Class Signature.Builder (2.28.0)

public static final class Signature.Builder extends GeneratedMessageV3.Builder<Signature.Builder> implements SignatureOrBuilder

Verifiers (e.g. Kritis implementations) MUST verify signatures with respect to the trust anchors defined in policy (e.g. a Kritis policy). Typically this means that the verifier has been configured with a map from public_key_id to public key material (and any required parameters, e.g. signing algorithm).

In particular, verification implementations MUST NOT treat the signature public_key_id as anything more than a key lookup hint. The public_key_id DOES NOT validate or authenticate a public key; it only provides a mechanism for quickly selecting a public key ALREADY CONFIGURED on the verifier through a trusted channel. Verification implementations MUST reject signatures in any of the following circumstances:

  • The public_key_id is not recognized by the verifier.
  • The public key that public_key_id refers to does not verify the signature with respect to the payload.

    The signature contents SHOULD NOT be "attached" (where the payload is included with the serialized signature bytes). Verifiers MUST ignore any "attached" payload and only verify signatures with respect to explicitly provided payload (e.g. a payload field on the proto message that holds this Signature, or the canonical serialization of the proto message that holds this signature).

Protobuf type grafeas.v1.Signature

Implements

SignatureOrBuilder

Static Methods

getDescriptor()

public static final Descriptors.Descriptor getDescriptor()
Returns
TypeDescription
Descriptor

Methods

addRepeatedField(Descriptors.FieldDescriptor field, Object value)

public Signature.Builder addRepeatedField(Descriptors.FieldDescriptor field, Object value)
Parameters
NameDescription
fieldFieldDescriptor
valueObject
Returns
TypeDescription
Signature.Builder
Overrides

build()

public Signature build()
Returns
TypeDescription
Signature

buildPartial()

public Signature buildPartial()
Returns
TypeDescription
Signature

clear()

public Signature.Builder clear()
Returns
TypeDescription
Signature.Builder
Overrides

clearField(Descriptors.FieldDescriptor field)

public Signature.Builder clearField(Descriptors.FieldDescriptor field)
Parameter
NameDescription
fieldFieldDescriptor
Returns
TypeDescription
Signature.Builder
Overrides

clearOneof(Descriptors.OneofDescriptor oneof)

public Signature.Builder clearOneof(Descriptors.OneofDescriptor oneof)
Parameter
NameDescription
oneofOneofDescriptor
Returns
TypeDescription
Signature.Builder
Overrides

clearPublicKeyId()

public Signature.Builder clearPublicKeyId()

The identifier for the public key that verifies this signature.

  • The public_key_id is required.
  • The public_key_id SHOULD be an RFC3986 conformant URI.
  • When possible, the public_key_id SHOULD be an immutable reference, such as a cryptographic digest.

    Examples of valid public_key_ids:

    OpenPGP V4 public key fingerprint:

  • "openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA" See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more details on this scheme.

    RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER serialization):

  • "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU"
  • "nih:///sha-256;703f68f42aba2c6de30f488a5ea122fef76324679c9bf89791ba95a1271589a5"

string public_key_id = 2;

Returns
TypeDescription
Signature.Builder

This builder for chaining.

clearSignature()

public Signature.Builder clearSignature()

The content of the signature, an opaque bytestring. The payload that this signature verifies MUST be unambiguously provided with the Signature during verification. A wrapper message might provide the payload explicitly. Alternatively, a message might have a canonical serialization that can always be unambiguously computed to derive the payload.

bytes signature = 1;

Returns
TypeDescription
Signature.Builder

This builder for chaining.

clone()

public Signature.Builder clone()
Returns
TypeDescription
Signature.Builder
Overrides

getDefaultInstanceForType()

public Signature getDefaultInstanceForType()
Returns
TypeDescription
Signature

getDescriptorForType()

public Descriptors.Descriptor getDescriptorForType()
Returns
TypeDescription
Descriptor
Overrides

getPublicKeyId()

public String getPublicKeyId()

The identifier for the public key that verifies this signature.

  • The public_key_id is required.
  • The public_key_id SHOULD be an RFC3986 conformant URI.
  • When possible, the public_key_id SHOULD be an immutable reference, such as a cryptographic digest.

    Examples of valid public_key_ids:

    OpenPGP V4 public key fingerprint:

  • "openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA" See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more details on this scheme.

    RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER serialization):

  • "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU"
  • "nih:///sha-256;703f68f42aba2c6de30f488a5ea122fef76324679c9bf89791ba95a1271589a5"

string public_key_id = 2;

Returns
TypeDescription
String

The publicKeyId.

getPublicKeyIdBytes()

public ByteString getPublicKeyIdBytes()

The identifier for the public key that verifies this signature.

  • The public_key_id is required.
  • The public_key_id SHOULD be an RFC3986 conformant URI.
  • When possible, the public_key_id SHOULD be an immutable reference, such as a cryptographic digest.

    Examples of valid public_key_ids:

    OpenPGP V4 public key fingerprint:

  • "openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA" See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more details on this scheme.

    RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER serialization):

  • "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU"
  • "nih:///sha-256;703f68f42aba2c6de30f488a5ea122fef76324679c9bf89791ba95a1271589a5"

string public_key_id = 2;

Returns
TypeDescription
ByteString

The bytes for publicKeyId.

getSignature()

public ByteString getSignature()

The content of the signature, an opaque bytestring. The payload that this signature verifies MUST be unambiguously provided with the Signature during verification. A wrapper message might provide the payload explicitly. Alternatively, a message might have a canonical serialization that can always be unambiguously computed to derive the payload.

bytes signature = 1;

Returns
TypeDescription
ByteString

The signature.

internalGetFieldAccessorTable()

protected GeneratedMessageV3.FieldAccessorTable internalGetFieldAccessorTable()
Returns
TypeDescription
FieldAccessorTable
Overrides

isInitialized()

public final boolean isInitialized()
Returns
TypeDescription
boolean
Overrides

mergeFrom(CodedInputStream input, ExtensionRegistryLite extensionRegistry)

public Signature.Builder mergeFrom(CodedInputStream input, ExtensionRegistryLite extensionRegistry)
Parameters
NameDescription
inputCodedInputStream
extensionRegistryExtensionRegistryLite
Returns
TypeDescription
Signature.Builder
Overrides
Exceptions
TypeDescription
IOException

mergeFrom(Message other)

public Signature.Builder mergeFrom(Message other)
Parameter
NameDescription
otherMessage
Returns
TypeDescription
Signature.Builder
Overrides

mergeFrom(Signature other)

public Signature.Builder mergeFrom(Signature other)
Parameter
NameDescription
otherSignature
Returns
TypeDescription
Signature.Builder

mergeUnknownFields(UnknownFieldSet unknownFields)

public final Signature.Builder mergeUnknownFields(UnknownFieldSet unknownFields)
Parameter
NameDescription
unknownFieldsUnknownFieldSet
Returns
TypeDescription
Signature.Builder
Overrides

setField(Descriptors.FieldDescriptor field, Object value)

public Signature.Builder setField(Descriptors.FieldDescriptor field, Object value)
Parameters
NameDescription
fieldFieldDescriptor
valueObject
Returns
TypeDescription
Signature.Builder
Overrides

setPublicKeyId(String value)

public Signature.Builder setPublicKeyId(String value)

The identifier for the public key that verifies this signature.

  • The public_key_id is required.
  • The public_key_id SHOULD be an RFC3986 conformant URI.
  • When possible, the public_key_id SHOULD be an immutable reference, such as a cryptographic digest.

    Examples of valid public_key_ids:

    OpenPGP V4 public key fingerprint:

  • "openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA" See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more details on this scheme.

    RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER serialization):

  • "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU"
  • "nih:///sha-256;703f68f42aba2c6de30f488a5ea122fef76324679c9bf89791ba95a1271589a5"

string public_key_id = 2;

Parameter
NameDescription
valueString

The publicKeyId to set.

Returns
TypeDescription
Signature.Builder

This builder for chaining.

setPublicKeyIdBytes(ByteString value)

public Signature.Builder setPublicKeyIdBytes(ByteString value)

The identifier for the public key that verifies this signature.

  • The public_key_id is required.
  • The public_key_id SHOULD be an RFC3986 conformant URI.
  • When possible, the public_key_id SHOULD be an immutable reference, such as a cryptographic digest.

    Examples of valid public_key_ids:

    OpenPGP V4 public key fingerprint:

  • "openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA" See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more details on this scheme.

    RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER serialization):

  • "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU"
  • "nih:///sha-256;703f68f42aba2c6de30f488a5ea122fef76324679c9bf89791ba95a1271589a5"

string public_key_id = 2;

Parameter
NameDescription
valueByteString

The bytes for publicKeyId to set.

Returns
TypeDescription
Signature.Builder

This builder for chaining.

setRepeatedField(Descriptors.FieldDescriptor field, int index, Object value)

public Signature.Builder setRepeatedField(Descriptors.FieldDescriptor field, int index, Object value)
Parameters
NameDescription
fieldFieldDescriptor
indexint
valueObject
Returns
TypeDescription
Signature.Builder
Overrides

setSignature(ByteString value)

public Signature.Builder setSignature(ByteString value)

The content of the signature, an opaque bytestring. The payload that this signature verifies MUST be unambiguously provided with the Signature during verification. A wrapper message might provide the payload explicitly. Alternatively, a message might have a canonical serialization that can always be unambiguously computed to derive the payload.

bytes signature = 1;

Parameter
NameDescription
valueByteString

The signature to set.

Returns
TypeDescription
Signature.Builder

This builder for chaining.

setUnknownFields(UnknownFieldSet unknownFields)

public final Signature.Builder setUnknownFields(UnknownFieldSet unknownFields)
Parameter
NameDescription
unknownFieldsUnknownFieldSet
Returns
TypeDescription
Signature.Builder
Overrides