Interface PgpSignedAttestationOrBuilder (2.8.0)

public interface PgpSignedAttestationOrBuilder extends MessageOrBuilder

Implements

MessageOrBuilder

Methods

getContentType()

public abstract PgpSignedAttestation.ContentType getContentType()

Type (for example schema) of the attestation payload that was signed. The verifier must ensure that the provided type is one that the verifier supports, and that the attestation payload is a valid instantiation of that type (for example by validating a JSON schema).

.grafeas.v1beta1.attestation.PgpSignedAttestation.ContentType content_type = 3;

Returns
TypeDescription
PgpSignedAttestation.ContentType

The contentType.

getContentTypeValue()

public abstract int getContentTypeValue()

Type (for example schema) of the attestation payload that was signed. The verifier must ensure that the provided type is one that the verifier supports, and that the attestation payload is a valid instantiation of that type (for example by validating a JSON schema).

.grafeas.v1beta1.attestation.PgpSignedAttestation.ContentType content_type = 3;

Returns
TypeDescription
int

The enum numeric value on the wire for contentType.

getKeyIdCase()

public abstract PgpSignedAttestation.KeyIdCase getKeyIdCase()
Returns
TypeDescription
PgpSignedAttestation.KeyIdCase

getPgpKeyId()

public abstract String getPgpKeyId()

The cryptographic fingerprint of the key used to generate the signature, as output by, e.g. gpg --list-keys. This should be the version 4, full 160-bit fingerprint, expressed as a 40 character hexidecimal string. See https://tools.ietf.org/html/rfc4880#section-12.2 for details. Implementations may choose to acknowledge "LONG", "SHORT", or other abbreviated key IDs, but only the full fingerprint is guaranteed to work. In gpg, the full fingerprint can be retrieved from the fpr field returned when calling --list-keys with --with-colons. For example: <code><code> gpg --with-colons --with-fingerprint --force-v4-certs &#92; --list-keys attester&#64;example.com tru::1:1513631572:0:3:1:5 pub:...&lt;SNIP&gt;... fpr:::::::::24FF6481B76AC91E66A00AC657A93A81EF3AE6FB: </code></code><code> Above, the fingerprint is </code>24FF6481B76AC91E66A00AC657A93A81EF3AE6FB.

string pgp_key_id = 2;

Returns
TypeDescription
String

The pgpKeyId.

getPgpKeyIdBytes()

public abstract ByteString getPgpKeyIdBytes()

The cryptographic fingerprint of the key used to generate the signature, as output by, e.g. gpg --list-keys. This should be the version 4, full 160-bit fingerprint, expressed as a 40 character hexidecimal string. See https://tools.ietf.org/html/rfc4880#section-12.2 for details. Implementations may choose to acknowledge "LONG", "SHORT", or other abbreviated key IDs, but only the full fingerprint is guaranteed to work. In gpg, the full fingerprint can be retrieved from the fpr field returned when calling --list-keys with --with-colons. For example: <code><code> gpg --with-colons --with-fingerprint --force-v4-certs &#92; --list-keys attester&#64;example.com tru::1:1513631572:0:3:1:5 pub:...&lt;SNIP&gt;... fpr:::::::::24FF6481B76AC91E66A00AC657A93A81EF3AE6FB: </code></code><code> Above, the fingerprint is </code>24FF6481B76AC91E66A00AC657A93A81EF3AE6FB.

string pgp_key_id = 2;

Returns
TypeDescription
ByteString

The bytes for pgpKeyId.

getSignature()

public abstract String getSignature()

Required. The raw content of the signature, as output by GNU Privacy Guard (GPG) or equivalent. Since this message only supports attached signatures, the payload that was signed must be attached. While the signature format supported is dependent on the verification implementation, currently only ASCII-armored (--armor to gpg), non-clearsigned (--sign rather than --clearsign to gpg) are supported. Concretely, gpg --sign --armor --output=signature.gpg payload.json will create the signature content expected in this field in signature.gpg for the payload.json attestation payload.

string signature = 1;

Returns
TypeDescription
String

The signature.

getSignatureBytes()

public abstract ByteString getSignatureBytes()

Required. The raw content of the signature, as output by GNU Privacy Guard (GPG) or equivalent. Since this message only supports attached signatures, the payload that was signed must be attached. While the signature format supported is dependent on the verification implementation, currently only ASCII-armored (--armor to gpg), non-clearsigned (--sign rather than --clearsign to gpg) are supported. Concretely, gpg --sign --armor --output=signature.gpg payload.json will create the signature content expected in this field in signature.gpg for the payload.json attestation payload.

string signature = 1;

Returns
TypeDescription
ByteString

The bytes for signature.