Class PkixPublicKey (1.9.0)

PkixPublicKey(mapping=None, *, ignore_unknown_fields=False, **kwargs)

A public key in the PkixPublicKey format (see https://tools.ietf.org/html/rfc5280#section-4.1.2.7 for details). Public keys of this type are typically textually encoded using the PEM format.

Attributes

NameDescription
public_key_pem str
A PEM-encoded public key, as described in https://tools.ietf.org/html/rfc7468#section-13
signature_algorithm google.cloud.binaryauthorization_v1.types.PkixPublicKey.SignatureAlgorithm
The signature algorithm used to verify a message against a signature using this key. These signature algorithm must match the structure and any object identifiers encoded in public_key_pem (i.e. this algorithm must match that of the public key).

Classes

SignatureAlgorithm

SignatureAlgorithm(value)

Represents a signature algorithm and other information necessary to verify signatures with a given public key. This is based primarily on the public key types supported by Tink's PemKeyType, which is in turn based on KMS's supported signing algorithms. See https://cloud.google.com/kms/docs/algorithms. In the future, BinAuthz might support additional public key types independently of Tink and/or KMS.

Values: SIGNATURE_ALGORITHM_UNSPECIFIED (0): Not specified. RSA_PSS_2048_SHA256 (1): RSASSA-PSS 2048 bit key with a SHA256 digest. RSA_PSS_3072_SHA256 (2): RSASSA-PSS 3072 bit key with a SHA256 digest. RSA_PSS_4096_SHA256 (3): RSASSA-PSS 4096 bit key with a SHA256 digest. RSA_PSS_4096_SHA512 (4): RSASSA-PSS 4096 bit key with a SHA512 digest. RSA_SIGN_PKCS1_2048_SHA256 (5): RSASSA-PKCS1-v1_5 with a 2048 bit key and a SHA256 digest. RSA_SIGN_PKCS1_3072_SHA256 (6): RSASSA-PKCS1-v1_5 with a 3072 bit key and a SHA256 digest. RSA_SIGN_PKCS1_4096_SHA256 (7): RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA256 digest. RSA_SIGN_PKCS1_4096_SHA512 (8): RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA512 digest. ECDSA_P256_SHA256 (9): ECDSA on the NIST P-256 curve with a SHA256 digest. EC_SIGN_P256_SHA256 (9): ECDSA on the NIST P-256 curve with a SHA256 digest. ECDSA_P384_SHA384 (10): ECDSA on the NIST P-384 curve with a SHA384 digest. EC_SIGN_P384_SHA384 (10): ECDSA on the NIST P-384 curve with a SHA384 digest. ECDSA_P521_SHA512 (11): ECDSA on the NIST P-521 curve with a SHA512 digest. EC_SIGN_P521_SHA512 (11): ECDSA on the NIST P-521 curve with a SHA512 digest.