Package dev.sigstore.proto.trustroot.v1

Class TransparencyLogInstance

java.lang.Object
com.google.protobuf.AbstractMessageLite
com.google.protobuf.AbstractMessage
com.google.protobuf.GeneratedMessage
dev.sigstore.proto.trustroot.v1.TransparencyLogInstance
All Implemented Interfaces:
com.google.protobuf.Message, com.google.protobuf.MessageLite, com.google.protobuf.MessageLiteOrBuilder, com.google.protobuf.MessageOrBuilder, TransparencyLogInstanceOrBuilder, Serializable
public final class TransparencyLogInstance extends com.google.protobuf.GeneratedMessage implements TransparencyLogInstanceOrBuilder
 TransparencyLogInstance describes the immutable parameters from a
 transparency log.
 See https://www.rfc-editor.org/rfc/rfc9162.html#name-log-parameters
 for more details.
 The included parameters are the minimal set required to identify a log,
 and verify an inclusion proof/promise.
Protobuf type dev.sigstore.trustroot.v1.TransparencyLogInstance
See Also:

  • Field Details

    • BASE_URL_FIELD_NUMBER

      public static final int BASE_URL_FIELD_NUMBER
      See Also:

    • HASH_ALGORITHM_FIELD_NUMBER

      public static final int HASH_ALGORITHM_FIELD_NUMBER
      See Also:

    • PUBLIC_KEY_FIELD_NUMBER

      public static final int PUBLIC_KEY_FIELD_NUMBER
      See Also:

    • LOG_ID_FIELD_NUMBER

      public static final int LOG_ID_FIELD_NUMBER
      See Also:

    • CHECKPOINT_KEY_ID_FIELD_NUMBER

      public static final int CHECKPOINT_KEY_ID_FIELD_NUMBER
      See Also:

    • OPERATOR_FIELD_NUMBER

      public static final int OPERATOR_FIELD_NUMBER
      See Also:

  • Method Details

    • getDescriptor

      public static final com.google.protobuf.Descriptors.Descriptor getDescriptor()

    • internalGetFieldAccessorTable

      protected com.google.protobuf.GeneratedMessage.FieldAccessorTable internalGetFieldAccessorTable()
      Specified by:
      internalGetFieldAccessorTable in class com.google.protobuf.GeneratedMessage

    • getBaseUrl

      public String getBaseUrl()
       The base URL at which can be used to URLs for the client.
 SHOULD match the origin on the log checkpoint:
 https://github.com/C2SP/C2SP/blob/main/tlog-checkpoint.md#note-text.
      string base_url = 1;
      Specified by:
      getBaseUrl in interface TransparencyLogInstanceOrBuilder
      Returns:
      The baseUrl.

    • getBaseUrlBytes

      public com.google.protobuf.ByteString getBaseUrlBytes()
       The base URL at which can be used to URLs for the client.
 SHOULD match the origin on the log checkpoint:
 https://github.com/C2SP/C2SP/blob/main/tlog-checkpoint.md#note-text.
      string base_url = 1;
      Specified by:
      getBaseUrlBytes in interface TransparencyLogInstanceOrBuilder
      Returns:
      The bytes for baseUrl.

    • getHashAlgorithmValue

      public int getHashAlgorithmValue()
       The hash algorithm used for the Merkle Tree.
      .dev.sigstore.common.v1.HashAlgorithm hash_algorithm = 2;
      Specified by:
      getHashAlgorithmValue in interface TransparencyLogInstanceOrBuilder
      Returns:
      The enum numeric value on the wire for hashAlgorithm.

    • getHashAlgorithm

      public HashAlgorithm getHashAlgorithm()
       The hash algorithm used for the Merkle Tree.
      .dev.sigstore.common.v1.HashAlgorithm hash_algorithm = 2;
      Specified by:
      getHashAlgorithm in interface TransparencyLogInstanceOrBuilder
      Returns:
      The hashAlgorithm.

    • hasPublicKey

      public boolean hasPublicKey()
       The public key used to verify signatures generated by the log.
 This attribute contains the signature algorithm used by the log.
      .dev.sigstore.common.v1.PublicKey public_key = 3;
      Specified by:
      hasPublicKey in interface TransparencyLogInstanceOrBuilder
      Returns:
      Whether the publicKey field is set.

    • getPublicKey

      public PublicKey getPublicKey()
       The public key used to verify signatures generated by the log.
 This attribute contains the signature algorithm used by the log.
      .dev.sigstore.common.v1.PublicKey public_key = 3;
      Specified by:
      getPublicKey in interface TransparencyLogInstanceOrBuilder
      Returns:
      The publicKey.

    • getPublicKeyOrBuilder

      public PublicKeyOrBuilder getPublicKeyOrBuilder()
       The public key used to verify signatures generated by the log.
 This attribute contains the signature algorithm used by the log.
      .dev.sigstore.common.v1.PublicKey public_key = 3;
      Specified by:
      getPublicKeyOrBuilder in interface TransparencyLogInstanceOrBuilder

    • hasLogId

      @Deprecated public boolean hasLogId()
      Deprecated.
      dev.sigstore.trustroot.v1.TransparencyLogInstance.log_id is deprecated. See sigstore_trustroot.proto;l=53
       The unique identifier for this transparency log.
 Represented as the SHA-256 hash of the log's public key,
 calculated over the DER encoding of the key represented as
 SubjectPublicKeyInfo.
 See https://www.rfc-editor.org/rfc/rfc6962#section-3.2
 MUST set checkpoint_key_id if multiple logs use the same
 signing key.
 Deprecated: Use checkpoint_key_id instead, since log_id is not
 guaranteed to be unique across multiple deployments. Clients
 must use the key name and key ID from a checkpoint to determine
 the correct TransparencyLogInstance to verify a proof.
      .dev.sigstore.common.v1.LogId log_id = 4 [deprecated = true];
      Specified by:
      hasLogId in interface TransparencyLogInstanceOrBuilder
      Returns:
      Whether the logId field is set.

    • getLogId

      @Deprecated public LogId getLogId()
      Deprecated.
      dev.sigstore.trustroot.v1.TransparencyLogInstance.log_id is deprecated. See sigstore_trustroot.proto;l=53
       The unique identifier for this transparency log.
 Represented as the SHA-256 hash of the log's public key,
 calculated over the DER encoding of the key represented as
 SubjectPublicKeyInfo.
 See https://www.rfc-editor.org/rfc/rfc6962#section-3.2
 MUST set checkpoint_key_id if multiple logs use the same
 signing key.
 Deprecated: Use checkpoint_key_id instead, since log_id is not
 guaranteed to be unique across multiple deployments. Clients
 must use the key name and key ID from a checkpoint to determine
 the correct TransparencyLogInstance to verify a proof.
      .dev.sigstore.common.v1.LogId log_id = 4 [deprecated = true];
      Specified by:
      getLogId in interface TransparencyLogInstanceOrBuilder
      Returns:
      The logId.

    • getLogIdOrBuilder

      @Deprecated public LogIdOrBuilder getLogIdOrBuilder()
      Deprecated.
       The unique identifier for this transparency log.
 Represented as the SHA-256 hash of the log's public key,
 calculated over the DER encoding of the key represented as
 SubjectPublicKeyInfo.
 See https://www.rfc-editor.org/rfc/rfc6962#section-3.2
 MUST set checkpoint_key_id if multiple logs use the same
 signing key.
 Deprecated: Use checkpoint_key_id instead, since log_id is not
 guaranteed to be unique across multiple deployments. Clients
 must use the key name and key ID from a checkpoint to determine
 the correct TransparencyLogInstance to verify a proof.
      .dev.sigstore.common.v1.LogId log_id = 4 [deprecated = true];
      Specified by:
      getLogIdOrBuilder in interface TransparencyLogInstanceOrBuilder

    • hasCheckpointKeyId

      public boolean hasCheckpointKeyId()
       The unique identifier for the log, used in the checkpoint.
 Its calculation is described in
 https://github.com/C2SP/C2SP/blob/main/signed-note.md#signatures
 SHOULD be set for all logs. When not set, clients MUST use log_id.

 For Ed25519 signatures, the key ID is computed per the C2SP spec:
 key ID = SHA-256(key name || 0x0A || 0x01 || 32-byte Ed25519 public key)[:4]
 For ECDSA signatures, the key ID is computed per the C2SP spec:
 key ID = SHA-256(PKIX ASN.1 DER-encoded public key, in SubjectPublicKeyInfo format)[:4]
 For RSA signatures, the signature type will be 0xff with an appended identifier for the format,
 "PKIX-RSA-PKCS#1v1.5":
 key ID = SHA-256(key name || 0x0A || 0xff || PKIX-RSA-PKCS#1v1.5 || PKIX ASN.1 DER-encoded public key)[:4]

 This is provided for convenience. Clients can also calculate the
 checkpoint key ID given the log's public key.
 SHOULD be 4 bytes long, as a truncated hash.

 To find a matching TransparencyLogInstance in the TrustedRoot,
 clients will parse the checkpoint, and for each signature line,
 use the key name (i.e. log origin, base_url from TrustedRoot)
 and checkpoint key ID (i.e. checkpoint_key_id from TrustedRoot)
 which can then be compared against the TrustedRoot log instances.
      .dev.sigstore.common.v1.LogId checkpoint_key_id = 5;
      Specified by:
      hasCheckpointKeyId in interface TransparencyLogInstanceOrBuilder
      Returns:
      Whether the checkpointKeyId field is set.

    • getCheckpointKeyId

      public LogId getCheckpointKeyId()
       The unique identifier for the log, used in the checkpoint.
 Its calculation is described in
 https://github.com/C2SP/C2SP/blob/main/signed-note.md#signatures
 SHOULD be set for all logs. When not set, clients MUST use log_id.

 For Ed25519 signatures, the key ID is computed per the C2SP spec:
 key ID = SHA-256(key name || 0x0A || 0x01 || 32-byte Ed25519 public key)[:4]
 For ECDSA signatures, the key ID is computed per the C2SP spec:
 key ID = SHA-256(PKIX ASN.1 DER-encoded public key, in SubjectPublicKeyInfo format)[:4]
 For RSA signatures, the signature type will be 0xff with an appended identifier for the format,
 "PKIX-RSA-PKCS#1v1.5":
 key ID = SHA-256(key name || 0x0A || 0xff || PKIX-RSA-PKCS#1v1.5 || PKIX ASN.1 DER-encoded public key)[:4]

 This is provided for convenience. Clients can also calculate the
 checkpoint key ID given the log's public key.
 SHOULD be 4 bytes long, as a truncated hash.

 To find a matching TransparencyLogInstance in the TrustedRoot,
 clients will parse the checkpoint, and for each signature line,
 use the key name (i.e. log origin, base_url from TrustedRoot)
 and checkpoint key ID (i.e. checkpoint_key_id from TrustedRoot)
 which can then be compared against the TrustedRoot log instances.
      .dev.sigstore.common.v1.LogId checkpoint_key_id = 5;
      Specified by:
      getCheckpointKeyId in interface TransparencyLogInstanceOrBuilder
      Returns:
      The checkpointKeyId.

    • getCheckpointKeyIdOrBuilder

      public LogIdOrBuilder getCheckpointKeyIdOrBuilder()
       The unique identifier for the log, used in the checkpoint.
 Its calculation is described in
 https://github.com/C2SP/C2SP/blob/main/signed-note.md#signatures
 SHOULD be set for all logs. When not set, clients MUST use log_id.

 For Ed25519 signatures, the key ID is computed per the C2SP spec:
 key ID = SHA-256(key name || 0x0A || 0x01 || 32-byte Ed25519 public key)[:4]
 For ECDSA signatures, the key ID is computed per the C2SP spec:
 key ID = SHA-256(PKIX ASN.1 DER-encoded public key, in SubjectPublicKeyInfo format)[:4]
 For RSA signatures, the signature type will be 0xff with an appended identifier for the format,
 "PKIX-RSA-PKCS#1v1.5":
 key ID = SHA-256(key name || 0x0A || 0xff || PKIX-RSA-PKCS#1v1.5 || PKIX ASN.1 DER-encoded public key)[:4]

 This is provided for convenience. Clients can also calculate the
 checkpoint key ID given the log's public key.
 SHOULD be 4 bytes long, as a truncated hash.

 To find a matching TransparencyLogInstance in the TrustedRoot,
 clients will parse the checkpoint, and for each signature line,
 use the key name (i.e. log origin, base_url from TrustedRoot)
 and checkpoint key ID (i.e. checkpoint_key_id from TrustedRoot)
 which can then be compared against the TrustedRoot log instances.
      .dev.sigstore.common.v1.LogId checkpoint_key_id = 5;
      Specified by:
      getCheckpointKeyIdOrBuilder in interface TransparencyLogInstanceOrBuilder

    • getOperator

      public String getOperator()
       The name of the operator of this log deployment. Operator MUST be
 formatted as a scheme-less URI, e.g. sigstore.dev
 This MUST be used when there are multiple transparency log instances
 to determine if log proof verification meets a specified threshold,
 e.g. two proofs from log deployments operated by the same operator
 should count as only one valid proof.
      string operator = 6;
      Specified by:
      getOperator in interface TransparencyLogInstanceOrBuilder
      Returns:
      The operator.

    • getOperatorBytes

      public com.google.protobuf.ByteString getOperatorBytes()
       The name of the operator of this log deployment. Operator MUST be
 formatted as a scheme-less URI, e.g. sigstore.dev
 This MUST be used when there are multiple transparency log instances
 to determine if log proof verification meets a specified threshold,
 e.g. two proofs from log deployments operated by the same operator
 should count as only one valid proof.
      string operator = 6;
      Specified by:
      getOperatorBytes in interface TransparencyLogInstanceOrBuilder
      Returns:
      The bytes for operator.

    • isInitialized

      public final boolean isInitialized()
      Specified by:
      isInitialized in interface com.google.protobuf.MessageLiteOrBuilder
      Overrides:
      isInitialized in class com.google.protobuf.GeneratedMessage

    • writeTo

      public void writeTo(com.google.protobuf.CodedOutputStream output) throws IOException
      Specified by:
      writeTo in interface com.google.protobuf.MessageLite
      Overrides:
      writeTo in class com.google.protobuf.GeneratedMessage
      Throws:
      IOException

    • getSerializedSize

      public int getSerializedSize()
      Specified by:
      getSerializedSize in interface com.google.protobuf.MessageLite
      Overrides:
      getSerializedSize in class com.google.protobuf.GeneratedMessage

    • equals

      public boolean equals(Object obj)
      Specified by:
      equals in interface com.google.protobuf.Message
      Overrides:
      equals in class com.google.protobuf.AbstractMessage

    • hashCode

      public int hashCode()
      Specified by:
      hashCode in interface com.google.protobuf.Message
      Overrides:
      hashCode in class com.google.protobuf.AbstractMessage

    • parseFrom

      public static TransparencyLogInstance parseFrom(ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException

    • parseFrom

      public static TransparencyLogInstance parseFrom(ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException

    • parseFrom

      public static TransparencyLogInstance parseFrom(com.google.protobuf.ByteString data) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException

    • parseFrom

      public static TransparencyLogInstance parseFrom(com.google.protobuf.ByteString data, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException

    • parseFrom

      public static TransparencyLogInstance parseFrom(byte[] data) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException

    • parseFrom

      public static TransparencyLogInstance parseFrom(byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException

    • parseFrom

      public static TransparencyLogInstance parseFrom(InputStream input) throws IOException
      Throws:
      IOException

    • parseFrom

      public static TransparencyLogInstance parseFrom(InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws IOException
      Throws:
      IOException

    • parseDelimitedFrom

      public static TransparencyLogInstance parseDelimitedFrom(InputStream input) throws IOException
      Throws:
      IOException

    • parseDelimitedFrom

      public static TransparencyLogInstance parseDelimitedFrom(InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws IOException
      Throws:
      IOException

    • parseFrom

      public static TransparencyLogInstance parseFrom(com.google.protobuf.CodedInputStream input) throws IOException
      Throws:
      IOException

    • parseFrom

      public static TransparencyLogInstance parseFrom(com.google.protobuf.CodedInputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws IOException
      Throws:
      IOException

    • newBuilderForType

      public TransparencyLogInstance.Builder newBuilderForType()
      Specified by:
      newBuilderForType in interface com.google.protobuf.Message
      Specified by:
      newBuilderForType in interface com.google.protobuf.MessageLite

    • newBuilder

      public static TransparencyLogInstance.Builder newBuilder()

    • newBuilder

      public static TransparencyLogInstance.Builder newBuilder(TransparencyLogInstance prototype)

    • toBuilder

      public TransparencyLogInstance.Builder toBuilder()
      Specified by:
      toBuilder in interface com.google.protobuf.Message
      Specified by:
      toBuilder in interface com.google.protobuf.MessageLite

    • newBuilderForType

      protected TransparencyLogInstance.Builder newBuilderForType(com.google.protobuf.AbstractMessage.BuilderParent parent)
      Overrides:
      newBuilderForType in class com.google.protobuf.AbstractMessage

    • getDefaultInstance

      public static TransparencyLogInstance getDefaultInstance()

    • parser

      public static com.google.protobuf.Parser<TransparencyLogInstance> parser()

    • getParserForType

      public com.google.protobuf.Parser<TransparencyLogInstance> getParserForType()
      Specified by:
      getParserForType in interface com.google.protobuf.Message
      Specified by:
      getParserForType in interface com.google.protobuf.MessageLite
      Overrides:
      getParserForType in class com.google.protobuf.GeneratedMessage

    • getDefaultInstanceForType

      public TransparencyLogInstance getDefaultInstanceForType()
      Specified by:
      getDefaultInstanceForType in interface com.google.protobuf.MessageLiteOrBuilder
      Specified by:
      getDefaultInstanceForType in interface com.google.protobuf.MessageOrBuilder