Class Signature.Builder (2.43.0)

public static final class Signature.Builder extends GeneratedMessageV3.Builder<Signature.Builder> implements SignatureOrBuilder

Verifiers (e.g. Kritis implementations) MUST verify signatures with respect to the trust anchors defined in policy (e.g. a Kritis policy). Typically this means that the verifier has been configured with a map from public_key_id to public key material (and any required parameters, e.g. signing algorithm).

In particular, verification implementations MUST NOT treat the signature public_key_id as anything more than a key lookup hint. The public_key_id DOES NOT validate or authenticate a public key; it only provides a mechanism for quickly selecting a public key ALREADY CONFIGURED on the verifier through a trusted channel. Verification implementations MUST reject signatures in any of the following circumstances:

  • The public_key_id is not recognized by the verifier.
  • The public key that public_key_id refers to does not verify the signature with respect to the payload.

    The signature contents SHOULD NOT be "attached" (where the payload is included with the serialized signature bytes). Verifiers MUST ignore any "attached" payload and only verify signatures with respect to explicitly provided payload (e.g. a payload field on the proto message that holds this Signature, or the canonical serialization of the proto message that holds this signature).

Protobuf type grafeas.v1.Signature

Implements

SignatureOrBuilder

Static Methods

getDescriptor()

public static final Descriptors.Descriptor getDescriptor()
Returns
Type Description
Descriptor

Methods

addRepeatedField(Descriptors.FieldDescriptor field, Object value)

public Signature.Builder addRepeatedField(Descriptors.FieldDescriptor field, Object value)
Parameters
Name Description
field FieldDescriptor
value Object
Returns
Type Description
Signature.Builder
Overrides

build()

public Signature build()
Returns
Type Description
Signature

buildPartial()

public Signature buildPartial()
Returns
Type Description
Signature

clear()

public Signature.Builder clear()
Returns
Type Description
Signature.Builder
Overrides

clearField(Descriptors.FieldDescriptor field)

public Signature.Builder clearField(Descriptors.FieldDescriptor field)
Parameter
Name Description
field FieldDescriptor
Returns
Type Description
Signature.Builder
Overrides

clearOneof(Descriptors.OneofDescriptor oneof)

public Signature.Builder clearOneof(Descriptors.OneofDescriptor oneof)
Parameter
Name Description
oneof OneofDescriptor
Returns
Type Description
Signature.Builder
Overrides

clearPublicKeyId()

public Signature.Builder clearPublicKeyId()

The identifier for the public key that verifies this signature.

  • The public_key_id is required.
  • The public_key_id SHOULD be an RFC3986 conformant URI.
  • When possible, the public_key_id SHOULD be an immutable reference, such as a cryptographic digest.

    Examples of valid public_key_ids:

    OpenPGP V4 public key fingerprint:

  • "openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA" See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more details on this scheme.

    RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER serialization):

  • "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU"
  • "nih:///sha-256;703f68f42aba2c6de30f488a5ea122fef76324679c9bf89791ba95a1271589a5"

string public_key_id = 2;

Returns
Type Description
Signature.Builder

This builder for chaining.

clearSignature()

public Signature.Builder clearSignature()

The content of the signature, an opaque bytestring. The payload that this signature verifies MUST be unambiguously provided with the Signature during verification. A wrapper message might provide the payload explicitly. Alternatively, a message might have a canonical serialization that can always be unambiguously computed to derive the payload.

bytes signature = 1;

Returns
Type Description
Signature.Builder

This builder for chaining.

clone()

public Signature.Builder clone()
Returns
Type Description
Signature.Builder
Overrides

getDefaultInstanceForType()

public Signature getDefaultInstanceForType()
Returns
Type Description
Signature

getDescriptorForType()

public Descriptors.Descriptor getDescriptorForType()
Returns
Type Description
Descriptor
Overrides

getPublicKeyId()

public String getPublicKeyId()

The identifier for the public key that verifies this signature.

  • The public_key_id is required.
  • The public_key_id SHOULD be an RFC3986 conformant URI.
  • When possible, the public_key_id SHOULD be an immutable reference, such as a cryptographic digest.

    Examples of valid public_key_ids:

    OpenPGP V4 public key fingerprint:

  • "openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA" See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more details on this scheme.

    RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER serialization):

  • "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU"
  • "nih:///sha-256;703f68f42aba2c6de30f488a5ea122fef76324679c9bf89791ba95a1271589a5"

string public_key_id = 2;

Returns
Type Description
String

The publicKeyId.

getPublicKeyIdBytes()

public ByteString getPublicKeyIdBytes()

The identifier for the public key that verifies this signature.

  • The public_key_id is required.
  • The public_key_id SHOULD be an RFC3986 conformant URI.
  • When possible, the public_key_id SHOULD be an immutable reference, such as a cryptographic digest.

    Examples of valid public_key_ids:

    OpenPGP V4 public key fingerprint:

  • "openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA" See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more details on this scheme.

    RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER serialization):

  • "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU"
  • "nih:///sha-256;703f68f42aba2c6de30f488a5ea122fef76324679c9bf89791ba95a1271589a5"

string public_key_id = 2;

Returns
Type Description
ByteString

The bytes for publicKeyId.

getSignature()

public ByteString getSignature()

The content of the signature, an opaque bytestring. The payload that this signature verifies MUST be unambiguously provided with the Signature during verification. A wrapper message might provide the payload explicitly. Alternatively, a message might have a canonical serialization that can always be unambiguously computed to derive the payload.

bytes signature = 1;

Returns
Type Description
ByteString

The signature.

internalGetFieldAccessorTable()

protected GeneratedMessageV3.FieldAccessorTable internalGetFieldAccessorTable()
Returns
Type Description
FieldAccessorTable
Overrides

isInitialized()

public final boolean isInitialized()
Returns
Type Description
boolean
Overrides

mergeFrom(CodedInputStream input, ExtensionRegistryLite extensionRegistry)

public Signature.Builder mergeFrom(CodedInputStream input, ExtensionRegistryLite extensionRegistry)
Parameters
Name Description
input CodedInputStream
extensionRegistry ExtensionRegistryLite
Returns
Type Description
Signature.Builder
Overrides
Exceptions
Type Description
IOException

mergeFrom(Message other)

public Signature.Builder mergeFrom(Message other)
Parameter
Name Description
other Message
Returns
Type Description
Signature.Builder
Overrides

mergeFrom(Signature other)

public Signature.Builder mergeFrom(Signature other)
Parameter
Name Description
other Signature
Returns
Type Description
Signature.Builder

mergeUnknownFields(UnknownFieldSet unknownFields)

public final Signature.Builder mergeUnknownFields(UnknownFieldSet unknownFields)
Parameter
Name Description
unknownFields UnknownFieldSet
Returns
Type Description
Signature.Builder
Overrides

setField(Descriptors.FieldDescriptor field, Object value)

public Signature.Builder setField(Descriptors.FieldDescriptor field, Object value)
Parameters
Name Description
field FieldDescriptor
value Object
Returns
Type Description
Signature.Builder
Overrides

setPublicKeyId(String value)

public Signature.Builder setPublicKeyId(String value)

The identifier for the public key that verifies this signature.

  • The public_key_id is required.
  • The public_key_id SHOULD be an RFC3986 conformant URI.
  • When possible, the public_key_id SHOULD be an immutable reference, such as a cryptographic digest.

    Examples of valid public_key_ids:

    OpenPGP V4 public key fingerprint:

  • "openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA" See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more details on this scheme.

    RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER serialization):

  • "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU"
  • "nih:///sha-256;703f68f42aba2c6de30f488a5ea122fef76324679c9bf89791ba95a1271589a5"

string public_key_id = 2;

Parameter
Name Description
value String

The publicKeyId to set.

Returns
Type Description
Signature.Builder

This builder for chaining.

setPublicKeyIdBytes(ByteString value)

public Signature.Builder setPublicKeyIdBytes(ByteString value)

The identifier for the public key that verifies this signature.

  • The public_key_id is required.
  • The public_key_id SHOULD be an RFC3986 conformant URI.
  • When possible, the public_key_id SHOULD be an immutable reference, such as a cryptographic digest.

    Examples of valid public_key_ids:

    OpenPGP V4 public key fingerprint:

  • "openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA" See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more details on this scheme.

    RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER serialization):

  • "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU"
  • "nih:///sha-256;703f68f42aba2c6de30f488a5ea122fef76324679c9bf89791ba95a1271589a5"

string public_key_id = 2;

Parameter
Name Description
value ByteString

The bytes for publicKeyId to set.

Returns
Type Description
Signature.Builder

This builder for chaining.

setRepeatedField(Descriptors.FieldDescriptor field, int index, Object value)

public Signature.Builder setRepeatedField(Descriptors.FieldDescriptor field, int index, Object value)
Parameters
Name Description
field FieldDescriptor
index int
value Object
Returns
Type Description
Signature.Builder
Overrides

setSignature(ByteString value)

public Signature.Builder setSignature(ByteString value)

The content of the signature, an opaque bytestring. The payload that this signature verifies MUST be unambiguously provided with the Signature during verification. A wrapper message might provide the payload explicitly. Alternatively, a message might have a canonical serialization that can always be unambiguously computed to derive the payload.

bytes signature = 1;

Parameter
Name Description
value ByteString

The signature to set.

Returns
Type Description
Signature.Builder

This builder for chaining.

setUnknownFields(UnknownFieldSet unknownFields)

public final Signature.Builder setUnknownFields(UnknownFieldSet unknownFields)
Parameter
Name Description
unknownFields UnknownFieldSet
Returns
Type Description
Signature.Builder
Overrides