From 922b28c5ca86fb7d9a32fc51270f6dda4c081381 Mon Sep 17 00:00:00 2001 From: William Woodruff Date: Fri, 2 Feb 2024 12:50:16 -0500 Subject: [PATCH] add RSA PSS variants Signed-off-by: William Woodruff --- .../ArtifactVerificationOptions.schema.json | 3 + gen/jsonschema/schemas/Input.schema.json | 3 + gen/jsonschema/schemas/PublicKey.schema.json | 3 + .../schemas/PublicKeyIdentities.schema.json | 3 + .../TransparencyLogInstance.schema.json | 3 + .../schemas/TrustedRoot.schema.json | 3 + gen/pb-go/common/v1/sigstore_common.pb.go | 78 +++++++++++-------- .../dev/sigstore/common/v1/__init__.py | 3 + gen/pb-ruby/lib/sigstore_common_pb.rb | 3 + .../ArtifactVerificationOptions.schema.json | 3 + gen/pb-rust/schemas/Input.schema.json | 3 + gen/pb-rust/schemas/PublicKey.schema.json | 3 + .../schemas/PublicKeyIdentities.schema.json | 3 + .../TransparencyLogInstance.schema.json | 3 + gen/pb-rust/schemas/TrustedRoot.schema.json | 3 + .../src/__generated__/sigstore_common.ts | 18 +++++ protos/sigstore_common.proto | 5 +- 17 files changed, 110 insertions(+), 33 deletions(-) diff --git a/gen/jsonschema/schemas/ArtifactVerificationOptions.schema.json b/gen/jsonschema/schemas/ArtifactVerificationOptions.schema.json index 88d0ad65..bf7de189 100644 --- a/gen/jsonschema/schemas/ArtifactVerificationOptions.schema.json +++ b/gen/jsonschema/schemas/ArtifactVerificationOptions.schema.json @@ -130,6 +130,9 @@ "PKIX_RSA_PKCS1_2048_SHA256", "PKIX_RSA_PKCS1_3072_SHA256", "PKIX_RSA_PKCS1_4096_SHA256", + "RSA_PSS_2048_SHA256", + "RSA_PSS_3072_SHA256", + "RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/jsonschema/schemas/Input.schema.json b/gen/jsonschema/schemas/Input.schema.json index d5419cb8..dc35e61b 100644 --- a/gen/jsonschema/schemas/Input.schema.json +++ b/gen/jsonschema/schemas/Input.schema.json @@ -260,6 +260,9 @@ "PKIX_RSA_PKCS1_2048_SHA256", "PKIX_RSA_PKCS1_3072_SHA256", "PKIX_RSA_PKCS1_4096_SHA256", + "RSA_PSS_2048_SHA256", + "RSA_PSS_3072_SHA256", + "RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/jsonschema/schemas/PublicKey.schema.json b/gen/jsonschema/schemas/PublicKey.schema.json index b5cf9597..2a0d0cc0 100644 --- a/gen/jsonschema/schemas/PublicKey.schema.json +++ b/gen/jsonschema/schemas/PublicKey.schema.json @@ -20,6 +20,9 @@ "PKIX_RSA_PKCS1_2048_SHA256", "PKIX_RSA_PKCS1_3072_SHA256", "PKIX_RSA_PKCS1_4096_SHA256", + "RSA_PSS_2048_SHA256", + "RSA_PSS_3072_SHA256", + "RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/jsonschema/schemas/PublicKeyIdentities.schema.json b/gen/jsonschema/schemas/PublicKeyIdentities.schema.json index d6fa13b8..0bbf4402 100644 --- a/gen/jsonschema/schemas/PublicKeyIdentities.schema.json +++ b/gen/jsonschema/schemas/PublicKeyIdentities.schema.json @@ -34,6 +34,9 @@ "PKIX_RSA_PKCS1_2048_SHA256", "PKIX_RSA_PKCS1_3072_SHA256", "PKIX_RSA_PKCS1_4096_SHA256", + "RSA_PSS_2048_SHA256", + "RSA_PSS_3072_SHA256", + "RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/jsonschema/schemas/TransparencyLogInstance.schema.json b/gen/jsonschema/schemas/TransparencyLogInstance.schema.json index f114aac1..ce4127b2 100644 --- a/gen/jsonschema/schemas/TransparencyLogInstance.schema.json +++ b/gen/jsonschema/schemas/TransparencyLogInstance.schema.json @@ -69,6 +69,9 @@ "PKIX_RSA_PKCS1_2048_SHA256", "PKIX_RSA_PKCS1_3072_SHA256", "PKIX_RSA_PKCS1_4096_SHA256", + "RSA_PSS_2048_SHA256", + "RSA_PSS_3072_SHA256", + "RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/jsonschema/schemas/TrustedRoot.schema.json b/gen/jsonschema/schemas/TrustedRoot.schema.json index 9b50ea91..4106d7a3 100644 --- a/gen/jsonschema/schemas/TrustedRoot.schema.json +++ b/gen/jsonschema/schemas/TrustedRoot.schema.json @@ -91,6 +91,9 @@ "PKIX_RSA_PKCS1_2048_SHA256", "PKIX_RSA_PKCS1_3072_SHA256", "PKIX_RSA_PKCS1_4096_SHA256", + "RSA_PSS_2048_SHA256", + "RSA_PSS_3072_SHA256", + "RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/pb-go/common/v1/sigstore_common.pb.go b/gen/pb-go/common/v1/sigstore_common.pb.go index 007aef8c..9d633dd0 100644 --- a/gen/pb-go/common/v1/sigstore_common.pb.go +++ b/gen/pb-go/common/v1/sigstore_common.pb.go @@ -134,6 +134,9 @@ const ( PublicKeyDetails_PKIX_RSA_PKCS1_2048_SHA256 PublicKeyDetails = 9 PublicKeyDetails_PKIX_RSA_PKCS1_3072_SHA256 PublicKeyDetails = 10 PublicKeyDetails_PKIX_RSA_PKCS1_4096_SHA256 PublicKeyDetails = 11 + PublicKeyDetails_RSA_PSS_2048_SHA256 PublicKeyDetails = 16 + PublicKeyDetails_RSA_PSS_3072_SHA256 PublicKeyDetails = 17 + PublicKeyDetails_RSA_PSS_4096_SHA256 PublicKeyDetails = 18 // ECDSA // // Deprecated: Do not use. @@ -160,6 +163,9 @@ var ( 9: "PKIX_RSA_PKCS1_2048_SHA256", 10: "PKIX_RSA_PKCS1_3072_SHA256", 11: "PKIX_RSA_PKCS1_4096_SHA256", + 16: "RSA_PSS_2048_SHA256", + 17: "RSA_PSS_3072_SHA256", + 18: "RSA_PSS_4096_SHA256", 6: "PKIX_ECDSA_P256_HMAC_SHA_256", 5: "PKIX_ECDSA_P256_SHA_256", 12: "PKIX_ECDSA_P384_SHA_384", @@ -178,6 +184,9 @@ var ( "PKIX_RSA_PKCS1_2048_SHA256": 9, "PKIX_RSA_PKCS1_3072_SHA256": 10, "PKIX_RSA_PKCS1_4096_SHA256": 11, + "RSA_PSS_2048_SHA256": 16, + "RSA_PSS_3072_SHA256": 17, + "RSA_PSS_4096_SHA256": 18, "PKIX_ECDSA_P256_HMAC_SHA_256": 6, "PKIX_ECDSA_P256_SHA_256": 5, "PKIX_ECDSA_P384_SHA_384": 12, @@ -1137,7 +1146,7 @@ var file_sigstore_common_proto_rawDesc = []byte{ 0x48, 0x41, 0x32, 0x5f, 0x33, 0x38, 0x34, 0x10, 0x02, 0x12, 0x0c, 0x0a, 0x08, 0x53, 0x48, 0x41, 0x32, 0x5f, 0x35, 0x31, 0x32, 0x10, 0x03, 0x12, 0x0c, 0x0a, 0x08, 0x53, 0x48, 0x41, 0x33, 0x5f, 0x32, 0x35, 0x36, 0x10, 0x04, 0x12, 0x0c, 0x0a, 0x08, 0x53, 0x48, 0x41, 0x33, 0x5f, 0x33, 0x38, - 0x34, 0x10, 0x05, 0x2a, 0xde, 0x03, 0x0a, 0x10, 0x50, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x4b, 0x65, + 0x34, 0x10, 0x05, 0x2a, 0xa9, 0x04, 0x0a, 0x10, 0x50, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x4b, 0x65, 0x79, 0x44, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x12, 0x22, 0x0a, 0x1e, 0x50, 0x55, 0x42, 0x4c, 0x49, 0x43, 0x5f, 0x4b, 0x45, 0x59, 0x5f, 0x44, 0x45, 0x54, 0x41, 0x49, 0x4c, 0x53, 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x19, 0x0a, 0x11, @@ -1152,37 +1161,42 @@ var file_sigstore_common_proto_rawDesc = []byte{ 0x0a, 0x1a, 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x52, 0x53, 0x41, 0x5f, 0x50, 0x4b, 0x43, 0x53, 0x31, 0x5f, 0x33, 0x30, 0x37, 0x32, 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x0a, 0x12, 0x1e, 0x0a, 0x1a, 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x52, 0x53, 0x41, 0x5f, 0x50, 0x4b, 0x43, 0x53, 0x31, - 0x5f, 0x34, 0x30, 0x39, 0x36, 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x0b, 0x12, 0x24, - 0x0a, 0x1c, 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x45, 0x43, 0x44, 0x53, 0x41, 0x5f, 0x50, 0x32, 0x35, - 0x36, 0x5f, 0x48, 0x4d, 0x41, 0x43, 0x5f, 0x53, 0x48, 0x41, 0x5f, 0x32, 0x35, 0x36, 0x10, 0x06, - 0x1a, 0x02, 0x08, 0x01, 0x12, 0x1b, 0x0a, 0x17, 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x45, 0x43, 0x44, - 0x53, 0x41, 0x5f, 0x50, 0x32, 0x35, 0x36, 0x5f, 0x53, 0x48, 0x41, 0x5f, 0x32, 0x35, 0x36, 0x10, - 0x05, 0x12, 0x1b, 0x0a, 0x17, 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x45, 0x43, 0x44, 0x53, 0x41, 0x5f, - 0x50, 0x33, 0x38, 0x34, 0x5f, 0x53, 0x48, 0x41, 0x5f, 0x33, 0x38, 0x34, 0x10, 0x0c, 0x12, 0x1b, - 0x0a, 0x17, 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x45, 0x43, 0x44, 0x53, 0x41, 0x5f, 0x50, 0x35, 0x32, - 0x31, 0x5f, 0x53, 0x48, 0x41, 0x5f, 0x35, 0x31, 0x32, 0x10, 0x0d, 0x12, 0x10, 0x0a, 0x0c, 0x50, - 0x4b, 0x49, 0x58, 0x5f, 0x45, 0x44, 0x32, 0x35, 0x35, 0x31, 0x39, 0x10, 0x07, 0x12, 0x13, 0x0a, - 0x0f, 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x45, 0x44, 0x32, 0x35, 0x35, 0x31, 0x39, 0x5f, 0x50, 0x48, - 0x10, 0x08, 0x12, 0x1b, 0x0a, 0x17, 0x45, 0x58, 0x50, 0x45, 0x52, 0x49, 0x4d, 0x45, 0x4e, 0x54, - 0x41, 0x4c, 0x5f, 0x4c, 0x4d, 0x53, 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x0e, 0x12, - 0x1d, 0x0a, 0x19, 0x45, 0x58, 0x50, 0x45, 0x52, 0x49, 0x4d, 0x45, 0x4e, 0x54, 0x41, 0x4c, 0x5f, - 0x4c, 0x4d, 0x4f, 0x54, 0x53, 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x0f, 0x22, 0x04, - 0x08, 0x10, 0x10, 0x32, 0x2a, 0x6f, 0x0a, 0x1a, 0x53, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x41, - 0x6c, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x74, 0x69, 0x76, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x54, 0x79, - 0x70, 0x65, 0x12, 0x2d, 0x0a, 0x29, 0x53, 0x55, 0x42, 0x4a, 0x45, 0x43, 0x54, 0x5f, 0x41, 0x4c, - 0x54, 0x45, 0x52, 0x4e, 0x41, 0x54, 0x49, 0x56, 0x45, 0x5f, 0x4e, 0x41, 0x4d, 0x45, 0x5f, 0x54, - 0x59, 0x50, 0x45, 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, - 0x00, 0x12, 0x09, 0x0a, 0x05, 0x45, 0x4d, 0x41, 0x49, 0x4c, 0x10, 0x01, 0x12, 0x07, 0x0a, 0x03, - 0x55, 0x52, 0x49, 0x10, 0x02, 0x12, 0x0e, 0x0a, 0x0a, 0x4f, 0x54, 0x48, 0x45, 0x52, 0x5f, 0x4e, - 0x41, 0x4d, 0x45, 0x10, 0x03, 0x42, 0x7c, 0x0a, 0x1c, 0x64, 0x65, 0x76, 0x2e, 0x73, 0x69, 0x67, - 0x73, 0x74, 0x6f, 0x72, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, - 0x6f, 0x6e, 0x2e, 0x76, 0x31, 0x42, 0x0b, 0x43, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x50, 0x72, 0x6f, - 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x36, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, - 0x2f, 0x73, 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, - 0x75, 0x66, 0x2d, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2f, 0x67, 0x65, 0x6e, 0x2f, 0x70, 0x62, 0x2d, - 0x67, 0x6f, 0x2f, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2f, 0x76, 0x31, 0xea, 0x02, 0x14, 0x53, - 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x3a, 0x3a, 0x43, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x3a, - 0x3a, 0x56, 0x31, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x5f, 0x34, 0x30, 0x39, 0x36, 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x0b, 0x12, 0x17, + 0x0a, 0x13, 0x52, 0x53, 0x41, 0x5f, 0x50, 0x53, 0x53, 0x5f, 0x32, 0x30, 0x34, 0x38, 0x5f, 0x53, + 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x10, 0x12, 0x17, 0x0a, 0x13, 0x52, 0x53, 0x41, 0x5f, 0x50, + 0x53, 0x53, 0x5f, 0x33, 0x30, 0x37, 0x32, 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x11, + 0x12, 0x17, 0x0a, 0x13, 0x52, 0x53, 0x41, 0x5f, 0x50, 0x53, 0x53, 0x5f, 0x34, 0x30, 0x39, 0x36, + 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x12, 0x12, 0x24, 0x0a, 0x1c, 0x50, 0x4b, 0x49, + 0x58, 0x5f, 0x45, 0x43, 0x44, 0x53, 0x41, 0x5f, 0x50, 0x32, 0x35, 0x36, 0x5f, 0x48, 0x4d, 0x41, + 0x43, 0x5f, 0x53, 0x48, 0x41, 0x5f, 0x32, 0x35, 0x36, 0x10, 0x06, 0x1a, 0x02, 0x08, 0x01, 0x12, + 0x1b, 0x0a, 0x17, 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x45, 0x43, 0x44, 0x53, 0x41, 0x5f, 0x50, 0x32, + 0x35, 0x36, 0x5f, 0x53, 0x48, 0x41, 0x5f, 0x32, 0x35, 0x36, 0x10, 0x05, 0x12, 0x1b, 0x0a, 0x17, + 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x45, 0x43, 0x44, 0x53, 0x41, 0x5f, 0x50, 0x33, 0x38, 0x34, 0x5f, + 0x53, 0x48, 0x41, 0x5f, 0x33, 0x38, 0x34, 0x10, 0x0c, 0x12, 0x1b, 0x0a, 0x17, 0x50, 0x4b, 0x49, + 0x58, 0x5f, 0x45, 0x43, 0x44, 0x53, 0x41, 0x5f, 0x50, 0x35, 0x32, 0x31, 0x5f, 0x53, 0x48, 0x41, + 0x5f, 0x35, 0x31, 0x32, 0x10, 0x0d, 0x12, 0x10, 0x0a, 0x0c, 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x45, + 0x44, 0x32, 0x35, 0x35, 0x31, 0x39, 0x10, 0x07, 0x12, 0x13, 0x0a, 0x0f, 0x50, 0x4b, 0x49, 0x58, + 0x5f, 0x45, 0x44, 0x32, 0x35, 0x35, 0x31, 0x39, 0x5f, 0x50, 0x48, 0x10, 0x08, 0x12, 0x1b, 0x0a, + 0x17, 0x45, 0x58, 0x50, 0x45, 0x52, 0x49, 0x4d, 0x45, 0x4e, 0x54, 0x41, 0x4c, 0x5f, 0x4c, 0x4d, + 0x53, 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x0e, 0x12, 0x1d, 0x0a, 0x19, 0x45, 0x58, + 0x50, 0x45, 0x52, 0x49, 0x4d, 0x45, 0x4e, 0x54, 0x41, 0x4c, 0x5f, 0x4c, 0x4d, 0x4f, 0x54, 0x53, + 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x0f, 0x22, 0x04, 0x08, 0x13, 0x10, 0x32, 0x2a, + 0x6f, 0x0a, 0x1a, 0x53, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x41, 0x6c, 0x74, 0x65, 0x72, 0x6e, + 0x61, 0x74, 0x69, 0x76, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x54, 0x79, 0x70, 0x65, 0x12, 0x2d, 0x0a, + 0x29, 0x53, 0x55, 0x42, 0x4a, 0x45, 0x43, 0x54, 0x5f, 0x41, 0x4c, 0x54, 0x45, 0x52, 0x4e, 0x41, + 0x54, 0x49, 0x56, 0x45, 0x5f, 0x4e, 0x41, 0x4d, 0x45, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x55, + 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x09, 0x0a, 0x05, + 0x45, 0x4d, 0x41, 0x49, 0x4c, 0x10, 0x01, 0x12, 0x07, 0x0a, 0x03, 0x55, 0x52, 0x49, 0x10, 0x02, + 0x12, 0x0e, 0x0a, 0x0a, 0x4f, 0x54, 0x48, 0x45, 0x52, 0x5f, 0x4e, 0x41, 0x4d, 0x45, 0x10, 0x03, + 0x42, 0x7c, 0x0a, 0x1c, 0x64, 0x65, 0x76, 0x2e, 0x73, 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, 0x65, + 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x76, 0x31, + 0x42, 0x0b, 0x43, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, + 0x36, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x73, 0x69, 0x67, 0x73, + 0x74, 0x6f, 0x72, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2d, 0x73, 0x70, + 0x65, 0x63, 0x73, 0x2f, 0x67, 0x65, 0x6e, 0x2f, 0x70, 0x62, 0x2d, 0x67, 0x6f, 0x2f, 0x63, 0x6f, + 0x6d, 0x6d, 0x6f, 0x6e, 0x2f, 0x76, 0x31, 0xea, 0x02, 0x14, 0x53, 0x69, 0x67, 0x73, 0x74, 0x6f, + 0x72, 0x65, 0x3a, 0x3a, 0x43, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x3a, 0x3a, 0x56, 0x31, 0x62, 0x06, + 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, } var ( diff --git a/gen/pb-python/sigstore_protobuf_specs/dev/sigstore/common/v1/__init__.py b/gen/pb-python/sigstore_protobuf_specs/dev/sigstore/common/v1/__init__.py index da5ff820..f495560c 100644 --- a/gen/pb-python/sigstore_protobuf_specs/dev/sigstore/common/v1/__init__.py +++ b/gen/pb-python/sigstore_protobuf_specs/dev/sigstore/common/v1/__init__.py @@ -55,6 +55,9 @@ class PublicKeyDetails(betterproto.Enum): PKIX_RSA_PKCS1_2048_SHA256 = 9 PKIX_RSA_PKCS1_3072_SHA256 = 10 PKIX_RSA_PKCS1_4096_SHA256 = 11 + RSA_PSS_2048_SHA256 = 16 + RSA_PSS_3072_SHA256 = 17 + RSA_PSS_4096_SHA256 = 18 PKIX_ECDSA_P256_HMAC_SHA_256 = 6 """ECDSA""" diff --git a/gen/pb-ruby/lib/sigstore_common_pb.rb b/gen/pb-ruby/lib/sigstore_common_pb.rb index c9525bbb..d63fbc50 100644 --- a/gen/pb-ruby/lib/sigstore_common_pb.rb +++ b/gen/pb-ruby/lib/sigstore_common_pb.rb @@ -75,6 +75,9 @@ value :PKIX_RSA_PKCS1_2048_SHA256, 9 value :PKIX_RSA_PKCS1_3072_SHA256, 10 value :PKIX_RSA_PKCS1_4096_SHA256, 11 + value :RSA_PSS_2048_SHA256, 16 + value :RSA_PSS_3072_SHA256, 17 + value :RSA_PSS_4096_SHA256, 18 value :PKIX_ECDSA_P256_HMAC_SHA_256, 6 value :PKIX_ECDSA_P256_SHA_256, 5 value :PKIX_ECDSA_P384_SHA_384, 12 diff --git a/gen/pb-rust/schemas/ArtifactVerificationOptions.schema.json b/gen/pb-rust/schemas/ArtifactVerificationOptions.schema.json index 88d0ad65..bf7de189 100644 --- a/gen/pb-rust/schemas/ArtifactVerificationOptions.schema.json +++ b/gen/pb-rust/schemas/ArtifactVerificationOptions.schema.json @@ -130,6 +130,9 @@ "PKIX_RSA_PKCS1_2048_SHA256", "PKIX_RSA_PKCS1_3072_SHA256", "PKIX_RSA_PKCS1_4096_SHA256", + "RSA_PSS_2048_SHA256", + "RSA_PSS_3072_SHA256", + "RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/pb-rust/schemas/Input.schema.json b/gen/pb-rust/schemas/Input.schema.json index d5419cb8..dc35e61b 100644 --- a/gen/pb-rust/schemas/Input.schema.json +++ b/gen/pb-rust/schemas/Input.schema.json @@ -260,6 +260,9 @@ "PKIX_RSA_PKCS1_2048_SHA256", "PKIX_RSA_PKCS1_3072_SHA256", "PKIX_RSA_PKCS1_4096_SHA256", + "RSA_PSS_2048_SHA256", + "RSA_PSS_3072_SHA256", + "RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/pb-rust/schemas/PublicKey.schema.json b/gen/pb-rust/schemas/PublicKey.schema.json index b5cf9597..2a0d0cc0 100644 --- a/gen/pb-rust/schemas/PublicKey.schema.json +++ b/gen/pb-rust/schemas/PublicKey.schema.json @@ -20,6 +20,9 @@ "PKIX_RSA_PKCS1_2048_SHA256", "PKIX_RSA_PKCS1_3072_SHA256", "PKIX_RSA_PKCS1_4096_SHA256", + "RSA_PSS_2048_SHA256", + "RSA_PSS_3072_SHA256", + "RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/pb-rust/schemas/PublicKeyIdentities.schema.json b/gen/pb-rust/schemas/PublicKeyIdentities.schema.json index d6fa13b8..0bbf4402 100644 --- a/gen/pb-rust/schemas/PublicKeyIdentities.schema.json +++ b/gen/pb-rust/schemas/PublicKeyIdentities.schema.json @@ -34,6 +34,9 @@ "PKIX_RSA_PKCS1_2048_SHA256", "PKIX_RSA_PKCS1_3072_SHA256", "PKIX_RSA_PKCS1_4096_SHA256", + "RSA_PSS_2048_SHA256", + "RSA_PSS_3072_SHA256", + "RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/pb-rust/schemas/TransparencyLogInstance.schema.json b/gen/pb-rust/schemas/TransparencyLogInstance.schema.json index f114aac1..ce4127b2 100644 --- a/gen/pb-rust/schemas/TransparencyLogInstance.schema.json +++ b/gen/pb-rust/schemas/TransparencyLogInstance.schema.json @@ -69,6 +69,9 @@ "PKIX_RSA_PKCS1_2048_SHA256", "PKIX_RSA_PKCS1_3072_SHA256", "PKIX_RSA_PKCS1_4096_SHA256", + "RSA_PSS_2048_SHA256", + "RSA_PSS_3072_SHA256", + "RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/pb-rust/schemas/TrustedRoot.schema.json b/gen/pb-rust/schemas/TrustedRoot.schema.json index 9b50ea91..4106d7a3 100644 --- a/gen/pb-rust/schemas/TrustedRoot.schema.json +++ b/gen/pb-rust/schemas/TrustedRoot.schema.json @@ -91,6 +91,9 @@ "PKIX_RSA_PKCS1_2048_SHA256", "PKIX_RSA_PKCS1_3072_SHA256", "PKIX_RSA_PKCS1_4096_SHA256", + "RSA_PSS_2048_SHA256", + "RSA_PSS_3072_SHA256", + "RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/pb-typescript/src/__generated__/sigstore_common.ts b/gen/pb-typescript/src/__generated__/sigstore_common.ts index 1629b715..ae1b7b61 100644 --- a/gen/pb-typescript/src/__generated__/sigstore_common.ts +++ b/gen/pb-typescript/src/__generated__/sigstore_common.ts @@ -102,6 +102,9 @@ export enum PublicKeyDetails { PKIX_RSA_PKCS1_2048_SHA256 = 9, PKIX_RSA_PKCS1_3072_SHA256 = 10, PKIX_RSA_PKCS1_4096_SHA256 = 11, + RSA_PSS_2048_SHA256 = 16, + RSA_PSS_3072_SHA256 = 17, + RSA_PSS_4096_SHA256 = 18, /** * PKIX_ECDSA_P256_HMAC_SHA_256 - ECDSA * @@ -146,6 +149,15 @@ export function publicKeyDetailsFromJSON(object: any): PublicKeyDetails { case 11: case "PKIX_RSA_PKCS1_4096_SHA256": return PublicKeyDetails.PKIX_RSA_PKCS1_4096_SHA256; + case 16: + case "RSA_PSS_2048_SHA256": + return PublicKeyDetails.RSA_PSS_2048_SHA256; + case 17: + case "RSA_PSS_3072_SHA256": + return PublicKeyDetails.RSA_PSS_3072_SHA256; + case 18: + case "RSA_PSS_4096_SHA256": + return PublicKeyDetails.RSA_PSS_4096_SHA256; case 6: case "PKIX_ECDSA_P256_HMAC_SHA_256": return PublicKeyDetails.PKIX_ECDSA_P256_HMAC_SHA_256; @@ -193,6 +205,12 @@ export function publicKeyDetailsToJSON(object: PublicKeyDetails): string { return "PKIX_RSA_PKCS1_3072_SHA256"; case PublicKeyDetails.PKIX_RSA_PKCS1_4096_SHA256: return "PKIX_RSA_PKCS1_4096_SHA256"; + case PublicKeyDetails.RSA_PSS_2048_SHA256: + return "RSA_PSS_2048_SHA256"; + case PublicKeyDetails.RSA_PSS_3072_SHA256: + return "RSA_PSS_3072_SHA256"; + case PublicKeyDetails.RSA_PSS_4096_SHA256: + return "RSA_PSS_4096_SHA256"; case PublicKeyDetails.PKIX_ECDSA_P256_HMAC_SHA_256: return "PKIX_ECDSA_P256_HMAC_SHA_256"; case PublicKeyDetails.PKIX_ECDSA_P256_SHA_256: diff --git a/protos/sigstore_common.proto b/protos/sigstore_common.proto index 948d9f4a..71572799 100644 --- a/protos/sigstore_common.proto +++ b/protos/sigstore_common.proto @@ -69,6 +69,9 @@ enum PublicKeyDetails { PKIX_RSA_PKCS1_2048_SHA256 = 9; PKIX_RSA_PKCS1_3072_SHA256 = 10; PKIX_RSA_PKCS1_4096_SHA256 = 11; + RSA_PSS_2048_SHA256 = 16; + RSA_PSS_3072_SHA256 = 17; + RSA_PSS_4096_SHA256 = 18; // ECDSA PKIX_ECDSA_P256_HMAC_SHA_256 = 6 [deprecated = true]; // See RFC6979 @@ -85,7 +88,7 @@ enum PublicKeyDetails { EXPERIMENTAL_LMOTS_SHA256 = 15; // Reserved for future additions of public key/signature algorithm types. - reserved 16 to 50; + reserved 19 to 50; } // HashOutput captures a digest of a 'message' (generic octet sequence)