From 20452d618a219035b0cdbadf51591631ad0fe0aa Mon Sep 17 00:00:00 2001 From: William Woodruff Date: Fri, 19 Jan 2024 16:31:01 -0500 Subject: [PATCH 1/6] algorithm-registry: add LMS and LM-OTS Signed-off-by: William Woodruff --- docs/algorithm-registry.md | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/docs/algorithm-registry.md b/docs/algorithm-registry.md index e7e54da2..c963bff8 100644 --- a/docs/algorithm-registry.md +++ b/docs/algorithm-registry.md @@ -15,16 +15,18 @@ specification for the design rationale for this registry. ## Signature Algorithms -| Algorithm | Name | Usage | -|-----------|----------------------------|---------------------------------------------------| -| RSA | rsa-sign-pkcs1-2048-sha256 | verify only | -| | rsa-sign-pkcs1-3072-sha256 | sign/verify | -| | rsa-sign-pkcs1-4096-sha256 | sign/verify | -| ECDSA | ecdsa-sha2-256-nistp256 | sign/verify | -| | ecdsa-sha2-384-nistp384 | sign/verify | -| | ecdsa-sha2-512-nistp521 | sign/verify | -| EdDSA | ed25519 | sign/verify | -| | ed25519-ph | sign/verify (recommended only for `hashedrekord`) | +| Algorithm | Name | Usage | Notes | +|-----------|----------------------------|-------------| ------------------------------------------- | +| RSA | rsa-sign-pkcs1-2048-sha256 | verify only | | +| | rsa-sign-pkcs1-3072-sha256 | sign/verify | | +| | rsa-sign-pkcs1-4096-sha256 | sign/verify | | +| ECDSA | ecdsa-sha2-256-nistp256 | sign/verify | | +| | ecdsa-sha2-384-nistp384 | sign/verify | | +| | ecdsa-sha2-512-nistp521 | sign/verify | | +| EdDSA | ed25519 | sign/verify | | +| | ed25519-ph | sign/verify | Recommended only for `hashedrekord`. | +| LMS | lms-sha2-256 | sign/verify | Stateful; signer selects the `H` parameter. | +| LM-OTS | lmots-sha-256-n32-w8 | sign/verify | One-time use only. | ## Hash Algorithms From 139b502de6128aade443a1d7e00726d25555d901 Mon Sep 17 00:00:00 2001 From: William Woodruff Date: Fri, 19 Jan 2024 17:08:58 -0500 Subject: [PATCH 2/6] add LMS and LM-OTS to algo registry Signed-off-by: William Woodruff --- docs/algorithm-registry.md | 36 +++++++---- gen/pb-go/common/v1/sigstore_common.pb.go | 62 +++++++++++-------- .../dev/sigstore/common/v1/__init__.py | 2 + gen/pb-ruby/lib/sigstore_common_pb.rb | 2 + .../src/__generated__/sigstore_common.ts | 12 ++++ protos/sigstore_common.proto | 2 + 6 files changed, 77 insertions(+), 39 deletions(-) diff --git a/docs/algorithm-registry.md b/docs/algorithm-registry.md index c963bff8..46192b15 100644 --- a/docs/algorithm-registry.md +++ b/docs/algorithm-registry.md @@ -15,18 +15,30 @@ specification for the design rationale for this registry. ## Signature Algorithms -| Algorithm | Name | Usage | Notes | -|-----------|----------------------------|-------------| ------------------------------------------- | -| RSA | rsa-sign-pkcs1-2048-sha256 | verify only | | -| | rsa-sign-pkcs1-3072-sha256 | sign/verify | | -| | rsa-sign-pkcs1-4096-sha256 | sign/verify | | -| ECDSA | ecdsa-sha2-256-nistp256 | sign/verify | | -| | ecdsa-sha2-384-nistp384 | sign/verify | | -| | ecdsa-sha2-512-nistp521 | sign/verify | | -| EdDSA | ed25519 | sign/verify | | -| | ed25519-ph | sign/verify | Recommended only for `hashedrekord`. | -| LMS | lms-sha2-256 | sign/verify | Stateful; signer selects the `H` parameter. | -| LM-OTS | lmots-sha-256-n32-w8 | sign/verify | One-time use only. | +| Algorithm | Name | Usage | Notes | +|-----------|----------------------------|-------------| -------------------------------------------------------------------------------- | +| RSA | rsa-sign-pkcs1-2048-sha256 | verify only | | +| | rsa-sign-pkcs1-3072-sha256 | sign/verify | | +| | rsa-sign-pkcs1-4096-sha256 | sign/verify | | +| ECDSA | ecdsa-sha2-256-nistp256 | sign/verify | | +| | ecdsa-sha2-384-nistp384 | sign/verify | | +| | ecdsa-sha2-512-nistp521 | sign/verify | | +| EdDSA | ed25519 | sign/verify | | +| | ed25519-ph | sign/verify | Recommended only for `hashedrekord`. | +| LMS | lms-sha256 | sign/verify | Stateful; signer selects the `H` parameter. Not recommended for keyless signing. | +| LM-OTS | lmots-sha256 | sign/verify | One-time use only; signer selects `n` and `w`. | + +### Parameter configuration for LMS and LM-OTS + +LMS and LM-OTS are both hash-based signature schemes. Both require the signing party +to make parameter choices during key generation. + +In both cases, the selected parameters are encoded in the public key representation. +See [RFC 8554 S5.3](https://www.rfc-editor.org/rfc/rfc8554.html#section-5.3) for LMS and +[RFC 8554 S4.3](https://www.rfc-editor.org/rfc/rfc8554.html#section-4.3) for LM-OTS public key +formats. Additionally, see [RFC 8708 S4](https://www.rfc-editor.org/rfc/rfc8708.html) for +`SubjectPublicKeyInfo` and `AlgorithmIdentifier` encodings for both LMS and LM-OTS +public keys. ## Hash Algorithms diff --git a/gen/pb-go/common/v1/sigstore_common.pb.go b/gen/pb-go/common/v1/sigstore_common.pb.go index 958af8d5..d43c819b 100644 --- a/gen/pb-go/common/v1/sigstore_common.pb.go +++ b/gen/pb-go/common/v1/sigstore_common.pb.go @@ -194,20 +194,24 @@ const ( KnownSignatureAlgorithm_ECDSA_SHA2_512_NISTP521 KnownSignatureAlgorithm = 6 KnownSignatureAlgorithm_ED25519 KnownSignatureAlgorithm = 7 KnownSignatureAlgorithm_ED25519_PH KnownSignatureAlgorithm = 8 + KnownSignatureAlgorithm_LMS_SHA256 KnownSignatureAlgorithm = 9 + KnownSignatureAlgorithm_LMOTS_SHA256 KnownSignatureAlgorithm = 10 ) // Enum value maps for KnownSignatureAlgorithm. var ( KnownSignatureAlgorithm_name = map[int32]string{ - 0: "KNOWN_SIGNATURE_ALGORITHM_UNSPECIFIED", - 1: "RSA_SIGN_PKCS1_2048_SHA256", - 2: "RSA_SIGN_PKCS1_3072_SHA256", - 3: "RSA_SIGN_PKCS1_4096_SHA256", - 4: "ECDSA_SHA2_256_NISTP256", - 5: "ECDSA_SHA2_384_NISTP384", - 6: "ECDSA_SHA2_512_NISTP521", - 7: "ED25519", - 8: "ED25519_PH", + 0: "KNOWN_SIGNATURE_ALGORITHM_UNSPECIFIED", + 1: "RSA_SIGN_PKCS1_2048_SHA256", + 2: "RSA_SIGN_PKCS1_3072_SHA256", + 3: "RSA_SIGN_PKCS1_4096_SHA256", + 4: "ECDSA_SHA2_256_NISTP256", + 5: "ECDSA_SHA2_384_NISTP384", + 6: "ECDSA_SHA2_512_NISTP521", + 7: "ED25519", + 8: "ED25519_PH", + 9: "LMS_SHA256", + 10: "LMOTS_SHA256", } KnownSignatureAlgorithm_value = map[string]int32{ "KNOWN_SIGNATURE_ALGORITHM_UNSPECIFIED": 0, @@ -219,6 +223,8 @@ var ( "ECDSA_SHA2_512_NISTP521": 6, "ED25519": 7, "ED25519_PH": 8, + "LMS_SHA256": 9, + "LMOTS_SHA256": 10, } ) @@ -1184,7 +1190,7 @@ var file_sigstore_common_proto_rawDesc = []byte{ 0x4b, 0x49, 0x58, 0x5f, 0x45, 0x43, 0x44, 0x53, 0x41, 0x5f, 0x50, 0x32, 0x35, 0x36, 0x5f, 0x48, 0x4d, 0x41, 0x43, 0x5f, 0x53, 0x48, 0x41, 0x5f, 0x32, 0x35, 0x36, 0x10, 0x06, 0x12, 0x10, 0x0a, 0x0c, 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x45, 0x44, 0x32, 0x35, 0x35, 0x31, 0x39, 0x10, 0x07, 0x2a, - 0x98, 0x02, 0x0a, 0x17, 0x4b, 0x6e, 0x6f, 0x77, 0x6e, 0x53, 0x69, 0x67, 0x6e, 0x61, 0x74, 0x75, + 0xba, 0x02, 0x0a, 0x17, 0x4b, 0x6e, 0x6f, 0x77, 0x6e, 0x53, 0x69, 0x67, 0x6e, 0x61, 0x74, 0x75, 0x72, 0x65, 0x41, 0x6c, 0x67, 0x6f, 0x72, 0x69, 0x74, 0x68, 0x6d, 0x12, 0x29, 0x0a, 0x25, 0x4b, 0x4e, 0x4f, 0x57, 0x4e, 0x5f, 0x53, 0x49, 0x47, 0x4e, 0x41, 0x54, 0x55, 0x52, 0x45, 0x5f, 0x41, 0x4c, 0x47, 0x4f, 0x52, 0x49, 0x54, 0x48, 0x4d, 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, @@ -1201,23 +1207,25 @@ var file_sigstore_common_proto_rawDesc = []byte{ 0x12, 0x1b, 0x0a, 0x17, 0x45, 0x43, 0x44, 0x53, 0x41, 0x5f, 0x53, 0x48, 0x41, 0x32, 0x5f, 0x35, 0x31, 0x32, 0x5f, 0x4e, 0x49, 0x53, 0x54, 0x50, 0x35, 0x32, 0x31, 0x10, 0x06, 0x12, 0x0b, 0x0a, 0x07, 0x45, 0x44, 0x32, 0x35, 0x35, 0x31, 0x39, 0x10, 0x07, 0x12, 0x0e, 0x0a, 0x0a, 0x45, 0x44, - 0x32, 0x35, 0x35, 0x31, 0x39, 0x5f, 0x50, 0x48, 0x10, 0x08, 0x2a, 0x6f, 0x0a, 0x1a, 0x53, 0x75, - 0x62, 0x6a, 0x65, 0x63, 0x74, 0x41, 0x6c, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x74, 0x69, 0x76, 0x65, - 0x4e, 0x61, 0x6d, 0x65, 0x54, 0x79, 0x70, 0x65, 0x12, 0x2d, 0x0a, 0x29, 0x53, 0x55, 0x42, 0x4a, - 0x45, 0x43, 0x54, 0x5f, 0x41, 0x4c, 0x54, 0x45, 0x52, 0x4e, 0x41, 0x54, 0x49, 0x56, 0x45, 0x5f, - 0x4e, 0x41, 0x4d, 0x45, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, - 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x09, 0x0a, 0x05, 0x45, 0x4d, 0x41, 0x49, 0x4c, - 0x10, 0x01, 0x12, 0x07, 0x0a, 0x03, 0x55, 0x52, 0x49, 0x10, 0x02, 0x12, 0x0e, 0x0a, 0x0a, 0x4f, - 0x54, 0x48, 0x45, 0x52, 0x5f, 0x4e, 0x41, 0x4d, 0x45, 0x10, 0x03, 0x42, 0x7c, 0x0a, 0x1c, 0x64, - 0x65, 0x76, 0x2e, 0x73, 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, - 0x6f, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x76, 0x31, 0x42, 0x0b, 0x43, 0x6f, 0x6d, - 0x6d, 0x6f, 0x6e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x36, 0x67, 0x69, 0x74, 0x68, - 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x73, 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x2f, - 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2d, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2f, 0x67, - 0x65, 0x6e, 0x2f, 0x70, 0x62, 0x2d, 0x67, 0x6f, 0x2f, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2f, - 0x76, 0x31, 0xea, 0x02, 0x14, 0x53, 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x3a, 0x3a, 0x43, - 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x3a, 0x3a, 0x56, 0x31, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, - 0x33, + 0x32, 0x35, 0x35, 0x31, 0x39, 0x5f, 0x50, 0x48, 0x10, 0x08, 0x12, 0x0e, 0x0a, 0x0a, 0x4c, 0x4d, + 0x53, 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x09, 0x12, 0x10, 0x0a, 0x0c, 0x4c, 0x4d, + 0x4f, 0x54, 0x53, 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x0a, 0x2a, 0x6f, 0x0a, 0x1a, + 0x53, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x41, 0x6c, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x74, 0x69, + 0x76, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x54, 0x79, 0x70, 0x65, 0x12, 0x2d, 0x0a, 0x29, 0x53, 0x55, + 0x42, 0x4a, 0x45, 0x43, 0x54, 0x5f, 0x41, 0x4c, 0x54, 0x45, 0x52, 0x4e, 0x41, 0x54, 0x49, 0x56, + 0x45, 0x5f, 0x4e, 0x41, 0x4d, 0x45, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x55, 0x4e, 0x53, 0x50, + 0x45, 0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x09, 0x0a, 0x05, 0x45, 0x4d, 0x41, + 0x49, 0x4c, 0x10, 0x01, 0x12, 0x07, 0x0a, 0x03, 0x55, 0x52, 0x49, 0x10, 0x02, 0x12, 0x0e, 0x0a, + 0x0a, 0x4f, 0x54, 0x48, 0x45, 0x52, 0x5f, 0x4e, 0x41, 0x4d, 0x45, 0x10, 0x03, 0x42, 0x7c, 0x0a, + 0x1c, 0x64, 0x65, 0x76, 0x2e, 0x73, 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x2e, 0x70, 0x72, + 0x6f, 0x74, 0x6f, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x76, 0x31, 0x42, 0x0b, 0x43, + 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x36, 0x67, 0x69, + 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x73, 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, + 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2d, 0x73, 0x70, 0x65, 0x63, 0x73, + 0x2f, 0x67, 0x65, 0x6e, 0x2f, 0x70, 0x62, 0x2d, 0x67, 0x6f, 0x2f, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, + 0x6e, 0x2f, 0x76, 0x31, 0xea, 0x02, 0x14, 0x53, 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x3a, + 0x3a, 0x43, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x3a, 0x3a, 0x56, 0x31, 0x62, 0x06, 0x70, 0x72, 0x6f, + 0x74, 0x6f, 0x33, } var ( diff --git a/gen/pb-python/sigstore_protobuf_specs/dev/sigstore/common/v1/__init__.py b/gen/pb-python/sigstore_protobuf_specs/dev/sigstore/common/v1/__init__.py index 712fd5fc..a333b478 100644 --- a/gen/pb-python/sigstore_protobuf_specs/dev/sigstore/common/v1/__init__.py +++ b/gen/pb-python/sigstore_protobuf_specs/dev/sigstore/common/v1/__init__.py @@ -73,6 +73,8 @@ class KnownSignatureAlgorithm(betterproto.Enum): ECDSA_SHA2_512_NISTP521 = 6 ED25519 = 7 ED25519_PH = 8 + LMS_SHA256 = 9 + LMOTS_SHA256 = 10 class SubjectAlternativeNameType(betterproto.Enum): diff --git a/gen/pb-ruby/lib/sigstore_common_pb.rb b/gen/pb-ruby/lib/sigstore_common_pb.rb index 4b469720..dcf64777 100644 --- a/gen/pb-ruby/lib/sigstore_common_pb.rb +++ b/gen/pb-ruby/lib/sigstore_common_pb.rb @@ -86,6 +86,8 @@ value :ECDSA_SHA2_512_NISTP521, 6 value :ED25519, 7 value :ED25519_PH, 8 + value :LMS_SHA256, 9 + value :LMOTS_SHA256, 10 end add_enum "dev.sigstore.common.v1.SubjectAlternativeNameType" do value :SUBJECT_ALTERNATIVE_NAME_TYPE_UNSPECIFIED, 0 diff --git a/gen/pb-typescript/src/__generated__/sigstore_common.ts b/gen/pb-typescript/src/__generated__/sigstore_common.ts index ea341a74..89c5793c 100644 --- a/gen/pb-typescript/src/__generated__/sigstore_common.ts +++ b/gen/pb-typescript/src/__generated__/sigstore_common.ts @@ -161,6 +161,8 @@ export enum KnownSignatureAlgorithm { ECDSA_SHA2_512_NISTP521 = 6, ED25519 = 7, ED25519_PH = 8, + LMS_SHA256 = 9, + LMOTS_SHA256 = 10, } export function knownSignatureAlgorithmFromJSON(object: any): KnownSignatureAlgorithm { @@ -192,6 +194,12 @@ export function knownSignatureAlgorithmFromJSON(object: any): KnownSignatureAlgo case 8: case "ED25519_PH": return KnownSignatureAlgorithm.ED25519_PH; + case 9: + case "LMS_SHA256": + return KnownSignatureAlgorithm.LMS_SHA256; + case 10: + case "LMOTS_SHA256": + return KnownSignatureAlgorithm.LMOTS_SHA256; default: throw new tsProtoGlobalThis.Error("Unrecognized enum value " + object + " for enum KnownSignatureAlgorithm"); } @@ -217,6 +225,10 @@ export function knownSignatureAlgorithmToJSON(object: KnownSignatureAlgorithm): return "ED25519"; case KnownSignatureAlgorithm.ED25519_PH: return "ED25519_PH"; + case KnownSignatureAlgorithm.LMS_SHA256: + return "LMS_SHA256"; + case KnownSignatureAlgorithm.LMOTS_SHA256: + return "LMOTS_SHA256"; default: throw new tsProtoGlobalThis.Error("Unrecognized enum value " + object + " for enum KnownSignatureAlgorithm"); } diff --git a/protos/sigstore_common.proto b/protos/sigstore_common.proto index ab918b16..6dd2b1cb 100644 --- a/protos/sigstore_common.proto +++ b/protos/sigstore_common.proto @@ -90,6 +90,8 @@ enum KnownSignatureAlgorithm { ECDSA_SHA2_512_NISTP521 = 6; ED25519 = 7; ED25519_PH = 8; + LMS_SHA256 = 9; + LMOTS_SHA256 = 10; } // MessageSignature stores the computed signature over a message. From 922b28c5ca86fb7d9a32fc51270f6dda4c081381 Mon Sep 17 00:00:00 2001 From: William Woodruff Date: Fri, 2 Feb 2024 12:50:16 -0500 Subject: [PATCH 3/6] add RSA PSS variants Signed-off-by: William Woodruff --- .../ArtifactVerificationOptions.schema.json | 3 + gen/jsonschema/schemas/Input.schema.json | 3 + gen/jsonschema/schemas/PublicKey.schema.json | 3 + .../schemas/PublicKeyIdentities.schema.json | 3 + .../TransparencyLogInstance.schema.json | 3 + .../schemas/TrustedRoot.schema.json | 3 + gen/pb-go/common/v1/sigstore_common.pb.go | 78 +++++++++++-------- .../dev/sigstore/common/v1/__init__.py | 3 + gen/pb-ruby/lib/sigstore_common_pb.rb | 3 + .../ArtifactVerificationOptions.schema.json | 3 + gen/pb-rust/schemas/Input.schema.json | 3 + gen/pb-rust/schemas/PublicKey.schema.json | 3 + .../schemas/PublicKeyIdentities.schema.json | 3 + .../TransparencyLogInstance.schema.json | 3 + gen/pb-rust/schemas/TrustedRoot.schema.json | 3 + .../src/__generated__/sigstore_common.ts | 18 +++++ protos/sigstore_common.proto | 5 +- 17 files changed, 110 insertions(+), 33 deletions(-) diff --git a/gen/jsonschema/schemas/ArtifactVerificationOptions.schema.json b/gen/jsonschema/schemas/ArtifactVerificationOptions.schema.json index 88d0ad65..bf7de189 100644 --- a/gen/jsonschema/schemas/ArtifactVerificationOptions.schema.json +++ b/gen/jsonschema/schemas/ArtifactVerificationOptions.schema.json @@ -130,6 +130,9 @@ "PKIX_RSA_PKCS1_2048_SHA256", "PKIX_RSA_PKCS1_3072_SHA256", "PKIX_RSA_PKCS1_4096_SHA256", + "RSA_PSS_2048_SHA256", + "RSA_PSS_3072_SHA256", + "RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/jsonschema/schemas/Input.schema.json b/gen/jsonschema/schemas/Input.schema.json index d5419cb8..dc35e61b 100644 --- a/gen/jsonschema/schemas/Input.schema.json +++ b/gen/jsonschema/schemas/Input.schema.json @@ -260,6 +260,9 @@ "PKIX_RSA_PKCS1_2048_SHA256", "PKIX_RSA_PKCS1_3072_SHA256", "PKIX_RSA_PKCS1_4096_SHA256", + "RSA_PSS_2048_SHA256", + "RSA_PSS_3072_SHA256", + "RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/jsonschema/schemas/PublicKey.schema.json b/gen/jsonschema/schemas/PublicKey.schema.json index b5cf9597..2a0d0cc0 100644 --- a/gen/jsonschema/schemas/PublicKey.schema.json +++ b/gen/jsonschema/schemas/PublicKey.schema.json @@ -20,6 +20,9 @@ "PKIX_RSA_PKCS1_2048_SHA256", "PKIX_RSA_PKCS1_3072_SHA256", "PKIX_RSA_PKCS1_4096_SHA256", + "RSA_PSS_2048_SHA256", + "RSA_PSS_3072_SHA256", + "RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/jsonschema/schemas/PublicKeyIdentities.schema.json b/gen/jsonschema/schemas/PublicKeyIdentities.schema.json index d6fa13b8..0bbf4402 100644 --- a/gen/jsonschema/schemas/PublicKeyIdentities.schema.json +++ b/gen/jsonschema/schemas/PublicKeyIdentities.schema.json @@ -34,6 +34,9 @@ "PKIX_RSA_PKCS1_2048_SHA256", "PKIX_RSA_PKCS1_3072_SHA256", "PKIX_RSA_PKCS1_4096_SHA256", + "RSA_PSS_2048_SHA256", + "RSA_PSS_3072_SHA256", + "RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/jsonschema/schemas/TransparencyLogInstance.schema.json b/gen/jsonschema/schemas/TransparencyLogInstance.schema.json index f114aac1..ce4127b2 100644 --- a/gen/jsonschema/schemas/TransparencyLogInstance.schema.json +++ b/gen/jsonschema/schemas/TransparencyLogInstance.schema.json @@ -69,6 +69,9 @@ "PKIX_RSA_PKCS1_2048_SHA256", "PKIX_RSA_PKCS1_3072_SHA256", "PKIX_RSA_PKCS1_4096_SHA256", + "RSA_PSS_2048_SHA256", + "RSA_PSS_3072_SHA256", + "RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/jsonschema/schemas/TrustedRoot.schema.json b/gen/jsonschema/schemas/TrustedRoot.schema.json index 9b50ea91..4106d7a3 100644 --- a/gen/jsonschema/schemas/TrustedRoot.schema.json +++ b/gen/jsonschema/schemas/TrustedRoot.schema.json @@ -91,6 +91,9 @@ "PKIX_RSA_PKCS1_2048_SHA256", "PKIX_RSA_PKCS1_3072_SHA256", "PKIX_RSA_PKCS1_4096_SHA256", + "RSA_PSS_2048_SHA256", + "RSA_PSS_3072_SHA256", + "RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/pb-go/common/v1/sigstore_common.pb.go b/gen/pb-go/common/v1/sigstore_common.pb.go index 007aef8c..9d633dd0 100644 --- a/gen/pb-go/common/v1/sigstore_common.pb.go +++ b/gen/pb-go/common/v1/sigstore_common.pb.go @@ -134,6 +134,9 @@ const ( PublicKeyDetails_PKIX_RSA_PKCS1_2048_SHA256 PublicKeyDetails = 9 PublicKeyDetails_PKIX_RSA_PKCS1_3072_SHA256 PublicKeyDetails = 10 PublicKeyDetails_PKIX_RSA_PKCS1_4096_SHA256 PublicKeyDetails = 11 + PublicKeyDetails_RSA_PSS_2048_SHA256 PublicKeyDetails = 16 + PublicKeyDetails_RSA_PSS_3072_SHA256 PublicKeyDetails = 17 + PublicKeyDetails_RSA_PSS_4096_SHA256 PublicKeyDetails = 18 // ECDSA // // Deprecated: Do not use. @@ -160,6 +163,9 @@ var ( 9: "PKIX_RSA_PKCS1_2048_SHA256", 10: "PKIX_RSA_PKCS1_3072_SHA256", 11: "PKIX_RSA_PKCS1_4096_SHA256", + 16: "RSA_PSS_2048_SHA256", + 17: "RSA_PSS_3072_SHA256", + 18: "RSA_PSS_4096_SHA256", 6: "PKIX_ECDSA_P256_HMAC_SHA_256", 5: "PKIX_ECDSA_P256_SHA_256", 12: "PKIX_ECDSA_P384_SHA_384", @@ -178,6 +184,9 @@ var ( "PKIX_RSA_PKCS1_2048_SHA256": 9, "PKIX_RSA_PKCS1_3072_SHA256": 10, "PKIX_RSA_PKCS1_4096_SHA256": 11, + "RSA_PSS_2048_SHA256": 16, + "RSA_PSS_3072_SHA256": 17, + "RSA_PSS_4096_SHA256": 18, "PKIX_ECDSA_P256_HMAC_SHA_256": 6, "PKIX_ECDSA_P256_SHA_256": 5, "PKIX_ECDSA_P384_SHA_384": 12, @@ -1137,7 +1146,7 @@ var file_sigstore_common_proto_rawDesc = []byte{ 0x48, 0x41, 0x32, 0x5f, 0x33, 0x38, 0x34, 0x10, 0x02, 0x12, 0x0c, 0x0a, 0x08, 0x53, 0x48, 0x41, 0x32, 0x5f, 0x35, 0x31, 0x32, 0x10, 0x03, 0x12, 0x0c, 0x0a, 0x08, 0x53, 0x48, 0x41, 0x33, 0x5f, 0x32, 0x35, 0x36, 0x10, 0x04, 0x12, 0x0c, 0x0a, 0x08, 0x53, 0x48, 0x41, 0x33, 0x5f, 0x33, 0x38, - 0x34, 0x10, 0x05, 0x2a, 0xde, 0x03, 0x0a, 0x10, 0x50, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x4b, 0x65, + 0x34, 0x10, 0x05, 0x2a, 0xa9, 0x04, 0x0a, 0x10, 0x50, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x4b, 0x65, 0x79, 0x44, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x12, 0x22, 0x0a, 0x1e, 0x50, 0x55, 0x42, 0x4c, 0x49, 0x43, 0x5f, 0x4b, 0x45, 0x59, 0x5f, 0x44, 0x45, 0x54, 0x41, 0x49, 0x4c, 0x53, 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x19, 0x0a, 0x11, @@ -1152,37 +1161,42 @@ var file_sigstore_common_proto_rawDesc = []byte{ 0x0a, 0x1a, 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x52, 0x53, 0x41, 0x5f, 0x50, 0x4b, 0x43, 0x53, 0x31, 0x5f, 0x33, 0x30, 0x37, 0x32, 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x0a, 0x12, 0x1e, 0x0a, 0x1a, 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x52, 0x53, 0x41, 0x5f, 0x50, 0x4b, 0x43, 0x53, 0x31, - 0x5f, 0x34, 0x30, 0x39, 0x36, 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x0b, 0x12, 0x24, - 0x0a, 0x1c, 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x45, 0x43, 0x44, 0x53, 0x41, 0x5f, 0x50, 0x32, 0x35, - 0x36, 0x5f, 0x48, 0x4d, 0x41, 0x43, 0x5f, 0x53, 0x48, 0x41, 0x5f, 0x32, 0x35, 0x36, 0x10, 0x06, - 0x1a, 0x02, 0x08, 0x01, 0x12, 0x1b, 0x0a, 0x17, 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x45, 0x43, 0x44, - 0x53, 0x41, 0x5f, 0x50, 0x32, 0x35, 0x36, 0x5f, 0x53, 0x48, 0x41, 0x5f, 0x32, 0x35, 0x36, 0x10, - 0x05, 0x12, 0x1b, 0x0a, 0x17, 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x45, 0x43, 0x44, 0x53, 0x41, 0x5f, - 0x50, 0x33, 0x38, 0x34, 0x5f, 0x53, 0x48, 0x41, 0x5f, 0x33, 0x38, 0x34, 0x10, 0x0c, 0x12, 0x1b, - 0x0a, 0x17, 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x45, 0x43, 0x44, 0x53, 0x41, 0x5f, 0x50, 0x35, 0x32, - 0x31, 0x5f, 0x53, 0x48, 0x41, 0x5f, 0x35, 0x31, 0x32, 0x10, 0x0d, 0x12, 0x10, 0x0a, 0x0c, 0x50, - 0x4b, 0x49, 0x58, 0x5f, 0x45, 0x44, 0x32, 0x35, 0x35, 0x31, 0x39, 0x10, 0x07, 0x12, 0x13, 0x0a, - 0x0f, 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x45, 0x44, 0x32, 0x35, 0x35, 0x31, 0x39, 0x5f, 0x50, 0x48, - 0x10, 0x08, 0x12, 0x1b, 0x0a, 0x17, 0x45, 0x58, 0x50, 0x45, 0x52, 0x49, 0x4d, 0x45, 0x4e, 0x54, - 0x41, 0x4c, 0x5f, 0x4c, 0x4d, 0x53, 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x0e, 0x12, - 0x1d, 0x0a, 0x19, 0x45, 0x58, 0x50, 0x45, 0x52, 0x49, 0x4d, 0x45, 0x4e, 0x54, 0x41, 0x4c, 0x5f, - 0x4c, 0x4d, 0x4f, 0x54, 0x53, 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x0f, 0x22, 0x04, - 0x08, 0x10, 0x10, 0x32, 0x2a, 0x6f, 0x0a, 0x1a, 0x53, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x41, - 0x6c, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x74, 0x69, 0x76, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x54, 0x79, - 0x70, 0x65, 0x12, 0x2d, 0x0a, 0x29, 0x53, 0x55, 0x42, 0x4a, 0x45, 0x43, 0x54, 0x5f, 0x41, 0x4c, - 0x54, 0x45, 0x52, 0x4e, 0x41, 0x54, 0x49, 0x56, 0x45, 0x5f, 0x4e, 0x41, 0x4d, 0x45, 0x5f, 0x54, - 0x59, 0x50, 0x45, 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, - 0x00, 0x12, 0x09, 0x0a, 0x05, 0x45, 0x4d, 0x41, 0x49, 0x4c, 0x10, 0x01, 0x12, 0x07, 0x0a, 0x03, - 0x55, 0x52, 0x49, 0x10, 0x02, 0x12, 0x0e, 0x0a, 0x0a, 0x4f, 0x54, 0x48, 0x45, 0x52, 0x5f, 0x4e, - 0x41, 0x4d, 0x45, 0x10, 0x03, 0x42, 0x7c, 0x0a, 0x1c, 0x64, 0x65, 0x76, 0x2e, 0x73, 0x69, 0x67, - 0x73, 0x74, 0x6f, 0x72, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, - 0x6f, 0x6e, 0x2e, 0x76, 0x31, 0x42, 0x0b, 0x43, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x50, 0x72, 0x6f, - 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x36, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, - 0x2f, 0x73, 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, - 0x75, 0x66, 0x2d, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2f, 0x67, 0x65, 0x6e, 0x2f, 0x70, 0x62, 0x2d, - 0x67, 0x6f, 0x2f, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2f, 0x76, 0x31, 0xea, 0x02, 0x14, 0x53, - 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x3a, 0x3a, 0x43, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x3a, - 0x3a, 0x56, 0x31, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x5f, 0x34, 0x30, 0x39, 0x36, 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x0b, 0x12, 0x17, + 0x0a, 0x13, 0x52, 0x53, 0x41, 0x5f, 0x50, 0x53, 0x53, 0x5f, 0x32, 0x30, 0x34, 0x38, 0x5f, 0x53, + 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x10, 0x12, 0x17, 0x0a, 0x13, 0x52, 0x53, 0x41, 0x5f, 0x50, + 0x53, 0x53, 0x5f, 0x33, 0x30, 0x37, 0x32, 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x11, + 0x12, 0x17, 0x0a, 0x13, 0x52, 0x53, 0x41, 0x5f, 0x50, 0x53, 0x53, 0x5f, 0x34, 0x30, 0x39, 0x36, + 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x12, 0x12, 0x24, 0x0a, 0x1c, 0x50, 0x4b, 0x49, + 0x58, 0x5f, 0x45, 0x43, 0x44, 0x53, 0x41, 0x5f, 0x50, 0x32, 0x35, 0x36, 0x5f, 0x48, 0x4d, 0x41, + 0x43, 0x5f, 0x53, 0x48, 0x41, 0x5f, 0x32, 0x35, 0x36, 0x10, 0x06, 0x1a, 0x02, 0x08, 0x01, 0x12, + 0x1b, 0x0a, 0x17, 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x45, 0x43, 0x44, 0x53, 0x41, 0x5f, 0x50, 0x32, + 0x35, 0x36, 0x5f, 0x53, 0x48, 0x41, 0x5f, 0x32, 0x35, 0x36, 0x10, 0x05, 0x12, 0x1b, 0x0a, 0x17, + 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x45, 0x43, 0x44, 0x53, 0x41, 0x5f, 0x50, 0x33, 0x38, 0x34, 0x5f, + 0x53, 0x48, 0x41, 0x5f, 0x33, 0x38, 0x34, 0x10, 0x0c, 0x12, 0x1b, 0x0a, 0x17, 0x50, 0x4b, 0x49, + 0x58, 0x5f, 0x45, 0x43, 0x44, 0x53, 0x41, 0x5f, 0x50, 0x35, 0x32, 0x31, 0x5f, 0x53, 0x48, 0x41, + 0x5f, 0x35, 0x31, 0x32, 0x10, 0x0d, 0x12, 0x10, 0x0a, 0x0c, 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x45, + 0x44, 0x32, 0x35, 0x35, 0x31, 0x39, 0x10, 0x07, 0x12, 0x13, 0x0a, 0x0f, 0x50, 0x4b, 0x49, 0x58, + 0x5f, 0x45, 0x44, 0x32, 0x35, 0x35, 0x31, 0x39, 0x5f, 0x50, 0x48, 0x10, 0x08, 0x12, 0x1b, 0x0a, + 0x17, 0x45, 0x58, 0x50, 0x45, 0x52, 0x49, 0x4d, 0x45, 0x4e, 0x54, 0x41, 0x4c, 0x5f, 0x4c, 0x4d, + 0x53, 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x0e, 0x12, 0x1d, 0x0a, 0x19, 0x45, 0x58, + 0x50, 0x45, 0x52, 0x49, 0x4d, 0x45, 0x4e, 0x54, 0x41, 0x4c, 0x5f, 0x4c, 0x4d, 0x4f, 0x54, 0x53, + 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x0f, 0x22, 0x04, 0x08, 0x13, 0x10, 0x32, 0x2a, + 0x6f, 0x0a, 0x1a, 0x53, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x41, 0x6c, 0x74, 0x65, 0x72, 0x6e, + 0x61, 0x74, 0x69, 0x76, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x54, 0x79, 0x70, 0x65, 0x12, 0x2d, 0x0a, + 0x29, 0x53, 0x55, 0x42, 0x4a, 0x45, 0x43, 0x54, 0x5f, 0x41, 0x4c, 0x54, 0x45, 0x52, 0x4e, 0x41, + 0x54, 0x49, 0x56, 0x45, 0x5f, 0x4e, 0x41, 0x4d, 0x45, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x55, + 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x09, 0x0a, 0x05, + 0x45, 0x4d, 0x41, 0x49, 0x4c, 0x10, 0x01, 0x12, 0x07, 0x0a, 0x03, 0x55, 0x52, 0x49, 0x10, 0x02, + 0x12, 0x0e, 0x0a, 0x0a, 0x4f, 0x54, 0x48, 0x45, 0x52, 0x5f, 0x4e, 0x41, 0x4d, 0x45, 0x10, 0x03, + 0x42, 0x7c, 0x0a, 0x1c, 0x64, 0x65, 0x76, 0x2e, 0x73, 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, 0x65, + 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x76, 0x31, + 0x42, 0x0b, 0x43, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, + 0x36, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x73, 0x69, 0x67, 0x73, + 0x74, 0x6f, 0x72, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2d, 0x73, 0x70, + 0x65, 0x63, 0x73, 0x2f, 0x67, 0x65, 0x6e, 0x2f, 0x70, 0x62, 0x2d, 0x67, 0x6f, 0x2f, 0x63, 0x6f, + 0x6d, 0x6d, 0x6f, 0x6e, 0x2f, 0x76, 0x31, 0xea, 0x02, 0x14, 0x53, 0x69, 0x67, 0x73, 0x74, 0x6f, + 0x72, 0x65, 0x3a, 0x3a, 0x43, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x3a, 0x3a, 0x56, 0x31, 0x62, 0x06, + 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, } var ( diff --git a/gen/pb-python/sigstore_protobuf_specs/dev/sigstore/common/v1/__init__.py b/gen/pb-python/sigstore_protobuf_specs/dev/sigstore/common/v1/__init__.py index da5ff820..f495560c 100644 --- a/gen/pb-python/sigstore_protobuf_specs/dev/sigstore/common/v1/__init__.py +++ b/gen/pb-python/sigstore_protobuf_specs/dev/sigstore/common/v1/__init__.py @@ -55,6 +55,9 @@ class PublicKeyDetails(betterproto.Enum): PKIX_RSA_PKCS1_2048_SHA256 = 9 PKIX_RSA_PKCS1_3072_SHA256 = 10 PKIX_RSA_PKCS1_4096_SHA256 = 11 + RSA_PSS_2048_SHA256 = 16 + RSA_PSS_3072_SHA256 = 17 + RSA_PSS_4096_SHA256 = 18 PKIX_ECDSA_P256_HMAC_SHA_256 = 6 """ECDSA""" diff --git a/gen/pb-ruby/lib/sigstore_common_pb.rb b/gen/pb-ruby/lib/sigstore_common_pb.rb index c9525bbb..d63fbc50 100644 --- a/gen/pb-ruby/lib/sigstore_common_pb.rb +++ b/gen/pb-ruby/lib/sigstore_common_pb.rb @@ -75,6 +75,9 @@ value :PKIX_RSA_PKCS1_2048_SHA256, 9 value :PKIX_RSA_PKCS1_3072_SHA256, 10 value :PKIX_RSA_PKCS1_4096_SHA256, 11 + value :RSA_PSS_2048_SHA256, 16 + value :RSA_PSS_3072_SHA256, 17 + value :RSA_PSS_4096_SHA256, 18 value :PKIX_ECDSA_P256_HMAC_SHA_256, 6 value :PKIX_ECDSA_P256_SHA_256, 5 value :PKIX_ECDSA_P384_SHA_384, 12 diff --git a/gen/pb-rust/schemas/ArtifactVerificationOptions.schema.json b/gen/pb-rust/schemas/ArtifactVerificationOptions.schema.json index 88d0ad65..bf7de189 100644 --- a/gen/pb-rust/schemas/ArtifactVerificationOptions.schema.json +++ b/gen/pb-rust/schemas/ArtifactVerificationOptions.schema.json @@ -130,6 +130,9 @@ "PKIX_RSA_PKCS1_2048_SHA256", "PKIX_RSA_PKCS1_3072_SHA256", "PKIX_RSA_PKCS1_4096_SHA256", + "RSA_PSS_2048_SHA256", + "RSA_PSS_3072_SHA256", + "RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/pb-rust/schemas/Input.schema.json b/gen/pb-rust/schemas/Input.schema.json index d5419cb8..dc35e61b 100644 --- a/gen/pb-rust/schemas/Input.schema.json +++ b/gen/pb-rust/schemas/Input.schema.json @@ -260,6 +260,9 @@ "PKIX_RSA_PKCS1_2048_SHA256", "PKIX_RSA_PKCS1_3072_SHA256", "PKIX_RSA_PKCS1_4096_SHA256", + "RSA_PSS_2048_SHA256", + "RSA_PSS_3072_SHA256", + "RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/pb-rust/schemas/PublicKey.schema.json b/gen/pb-rust/schemas/PublicKey.schema.json index b5cf9597..2a0d0cc0 100644 --- a/gen/pb-rust/schemas/PublicKey.schema.json +++ b/gen/pb-rust/schemas/PublicKey.schema.json @@ -20,6 +20,9 @@ "PKIX_RSA_PKCS1_2048_SHA256", "PKIX_RSA_PKCS1_3072_SHA256", "PKIX_RSA_PKCS1_4096_SHA256", + "RSA_PSS_2048_SHA256", + "RSA_PSS_3072_SHA256", + "RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/pb-rust/schemas/PublicKeyIdentities.schema.json b/gen/pb-rust/schemas/PublicKeyIdentities.schema.json index d6fa13b8..0bbf4402 100644 --- a/gen/pb-rust/schemas/PublicKeyIdentities.schema.json +++ b/gen/pb-rust/schemas/PublicKeyIdentities.schema.json @@ -34,6 +34,9 @@ "PKIX_RSA_PKCS1_2048_SHA256", "PKIX_RSA_PKCS1_3072_SHA256", "PKIX_RSA_PKCS1_4096_SHA256", + "RSA_PSS_2048_SHA256", + "RSA_PSS_3072_SHA256", + "RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/pb-rust/schemas/TransparencyLogInstance.schema.json b/gen/pb-rust/schemas/TransparencyLogInstance.schema.json index f114aac1..ce4127b2 100644 --- a/gen/pb-rust/schemas/TransparencyLogInstance.schema.json +++ b/gen/pb-rust/schemas/TransparencyLogInstance.schema.json @@ -69,6 +69,9 @@ "PKIX_RSA_PKCS1_2048_SHA256", "PKIX_RSA_PKCS1_3072_SHA256", "PKIX_RSA_PKCS1_4096_SHA256", + "RSA_PSS_2048_SHA256", + "RSA_PSS_3072_SHA256", + "RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/pb-rust/schemas/TrustedRoot.schema.json b/gen/pb-rust/schemas/TrustedRoot.schema.json index 9b50ea91..4106d7a3 100644 --- a/gen/pb-rust/schemas/TrustedRoot.schema.json +++ b/gen/pb-rust/schemas/TrustedRoot.schema.json @@ -91,6 +91,9 @@ "PKIX_RSA_PKCS1_2048_SHA256", "PKIX_RSA_PKCS1_3072_SHA256", "PKIX_RSA_PKCS1_4096_SHA256", + "RSA_PSS_2048_SHA256", + "RSA_PSS_3072_SHA256", + "RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/pb-typescript/src/__generated__/sigstore_common.ts b/gen/pb-typescript/src/__generated__/sigstore_common.ts index 1629b715..ae1b7b61 100644 --- a/gen/pb-typescript/src/__generated__/sigstore_common.ts +++ b/gen/pb-typescript/src/__generated__/sigstore_common.ts @@ -102,6 +102,9 @@ export enum PublicKeyDetails { PKIX_RSA_PKCS1_2048_SHA256 = 9, PKIX_RSA_PKCS1_3072_SHA256 = 10, PKIX_RSA_PKCS1_4096_SHA256 = 11, + RSA_PSS_2048_SHA256 = 16, + RSA_PSS_3072_SHA256 = 17, + RSA_PSS_4096_SHA256 = 18, /** * PKIX_ECDSA_P256_HMAC_SHA_256 - ECDSA * @@ -146,6 +149,15 @@ export function publicKeyDetailsFromJSON(object: any): PublicKeyDetails { case 11: case "PKIX_RSA_PKCS1_4096_SHA256": return PublicKeyDetails.PKIX_RSA_PKCS1_4096_SHA256; + case 16: + case "RSA_PSS_2048_SHA256": + return PublicKeyDetails.RSA_PSS_2048_SHA256; + case 17: + case "RSA_PSS_3072_SHA256": + return PublicKeyDetails.RSA_PSS_3072_SHA256; + case 18: + case "RSA_PSS_4096_SHA256": + return PublicKeyDetails.RSA_PSS_4096_SHA256; case 6: case "PKIX_ECDSA_P256_HMAC_SHA_256": return PublicKeyDetails.PKIX_ECDSA_P256_HMAC_SHA_256; @@ -193,6 +205,12 @@ export function publicKeyDetailsToJSON(object: PublicKeyDetails): string { return "PKIX_RSA_PKCS1_3072_SHA256"; case PublicKeyDetails.PKIX_RSA_PKCS1_4096_SHA256: return "PKIX_RSA_PKCS1_4096_SHA256"; + case PublicKeyDetails.RSA_PSS_2048_SHA256: + return "RSA_PSS_2048_SHA256"; + case PublicKeyDetails.RSA_PSS_3072_SHA256: + return "RSA_PSS_3072_SHA256"; + case PublicKeyDetails.RSA_PSS_4096_SHA256: + return "RSA_PSS_4096_SHA256"; case PublicKeyDetails.PKIX_ECDSA_P256_HMAC_SHA_256: return "PKIX_ECDSA_P256_HMAC_SHA_256"; case PublicKeyDetails.PKIX_ECDSA_P256_SHA_256: diff --git a/protos/sigstore_common.proto b/protos/sigstore_common.proto index 948d9f4a..71572799 100644 --- a/protos/sigstore_common.proto +++ b/protos/sigstore_common.proto @@ -69,6 +69,9 @@ enum PublicKeyDetails { PKIX_RSA_PKCS1_2048_SHA256 = 9; PKIX_RSA_PKCS1_3072_SHA256 = 10; PKIX_RSA_PKCS1_4096_SHA256 = 11; + RSA_PSS_2048_SHA256 = 16; + RSA_PSS_3072_SHA256 = 17; + RSA_PSS_4096_SHA256 = 18; // ECDSA PKIX_ECDSA_P256_HMAC_SHA_256 = 6 [deprecated = true]; // See RFC6979 @@ -85,7 +88,7 @@ enum PublicKeyDetails { EXPERIMENTAL_LMOTS_SHA256 = 15; // Reserved for future additions of public key/signature algorithm types. - reserved 16 to 50; + reserved 19 to 50; } // HashOutput captures a digest of a 'message' (generic octet sequence) From d8d4b201419e484e26a07e4796acab92a27fb2bd Mon Sep 17 00:00:00 2001 From: William Woodruff Date: Fri, 2 Feb 2024 13:02:20 -0500 Subject: [PATCH 4/6] document PSS variants, make it clear they're PKIX encoded Signed-off-by: William Woodruff --- docs/algorithm-registry.md | 5 +- .../ArtifactVerificationOptions.schema.json | 6 +- gen/jsonschema/schemas/Input.schema.json | 6 +- gen/jsonschema/schemas/PublicKey.schema.json | 6 +- .../schemas/PublicKeyIdentities.schema.json | 6 +- .../TransparencyLogInstance.schema.json | 6 +- .../schemas/TrustedRoot.schema.json | 6 +- gen/pb-go/common/v1/sigstore_common.pb.go | 93 ++++++++++--------- .../dev/sigstore/common/v1/__init__.py | 6 +- gen/pb-ruby/lib/sigstore_common_pb.rb | 6 +- .../ArtifactVerificationOptions.schema.json | 6 +- gen/pb-rust/schemas/Input.schema.json | 6 +- gen/pb-rust/schemas/PublicKey.schema.json | 6 +- .../schemas/PublicKeyIdentities.schema.json | 6 +- .../TransparencyLogInstance.schema.json | 6 +- gen/pb-rust/schemas/TrustedRoot.schema.json | 6 +- .../src/__generated__/sigstore_common.ts | 31 ++++--- protos/sigstore_common.proto | 6 +- 18 files changed, 112 insertions(+), 107 deletions(-) diff --git a/docs/algorithm-registry.md b/docs/algorithm-registry.md index 977e2335..3fa54056 100644 --- a/docs/algorithm-registry.md +++ b/docs/algorithm-registry.md @@ -17,9 +17,12 @@ specification for the design rationale for this registry. | Algorithm | Name | Usage | Notes | |-----------|----------------------------|-------------| -------------------------------------------------------------------------------- | -| RSA | rsa-sign-pkcs1-2048-sha256 | verify only | | +| RSA | rsa-sign-pkcs1-2048-sha256 | verify only | Not recommended. | | | rsa-sign-pkcs1-3072-sha256 | sign/verify | | | | rsa-sign-pkcs1-4096-sha256 | sign/verify | | +| | rsa-sign-pss-2048-sha256 | verify only | Not recommended. | +| | rsa-sign-pss-3072-sha256 | sign/verify | | +| | rsa-sign-pss-4096-sha256 | sign/verify | | | ECDSA | ecdsa-sha2-256-nistp256 | sign/verify | | | | ecdsa-sha2-384-nistp384 | sign/verify | | | | ecdsa-sha2-512-nistp521 | sign/verify | | diff --git a/gen/jsonschema/schemas/ArtifactVerificationOptions.schema.json b/gen/jsonschema/schemas/ArtifactVerificationOptions.schema.json index bf7de189..1b8c1bc3 100644 --- a/gen/jsonschema/schemas/ArtifactVerificationOptions.schema.json +++ b/gen/jsonschema/schemas/ArtifactVerificationOptions.schema.json @@ -130,9 +130,9 @@ "PKIX_RSA_PKCS1_2048_SHA256", "PKIX_RSA_PKCS1_3072_SHA256", "PKIX_RSA_PKCS1_4096_SHA256", - "RSA_PSS_2048_SHA256", - "RSA_PSS_3072_SHA256", - "RSA_PSS_4096_SHA256", + "PKIX_RSA_PSS_2048_SHA256", + "PKIX_RSA_PSS_3072_SHA256", + "PKIX_RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/jsonschema/schemas/Input.schema.json b/gen/jsonschema/schemas/Input.schema.json index dc35e61b..01d89b2b 100644 --- a/gen/jsonschema/schemas/Input.schema.json +++ b/gen/jsonschema/schemas/Input.schema.json @@ -260,9 +260,9 @@ "PKIX_RSA_PKCS1_2048_SHA256", "PKIX_RSA_PKCS1_3072_SHA256", "PKIX_RSA_PKCS1_4096_SHA256", - "RSA_PSS_2048_SHA256", - "RSA_PSS_3072_SHA256", - "RSA_PSS_4096_SHA256", + "PKIX_RSA_PSS_2048_SHA256", + "PKIX_RSA_PSS_3072_SHA256", + "PKIX_RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/jsonschema/schemas/PublicKey.schema.json b/gen/jsonschema/schemas/PublicKey.schema.json index 2a0d0cc0..320e9676 100644 --- a/gen/jsonschema/schemas/PublicKey.schema.json +++ b/gen/jsonschema/schemas/PublicKey.schema.json @@ -20,9 +20,9 @@ "PKIX_RSA_PKCS1_2048_SHA256", "PKIX_RSA_PKCS1_3072_SHA256", "PKIX_RSA_PKCS1_4096_SHA256", - "RSA_PSS_2048_SHA256", - "RSA_PSS_3072_SHA256", - "RSA_PSS_4096_SHA256", + "PKIX_RSA_PSS_2048_SHA256", + "PKIX_RSA_PSS_3072_SHA256", + "PKIX_RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/jsonschema/schemas/PublicKeyIdentities.schema.json b/gen/jsonschema/schemas/PublicKeyIdentities.schema.json index 0bbf4402..8e1125f3 100644 --- a/gen/jsonschema/schemas/PublicKeyIdentities.schema.json +++ b/gen/jsonschema/schemas/PublicKeyIdentities.schema.json @@ -34,9 +34,9 @@ "PKIX_RSA_PKCS1_2048_SHA256", "PKIX_RSA_PKCS1_3072_SHA256", "PKIX_RSA_PKCS1_4096_SHA256", - "RSA_PSS_2048_SHA256", - "RSA_PSS_3072_SHA256", - "RSA_PSS_4096_SHA256", + "PKIX_RSA_PSS_2048_SHA256", + "PKIX_RSA_PSS_3072_SHA256", + "PKIX_RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/jsonschema/schemas/TransparencyLogInstance.schema.json b/gen/jsonschema/schemas/TransparencyLogInstance.schema.json index ce4127b2..5a523f01 100644 --- a/gen/jsonschema/schemas/TransparencyLogInstance.schema.json +++ b/gen/jsonschema/schemas/TransparencyLogInstance.schema.json @@ -69,9 +69,9 @@ "PKIX_RSA_PKCS1_2048_SHA256", "PKIX_RSA_PKCS1_3072_SHA256", "PKIX_RSA_PKCS1_4096_SHA256", - "RSA_PSS_2048_SHA256", - "RSA_PSS_3072_SHA256", - "RSA_PSS_4096_SHA256", + "PKIX_RSA_PSS_2048_SHA256", + "PKIX_RSA_PSS_3072_SHA256", + "PKIX_RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/jsonschema/schemas/TrustedRoot.schema.json b/gen/jsonschema/schemas/TrustedRoot.schema.json index 4106d7a3..fe3db427 100644 --- a/gen/jsonschema/schemas/TrustedRoot.schema.json +++ b/gen/jsonschema/schemas/TrustedRoot.schema.json @@ -91,9 +91,9 @@ "PKIX_RSA_PKCS1_2048_SHA256", "PKIX_RSA_PKCS1_3072_SHA256", "PKIX_RSA_PKCS1_4096_SHA256", - "RSA_PSS_2048_SHA256", - "RSA_PSS_3072_SHA256", - "RSA_PSS_4096_SHA256", + "PKIX_RSA_PSS_2048_SHA256", + "PKIX_RSA_PSS_3072_SHA256", + "PKIX_RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/pb-go/common/v1/sigstore_common.pb.go b/gen/pb-go/common/v1/sigstore_common.pb.go index 9d633dd0..13413207 100644 --- a/gen/pb-go/common/v1/sigstore_common.pb.go +++ b/gen/pb-go/common/v1/sigstore_common.pb.go @@ -134,9 +134,9 @@ const ( PublicKeyDetails_PKIX_RSA_PKCS1_2048_SHA256 PublicKeyDetails = 9 PublicKeyDetails_PKIX_RSA_PKCS1_3072_SHA256 PublicKeyDetails = 10 PublicKeyDetails_PKIX_RSA_PKCS1_4096_SHA256 PublicKeyDetails = 11 - PublicKeyDetails_RSA_PSS_2048_SHA256 PublicKeyDetails = 16 - PublicKeyDetails_RSA_PSS_3072_SHA256 PublicKeyDetails = 17 - PublicKeyDetails_RSA_PSS_4096_SHA256 PublicKeyDetails = 18 + PublicKeyDetails_PKIX_RSA_PSS_2048_SHA256 PublicKeyDetails = 16 // See RFC4055 + PublicKeyDetails_PKIX_RSA_PSS_3072_SHA256 PublicKeyDetails = 17 + PublicKeyDetails_PKIX_RSA_PSS_4096_SHA256 PublicKeyDetails = 18 // ECDSA // // Deprecated: Do not use. @@ -163,9 +163,9 @@ var ( 9: "PKIX_RSA_PKCS1_2048_SHA256", 10: "PKIX_RSA_PKCS1_3072_SHA256", 11: "PKIX_RSA_PKCS1_4096_SHA256", - 16: "RSA_PSS_2048_SHA256", - 17: "RSA_PSS_3072_SHA256", - 18: "RSA_PSS_4096_SHA256", + 16: "PKIX_RSA_PSS_2048_SHA256", + 17: "PKIX_RSA_PSS_3072_SHA256", + 18: "PKIX_RSA_PSS_4096_SHA256", 6: "PKIX_ECDSA_P256_HMAC_SHA_256", 5: "PKIX_ECDSA_P256_SHA_256", 12: "PKIX_ECDSA_P384_SHA_384", @@ -184,9 +184,9 @@ var ( "PKIX_RSA_PKCS1_2048_SHA256": 9, "PKIX_RSA_PKCS1_3072_SHA256": 10, "PKIX_RSA_PKCS1_4096_SHA256": 11, - "RSA_PSS_2048_SHA256": 16, - "RSA_PSS_3072_SHA256": 17, - "RSA_PSS_4096_SHA256": 18, + "PKIX_RSA_PSS_2048_SHA256": 16, + "PKIX_RSA_PSS_3072_SHA256": 17, + "PKIX_RSA_PSS_4096_SHA256": 18, "PKIX_ECDSA_P256_HMAC_SHA_256": 6, "PKIX_ECDSA_P256_SHA_256": 5, "PKIX_ECDSA_P384_SHA_384": 12, @@ -1146,7 +1146,7 @@ var file_sigstore_common_proto_rawDesc = []byte{ 0x48, 0x41, 0x32, 0x5f, 0x33, 0x38, 0x34, 0x10, 0x02, 0x12, 0x0c, 0x0a, 0x08, 0x53, 0x48, 0x41, 0x32, 0x5f, 0x35, 0x31, 0x32, 0x10, 0x03, 0x12, 0x0c, 0x0a, 0x08, 0x53, 0x48, 0x41, 0x33, 0x5f, 0x32, 0x35, 0x36, 0x10, 0x04, 0x12, 0x0c, 0x0a, 0x08, 0x53, 0x48, 0x41, 0x33, 0x5f, 0x33, 0x38, - 0x34, 0x10, 0x05, 0x2a, 0xa9, 0x04, 0x0a, 0x10, 0x50, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x4b, 0x65, + 0x34, 0x10, 0x05, 0x2a, 0xb8, 0x04, 0x0a, 0x10, 0x50, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x4b, 0x65, 0x79, 0x44, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x12, 0x22, 0x0a, 0x1e, 0x50, 0x55, 0x42, 0x4c, 0x49, 0x43, 0x5f, 0x4b, 0x45, 0x59, 0x5f, 0x44, 0x45, 0x54, 0x41, 0x49, 0x4c, 0x53, 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x19, 0x0a, 0x11, @@ -1161,42 +1161,43 @@ var file_sigstore_common_proto_rawDesc = []byte{ 0x0a, 0x1a, 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x52, 0x53, 0x41, 0x5f, 0x50, 0x4b, 0x43, 0x53, 0x31, 0x5f, 0x33, 0x30, 0x37, 0x32, 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x0a, 0x12, 0x1e, 0x0a, 0x1a, 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x52, 0x53, 0x41, 0x5f, 0x50, 0x4b, 0x43, 0x53, 0x31, - 0x5f, 0x34, 0x30, 0x39, 0x36, 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x0b, 0x12, 0x17, - 0x0a, 0x13, 0x52, 0x53, 0x41, 0x5f, 0x50, 0x53, 0x53, 0x5f, 0x32, 0x30, 0x34, 0x38, 0x5f, 0x53, - 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x10, 0x12, 0x17, 0x0a, 0x13, 0x52, 0x53, 0x41, 0x5f, 0x50, - 0x53, 0x53, 0x5f, 0x33, 0x30, 0x37, 0x32, 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x11, - 0x12, 0x17, 0x0a, 0x13, 0x52, 0x53, 0x41, 0x5f, 0x50, 0x53, 0x53, 0x5f, 0x34, 0x30, 0x39, 0x36, - 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x12, 0x12, 0x24, 0x0a, 0x1c, 0x50, 0x4b, 0x49, - 0x58, 0x5f, 0x45, 0x43, 0x44, 0x53, 0x41, 0x5f, 0x50, 0x32, 0x35, 0x36, 0x5f, 0x48, 0x4d, 0x41, - 0x43, 0x5f, 0x53, 0x48, 0x41, 0x5f, 0x32, 0x35, 0x36, 0x10, 0x06, 0x1a, 0x02, 0x08, 0x01, 0x12, - 0x1b, 0x0a, 0x17, 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x45, 0x43, 0x44, 0x53, 0x41, 0x5f, 0x50, 0x32, - 0x35, 0x36, 0x5f, 0x53, 0x48, 0x41, 0x5f, 0x32, 0x35, 0x36, 0x10, 0x05, 0x12, 0x1b, 0x0a, 0x17, - 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x45, 0x43, 0x44, 0x53, 0x41, 0x5f, 0x50, 0x33, 0x38, 0x34, 0x5f, - 0x53, 0x48, 0x41, 0x5f, 0x33, 0x38, 0x34, 0x10, 0x0c, 0x12, 0x1b, 0x0a, 0x17, 0x50, 0x4b, 0x49, - 0x58, 0x5f, 0x45, 0x43, 0x44, 0x53, 0x41, 0x5f, 0x50, 0x35, 0x32, 0x31, 0x5f, 0x53, 0x48, 0x41, - 0x5f, 0x35, 0x31, 0x32, 0x10, 0x0d, 0x12, 0x10, 0x0a, 0x0c, 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x45, - 0x44, 0x32, 0x35, 0x35, 0x31, 0x39, 0x10, 0x07, 0x12, 0x13, 0x0a, 0x0f, 0x50, 0x4b, 0x49, 0x58, - 0x5f, 0x45, 0x44, 0x32, 0x35, 0x35, 0x31, 0x39, 0x5f, 0x50, 0x48, 0x10, 0x08, 0x12, 0x1b, 0x0a, - 0x17, 0x45, 0x58, 0x50, 0x45, 0x52, 0x49, 0x4d, 0x45, 0x4e, 0x54, 0x41, 0x4c, 0x5f, 0x4c, 0x4d, - 0x53, 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x0e, 0x12, 0x1d, 0x0a, 0x19, 0x45, 0x58, - 0x50, 0x45, 0x52, 0x49, 0x4d, 0x45, 0x4e, 0x54, 0x41, 0x4c, 0x5f, 0x4c, 0x4d, 0x4f, 0x54, 0x53, - 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x0f, 0x22, 0x04, 0x08, 0x13, 0x10, 0x32, 0x2a, - 0x6f, 0x0a, 0x1a, 0x53, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x41, 0x6c, 0x74, 0x65, 0x72, 0x6e, - 0x61, 0x74, 0x69, 0x76, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x54, 0x79, 0x70, 0x65, 0x12, 0x2d, 0x0a, - 0x29, 0x53, 0x55, 0x42, 0x4a, 0x45, 0x43, 0x54, 0x5f, 0x41, 0x4c, 0x54, 0x45, 0x52, 0x4e, 0x41, - 0x54, 0x49, 0x56, 0x45, 0x5f, 0x4e, 0x41, 0x4d, 0x45, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x55, - 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x09, 0x0a, 0x05, - 0x45, 0x4d, 0x41, 0x49, 0x4c, 0x10, 0x01, 0x12, 0x07, 0x0a, 0x03, 0x55, 0x52, 0x49, 0x10, 0x02, - 0x12, 0x0e, 0x0a, 0x0a, 0x4f, 0x54, 0x48, 0x45, 0x52, 0x5f, 0x4e, 0x41, 0x4d, 0x45, 0x10, 0x03, - 0x42, 0x7c, 0x0a, 0x1c, 0x64, 0x65, 0x76, 0x2e, 0x73, 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, 0x65, - 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x76, 0x31, - 0x42, 0x0b, 0x43, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, - 0x36, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x73, 0x69, 0x67, 0x73, - 0x74, 0x6f, 0x72, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2d, 0x73, 0x70, - 0x65, 0x63, 0x73, 0x2f, 0x67, 0x65, 0x6e, 0x2f, 0x70, 0x62, 0x2d, 0x67, 0x6f, 0x2f, 0x63, 0x6f, - 0x6d, 0x6d, 0x6f, 0x6e, 0x2f, 0x76, 0x31, 0xea, 0x02, 0x14, 0x53, 0x69, 0x67, 0x73, 0x74, 0x6f, - 0x72, 0x65, 0x3a, 0x3a, 0x43, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x3a, 0x3a, 0x56, 0x31, 0x62, 0x06, - 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x5f, 0x34, 0x30, 0x39, 0x36, 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x0b, 0x12, 0x1c, + 0x0a, 0x18, 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x52, 0x53, 0x41, 0x5f, 0x50, 0x53, 0x53, 0x5f, 0x32, + 0x30, 0x34, 0x38, 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x10, 0x12, 0x1c, 0x0a, 0x18, + 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x52, 0x53, 0x41, 0x5f, 0x50, 0x53, 0x53, 0x5f, 0x33, 0x30, 0x37, + 0x32, 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x11, 0x12, 0x1c, 0x0a, 0x18, 0x50, 0x4b, + 0x49, 0x58, 0x5f, 0x52, 0x53, 0x41, 0x5f, 0x50, 0x53, 0x53, 0x5f, 0x34, 0x30, 0x39, 0x36, 0x5f, + 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x12, 0x12, 0x24, 0x0a, 0x1c, 0x50, 0x4b, 0x49, 0x58, + 0x5f, 0x45, 0x43, 0x44, 0x53, 0x41, 0x5f, 0x50, 0x32, 0x35, 0x36, 0x5f, 0x48, 0x4d, 0x41, 0x43, + 0x5f, 0x53, 0x48, 0x41, 0x5f, 0x32, 0x35, 0x36, 0x10, 0x06, 0x1a, 0x02, 0x08, 0x01, 0x12, 0x1b, + 0x0a, 0x17, 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x45, 0x43, 0x44, 0x53, 0x41, 0x5f, 0x50, 0x32, 0x35, + 0x36, 0x5f, 0x53, 0x48, 0x41, 0x5f, 0x32, 0x35, 0x36, 0x10, 0x05, 0x12, 0x1b, 0x0a, 0x17, 0x50, + 0x4b, 0x49, 0x58, 0x5f, 0x45, 0x43, 0x44, 0x53, 0x41, 0x5f, 0x50, 0x33, 0x38, 0x34, 0x5f, 0x53, + 0x48, 0x41, 0x5f, 0x33, 0x38, 0x34, 0x10, 0x0c, 0x12, 0x1b, 0x0a, 0x17, 0x50, 0x4b, 0x49, 0x58, + 0x5f, 0x45, 0x43, 0x44, 0x53, 0x41, 0x5f, 0x50, 0x35, 0x32, 0x31, 0x5f, 0x53, 0x48, 0x41, 0x5f, + 0x35, 0x31, 0x32, 0x10, 0x0d, 0x12, 0x10, 0x0a, 0x0c, 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x45, 0x44, + 0x32, 0x35, 0x35, 0x31, 0x39, 0x10, 0x07, 0x12, 0x13, 0x0a, 0x0f, 0x50, 0x4b, 0x49, 0x58, 0x5f, + 0x45, 0x44, 0x32, 0x35, 0x35, 0x31, 0x39, 0x5f, 0x50, 0x48, 0x10, 0x08, 0x12, 0x1b, 0x0a, 0x17, + 0x45, 0x58, 0x50, 0x45, 0x52, 0x49, 0x4d, 0x45, 0x4e, 0x54, 0x41, 0x4c, 0x5f, 0x4c, 0x4d, 0x53, + 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x0e, 0x12, 0x1d, 0x0a, 0x19, 0x45, 0x58, 0x50, + 0x45, 0x52, 0x49, 0x4d, 0x45, 0x4e, 0x54, 0x41, 0x4c, 0x5f, 0x4c, 0x4d, 0x4f, 0x54, 0x53, 0x5f, + 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x0f, 0x22, 0x04, 0x08, 0x13, 0x10, 0x32, 0x2a, 0x6f, + 0x0a, 0x1a, 0x53, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x41, 0x6c, 0x74, 0x65, 0x72, 0x6e, 0x61, + 0x74, 0x69, 0x76, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x54, 0x79, 0x70, 0x65, 0x12, 0x2d, 0x0a, 0x29, + 0x53, 0x55, 0x42, 0x4a, 0x45, 0x43, 0x54, 0x5f, 0x41, 0x4c, 0x54, 0x45, 0x52, 0x4e, 0x41, 0x54, + 0x49, 0x56, 0x45, 0x5f, 0x4e, 0x41, 0x4d, 0x45, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x55, 0x4e, + 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x09, 0x0a, 0x05, 0x45, + 0x4d, 0x41, 0x49, 0x4c, 0x10, 0x01, 0x12, 0x07, 0x0a, 0x03, 0x55, 0x52, 0x49, 0x10, 0x02, 0x12, + 0x0e, 0x0a, 0x0a, 0x4f, 0x54, 0x48, 0x45, 0x52, 0x5f, 0x4e, 0x41, 0x4d, 0x45, 0x10, 0x03, 0x42, + 0x7c, 0x0a, 0x1c, 0x64, 0x65, 0x76, 0x2e, 0x73, 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x2e, + 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x76, 0x31, 0x42, + 0x0b, 0x43, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x36, + 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x73, 0x69, 0x67, 0x73, 0x74, + 0x6f, 0x72, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2d, 0x73, 0x70, 0x65, + 0x63, 0x73, 0x2f, 0x67, 0x65, 0x6e, 0x2f, 0x70, 0x62, 0x2d, 0x67, 0x6f, 0x2f, 0x63, 0x6f, 0x6d, + 0x6d, 0x6f, 0x6e, 0x2f, 0x76, 0x31, 0xea, 0x02, 0x14, 0x53, 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, + 0x65, 0x3a, 0x3a, 0x43, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x3a, 0x3a, 0x56, 0x31, 0x62, 0x06, 0x70, + 0x72, 0x6f, 0x74, 0x6f, 0x33, } var ( diff --git a/gen/pb-python/sigstore_protobuf_specs/dev/sigstore/common/v1/__init__.py b/gen/pb-python/sigstore_protobuf_specs/dev/sigstore/common/v1/__init__.py index f495560c..7a517531 100644 --- a/gen/pb-python/sigstore_protobuf_specs/dev/sigstore/common/v1/__init__.py +++ b/gen/pb-python/sigstore_protobuf_specs/dev/sigstore/common/v1/__init__.py @@ -55,9 +55,9 @@ class PublicKeyDetails(betterproto.Enum): PKIX_RSA_PKCS1_2048_SHA256 = 9 PKIX_RSA_PKCS1_3072_SHA256 = 10 PKIX_RSA_PKCS1_4096_SHA256 = 11 - RSA_PSS_2048_SHA256 = 16 - RSA_PSS_3072_SHA256 = 17 - RSA_PSS_4096_SHA256 = 18 + PKIX_RSA_PSS_2048_SHA256 = 16 + PKIX_RSA_PSS_3072_SHA256 = 17 + PKIX_RSA_PSS_4096_SHA256 = 18 PKIX_ECDSA_P256_HMAC_SHA_256 = 6 """ECDSA""" diff --git a/gen/pb-ruby/lib/sigstore_common_pb.rb b/gen/pb-ruby/lib/sigstore_common_pb.rb index d63fbc50..605794ab 100644 --- a/gen/pb-ruby/lib/sigstore_common_pb.rb +++ b/gen/pb-ruby/lib/sigstore_common_pb.rb @@ -75,9 +75,9 @@ value :PKIX_RSA_PKCS1_2048_SHA256, 9 value :PKIX_RSA_PKCS1_3072_SHA256, 10 value :PKIX_RSA_PKCS1_4096_SHA256, 11 - value :RSA_PSS_2048_SHA256, 16 - value :RSA_PSS_3072_SHA256, 17 - value :RSA_PSS_4096_SHA256, 18 + value :PKIX_RSA_PSS_2048_SHA256, 16 + value :PKIX_RSA_PSS_3072_SHA256, 17 + value :PKIX_RSA_PSS_4096_SHA256, 18 value :PKIX_ECDSA_P256_HMAC_SHA_256, 6 value :PKIX_ECDSA_P256_SHA_256, 5 value :PKIX_ECDSA_P384_SHA_384, 12 diff --git a/gen/pb-rust/schemas/ArtifactVerificationOptions.schema.json b/gen/pb-rust/schemas/ArtifactVerificationOptions.schema.json index bf7de189..1b8c1bc3 100644 --- a/gen/pb-rust/schemas/ArtifactVerificationOptions.schema.json +++ b/gen/pb-rust/schemas/ArtifactVerificationOptions.schema.json @@ -130,9 +130,9 @@ "PKIX_RSA_PKCS1_2048_SHA256", "PKIX_RSA_PKCS1_3072_SHA256", "PKIX_RSA_PKCS1_4096_SHA256", - "RSA_PSS_2048_SHA256", - "RSA_PSS_3072_SHA256", - "RSA_PSS_4096_SHA256", + "PKIX_RSA_PSS_2048_SHA256", + "PKIX_RSA_PSS_3072_SHA256", + "PKIX_RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/pb-rust/schemas/Input.schema.json b/gen/pb-rust/schemas/Input.schema.json index dc35e61b..01d89b2b 100644 --- a/gen/pb-rust/schemas/Input.schema.json +++ b/gen/pb-rust/schemas/Input.schema.json @@ -260,9 +260,9 @@ "PKIX_RSA_PKCS1_2048_SHA256", "PKIX_RSA_PKCS1_3072_SHA256", "PKIX_RSA_PKCS1_4096_SHA256", - "RSA_PSS_2048_SHA256", - "RSA_PSS_3072_SHA256", - "RSA_PSS_4096_SHA256", + "PKIX_RSA_PSS_2048_SHA256", + "PKIX_RSA_PSS_3072_SHA256", + "PKIX_RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/pb-rust/schemas/PublicKey.schema.json b/gen/pb-rust/schemas/PublicKey.schema.json index 2a0d0cc0..320e9676 100644 --- a/gen/pb-rust/schemas/PublicKey.schema.json +++ b/gen/pb-rust/schemas/PublicKey.schema.json @@ -20,9 +20,9 @@ "PKIX_RSA_PKCS1_2048_SHA256", "PKIX_RSA_PKCS1_3072_SHA256", "PKIX_RSA_PKCS1_4096_SHA256", - "RSA_PSS_2048_SHA256", - "RSA_PSS_3072_SHA256", - "RSA_PSS_4096_SHA256", + "PKIX_RSA_PSS_2048_SHA256", + "PKIX_RSA_PSS_3072_SHA256", + "PKIX_RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/pb-rust/schemas/PublicKeyIdentities.schema.json b/gen/pb-rust/schemas/PublicKeyIdentities.schema.json index 0bbf4402..8e1125f3 100644 --- a/gen/pb-rust/schemas/PublicKeyIdentities.schema.json +++ b/gen/pb-rust/schemas/PublicKeyIdentities.schema.json @@ -34,9 +34,9 @@ "PKIX_RSA_PKCS1_2048_SHA256", "PKIX_RSA_PKCS1_3072_SHA256", "PKIX_RSA_PKCS1_4096_SHA256", - "RSA_PSS_2048_SHA256", - "RSA_PSS_3072_SHA256", - "RSA_PSS_4096_SHA256", + "PKIX_RSA_PSS_2048_SHA256", + "PKIX_RSA_PSS_3072_SHA256", + "PKIX_RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/pb-rust/schemas/TransparencyLogInstance.schema.json b/gen/pb-rust/schemas/TransparencyLogInstance.schema.json index ce4127b2..5a523f01 100644 --- a/gen/pb-rust/schemas/TransparencyLogInstance.schema.json +++ b/gen/pb-rust/schemas/TransparencyLogInstance.schema.json @@ -69,9 +69,9 @@ "PKIX_RSA_PKCS1_2048_SHA256", "PKIX_RSA_PKCS1_3072_SHA256", "PKIX_RSA_PKCS1_4096_SHA256", - "RSA_PSS_2048_SHA256", - "RSA_PSS_3072_SHA256", - "RSA_PSS_4096_SHA256", + "PKIX_RSA_PSS_2048_SHA256", + "PKIX_RSA_PSS_3072_SHA256", + "PKIX_RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/pb-rust/schemas/TrustedRoot.schema.json b/gen/pb-rust/schemas/TrustedRoot.schema.json index 4106d7a3..fe3db427 100644 --- a/gen/pb-rust/schemas/TrustedRoot.schema.json +++ b/gen/pb-rust/schemas/TrustedRoot.schema.json @@ -91,9 +91,9 @@ "PKIX_RSA_PKCS1_2048_SHA256", "PKIX_RSA_PKCS1_3072_SHA256", "PKIX_RSA_PKCS1_4096_SHA256", - "RSA_PSS_2048_SHA256", - "RSA_PSS_3072_SHA256", - "RSA_PSS_4096_SHA256", + "PKIX_RSA_PSS_2048_SHA256", + "PKIX_RSA_PSS_3072_SHA256", + "PKIX_RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/pb-typescript/src/__generated__/sigstore_common.ts b/gen/pb-typescript/src/__generated__/sigstore_common.ts index ae1b7b61..004c2ab6 100644 --- a/gen/pb-typescript/src/__generated__/sigstore_common.ts +++ b/gen/pb-typescript/src/__generated__/sigstore_common.ts @@ -102,9 +102,10 @@ export enum PublicKeyDetails { PKIX_RSA_PKCS1_2048_SHA256 = 9, PKIX_RSA_PKCS1_3072_SHA256 = 10, PKIX_RSA_PKCS1_4096_SHA256 = 11, - RSA_PSS_2048_SHA256 = 16, - RSA_PSS_3072_SHA256 = 17, - RSA_PSS_4096_SHA256 = 18, + /** PKIX_RSA_PSS_2048_SHA256 - See RFC4055 */ + PKIX_RSA_PSS_2048_SHA256 = 16, + PKIX_RSA_PSS_3072_SHA256 = 17, + PKIX_RSA_PSS_4096_SHA256 = 18, /** * PKIX_ECDSA_P256_HMAC_SHA_256 - ECDSA * @@ -150,14 +151,14 @@ export function publicKeyDetailsFromJSON(object: any): PublicKeyDetails { case "PKIX_RSA_PKCS1_4096_SHA256": return PublicKeyDetails.PKIX_RSA_PKCS1_4096_SHA256; case 16: - case "RSA_PSS_2048_SHA256": - return PublicKeyDetails.RSA_PSS_2048_SHA256; + case "PKIX_RSA_PSS_2048_SHA256": + return PublicKeyDetails.PKIX_RSA_PSS_2048_SHA256; case 17: - case "RSA_PSS_3072_SHA256": - return PublicKeyDetails.RSA_PSS_3072_SHA256; + case "PKIX_RSA_PSS_3072_SHA256": + return PublicKeyDetails.PKIX_RSA_PSS_3072_SHA256; case 18: - case "RSA_PSS_4096_SHA256": - return PublicKeyDetails.RSA_PSS_4096_SHA256; + case "PKIX_RSA_PSS_4096_SHA256": + return PublicKeyDetails.PKIX_RSA_PSS_4096_SHA256; case 6: case "PKIX_ECDSA_P256_HMAC_SHA_256": return PublicKeyDetails.PKIX_ECDSA_P256_HMAC_SHA_256; @@ -205,12 +206,12 @@ export function publicKeyDetailsToJSON(object: PublicKeyDetails): string { return "PKIX_RSA_PKCS1_3072_SHA256"; case PublicKeyDetails.PKIX_RSA_PKCS1_4096_SHA256: return "PKIX_RSA_PKCS1_4096_SHA256"; - case PublicKeyDetails.RSA_PSS_2048_SHA256: - return "RSA_PSS_2048_SHA256"; - case PublicKeyDetails.RSA_PSS_3072_SHA256: - return "RSA_PSS_3072_SHA256"; - case PublicKeyDetails.RSA_PSS_4096_SHA256: - return "RSA_PSS_4096_SHA256"; + case PublicKeyDetails.PKIX_RSA_PSS_2048_SHA256: + return "PKIX_RSA_PSS_2048_SHA256"; + case PublicKeyDetails.PKIX_RSA_PSS_3072_SHA256: + return "PKIX_RSA_PSS_3072_SHA256"; + case PublicKeyDetails.PKIX_RSA_PSS_4096_SHA256: + return "PKIX_RSA_PSS_4096_SHA256"; case PublicKeyDetails.PKIX_ECDSA_P256_HMAC_SHA_256: return "PKIX_ECDSA_P256_HMAC_SHA_256"; case PublicKeyDetails.PKIX_ECDSA_P256_SHA_256: diff --git a/protos/sigstore_common.proto b/protos/sigstore_common.proto index 71572799..ee8c454e 100644 --- a/protos/sigstore_common.proto +++ b/protos/sigstore_common.proto @@ -69,9 +69,9 @@ enum PublicKeyDetails { PKIX_RSA_PKCS1_2048_SHA256 = 9; PKIX_RSA_PKCS1_3072_SHA256 = 10; PKIX_RSA_PKCS1_4096_SHA256 = 11; - RSA_PSS_2048_SHA256 = 16; - RSA_PSS_3072_SHA256 = 17; - RSA_PSS_4096_SHA256 = 18; + PKIX_RSA_PSS_2048_SHA256 = 16; // See RFC4055 + PKIX_RSA_PSS_3072_SHA256 = 17; + PKIX_RSA_PSS_4096_SHA256 = 18; // ECDSA PKIX_ECDSA_P256_HMAC_SHA_256 = 6 [deprecated = true]; // See RFC6979 From f490da0764ba42d4e3ff89cd53162760ad075e63 Mon Sep 17 00:00:00 2001 From: William Woodruff Date: Fri, 2 Feb 2024 13:38:22 -0500 Subject: [PATCH 5/6] linearize all RSA variants Signed-off-by: William Woodruff --- .../ArtifactVerificationOptions.schema.json | 12 +- gen/jsonschema/schemas/Input.schema.json | 12 +- gen/jsonschema/schemas/PublicKey.schema.json | 12 +- .../schemas/PublicKeyIdentities.schema.json | 12 +- .../TransparencyLogInstance.schema.json | 12 +- .../schemas/TrustedRoot.schema.json | 12 +- gen/pb-go/common/v1/sigstore_common.pb.go | 149 +++++++++++------- .../dev/sigstore/common/v1/__init__.py | 20 ++- gen/pb-ruby/lib/sigstore_common_pb.rb | 12 +- .../ArtifactVerificationOptions.schema.json | 12 +- gen/pb-rust/schemas/Input.schema.json | 12 +- gen/pb-rust/schemas/PublicKey.schema.json | 12 +- .../schemas/PublicKeyIdentities.schema.json | 12 +- .../TransparencyLogInstance.schema.json | 12 +- gen/pb-rust/schemas/TrustedRoot.schema.json | 12 +- .../src/__generated__/sigstore_common.ts | 71 +++++++-- protos/sigstore_common.proto | 18 ++- 17 files changed, 295 insertions(+), 119 deletions(-) diff --git a/gen/jsonschema/schemas/ArtifactVerificationOptions.schema.json b/gen/jsonschema/schemas/ArtifactVerificationOptions.schema.json index 1b8c1bc3..14d5b87e 100644 --- a/gen/jsonschema/schemas/ArtifactVerificationOptions.schema.json +++ b/gen/jsonschema/schemas/ArtifactVerificationOptions.schema.json @@ -127,12 +127,18 @@ "PKCS1_RSA_PSS", "PKIX_RSA_PKCS1V5", "PKIX_RSA_PSS", - "PKIX_RSA_PKCS1_2048_SHA256", - "PKIX_RSA_PKCS1_3072_SHA256", - "PKIX_RSA_PKCS1_4096_SHA256", + "PKIX_RSA_PKCS1V15_2048_SHA256", + "PKIX_RSA_PKCS1V15_3072_SHA256", + "PKIX_RSA_PKCS1V15_4096_SHA256", "PKIX_RSA_PSS_2048_SHA256", "PKIX_RSA_PSS_3072_SHA256", "PKIX_RSA_PSS_4096_SHA256", + "PKCS1_RSA_PKCS1V15_2048_SHA256", + "PKCS1_RSA_PKCS1V15_3072_SHA256", + "PKCS1_RSA_PKCS1V15_4096_SHA256", + "PKCS1_RSA_PSS_2048_SHA256", + "PKCS1_RSA_PSS_3072_SHA256", + "PKCS1_RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/jsonschema/schemas/Input.schema.json b/gen/jsonschema/schemas/Input.schema.json index 01d89b2b..47c9a150 100644 --- a/gen/jsonschema/schemas/Input.schema.json +++ b/gen/jsonschema/schemas/Input.schema.json @@ -257,12 +257,18 @@ "PKCS1_RSA_PSS", "PKIX_RSA_PKCS1V5", "PKIX_RSA_PSS", - "PKIX_RSA_PKCS1_2048_SHA256", - "PKIX_RSA_PKCS1_3072_SHA256", - "PKIX_RSA_PKCS1_4096_SHA256", + "PKIX_RSA_PKCS1V15_2048_SHA256", + "PKIX_RSA_PKCS1V15_3072_SHA256", + "PKIX_RSA_PKCS1V15_4096_SHA256", "PKIX_RSA_PSS_2048_SHA256", "PKIX_RSA_PSS_3072_SHA256", "PKIX_RSA_PSS_4096_SHA256", + "PKCS1_RSA_PKCS1V15_2048_SHA256", + "PKCS1_RSA_PKCS1V15_3072_SHA256", + "PKCS1_RSA_PKCS1V15_4096_SHA256", + "PKCS1_RSA_PSS_2048_SHA256", + "PKCS1_RSA_PSS_3072_SHA256", + "PKCS1_RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/jsonschema/schemas/PublicKey.schema.json b/gen/jsonschema/schemas/PublicKey.schema.json index 320e9676..611a6b53 100644 --- a/gen/jsonschema/schemas/PublicKey.schema.json +++ b/gen/jsonschema/schemas/PublicKey.schema.json @@ -17,12 +17,18 @@ "PKCS1_RSA_PSS", "PKIX_RSA_PKCS1V5", "PKIX_RSA_PSS", - "PKIX_RSA_PKCS1_2048_SHA256", - "PKIX_RSA_PKCS1_3072_SHA256", - "PKIX_RSA_PKCS1_4096_SHA256", + "PKIX_RSA_PKCS1V15_2048_SHA256", + "PKIX_RSA_PKCS1V15_3072_SHA256", + "PKIX_RSA_PKCS1V15_4096_SHA256", "PKIX_RSA_PSS_2048_SHA256", "PKIX_RSA_PSS_3072_SHA256", "PKIX_RSA_PSS_4096_SHA256", + "PKCS1_RSA_PKCS1V15_2048_SHA256", + "PKCS1_RSA_PKCS1V15_3072_SHA256", + "PKCS1_RSA_PKCS1V15_4096_SHA256", + "PKCS1_RSA_PSS_2048_SHA256", + "PKCS1_RSA_PSS_3072_SHA256", + "PKCS1_RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/jsonschema/schemas/PublicKeyIdentities.schema.json b/gen/jsonschema/schemas/PublicKeyIdentities.schema.json index 8e1125f3..04d29766 100644 --- a/gen/jsonschema/schemas/PublicKeyIdentities.schema.json +++ b/gen/jsonschema/schemas/PublicKeyIdentities.schema.json @@ -31,12 +31,18 @@ "PKCS1_RSA_PSS", "PKIX_RSA_PKCS1V5", "PKIX_RSA_PSS", - "PKIX_RSA_PKCS1_2048_SHA256", - "PKIX_RSA_PKCS1_3072_SHA256", - "PKIX_RSA_PKCS1_4096_SHA256", + "PKIX_RSA_PKCS1V15_2048_SHA256", + "PKIX_RSA_PKCS1V15_3072_SHA256", + "PKIX_RSA_PKCS1V15_4096_SHA256", "PKIX_RSA_PSS_2048_SHA256", "PKIX_RSA_PSS_3072_SHA256", "PKIX_RSA_PSS_4096_SHA256", + "PKCS1_RSA_PKCS1V15_2048_SHA256", + "PKCS1_RSA_PKCS1V15_3072_SHA256", + "PKCS1_RSA_PKCS1V15_4096_SHA256", + "PKCS1_RSA_PSS_2048_SHA256", + "PKCS1_RSA_PSS_3072_SHA256", + "PKCS1_RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/jsonschema/schemas/TransparencyLogInstance.schema.json b/gen/jsonschema/schemas/TransparencyLogInstance.schema.json index 5a523f01..8d0ea883 100644 --- a/gen/jsonschema/schemas/TransparencyLogInstance.schema.json +++ b/gen/jsonschema/schemas/TransparencyLogInstance.schema.json @@ -66,12 +66,18 @@ "PKCS1_RSA_PSS", "PKIX_RSA_PKCS1V5", "PKIX_RSA_PSS", - "PKIX_RSA_PKCS1_2048_SHA256", - "PKIX_RSA_PKCS1_3072_SHA256", - "PKIX_RSA_PKCS1_4096_SHA256", + "PKIX_RSA_PKCS1V15_2048_SHA256", + "PKIX_RSA_PKCS1V15_3072_SHA256", + "PKIX_RSA_PKCS1V15_4096_SHA256", "PKIX_RSA_PSS_2048_SHA256", "PKIX_RSA_PSS_3072_SHA256", "PKIX_RSA_PSS_4096_SHA256", + "PKCS1_RSA_PKCS1V15_2048_SHA256", + "PKCS1_RSA_PKCS1V15_3072_SHA256", + "PKCS1_RSA_PKCS1V15_4096_SHA256", + "PKCS1_RSA_PSS_2048_SHA256", + "PKCS1_RSA_PSS_3072_SHA256", + "PKCS1_RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/jsonschema/schemas/TrustedRoot.schema.json b/gen/jsonschema/schemas/TrustedRoot.schema.json index fe3db427..aa5baf05 100644 --- a/gen/jsonschema/schemas/TrustedRoot.schema.json +++ b/gen/jsonschema/schemas/TrustedRoot.schema.json @@ -88,12 +88,18 @@ "PKCS1_RSA_PSS", "PKIX_RSA_PKCS1V5", "PKIX_RSA_PSS", - "PKIX_RSA_PKCS1_2048_SHA256", - "PKIX_RSA_PKCS1_3072_SHA256", - "PKIX_RSA_PKCS1_4096_SHA256", + "PKIX_RSA_PKCS1V15_2048_SHA256", + "PKIX_RSA_PKCS1V15_3072_SHA256", + "PKIX_RSA_PKCS1V15_4096_SHA256", "PKIX_RSA_PSS_2048_SHA256", "PKIX_RSA_PSS_3072_SHA256", "PKIX_RSA_PSS_4096_SHA256", + "PKCS1_RSA_PKCS1V15_2048_SHA256", + "PKCS1_RSA_PKCS1V15_3072_SHA256", + "PKCS1_RSA_PKCS1V15_4096_SHA256", + "PKCS1_RSA_PSS_2048_SHA256", + "PKCS1_RSA_PSS_3072_SHA256", + "PKCS1_RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/pb-go/common/v1/sigstore_common.pb.go b/gen/pb-go/common/v1/sigstore_common.pb.go index 13413207..f627ae7a 100644 --- a/gen/pb-go/common/v1/sigstore_common.pb.go +++ b/gen/pb-go/common/v1/sigstore_common.pb.go @@ -130,13 +130,23 @@ const ( // Deprecated: Do not use. PublicKeyDetails_PKIX_RSA_PKCS1V5 PublicKeyDetails = 3 // Deprecated: Do not use. - PublicKeyDetails_PKIX_RSA_PSS PublicKeyDetails = 4 - PublicKeyDetails_PKIX_RSA_PKCS1_2048_SHA256 PublicKeyDetails = 9 - PublicKeyDetails_PKIX_RSA_PKCS1_3072_SHA256 PublicKeyDetails = 10 - PublicKeyDetails_PKIX_RSA_PKCS1_4096_SHA256 PublicKeyDetails = 11 - PublicKeyDetails_PKIX_RSA_PSS_2048_SHA256 PublicKeyDetails = 16 // See RFC4055 - PublicKeyDetails_PKIX_RSA_PSS_3072_SHA256 PublicKeyDetails = 17 - PublicKeyDetails_PKIX_RSA_PSS_4096_SHA256 PublicKeyDetails = 18 + PublicKeyDetails_PKIX_RSA_PSS PublicKeyDetails = 4 + // RSA public key in PKIX format, PKCS#1v1.5 signature + PublicKeyDetails_PKIX_RSA_PKCS1V15_2048_SHA256 PublicKeyDetails = 9 + PublicKeyDetails_PKIX_RSA_PKCS1V15_3072_SHA256 PublicKeyDetails = 10 + PublicKeyDetails_PKIX_RSA_PKCS1V15_4096_SHA256 PublicKeyDetails = 11 + // RSA public key in PKIX format, RSASSA-PSS signature + PublicKeyDetails_PKIX_RSA_PSS_2048_SHA256 PublicKeyDetails = 16 // See RFC4055 + PublicKeyDetails_PKIX_RSA_PSS_3072_SHA256 PublicKeyDetails = 17 + PublicKeyDetails_PKIX_RSA_PSS_4096_SHA256 PublicKeyDetails = 18 + // RSA public key in PKCS#1 format, PKCS#1v1.5 signature + PublicKeyDetails_PKCS1_RSA_PKCS1V15_2048_SHA256 PublicKeyDetails = 19 + PublicKeyDetails_PKCS1_RSA_PKCS1V15_3072_SHA256 PublicKeyDetails = 20 + PublicKeyDetails_PKCS1_RSA_PKCS1V15_4096_SHA256 PublicKeyDetails = 21 + // RSA public key in PKCS#1 format, RSASSA-PSS signature + PublicKeyDetails_PKCS1_RSA_PSS_2048_SHA256 PublicKeyDetails = 22 // See RFC4055 + PublicKeyDetails_PKCS1_RSA_PSS_3072_SHA256 PublicKeyDetails = 23 + PublicKeyDetails_PKCS1_RSA_PSS_4096_SHA256 PublicKeyDetails = 24 // ECDSA // // Deprecated: Do not use. @@ -160,12 +170,18 @@ var ( 2: "PKCS1_RSA_PSS", 3: "PKIX_RSA_PKCS1V5", 4: "PKIX_RSA_PSS", - 9: "PKIX_RSA_PKCS1_2048_SHA256", - 10: "PKIX_RSA_PKCS1_3072_SHA256", - 11: "PKIX_RSA_PKCS1_4096_SHA256", + 9: "PKIX_RSA_PKCS1V15_2048_SHA256", + 10: "PKIX_RSA_PKCS1V15_3072_SHA256", + 11: "PKIX_RSA_PKCS1V15_4096_SHA256", 16: "PKIX_RSA_PSS_2048_SHA256", 17: "PKIX_RSA_PSS_3072_SHA256", 18: "PKIX_RSA_PSS_4096_SHA256", + 19: "PKCS1_RSA_PKCS1V15_2048_SHA256", + 20: "PKCS1_RSA_PKCS1V15_3072_SHA256", + 21: "PKCS1_RSA_PKCS1V15_4096_SHA256", + 22: "PKCS1_RSA_PSS_2048_SHA256", + 23: "PKCS1_RSA_PSS_3072_SHA256", + 24: "PKCS1_RSA_PSS_4096_SHA256", 6: "PKIX_ECDSA_P256_HMAC_SHA_256", 5: "PKIX_ECDSA_P256_SHA_256", 12: "PKIX_ECDSA_P384_SHA_384", @@ -181,12 +197,18 @@ var ( "PKCS1_RSA_PSS": 2, "PKIX_RSA_PKCS1V5": 3, "PKIX_RSA_PSS": 4, - "PKIX_RSA_PKCS1_2048_SHA256": 9, - "PKIX_RSA_PKCS1_3072_SHA256": 10, - "PKIX_RSA_PKCS1_4096_SHA256": 11, + "PKIX_RSA_PKCS1V15_2048_SHA256": 9, + "PKIX_RSA_PKCS1V15_3072_SHA256": 10, + "PKIX_RSA_PKCS1V15_4096_SHA256": 11, "PKIX_RSA_PSS_2048_SHA256": 16, "PKIX_RSA_PSS_3072_SHA256": 17, "PKIX_RSA_PSS_4096_SHA256": 18, + "PKCS1_RSA_PKCS1V15_2048_SHA256": 19, + "PKCS1_RSA_PKCS1V15_3072_SHA256": 20, + "PKCS1_RSA_PKCS1V15_4096_SHA256": 21, + "PKCS1_RSA_PSS_2048_SHA256": 22, + "PKCS1_RSA_PSS_3072_SHA256": 23, + "PKCS1_RSA_PSS_4096_SHA256": 24, "PKIX_ECDSA_P256_HMAC_SHA_256": 6, "PKIX_ECDSA_P256_SHA_256": 5, "PKIX_ECDSA_P384_SHA_384": 12, @@ -1146,7 +1168,7 @@ var file_sigstore_common_proto_rawDesc = []byte{ 0x48, 0x41, 0x32, 0x5f, 0x33, 0x38, 0x34, 0x10, 0x02, 0x12, 0x0c, 0x0a, 0x08, 0x53, 0x48, 0x41, 0x32, 0x5f, 0x35, 0x31, 0x32, 0x10, 0x03, 0x12, 0x0c, 0x0a, 0x08, 0x53, 0x48, 0x41, 0x33, 0x5f, 0x32, 0x35, 0x36, 0x10, 0x04, 0x12, 0x0c, 0x0a, 0x08, 0x53, 0x48, 0x41, 0x33, 0x5f, 0x33, 0x38, - 0x34, 0x10, 0x05, 0x2a, 0xb8, 0x04, 0x0a, 0x10, 0x50, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x4b, 0x65, + 0x34, 0x10, 0x05, 0x2a, 0x8a, 0x06, 0x0a, 0x10, 0x50, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x4b, 0x65, 0x79, 0x44, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x12, 0x22, 0x0a, 0x1e, 0x50, 0x55, 0x42, 0x4c, 0x49, 0x43, 0x5f, 0x4b, 0x45, 0x59, 0x5f, 0x44, 0x45, 0x54, 0x41, 0x49, 0x4c, 0x53, 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x19, 0x0a, 0x11, @@ -1155,49 +1177,62 @@ var file_sigstore_common_proto_rawDesc = []byte{ 0x5f, 0x52, 0x53, 0x41, 0x5f, 0x50, 0x53, 0x53, 0x10, 0x02, 0x1a, 0x02, 0x08, 0x01, 0x12, 0x18, 0x0a, 0x10, 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x52, 0x53, 0x41, 0x5f, 0x50, 0x4b, 0x43, 0x53, 0x31, 0x56, 0x35, 0x10, 0x03, 0x1a, 0x02, 0x08, 0x01, 0x12, 0x14, 0x0a, 0x0c, 0x50, 0x4b, 0x49, 0x58, - 0x5f, 0x52, 0x53, 0x41, 0x5f, 0x50, 0x53, 0x53, 0x10, 0x04, 0x1a, 0x02, 0x08, 0x01, 0x12, 0x1e, - 0x0a, 0x1a, 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x52, 0x53, 0x41, 0x5f, 0x50, 0x4b, 0x43, 0x53, 0x31, - 0x5f, 0x32, 0x30, 0x34, 0x38, 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x09, 0x12, 0x1e, - 0x0a, 0x1a, 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x52, 0x53, 0x41, 0x5f, 0x50, 0x4b, 0x43, 0x53, 0x31, - 0x5f, 0x33, 0x30, 0x37, 0x32, 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x0a, 0x12, 0x1e, - 0x0a, 0x1a, 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x52, 0x53, 0x41, 0x5f, 0x50, 0x4b, 0x43, 0x53, 0x31, - 0x5f, 0x34, 0x30, 0x39, 0x36, 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x0b, 0x12, 0x1c, - 0x0a, 0x18, 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x52, 0x53, 0x41, 0x5f, 0x50, 0x53, 0x53, 0x5f, 0x32, - 0x30, 0x34, 0x38, 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x10, 0x12, 0x1c, 0x0a, 0x18, - 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x52, 0x53, 0x41, 0x5f, 0x50, 0x53, 0x53, 0x5f, 0x33, 0x30, 0x37, - 0x32, 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x11, 0x12, 0x1c, 0x0a, 0x18, 0x50, 0x4b, - 0x49, 0x58, 0x5f, 0x52, 0x53, 0x41, 0x5f, 0x50, 0x53, 0x53, 0x5f, 0x34, 0x30, 0x39, 0x36, 0x5f, - 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x12, 0x12, 0x24, 0x0a, 0x1c, 0x50, 0x4b, 0x49, 0x58, - 0x5f, 0x45, 0x43, 0x44, 0x53, 0x41, 0x5f, 0x50, 0x32, 0x35, 0x36, 0x5f, 0x48, 0x4d, 0x41, 0x43, - 0x5f, 0x53, 0x48, 0x41, 0x5f, 0x32, 0x35, 0x36, 0x10, 0x06, 0x1a, 0x02, 0x08, 0x01, 0x12, 0x1b, - 0x0a, 0x17, 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x45, 0x43, 0x44, 0x53, 0x41, 0x5f, 0x50, 0x32, 0x35, - 0x36, 0x5f, 0x53, 0x48, 0x41, 0x5f, 0x32, 0x35, 0x36, 0x10, 0x05, 0x12, 0x1b, 0x0a, 0x17, 0x50, - 0x4b, 0x49, 0x58, 0x5f, 0x45, 0x43, 0x44, 0x53, 0x41, 0x5f, 0x50, 0x33, 0x38, 0x34, 0x5f, 0x53, - 0x48, 0x41, 0x5f, 0x33, 0x38, 0x34, 0x10, 0x0c, 0x12, 0x1b, 0x0a, 0x17, 0x50, 0x4b, 0x49, 0x58, - 0x5f, 0x45, 0x43, 0x44, 0x53, 0x41, 0x5f, 0x50, 0x35, 0x32, 0x31, 0x5f, 0x53, 0x48, 0x41, 0x5f, - 0x35, 0x31, 0x32, 0x10, 0x0d, 0x12, 0x10, 0x0a, 0x0c, 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x45, 0x44, - 0x32, 0x35, 0x35, 0x31, 0x39, 0x10, 0x07, 0x12, 0x13, 0x0a, 0x0f, 0x50, 0x4b, 0x49, 0x58, 0x5f, - 0x45, 0x44, 0x32, 0x35, 0x35, 0x31, 0x39, 0x5f, 0x50, 0x48, 0x10, 0x08, 0x12, 0x1b, 0x0a, 0x17, - 0x45, 0x58, 0x50, 0x45, 0x52, 0x49, 0x4d, 0x45, 0x4e, 0x54, 0x41, 0x4c, 0x5f, 0x4c, 0x4d, 0x53, - 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x0e, 0x12, 0x1d, 0x0a, 0x19, 0x45, 0x58, 0x50, - 0x45, 0x52, 0x49, 0x4d, 0x45, 0x4e, 0x54, 0x41, 0x4c, 0x5f, 0x4c, 0x4d, 0x4f, 0x54, 0x53, 0x5f, - 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x0f, 0x22, 0x04, 0x08, 0x13, 0x10, 0x32, 0x2a, 0x6f, - 0x0a, 0x1a, 0x53, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x41, 0x6c, 0x74, 0x65, 0x72, 0x6e, 0x61, - 0x74, 0x69, 0x76, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x54, 0x79, 0x70, 0x65, 0x12, 0x2d, 0x0a, 0x29, - 0x53, 0x55, 0x42, 0x4a, 0x45, 0x43, 0x54, 0x5f, 0x41, 0x4c, 0x54, 0x45, 0x52, 0x4e, 0x41, 0x54, - 0x49, 0x56, 0x45, 0x5f, 0x4e, 0x41, 0x4d, 0x45, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x55, 0x4e, - 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x09, 0x0a, 0x05, 0x45, - 0x4d, 0x41, 0x49, 0x4c, 0x10, 0x01, 0x12, 0x07, 0x0a, 0x03, 0x55, 0x52, 0x49, 0x10, 0x02, 0x12, - 0x0e, 0x0a, 0x0a, 0x4f, 0x54, 0x48, 0x45, 0x52, 0x5f, 0x4e, 0x41, 0x4d, 0x45, 0x10, 0x03, 0x42, - 0x7c, 0x0a, 0x1c, 0x64, 0x65, 0x76, 0x2e, 0x73, 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x2e, - 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x76, 0x31, 0x42, - 0x0b, 0x43, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x36, - 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x73, 0x69, 0x67, 0x73, 0x74, - 0x6f, 0x72, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2d, 0x73, 0x70, 0x65, - 0x63, 0x73, 0x2f, 0x67, 0x65, 0x6e, 0x2f, 0x70, 0x62, 0x2d, 0x67, 0x6f, 0x2f, 0x63, 0x6f, 0x6d, - 0x6d, 0x6f, 0x6e, 0x2f, 0x76, 0x31, 0xea, 0x02, 0x14, 0x53, 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, - 0x65, 0x3a, 0x3a, 0x43, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x3a, 0x3a, 0x56, 0x31, 0x62, 0x06, 0x70, - 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x5f, 0x52, 0x53, 0x41, 0x5f, 0x50, 0x53, 0x53, 0x10, 0x04, 0x1a, 0x02, 0x08, 0x01, 0x12, 0x21, + 0x0a, 0x1d, 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x52, 0x53, 0x41, 0x5f, 0x50, 0x4b, 0x43, 0x53, 0x31, + 0x56, 0x31, 0x35, 0x5f, 0x32, 0x30, 0x34, 0x38, 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, + 0x09, 0x12, 0x21, 0x0a, 0x1d, 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x52, 0x53, 0x41, 0x5f, 0x50, 0x4b, + 0x43, 0x53, 0x31, 0x56, 0x31, 0x35, 0x5f, 0x33, 0x30, 0x37, 0x32, 0x5f, 0x53, 0x48, 0x41, 0x32, + 0x35, 0x36, 0x10, 0x0a, 0x12, 0x21, 0x0a, 0x1d, 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x52, 0x53, 0x41, + 0x5f, 0x50, 0x4b, 0x43, 0x53, 0x31, 0x56, 0x31, 0x35, 0x5f, 0x34, 0x30, 0x39, 0x36, 0x5f, 0x53, + 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x0b, 0x12, 0x1c, 0x0a, 0x18, 0x50, 0x4b, 0x49, 0x58, 0x5f, + 0x52, 0x53, 0x41, 0x5f, 0x50, 0x53, 0x53, 0x5f, 0x32, 0x30, 0x34, 0x38, 0x5f, 0x53, 0x48, 0x41, + 0x32, 0x35, 0x36, 0x10, 0x10, 0x12, 0x1c, 0x0a, 0x18, 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x52, 0x53, + 0x41, 0x5f, 0x50, 0x53, 0x53, 0x5f, 0x33, 0x30, 0x37, 0x32, 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, + 0x36, 0x10, 0x11, 0x12, 0x1c, 0x0a, 0x18, 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x52, 0x53, 0x41, 0x5f, + 0x50, 0x53, 0x53, 0x5f, 0x34, 0x30, 0x39, 0x36, 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, + 0x12, 0x12, 0x22, 0x0a, 0x1e, 0x50, 0x4b, 0x43, 0x53, 0x31, 0x5f, 0x52, 0x53, 0x41, 0x5f, 0x50, + 0x4b, 0x43, 0x53, 0x31, 0x56, 0x31, 0x35, 0x5f, 0x32, 0x30, 0x34, 0x38, 0x5f, 0x53, 0x48, 0x41, + 0x32, 0x35, 0x36, 0x10, 0x13, 0x12, 0x22, 0x0a, 0x1e, 0x50, 0x4b, 0x43, 0x53, 0x31, 0x5f, 0x52, + 0x53, 0x41, 0x5f, 0x50, 0x4b, 0x43, 0x53, 0x31, 0x56, 0x31, 0x35, 0x5f, 0x33, 0x30, 0x37, 0x32, + 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x14, 0x12, 0x22, 0x0a, 0x1e, 0x50, 0x4b, 0x43, + 0x53, 0x31, 0x5f, 0x52, 0x53, 0x41, 0x5f, 0x50, 0x4b, 0x43, 0x53, 0x31, 0x56, 0x31, 0x35, 0x5f, + 0x34, 0x30, 0x39, 0x36, 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x15, 0x12, 0x1d, 0x0a, + 0x19, 0x50, 0x4b, 0x43, 0x53, 0x31, 0x5f, 0x52, 0x53, 0x41, 0x5f, 0x50, 0x53, 0x53, 0x5f, 0x32, + 0x30, 0x34, 0x38, 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x16, 0x12, 0x1d, 0x0a, 0x19, + 0x50, 0x4b, 0x43, 0x53, 0x31, 0x5f, 0x52, 0x53, 0x41, 0x5f, 0x50, 0x53, 0x53, 0x5f, 0x33, 0x30, + 0x37, 0x32, 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x17, 0x12, 0x1d, 0x0a, 0x19, 0x50, + 0x4b, 0x43, 0x53, 0x31, 0x5f, 0x52, 0x53, 0x41, 0x5f, 0x50, 0x53, 0x53, 0x5f, 0x34, 0x30, 0x39, + 0x36, 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x18, 0x12, 0x24, 0x0a, 0x1c, 0x50, 0x4b, + 0x49, 0x58, 0x5f, 0x45, 0x43, 0x44, 0x53, 0x41, 0x5f, 0x50, 0x32, 0x35, 0x36, 0x5f, 0x48, 0x4d, + 0x41, 0x43, 0x5f, 0x53, 0x48, 0x41, 0x5f, 0x32, 0x35, 0x36, 0x10, 0x06, 0x1a, 0x02, 0x08, 0x01, + 0x12, 0x1b, 0x0a, 0x17, 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x45, 0x43, 0x44, 0x53, 0x41, 0x5f, 0x50, + 0x32, 0x35, 0x36, 0x5f, 0x53, 0x48, 0x41, 0x5f, 0x32, 0x35, 0x36, 0x10, 0x05, 0x12, 0x1b, 0x0a, + 0x17, 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x45, 0x43, 0x44, 0x53, 0x41, 0x5f, 0x50, 0x33, 0x38, 0x34, + 0x5f, 0x53, 0x48, 0x41, 0x5f, 0x33, 0x38, 0x34, 0x10, 0x0c, 0x12, 0x1b, 0x0a, 0x17, 0x50, 0x4b, + 0x49, 0x58, 0x5f, 0x45, 0x43, 0x44, 0x53, 0x41, 0x5f, 0x50, 0x35, 0x32, 0x31, 0x5f, 0x53, 0x48, + 0x41, 0x5f, 0x35, 0x31, 0x32, 0x10, 0x0d, 0x12, 0x10, 0x0a, 0x0c, 0x50, 0x4b, 0x49, 0x58, 0x5f, + 0x45, 0x44, 0x32, 0x35, 0x35, 0x31, 0x39, 0x10, 0x07, 0x12, 0x13, 0x0a, 0x0f, 0x50, 0x4b, 0x49, + 0x58, 0x5f, 0x45, 0x44, 0x32, 0x35, 0x35, 0x31, 0x39, 0x5f, 0x50, 0x48, 0x10, 0x08, 0x12, 0x1b, + 0x0a, 0x17, 0x45, 0x58, 0x50, 0x45, 0x52, 0x49, 0x4d, 0x45, 0x4e, 0x54, 0x41, 0x4c, 0x5f, 0x4c, + 0x4d, 0x53, 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x0e, 0x12, 0x1d, 0x0a, 0x19, 0x45, + 0x58, 0x50, 0x45, 0x52, 0x49, 0x4d, 0x45, 0x4e, 0x54, 0x41, 0x4c, 0x5f, 0x4c, 0x4d, 0x4f, 0x54, + 0x53, 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x0f, 0x22, 0x04, 0x08, 0x19, 0x10, 0x32, + 0x2a, 0x6f, 0x0a, 0x1a, 0x53, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x41, 0x6c, 0x74, 0x65, 0x72, + 0x6e, 0x61, 0x74, 0x69, 0x76, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x54, 0x79, 0x70, 0x65, 0x12, 0x2d, + 0x0a, 0x29, 0x53, 0x55, 0x42, 0x4a, 0x45, 0x43, 0x54, 0x5f, 0x41, 0x4c, 0x54, 0x45, 0x52, 0x4e, + 0x41, 0x54, 0x49, 0x56, 0x45, 0x5f, 0x4e, 0x41, 0x4d, 0x45, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, + 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x09, 0x0a, + 0x05, 0x45, 0x4d, 0x41, 0x49, 0x4c, 0x10, 0x01, 0x12, 0x07, 0x0a, 0x03, 0x55, 0x52, 0x49, 0x10, + 0x02, 0x12, 0x0e, 0x0a, 0x0a, 0x4f, 0x54, 0x48, 0x45, 0x52, 0x5f, 0x4e, 0x41, 0x4d, 0x45, 0x10, + 0x03, 0x42, 0x7c, 0x0a, 0x1c, 0x64, 0x65, 0x76, 0x2e, 0x73, 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, + 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x76, + 0x31, 0x42, 0x0b, 0x43, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, + 0x5a, 0x36, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x73, 0x69, 0x67, + 0x73, 0x74, 0x6f, 0x72, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2d, 0x73, + 0x70, 0x65, 0x63, 0x73, 0x2f, 0x67, 0x65, 0x6e, 0x2f, 0x70, 0x62, 0x2d, 0x67, 0x6f, 0x2f, 0x63, + 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2f, 0x76, 0x31, 0xea, 0x02, 0x14, 0x53, 0x69, 0x67, 0x73, 0x74, + 0x6f, 0x72, 0x65, 0x3a, 0x3a, 0x43, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x3a, 0x3a, 0x56, 0x31, 0x62, + 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, } var ( diff --git a/gen/pb-python/sigstore_protobuf_specs/dev/sigstore/common/v1/__init__.py b/gen/pb-python/sigstore_protobuf_specs/dev/sigstore/common/v1/__init__.py index 7a517531..32f02d0d 100644 --- a/gen/pb-python/sigstore_protobuf_specs/dev/sigstore/common/v1/__init__.py +++ b/gen/pb-python/sigstore_protobuf_specs/dev/sigstore/common/v1/__init__.py @@ -52,12 +52,26 @@ class PublicKeyDetails(betterproto.Enum): PKCS1_RSA_PSS = 2 PKIX_RSA_PKCS1V5 = 3 PKIX_RSA_PSS = 4 - PKIX_RSA_PKCS1_2048_SHA256 = 9 - PKIX_RSA_PKCS1_3072_SHA256 = 10 - PKIX_RSA_PKCS1_4096_SHA256 = 11 + PKIX_RSA_PKCS1V15_2048_SHA256 = 9 + """RSA public key in PKIX format, PKCS#1v1.5 signature""" + + PKIX_RSA_PKCS1V15_3072_SHA256 = 10 + PKIX_RSA_PKCS1V15_4096_SHA256 = 11 PKIX_RSA_PSS_2048_SHA256 = 16 + """RSA public key in PKIX format, RSASSA-PSS signature""" + PKIX_RSA_PSS_3072_SHA256 = 17 PKIX_RSA_PSS_4096_SHA256 = 18 + PKCS1_RSA_PKCS1V15_2048_SHA256 = 19 + """RSA public key in PKCS#1 format, PKCS#1v1.5 signature""" + + PKCS1_RSA_PKCS1V15_3072_SHA256 = 20 + PKCS1_RSA_PKCS1V15_4096_SHA256 = 21 + PKCS1_RSA_PSS_2048_SHA256 = 22 + """RSA public key in PKCS#1 format, RSASSA-PSS signature""" + + PKCS1_RSA_PSS_3072_SHA256 = 23 + PKCS1_RSA_PSS_4096_SHA256 = 24 PKIX_ECDSA_P256_HMAC_SHA_256 = 6 """ECDSA""" diff --git a/gen/pb-ruby/lib/sigstore_common_pb.rb b/gen/pb-ruby/lib/sigstore_common_pb.rb index 605794ab..10624d56 100644 --- a/gen/pb-ruby/lib/sigstore_common_pb.rb +++ b/gen/pb-ruby/lib/sigstore_common_pb.rb @@ -72,12 +72,18 @@ value :PKCS1_RSA_PSS, 2 value :PKIX_RSA_PKCS1V5, 3 value :PKIX_RSA_PSS, 4 - value :PKIX_RSA_PKCS1_2048_SHA256, 9 - value :PKIX_RSA_PKCS1_3072_SHA256, 10 - value :PKIX_RSA_PKCS1_4096_SHA256, 11 + value :PKIX_RSA_PKCS1V15_2048_SHA256, 9 + value :PKIX_RSA_PKCS1V15_3072_SHA256, 10 + value :PKIX_RSA_PKCS1V15_4096_SHA256, 11 value :PKIX_RSA_PSS_2048_SHA256, 16 value :PKIX_RSA_PSS_3072_SHA256, 17 value :PKIX_RSA_PSS_4096_SHA256, 18 + value :PKCS1_RSA_PKCS1V15_2048_SHA256, 19 + value :PKCS1_RSA_PKCS1V15_3072_SHA256, 20 + value :PKCS1_RSA_PKCS1V15_4096_SHA256, 21 + value :PKCS1_RSA_PSS_2048_SHA256, 22 + value :PKCS1_RSA_PSS_3072_SHA256, 23 + value :PKCS1_RSA_PSS_4096_SHA256, 24 value :PKIX_ECDSA_P256_HMAC_SHA_256, 6 value :PKIX_ECDSA_P256_SHA_256, 5 value :PKIX_ECDSA_P384_SHA_384, 12 diff --git a/gen/pb-rust/schemas/ArtifactVerificationOptions.schema.json b/gen/pb-rust/schemas/ArtifactVerificationOptions.schema.json index 1b8c1bc3..14d5b87e 100644 --- a/gen/pb-rust/schemas/ArtifactVerificationOptions.schema.json +++ b/gen/pb-rust/schemas/ArtifactVerificationOptions.schema.json @@ -127,12 +127,18 @@ "PKCS1_RSA_PSS", "PKIX_RSA_PKCS1V5", "PKIX_RSA_PSS", - "PKIX_RSA_PKCS1_2048_SHA256", - "PKIX_RSA_PKCS1_3072_SHA256", - "PKIX_RSA_PKCS1_4096_SHA256", + "PKIX_RSA_PKCS1V15_2048_SHA256", + "PKIX_RSA_PKCS1V15_3072_SHA256", + "PKIX_RSA_PKCS1V15_4096_SHA256", "PKIX_RSA_PSS_2048_SHA256", "PKIX_RSA_PSS_3072_SHA256", "PKIX_RSA_PSS_4096_SHA256", + "PKCS1_RSA_PKCS1V15_2048_SHA256", + "PKCS1_RSA_PKCS1V15_3072_SHA256", + "PKCS1_RSA_PKCS1V15_4096_SHA256", + "PKCS1_RSA_PSS_2048_SHA256", + "PKCS1_RSA_PSS_3072_SHA256", + "PKCS1_RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/pb-rust/schemas/Input.schema.json b/gen/pb-rust/schemas/Input.schema.json index 01d89b2b..47c9a150 100644 --- a/gen/pb-rust/schemas/Input.schema.json +++ b/gen/pb-rust/schemas/Input.schema.json @@ -257,12 +257,18 @@ "PKCS1_RSA_PSS", "PKIX_RSA_PKCS1V5", "PKIX_RSA_PSS", - "PKIX_RSA_PKCS1_2048_SHA256", - "PKIX_RSA_PKCS1_3072_SHA256", - "PKIX_RSA_PKCS1_4096_SHA256", + "PKIX_RSA_PKCS1V15_2048_SHA256", + "PKIX_RSA_PKCS1V15_3072_SHA256", + "PKIX_RSA_PKCS1V15_4096_SHA256", "PKIX_RSA_PSS_2048_SHA256", "PKIX_RSA_PSS_3072_SHA256", "PKIX_RSA_PSS_4096_SHA256", + "PKCS1_RSA_PKCS1V15_2048_SHA256", + "PKCS1_RSA_PKCS1V15_3072_SHA256", + "PKCS1_RSA_PKCS1V15_4096_SHA256", + "PKCS1_RSA_PSS_2048_SHA256", + "PKCS1_RSA_PSS_3072_SHA256", + "PKCS1_RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/pb-rust/schemas/PublicKey.schema.json b/gen/pb-rust/schemas/PublicKey.schema.json index 320e9676..611a6b53 100644 --- a/gen/pb-rust/schemas/PublicKey.schema.json +++ b/gen/pb-rust/schemas/PublicKey.schema.json @@ -17,12 +17,18 @@ "PKCS1_RSA_PSS", "PKIX_RSA_PKCS1V5", "PKIX_RSA_PSS", - "PKIX_RSA_PKCS1_2048_SHA256", - "PKIX_RSA_PKCS1_3072_SHA256", - "PKIX_RSA_PKCS1_4096_SHA256", + "PKIX_RSA_PKCS1V15_2048_SHA256", + "PKIX_RSA_PKCS1V15_3072_SHA256", + "PKIX_RSA_PKCS1V15_4096_SHA256", "PKIX_RSA_PSS_2048_SHA256", "PKIX_RSA_PSS_3072_SHA256", "PKIX_RSA_PSS_4096_SHA256", + "PKCS1_RSA_PKCS1V15_2048_SHA256", + "PKCS1_RSA_PKCS1V15_3072_SHA256", + "PKCS1_RSA_PKCS1V15_4096_SHA256", + "PKCS1_RSA_PSS_2048_SHA256", + "PKCS1_RSA_PSS_3072_SHA256", + "PKCS1_RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/pb-rust/schemas/PublicKeyIdentities.schema.json b/gen/pb-rust/schemas/PublicKeyIdentities.schema.json index 8e1125f3..04d29766 100644 --- a/gen/pb-rust/schemas/PublicKeyIdentities.schema.json +++ b/gen/pb-rust/schemas/PublicKeyIdentities.schema.json @@ -31,12 +31,18 @@ "PKCS1_RSA_PSS", "PKIX_RSA_PKCS1V5", "PKIX_RSA_PSS", - "PKIX_RSA_PKCS1_2048_SHA256", - "PKIX_RSA_PKCS1_3072_SHA256", - "PKIX_RSA_PKCS1_4096_SHA256", + "PKIX_RSA_PKCS1V15_2048_SHA256", + "PKIX_RSA_PKCS1V15_3072_SHA256", + "PKIX_RSA_PKCS1V15_4096_SHA256", "PKIX_RSA_PSS_2048_SHA256", "PKIX_RSA_PSS_3072_SHA256", "PKIX_RSA_PSS_4096_SHA256", + "PKCS1_RSA_PKCS1V15_2048_SHA256", + "PKCS1_RSA_PKCS1V15_3072_SHA256", + "PKCS1_RSA_PKCS1V15_4096_SHA256", + "PKCS1_RSA_PSS_2048_SHA256", + "PKCS1_RSA_PSS_3072_SHA256", + "PKCS1_RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/pb-rust/schemas/TransparencyLogInstance.schema.json b/gen/pb-rust/schemas/TransparencyLogInstance.schema.json index 5a523f01..8d0ea883 100644 --- a/gen/pb-rust/schemas/TransparencyLogInstance.schema.json +++ b/gen/pb-rust/schemas/TransparencyLogInstance.schema.json @@ -66,12 +66,18 @@ "PKCS1_RSA_PSS", "PKIX_RSA_PKCS1V5", "PKIX_RSA_PSS", - "PKIX_RSA_PKCS1_2048_SHA256", - "PKIX_RSA_PKCS1_3072_SHA256", - "PKIX_RSA_PKCS1_4096_SHA256", + "PKIX_RSA_PKCS1V15_2048_SHA256", + "PKIX_RSA_PKCS1V15_3072_SHA256", + "PKIX_RSA_PKCS1V15_4096_SHA256", "PKIX_RSA_PSS_2048_SHA256", "PKIX_RSA_PSS_3072_SHA256", "PKIX_RSA_PSS_4096_SHA256", + "PKCS1_RSA_PKCS1V15_2048_SHA256", + "PKCS1_RSA_PKCS1V15_3072_SHA256", + "PKCS1_RSA_PKCS1V15_4096_SHA256", + "PKCS1_RSA_PSS_2048_SHA256", + "PKCS1_RSA_PSS_3072_SHA256", + "PKCS1_RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/pb-rust/schemas/TrustedRoot.schema.json b/gen/pb-rust/schemas/TrustedRoot.schema.json index fe3db427..aa5baf05 100644 --- a/gen/pb-rust/schemas/TrustedRoot.schema.json +++ b/gen/pb-rust/schemas/TrustedRoot.schema.json @@ -88,12 +88,18 @@ "PKCS1_RSA_PSS", "PKIX_RSA_PKCS1V5", "PKIX_RSA_PSS", - "PKIX_RSA_PKCS1_2048_SHA256", - "PKIX_RSA_PKCS1_3072_SHA256", - "PKIX_RSA_PKCS1_4096_SHA256", + "PKIX_RSA_PKCS1V15_2048_SHA256", + "PKIX_RSA_PKCS1V15_3072_SHA256", + "PKIX_RSA_PKCS1V15_4096_SHA256", "PKIX_RSA_PSS_2048_SHA256", "PKIX_RSA_PSS_3072_SHA256", "PKIX_RSA_PSS_4096_SHA256", + "PKCS1_RSA_PKCS1V15_2048_SHA256", + "PKCS1_RSA_PKCS1V15_3072_SHA256", + "PKCS1_RSA_PKCS1V15_4096_SHA256", + "PKCS1_RSA_PSS_2048_SHA256", + "PKCS1_RSA_PSS_3072_SHA256", + "PKCS1_RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/pb-typescript/src/__generated__/sigstore_common.ts b/gen/pb-typescript/src/__generated__/sigstore_common.ts index 004c2ab6..846cc6ba 100644 --- a/gen/pb-typescript/src/__generated__/sigstore_common.ts +++ b/gen/pb-typescript/src/__generated__/sigstore_common.ts @@ -99,13 +99,22 @@ export enum PublicKeyDetails { PKIX_RSA_PKCS1V5 = 3, /** @deprecated */ PKIX_RSA_PSS = 4, - PKIX_RSA_PKCS1_2048_SHA256 = 9, - PKIX_RSA_PKCS1_3072_SHA256 = 10, - PKIX_RSA_PKCS1_4096_SHA256 = 11, - /** PKIX_RSA_PSS_2048_SHA256 - See RFC4055 */ + /** PKIX_RSA_PKCS1V15_2048_SHA256 - RSA public key in PKIX format, PKCS#1v1.5 signature */ + PKIX_RSA_PKCS1V15_2048_SHA256 = 9, + PKIX_RSA_PKCS1V15_3072_SHA256 = 10, + PKIX_RSA_PKCS1V15_4096_SHA256 = 11, + /** PKIX_RSA_PSS_2048_SHA256 - RSA public key in PKIX format, RSASSA-PSS signature */ PKIX_RSA_PSS_2048_SHA256 = 16, PKIX_RSA_PSS_3072_SHA256 = 17, PKIX_RSA_PSS_4096_SHA256 = 18, + /** PKCS1_RSA_PKCS1V15_2048_SHA256 - RSA public key in PKCS#1 format, PKCS#1v1.5 signature */ + PKCS1_RSA_PKCS1V15_2048_SHA256 = 19, + PKCS1_RSA_PKCS1V15_3072_SHA256 = 20, + PKCS1_RSA_PKCS1V15_4096_SHA256 = 21, + /** PKCS1_RSA_PSS_2048_SHA256 - RSA public key in PKCS#1 format, RSASSA-PSS signature */ + PKCS1_RSA_PSS_2048_SHA256 = 22, + PKCS1_RSA_PSS_3072_SHA256 = 23, + PKCS1_RSA_PSS_4096_SHA256 = 24, /** * PKIX_ECDSA_P256_HMAC_SHA_256 - ECDSA * @@ -142,14 +151,14 @@ export function publicKeyDetailsFromJSON(object: any): PublicKeyDetails { case "PKIX_RSA_PSS": return PublicKeyDetails.PKIX_RSA_PSS; case 9: - case "PKIX_RSA_PKCS1_2048_SHA256": - return PublicKeyDetails.PKIX_RSA_PKCS1_2048_SHA256; + case "PKIX_RSA_PKCS1V15_2048_SHA256": + return PublicKeyDetails.PKIX_RSA_PKCS1V15_2048_SHA256; case 10: - case "PKIX_RSA_PKCS1_3072_SHA256": - return PublicKeyDetails.PKIX_RSA_PKCS1_3072_SHA256; + case "PKIX_RSA_PKCS1V15_3072_SHA256": + return PublicKeyDetails.PKIX_RSA_PKCS1V15_3072_SHA256; case 11: - case "PKIX_RSA_PKCS1_4096_SHA256": - return PublicKeyDetails.PKIX_RSA_PKCS1_4096_SHA256; + case "PKIX_RSA_PKCS1V15_4096_SHA256": + return PublicKeyDetails.PKIX_RSA_PKCS1V15_4096_SHA256; case 16: case "PKIX_RSA_PSS_2048_SHA256": return PublicKeyDetails.PKIX_RSA_PSS_2048_SHA256; @@ -159,6 +168,24 @@ export function publicKeyDetailsFromJSON(object: any): PublicKeyDetails { case 18: case "PKIX_RSA_PSS_4096_SHA256": return PublicKeyDetails.PKIX_RSA_PSS_4096_SHA256; + case 19: + case "PKCS1_RSA_PKCS1V15_2048_SHA256": + return PublicKeyDetails.PKCS1_RSA_PKCS1V15_2048_SHA256; + case 20: + case "PKCS1_RSA_PKCS1V15_3072_SHA256": + return PublicKeyDetails.PKCS1_RSA_PKCS1V15_3072_SHA256; + case 21: + case "PKCS1_RSA_PKCS1V15_4096_SHA256": + return PublicKeyDetails.PKCS1_RSA_PKCS1V15_4096_SHA256; + case 22: + case "PKCS1_RSA_PSS_2048_SHA256": + return PublicKeyDetails.PKCS1_RSA_PSS_2048_SHA256; + case 23: + case "PKCS1_RSA_PSS_3072_SHA256": + return PublicKeyDetails.PKCS1_RSA_PSS_3072_SHA256; + case 24: + case "PKCS1_RSA_PSS_4096_SHA256": + return PublicKeyDetails.PKCS1_RSA_PSS_4096_SHA256; case 6: case "PKIX_ECDSA_P256_HMAC_SHA_256": return PublicKeyDetails.PKIX_ECDSA_P256_HMAC_SHA_256; @@ -200,18 +227,30 @@ export function publicKeyDetailsToJSON(object: PublicKeyDetails): string { return "PKIX_RSA_PKCS1V5"; case PublicKeyDetails.PKIX_RSA_PSS: return "PKIX_RSA_PSS"; - case PublicKeyDetails.PKIX_RSA_PKCS1_2048_SHA256: - return "PKIX_RSA_PKCS1_2048_SHA256"; - case PublicKeyDetails.PKIX_RSA_PKCS1_3072_SHA256: - return "PKIX_RSA_PKCS1_3072_SHA256"; - case PublicKeyDetails.PKIX_RSA_PKCS1_4096_SHA256: - return "PKIX_RSA_PKCS1_4096_SHA256"; + case PublicKeyDetails.PKIX_RSA_PKCS1V15_2048_SHA256: + return "PKIX_RSA_PKCS1V15_2048_SHA256"; + case PublicKeyDetails.PKIX_RSA_PKCS1V15_3072_SHA256: + return "PKIX_RSA_PKCS1V15_3072_SHA256"; + case PublicKeyDetails.PKIX_RSA_PKCS1V15_4096_SHA256: + return "PKIX_RSA_PKCS1V15_4096_SHA256"; case PublicKeyDetails.PKIX_RSA_PSS_2048_SHA256: return "PKIX_RSA_PSS_2048_SHA256"; case PublicKeyDetails.PKIX_RSA_PSS_3072_SHA256: return "PKIX_RSA_PSS_3072_SHA256"; case PublicKeyDetails.PKIX_RSA_PSS_4096_SHA256: return "PKIX_RSA_PSS_4096_SHA256"; + case PublicKeyDetails.PKCS1_RSA_PKCS1V15_2048_SHA256: + return "PKCS1_RSA_PKCS1V15_2048_SHA256"; + case PublicKeyDetails.PKCS1_RSA_PKCS1V15_3072_SHA256: + return "PKCS1_RSA_PKCS1V15_3072_SHA256"; + case PublicKeyDetails.PKCS1_RSA_PKCS1V15_4096_SHA256: + return "PKCS1_RSA_PKCS1V15_4096_SHA256"; + case PublicKeyDetails.PKCS1_RSA_PSS_2048_SHA256: + return "PKCS1_RSA_PSS_2048_SHA256"; + case PublicKeyDetails.PKCS1_RSA_PSS_3072_SHA256: + return "PKCS1_RSA_PSS_3072_SHA256"; + case PublicKeyDetails.PKCS1_RSA_PSS_4096_SHA256: + return "PKCS1_RSA_PSS_4096_SHA256"; case PublicKeyDetails.PKIX_ECDSA_P256_HMAC_SHA_256: return "PKIX_ECDSA_P256_HMAC_SHA_256"; case PublicKeyDetails.PKIX_ECDSA_P256_SHA_256: diff --git a/protos/sigstore_common.proto b/protos/sigstore_common.proto index ee8c454e..ffe49c37 100644 --- a/protos/sigstore_common.proto +++ b/protos/sigstore_common.proto @@ -66,12 +66,22 @@ enum PublicKeyDetails { PKCS1_RSA_PSS = 2 [deprecated = true]; // See RFC8017 PKIX_RSA_PKCS1V5 = 3 [deprecated = true]; PKIX_RSA_PSS = 4 [deprecated = true]; - PKIX_RSA_PKCS1_2048_SHA256 = 9; - PKIX_RSA_PKCS1_3072_SHA256 = 10; - PKIX_RSA_PKCS1_4096_SHA256 = 11; + // RSA public key in PKIX format, PKCS#1v1.5 signature + PKIX_RSA_PKCS1V15_2048_SHA256 = 9; + PKIX_RSA_PKCS1V15_3072_SHA256 = 10; + PKIX_RSA_PKCS1V15_4096_SHA256 = 11; + // RSA public key in PKIX format, RSASSA-PSS signature PKIX_RSA_PSS_2048_SHA256 = 16; // See RFC4055 PKIX_RSA_PSS_3072_SHA256 = 17; PKIX_RSA_PSS_4096_SHA256 = 18; + // RSA public key in PKCS#1 format, PKCS#1v1.5 signature + PKCS1_RSA_PKCS1V15_2048_SHA256 = 19; + PKCS1_RSA_PKCS1V15_3072_SHA256 = 20; + PKCS1_RSA_PKCS1V15_4096_SHA256 = 21; + // RSA public key in PKCS#1 format, RSASSA-PSS signature + PKCS1_RSA_PSS_2048_SHA256 = 22; // See RFC4055 + PKCS1_RSA_PSS_3072_SHA256 = 23; + PKCS1_RSA_PSS_4096_SHA256 = 24; // ECDSA PKIX_ECDSA_P256_HMAC_SHA_256 = 6 [deprecated = true]; // See RFC6979 @@ -88,7 +98,7 @@ enum PublicKeyDetails { EXPERIMENTAL_LMOTS_SHA256 = 15; // Reserved for future additions of public key/signature algorithm types. - reserved 19 to 50; + reserved 25 to 50; } // HashOutput captures a digest of a 'message' (generic octet sequence) From c0b88632fffd99ff2f71c1f2692c6f3e4a43343c Mon Sep 17 00:00:00 2001 From: William Woodruff Date: Mon, 5 Feb 2024 11:37:13 +0100 Subject: [PATCH 6/6] drop PCKS1 key encodings Signed-off-by: William Woodruff --- .../ArtifactVerificationOptions.schema.json | 6 -- gen/jsonschema/schemas/Input.schema.json | 6 -- gen/jsonschema/schemas/PublicKey.schema.json | 6 -- .../schemas/PublicKeyIdentities.schema.json | 6 -- .../TransparencyLogInstance.schema.json | 6 -- .../schemas/TrustedRoot.schema.json | 6 -- gen/pb-go/common/v1/sigstore_common.pb.go | 95 ++++++------------- .../dev/sigstore/common/v1/__init__.py | 10 -- gen/pb-ruby/lib/sigstore_common_pb.rb | 6 -- .../ArtifactVerificationOptions.schema.json | 6 -- gen/pb-rust/schemas/Input.schema.json | 6 -- gen/pb-rust/schemas/PublicKey.schema.json | 6 -- .../schemas/PublicKeyIdentities.schema.json | 6 -- .../TransparencyLogInstance.schema.json | 6 -- gen/pb-rust/schemas/TrustedRoot.schema.json | 6 -- .../src/__generated__/sigstore_common.ts | 38 -------- protos/sigstore_common.proto | 10 +- 17 files changed, 32 insertions(+), 199 deletions(-) diff --git a/gen/jsonschema/schemas/ArtifactVerificationOptions.schema.json b/gen/jsonschema/schemas/ArtifactVerificationOptions.schema.json index 14d5b87e..88c1e8ca 100644 --- a/gen/jsonschema/schemas/ArtifactVerificationOptions.schema.json +++ b/gen/jsonschema/schemas/ArtifactVerificationOptions.schema.json @@ -133,12 +133,6 @@ "PKIX_RSA_PSS_2048_SHA256", "PKIX_RSA_PSS_3072_SHA256", "PKIX_RSA_PSS_4096_SHA256", - "PKCS1_RSA_PKCS1V15_2048_SHA256", - "PKCS1_RSA_PKCS1V15_3072_SHA256", - "PKCS1_RSA_PKCS1V15_4096_SHA256", - "PKCS1_RSA_PSS_2048_SHA256", - "PKCS1_RSA_PSS_3072_SHA256", - "PKCS1_RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/jsonschema/schemas/Input.schema.json b/gen/jsonschema/schemas/Input.schema.json index 47c9a150..8ff17674 100644 --- a/gen/jsonschema/schemas/Input.schema.json +++ b/gen/jsonschema/schemas/Input.schema.json @@ -263,12 +263,6 @@ "PKIX_RSA_PSS_2048_SHA256", "PKIX_RSA_PSS_3072_SHA256", "PKIX_RSA_PSS_4096_SHA256", - "PKCS1_RSA_PKCS1V15_2048_SHA256", - "PKCS1_RSA_PKCS1V15_3072_SHA256", - "PKCS1_RSA_PKCS1V15_4096_SHA256", - "PKCS1_RSA_PSS_2048_SHA256", - "PKCS1_RSA_PSS_3072_SHA256", - "PKCS1_RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/jsonschema/schemas/PublicKey.schema.json b/gen/jsonschema/schemas/PublicKey.schema.json index 611a6b53..2e7f6756 100644 --- a/gen/jsonschema/schemas/PublicKey.schema.json +++ b/gen/jsonschema/schemas/PublicKey.schema.json @@ -23,12 +23,6 @@ "PKIX_RSA_PSS_2048_SHA256", "PKIX_RSA_PSS_3072_SHA256", "PKIX_RSA_PSS_4096_SHA256", - "PKCS1_RSA_PKCS1V15_2048_SHA256", - "PKCS1_RSA_PKCS1V15_3072_SHA256", - "PKCS1_RSA_PKCS1V15_4096_SHA256", - "PKCS1_RSA_PSS_2048_SHA256", - "PKCS1_RSA_PSS_3072_SHA256", - "PKCS1_RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/jsonschema/schemas/PublicKeyIdentities.schema.json b/gen/jsonschema/schemas/PublicKeyIdentities.schema.json index 04d29766..f52c73f3 100644 --- a/gen/jsonschema/schemas/PublicKeyIdentities.schema.json +++ b/gen/jsonschema/schemas/PublicKeyIdentities.schema.json @@ -37,12 +37,6 @@ "PKIX_RSA_PSS_2048_SHA256", "PKIX_RSA_PSS_3072_SHA256", "PKIX_RSA_PSS_4096_SHA256", - "PKCS1_RSA_PKCS1V15_2048_SHA256", - "PKCS1_RSA_PKCS1V15_3072_SHA256", - "PKCS1_RSA_PKCS1V15_4096_SHA256", - "PKCS1_RSA_PSS_2048_SHA256", - "PKCS1_RSA_PSS_3072_SHA256", - "PKCS1_RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/jsonschema/schemas/TransparencyLogInstance.schema.json b/gen/jsonschema/schemas/TransparencyLogInstance.schema.json index 8d0ea883..d53179ea 100644 --- a/gen/jsonschema/schemas/TransparencyLogInstance.schema.json +++ b/gen/jsonschema/schemas/TransparencyLogInstance.schema.json @@ -72,12 +72,6 @@ "PKIX_RSA_PSS_2048_SHA256", "PKIX_RSA_PSS_3072_SHA256", "PKIX_RSA_PSS_4096_SHA256", - "PKCS1_RSA_PKCS1V15_2048_SHA256", - "PKCS1_RSA_PKCS1V15_3072_SHA256", - "PKCS1_RSA_PKCS1V15_4096_SHA256", - "PKCS1_RSA_PSS_2048_SHA256", - "PKCS1_RSA_PSS_3072_SHA256", - "PKCS1_RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/jsonschema/schemas/TrustedRoot.schema.json b/gen/jsonschema/schemas/TrustedRoot.schema.json index aa5baf05..2c142284 100644 --- a/gen/jsonschema/schemas/TrustedRoot.schema.json +++ b/gen/jsonschema/schemas/TrustedRoot.schema.json @@ -94,12 +94,6 @@ "PKIX_RSA_PSS_2048_SHA256", "PKIX_RSA_PSS_3072_SHA256", "PKIX_RSA_PSS_4096_SHA256", - "PKCS1_RSA_PKCS1V15_2048_SHA256", - "PKCS1_RSA_PKCS1V15_3072_SHA256", - "PKCS1_RSA_PKCS1V15_4096_SHA256", - "PKCS1_RSA_PSS_2048_SHA256", - "PKCS1_RSA_PSS_3072_SHA256", - "PKCS1_RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/pb-go/common/v1/sigstore_common.pb.go b/gen/pb-go/common/v1/sigstore_common.pb.go index f627ae7a..61db9b36 100644 --- a/gen/pb-go/common/v1/sigstore_common.pb.go +++ b/gen/pb-go/common/v1/sigstore_common.pb.go @@ -139,14 +139,6 @@ const ( PublicKeyDetails_PKIX_RSA_PSS_2048_SHA256 PublicKeyDetails = 16 // See RFC4055 PublicKeyDetails_PKIX_RSA_PSS_3072_SHA256 PublicKeyDetails = 17 PublicKeyDetails_PKIX_RSA_PSS_4096_SHA256 PublicKeyDetails = 18 - // RSA public key in PKCS#1 format, PKCS#1v1.5 signature - PublicKeyDetails_PKCS1_RSA_PKCS1V15_2048_SHA256 PublicKeyDetails = 19 - PublicKeyDetails_PKCS1_RSA_PKCS1V15_3072_SHA256 PublicKeyDetails = 20 - PublicKeyDetails_PKCS1_RSA_PKCS1V15_4096_SHA256 PublicKeyDetails = 21 - // RSA public key in PKCS#1 format, RSASSA-PSS signature - PublicKeyDetails_PKCS1_RSA_PSS_2048_SHA256 PublicKeyDetails = 22 // See RFC4055 - PublicKeyDetails_PKCS1_RSA_PSS_3072_SHA256 PublicKeyDetails = 23 - PublicKeyDetails_PKCS1_RSA_PSS_4096_SHA256 PublicKeyDetails = 24 // ECDSA // // Deprecated: Do not use. @@ -176,12 +168,6 @@ var ( 16: "PKIX_RSA_PSS_2048_SHA256", 17: "PKIX_RSA_PSS_3072_SHA256", 18: "PKIX_RSA_PSS_4096_SHA256", - 19: "PKCS1_RSA_PKCS1V15_2048_SHA256", - 20: "PKCS1_RSA_PKCS1V15_3072_SHA256", - 21: "PKCS1_RSA_PKCS1V15_4096_SHA256", - 22: "PKCS1_RSA_PSS_2048_SHA256", - 23: "PKCS1_RSA_PSS_3072_SHA256", - 24: "PKCS1_RSA_PSS_4096_SHA256", 6: "PKIX_ECDSA_P256_HMAC_SHA_256", 5: "PKIX_ECDSA_P256_SHA_256", 12: "PKIX_ECDSA_P384_SHA_384", @@ -203,12 +189,6 @@ var ( "PKIX_RSA_PSS_2048_SHA256": 16, "PKIX_RSA_PSS_3072_SHA256": 17, "PKIX_RSA_PSS_4096_SHA256": 18, - "PKCS1_RSA_PKCS1V15_2048_SHA256": 19, - "PKCS1_RSA_PKCS1V15_3072_SHA256": 20, - "PKCS1_RSA_PKCS1V15_4096_SHA256": 21, - "PKCS1_RSA_PSS_2048_SHA256": 22, - "PKCS1_RSA_PSS_3072_SHA256": 23, - "PKCS1_RSA_PSS_4096_SHA256": 24, "PKIX_ECDSA_P256_HMAC_SHA_256": 6, "PKIX_ECDSA_P256_SHA_256": 5, "PKIX_ECDSA_P384_SHA_384": 12, @@ -1168,7 +1148,7 @@ var file_sigstore_common_proto_rawDesc = []byte{ 0x48, 0x41, 0x32, 0x5f, 0x33, 0x38, 0x34, 0x10, 0x02, 0x12, 0x0c, 0x0a, 0x08, 0x53, 0x48, 0x41, 0x32, 0x5f, 0x35, 0x31, 0x32, 0x10, 0x03, 0x12, 0x0c, 0x0a, 0x08, 0x53, 0x48, 0x41, 0x33, 0x5f, 0x32, 0x35, 0x36, 0x10, 0x04, 0x12, 0x0c, 0x0a, 0x08, 0x53, 0x48, 0x41, 0x33, 0x5f, 0x33, 0x38, - 0x34, 0x10, 0x05, 0x2a, 0x8a, 0x06, 0x0a, 0x10, 0x50, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x4b, 0x65, + 0x34, 0x10, 0x05, 0x2a, 0xc1, 0x04, 0x0a, 0x10, 0x50, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x4b, 0x65, 0x79, 0x44, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x12, 0x22, 0x0a, 0x1e, 0x50, 0x55, 0x42, 0x4c, 0x49, 0x43, 0x5f, 0x4b, 0x45, 0x59, 0x5f, 0x44, 0x45, 0x54, 0x41, 0x49, 0x4c, 0x53, 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x19, 0x0a, 0x11, @@ -1190,49 +1170,36 @@ var file_sigstore_common_proto_rawDesc = []byte{ 0x41, 0x5f, 0x50, 0x53, 0x53, 0x5f, 0x33, 0x30, 0x37, 0x32, 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x11, 0x12, 0x1c, 0x0a, 0x18, 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x52, 0x53, 0x41, 0x5f, 0x50, 0x53, 0x53, 0x5f, 0x34, 0x30, 0x39, 0x36, 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, - 0x12, 0x12, 0x22, 0x0a, 0x1e, 0x50, 0x4b, 0x43, 0x53, 0x31, 0x5f, 0x52, 0x53, 0x41, 0x5f, 0x50, - 0x4b, 0x43, 0x53, 0x31, 0x56, 0x31, 0x35, 0x5f, 0x32, 0x30, 0x34, 0x38, 0x5f, 0x53, 0x48, 0x41, - 0x32, 0x35, 0x36, 0x10, 0x13, 0x12, 0x22, 0x0a, 0x1e, 0x50, 0x4b, 0x43, 0x53, 0x31, 0x5f, 0x52, - 0x53, 0x41, 0x5f, 0x50, 0x4b, 0x43, 0x53, 0x31, 0x56, 0x31, 0x35, 0x5f, 0x33, 0x30, 0x37, 0x32, - 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x14, 0x12, 0x22, 0x0a, 0x1e, 0x50, 0x4b, 0x43, - 0x53, 0x31, 0x5f, 0x52, 0x53, 0x41, 0x5f, 0x50, 0x4b, 0x43, 0x53, 0x31, 0x56, 0x31, 0x35, 0x5f, - 0x34, 0x30, 0x39, 0x36, 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x15, 0x12, 0x1d, 0x0a, - 0x19, 0x50, 0x4b, 0x43, 0x53, 0x31, 0x5f, 0x52, 0x53, 0x41, 0x5f, 0x50, 0x53, 0x53, 0x5f, 0x32, - 0x30, 0x34, 0x38, 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x16, 0x12, 0x1d, 0x0a, 0x19, - 0x50, 0x4b, 0x43, 0x53, 0x31, 0x5f, 0x52, 0x53, 0x41, 0x5f, 0x50, 0x53, 0x53, 0x5f, 0x33, 0x30, - 0x37, 0x32, 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x17, 0x12, 0x1d, 0x0a, 0x19, 0x50, - 0x4b, 0x43, 0x53, 0x31, 0x5f, 0x52, 0x53, 0x41, 0x5f, 0x50, 0x53, 0x53, 0x5f, 0x34, 0x30, 0x39, - 0x36, 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x18, 0x12, 0x24, 0x0a, 0x1c, 0x50, 0x4b, - 0x49, 0x58, 0x5f, 0x45, 0x43, 0x44, 0x53, 0x41, 0x5f, 0x50, 0x32, 0x35, 0x36, 0x5f, 0x48, 0x4d, - 0x41, 0x43, 0x5f, 0x53, 0x48, 0x41, 0x5f, 0x32, 0x35, 0x36, 0x10, 0x06, 0x1a, 0x02, 0x08, 0x01, - 0x12, 0x1b, 0x0a, 0x17, 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x45, 0x43, 0x44, 0x53, 0x41, 0x5f, 0x50, - 0x32, 0x35, 0x36, 0x5f, 0x53, 0x48, 0x41, 0x5f, 0x32, 0x35, 0x36, 0x10, 0x05, 0x12, 0x1b, 0x0a, - 0x17, 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x45, 0x43, 0x44, 0x53, 0x41, 0x5f, 0x50, 0x33, 0x38, 0x34, - 0x5f, 0x53, 0x48, 0x41, 0x5f, 0x33, 0x38, 0x34, 0x10, 0x0c, 0x12, 0x1b, 0x0a, 0x17, 0x50, 0x4b, - 0x49, 0x58, 0x5f, 0x45, 0x43, 0x44, 0x53, 0x41, 0x5f, 0x50, 0x35, 0x32, 0x31, 0x5f, 0x53, 0x48, - 0x41, 0x5f, 0x35, 0x31, 0x32, 0x10, 0x0d, 0x12, 0x10, 0x0a, 0x0c, 0x50, 0x4b, 0x49, 0x58, 0x5f, - 0x45, 0x44, 0x32, 0x35, 0x35, 0x31, 0x39, 0x10, 0x07, 0x12, 0x13, 0x0a, 0x0f, 0x50, 0x4b, 0x49, - 0x58, 0x5f, 0x45, 0x44, 0x32, 0x35, 0x35, 0x31, 0x39, 0x5f, 0x50, 0x48, 0x10, 0x08, 0x12, 0x1b, - 0x0a, 0x17, 0x45, 0x58, 0x50, 0x45, 0x52, 0x49, 0x4d, 0x45, 0x4e, 0x54, 0x41, 0x4c, 0x5f, 0x4c, - 0x4d, 0x53, 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x0e, 0x12, 0x1d, 0x0a, 0x19, 0x45, - 0x58, 0x50, 0x45, 0x52, 0x49, 0x4d, 0x45, 0x4e, 0x54, 0x41, 0x4c, 0x5f, 0x4c, 0x4d, 0x4f, 0x54, - 0x53, 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, 0x0f, 0x22, 0x04, 0x08, 0x19, 0x10, 0x32, - 0x2a, 0x6f, 0x0a, 0x1a, 0x53, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x41, 0x6c, 0x74, 0x65, 0x72, - 0x6e, 0x61, 0x74, 0x69, 0x76, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x54, 0x79, 0x70, 0x65, 0x12, 0x2d, - 0x0a, 0x29, 0x53, 0x55, 0x42, 0x4a, 0x45, 0x43, 0x54, 0x5f, 0x41, 0x4c, 0x54, 0x45, 0x52, 0x4e, - 0x41, 0x54, 0x49, 0x56, 0x45, 0x5f, 0x4e, 0x41, 0x4d, 0x45, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, - 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x09, 0x0a, - 0x05, 0x45, 0x4d, 0x41, 0x49, 0x4c, 0x10, 0x01, 0x12, 0x07, 0x0a, 0x03, 0x55, 0x52, 0x49, 0x10, - 0x02, 0x12, 0x0e, 0x0a, 0x0a, 0x4f, 0x54, 0x48, 0x45, 0x52, 0x5f, 0x4e, 0x41, 0x4d, 0x45, 0x10, - 0x03, 0x42, 0x7c, 0x0a, 0x1c, 0x64, 0x65, 0x76, 0x2e, 0x73, 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, - 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x76, - 0x31, 0x42, 0x0b, 0x43, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, - 0x5a, 0x36, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x73, 0x69, 0x67, - 0x73, 0x74, 0x6f, 0x72, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2d, 0x73, - 0x70, 0x65, 0x63, 0x73, 0x2f, 0x67, 0x65, 0x6e, 0x2f, 0x70, 0x62, 0x2d, 0x67, 0x6f, 0x2f, 0x63, - 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2f, 0x76, 0x31, 0xea, 0x02, 0x14, 0x53, 0x69, 0x67, 0x73, 0x74, - 0x6f, 0x72, 0x65, 0x3a, 0x3a, 0x43, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x3a, 0x3a, 0x56, 0x31, 0x62, - 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x12, 0x12, 0x24, 0x0a, 0x1c, 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x45, 0x43, 0x44, 0x53, 0x41, 0x5f, + 0x50, 0x32, 0x35, 0x36, 0x5f, 0x48, 0x4d, 0x41, 0x43, 0x5f, 0x53, 0x48, 0x41, 0x5f, 0x32, 0x35, + 0x36, 0x10, 0x06, 0x1a, 0x02, 0x08, 0x01, 0x12, 0x1b, 0x0a, 0x17, 0x50, 0x4b, 0x49, 0x58, 0x5f, + 0x45, 0x43, 0x44, 0x53, 0x41, 0x5f, 0x50, 0x32, 0x35, 0x36, 0x5f, 0x53, 0x48, 0x41, 0x5f, 0x32, + 0x35, 0x36, 0x10, 0x05, 0x12, 0x1b, 0x0a, 0x17, 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x45, 0x43, 0x44, + 0x53, 0x41, 0x5f, 0x50, 0x33, 0x38, 0x34, 0x5f, 0x53, 0x48, 0x41, 0x5f, 0x33, 0x38, 0x34, 0x10, + 0x0c, 0x12, 0x1b, 0x0a, 0x17, 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x45, 0x43, 0x44, 0x53, 0x41, 0x5f, + 0x50, 0x35, 0x32, 0x31, 0x5f, 0x53, 0x48, 0x41, 0x5f, 0x35, 0x31, 0x32, 0x10, 0x0d, 0x12, 0x10, + 0x0a, 0x0c, 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x45, 0x44, 0x32, 0x35, 0x35, 0x31, 0x39, 0x10, 0x07, + 0x12, 0x13, 0x0a, 0x0f, 0x50, 0x4b, 0x49, 0x58, 0x5f, 0x45, 0x44, 0x32, 0x35, 0x35, 0x31, 0x39, + 0x5f, 0x50, 0x48, 0x10, 0x08, 0x12, 0x1b, 0x0a, 0x17, 0x45, 0x58, 0x50, 0x45, 0x52, 0x49, 0x4d, + 0x45, 0x4e, 0x54, 0x41, 0x4c, 0x5f, 0x4c, 0x4d, 0x53, 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, + 0x10, 0x0e, 0x12, 0x1d, 0x0a, 0x19, 0x45, 0x58, 0x50, 0x45, 0x52, 0x49, 0x4d, 0x45, 0x4e, 0x54, + 0x41, 0x4c, 0x5f, 0x4c, 0x4d, 0x4f, 0x54, 0x53, 0x5f, 0x53, 0x48, 0x41, 0x32, 0x35, 0x36, 0x10, + 0x0f, 0x22, 0x04, 0x08, 0x13, 0x10, 0x32, 0x2a, 0x6f, 0x0a, 0x1a, 0x53, 0x75, 0x62, 0x6a, 0x65, + 0x63, 0x74, 0x41, 0x6c, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x74, 0x69, 0x76, 0x65, 0x4e, 0x61, 0x6d, + 0x65, 0x54, 0x79, 0x70, 0x65, 0x12, 0x2d, 0x0a, 0x29, 0x53, 0x55, 0x42, 0x4a, 0x45, 0x43, 0x54, + 0x5f, 0x41, 0x4c, 0x54, 0x45, 0x52, 0x4e, 0x41, 0x54, 0x49, 0x56, 0x45, 0x5f, 0x4e, 0x41, 0x4d, + 0x45, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49, + 0x45, 0x44, 0x10, 0x00, 0x12, 0x09, 0x0a, 0x05, 0x45, 0x4d, 0x41, 0x49, 0x4c, 0x10, 0x01, 0x12, + 0x07, 0x0a, 0x03, 0x55, 0x52, 0x49, 0x10, 0x02, 0x12, 0x0e, 0x0a, 0x0a, 0x4f, 0x54, 0x48, 0x45, + 0x52, 0x5f, 0x4e, 0x41, 0x4d, 0x45, 0x10, 0x03, 0x42, 0x7c, 0x0a, 0x1c, 0x64, 0x65, 0x76, 0x2e, + 0x73, 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x63, + 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x76, 0x31, 0x42, 0x0b, 0x43, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, + 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x36, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, + 0x63, 0x6f, 0x6d, 0x2f, 0x73, 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x2f, 0x70, 0x72, 0x6f, + 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2d, 0x73, 0x70, 0x65, 0x63, 0x73, 0x2f, 0x67, 0x65, 0x6e, 0x2f, + 0x70, 0x62, 0x2d, 0x67, 0x6f, 0x2f, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2f, 0x76, 0x31, 0xea, + 0x02, 0x14, 0x53, 0x69, 0x67, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x3a, 0x3a, 0x43, 0x6f, 0x6d, 0x6d, + 0x6f, 0x6e, 0x3a, 0x3a, 0x56, 0x31, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, } var ( diff --git a/gen/pb-python/sigstore_protobuf_specs/dev/sigstore/common/v1/__init__.py b/gen/pb-python/sigstore_protobuf_specs/dev/sigstore/common/v1/__init__.py index 32f02d0d..8679c035 100644 --- a/gen/pb-python/sigstore_protobuf_specs/dev/sigstore/common/v1/__init__.py +++ b/gen/pb-python/sigstore_protobuf_specs/dev/sigstore/common/v1/__init__.py @@ -62,16 +62,6 @@ class PublicKeyDetails(betterproto.Enum): PKIX_RSA_PSS_3072_SHA256 = 17 PKIX_RSA_PSS_4096_SHA256 = 18 - PKCS1_RSA_PKCS1V15_2048_SHA256 = 19 - """RSA public key in PKCS#1 format, PKCS#1v1.5 signature""" - - PKCS1_RSA_PKCS1V15_3072_SHA256 = 20 - PKCS1_RSA_PKCS1V15_4096_SHA256 = 21 - PKCS1_RSA_PSS_2048_SHA256 = 22 - """RSA public key in PKCS#1 format, RSASSA-PSS signature""" - - PKCS1_RSA_PSS_3072_SHA256 = 23 - PKCS1_RSA_PSS_4096_SHA256 = 24 PKIX_ECDSA_P256_HMAC_SHA_256 = 6 """ECDSA""" diff --git a/gen/pb-ruby/lib/sigstore_common_pb.rb b/gen/pb-ruby/lib/sigstore_common_pb.rb index 10624d56..a76a563f 100644 --- a/gen/pb-ruby/lib/sigstore_common_pb.rb +++ b/gen/pb-ruby/lib/sigstore_common_pb.rb @@ -78,12 +78,6 @@ value :PKIX_RSA_PSS_2048_SHA256, 16 value :PKIX_RSA_PSS_3072_SHA256, 17 value :PKIX_RSA_PSS_4096_SHA256, 18 - value :PKCS1_RSA_PKCS1V15_2048_SHA256, 19 - value :PKCS1_RSA_PKCS1V15_3072_SHA256, 20 - value :PKCS1_RSA_PKCS1V15_4096_SHA256, 21 - value :PKCS1_RSA_PSS_2048_SHA256, 22 - value :PKCS1_RSA_PSS_3072_SHA256, 23 - value :PKCS1_RSA_PSS_4096_SHA256, 24 value :PKIX_ECDSA_P256_HMAC_SHA_256, 6 value :PKIX_ECDSA_P256_SHA_256, 5 value :PKIX_ECDSA_P384_SHA_384, 12 diff --git a/gen/pb-rust/schemas/ArtifactVerificationOptions.schema.json b/gen/pb-rust/schemas/ArtifactVerificationOptions.schema.json index 14d5b87e..88c1e8ca 100644 --- a/gen/pb-rust/schemas/ArtifactVerificationOptions.schema.json +++ b/gen/pb-rust/schemas/ArtifactVerificationOptions.schema.json @@ -133,12 +133,6 @@ "PKIX_RSA_PSS_2048_SHA256", "PKIX_RSA_PSS_3072_SHA256", "PKIX_RSA_PSS_4096_SHA256", - "PKCS1_RSA_PKCS1V15_2048_SHA256", - "PKCS1_RSA_PKCS1V15_3072_SHA256", - "PKCS1_RSA_PKCS1V15_4096_SHA256", - "PKCS1_RSA_PSS_2048_SHA256", - "PKCS1_RSA_PSS_3072_SHA256", - "PKCS1_RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/pb-rust/schemas/Input.schema.json b/gen/pb-rust/schemas/Input.schema.json index 47c9a150..8ff17674 100644 --- a/gen/pb-rust/schemas/Input.schema.json +++ b/gen/pb-rust/schemas/Input.schema.json @@ -263,12 +263,6 @@ "PKIX_RSA_PSS_2048_SHA256", "PKIX_RSA_PSS_3072_SHA256", "PKIX_RSA_PSS_4096_SHA256", - "PKCS1_RSA_PKCS1V15_2048_SHA256", - "PKCS1_RSA_PKCS1V15_3072_SHA256", - "PKCS1_RSA_PKCS1V15_4096_SHA256", - "PKCS1_RSA_PSS_2048_SHA256", - "PKCS1_RSA_PSS_3072_SHA256", - "PKCS1_RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/pb-rust/schemas/PublicKey.schema.json b/gen/pb-rust/schemas/PublicKey.schema.json index 611a6b53..2e7f6756 100644 --- a/gen/pb-rust/schemas/PublicKey.schema.json +++ b/gen/pb-rust/schemas/PublicKey.schema.json @@ -23,12 +23,6 @@ "PKIX_RSA_PSS_2048_SHA256", "PKIX_RSA_PSS_3072_SHA256", "PKIX_RSA_PSS_4096_SHA256", - "PKCS1_RSA_PKCS1V15_2048_SHA256", - "PKCS1_RSA_PKCS1V15_3072_SHA256", - "PKCS1_RSA_PKCS1V15_4096_SHA256", - "PKCS1_RSA_PSS_2048_SHA256", - "PKCS1_RSA_PSS_3072_SHA256", - "PKCS1_RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/pb-rust/schemas/PublicKeyIdentities.schema.json b/gen/pb-rust/schemas/PublicKeyIdentities.schema.json index 04d29766..f52c73f3 100644 --- a/gen/pb-rust/schemas/PublicKeyIdentities.schema.json +++ b/gen/pb-rust/schemas/PublicKeyIdentities.schema.json @@ -37,12 +37,6 @@ "PKIX_RSA_PSS_2048_SHA256", "PKIX_RSA_PSS_3072_SHA256", "PKIX_RSA_PSS_4096_SHA256", - "PKCS1_RSA_PKCS1V15_2048_SHA256", - "PKCS1_RSA_PKCS1V15_3072_SHA256", - "PKCS1_RSA_PKCS1V15_4096_SHA256", - "PKCS1_RSA_PSS_2048_SHA256", - "PKCS1_RSA_PSS_3072_SHA256", - "PKCS1_RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/pb-rust/schemas/TransparencyLogInstance.schema.json b/gen/pb-rust/schemas/TransparencyLogInstance.schema.json index 8d0ea883..d53179ea 100644 --- a/gen/pb-rust/schemas/TransparencyLogInstance.schema.json +++ b/gen/pb-rust/schemas/TransparencyLogInstance.schema.json @@ -72,12 +72,6 @@ "PKIX_RSA_PSS_2048_SHA256", "PKIX_RSA_PSS_3072_SHA256", "PKIX_RSA_PSS_4096_SHA256", - "PKCS1_RSA_PKCS1V15_2048_SHA256", - "PKCS1_RSA_PKCS1V15_3072_SHA256", - "PKCS1_RSA_PKCS1V15_4096_SHA256", - "PKCS1_RSA_PSS_2048_SHA256", - "PKCS1_RSA_PSS_3072_SHA256", - "PKCS1_RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/pb-rust/schemas/TrustedRoot.schema.json b/gen/pb-rust/schemas/TrustedRoot.schema.json index aa5baf05..2c142284 100644 --- a/gen/pb-rust/schemas/TrustedRoot.schema.json +++ b/gen/pb-rust/schemas/TrustedRoot.schema.json @@ -94,12 +94,6 @@ "PKIX_RSA_PSS_2048_SHA256", "PKIX_RSA_PSS_3072_SHA256", "PKIX_RSA_PSS_4096_SHA256", - "PKCS1_RSA_PKCS1V15_2048_SHA256", - "PKCS1_RSA_PKCS1V15_3072_SHA256", - "PKCS1_RSA_PKCS1V15_4096_SHA256", - "PKCS1_RSA_PSS_2048_SHA256", - "PKCS1_RSA_PSS_3072_SHA256", - "PKCS1_RSA_PSS_4096_SHA256", "PKIX_ECDSA_P256_HMAC_SHA_256", "PKIX_ECDSA_P256_SHA_256", "PKIX_ECDSA_P384_SHA_384", diff --git a/gen/pb-typescript/src/__generated__/sigstore_common.ts b/gen/pb-typescript/src/__generated__/sigstore_common.ts index 846cc6ba..5a199582 100644 --- a/gen/pb-typescript/src/__generated__/sigstore_common.ts +++ b/gen/pb-typescript/src/__generated__/sigstore_common.ts @@ -107,14 +107,6 @@ export enum PublicKeyDetails { PKIX_RSA_PSS_2048_SHA256 = 16, PKIX_RSA_PSS_3072_SHA256 = 17, PKIX_RSA_PSS_4096_SHA256 = 18, - /** PKCS1_RSA_PKCS1V15_2048_SHA256 - RSA public key in PKCS#1 format, PKCS#1v1.5 signature */ - PKCS1_RSA_PKCS1V15_2048_SHA256 = 19, - PKCS1_RSA_PKCS1V15_3072_SHA256 = 20, - PKCS1_RSA_PKCS1V15_4096_SHA256 = 21, - /** PKCS1_RSA_PSS_2048_SHA256 - RSA public key in PKCS#1 format, RSASSA-PSS signature */ - PKCS1_RSA_PSS_2048_SHA256 = 22, - PKCS1_RSA_PSS_3072_SHA256 = 23, - PKCS1_RSA_PSS_4096_SHA256 = 24, /** * PKIX_ECDSA_P256_HMAC_SHA_256 - ECDSA * @@ -168,24 +160,6 @@ export function publicKeyDetailsFromJSON(object: any): PublicKeyDetails { case 18: case "PKIX_RSA_PSS_4096_SHA256": return PublicKeyDetails.PKIX_RSA_PSS_4096_SHA256; - case 19: - case "PKCS1_RSA_PKCS1V15_2048_SHA256": - return PublicKeyDetails.PKCS1_RSA_PKCS1V15_2048_SHA256; - case 20: - case "PKCS1_RSA_PKCS1V15_3072_SHA256": - return PublicKeyDetails.PKCS1_RSA_PKCS1V15_3072_SHA256; - case 21: - case "PKCS1_RSA_PKCS1V15_4096_SHA256": - return PublicKeyDetails.PKCS1_RSA_PKCS1V15_4096_SHA256; - case 22: - case "PKCS1_RSA_PSS_2048_SHA256": - return PublicKeyDetails.PKCS1_RSA_PSS_2048_SHA256; - case 23: - case "PKCS1_RSA_PSS_3072_SHA256": - return PublicKeyDetails.PKCS1_RSA_PSS_3072_SHA256; - case 24: - case "PKCS1_RSA_PSS_4096_SHA256": - return PublicKeyDetails.PKCS1_RSA_PSS_4096_SHA256; case 6: case "PKIX_ECDSA_P256_HMAC_SHA_256": return PublicKeyDetails.PKIX_ECDSA_P256_HMAC_SHA_256; @@ -239,18 +213,6 @@ export function publicKeyDetailsToJSON(object: PublicKeyDetails): string { return "PKIX_RSA_PSS_3072_SHA256"; case PublicKeyDetails.PKIX_RSA_PSS_4096_SHA256: return "PKIX_RSA_PSS_4096_SHA256"; - case PublicKeyDetails.PKCS1_RSA_PKCS1V15_2048_SHA256: - return "PKCS1_RSA_PKCS1V15_2048_SHA256"; - case PublicKeyDetails.PKCS1_RSA_PKCS1V15_3072_SHA256: - return "PKCS1_RSA_PKCS1V15_3072_SHA256"; - case PublicKeyDetails.PKCS1_RSA_PKCS1V15_4096_SHA256: - return "PKCS1_RSA_PKCS1V15_4096_SHA256"; - case PublicKeyDetails.PKCS1_RSA_PSS_2048_SHA256: - return "PKCS1_RSA_PSS_2048_SHA256"; - case PublicKeyDetails.PKCS1_RSA_PSS_3072_SHA256: - return "PKCS1_RSA_PSS_3072_SHA256"; - case PublicKeyDetails.PKCS1_RSA_PSS_4096_SHA256: - return "PKCS1_RSA_PSS_4096_SHA256"; case PublicKeyDetails.PKIX_ECDSA_P256_HMAC_SHA_256: return "PKIX_ECDSA_P256_HMAC_SHA_256"; case PublicKeyDetails.PKIX_ECDSA_P256_SHA_256: diff --git a/protos/sigstore_common.proto b/protos/sigstore_common.proto index ffe49c37..13a87ab5 100644 --- a/protos/sigstore_common.proto +++ b/protos/sigstore_common.proto @@ -74,14 +74,6 @@ enum PublicKeyDetails { PKIX_RSA_PSS_2048_SHA256 = 16; // See RFC4055 PKIX_RSA_PSS_3072_SHA256 = 17; PKIX_RSA_PSS_4096_SHA256 = 18; - // RSA public key in PKCS#1 format, PKCS#1v1.5 signature - PKCS1_RSA_PKCS1V15_2048_SHA256 = 19; - PKCS1_RSA_PKCS1V15_3072_SHA256 = 20; - PKCS1_RSA_PKCS1V15_4096_SHA256 = 21; - // RSA public key in PKCS#1 format, RSASSA-PSS signature - PKCS1_RSA_PSS_2048_SHA256 = 22; // See RFC4055 - PKCS1_RSA_PSS_3072_SHA256 = 23; - PKCS1_RSA_PSS_4096_SHA256 = 24; // ECDSA PKIX_ECDSA_P256_HMAC_SHA_256 = 6 [deprecated = true]; // See RFC6979 @@ -98,7 +90,7 @@ enum PublicKeyDetails { EXPERIMENTAL_LMOTS_SHA256 = 15; // Reserved for future additions of public key/signature algorithm types. - reserved 25 to 50; + reserved 19 to 50; } // HashOutput captures a digest of a 'message' (generic octet sequence)