diff --git a/gen/pb-rust/schemas/Artifact.schema.json b/gen/pb-rust/schemas/Artifact.schema.json index 23f6cbab..1ed0ed69 100644 --- a/gen/pb-rust/schemas/Artifact.schema.json +++ b/gen/pb-rust/schemas/Artifact.schema.json @@ -4,7 +4,7 @@ "definitions": { "Artifact": { "properties": { - "artifact_uri": { + "artifactUri": { "type": "string", "description": "Location of the artifact" }, diff --git a/gen/pb-rust/schemas/ArtifactVerificationOptions.schema.json b/gen/pb-rust/schemas/ArtifactVerificationOptions.schema.json index 46dc0ba1..5618f366 100644 --- a/gen/pb-rust/schemas/ArtifactVerificationOptions.schema.json +++ b/gen/pb-rust/schemas/ArtifactVerificationOptions.schema.json @@ -4,26 +4,26 @@ "definitions": { "ArtifactVerificationOptions": { "properties": { - "certificate_identities": { + "certificateIdentities": { "$ref": "#/definitions/dev.sigstore.verification.v1.CertificateIdentities", "additionalProperties": false }, - "public_keys": { + "publicKeys": { "$ref": "#/definitions/dev.sigstore.verification.v1.PublicKeyIdentities", "additionalProperties": false, "description": "To simplify verification implementation, the logic for bundle verification should be implemented as a higher-order function, where one of argument should be an interface over the set of trusted public keys, like this: `Verify(bytes artifact, bytes signature, string key_id)`. This way the caller is in full control of mapping the identified (or hinted) key in the bundle to one of the trusted keys, as this process is inherently application specific." }, - "tlog_options": { + "tlogOptions": { "$ref": "#/definitions/dev.sigstore.verification.v1.ArtifactVerificationOptions.TlogOptions", "additionalProperties": false, "description": "Optional options for artifact transparency log verification. If none is provided, the default verification options are: Threshold: 1 Online verification: false Disable: false" }, - "ctlog_options": { + "ctlogOptions": { "$ref": "#/definitions/dev.sigstore.verification.v1.ArtifactVerificationOptions.CtlogOptions", "additionalProperties": false, "description": "Optional options for certificate transparency log verification. If none is provided, the default verification options are: Threshold: 1 Detached SCT: false Disable: false" }, - "tsa_options": { + "tsaOptions": { "$ref": "#/definitions/dev.sigstore.verification.v1.ArtifactVerificationOptions.TimestampAuthorityOptions", "additionalProperties": false, "description": "Optional options for certificate signed timestamp verification. If none is provided, the default verification options are: Threshold: 1 Disable: false" @@ -94,13 +94,13 @@ }, "dev.sigstore.common.v1.PublicKey": { "properties": { - "raw_bytes": { + "rawBytes": { "type": "string", "description": "DER-encoded public key, encoding method is specified by the key_details attribute.", "format": "binary", "binaryEncoding": "base64" }, - "key_details": { + "keyDetails": { "enum": [ "PUBLIC_KEY_DETAILS_UNSPECIFIED", 0, @@ -130,7 +130,7 @@ "title": "Public Key Details", "description": "Details of a specific public key, capturing the the key encoding method, and signature algorithm. To avoid the possibility of contradicting formats such as PKCS1 with ED25519 the valid permutations are listed as a linear set instead of a cartesian set (i.e one combined variable instead of two, one for encoding and one for the signature algorithm)." }, - "valid_for": { + "validFor": { "$ref": "#/definitions/dev.sigstore.common.v1.TimeRange", "additionalProperties": false, "description": "Optional validity period for this key, *inclusive* of the endpoints." @@ -229,7 +229,7 @@ "type": "integer", "description": "The number of ct transparency logs the certificate must appear on." }, - "detached_sct": { + "detachedSct": { "type": "boolean", "description": "Expect detached SCTs. This is not supported right now as we can't capture an detached SCT in the bundle." }, @@ -263,7 +263,7 @@ "type": "integer", "description": "Number of transparency logs the entry must appear on." }, - "perform_online_verification": { + "performOnlineVerification": { "type": "boolean", "description": "Perform an online inclusion proof." }, @@ -316,7 +316,7 @@ }, "dev.sigstore.verification.v1.PublicKeyIdentities": { "properties": { - "public_keys": { + "publicKeys": { "items": { "$ref": "#/definitions/dev.sigstore.common.v1.PublicKey" }, diff --git a/gen/pb-rust/schemas/Bundle.schema.json b/gen/pb-rust/schemas/Bundle.schema.json index ce779b80..ac66af1c 100644 --- a/gen/pb-rust/schemas/Bundle.schema.json +++ b/gen/pb-rust/schemas/Bundle.schema.json @@ -4,20 +4,20 @@ "definitions": { "Bundle": { "properties": { - "media_type": { + "mediaType": { "type": "string", "description": "MUST be application/vnd.dev.sigstore.bundle+json;version=0.1 or application/vnd.dev.sigstore.bundle+json;version=0.2 when encoded as JSON." }, - "verification_material": { + "verificationMaterial": { "$ref": "#/definitions/dev.sigstore.bundle.v1.VerificationMaterial", "additionalProperties": false, "description": "When a signer is identified by a X.509 certificate, a verifier MUST verify that the signature was computed at the time the certificate was valid as described in the Sigstore client spec: \"Verification using a Bundle\". \u003chttps://docs.google.com/document/d/1kbhK2qyPPk8SLavHzYSDM8-Ueul9_oxIMVFuWMWKz0E/edit#heading=h.x8bduppe89ln\u003e" }, - "message_signature": { + "messageSignature": { "$ref": "#/definitions/dev.sigstore.common.v1.MessageSignature", "additionalProperties": false }, - "dsse_envelope": { + "dsseEnvelope": { "$ref": "#/definitions/io.intoto.Envelope", "additionalProperties": false, "description": "A DSSE envelope can contain arbitrary payloads. Verifiers must verify that the payload type is a supported and expected type. This is part of the DSSE protocol which is defined here: \u003chttps://github.com/secure-systems-lab/dsse/blob/master/protocol.md\u003e" @@ -41,7 +41,7 @@ }, "dev.sigstore.bundle.v1.TimestampVerificationData": { "properties": { - "rfc3161_timestamps": { + "rfc3161Timestamps": { "items": { "$ref": "#/definitions/dev.sigstore.common.v1.RFC3161SignedTimestamp" }, @@ -57,15 +57,15 @@ }, "dev.sigstore.bundle.v1.VerificationMaterial": { "properties": { - "public_key": { + "publicKey": { "$ref": "#/definitions/dev.sigstore.common.v1.PublicKeyIdentifier", "additionalProperties": false }, - "x509_certificate_chain": { + "x509CertificateChain": { "$ref": "#/definitions/dev.sigstore.common.v1.X509CertificateChain", "additionalProperties": false }, - "tlog_entries": { + "tlogEntries": { "items": { "$ref": "#/definitions/dev.sigstore.rekor.v1.TransparencyLogEntry" }, @@ -73,7 +73,7 @@ "type": "array", "description": "An inclusion proof and an optional signed timestamp from the log. Client verification libraries MAY provide an option to support v0.1 bundles for backwards compatibility, which may contain an inclusion promise and not an inclusion proof. In this case, the client MUST validate the promise. Verifiers SHOULD NOT allow v0.1 bundles if they're used in an ecosystem which never produced them." }, - "timestamp_verification_data": { + "timestampVerificationData": { "$ref": "#/definitions/dev.sigstore.bundle.v1.TimestampVerificationData", "additionalProperties": false, "description": "Timestamp may also come from tlog_entries.inclusion_promise.signed_entry_timestamp." @@ -130,7 +130,7 @@ }, "dev.sigstore.common.v1.LogId": { "properties": { - "key_id": { + "keyId": { "type": "string", "description": "The unique id of the log, represented as the SHA-256 hash of the log's public key, calculated over the DER encoding of the key represented as SubjectPublicKeyInfo. See https://www.rfc-editor.org/rfc/rfc6962#section-3.2", "format": "binary", @@ -144,7 +144,7 @@ }, "dev.sigstore.common.v1.MessageSignature": { "properties": { - "message_digest": { + "messageDigest": { "$ref": "#/definitions/dev.sigstore.common.v1.HashOutput", "additionalProperties": false, "description": "Message digest can be used to identify the artifact. Clients MUST NOT attempt to use this digest to verify the associated signature; it is intended solely for identification." @@ -175,7 +175,7 @@ }, "dev.sigstore.common.v1.RFC3161SignedTimestamp": { "properties": { - "signed_timestamp": { + "signedTimestamp": { "type": "string", "description": "Signed timestamp is the DER encoded TimeStampResponse. See https://www.rfc-editor.org/rfc/rfc3161.html#section-2.4.2", "format": "binary", @@ -189,7 +189,7 @@ }, "dev.sigstore.common.v1.X509Certificate": { "properties": { - "raw_bytes": { + "rawBytes": { "type": "string", "description": "DER-encoded X.509 certificate.", "format": "binary", @@ -229,7 +229,7 @@ }, "dev.sigstore.rekor.v1.InclusionPromise": { "properties": { - "signed_entry_timestamp": { + "signedEntryTimestamp": { "type": "string", "format": "binary", "binaryEncoding": "base64" @@ -242,17 +242,17 @@ }, "dev.sigstore.rekor.v1.InclusionProof": { "properties": { - "log_index": { + "logIndex": { "type": "string", "description": "The index of the entry in the tree it was written to." }, - "root_hash": { + "rootHash": { "type": "string", "description": "The hash digest stored at the root of the merkle tree at the time the proof was generated.", "format": "binary", "binaryEncoding": "base64" }, - "tree_size": { + "treeSize": { "type": "string", "description": "The size of the merkle tree at the time the proof was generated." }, @@ -294,35 +294,35 @@ }, "dev.sigstore.rekor.v1.TransparencyLogEntry": { "properties": { - "log_index": { + "logIndex": { "type": "string", "description": "The global index of the entry, used when querying the log by index." }, - "log_id": { + "logId": { "$ref": "#/definitions/dev.sigstore.common.v1.LogId", "additionalProperties": false, "description": "The unique identifier of the log." }, - "kind_version": { + "kindVersion": { "$ref": "#/definitions/dev.sigstore.rekor.v1.KindVersion", "additionalProperties": false, "description": "The kind (type) and version of the object associated with this entry. These values are required to construct the entry during verification." }, - "integrated_time": { + "integratedTime": { "type": "string", "description": "The UNIX timestamp from the log when the entry was persisted." }, - "inclusion_promise": { + "inclusionPromise": { "$ref": "#/definitions/dev.sigstore.rekor.v1.InclusionPromise", "additionalProperties": false, "description": "The inclusion promise/signed entry timestamp from the log. Required for v0.1 bundles, and MUST be verified. Optional for \u003e= v0.2 bundles, and SHOULD be verified when present. Also may be used as a signed timestamp." }, - "inclusion_proof": { + "inclusionProof": { "$ref": "#/definitions/dev.sigstore.rekor.v1.InclusionProof", "additionalProperties": false, "description": "The inclusion proof can be used for offline or online verification that the entry was appended to the log, and that the log has not been altered." }, - "canonicalized_body": { + "canonicalizedBody": { "type": "string", "description": "Optional. The canonicalized transparency log entry, used to reconstruct the Signed Entry Timestamp (SET) during verification. The contents of this field are the same as the `body` field in a Rekor response, meaning that it does **not** include the \"full\" canonicalized form (of log index, ID, etc.) which are exposed as separate fields. The verifier is responsible for combining the `canonicalized_body`, `log_index`, `log_id`, and `integrated_time` into the payload that the SET's signature is generated over. This field is intended to be used in cases where the SET cannot be produced determinisitically (e.g. inconsistent JSON field ordering, differing whitespace, etc). If set, clients MUST verify that the signature referenced in the `canonicalized_body` matches the signature provided in the `Bundle.content`. If not set, clients are responsible for constructing an equivalent payload from other sources to verify the signature.", "format": "binary", diff --git a/gen/pb-rust/schemas/CertificateAuthority.schema.json b/gen/pb-rust/schemas/CertificateAuthority.schema.json index 4c6fece0..b9af9a0e 100644 --- a/gen/pb-rust/schemas/CertificateAuthority.schema.json +++ b/gen/pb-rust/schemas/CertificateAuthority.schema.json @@ -13,12 +13,12 @@ "type": "string", "description": "The URI at which the CA can be accessed." }, - "cert_chain": { + "certChain": { "$ref": "#/definitions/dev.sigstore.common.v1.X509CertificateChain", "additionalProperties": false, "description": "The certificate chain for this CA." }, - "valid_for": { + "validFor": { "$ref": "#/definitions/dev.sigstore.common.v1.TimeRange", "additionalProperties": false, "description": "The time the *entire* chain was valid. This is at max the longest interval when *all* certificates in the chain were valid, but it MAY be shorter. Clients MUST check timestamps against *both* the `valid_for` time range *and* the entire certificate chain. The TimeRange should be considered valid *inclusive* of the endpoints." @@ -34,7 +34,7 @@ "organization": { "type": "string" }, - "common_name": { + "commonName": { "type": "string" } }, @@ -67,7 +67,7 @@ }, "dev.sigstore.common.v1.X509Certificate": { "properties": { - "raw_bytes": { + "rawBytes": { "type": "string", "description": "DER-encoded X.509 certificate.", "format": "binary", diff --git a/gen/pb-rust/schemas/CloudEvent.schema.json b/gen/pb-rust/schemas/CloudEvent.schema.json index 85bd429c..4076a9e4 100644 --- a/gen/pb-rust/schemas/CloudEvent.schema.json +++ b/gen/pb-rust/schemas/CloudEvent.schema.json @@ -13,7 +13,7 @@ "type": "string", "description": "URI-reference" }, - "spec_version": { + "specVersion": { "type": "string" }, "type": { @@ -27,17 +27,17 @@ "type": "object", "description": "Optional \u0026 Extension Attributes" }, - "binary_data": { + "binaryData": { "type": "string", "format": "binary", "binaryEncoding": "base64" }, - "text_data": { + "textData": { "type": "string" }, - "proto_data": { + "protoData": { "properties": { - "type_url": { + "typeUrl": { "type": "string", "description": "A URL/resource name that uniquely identifies the type of the serialized protocol buffer message. This string must contain at least one \"/\" character. The last segment of the URL's path must represent the fully qualified name of the type (as in `path/google.protobuf.Duration`). The name should be in a canonical form (e.g., leading \".\" is not accepted). In practice, teams usually precompile into the binary all types that they expect it to use in the context of Any. However, for URLs which use the scheme `http`, `https`, or no scheme, one can optionally set up a type server that maps type URLs to message definitions as follows: * If no scheme is provided, `https` is assumed. * An HTTP GET on the URL must yield a [google.protobuf.Type][] value in binary format, or produce an error. * Applications are allowed to cache lookup results based on the URL, or have them precompiled into a binary to avoid any lookup. Therefore, binary compatibility needs to be preserved on changes to types. (Use versioned type names to manage breaking changes.) Note: this functionality is not currently available in the official protobuf release, and it is not used for type URLs beginning with type.googleapis.com. Schemes other than `http`, `https` (or the empty scheme) might be used with implementation specific semantics." }, @@ -75,27 +75,27 @@ }, "dev.sigstore.events.v1.CloudEvent.CloudEventAttributeValue": { "properties": { - "ce_boolean": { + "ceBoolean": { "type": "boolean" }, - "ce_integer": { + "ceInteger": { "type": "integer" }, - "ce_string": { + "ceString": { "type": "string" }, - "ce_bytes": { + "ceBytes": { "type": "string", "format": "binary", "binaryEncoding": "base64" }, - "ce_uri": { + "ceUri": { "type": "string" }, - "ce_uri_ref": { + "ceUriRef": { "type": "string" }, - "ce_timestamp": { + "ceTimestamp": { "type": "string", "format": "date-time" } diff --git a/gen/pb-rust/schemas/CloudEventBatch.schema.json b/gen/pb-rust/schemas/CloudEventBatch.schema.json index d2dfb2ef..b14c8952 100644 --- a/gen/pb-rust/schemas/CloudEventBatch.schema.json +++ b/gen/pb-rust/schemas/CloudEventBatch.schema.json @@ -28,7 +28,7 @@ "type": "string", "description": "URI-reference" }, - "spec_version": { + "specVersion": { "type": "string" }, "type": { @@ -42,17 +42,17 @@ "type": "object", "description": "Optional \u0026 Extension Attributes" }, - "binary_data": { + "binaryData": { "type": "string", "format": "binary", "binaryEncoding": "base64" }, - "text_data": { + "textData": { "type": "string" }, - "proto_data": { + "protoData": { "properties": { - "type_url": { + "typeUrl": { "type": "string", "description": "A URL/resource name that uniquely identifies the type of the serialized protocol buffer message. This string must contain at least one \"/\" character. The last segment of the URL's path must represent the fully qualified name of the type (as in `path/google.protobuf.Duration`). The name should be in a canonical form (e.g., leading \".\" is not accepted). In practice, teams usually precompile into the binary all types that they expect it to use in the context of Any. However, for URLs which use the scheme `http`, `https`, or no scheme, one can optionally set up a type server that maps type URLs to message definitions as follows: * If no scheme is provided, `https` is assumed. * An HTTP GET on the URL must yield a [google.protobuf.Type][] value in binary format, or produce an error. * Applications are allowed to cache lookup results based on the URL, or have them precompiled into a binary to avoid any lookup. Therefore, binary compatibility needs to be preserved on changes to types. (Use versioned type names to manage breaking changes.) Note: this functionality is not currently available in the official protobuf release, and it is not used for type URLs beginning with type.googleapis.com. Schemes other than `http`, `https` (or the empty scheme) might be used with implementation specific semantics." }, @@ -90,27 +90,27 @@ }, "dev.sigstore.events.v1.CloudEvent.CloudEventAttributeValue": { "properties": { - "ce_boolean": { + "ceBoolean": { "type": "boolean" }, - "ce_integer": { + "ceInteger": { "type": "integer" }, - "ce_string": { + "ceString": { "type": "string" }, - "ce_bytes": { + "ceBytes": { "type": "string", "format": "binary", "binaryEncoding": "base64" }, - "ce_uri": { + "ceUri": { "type": "string" }, - "ce_uri_ref": { + "ceUriRef": { "type": "string" }, - "ce_timestamp": { + "ceTimestamp": { "type": "string", "format": "date-time" } diff --git a/gen/pb-rust/schemas/DistinguishedName.schema.json b/gen/pb-rust/schemas/DistinguishedName.schema.json index 7bf473bc..ee6bf51c 100644 --- a/gen/pb-rust/schemas/DistinguishedName.schema.json +++ b/gen/pb-rust/schemas/DistinguishedName.schema.json @@ -7,7 +7,7 @@ "organization": { "type": "string" }, - "common_name": { + "commonName": { "type": "string" } }, diff --git a/gen/pb-rust/schemas/InclusionPromise.schema.json b/gen/pb-rust/schemas/InclusionPromise.schema.json index ea457e5a..1142d619 100644 --- a/gen/pb-rust/schemas/InclusionPromise.schema.json +++ b/gen/pb-rust/schemas/InclusionPromise.schema.json @@ -4,7 +4,7 @@ "definitions": { "InclusionPromise": { "properties": { - "signed_entry_timestamp": { + "signedEntryTimestamp": { "type": "string", "format": "binary", "binaryEncoding": "base64" diff --git a/gen/pb-rust/schemas/InclusionProof.schema.json b/gen/pb-rust/schemas/InclusionProof.schema.json index ae9617a1..ff26b70b 100644 --- a/gen/pb-rust/schemas/InclusionProof.schema.json +++ b/gen/pb-rust/schemas/InclusionProof.schema.json @@ -4,17 +4,17 @@ "definitions": { "InclusionProof": { "properties": { - "log_index": { + "logIndex": { "type": "string", "description": "The index of the entry in the tree it was written to." }, - "root_hash": { + "rootHash": { "type": "string", "description": "The hash digest stored at the root of the merkle tree at the time the proof was generated.", "format": "binary", "binaryEncoding": "base64" }, - "tree_size": { + "treeSize": { "type": "string", "description": "The size of the merkle tree at the time the proof was generated." }, diff --git a/gen/pb-rust/schemas/Input.schema.json b/gen/pb-rust/schemas/Input.schema.json index c2667286..e23bb548 100644 --- a/gen/pb-rust/schemas/Input.schema.json +++ b/gen/pb-rust/schemas/Input.schema.json @@ -4,12 +4,12 @@ "definitions": { "Input": { "properties": { - "artifact_trust_root": { + "artifactTrustRoot": { "$ref": "#/definitions/dev.sigstore.trustroot.v1.TrustedRoot", "additionalProperties": false, "description": "The verification materials provided during a bundle verification. The running process is usually preloaded with a \"global\" dev.sisgtore.trustroot.TrustedRoot.v1 instance. Prior to verifying an artifact (i.e a bundle), and/or based on current policy, some selection is expected to happen, to filter out the exact certificate authority to use, which transparency logs are relevant etc. The result should b ecaptured in the `artifact_trust_root`." }, - "artifact_verification_options": { + "artifactVerificationOptions": { "$ref": "#/definitions/dev.sigstore.verification.v1.ArtifactVerificationOptions", "additionalProperties": false }, @@ -37,20 +37,20 @@ }, "dev.sigstore.bundle.v1.Bundle": { "properties": { - "media_type": { + "mediaType": { "type": "string", "description": "MUST be application/vnd.dev.sigstore.bundle+json;version=0.1 or application/vnd.dev.sigstore.bundle+json;version=0.2 when encoded as JSON." }, - "verification_material": { + "verificationMaterial": { "$ref": "#/definitions/dev.sigstore.bundle.v1.VerificationMaterial", "additionalProperties": false, "description": "When a signer is identified by a X.509 certificate, a verifier MUST verify that the signature was computed at the time the certificate was valid as described in the Sigstore client spec: \"Verification using a Bundle\". \u003chttps://docs.google.com/document/d/1kbhK2qyPPk8SLavHzYSDM8-Ueul9_oxIMVFuWMWKz0E/edit#heading=h.x8bduppe89ln\u003e" }, - "message_signature": { + "messageSignature": { "$ref": "#/definitions/dev.sigstore.common.v1.MessageSignature", "additionalProperties": false }, - "dsse_envelope": { + "dsseEnvelope": { "$ref": "#/definitions/io.intoto.Envelope", "additionalProperties": false, "description": "A DSSE envelope can contain arbitrary payloads. Verifiers must verify that the payload type is a supported and expected type. This is part of the DSSE protocol which is defined here: \u003chttps://github.com/secure-systems-lab/dsse/blob/master/protocol.md\u003e" @@ -74,7 +74,7 @@ }, "dev.sigstore.bundle.v1.TimestampVerificationData": { "properties": { - "rfc3161_timestamps": { + "rfc3161Timestamps": { "items": { "$ref": "#/definitions/dev.sigstore.common.v1.RFC3161SignedTimestamp" }, @@ -90,15 +90,15 @@ }, "dev.sigstore.bundle.v1.VerificationMaterial": { "properties": { - "public_key": { + "publicKey": { "$ref": "#/definitions/dev.sigstore.common.v1.PublicKeyIdentifier", "additionalProperties": false }, - "x509_certificate_chain": { + "x509CertificateChain": { "$ref": "#/definitions/dev.sigstore.common.v1.X509CertificateChain", "additionalProperties": false }, - "tlog_entries": { + "tlogEntries": { "items": { "$ref": "#/definitions/dev.sigstore.rekor.v1.TransparencyLogEntry" }, @@ -106,7 +106,7 @@ "type": "array", "description": "An inclusion proof and an optional signed timestamp from the log. Client verification libraries MAY provide an option to support v0.1 bundles for backwards compatibility, which may contain an inclusion promise and not an inclusion proof. In this case, the client MUST validate the promise. Verifiers SHOULD NOT allow v0.1 bundles if they're used in an ecosystem which never produced them." }, - "timestamp_verification_data": { + "timestampVerificationData": { "$ref": "#/definitions/dev.sigstore.bundle.v1.TimestampVerificationData", "additionalProperties": false, "description": "Timestamp may also come from tlog_entries.inclusion_promise.signed_entry_timestamp." @@ -134,7 +134,7 @@ "organization": { "type": "string" }, - "common_name": { + "commonName": { "type": "string" } }, @@ -176,7 +176,7 @@ }, "dev.sigstore.common.v1.LogId": { "properties": { - "key_id": { + "keyId": { "type": "string", "description": "The unique id of the log, represented as the SHA-256 hash of the log's public key, calculated over the DER encoding of the key represented as SubjectPublicKeyInfo. See https://www.rfc-editor.org/rfc/rfc6962#section-3.2", "format": "binary", @@ -190,7 +190,7 @@ }, "dev.sigstore.common.v1.MessageSignature": { "properties": { - "message_digest": { + "messageDigest": { "$ref": "#/definitions/dev.sigstore.common.v1.HashOutput", "additionalProperties": false, "description": "Message digest can be used to identify the artifact. Clients MUST NOT attempt to use this digest to verify the associated signature; it is intended solely for identification." @@ -240,13 +240,13 @@ }, "dev.sigstore.common.v1.PublicKey": { "properties": { - "raw_bytes": { + "rawBytes": { "type": "string", "description": "DER-encoded public key, encoding method is specified by the key_details attribute.", "format": "binary", "binaryEncoding": "base64" }, - "key_details": { + "keyDetails": { "enum": [ "PUBLIC_KEY_DETAILS_UNSPECIFIED", 0, @@ -276,7 +276,7 @@ "title": "Public Key Details", "description": "Details of a specific public key, capturing the the key encoding method, and signature algorithm. To avoid the possibility of contradicting formats such as PKCS1 with ED25519 the valid permutations are listed as a linear set instead of a cartesian set (i.e one combined variable instead of two, one for encoding and one for the signature algorithm)." }, - "valid_for": { + "validFor": { "$ref": "#/definitions/dev.sigstore.common.v1.TimeRange", "additionalProperties": false, "description": "Optional validity period for this key, *inclusive* of the endpoints." @@ -312,7 +312,7 @@ }, "dev.sigstore.common.v1.RFC3161SignedTimestamp": { "properties": { - "signed_timestamp": { + "signedTimestamp": { "type": "string", "description": "Signed timestamp is the DER encoded TimeStampResponse. See https://www.rfc-editor.org/rfc/rfc3161.html#section-2.4.2", "format": "binary", @@ -397,7 +397,7 @@ }, "dev.sigstore.common.v1.X509Certificate": { "properties": { - "raw_bytes": { + "rawBytes": { "type": "string", "description": "DER-encoded X.509 certificate.", "format": "binary", @@ -437,7 +437,7 @@ }, "dev.sigstore.rekor.v1.InclusionPromise": { "properties": { - "signed_entry_timestamp": { + "signedEntryTimestamp": { "type": "string", "format": "binary", "binaryEncoding": "base64" @@ -450,17 +450,17 @@ }, "dev.sigstore.rekor.v1.InclusionProof": { "properties": { - "log_index": { + "logIndex": { "type": "string", "description": "The index of the entry in the tree it was written to." }, - "root_hash": { + "rootHash": { "type": "string", "description": "The hash digest stored at the root of the merkle tree at the time the proof was generated.", "format": "binary", "binaryEncoding": "base64" }, - "tree_size": { + "treeSize": { "type": "string", "description": "The size of the merkle tree at the time the proof was generated." }, @@ -502,35 +502,35 @@ }, "dev.sigstore.rekor.v1.TransparencyLogEntry": { "properties": { - "log_index": { + "logIndex": { "type": "string", "description": "The global index of the entry, used when querying the log by index." }, - "log_id": { + "logId": { "$ref": "#/definitions/dev.sigstore.common.v1.LogId", "additionalProperties": false, "description": "The unique identifier of the log." }, - "kind_version": { + "kindVersion": { "$ref": "#/definitions/dev.sigstore.rekor.v1.KindVersion", "additionalProperties": false, "description": "The kind (type) and version of the object associated with this entry. These values are required to construct the entry during verification." }, - "integrated_time": { + "integratedTime": { "type": "string", "description": "The UNIX timestamp from the log when the entry was persisted." }, - "inclusion_promise": { + "inclusionPromise": { "$ref": "#/definitions/dev.sigstore.rekor.v1.InclusionPromise", "additionalProperties": false, "description": "The inclusion promise/signed entry timestamp from the log. Required for v0.1 bundles, and MUST be verified. Optional for \u003e= v0.2 bundles, and SHOULD be verified when present. Also may be used as a signed timestamp." }, - "inclusion_proof": { + "inclusionProof": { "$ref": "#/definitions/dev.sigstore.rekor.v1.InclusionProof", "additionalProperties": false, "description": "The inclusion proof can be used for offline or online verification that the entry was appended to the log, and that the log has not been altered." }, - "canonicalized_body": { + "canonicalizedBody": { "type": "string", "description": "Optional. The canonicalized transparency log entry, used to reconstruct the Signed Entry Timestamp (SET) during verification. The contents of this field are the same as the `body` field in a Rekor response, meaning that it does **not** include the \"full\" canonicalized form (of log index, ID, etc.) which are exposed as separate fields. The verifier is responsible for combining the `canonicalized_body`, `log_index`, `log_id`, and `integrated_time` into the payload that the SET's signature is generated over. This field is intended to be used in cases where the SET cannot be produced determinisitically (e.g. inconsistent JSON field ordering, differing whitespace, etc). If set, clients MUST verify that the signature referenced in the `canonicalized_body` matches the signature provided in the `Bundle.content`. If not set, clients are responsible for constructing an equivalent payload from other sources to verify the signature.", "format": "binary", @@ -553,12 +553,12 @@ "type": "string", "description": "The URI at which the CA can be accessed." }, - "cert_chain": { + "certChain": { "$ref": "#/definitions/dev.sigstore.common.v1.X509CertificateChain", "additionalProperties": false, "description": "The certificate chain for this CA." }, - "valid_for": { + "validFor": { "$ref": "#/definitions/dev.sigstore.common.v1.TimeRange", "additionalProperties": false, "description": "The time the *entire* chain was valid. This is at max the longest interval when *all* certificates in the chain were valid, but it MAY be shorter. Clients MUST check timestamps against *both* the `valid_for` time range *and* the entire certificate chain. The TimeRange should be considered valid *inclusive* of the endpoints." @@ -571,11 +571,11 @@ }, "dev.sigstore.trustroot.v1.TransparencyLogInstance": { "properties": { - "base_url": { + "baseUrl": { "type": "string", "description": "The base URL at which can be used to URLs for the client." }, - "hash_algorithm": { + "hashAlgorithm": { "enum": [ "HASH_ALGORITHM_UNSPECIFIED", 0, @@ -593,12 +593,12 @@ "title": "This package defines commonly used message types within the Sigstore\n community.", "description": "This package defines commonly used message types within the Sigstore community. Only a subset of the secure hash standard algorithms are supported. See \u003chttps://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf\u003e for more details. UNSPECIFIED SHOULD not be used, primary reason for inclusion is to force any proto JSON serialization to emit the used hash algorithm, as default option is to *omit* the default value of an enum (which is the first value, represented by '0'." }, - "public_key": { + "publicKey": { "$ref": "#/definitions/dev.sigstore.common.v1.PublicKey", "additionalProperties": false, "description": "The public key used to verify signatures generated by the log. This attribute contains the signature algorithm used by the log." }, - "log_id": { + "logId": { "$ref": "#/definitions/dev.sigstore.common.v1.LogId", "additionalProperties": false, "description": "The unique identifier for this transparency log." @@ -611,7 +611,7 @@ }, "dev.sigstore.trustroot.v1.TrustedRoot": { "properties": { - "media_type": { + "mediaType": { "type": "string", "description": "MUST be application/vnd.dev.sigstore.trustedroot+json;version=0.1" }, @@ -623,7 +623,7 @@ "type": "array", "description": "A set of trusted Rekor servers." }, - "certificate_authorities": { + "certificateAuthorities": { "items": { "$ref": "#/definitions/dev.sigstore.trustroot.v1.CertificateAuthority" }, @@ -639,7 +639,7 @@ "type": "array", "description": "A set of trusted certificate transparency logs." }, - "timestamp_authorities": { + "timestampAuthorities": { "items": { "$ref": "#/definitions/dev.sigstore.trustroot.v1.CertificateAuthority" }, @@ -655,7 +655,7 @@ }, "dev.sigstore.verification.v1.Artifact": { "properties": { - "artifact_uri": { + "artifactUri": { "type": "string", "description": "Location of the artifact" }, @@ -684,26 +684,26 @@ }, "dev.sigstore.verification.v1.ArtifactVerificationOptions": { "properties": { - "certificate_identities": { + "certificateIdentities": { "$ref": "#/definitions/dev.sigstore.verification.v1.CertificateIdentities", "additionalProperties": false }, - "public_keys": { + "publicKeys": { "$ref": "#/definitions/dev.sigstore.verification.v1.PublicKeyIdentities", "additionalProperties": false, "description": "To simplify verification implementation, the logic for bundle verification should be implemented as a higher-order function, where one of argument should be an interface over the set of trusted public keys, like this: `Verify(bytes artifact, bytes signature, string key_id)`. This way the caller is in full control of mapping the identified (or hinted) key in the bundle to one of the trusted keys, as this process is inherently application specific." }, - "tlog_options": { + "tlogOptions": { "$ref": "#/definitions/dev.sigstore.verification.v1.ArtifactVerificationOptions.TlogOptions", "additionalProperties": false, "description": "Optional options for artifact transparency log verification. If none is provided, the default verification options are: Threshold: 1 Online verification: false Disable: false" }, - "ctlog_options": { + "ctlogOptions": { "$ref": "#/definitions/dev.sigstore.verification.v1.ArtifactVerificationOptions.CtlogOptions", "additionalProperties": false, "description": "Optional options for certificate transparency log verification. If none is provided, the default verification options are: Threshold: 1 Detached SCT: false Disable: false" }, - "tsa_options": { + "tsaOptions": { "$ref": "#/definitions/dev.sigstore.verification.v1.ArtifactVerificationOptions.TimestampAuthorityOptions", "additionalProperties": false, "description": "Optional options for certificate signed timestamp verification. If none is provided, the default verification options are: Threshold: 1 Disable: false" @@ -747,7 +747,7 @@ "type": "integer", "description": "The number of ct transparency logs the certificate must appear on." }, - "detached_sct": { + "detachedSct": { "type": "boolean", "description": "Expect detached SCTs. This is not supported right now as we can't capture an detached SCT in the bundle." }, @@ -781,7 +781,7 @@ "type": "integer", "description": "Number of transparency logs the entry must appear on." }, - "perform_online_verification": { + "performOnlineVerification": { "type": "boolean", "description": "Perform an online inclusion proof." }, @@ -834,7 +834,7 @@ }, "dev.sigstore.verification.v1.PublicKeyIdentities": { "properties": { - "public_keys": { + "publicKeys": { "items": { "$ref": "#/definitions/dev.sigstore.common.v1.PublicKey" }, diff --git a/gen/pb-rust/schemas/LogId.schema.json b/gen/pb-rust/schemas/LogId.schema.json index 77b1f8c5..7056b6ad 100644 --- a/gen/pb-rust/schemas/LogId.schema.json +++ b/gen/pb-rust/schemas/LogId.schema.json @@ -4,7 +4,7 @@ "definitions": { "LogId": { "properties": { - "key_id": { + "keyId": { "type": "string", "description": "The unique id of the log, represented as the SHA-256 hash of the log's public key, calculated over the DER encoding of the key represented as SubjectPublicKeyInfo. See https://www.rfc-editor.org/rfc/rfc6962#section-3.2", "format": "binary", diff --git a/gen/pb-rust/schemas/MessageSignature.schema.json b/gen/pb-rust/schemas/MessageSignature.schema.json index 07e26fdf..603bb83a 100644 --- a/gen/pb-rust/schemas/MessageSignature.schema.json +++ b/gen/pb-rust/schemas/MessageSignature.schema.json @@ -4,7 +4,7 @@ "definitions": { "MessageSignature": { "properties": { - "message_digest": { + "messageDigest": { "$ref": "#/definitions/dev.sigstore.common.v1.HashOutput", "additionalProperties": false, "description": "Message digest can be used to identify the artifact. Clients MUST NOT attempt to use this digest to verify the associated signature; it is intended solely for identification." diff --git a/gen/pb-rust/schemas/PublicKey.schema.json b/gen/pb-rust/schemas/PublicKey.schema.json index d41e5eaf..28105b87 100644 --- a/gen/pb-rust/schemas/PublicKey.schema.json +++ b/gen/pb-rust/schemas/PublicKey.schema.json @@ -4,13 +4,13 @@ "definitions": { "PublicKey": { "properties": { - "raw_bytes": { + "rawBytes": { "type": "string", "description": "DER-encoded public key, encoding method is specified by the key_details attribute.", "format": "binary", "binaryEncoding": "base64" }, - "key_details": { + "keyDetails": { "enum": [ "PUBLIC_KEY_DETAILS_UNSPECIFIED", 0, @@ -40,7 +40,7 @@ "title": "Public Key Details", "description": "Details of a specific public key, capturing the the key encoding method, and signature algorithm. To avoid the possibility of contradicting formats such as PKCS1 with ED25519 the valid permutations are listed as a linear set instead of a cartesian set (i.e one combined variable instead of two, one for encoding and one for the signature algorithm)." }, - "valid_for": { + "validFor": { "$ref": "#/definitions/dev.sigstore.common.v1.TimeRange", "additionalProperties": false, "description": "Optional validity period for this key, *inclusive* of the endpoints." diff --git a/gen/pb-rust/schemas/PublicKeyIdentities.schema.json b/gen/pb-rust/schemas/PublicKeyIdentities.schema.json index 940b468d..05a5864d 100644 --- a/gen/pb-rust/schemas/PublicKeyIdentities.schema.json +++ b/gen/pb-rust/schemas/PublicKeyIdentities.schema.json @@ -4,7 +4,7 @@ "definitions": { "PublicKeyIdentities": { "properties": { - "public_keys": { + "publicKeys": { "items": { "$ref": "#/definitions/dev.sigstore.common.v1.PublicKey" }, @@ -18,13 +18,13 @@ }, "dev.sigstore.common.v1.PublicKey": { "properties": { - "raw_bytes": { + "rawBytes": { "type": "string", "description": "DER-encoded public key, encoding method is specified by the key_details attribute.", "format": "binary", "binaryEncoding": "base64" }, - "key_details": { + "keyDetails": { "enum": [ "PUBLIC_KEY_DETAILS_UNSPECIFIED", 0, @@ -54,7 +54,7 @@ "title": "Public Key Details", "description": "Details of a specific public key, capturing the the key encoding method, and signature algorithm. To avoid the possibility of contradicting formats such as PKCS1 with ED25519 the valid permutations are listed as a linear set instead of a cartesian set (i.e one combined variable instead of two, one for encoding and one for the signature algorithm)." }, - "valid_for": { + "validFor": { "$ref": "#/definitions/dev.sigstore.common.v1.TimeRange", "additionalProperties": false, "description": "Optional validity period for this key, *inclusive* of the endpoints." diff --git a/gen/pb-rust/schemas/RFC3161SignedTimestamp.schema.json b/gen/pb-rust/schemas/RFC3161SignedTimestamp.schema.json index 7aa04537..8a36b450 100644 --- a/gen/pb-rust/schemas/RFC3161SignedTimestamp.schema.json +++ b/gen/pb-rust/schemas/RFC3161SignedTimestamp.schema.json @@ -4,7 +4,7 @@ "definitions": { "RFC3161SignedTimestamp": { "properties": { - "signed_timestamp": { + "signedTimestamp": { "type": "string", "description": "Signed timestamp is the DER encoded TimeStampResponse. See https://www.rfc-editor.org/rfc/rfc3161.html#section-2.4.2", "format": "binary", diff --git a/gen/pb-rust/schemas/TimestampVerificationData.schema.json b/gen/pb-rust/schemas/TimestampVerificationData.schema.json index cb9f52d8..9d202449 100644 --- a/gen/pb-rust/schemas/TimestampVerificationData.schema.json +++ b/gen/pb-rust/schemas/TimestampVerificationData.schema.json @@ -4,7 +4,7 @@ "definitions": { "TimestampVerificationData": { "properties": { - "rfc3161_timestamps": { + "rfc3161Timestamps": { "items": { "$ref": "#/definitions/dev.sigstore.common.v1.RFC3161SignedTimestamp" }, @@ -20,7 +20,7 @@ }, "dev.sigstore.common.v1.RFC3161SignedTimestamp": { "properties": { - "signed_timestamp": { + "signedTimestamp": { "type": "string", "description": "Signed timestamp is the DER encoded TimeStampResponse. See https://www.rfc-editor.org/rfc/rfc3161.html#section-2.4.2", "format": "binary", diff --git a/gen/pb-rust/schemas/TransparencyLogEntry.schema.json b/gen/pb-rust/schemas/TransparencyLogEntry.schema.json index e130ab5d..19e9b83b 100644 --- a/gen/pb-rust/schemas/TransparencyLogEntry.schema.json +++ b/gen/pb-rust/schemas/TransparencyLogEntry.schema.json @@ -4,35 +4,35 @@ "definitions": { "TransparencyLogEntry": { "properties": { - "log_index": { + "logIndex": { "type": "string", "description": "The global index of the entry, used when querying the log by index." }, - "log_id": { + "logId": { "$ref": "#/definitions/dev.sigstore.common.v1.LogId", "additionalProperties": false, "description": "The unique identifier of the log." }, - "kind_version": { + "kindVersion": { "$ref": "#/definitions/dev.sigstore.rekor.v1.KindVersion", "additionalProperties": false, "description": "The kind (type) and version of the object associated with this entry. These values are required to construct the entry during verification." }, - "integrated_time": { + "integratedTime": { "type": "string", "description": "The UNIX timestamp from the log when the entry was persisted." }, - "inclusion_promise": { + "inclusionPromise": { "$ref": "#/definitions/dev.sigstore.rekor.v1.InclusionPromise", "additionalProperties": false, "description": "The inclusion promise/signed entry timestamp from the log. Required for v0.1 bundles, and MUST be verified. Optional for \u003e= v0.2 bundles, and SHOULD be verified when present. Also may be used as a signed timestamp." }, - "inclusion_proof": { + "inclusionProof": { "$ref": "#/definitions/dev.sigstore.rekor.v1.InclusionProof", "additionalProperties": false, "description": "The inclusion proof can be used for offline or online verification that the entry was appended to the log, and that the log has not been altered." }, - "canonicalized_body": { + "canonicalizedBody": { "type": "string", "description": "Optional. The canonicalized transparency log entry, used to reconstruct the Signed Entry Timestamp (SET) during verification. The contents of this field are the same as the `body` field in a Rekor response, meaning that it does **not** include the \"full\" canonicalized form (of log index, ID, etc.) which are exposed as separate fields. The verifier is responsible for combining the `canonicalized_body`, `log_index`, `log_id`, and `integrated_time` into the payload that the SET's signature is generated over. This field is intended to be used in cases where the SET cannot be produced determinisitically (e.g. inconsistent JSON field ordering, differing whitespace, etc). If set, clients MUST verify that the signature referenced in the `canonicalized_body` matches the signature provided in the `Bundle.content`. If not set, clients are responsible for constructing an equivalent payload from other sources to verify the signature.", "format": "binary", @@ -46,7 +46,7 @@ }, "dev.sigstore.common.v1.LogId": { "properties": { - "key_id": { + "keyId": { "type": "string", "description": "The unique id of the log, represented as the SHA-256 hash of the log's public key, calculated over the DER encoding of the key represented as SubjectPublicKeyInfo. See https://www.rfc-editor.org/rfc/rfc6962#section-3.2", "format": "binary", @@ -71,7 +71,7 @@ }, "dev.sigstore.rekor.v1.InclusionPromise": { "properties": { - "signed_entry_timestamp": { + "signedEntryTimestamp": { "type": "string", "format": "binary", "binaryEncoding": "base64" @@ -84,17 +84,17 @@ }, "dev.sigstore.rekor.v1.InclusionProof": { "properties": { - "log_index": { + "logIndex": { "type": "string", "description": "The index of the entry in the tree it was written to." }, - "root_hash": { + "rootHash": { "type": "string", "description": "The hash digest stored at the root of the merkle tree at the time the proof was generated.", "format": "binary", "binaryEncoding": "base64" }, - "tree_size": { + "treeSize": { "type": "string", "description": "The size of the merkle tree at the time the proof was generated." }, diff --git a/gen/pb-rust/schemas/TransparencyLogInstance.schema.json b/gen/pb-rust/schemas/TransparencyLogInstance.schema.json index 17fa8a8c..3d189653 100644 --- a/gen/pb-rust/schemas/TransparencyLogInstance.schema.json +++ b/gen/pb-rust/schemas/TransparencyLogInstance.schema.json @@ -4,11 +4,11 @@ "definitions": { "TransparencyLogInstance": { "properties": { - "base_url": { + "baseUrl": { "type": "string", "description": "The base URL at which can be used to URLs for the client." }, - "hash_algorithm": { + "hashAlgorithm": { "enum": [ "HASH_ALGORITHM_UNSPECIFIED", 0, @@ -26,12 +26,12 @@ "title": "This package defines commonly used message types within the Sigstore\n community.", "description": "This package defines commonly used message types within the Sigstore community. Only a subset of the secure hash standard algorithms are supported. See \u003chttps://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf\u003e for more details. UNSPECIFIED SHOULD not be used, primary reason for inclusion is to force any proto JSON serialization to emit the used hash algorithm, as default option is to *omit* the default value of an enum (which is the first value, represented by '0'." }, - "public_key": { + "publicKey": { "$ref": "#/definitions/dev.sigstore.common.v1.PublicKey", "additionalProperties": false, "description": "The public key used to verify signatures generated by the log. This attribute contains the signature algorithm used by the log." }, - "log_id": { + "logId": { "$ref": "#/definitions/dev.sigstore.common.v1.LogId", "additionalProperties": false, "description": "The unique identifier for this transparency log." @@ -44,7 +44,7 @@ }, "dev.sigstore.common.v1.LogId": { "properties": { - "key_id": { + "keyId": { "type": "string", "description": "The unique id of the log, represented as the SHA-256 hash of the log's public key, calculated over the DER encoding of the key represented as SubjectPublicKeyInfo. See https://www.rfc-editor.org/rfc/rfc6962#section-3.2", "format": "binary", @@ -58,13 +58,13 @@ }, "dev.sigstore.common.v1.PublicKey": { "properties": { - "raw_bytes": { + "rawBytes": { "type": "string", "description": "DER-encoded public key, encoding method is specified by the key_details attribute.", "format": "binary", "binaryEncoding": "base64" }, - "key_details": { + "keyDetails": { "enum": [ "PUBLIC_KEY_DETAILS_UNSPECIFIED", 0, @@ -94,7 +94,7 @@ "title": "Public Key Details", "description": "Details of a specific public key, capturing the the key encoding method, and signature algorithm. To avoid the possibility of contradicting formats such as PKCS1 with ED25519 the valid permutations are listed as a linear set instead of a cartesian set (i.e one combined variable instead of two, one for encoding and one for the signature algorithm)." }, - "valid_for": { + "validFor": { "$ref": "#/definitions/dev.sigstore.common.v1.TimeRange", "additionalProperties": false, "description": "Optional validity period for this key, *inclusive* of the endpoints." diff --git a/gen/pb-rust/schemas/TrustedRoot.schema.json b/gen/pb-rust/schemas/TrustedRoot.schema.json index 70df3df4..f3e53e2d 100644 --- a/gen/pb-rust/schemas/TrustedRoot.schema.json +++ b/gen/pb-rust/schemas/TrustedRoot.schema.json @@ -4,7 +4,7 @@ "definitions": { "TrustedRoot": { "properties": { - "media_type": { + "mediaType": { "type": "string", "description": "MUST be application/vnd.dev.sigstore.trustedroot+json;version=0.1" }, @@ -16,7 +16,7 @@ "type": "array", "description": "A set of trusted Rekor servers." }, - "certificate_authorities": { + "certificateAuthorities": { "items": { "$ref": "#/definitions/dev.sigstore.trustroot.v1.CertificateAuthority" }, @@ -32,7 +32,7 @@ "type": "array", "description": "A set of trusted certificate transparency logs." }, - "timestamp_authorities": { + "timestampAuthorities": { "items": { "$ref": "#/definitions/dev.sigstore.trustroot.v1.CertificateAuthority" }, @@ -51,7 +51,7 @@ "organization": { "type": "string" }, - "common_name": { + "commonName": { "type": "string" } }, @@ -61,7 +61,7 @@ }, "dev.sigstore.common.v1.LogId": { "properties": { - "key_id": { + "keyId": { "type": "string", "description": "The unique id of the log, represented as the SHA-256 hash of the log's public key, calculated over the DER encoding of the key represented as SubjectPublicKeyInfo. See https://www.rfc-editor.org/rfc/rfc6962#section-3.2", "format": "binary", @@ -75,13 +75,13 @@ }, "dev.sigstore.common.v1.PublicKey": { "properties": { - "raw_bytes": { + "rawBytes": { "type": "string", "description": "DER-encoded public key, encoding method is specified by the key_details attribute.", "format": "binary", "binaryEncoding": "base64" }, - "key_details": { + "keyDetails": { "enum": [ "PUBLIC_KEY_DETAILS_UNSPECIFIED", 0, @@ -111,7 +111,7 @@ "title": "Public Key Details", "description": "Details of a specific public key, capturing the the key encoding method, and signature algorithm. To avoid the possibility of contradicting formats such as PKCS1 with ED25519 the valid permutations are listed as a linear set instead of a cartesian set (i.e one combined variable instead of two, one for encoding and one for the signature algorithm)." }, - "valid_for": { + "validFor": { "$ref": "#/definitions/dev.sigstore.common.v1.TimeRange", "additionalProperties": false, "description": "Optional validity period for this key, *inclusive* of the endpoints." @@ -158,7 +158,7 @@ }, "dev.sigstore.common.v1.X509Certificate": { "properties": { - "raw_bytes": { + "rawBytes": { "type": "string", "description": "DER-encoded X.509 certificate.", "format": "binary", @@ -196,12 +196,12 @@ "type": "string", "description": "The URI at which the CA can be accessed." }, - "cert_chain": { + "certChain": { "$ref": "#/definitions/dev.sigstore.common.v1.X509CertificateChain", "additionalProperties": false, "description": "The certificate chain for this CA." }, - "valid_for": { + "validFor": { "$ref": "#/definitions/dev.sigstore.common.v1.TimeRange", "additionalProperties": false, "description": "The time the *entire* chain was valid. This is at max the longest interval when *all* certificates in the chain were valid, but it MAY be shorter. Clients MUST check timestamps against *both* the `valid_for` time range *and* the entire certificate chain. The TimeRange should be considered valid *inclusive* of the endpoints." @@ -214,11 +214,11 @@ }, "dev.sigstore.trustroot.v1.TransparencyLogInstance": { "properties": { - "base_url": { + "baseUrl": { "type": "string", "description": "The base URL at which can be used to URLs for the client." }, - "hash_algorithm": { + "hashAlgorithm": { "enum": [ "HASH_ALGORITHM_UNSPECIFIED", 0, @@ -236,12 +236,12 @@ "title": "This package defines commonly used message types within the Sigstore\n community.", "description": "This package defines commonly used message types within the Sigstore community. Only a subset of the secure hash standard algorithms are supported. See \u003chttps://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf\u003e for more details. UNSPECIFIED SHOULD not be used, primary reason for inclusion is to force any proto JSON serialization to emit the used hash algorithm, as default option is to *omit* the default value of an enum (which is the first value, represented by '0'." }, - "public_key": { + "publicKey": { "$ref": "#/definitions/dev.sigstore.common.v1.PublicKey", "additionalProperties": false, "description": "The public key used to verify signatures generated by the log. This attribute contains the signature algorithm used by the log." }, - "log_id": { + "logId": { "$ref": "#/definitions/dev.sigstore.common.v1.LogId", "additionalProperties": false, "description": "The unique identifier for this transparency log." diff --git a/gen/pb-rust/schemas/VerificationMaterial.schema.json b/gen/pb-rust/schemas/VerificationMaterial.schema.json index 3c7ba4d5..4657bc35 100644 --- a/gen/pb-rust/schemas/VerificationMaterial.schema.json +++ b/gen/pb-rust/schemas/VerificationMaterial.schema.json @@ -4,15 +4,15 @@ "definitions": { "VerificationMaterial": { "properties": { - "public_key": { + "publicKey": { "$ref": "#/definitions/dev.sigstore.common.v1.PublicKeyIdentifier", "additionalProperties": false }, - "x509_certificate_chain": { + "x509CertificateChain": { "$ref": "#/definitions/dev.sigstore.common.v1.X509CertificateChain", "additionalProperties": false }, - "tlog_entries": { + "tlogEntries": { "items": { "$ref": "#/definitions/dev.sigstore.rekor.v1.TransparencyLogEntry" }, @@ -20,7 +20,7 @@ "type": "array", "description": "An inclusion proof and an optional signed timestamp from the log. Client verification libraries MAY provide an option to support v0.1 bundles for backwards compatibility, which may contain an inclusion promise and not an inclusion proof. In this case, the client MUST validate the promise. Verifiers SHOULD NOT allow v0.1 bundles if they're used in an ecosystem which never produced them." }, - "timestamp_verification_data": { + "timestampVerificationData": { "$ref": "#/definitions/dev.sigstore.bundle.v1.TimestampVerificationData", "additionalProperties": false, "description": "Timestamp may also come from tlog_entries.inclusion_promise.signed_entry_timestamp." @@ -45,7 +45,7 @@ }, "dev.sigstore.bundle.v1.TimestampVerificationData": { "properties": { - "rfc3161_timestamps": { + "rfc3161Timestamps": { "items": { "$ref": "#/definitions/dev.sigstore.common.v1.RFC3161SignedTimestamp" }, @@ -61,7 +61,7 @@ }, "dev.sigstore.common.v1.LogId": { "properties": { - "key_id": { + "keyId": { "type": "string", "description": "The unique id of the log, represented as the SHA-256 hash of the log's public key, calculated over the DER encoding of the key represented as SubjectPublicKeyInfo. See https://www.rfc-editor.org/rfc/rfc6962#section-3.2", "format": "binary", @@ -87,7 +87,7 @@ }, "dev.sigstore.common.v1.RFC3161SignedTimestamp": { "properties": { - "signed_timestamp": { + "signedTimestamp": { "type": "string", "description": "Signed timestamp is the DER encoded TimeStampResponse. See https://www.rfc-editor.org/rfc/rfc3161.html#section-2.4.2", "format": "binary", @@ -101,7 +101,7 @@ }, "dev.sigstore.common.v1.X509Certificate": { "properties": { - "raw_bytes": { + "rawBytes": { "type": "string", "description": "DER-encoded X.509 certificate.", "format": "binary", @@ -141,7 +141,7 @@ }, "dev.sigstore.rekor.v1.InclusionPromise": { "properties": { - "signed_entry_timestamp": { + "signedEntryTimestamp": { "type": "string", "format": "binary", "binaryEncoding": "base64" @@ -154,17 +154,17 @@ }, "dev.sigstore.rekor.v1.InclusionProof": { "properties": { - "log_index": { + "logIndex": { "type": "string", "description": "The index of the entry in the tree it was written to." }, - "root_hash": { + "rootHash": { "type": "string", "description": "The hash digest stored at the root of the merkle tree at the time the proof was generated.", "format": "binary", "binaryEncoding": "base64" }, - "tree_size": { + "treeSize": { "type": "string", "description": "The size of the merkle tree at the time the proof was generated." }, @@ -206,35 +206,35 @@ }, "dev.sigstore.rekor.v1.TransparencyLogEntry": { "properties": { - "log_index": { + "logIndex": { "type": "string", "description": "The global index of the entry, used when querying the log by index." }, - "log_id": { + "logId": { "$ref": "#/definitions/dev.sigstore.common.v1.LogId", "additionalProperties": false, "description": "The unique identifier of the log." }, - "kind_version": { + "kindVersion": { "$ref": "#/definitions/dev.sigstore.rekor.v1.KindVersion", "additionalProperties": false, "description": "The kind (type) and version of the object associated with this entry. These values are required to construct the entry during verification." }, - "integrated_time": { + "integratedTime": { "type": "string", "description": "The UNIX timestamp from the log when the entry was persisted." }, - "inclusion_promise": { + "inclusionPromise": { "$ref": "#/definitions/dev.sigstore.rekor.v1.InclusionPromise", "additionalProperties": false, "description": "The inclusion promise/signed entry timestamp from the log. Required for v0.1 bundles, and MUST be verified. Optional for \u003e= v0.2 bundles, and SHOULD be verified when present. Also may be used as a signed timestamp." }, - "inclusion_proof": { + "inclusionProof": { "$ref": "#/definitions/dev.sigstore.rekor.v1.InclusionProof", "additionalProperties": false, "description": "The inclusion proof can be used for offline or online verification that the entry was appended to the log, and that the log has not been altered." }, - "canonicalized_body": { + "canonicalizedBody": { "type": "string", "description": "Optional. The canonicalized transparency log entry, used to reconstruct the Signed Entry Timestamp (SET) during verification. The contents of this field are the same as the `body` field in a Rekor response, meaning that it does **not** include the \"full\" canonicalized form (of log index, ID, etc.) which are exposed as separate fields. The verifier is responsible for combining the `canonicalized_body`, `log_index`, `log_id`, and `integrated_time` into the payload that the SET's signature is generated over. This field is intended to be used in cases where the SET cannot be produced determinisitically (e.g. inconsistent JSON field ordering, differing whitespace, etc). If set, clients MUST verify that the signature referenced in the `canonicalized_body` matches the signature provided in the `Bundle.content`. If not set, clients are responsible for constructing an equivalent payload from other sources to verify the signature.", "format": "binary", diff --git a/gen/pb-rust/schemas/X509Certificate.schema.json b/gen/pb-rust/schemas/X509Certificate.schema.json index ed058fca..f98f9984 100644 --- a/gen/pb-rust/schemas/X509Certificate.schema.json +++ b/gen/pb-rust/schemas/X509Certificate.schema.json @@ -4,7 +4,7 @@ "definitions": { "X509Certificate": { "properties": { - "raw_bytes": { + "rawBytes": { "type": "string", "description": "DER-encoded X.509 certificate.", "format": "binary", diff --git a/gen/pb-rust/schemas/X509CertificateChain.schema.json b/gen/pb-rust/schemas/X509CertificateChain.schema.json index c6f714e2..a2bfb087 100644 --- a/gen/pb-rust/schemas/X509CertificateChain.schema.json +++ b/gen/pb-rust/schemas/X509CertificateChain.schema.json @@ -20,7 +20,7 @@ }, "dev.sigstore.common.v1.X509Certificate": { "properties": { - "raw_bytes": { + "rawBytes": { "type": "string", "description": "DER-encoded X.509 certificate.", "format": "binary", diff --git a/gen/pb-rust/tests/bundle.txt.sigstore b/gen/pb-rust/tests/bundle.txt.sigstore index 8c439445..fac453e0 100644 --- a/gen/pb-rust/tests/bundle.txt.sigstore +++ b/gen/pb-rust/tests/bundle.txt.sigstore @@ -1 +1 @@ -{"media_type": "application/vnd.dev.sigstore.bundle+json;version=0.1", "verification_material": {"x509_certificate_chain": {"certificates": [{"raw_bytes": "MIIC5zCCAmygAwIBAgIUJ3vpewdf6e91rgjqCqagstF4qn8wCgYIKoZIzj0EAwMwNzEVMBMGA1UEChMMc2lnc3RvcmUuZGV2MR4wHAYDVQQDExVzaWdzdG9yZS1pbnRlcm1lZGlhdGUwHhcNMjMwNDI2MDAyMTA4WhcNMjMwNDI2MDAzMTA4WjAAMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE2sd6+lOBcn5MXtnbwca7zcwpprl7GUZiKTO9IWpAUfVTtx+BXGHQCRwsFy/d7dLlf4hurIqhzMD5yaC2kcU9/8c9G55JyBXF8Dx5SQm9y2rPWFIdm29Ql9A3I3yyEFyPo4IBbjCCAWowDgYDVR0PAQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMDMB0GA1UdDgQWBBTlaUfjpiXGhBP3hOCW0JJZDSPxgzAfBgNVHSMEGDAWgBRxhjCmFHxib/n31vQFGn9f/+tvrDAYBgNVHREBAf8EDjAMgQphQHRueS50b3duMCwGCisGAQQBg78wAQEEHmh0dHBzOi8vZ2l0aHViLmNvbS9sb2dpbi9vYXV0aDAuBgorBgEEAYO/MAEIBCAMHmh0dHBzOi8vZ2l0aHViLmNvbS9sb2dpbi9vYXV0aDCBigYKKwYBBAHWeQIEAgR8BHoAeAB2ACswvNxoiMni4dgmKV50H0g5MZYC8pwzy15DQP6yrIZ6AAABh7rveBsAAAQDAEcwRQIhAKOZPMN9Q9qO1HXigHBPt+Ic16yy2Zgv2KQ23i5WLj16AiAzrFpuayGXdoK+hYePl9dEeXjG/vB2jK/E3sEsIrXtETAKBggqhkjOPQQDAwNpADBmAjEAgmhg80mI/Scr0isBnD5FYXZ8WxA8tnBBPmdf4aNGForGazGXaFQVPXgBVPv+YGI/AjEA0QzPC5dHD/WWXW2GbEC4dpwFk8OGRkiExMOy/+CqabbVg+/lx1N9VGBTlUTft45d"}]}, "tlog_entries": [{"log_index": "7390977", "log_id": {"key_id": "0y8wo8MtY5wrdiIFohx7sHeI5oKDpK5vQhGHI6G+pJY="}, "kind_version": {"kind": "hashedrekord", "version": "0.0.1"}, "integrated_time": "1682468469", "inclusion_promise": {"signed_entry_timestamp": "MEUCICSJs5PgN4W3Lku3ybrwfNLAKMWaOvffg2tnqm19VrWEAiEA16MVPsWDoaAljsxGefpQazpvYfs1pv8lzdgZQ0I4rH0="}, "inclusion_proof": {"log_index": "7376158", "root_hash": "LE67t2Zlc0g35az81xMg0cgM2DULj8fNsGGHTcRthcs=", "tree_size": "7376159", "hashes": ["zgesNHwk09VvW4IDaPrJMtX59glNyyLPzeJO1Gw1hCI=", "lJiFr9ZP5FO8BjqLAUQ16A/0/LoOOQ0gfeNhdxaxO2w=", "sMImd51DBHQnH1tz4sGk8gXB+FjWyusVXbP0GmpFnB4=", "cDU1nEpl0WCRlxLi/gNVzykDzobU4qG/7BQZxn0qDgU=", "4CRqWzG3qpxKvlHuZg5O6QjQiwOzerbjwsAh30EVlA8=", "Ru0p3GE/zB2zub2/xR5rY/aM4J+5VJmiIuIl2enF/ws=", "2W+NG5yGR68lrLGcw4gn9CSCfeQF98d3LMfdo8tPyok=", "bEs1eYxy9R6hR2veGEwYW4PEdrZKrdqZ7uDlmmNtlas=", "sgQMnwcK7VxxAi+fygxq8iJ+zWqShjXm07/AWobWcXU=", "y4BESazXFcefRzxpN1PfJHoqRaKnPJPM5H/jotx0QY8=", "xiNEdLOpmGQERCR+DCEFVRK+Ns6G0BLV9M6sQQkRhik="], "checkpoint": {"envelope": "rekor.sigstage.dev - 8050909264565447525\n7376159\nLE67t2Zlc0g35az81xMg0cgM2DULj8fNsGGHTcRthcs=\nTimestamp: 1682468469199678948\n\n\u2014 rekor.sigstage.dev 0y8wozBEAiBbAodz3dBqJjGMhnZEkbaTDVxc8+tBEPKbaWUZoqxFvwIgGtYzFgFaM3UXBRHmzgmcrCxA145dpQ2YD0yFqiPHO7U=\n"}}, "canonicalized_body": "eyJhcGlWZXJzaW9uIjoiMC4wLjEiLCJraW5kIjoiaGFzaGVkcmVrb3JkIiwic3BlYyI6eyJkYXRhIjp7Imhhc2giOnsiYWxnb3JpdGhtIjoic2hhMjU2IiwidmFsdWUiOiI4MDJkZDYwZmY4ODMzMzgwMmYyNTg1ZTczMDQzYmQyMWMzNDEyODVlMTk5MmZlNWIzMTc1NWUxY2FkZWFlMzBlIn19LCJzaWduYXR1cmUiOnsiY29udGVudCI6Ik1HVUNNUUNPT0pxVFk2WFdnQjY0aXpLMldWUDA3YjBTRzlNNVdQQ3dLaGZUUHdNdnRzZ1VpOEtlUkd3UWt2dkxZYktIZHFVQ01FYk9YRkcwTk1xRVF4V1ZiNnJtR25leGRBRHVHZjZKbDhxQUM4dG42N3AzUWZWb1h6TXZGQTYxUHp4d1Z3dmI4Zz09IiwicHVibGljS2V5Ijp7ImNvbnRlbnQiOiJMUzB0TFMxQ1JVZEpUaUJEUlZKVVNVWkpRMEZVUlMwdExTMHRDazFKU1VNMWVrTkRRVzE1WjBGM1NVSkJaMGxWU2pOMmNHVjNaR1kyWlRreGNtZHFjVU54WVdkemRFWTBjVzQ0ZDBObldVbExiMXBKZW1vd1JVRjNUWGNLVG5wRlZrMUNUVWRCTVZWRlEyaE5UV015Ykc1ak0xSjJZMjFWZFZwSFZqSk5ValIzU0VGWlJGWlJVVVJGZUZaNllWZGtlbVJIT1hsYVV6RndZbTVTYkFwamJURnNXa2RzYUdSSFZYZElhR05PVFdwTmQwNUVTVEpOUkVGNVRWUkJORmRvWTA1TmFrMTNUa1JKTWsxRVFYcE5WRUUwVjJwQlFVMUlXWGRGUVZsSUNrdHZXa2w2YWpCRFFWRlpSa3MwUlVWQlEwbEVXV2RCUlRKelpEWXJiRTlDWTI0MVRWaDBibUozWTJFM2VtTjNjSEJ5YkRkSFZWcHBTMVJQT1VsWGNFRUtWV1pXVkhSNEswSllSMGhSUTFKM2MwWjVMMlEzWkV4c1pqUm9kWEpKY1doNlRVUTFlV0ZETW10alZUa3ZPR001UnpVMVNubENXRVk0UkhnMVUxRnRPUXA1TW5KUVYwWkpaRzB5T1ZGc09VRXpTVE41ZVVWR2VWQnZORWxDWW1wRFEwRlhiM2RFWjFsRVZsSXdVRUZSU0M5Q1FWRkVRV2RsUVUxQ1RVZEJNVlZrQ2twUlVVMU5RVzlIUTBOelIwRlJWVVpDZDAxRVRVSXdSMEV4VldSRVoxRlhRa0pVYkdGVlptcHdhVmhIYUVKUU0yaFBRMWN3U2twYVJGTlFlR2Q2UVdZS1FtZE9Wa2hUVFVWSFJFRlhaMEpTZUdocVEyMUdTSGhwWWk5dU16RjJVVVpIYmpsbUx5dDBkbkpFUVZsQ1owNVdTRkpGUWtGbU9FVkVha0ZOWjFGd2FBcFJTRkoxWlZNMU1HSXpaSFZOUTNkSFEybHpSMEZSVVVKbk56aDNRVkZGUlVodGFEQmtTRUo2VDJrNGRsb3liREJoU0ZacFRHMU9kbUpUT1hOaU1tUndDbUpwT1haWldGWXdZVVJCZFVKbmIzSkNaMFZGUVZsUEwwMUJSVWxDUTBGTlNHMW9NR1JJUW5wUGFUaDJXakpzTUdGSVZtbE1iVTUyWWxNNWMySXlaSEFLWW1rNWRsbFlWakJoUkVOQ2FXZFpTMHQzV1VKQ1FVaFhaVkZKUlVGblVqaENTRzlCWlVGQ01rRkRjM2QyVG5odmFVMXVhVFJrWjIxTFZqVXdTREJuTlFwTldsbERPSEIzZW5reE5VUlJVRFo1Y2tsYU5rRkJRVUpvTjNKMlpVSnpRVUZCVVVSQlJXTjNVbEZKYUVGTFQxcFFUVTQ1VVRseFR6RklXR2xuU0VKUUNuUXJTV014Tm5sNU1scG5kakpMVVRJemFUVlhUR294TmtGcFFYcHlSbkIxWVhsSFdHUnZTeXRvV1dWUWJEbGtSV1ZZYWtjdmRrSXlha3N2UlROelJYTUtTWEpZZEVWVVFVdENaMmR4YUd0cVQxQlJVVVJCZDA1d1FVUkNiVUZxUlVGbmJXaG5PREJ0U1M5VFkzSXdhWE5DYmtRMVJsbFlXamhYZUVFNGRHNUNRZ3BRYldSbU5HRk9SMFp2Y2tkaGVrZFlZVVpSVmxCWVowSldVSFlyV1VkSkwwRnFSVUV3VVhwUVF6VmtTRVF2VjFkWVZ6SkhZa1ZETkdSd2QwWnJPRTlIQ2xKcmFVVjRUVTk1THl0RGNXRmlZbFpuS3k5c2VERk9PVlpIUWxSc1ZWUm1kRFExWkFvdExTMHRMVVZPUkNCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2c9PSJ9fX19"}]}, "message_signature": {"message_digest": {"algorithm": "SHA2_256", "digest": "gC3WD/iDM4AvJYXnMEO9IcNBKF4Zkv5bMXVeHK3q4w4="}, "signature": "MGUCMQCOOJqTY6XWgB64izK2WVP07b0SG9M5WPCwKhfTPwMvtsgUi8KeRGwQkvvLYbKHdqUCMEbOXFG0NMqEQxWVb6rmGnexdADuGf6Jl8qAC8tn67p3QfVoXzMvFA61PzxwVwvb8g=="}} +{"mediaType": "application/vnd.dev.sigstore.bundle+json;version=0.1", "verificationMaterial": {"x509CertificateChain": {"certificates": [{"rawBytes": "MIIC5zCCAmygAwIBAgIUJ3vpewdf6e91rgjqCqagstF4qn8wCgYIKoZIzj0EAwMwNzEVMBMGA1UEChMMc2lnc3RvcmUuZGV2MR4wHAYDVQQDExVzaWdzdG9yZS1pbnRlcm1lZGlhdGUwHhcNMjMwNDI2MDAyMTA4WhcNMjMwNDI2MDAzMTA4WjAAMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE2sd6+lOBcn5MXtnbwca7zcwpprl7GUZiKTO9IWpAUfVTtx+BXGHQCRwsFy/d7dLlf4hurIqhzMD5yaC2kcU9/8c9G55JyBXF8Dx5SQm9y2rPWFIdm29Ql9A3I3yyEFyPo4IBbjCCAWowDgYDVR0PAQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMDMB0GA1UdDgQWBBTlaUfjpiXGhBP3hOCW0JJZDSPxgzAfBgNVHSMEGDAWgBRxhjCmFHxib/n31vQFGn9f/+tvrDAYBgNVHREBAf8EDjAMgQphQHRueS50b3duMCwGCisGAQQBg78wAQEEHmh0dHBzOi8vZ2l0aHViLmNvbS9sb2dpbi9vYXV0aDAuBgorBgEEAYO/MAEIBCAMHmh0dHBzOi8vZ2l0aHViLmNvbS9sb2dpbi9vYXV0aDCBigYKKwYBBAHWeQIEAgR8BHoAeAB2ACswvNxoiMni4dgmKV50H0g5MZYC8pwzy15DQP6yrIZ6AAABh7rveBsAAAQDAEcwRQIhAKOZPMN9Q9qO1HXigHBPt+Ic16yy2Zgv2KQ23i5WLj16AiAzrFpuayGXdoK+hYePl9dEeXjG/vB2jK/E3sEsIrXtETAKBggqhkjOPQQDAwNpADBmAjEAgmhg80mI/Scr0isBnD5FYXZ8WxA8tnBBPmdf4aNGForGazGXaFQVPXgBVPv+YGI/AjEA0QzPC5dHD/WWXW2GbEC4dpwFk8OGRkiExMOy/+CqabbVg+/lx1N9VGBTlUTft45d"}]}, "tlogEntries": [{"logIndex": "7390977", "logId": {"keyId": "0y8wo8MtY5wrdiIFohx7sHeI5oKDpK5vQhGHI6G+pJY="}, "kindVersion": {"kind": "hashedrekord", "version": "0.0.1"}, "integratedTime": "1682468469", "inclusionPromise": {"signedEntryTimestamp": "MEUCICSJs5PgN4W3Lku3ybrwfNLAKMWaOvffg2tnqm19VrWEAiEA16MVPsWDoaAljsxGefpQazpvYfs1pv8lzdgZQ0I4rH0="}, "inclusionProof": {"logIndex": "7376158", "rootHash": "LE67t2Zlc0g35az81xMg0cgM2DULj8fNsGGHTcRthcs=", "treeSize": "7376159", "hashes": ["zgesNHwk09VvW4IDaPrJMtX59glNyyLPzeJO1Gw1hCI=", "lJiFr9ZP5FO8BjqLAUQ16A/0/LoOOQ0gfeNhdxaxO2w=", "sMImd51DBHQnH1tz4sGk8gXB+FjWyusVXbP0GmpFnB4=", "cDU1nEpl0WCRlxLi/gNVzykDzobU4qG/7BQZxn0qDgU=", "4CRqWzG3qpxKvlHuZg5O6QjQiwOzerbjwsAh30EVlA8=", "Ru0p3GE/zB2zub2/xR5rY/aM4J+5VJmiIuIl2enF/ws=", "2W+NG5yGR68lrLGcw4gn9CSCfeQF98d3LMfdo8tPyok=", "bEs1eYxy9R6hR2veGEwYW4PEdrZKrdqZ7uDlmmNtlas=", "sgQMnwcK7VxxAi+fygxq8iJ+zWqShjXm07/AWobWcXU=", "y4BESazXFcefRzxpN1PfJHoqRaKnPJPM5H/jotx0QY8=", "xiNEdLOpmGQERCR+DCEFVRK+Ns6G0BLV9M6sQQkRhik="], "checkpoint": {"envelope": "rekor.sigstage.dev - 8050909264565447525\n7376159\nLE67t2Zlc0g35az81xMg0cgM2DULj8fNsGGHTcRthcs=\nTimestamp: 1682468469199678948\n\n\u2014 rekor.sigstage.dev 0y8wozBEAiBbAodz3dBqJjGMhnZEkbaTDVxc8+tBEPKbaWUZoqxFvwIgGtYzFgFaM3UXBRHmzgmcrCxA145dpQ2YD0yFqiPHO7U=\n"}}, "canonicalizedBody": "eyJhcGlWZXJzaW9uIjoiMC4wLjEiLCJraW5kIjoiaGFzaGVkcmVrb3JkIiwic3BlYyI6eyJkYXRhIjp7Imhhc2giOnsiYWxnb3JpdGhtIjoic2hhMjU2IiwidmFsdWUiOiI4MDJkZDYwZmY4ODMzMzgwMmYyNTg1ZTczMDQzYmQyMWMzNDEyODVlMTk5MmZlNWIzMTc1NWUxY2FkZWFlMzBlIn19LCJzaWduYXR1cmUiOnsiY29udGVudCI6Ik1HVUNNUUNPT0pxVFk2WFdnQjY0aXpLMldWUDA3YjBTRzlNNVdQQ3dLaGZUUHdNdnRzZ1VpOEtlUkd3UWt2dkxZYktIZHFVQ01FYk9YRkcwTk1xRVF4V1ZiNnJtR25leGRBRHVHZjZKbDhxQUM4dG42N3AzUWZWb1h6TXZGQTYxUHp4d1Z3dmI4Zz09IiwicHVibGljS2V5Ijp7ImNvbnRlbnQiOiJMUzB0TFMxQ1JVZEpUaUJEUlZKVVNVWkpRMEZVUlMwdExTMHRDazFKU1VNMWVrTkRRVzE1WjBGM1NVSkJaMGxWU2pOMmNHVjNaR1kyWlRreGNtZHFjVU54WVdkemRFWTBjVzQ0ZDBObldVbExiMXBKZW1vd1JVRjNUWGNLVG5wRlZrMUNUVWRCTVZWRlEyaE5UV015Ykc1ak0xSjJZMjFWZFZwSFZqSk5ValIzU0VGWlJGWlJVVVJGZUZaNllWZGtlbVJIT1hsYVV6RndZbTVTYkFwamJURnNXa2RzYUdSSFZYZElhR05PVFdwTmQwNUVTVEpOUkVGNVRWUkJORmRvWTA1TmFrMTNUa1JKTWsxRVFYcE5WRUUwVjJwQlFVMUlXWGRGUVZsSUNrdHZXa2w2YWpCRFFWRlpSa3MwUlVWQlEwbEVXV2RCUlRKelpEWXJiRTlDWTI0MVRWaDBibUozWTJFM2VtTjNjSEJ5YkRkSFZWcHBTMVJQT1VsWGNFRUtWV1pXVkhSNEswSllSMGhSUTFKM2MwWjVMMlEzWkV4c1pqUm9kWEpKY1doNlRVUTFlV0ZETW10alZUa3ZPR001UnpVMVNubENXRVk0UkhnMVUxRnRPUXA1TW5KUVYwWkpaRzB5T1ZGc09VRXpTVE41ZVVWR2VWQnZORWxDWW1wRFEwRlhiM2RFWjFsRVZsSXdVRUZSU0M5Q1FWRkVRV2RsUVUxQ1RVZEJNVlZrQ2twUlVVMU5RVzlIUTBOelIwRlJWVVpDZDAxRVRVSXdSMEV4VldSRVoxRlhRa0pVYkdGVlptcHdhVmhIYUVKUU0yaFBRMWN3U2twYVJGTlFlR2Q2UVdZS1FtZE9Wa2hUVFVWSFJFRlhaMEpTZUdocVEyMUdTSGhwWWk5dU16RjJVVVpIYmpsbUx5dDBkbkpFUVZsQ1owNVdTRkpGUWtGbU9FVkVha0ZOWjFGd2FBcFJTRkoxWlZNMU1HSXpaSFZOUTNkSFEybHpSMEZSVVVKbk56aDNRVkZGUlVodGFEQmtTRUo2VDJrNGRsb3liREJoU0ZacFRHMU9kbUpUT1hOaU1tUndDbUpwT1haWldGWXdZVVJCZFVKbmIzSkNaMFZGUVZsUEwwMUJSVWxDUTBGTlNHMW9NR1JJUW5wUGFUaDJXakpzTUdGSVZtbE1iVTUyWWxNNWMySXlaSEFLWW1rNWRsbFlWakJoUkVOQ2FXZFpTMHQzV1VKQ1FVaFhaVkZKUlVGblVqaENTRzlCWlVGQ01rRkRjM2QyVG5odmFVMXVhVFJrWjIxTFZqVXdTREJuTlFwTldsbERPSEIzZW5reE5VUlJVRFo1Y2tsYU5rRkJRVUpvTjNKMlpVSnpRVUZCVVVSQlJXTjNVbEZKYUVGTFQxcFFUVTQ1VVRseFR6RklXR2xuU0VKUUNuUXJTV014Tm5sNU1scG5kakpMVVRJemFUVlhUR294TmtGcFFYcHlSbkIxWVhsSFdHUnZTeXRvV1dWUWJEbGtSV1ZZYWtjdmRrSXlha3N2UlROelJYTUtTWEpZZEVWVVFVdENaMmR4YUd0cVQxQlJVVVJCZDA1d1FVUkNiVUZxUlVGbmJXaG5PREJ0U1M5VFkzSXdhWE5DYmtRMVJsbFlXamhYZUVFNGRHNUNRZ3BRYldSbU5HRk9SMFp2Y2tkaGVrZFlZVVpSVmxCWVowSldVSFlyV1VkSkwwRnFSVUV3VVhwUVF6VmtTRVF2VjFkWVZ6SkhZa1ZETkdSd2QwWnJPRTlIQ2xKcmFVVjRUVTk1THl0RGNXRmlZbFpuS3k5c2VERk9PVlpIUWxSc1ZWUm1kRFExWkFvdExTMHRMVVZPUkNCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2c9PSJ9fX19"}]}, "messageSignature": {"messageDigest": {"algorithm": "SHA2_256", "digest": "gC3WD/iDM4AvJYXnMEO9IcNBKF4Zkv5bMXVeHK3q4w4="}, "signature": "MGUCMQCOOJqTY6XWgB64izK2WVP07b0SG9M5WPCwKhfTPwMvtsgUi8KeRGwQkvvLYbKHdqUCMEbOXFG0NMqEQxWVb6rmGnexdADuGf6Jl8qAC8tn67p3QfVoXzMvFA61PzxwVwvb8g=="}}