Class CertificateAuthority

Namespace

Dev.Sigstore.Trustroot.V1

Assembly

Sigstore.dll

CertificateAuthority enlists the information required to identify which CA to use and perform signature verification.

public sealed class CertificateAuthority : IMessage<CertificateAuthority>, IEquatable<CertificateAuthority>, IDeepCloneable<CertificateAuthority>, IBufferMessage, IMessage

Inheritance

object

CertificateAuthority

Implements

IMessage<CertificateAuthority>

IEquatable<CertificateAuthority>

IDeepCloneable<CertificateAuthority>

IBufferMessage

IMessage

Inherited Members

object.Equals(object, object)

object.GetType()

object.ReferenceEquals(object, object)

Constructors

CertificateAuthority()

public CertificateAuthority()

CertificateAuthority(CertificateAuthority)

public CertificateAuthority(CertificateAuthority other)

Parameters

other CertificateAuthority

Fields

CertChainFieldNumber

Field number for the "cert_chain" field.

public const int CertChainFieldNumber = 3

Field Value

int

OperatorFieldNumber

Field number for the "operator" field.

public const int OperatorFieldNumber = 5

Field Value

int

SubjectFieldNumber

Field number for the "subject" field.

public const int SubjectFieldNumber = 1

Field Value

int

UriFieldNumber

Field number for the "uri" field.

public const int UriFieldNumber = 2

Field Value

int

ValidForFieldNumber

Field number for the "valid_for" field.

public const int ValidForFieldNumber = 4

Field Value

int

Properties

CertChain

The certificate chain for this CA. The last certificate in the chain MUST be the trust anchor. The trust anchor MAY be a self-signed root CA certificate or MAY be an intermediate CA certificate.

public X509CertificateChain CertChain { get; set; }

Property Value

X509CertificateChain

Descriptor

public static MessageDescriptor Descriptor { get; }

Property Value

MessageDescriptor

Operator

The name of the operator of this certificate or timestamp authority. Operator MUST be formatted as a scheme-less URI, e.g. sigstore.dev This MUST be used when there are multiple timestamp authorities to determine if the signed timestamp verification meets a specified threshold, e.g. two signed timestamps from timestamp authorities operated by the same operator should count as only one valid timestamp.

public string Operator { get; set; }

Property Value

string

Parser

public static MessageParser<CertificateAuthority> Parser { get; }

Property Value

MessageParser<CertificateAuthority>

Subject

The root certificate MUST be self-signed, and so the subject and issuer are the same.

public DistinguishedName Subject { get; set; }

Property Value

DistinguishedName

Uri

The URI identifies the certificate authority.

It is RECOMMENDED that the URI is the base URL for the certificate authority, that can be provided to any SDK/client provided by the certificate authority to interact with the certificate authority.

public string Uri { get; set; }

Property Value

string

ValidFor

The time the entire chain was valid. This is at max the longest interval when all certificates in the chain were valid, but it MAY be shorter. Clients MUST check timestamps against both the valid_for time range and the entire certificate chain.

The TimeRange should be considered valid inclusive of the endpoints.

public TimeRange ValidFor { get; set; }

Property Value

TimeRange

Methods

CalculateSize()

Calculates the size of this message in Protocol Buffer wire format, in bytes.

public int CalculateSize()

Returns

int

The number of bytes required to write this message to a coded output stream.

Clone()

Creates a deep clone of this object.

public CertificateAuthority Clone()

Returns

CertificateAuthority

A deep clone of this object.

Equals(CertificateAuthority)

Indicates whether the current object is equal to another object of the same type.

public bool Equals(CertificateAuthority other)

Parameters

other CertificateAuthority

An object to compare with this object.

Returns

bool

true if the current object is equal to the other parameter; otherwise, false.

Equals(object)

Determines whether the specified object is equal to the current object.

public override bool Equals(object other)

Parameters

other object

Returns

bool

true if the specified object is equal to the current object; otherwise, false.

GetHashCode()

Serves as the default hash function.

public override int GetHashCode()

Returns

int

A hash code for the current object.

MergeFrom(CertificateAuthority)

Merges the given message into this one.

public void MergeFrom(CertificateAuthority other)

Parameters

other CertificateAuthority

Remarks

See the user guide for precise merge semantics.

MergeFrom(CodedInputStream)

Merges the data from the specified coded input stream with the current message.

public void MergeFrom(CodedInputStream input)

Parameters

input CodedInputStream

Remarks

See the user guide for precise merge semantics.

ToString()

Returns a string that represents the current object.

public override string ToString()

Returns

string

A string that represents the current object.

WriteTo(CodedOutputStream)

Writes the data to the given coded output stream.

public void WriteTo(CodedOutputStream output)

Parameters

output CodedOutputStream

Coded output stream to write the data to. Must not be null.