public interface BuildSignatureOrBuilder extends MessageOrBuilderImplements
MessageOrBuilderMethods
getKeyId()
public abstract String getKeyId() An ID for the key used to sign. This could be either an ID for the key
stored in public_key (such as the ID or fingerprint for a PGP key, or the
CN for a cert), or a reference to an external key (such as a reference to a
key in Cloud Key Management Service).
string key_id = 3;
| Type | Description |
| String | The keyId. |
getKeyIdBytes()
public abstract ByteString getKeyIdBytes() An ID for the key used to sign. This could be either an ID for the key
stored in public_key (such as the ID or fingerprint for a PGP key, or the
CN for a cert), or a reference to an external key (such as a reference to a
key in Cloud Key Management Service).
string key_id = 3;
| Type | Description |
| ByteString | The bytes for keyId. |
getKeyType()
public abstract BuildSignature.KeyType getKeyType() The type of the key, either stored in public_key or referenced in
key_id.
.grafeas.v1beta1.build.BuildSignature.KeyType key_type = 4;
| Type | Description |
| BuildSignature.KeyType | The keyType. |
getKeyTypeValue()
public abstract int getKeyTypeValue() The type of the key, either stored in public_key or referenced in
key_id.
.grafeas.v1beta1.build.BuildSignature.KeyType key_type = 4;
| Type | Description |
| int | The enum numeric value on the wire for keyType. |
getPublicKey()
public abstract String getPublicKey() Public key of the builder which can be used to verify that the related
findings are valid and unchanged. If key_type is empty, this defaults
to PEM encoded public keys.
This field may be empty if key_id references an external key.
For Cloud Build based signatures, this is a PEM encoded public
key. To verify the Cloud Build signature, place the contents of
this field into a file (public.pem). The signature field is base64-decoded
into its binary representation in signature.bin, and the provenance bytes
from BuildDetails are base64-decoded into a binary representation in
signed.bin. OpenSSL can then verify the signature:
openssl sha256 -verify public.pem -signature signature.bin signed.bin
string public_key = 1;
| Type | Description |
| String | The publicKey. |
getPublicKeyBytes()
public abstract ByteString getPublicKeyBytes() Public key of the builder which can be used to verify that the related
findings are valid and unchanged. If key_type is empty, this defaults
to PEM encoded public keys.
This field may be empty if key_id references an external key.
For Cloud Build based signatures, this is a PEM encoded public
key. To verify the Cloud Build signature, place the contents of
this field into a file (public.pem). The signature field is base64-decoded
into its binary representation in signature.bin, and the provenance bytes
from BuildDetails are base64-decoded into a binary representation in
signed.bin. OpenSSL can then verify the signature:
openssl sha256 -verify public.pem -signature signature.bin signed.bin
string public_key = 1;
| Type | Description |
| ByteString | The bytes for publicKey. |
getSignature()
public abstract ByteString getSignature() Required. Signature of the related BuildProvenance. In JSON, this is
base-64 encoded.
bytes signature = 2;
| Type | Description |
| ByteString | The signature. |