Class: Google::Cloud::BinaryAuthorization::V1beta1::PkixPublicKey

Inherits:

Object

• Object
• Google::Cloud::BinaryAuthorization::V1beta1::PkixPublicKey

Extended by:

Protobuf::MessageExts::ClassMethods

Includes:

Protobuf::MessageExts

Defined in:

proto_docs/google/cloud/binaryauthorization/v1beta1/resources.rb

Overview

A public key in the PkixPublicKey format (see https://tools.ietf.org/html/rfc5280#section-4.1.2.7 for details). Public keys of this type are typically textually encoded using the PEM format.

Defined Under Namespace

Modules: SignatureAlgorithm

Instance Attribute Summary

• #public_key_pem ⇒ ::String

  A PEM-encoded public key, as described in https://tools.ietf.org/html/rfc7468#section-13.

• #signature_algorithm ⇒ ::Google::Cloud::BinaryAuthorization::V1beta1::PkixPublicKey::SignatureAlgorithm

  The signature algorithm used to verify a message against a signature using this key.

Instance Attribute Details

#public_key_pem ⇒ ::String

Returns A PEM-encoded public key, as described in https://tools.ietf.org/html/rfc7468#section-13.

Returns:

• (::String) —

  A PEM-encoded public key, as described in https://tools.ietf.org/html/rfc7468#section-13

# File 'proto_docs/google/cloud/binaryauthorization/v1beta1/resources.rb', line 235

class PkixPublicKey
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Represents a signature algorithm and other information necessary to verify
  # signatures with a given public key.
  # This is based primarily on the public key types supported by Tink's
  # PemKeyType, which is in turn based on KMS's supported signing algorithms.
  # See https://cloud.google.com/kms/docs/algorithms. In the future, BinAuthz
  # might support additional public key types independently of Tink and/or KMS.
  module SignatureAlgorithm
    # Not specified.
    SIGNATURE_ALGORITHM_UNSPECIFIED = 0

    # RSASSA-PSS 2048 bit key with a SHA256 digest.
    RSA_PSS_2048_SHA256 = 1

    # RSASSA-PSS 3072 bit key with a SHA256 digest.
    RSA_PSS_3072_SHA256 = 2

    # RSASSA-PSS 4096 bit key with a SHA256 digest.
    RSA_PSS_4096_SHA256 = 3

    # RSASSA-PSS 4096 bit key with a SHA512 digest.
    RSA_PSS_4096_SHA512 = 4

    # RSASSA-PKCS1-v1_5 with a 2048 bit key and a SHA256 digest.
    RSA_SIGN_PKCS1_2048_SHA256 = 5

    # RSASSA-PKCS1-v1_5 with a 3072 bit key and a SHA256 digest.
    RSA_SIGN_PKCS1_3072_SHA256 = 6

    # RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA256 digest.
    RSA_SIGN_PKCS1_4096_SHA256 = 7

    # RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA512 digest.
    RSA_SIGN_PKCS1_4096_SHA512 = 8

    # ECDSA on the NIST P-256 curve with a SHA256 digest.
    ECDSA_P256_SHA256 = 9

    # ECDSA on the NIST P-384 curve with a SHA384 digest.
    ECDSA_P384_SHA384 = 10

    # ECDSA on the NIST P-521 curve with a SHA512 digest.
    ECDSA_P521_SHA512 = 11
  end
end

#signature_algorithm ⇒ ::Google::Cloud::BinaryAuthorization::V1beta1::PkixPublicKey::SignatureAlgorithm

Returns The signature algorithm used to verify a message against a signature using this key. These signature algorithm must match the structure and any object identifiers encoded in public_key_pem (i.e. this algorithm must match that of the public key).

Returns:

• (::Google::Cloud::BinaryAuthorization::V1beta1::PkixPublicKey::SignatureAlgorithm) —

  The signature algorithm used to verify a message against a signature using this key. These signature algorithm must match the structure and any object identifiers encoded in public_key_pem (i.e. this algorithm must match that of the public key).

# File 'proto_docs/google/cloud/binaryauthorization/v1beta1/resources.rb', line 235

class PkixPublicKey
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Represents a signature algorithm and other information necessary to verify
  # signatures with a given public key.
  # This is based primarily on the public key types supported by Tink's
  # PemKeyType, which is in turn based on KMS's supported signing algorithms.
  # See https://cloud.google.com/kms/docs/algorithms. In the future, BinAuthz
  # might support additional public key types independently of Tink and/or KMS.
  module SignatureAlgorithm
    # Not specified.
    SIGNATURE_ALGORITHM_UNSPECIFIED = 0

    # RSASSA-PSS 2048 bit key with a SHA256 digest.
    RSA_PSS_2048_SHA256 = 1

    # RSASSA-PSS 3072 bit key with a SHA256 digest.
    RSA_PSS_3072_SHA256 = 2

    # RSASSA-PSS 4096 bit key with a SHA256 digest.
    RSA_PSS_4096_SHA256 = 3

    # RSASSA-PSS 4096 bit key with a SHA512 digest.
    RSA_PSS_4096_SHA512 = 4

    # RSASSA-PKCS1-v1_5 with a 2048 bit key and a SHA256 digest.
    RSA_SIGN_PKCS1_2048_SHA256 = 5

    # RSASSA-PKCS1-v1_5 with a 3072 bit key and a SHA256 digest.
    RSA_SIGN_PKCS1_3072_SHA256 = 6

    # RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA256 digest.
    RSA_SIGN_PKCS1_4096_SHA256 = 7

    # RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA512 digest.
    RSA_SIGN_PKCS1_4096_SHA512 = 8

    # ECDSA on the NIST P-256 curve with a SHA256 digest.
    ECDSA_P256_SHA256 = 9

    # ECDSA on the NIST P-384 curve with a SHA384 digest.
    ECDSA_P384_SHA384 = 10

    # ECDSA on the NIST P-521 curve with a SHA512 digest.
    ECDSA_P521_SHA512 = 11
  end
end