Class Signature (2.24.0)

public final class Signature extends GeneratedMessageV3 implements SignatureOrBuilder

Verifiers (e.g. Kritis implementations) MUST verify signatures with respect to the trust anchors defined in policy (e.g. a Kritis policy). Typically this means that the verifier has been configured with a map from public_key_id to public key material (and any required parameters, e.g. signing algorithm).

In particular, verification implementations MUST NOT treat the signature public_key_id as anything more than a key lookup hint. The public_key_id DOES NOT validate or authenticate a public key; it only provides a mechanism for quickly selecting a public key ALREADY CONFIGURED on the verifier through a trusted channel. Verification implementations MUST reject signatures in any of the following circumstances:

  • The public_key_id is not recognized by the verifier.
  • The public key that public_key_id refers to does not verify the signature with respect to the payload.

    The signature contents SHOULD NOT be "attached" (where the payload is included with the serialized signature bytes). Verifiers MUST ignore any "attached" payload and only verify signatures with respect to explicitly provided payload (e.g. a payload field on the proto message that holds this Signature, or the canonical serialization of the proto message that holds this signature).

Protobuf type grafeas.v1.Signature

Implements

SignatureOrBuilder

Static Fields

PUBLIC_KEY_ID_FIELD_NUMBER

public static final int PUBLIC_KEY_ID_FIELD_NUMBER
Field Value
TypeDescription
int

SIGNATURE_FIELD_NUMBER

public static final int SIGNATURE_FIELD_NUMBER
Field Value
TypeDescription
int

Static Methods

getDefaultInstance()

public static Signature getDefaultInstance()
Returns
TypeDescription
Signature

getDescriptor()

public static final Descriptors.Descriptor getDescriptor()
Returns
TypeDescription
Descriptor

newBuilder()

public static Signature.Builder newBuilder()
Returns
TypeDescription
Signature.Builder

newBuilder(Signature prototype)

public static Signature.Builder newBuilder(Signature prototype)
Parameter
NameDescription
prototypeSignature
Returns
TypeDescription
Signature.Builder

parseDelimitedFrom(InputStream input)

public static Signature parseDelimitedFrom(InputStream input)
Parameter
NameDescription
inputInputStream
Returns
TypeDescription
Signature
Exceptions
TypeDescription
IOException

parseDelimitedFrom(InputStream input, ExtensionRegistryLite extensionRegistry)

public static Signature parseDelimitedFrom(InputStream input, ExtensionRegistryLite extensionRegistry)
Parameters
NameDescription
inputInputStream
extensionRegistryExtensionRegistryLite
Returns
TypeDescription
Signature
Exceptions
TypeDescription
IOException

parseFrom(byte[] data)

public static Signature parseFrom(byte[] data)
Parameter
NameDescription
databyte[]
Returns
TypeDescription
Signature
Exceptions
TypeDescription
InvalidProtocolBufferException

parseFrom(byte[] data, ExtensionRegistryLite extensionRegistry)

public static Signature parseFrom(byte[] data, ExtensionRegistryLite extensionRegistry)
Parameters
NameDescription
databyte[]
extensionRegistryExtensionRegistryLite
Returns
TypeDescription
Signature
Exceptions
TypeDescription
InvalidProtocolBufferException

parseFrom(ByteString data)

public static Signature parseFrom(ByteString data)
Parameter
NameDescription
dataByteString
Returns
TypeDescription
Signature
Exceptions
TypeDescription
InvalidProtocolBufferException

parseFrom(ByteString data, ExtensionRegistryLite extensionRegistry)

public static Signature parseFrom(ByteString data, ExtensionRegistryLite extensionRegistry)
Parameters
NameDescription
dataByteString
extensionRegistryExtensionRegistryLite
Returns
TypeDescription
Signature
Exceptions
TypeDescription
InvalidProtocolBufferException

parseFrom(CodedInputStream input)

public static Signature parseFrom(CodedInputStream input)
Parameter
NameDescription
inputCodedInputStream
Returns
TypeDescription
Signature
Exceptions
TypeDescription
IOException

parseFrom(CodedInputStream input, ExtensionRegistryLite extensionRegistry)

public static Signature parseFrom(CodedInputStream input, ExtensionRegistryLite extensionRegistry)
Parameters
NameDescription
inputCodedInputStream
extensionRegistryExtensionRegistryLite
Returns
TypeDescription
Signature
Exceptions
TypeDescription
IOException

parseFrom(InputStream input)

public static Signature parseFrom(InputStream input)
Parameter
NameDescription
inputInputStream
Returns
TypeDescription
Signature
Exceptions
TypeDescription
IOException

parseFrom(InputStream input, ExtensionRegistryLite extensionRegistry)

public static Signature parseFrom(InputStream input, ExtensionRegistryLite extensionRegistry)
Parameters
NameDescription
inputInputStream
extensionRegistryExtensionRegistryLite
Returns
TypeDescription
Signature
Exceptions
TypeDescription
IOException

parseFrom(ByteBuffer data)

public static Signature parseFrom(ByteBuffer data)
Parameter
NameDescription
dataByteBuffer
Returns
TypeDescription
Signature
Exceptions
TypeDescription
InvalidProtocolBufferException

parseFrom(ByteBuffer data, ExtensionRegistryLite extensionRegistry)

public static Signature parseFrom(ByteBuffer data, ExtensionRegistryLite extensionRegistry)
Parameters
NameDescription
dataByteBuffer
extensionRegistryExtensionRegistryLite
Returns
TypeDescription
Signature
Exceptions
TypeDescription
InvalidProtocolBufferException

parser()

public static Parser<Signature> parser()
Returns
TypeDescription
Parser<Signature>

Methods

equals(Object obj)

public boolean equals(Object obj)
Parameter
NameDescription
objObject
Returns
TypeDescription
boolean
Overrides

getDefaultInstanceForType()

public Signature getDefaultInstanceForType()
Returns
TypeDescription
Signature

getParserForType()

public Parser<Signature> getParserForType()
Returns
TypeDescription
Parser<Signature>
Overrides

getPublicKeyId()

public String getPublicKeyId()

The identifier for the public key that verifies this signature.

  • The public_key_id is required.
  • The public_key_id SHOULD be an RFC3986 conformant URI.
  • When possible, the public_key_id SHOULD be an immutable reference, such as a cryptographic digest.

    Examples of valid public_key_ids:

    OpenPGP V4 public key fingerprint:

  • "openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA" See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more details on this scheme.

    RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER serialization):

  • "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU"
  • "nih:///sha-256;703f68f42aba2c6de30f488a5ea122fef76324679c9bf89791ba95a1271589a5"

string public_key_id = 2;

Returns
TypeDescription
String

The publicKeyId.

getPublicKeyIdBytes()

public ByteString getPublicKeyIdBytes()

The identifier for the public key that verifies this signature.

  • The public_key_id is required.
  • The public_key_id SHOULD be an RFC3986 conformant URI.
  • When possible, the public_key_id SHOULD be an immutable reference, such as a cryptographic digest.

    Examples of valid public_key_ids:

    OpenPGP V4 public key fingerprint:

  • "openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA" See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more details on this scheme.

    RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER serialization):

  • "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU"
  • "nih:///sha-256;703f68f42aba2c6de30f488a5ea122fef76324679c9bf89791ba95a1271589a5"

string public_key_id = 2;

Returns
TypeDescription
ByteString

The bytes for publicKeyId.

getSerializedSize()

public int getSerializedSize()
Returns
TypeDescription
int
Overrides

getSignature()

public ByteString getSignature()

The content of the signature, an opaque bytestring. The payload that this signature verifies MUST be unambiguously provided with the Signature during verification. A wrapper message might provide the payload explicitly. Alternatively, a message might have a canonical serialization that can always be unambiguously computed to derive the payload.

bytes signature = 1;

Returns
TypeDescription
ByteString

The signature.

hashCode()

public int hashCode()
Returns
TypeDescription
int
Overrides

internalGetFieldAccessorTable()

protected GeneratedMessageV3.FieldAccessorTable internalGetFieldAccessorTable()
Returns
TypeDescription
FieldAccessorTable
Overrides

isInitialized()

public final boolean isInitialized()
Returns
TypeDescription
boolean
Overrides

newBuilderForType()

public Signature.Builder newBuilderForType()
Returns
TypeDescription
Signature.Builder

newBuilderForType(GeneratedMessageV3.BuilderParent parent)

protected Signature.Builder newBuilderForType(GeneratedMessageV3.BuilderParent parent)
Parameter
NameDescription
parentBuilderParent
Returns
TypeDescription
Signature.Builder
Overrides

newInstance(GeneratedMessageV3.UnusedPrivateParameter unused)

protected Object newInstance(GeneratedMessageV3.UnusedPrivateParameter unused)
Parameter
NameDescription
unusedUnusedPrivateParameter
Returns
TypeDescription
Object
Overrides

toBuilder()

public Signature.Builder toBuilder()
Returns
TypeDescription
Signature.Builder

writeTo(CodedOutputStream output)

public void writeTo(CodedOutputStream output)
Parameter
NameDescription
outputCodedOutputStream
Overrides
Exceptions
TypeDescription
IOException