Namespace Dev.Sigstore.Common.V1
Classes
- HashOutput
HashOutput captures a digest of a 'message' (generic octet sequence) and the corresponding hash algorithm used.
- LogId
LogId captures the identity of a transparency log.
- MessageSignature
MessageSignature stores the computed signature over a message.
- ObjectIdentifier
An ASN.1 OBJECT IDENTIFIER
- ObjectIdentifierValuePair
An OID and the corresponding (byte) value.
- PublicKeyIdentifier
PublicKeyIdentifier can be used to identify an (out of band) delivered key, to verify a signature.
- RFC3161SignedTimestamp
This message holds a RFC 3161 timestamp.
- SigstoreCommonReflection
Holder for reflection information generated from sigstore_common.proto
- TimeRange
The time range is closed and includes both the start and end times, (i.e., [start, end]). End is optional to be able to capture a period that has started but has no known end.
- X509CertificateChain
A collection of X.509 certificates.
This "chain" can be used in multiple contexts, such as providing a root CA certificate within a TUF root of trust or multiple untrusted certificates for the purpose of chain building.
Enums
- HashAlgorithm
Only a subset of the secure hash standard algorithms are supported. See <https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf> for more details. UNSPECIFIED SHOULD not be used, primary reason for inclusion is to force any proto JSON serialization to emit the used hash algorithm, as default option is to omit the default value of an enum (which is the first value, represented by '0'.
- PublicKeyDetails
Details of a specific public key, capturing the the key encoding method, and signature algorithm.
PublicKeyDetails captures the public key/hash algorithm combinations recommended in the Sigstore ecosystem.
This is modelled as a linear set as we want to provide a small number of opinionated options instead of allowing every possible permutation.
Any changes to this enum MUST be reflected in the algorithm registry.
See: <https://github.com/sigstore/architecture-docs/blob/main/algorithm-registry.md>
To avoid the possibility of contradicting formats such as PKCS1 with ED25519 the valid permutations are listed as a linear set instead of a cartesian set (i.e one combined variable instead of two, one for encoding and one for the signature algorithm).
- SubjectAlternativeName.IdentityOneofCase
Enum of possible cases for the "identity" oneof.