Class Signature (2.45.0)

public final class Signature extends GeneratedMessageV3 implements SignatureOrBuilder

Verifiers (e.g. Kritis implementations) MUST verify signatures with respect to the trust anchors defined in policy (e.g. a Kritis policy). Typically this means that the verifier has been configured with a map from public_key_id to public key material (and any required parameters, e.g. signing algorithm).

In particular, verification implementations MUST NOT treat the signature public_key_id as anything more than a key lookup hint. The public_key_id DOES NOT validate or authenticate a public key; it only provides a mechanism for quickly selecting a public key ALREADY CONFIGURED on the verifier through a trusted channel. Verification implementations MUST reject signatures in any of the following circumstances:

  • The public_key_id is not recognized by the verifier.
  • The public key that public_key_id refers to does not verify the signature with respect to the payload.

    The signature contents SHOULD NOT be "attached" (where the payload is included with the serialized signature bytes). Verifiers MUST ignore any "attached" payload and only verify signatures with respect to explicitly provided payload (e.g. a payload field on the proto message that holds this Signature, or the canonical serialization of the proto message that holds this signature).

Protobuf type grafeas.v1.Signature

Implements

SignatureOrBuilder

Static Fields

PUBLIC_KEY_ID_FIELD_NUMBER

public static final int PUBLIC_KEY_ID_FIELD_NUMBER
Field Value
Type Description
int

SIGNATURE_FIELD_NUMBER

public static final int SIGNATURE_FIELD_NUMBER
Field Value
Type Description
int

Static Methods

getDefaultInstance()

public static Signature getDefaultInstance()
Returns
Type Description
Signature

getDescriptor()

public static final Descriptors.Descriptor getDescriptor()
Returns
Type Description
Descriptor

newBuilder()

public static Signature.Builder newBuilder()
Returns
Type Description
Signature.Builder

newBuilder(Signature prototype)

public static Signature.Builder newBuilder(Signature prototype)
Parameter
Name Description
prototype Signature
Returns
Type Description
Signature.Builder

parseDelimitedFrom(InputStream input)

public static Signature parseDelimitedFrom(InputStream input)
Parameter
Name Description
input InputStream
Returns
Type Description
Signature
Exceptions
Type Description
IOException

parseDelimitedFrom(InputStream input, ExtensionRegistryLite extensionRegistry)

public static Signature parseDelimitedFrom(InputStream input, ExtensionRegistryLite extensionRegistry)
Parameters
Name Description
input InputStream
extensionRegistry ExtensionRegistryLite
Returns
Type Description
Signature
Exceptions
Type Description
IOException

parseFrom(byte[] data)

public static Signature parseFrom(byte[] data)
Parameter
Name Description
data byte[]
Returns
Type Description
Signature
Exceptions
Type Description
InvalidProtocolBufferException

parseFrom(byte[] data, ExtensionRegistryLite extensionRegistry)

public static Signature parseFrom(byte[] data, ExtensionRegistryLite extensionRegistry)
Parameters
Name Description
data byte[]
extensionRegistry ExtensionRegistryLite
Returns
Type Description
Signature
Exceptions
Type Description
InvalidProtocolBufferException

parseFrom(ByteString data)

public static Signature parseFrom(ByteString data)
Parameter
Name Description
data ByteString
Returns
Type Description
Signature
Exceptions
Type Description
InvalidProtocolBufferException

parseFrom(ByteString data, ExtensionRegistryLite extensionRegistry)

public static Signature parseFrom(ByteString data, ExtensionRegistryLite extensionRegistry)
Parameters
Name Description
data ByteString
extensionRegistry ExtensionRegistryLite
Returns
Type Description
Signature
Exceptions
Type Description
InvalidProtocolBufferException

parseFrom(CodedInputStream input)

public static Signature parseFrom(CodedInputStream input)
Parameter
Name Description
input CodedInputStream
Returns
Type Description
Signature
Exceptions
Type Description
IOException

parseFrom(CodedInputStream input, ExtensionRegistryLite extensionRegistry)

public static Signature parseFrom(CodedInputStream input, ExtensionRegistryLite extensionRegistry)
Parameters
Name Description
input CodedInputStream
extensionRegistry ExtensionRegistryLite
Returns
Type Description
Signature
Exceptions
Type Description
IOException

parseFrom(InputStream input)

public static Signature parseFrom(InputStream input)
Parameter
Name Description
input InputStream
Returns
Type Description
Signature
Exceptions
Type Description
IOException

parseFrom(InputStream input, ExtensionRegistryLite extensionRegistry)

public static Signature parseFrom(InputStream input, ExtensionRegistryLite extensionRegistry)
Parameters
Name Description
input InputStream
extensionRegistry ExtensionRegistryLite
Returns
Type Description
Signature
Exceptions
Type Description
IOException

parseFrom(ByteBuffer data)

public static Signature parseFrom(ByteBuffer data)
Parameter
Name Description
data ByteBuffer
Returns
Type Description
Signature
Exceptions
Type Description
InvalidProtocolBufferException

parseFrom(ByteBuffer data, ExtensionRegistryLite extensionRegistry)

public static Signature parseFrom(ByteBuffer data, ExtensionRegistryLite extensionRegistry)
Parameters
Name Description
data ByteBuffer
extensionRegistry ExtensionRegistryLite
Returns
Type Description
Signature
Exceptions
Type Description
InvalidProtocolBufferException

parser()

public static Parser<Signature> parser()
Returns
Type Description
Parser<Signature>

Methods

equals(Object obj)

public boolean equals(Object obj)
Parameter
Name Description
obj Object
Returns
Type Description
boolean
Overrides

getDefaultInstanceForType()

public Signature getDefaultInstanceForType()
Returns
Type Description
Signature

getParserForType()

public Parser<Signature> getParserForType()
Returns
Type Description
Parser<Signature>
Overrides

getPublicKeyId()

public String getPublicKeyId()

The identifier for the public key that verifies this signature.

  • The public_key_id is required.
  • The public_key_id SHOULD be an RFC3986 conformant URI.
  • When possible, the public_key_id SHOULD be an immutable reference, such as a cryptographic digest.

    Examples of valid public_key_ids:

    OpenPGP V4 public key fingerprint:

  • "openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA" See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more details on this scheme.

    RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER serialization):

  • "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU"
  • "nih:///sha-256;703f68f42aba2c6de30f488a5ea122fef76324679c9bf89791ba95a1271589a5"

string public_key_id = 2;

Returns
Type Description
String

The publicKeyId.

getPublicKeyIdBytes()

public ByteString getPublicKeyIdBytes()

The identifier for the public key that verifies this signature.

  • The public_key_id is required.
  • The public_key_id SHOULD be an RFC3986 conformant URI.
  • When possible, the public_key_id SHOULD be an immutable reference, such as a cryptographic digest.

    Examples of valid public_key_ids:

    OpenPGP V4 public key fingerprint:

  • "openpgp4fpr:74FAF3B861BDA0870C7B6DEF607E48D2A663AEEA" See https://www.iana.org/assignments/uri-schemes/prov/openpgp4fpr for more details on this scheme.

    RFC6920 digest-named SubjectPublicKeyInfo (digest of the DER serialization):

  • "ni:///sha-256;cD9o9Cq6LG3jD0iKXqEi_vdjJGecm_iXkbqVoScViaU"
  • "nih:///sha-256;703f68f42aba2c6de30f488a5ea122fef76324679c9bf89791ba95a1271589a5"

string public_key_id = 2;

Returns
Type Description
ByteString

The bytes for publicKeyId.

getSerializedSize()

public int getSerializedSize()
Returns
Type Description
int
Overrides

getSignature()

public ByteString getSignature()

The content of the signature, an opaque bytestring. The payload that this signature verifies MUST be unambiguously provided with the Signature during verification. A wrapper message might provide the payload explicitly. Alternatively, a message might have a canonical serialization that can always be unambiguously computed to derive the payload.

bytes signature = 1;

Returns
Type Description
ByteString

The signature.

hashCode()

public int hashCode()
Returns
Type Description
int
Overrides

internalGetFieldAccessorTable()

protected GeneratedMessageV3.FieldAccessorTable internalGetFieldAccessorTable()
Returns
Type Description
FieldAccessorTable
Overrides

isInitialized()

public final boolean isInitialized()
Returns
Type Description
boolean
Overrides

newBuilderForType()

public Signature.Builder newBuilderForType()
Returns
Type Description
Signature.Builder

newBuilderForType(GeneratedMessageV3.BuilderParent parent)

protected Signature.Builder newBuilderForType(GeneratedMessageV3.BuilderParent parent)
Parameter
Name Description
parent BuilderParent
Returns
Type Description
Signature.Builder
Overrides

newInstance(GeneratedMessageV3.UnusedPrivateParameter unused)

protected Object newInstance(GeneratedMessageV3.UnusedPrivateParameter unused)
Parameter
Name Description
unused UnusedPrivateParameter
Returns
Type Description
Object
Overrides

toBuilder()

public Signature.Builder toBuilder()
Returns
Type Description
Signature.Builder

writeTo(CodedOutputStream output)

public void writeTo(CodedOutputStream output)
Parameter
Name Description
output CodedOutputStream
Overrides
Exceptions
Type Description
IOException