Class: Google::Apis::ContaineranalysisV1beta1::PgpSignedAttestation
- Inherits:
-
Object
- Object
- Google::Apis::ContaineranalysisV1beta1::PgpSignedAttestation
- Defined in:
- generated/google/apis/containeranalysis_v1beta1/classes.rb,
generated/google/apis/containeranalysis_v1beta1/representations.rb,
generated/google/apis/containeranalysis_v1beta1/representations.rb
Overview
An attestation wrapper with a PGP-compatible signature. This message only
supports ATTACHED
signatures, where the payload that is signed is included
alongside the signature itself in the same file.
Instance Attribute Summary collapse
-
#content_type ⇒ String
Type (for example schema) of the attestation payload that was signed.
-
#pgp_key_id ⇒ String
The cryptographic fingerprint of the key used to generate the signature, as output by, e.g.
-
#signature ⇒ String
Required.
Instance Method Summary collapse
-
#initialize(**args) ⇒ PgpSignedAttestation
constructor
A new instance of PgpSignedAttestation.
-
#update!(**args) ⇒ Object
Update properties of this object.
Methods included from Google::Apis::Core::JsonObjectSupport
Methods included from Google::Apis::Core::Hashable
Constructor Details
#initialize(**args) ⇒ PgpSignedAttestation
Returns a new instance of PgpSignedAttestation.
2167 2168 2169 |
# File 'generated/google/apis/containeranalysis_v1beta1/classes.rb', line 2167 def initialize(**args) update!(**args) end |
Instance Attribute Details
#content_type ⇒ String
Type (for example schema) of the attestation payload that was signed.
The verifier must ensure that the provided type is one that the verifier
supports, and that the attestation payload is a valid instantiation of that
type (for example by validating a JSON schema).
Corresponds to the JSON property contentType
2132 2133 2134 |
# File 'generated/google/apis/containeranalysis_v1beta1/classes.rb', line 2132 def content_type @content_type end |
#pgp_key_id ⇒ String
The cryptographic fingerprint of the key used to generate the signature,
as output by, e.g. gpg --list-keys
. This should be the version 4, full
160-bit fingerprint, expressed as a 40 character hexidecimal string. See
https://tools.ietf.org/html/rfc4880#section-12.2 for details.
Implementations may choose to acknowledge "LONG", "SHORT", or other
abbreviated key IDs, but only the full fingerprint is guaranteed to work.
In gpg, the full fingerprint can be retrieved from the fpr
field
returned when calling --list-keys with --with-colons. For example:
gpg --with-colons --with-fingerprint --force-v4-certs \
--list-keys attester@example.com
tru::1:1513631572:0:3:1:5
pub:...<SNIP>...
fpr:::::::::24FF6481B76AC91E66A00AC657A93A81EF3AE6FB:
Above, the fingerprint is 24FF6481B76AC91E66A00AC657A93A81EF3AE6FB
.
Corresponds to the JSON property pgpKeyId
2152 2153 2154 |
# File 'generated/google/apis/containeranalysis_v1beta1/classes.rb', line 2152 def pgp_key_id @pgp_key_id end |
#signature ⇒ String
Required. The raw content of the signature, as output by GNU Privacy Guard
(GPG) or equivalent. Since this message only supports attached signatures,
the payload that was signed must be attached. While the signature format
supported is dependent on the verification implementation, currently only
ASCII-armored (--armor
to gpg), non-clearsigned (--sign
rather than
--clearsign
to gpg) are supported. Concretely, gpg --sign --armor
--output=signature.gpg payload.json
will create the signature content
expected in this field in signature.gpg
for the payload.json
attestation payload.
Corresponds to the JSON property signature
2165 2166 2167 |
# File 'generated/google/apis/containeranalysis_v1beta1/classes.rb', line 2165 def signature @signature end |
Instance Method Details
#update!(**args) ⇒ Object
Update properties of this object
2172 2173 2174 2175 2176 |
# File 'generated/google/apis/containeranalysis_v1beta1/classes.rb', line 2172 def update!(**args) @content_type = args[:content_type] if args.key?(:content_type) @pgp_key_id = args[:pgp_key_id] if args.key?(:pgp_key_id) @signature = args[:signature] if args.key?(:signature) end |