Private CA v1 API, detailing different signing algorithms used with Cloud KMS CryptoKeys.\u003c/p\u003e\n"],["\u003cp\u003eThe latest version of the documentation is 3.9.0, and the page contains version history and links to previous versions dating back to 1.0.0.\u003c/p\u003e\n"],["\u003cp\u003eThe enum values correspond to specific \u003ccode\u003eCryptoKeyVersionAlgorithm\u003c/code\u003e values, such as \u003ccode\u003eEcP256Sha256\u003c/code\u003e mapping to \u003ccode\u003eEC_SIGN_P256_SHA256\u003c/code\u003e, providing precise control over the cryptographic algorithms.\u003c/p\u003e\n"],["\u003cp\u003eThe documentation recommends using PSS algorithms for RSA signing when possible and PKCS1 only when needed for compatibility, with further recommendations available on the Google Cloud KMS website.\u003c/p\u003e\n"],["\u003cp\u003eThe \u003ccode\u003eSignHashAlgorithm\u003c/code\u003e enum specifies the types of signing algorithms that can be used with the \u003ccode\u003eCryptoKey\u003c/code\u003e, including \u003ccode\u003eEcP256Sha256\u003c/code\u003e, \u003ccode\u003eEcP384Sha384\u003c/code\u003e, \u003ccode\u003eRsaPkcs12048Sha256\u003c/code\u003e, \u003ccode\u003eRsaPss2048Sha256\u003c/code\u003e and others.\u003c/p\u003e\n"]]],[],null,["# Certificate Authority v1 API - Enum CertificateAuthority.Types.SignHashAlgorithm (3.10.0)\n\nVersion latestkeyboard_arrow_down\n\n- [3.10.0 (latest)](/dotnet/docs/reference/Google.Cloud.Security.PrivateCA.V1/latest/Google.Cloud.Security.PrivateCA.V1.CertificateAuthority.Types.SignHashAlgorithm)\n- [3.9.0](/dotnet/docs/reference/Google.Cloud.Security.PrivateCA.V1/3.9.0/Google.Cloud.Security.PrivateCA.V1.CertificateAuthority.Types.SignHashAlgorithm)\n- [3.8.0](/dotnet/docs/reference/Google.Cloud.Security.PrivateCA.V1/3.8.0/Google.Cloud.Security.PrivateCA.V1.CertificateAuthority.Types.SignHashAlgorithm)\n- [3.7.0](/dotnet/docs/reference/Google.Cloud.Security.PrivateCA.V1/3.7.0/Google.Cloud.Security.PrivateCA.V1.CertificateAuthority.Types.SignHashAlgorithm)\n- [3.6.0](/dotnet/docs/reference/Google.Cloud.Security.PrivateCA.V1/3.6.0/Google.Cloud.Security.PrivateCA.V1.CertificateAuthority.Types.SignHashAlgorithm)\n- [3.5.0](/dotnet/docs/reference/Google.Cloud.Security.PrivateCA.V1/3.5.0/Google.Cloud.Security.PrivateCA.V1.CertificateAuthority.Types.SignHashAlgorithm)\n- [3.4.0](/dotnet/docs/reference/Google.Cloud.Security.PrivateCA.V1/3.4.0/Google.Cloud.Security.PrivateCA.V1.CertificateAuthority.Types.SignHashAlgorithm)\n- [3.3.0](/dotnet/docs/reference/Google.Cloud.Security.PrivateCA.V1/3.3.0/Google.Cloud.Security.PrivateCA.V1.CertificateAuthority.Types.SignHashAlgorithm)\n- [3.2.0](/dotnet/docs/reference/Google.Cloud.Security.PrivateCA.V1/3.2.0/Google.Cloud.Security.PrivateCA.V1.CertificateAuthority.Types.SignHashAlgorithm)\n- [3.1.0](/dotnet/docs/reference/Google.Cloud.Security.PrivateCA.V1/3.1.0/Google.Cloud.Security.PrivateCA.V1.CertificateAuthority.Types.SignHashAlgorithm)\n- [3.0.0](/dotnet/docs/reference/Google.Cloud.Security.PrivateCA.V1/3.0.0/Google.Cloud.Security.PrivateCA.V1.CertificateAuthority.Types.SignHashAlgorithm)\n- [2.3.0](/dotnet/docs/reference/Google.Cloud.Security.PrivateCA.V1/2.3.0/Google.Cloud.Security.PrivateCA.V1.CertificateAuthority.Types.SignHashAlgorithm)\n- [2.2.0](/dotnet/docs/reference/Google.Cloud.Security.PrivateCA.V1/2.2.0/Google.Cloud.Security.PrivateCA.V1.CertificateAuthority.Types.SignHashAlgorithm)\n- [2.1.0](/dotnet/docs/reference/Google.Cloud.Security.PrivateCA.V1/2.1.0/Google.Cloud.Security.PrivateCA.V1.CertificateAuthority.Types.SignHashAlgorithm)\n- [2.0.0](/dotnet/docs/reference/Google.Cloud.Security.PrivateCA.V1/2.0.0/Google.Cloud.Security.PrivateCA.V1.CertificateAuthority.Types.SignHashAlgorithm)\n- [1.0.0](/dotnet/docs/reference/Google.Cloud.Security.PrivateCA.V1/1.0.0/Google.Cloud.Security.PrivateCA.V1.CertificateAuthority.Types.SignHashAlgorithm) \n\n public enum CertificateAuthority.Types.SignHashAlgorithm\n\nReference documentation and code samples for the Certificate Authority v1 API enum CertificateAuthority.Types.SignHashAlgorithm.\n\nThe algorithm of a Cloud KMS CryptoKeyVersion of a\n\\[CryptoKey\\]\\[google.cloud.kms.v1.CryptoKey\\] with the\n\\[CryptoKeyPurpose\\]\\[google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose\\] value\n`ASYMMETRIC_SIGN`. These values correspond to the\n\\[CryptoKeyVersionAlgorithm\\]\\[google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionAlgorithm\\]\nvalues. For RSA signing algorithms, the PSS algorithms should be preferred,\nuse PKCS1 algorithms if required for compatibility. For further\nrecommendations, see\n\u003chttps://cloud.google.com/kms/docs/algorithms#algorithm_recommendations\u003e.\n\nNamespace\n---------\n\n[Google.Cloud.Security.PrivateCA.V1](/dotnet/docs/reference/Google.Cloud.Security.PrivateCA.V1/latest/Google.Cloud.Security.PrivateCA.V1)\n\nAssembly\n--------\n\nGoogle.Cloud.Security.PrivateCA.V1.dll"]]