public static final class Signature.Builder extends GeneratedMessageV3.Builder<Signature.Builder> implements SignatureOrBuilder
Verifiers (e.g. Kritis implementations) MUST verify signatures
with respect to the trust anchors defined in policy (e.g. a Kritis policy).
Typically this means that the verifier has been configured with a map from
public_key_id
to public key material (and any required parameters, e.g.
signing algorithm).
In particular, verification implementations MUST NOT treat the signature
public_key_id
as anything more than a key lookup hint. The public_key_id
DOES NOT validate or authenticate a public key; it only provides a mechanism
for quickly selecting a public key ALREADY CONFIGURED on the verifier through
a trusted channel. Verification implementations MUST reject signatures in any
of the following circumstances:
- The
public_key_id
is not recognized by the verifier.
- The public key that
public_key_id
refers to does not verify the
signature with respect to the payload.
The signature
contents SHOULD NOT be "attached" (where the payload is
included with the serialized signature
bytes). Verifiers MUST ignore any
"attached" payload and only verify signatures with respect to explicitly
provided payload (e.g. a payload
field on the proto message that holds
this Signature, or the canonical serialization of the proto message that
holds this signature).
Protobuf type grafeas.v1beta1.Signature
Inherited Members
com.google.protobuf.GeneratedMessageV3.Builder.getUnknownFieldSetBuilder()
com.google.protobuf.GeneratedMessageV3.Builder.mergeUnknownLengthDelimitedField(int,com.google.protobuf.ByteString)
com.google.protobuf.GeneratedMessageV3.Builder.mergeUnknownVarintField(int,int)
com.google.protobuf.GeneratedMessageV3.Builder.parseUnknownField(com.google.protobuf.CodedInputStream,com.google.protobuf.ExtensionRegistryLite,int)
com.google.protobuf.GeneratedMessageV3.Builder.setUnknownFieldSetBuilder(com.google.protobuf.UnknownFieldSet.Builder)
Static Methods
getDescriptor()
public static final Descriptors.Descriptor getDescriptor()
Returns
Methods
addRepeatedField(Descriptors.FieldDescriptor field, Object value)
public Signature.Builder addRepeatedField(Descriptors.FieldDescriptor field, Object value)
Parameters
Returns
Overrides
build()
Returns
buildPartial()
public Signature buildPartial()
Returns
clear()
public Signature.Builder clear()
Returns
Overrides
clearField(Descriptors.FieldDescriptor field)
public Signature.Builder clearField(Descriptors.FieldDescriptor field)
Parameter
Returns
Overrides
clearOneof(Descriptors.OneofDescriptor oneof)
public Signature.Builder clearOneof(Descriptors.OneofDescriptor oneof)
Parameter
Returns
Overrides
clearPublicKeyId()
public Signature.Builder clearPublicKeyId()
The identifier for the public key that verifies this signature.
- The
public_key_id
is required.
- The
public_key_id
MUST be an RFC3986 conformant URI.
- When possible, the
public_key_id
SHOULD be an immutable reference,
such as a cryptographic digest.
Examples of valid public_key_id
s:
OpenPGP V4 public key fingerprint:
- "openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA"
See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more
details on this scheme.
RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER
serialization):
- "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU"
- "nih:///sha-256;703f68f42aba2c6de30f488a5ea122fef76324679c9bf89791ba95a1271589a5"
string public_key_id = 2;
Returns
clearSignature()
public Signature.Builder clearSignature()
The content of the signature, an opaque bytestring.
The payload that this signature verifies MUST be unambiguously provided
with the Signature during verification. A wrapper message might provide
the payload explicitly. Alternatively, a message might have a canonical
serialization that can always be unambiguously computed to derive the
payload.
bytes signature = 1;
Returns
clone()
public Signature.Builder clone()
Returns
Overrides
getDefaultInstanceForType()
public Signature getDefaultInstanceForType()
Returns
getDescriptorForType()
public Descriptors.Descriptor getDescriptorForType()
Returns
Overrides
getPublicKeyId()
public String getPublicKeyId()
The identifier for the public key that verifies this signature.
- The
public_key_id
is required.
- The
public_key_id
MUST be an RFC3986 conformant URI.
- When possible, the
public_key_id
SHOULD be an immutable reference,
such as a cryptographic digest.
Examples of valid public_key_id
s:
OpenPGP V4 public key fingerprint:
- "openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA"
See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more
details on this scheme.
RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER
serialization):
- "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU"
- "nih:///sha-256;703f68f42aba2c6de30f488a5ea122fef76324679c9bf89791ba95a1271589a5"
string public_key_id = 2;
Returns
Type | Description |
String | The publicKeyId.
|
getPublicKeyIdBytes()
public ByteString getPublicKeyIdBytes()
The identifier for the public key that verifies this signature.
- The
public_key_id
is required.
- The
public_key_id
MUST be an RFC3986 conformant URI.
- When possible, the
public_key_id
SHOULD be an immutable reference,
such as a cryptographic digest.
Examples of valid public_key_id
s:
OpenPGP V4 public key fingerprint:
- "openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA"
See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more
details on this scheme.
RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER
serialization):
- "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU"
- "nih:///sha-256;703f68f42aba2c6de30f488a5ea122fef76324679c9bf89791ba95a1271589a5"
string public_key_id = 2;
Returns
Type | Description |
ByteString | The bytes for publicKeyId.
|
getSignature()
public ByteString getSignature()
The content of the signature, an opaque bytestring.
The payload that this signature verifies MUST be unambiguously provided
with the Signature during verification. A wrapper message might provide
the payload explicitly. Alternatively, a message might have a canonical
serialization that can always be unambiguously computed to derive the
payload.
bytes signature = 1;
Returns
internalGetFieldAccessorTable()
protected GeneratedMessageV3.FieldAccessorTable internalGetFieldAccessorTable()
Returns
Overrides
isInitialized()
public final boolean isInitialized()
Returns
Overrides
public Signature.Builder mergeFrom(CodedInputStream input, ExtensionRegistryLite extensionRegistry)
Parameters
Returns
Overrides
Exceptions
mergeFrom(Message other)
public Signature.Builder mergeFrom(Message other)
Parameter
Returns
Overrides
mergeFrom(Signature other)
public Signature.Builder mergeFrom(Signature other)
Parameter
Returns
mergeUnknownFields(UnknownFieldSet unknownFields)
public final Signature.Builder mergeUnknownFields(UnknownFieldSet unknownFields)
Parameter
Returns
Overrides
setField(Descriptors.FieldDescriptor field, Object value)
public Signature.Builder setField(Descriptors.FieldDescriptor field, Object value)
Parameters
Returns
Overrides
setPublicKeyId(String value)
public Signature.Builder setPublicKeyId(String value)
The identifier for the public key that verifies this signature.
- The
public_key_id
is required.
- The
public_key_id
MUST be an RFC3986 conformant URI.
- When possible, the
public_key_id
SHOULD be an immutable reference,
such as a cryptographic digest.
Examples of valid public_key_id
s:
OpenPGP V4 public key fingerprint:
- "openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA"
See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more
details on this scheme.
RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER
serialization):
- "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU"
- "nih:///sha-256;703f68f42aba2c6de30f488a5ea122fef76324679c9bf89791ba95a1271589a5"
string public_key_id = 2;
Parameter
Name | Description |
value | String
The publicKeyId to set.
|
Returns
setPublicKeyIdBytes(ByteString value)
public Signature.Builder setPublicKeyIdBytes(ByteString value)
The identifier for the public key that verifies this signature.
- The
public_key_id
is required.
- The
public_key_id
MUST be an RFC3986 conformant URI.
- When possible, the
public_key_id
SHOULD be an immutable reference,
such as a cryptographic digest.
Examples of valid public_key_id
s:
OpenPGP V4 public key fingerprint:
- "openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA"
See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more
details on this scheme.
RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER
serialization):
- "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU"
- "nih:///sha-256;703f68f42aba2c6de30f488a5ea122fef76324679c9bf89791ba95a1271589a5"
string public_key_id = 2;
Parameter
Name | Description |
value | ByteString
The bytes for publicKeyId to set.
|
Returns
setRepeatedField(Descriptors.FieldDescriptor field, int index, Object value)
public Signature.Builder setRepeatedField(Descriptors.FieldDescriptor field, int index, Object value)
Parameters
Returns
Overrides
setSignature(ByteString value)
public Signature.Builder setSignature(ByteString value)
The content of the signature, an opaque bytestring.
The payload that this signature verifies MUST be unambiguously provided
with the Signature during verification. A wrapper message might provide
the payload explicitly. Alternatively, a message might have a canonical
serialization that can always be unambiguously computed to derive the
payload.
bytes signature = 1;
Parameter
Name | Description |
value | ByteString
The signature to set.
|
Returns
setUnknownFields(UnknownFieldSet unknownFields)
public final Signature.Builder setUnknownFields(UnknownFieldSet unknownFields)
Parameter
Returns
Overrides