- 2.54.0 (latest)
- 2.53.0
- 2.52.0
- 2.50.0
- 2.49.0
- 2.48.0
- 2.47.0
- 2.46.0
- 2.45.0
- 2.44.0
- 2.43.0
- 2.42.0
- 2.41.0
- 2.40.0
- 2.38.0
- 2.37.0
- 2.36.0
- 2.35.0
- 2.34.0
- 2.33.0
- 2.32.0
- 2.31.0
- 2.30.0
- 2.29.0
- 2.28.0
- 2.25.0
- 2.24.0
- 2.23.0
- 2.22.0
- 2.21.0
- 2.20.0
- 2.19.0
- 2.18.0
- 2.17.0
- 2.16.0
- 2.15.0
- 2.14.0
- 2.13.0
- 2.12.0
- 2.11.0
- 2.10.0
- 2.9.0
- 2.8.0
- 2.7.0
- 2.6.0
- 2.5.0
- 2.4.10
- 2.3.1
- 2.2.16
public interface PgpSignedAttestationOrBuilder extends MessageOrBuilder
Implements
MessageOrBuilderMethods
getContentType()
public abstract PgpSignedAttestation.ContentType getContentType()
Type (for example schema) of the attestation payload that was signed. The verifier must ensure that the provided type is one that the verifier supports, and that the attestation payload is a valid instantiation of that type (for example by validating a JSON schema).
.grafeas.v1beta1.attestation.PgpSignedAttestation.ContentType content_type = 3;
Returns | |
---|---|
Type | Description |
PgpSignedAttestation.ContentType |
The contentType. |
getContentTypeValue()
public abstract int getContentTypeValue()
Type (for example schema) of the attestation payload that was signed. The verifier must ensure that the provided type is one that the verifier supports, and that the attestation payload is a valid instantiation of that type (for example by validating a JSON schema).
.grafeas.v1beta1.attestation.PgpSignedAttestation.ContentType content_type = 3;
Returns | |
---|---|
Type | Description |
int |
The enum numeric value on the wire for contentType. |
getKeyIdCase()
public abstract PgpSignedAttestation.KeyIdCase getKeyIdCase()
Returns | |
---|---|
Type | Description |
PgpSignedAttestation.KeyIdCase |
getPgpKeyId()
public abstract String getPgpKeyId()
The cryptographic fingerprint of the key used to generate the signature,
as output by, e.g. gpg --list-keys
. This should be the version 4, full
160-bit fingerprint, expressed as a 40 character hexidecimal string. See
https://tools.ietf.org/html/rfc4880#section-12.2 for details.
Implementations may choose to acknowledge "LONG", "SHORT", or other
abbreviated key IDs, but only the full fingerprint is guaranteed to work.
In gpg, the full fingerprint can be retrieved from the fpr
field
returned when calling --list-keys with --with-colons. For example:
<code><code>
gpg --with-colons --with-fingerprint --force-v4-certs \
--list-keys attester@example.com
tru::1:1513631572:0:3:1:5
pub:...<SNIP>...
fpr:::::::::24FF6481B76AC91E66A00AC657A93A81EF3AE6FB:
</code></code><code>
Above, the fingerprint is </code>24FF6481B76AC91E66A00AC657A93A81EF3AE6FB
.
string pgp_key_id = 2;
Returns | |
---|---|
Type | Description |
String |
The pgpKeyId. |
getPgpKeyIdBytes()
public abstract ByteString getPgpKeyIdBytes()
The cryptographic fingerprint of the key used to generate the signature,
as output by, e.g. gpg --list-keys
. This should be the version 4, full
160-bit fingerprint, expressed as a 40 character hexidecimal string. See
https://tools.ietf.org/html/rfc4880#section-12.2 for details.
Implementations may choose to acknowledge "LONG", "SHORT", or other
abbreviated key IDs, but only the full fingerprint is guaranteed to work.
In gpg, the full fingerprint can be retrieved from the fpr
field
returned when calling --list-keys with --with-colons. For example:
<code><code>
gpg --with-colons --with-fingerprint --force-v4-certs \
--list-keys attester@example.com
tru::1:1513631572:0:3:1:5
pub:...<SNIP>...
fpr:::::::::24FF6481B76AC91E66A00AC657A93A81EF3AE6FB:
</code></code><code>
Above, the fingerprint is </code>24FF6481B76AC91E66A00AC657A93A81EF3AE6FB
.
string pgp_key_id = 2;
Returns | |
---|---|
Type | Description |
ByteString |
The bytes for pgpKeyId. |
getSignature()
public abstract String getSignature()
Required. The raw content of the signature, as output by GNU Privacy Guard
(GPG) or equivalent. Since this message only supports attached signatures,
the payload that was signed must be attached. While the signature format
supported is dependent on the verification implementation, currently only
ASCII-armored (--armor
to gpg), non-clearsigned (--sign
rather than
--clearsign
to gpg) are supported. Concretely, gpg --sign --armor
--output=signature.gpg payload.json
will create the signature content
expected in this field in signature.gpg
for the payload.json
attestation payload.
string signature = 1;
Returns | |
---|---|
Type | Description |
String |
The signature. |
getSignatureBytes()
public abstract ByteString getSignatureBytes()
Required. The raw content of the signature, as output by GNU Privacy Guard
(GPG) or equivalent. Since this message only supports attached signatures,
the payload that was signed must be attached. While the signature format
supported is dependent on the verification implementation, currently only
ASCII-armored (--armor
to gpg), non-clearsigned (--sign
rather than
--clearsign
to gpg) are supported. Concretely, gpg --sign --armor
--output=signature.gpg payload.json
will create the signature content
expected in this field in signature.gpg
for the payload.json
attestation payload.
string signature = 1;
Returns | |
---|---|
Type | Description |
ByteString |
The bytes for signature. |