Skip to content

Commit

Permalink
document PSS variants, make it clear they're PKIX encoded
Browse files Browse the repository at this point in the history 
Signed-off-by: William Woodruff <[email protected]>
  • Loading branch information
@woodruffw
woodruffw committed Feb 2, 2024
1 parent 922b28c commit d8d4b20
Show file tree
Hide file tree
Showing 18 changed files with 112 additions and 107 deletions.
5 changes: 4 additions & 1 deletion docs/algorithm-registry.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,9 +17,12 @@ specification for the design rationale for this registry.

| Algorithm | Name | Usage | Notes |
|-----------|----------------------------|-------------| -------------------------------------------------------------------------------- |
| RSA | rsa-sign-pkcs1-2048-sha256 | verify only | |
| RSA | rsa-sign-pkcs1-2048-sha256 | verify only | Not recommended. |
| | rsa-sign-pkcs1-3072-sha256 | sign/verify | |
| | rsa-sign-pkcs1-4096-sha256 | sign/verify | |
| | rsa-sign-pss-2048-sha256 | verify only | Not recommended. |
| | rsa-sign-pss-3072-sha256 | sign/verify | |
| | rsa-sign-pss-4096-sha256 | sign/verify | |
| ECDSA | ecdsa-sha2-256-nistp256 | sign/verify | |
| | ecdsa-sha2-384-nistp384 | sign/verify | |
| | ecdsa-sha2-512-nistp521 | sign/verify | |
Expand Down
6 changes: 3 additions & 3 deletions gen/jsonschema/schemas/ArtifactVerificationOptions.schema.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -130,9 +130,9 @@
"PKIX_RSA_PKCS1_2048_SHA256",
"PKIX_RSA_PKCS1_3072_SHA256",
"PKIX_RSA_PKCS1_4096_SHA256",
"RSA_PSS_2048_SHA256",
"RSA_PSS_3072_SHA256",
"RSA_PSS_4096_SHA256",
"PKIX_RSA_PSS_2048_SHA256",
"PKIX_RSA_PSS_3072_SHA256",
"PKIX_RSA_PSS_4096_SHA256",
"PKIX_ECDSA_P256_HMAC_SHA_256",
"PKIX_ECDSA_P256_SHA_256",
"PKIX_ECDSA_P384_SHA_384",
Expand Down
6 changes: 3 additions & 3 deletions gen/jsonschema/schemas/Input.schema.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -260,9 +260,9 @@
"PKIX_RSA_PKCS1_2048_SHA256",
"PKIX_RSA_PKCS1_3072_SHA256",
"PKIX_RSA_PKCS1_4096_SHA256",
"RSA_PSS_2048_SHA256",
"RSA_PSS_3072_SHA256",
"RSA_PSS_4096_SHA256",
"PKIX_RSA_PSS_2048_SHA256",
"PKIX_RSA_PSS_3072_SHA256",
"PKIX_RSA_PSS_4096_SHA256",
"PKIX_ECDSA_P256_HMAC_SHA_256",
"PKIX_ECDSA_P256_SHA_256",
"PKIX_ECDSA_P384_SHA_384",
Expand Down
6 changes: 3 additions & 3 deletions gen/jsonschema/schemas/PublicKey.schema.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,9 +20,9 @@
"PKIX_RSA_PKCS1_2048_SHA256",
"PKIX_RSA_PKCS1_3072_SHA256",
"PKIX_RSA_PKCS1_4096_SHA256",
"RSA_PSS_2048_SHA256",
"RSA_PSS_3072_SHA256",
"RSA_PSS_4096_SHA256",
"PKIX_RSA_PSS_2048_SHA256",
"PKIX_RSA_PSS_3072_SHA256",
"PKIX_RSA_PSS_4096_SHA256",
"PKIX_ECDSA_P256_HMAC_SHA_256",
"PKIX_ECDSA_P256_SHA_256",
"PKIX_ECDSA_P384_SHA_384",
Expand Down
6 changes: 3 additions & 3 deletions gen/jsonschema/schemas/PublicKeyIdentities.schema.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,9 +34,9 @@
"PKIX_RSA_PKCS1_2048_SHA256",
"PKIX_RSA_PKCS1_3072_SHA256",
"PKIX_RSA_PKCS1_4096_SHA256",
"RSA_PSS_2048_SHA256",
"RSA_PSS_3072_SHA256",
"RSA_PSS_4096_SHA256",
"PKIX_RSA_PSS_2048_SHA256",
"PKIX_RSA_PSS_3072_SHA256",
"PKIX_RSA_PSS_4096_SHA256",
"PKIX_ECDSA_P256_HMAC_SHA_256",
"PKIX_ECDSA_P256_SHA_256",
"PKIX_ECDSA_P384_SHA_384",
Expand Down
6 changes: 3 additions & 3 deletions gen/jsonschema/schemas/TransparencyLogInstance.schema.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -69,9 +69,9 @@
"PKIX_RSA_PKCS1_2048_SHA256",
"PKIX_RSA_PKCS1_3072_SHA256",
"PKIX_RSA_PKCS1_4096_SHA256",
"RSA_PSS_2048_SHA256",
"RSA_PSS_3072_SHA256",
"RSA_PSS_4096_SHA256",
"PKIX_RSA_PSS_2048_SHA256",
"PKIX_RSA_PSS_3072_SHA256",
"PKIX_RSA_PSS_4096_SHA256",
"PKIX_ECDSA_P256_HMAC_SHA_256",
"PKIX_ECDSA_P256_SHA_256",
"PKIX_ECDSA_P384_SHA_384",
Expand Down
6 changes: 3 additions & 3 deletions gen/jsonschema/schemas/TrustedRoot.schema.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -91,9 +91,9 @@
"PKIX_RSA_PKCS1_2048_SHA256",
"PKIX_RSA_PKCS1_3072_SHA256",
"PKIX_RSA_PKCS1_4096_SHA256",
"RSA_PSS_2048_SHA256",
"RSA_PSS_3072_SHA256",
"RSA_PSS_4096_SHA256",
"PKIX_RSA_PSS_2048_SHA256",
"PKIX_RSA_PSS_3072_SHA256",
"PKIX_RSA_PSS_4096_SHA256",
"PKIX_ECDSA_P256_HMAC_SHA_256",
"PKIX_ECDSA_P256_SHA_256",
"PKIX_ECDSA_P384_SHA_384",
Expand Down
93 changes: 47 additions & 46 deletions gen/pb-go/common/v1/sigstore_common.pb.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

6 changes: 3 additions & 3 deletions gen/pb-python/sigstore_protobuf_specs/dev/sigstore/common/v1/__init__.py
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

6 changes: 3 additions & 3 deletions gen/pb-ruby/lib/sigstore_common_pb.rb
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

6 changes: 3 additions & 3 deletions gen/pb-rust/schemas/ArtifactVerificationOptions.schema.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -130,9 +130,9 @@
"PKIX_RSA_PKCS1_2048_SHA256",
"PKIX_RSA_PKCS1_3072_SHA256",
"PKIX_RSA_PKCS1_4096_SHA256",
"RSA_PSS_2048_SHA256",
"RSA_PSS_3072_SHA256",
"RSA_PSS_4096_SHA256",
"PKIX_RSA_PSS_2048_SHA256",
"PKIX_RSA_PSS_3072_SHA256",
"PKIX_RSA_PSS_4096_SHA256",
"PKIX_ECDSA_P256_HMAC_SHA_256",
"PKIX_ECDSA_P256_SHA_256",
"PKIX_ECDSA_P384_SHA_384",
Expand Down
6 changes: 3 additions & 3 deletions gen/pb-rust/schemas/Input.schema.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -260,9 +260,9 @@
"PKIX_RSA_PKCS1_2048_SHA256",
"PKIX_RSA_PKCS1_3072_SHA256",
"PKIX_RSA_PKCS1_4096_SHA256",
"RSA_PSS_2048_SHA256",
"RSA_PSS_3072_SHA256",
"RSA_PSS_4096_SHA256",
"PKIX_RSA_PSS_2048_SHA256",
"PKIX_RSA_PSS_3072_SHA256",
"PKIX_RSA_PSS_4096_SHA256",
"PKIX_ECDSA_P256_HMAC_SHA_256",
"PKIX_ECDSA_P256_SHA_256",
"PKIX_ECDSA_P384_SHA_384",
Expand Down
6 changes: 3 additions & 3 deletions gen/pb-rust/schemas/PublicKey.schema.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,9 +20,9 @@
"PKIX_RSA_PKCS1_2048_SHA256",
"PKIX_RSA_PKCS1_3072_SHA256",
"PKIX_RSA_PKCS1_4096_SHA256",
"RSA_PSS_2048_SHA256",
"RSA_PSS_3072_SHA256",
"RSA_PSS_4096_SHA256",
"PKIX_RSA_PSS_2048_SHA256",
"PKIX_RSA_PSS_3072_SHA256",
"PKIX_RSA_PSS_4096_SHA256",
"PKIX_ECDSA_P256_HMAC_SHA_256",
"PKIX_ECDSA_P256_SHA_256",
"PKIX_ECDSA_P384_SHA_384",
Expand Down
6 changes: 3 additions & 3 deletions gen/pb-rust/schemas/PublicKeyIdentities.schema.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,9 +34,9 @@
"PKIX_RSA_PKCS1_2048_SHA256",
"PKIX_RSA_PKCS1_3072_SHA256",
"PKIX_RSA_PKCS1_4096_SHA256",
"RSA_PSS_2048_SHA256",
"RSA_PSS_3072_SHA256",
"RSA_PSS_4096_SHA256",
"PKIX_RSA_PSS_2048_SHA256",
"PKIX_RSA_PSS_3072_SHA256",
"PKIX_RSA_PSS_4096_SHA256",
"PKIX_ECDSA_P256_HMAC_SHA_256",
"PKIX_ECDSA_P256_SHA_256",
"PKIX_ECDSA_P384_SHA_384",
Expand Down
6 changes: 3 additions & 3 deletions gen/pb-rust/schemas/TransparencyLogInstance.schema.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -69,9 +69,9 @@
"PKIX_RSA_PKCS1_2048_SHA256",
"PKIX_RSA_PKCS1_3072_SHA256",
"PKIX_RSA_PKCS1_4096_SHA256",
"RSA_PSS_2048_SHA256",
"RSA_PSS_3072_SHA256",
"RSA_PSS_4096_SHA256",
"PKIX_RSA_PSS_2048_SHA256",
"PKIX_RSA_PSS_3072_SHA256",
"PKIX_RSA_PSS_4096_SHA256",
"PKIX_ECDSA_P256_HMAC_SHA_256",
"PKIX_ECDSA_P256_SHA_256",
"PKIX_ECDSA_P384_SHA_384",
Expand Down
6 changes: 3 additions & 3 deletions gen/pb-rust/schemas/TrustedRoot.schema.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -91,9 +91,9 @@
"PKIX_RSA_PKCS1_2048_SHA256",
"PKIX_RSA_PKCS1_3072_SHA256",
"PKIX_RSA_PKCS1_4096_SHA256",
"RSA_PSS_2048_SHA256",
"RSA_PSS_3072_SHA256",
"RSA_PSS_4096_SHA256",
"PKIX_RSA_PSS_2048_SHA256",
"PKIX_RSA_PSS_3072_SHA256",
"PKIX_RSA_PSS_4096_SHA256",
"PKIX_ECDSA_P256_HMAC_SHA_256",
"PKIX_ECDSA_P256_SHA_256",
"PKIX_ECDSA_P384_SHA_384",
Expand Down
Loading

0 comments on commit d8d4b20

Please sign in to comment.