AttestorPublicKey(mapping=None, *, ignore_unknown_fields=False, **kwargs)
An [attestor public key][google.cloud.binaryauthorization.v1.AttestorPublicKey] that will be used to verify attestations signed by this attestor.
This message has oneof
_ fields (mutually exclusive fields).
For each oneof, at most one member field can be set at the same time.
Setting any member of the oneof automatically clears all other
members.
.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields
Attributes
Name | Description |
comment |
str
Optional. A descriptive comment. This field may be updated. |
id |
str
The ID of this public key. Signatures verified by BinAuthz must include the ID of the public key that can be used to verify them, and that ID must match the contents of this field exactly. Additional restrictions on this field can be imposed based on which public key type is encapsulated. See the documentation on public_key cases below for details.
|
ascii_armored_pgp_public_key |
str
ASCII-armored representation of a PGP public key, as the entire output by the command gpg --export --armor foo@example.com (either LF or CRLF
line endings). When using this field, id should be left
blank. The BinAuthz API handlers will calculate the ID and
fill it in automatically. BinAuthz computes this ID as the
OpenPGP RFC4880 V4 fingerprint, represented as upper-case
hex. If id is provided by the caller, it will be
overwritten by the API-calculated ID.
This field is a member of oneof _ public_key .
|
pkix_public_key |
google.cloud.binaryauthorization_v1.types.PkixPublicKey
A raw PKIX SubjectPublicKeyInfo format public key. NOTE: id may be explicitly provided by the caller when
using this type of public key, but it MUST be a valid
RFC3986 URI. If id is left blank, a default one will be
computed based on the digest of the DER encoding of the
public key.
This field is a member of oneof _ public_key .
|