Interface BuildSignatureOrBuilder (2.55.0)

public interface BuildSignatureOrBuilder extends MessageOrBuilder

Implements

MessageOrBuilder

Methods

getKeyId()

public abstract String getKeyId()

An ID for the key used to sign. This could be either an ID for the key stored in public_key (such as the ID or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service).

string key_id = 3;

Returns
Type Description
String

The keyId.

getKeyIdBytes()

public abstract ByteString getKeyIdBytes()

An ID for the key used to sign. This could be either an ID for the key stored in public_key (such as the ID or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service).

string key_id = 3;

Returns
Type Description
ByteString

The bytes for keyId.

getKeyType()

public abstract BuildSignature.KeyType getKeyType()

The type of the key, either stored in public_key or referenced in key_id.

.grafeas.v1beta1.build.BuildSignature.KeyType key_type = 4;

Returns
Type Description
BuildSignature.KeyType

The keyType.

getKeyTypeValue()

public abstract int getKeyTypeValue()

The type of the key, either stored in public_key or referenced in key_id.

.grafeas.v1beta1.build.BuildSignature.KeyType key_type = 4;

Returns
Type Description
int

The enum numeric value on the wire for keyType.

getPublicKey()

public abstract String getPublicKey()

Public key of the builder which can be used to verify that the related findings are valid and unchanged. If key_type is empty, this defaults to PEM encoded public keys.

This field may be empty if key_id references an external key.

For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes from BuildDetails are base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature: openssl sha256 -verify public.pem -signature signature.bin signed.bin

string public_key = 1;

Returns
Type Description
String

The publicKey.

getPublicKeyBytes()

public abstract ByteString getPublicKeyBytes()

Public key of the builder which can be used to verify that the related findings are valid and unchanged. If key_type is empty, this defaults to PEM encoded public keys.

This field may be empty if key_id references an external key.

For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes from BuildDetails are base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature: openssl sha256 -verify public.pem -signature signature.bin signed.bin

string public_key = 1;

Returns
Type Description
ByteString

The bytes for publicKey.

getSignature()

public abstract ByteString getSignature()

Required. Signature of the related BuildProvenance. In JSON, this is base-64 encoded.

bytes signature = 2;

Returns
Type Description
ByteString

The signature.