Grafeas V1 Client - Class AttestationOccurrence (0.10.3)

Reference documentation and code samples for the Grafeas V1 Client class AttestationOccurrence.

Occurrence that represents a single "attestation". The authenticity of an attestation can be verified using the attached signature. If the verifier trusts the public key of the signer, then verifying the signature is sufficient to establish trust. In this circumstance, the authority to which this attestation is attached is primarily useful for lookup (how to find this attestation if you already know the authority and artifact to be verified) and intent (for which authority this attestation was intended to sign.

Generated from protobuf message grafeas.v1.AttestationOccurrence

Namespace

Grafeas \ V1

Methods

__construct

Constructor.

Parameters
Name Description
data array

Optional. Data for populating the Message object.

↳ serialized_payload string

Required. The serialized payload that is verified by one or more signatures.

↳ signatures array<Grafeas\V1\Signature>

One or more signatures over serialized_payload. Verifier implementations should consider this attestation message verified if at least one signature verifies serialized_payload. See Signature in common.proto for more details on signature structure and verification.

↳ jwts array<Grafeas\V1\Jwt>

One or more JWTs encoding a self-contained attestation. Each JWT encodes the payload that it verifies within the JWT itself. Verifier implementation SHOULD ignore the serialized_payload field when verifying these JWTs. If only JWTs are present on this AttestationOccurrence, then the serialized_payload SHOULD be left empty. Each JWT SHOULD encode a claim specific to the resource_uri of this Occurrence, but this is not validated by Grafeas metadata API implementations. The JWT itself is opaque to Grafeas.

getSerializedPayload

Required. The serialized payload that is verified by one or more signatures.

Returns
Type Description
string

setSerializedPayload

Required. The serialized payload that is verified by one or more signatures.

Parameter
Name Description
var string
Returns
Type Description
$this

getSignatures

One or more signatures over serialized_payload. Verifier implementations should consider this attestation message verified if at least one signature verifies serialized_payload. See Signature in common.proto for more details on signature structure and verification.

Returns
Type Description
Google\Protobuf\Internal\RepeatedField

setSignatures

One or more signatures over serialized_payload. Verifier implementations should consider this attestation message verified if at least one signature verifies serialized_payload. See Signature in common.proto for more details on signature structure and verification.

Parameter
Name Description
var array<Grafeas\V1\Signature>
Returns
Type Description
$this

getJwts

One or more JWTs encoding a self-contained attestation.

Each JWT encodes the payload that it verifies within the JWT itself. Verifier implementation SHOULD ignore the serialized_payload field when verifying these JWTs. If only JWTs are present on this AttestationOccurrence, then the serialized_payload SHOULD be left empty. Each JWT SHOULD encode a claim specific to the resource_uri of this Occurrence, but this is not validated by Grafeas metadata API implementations. The JWT itself is opaque to Grafeas.

Returns
Type Description
Google\Protobuf\Internal\RepeatedField

setJwts

One or more JWTs encoding a self-contained attestation.

Each JWT encodes the payload that it verifies within the JWT itself. Verifier implementation SHOULD ignore the serialized_payload field when verifying these JWTs. If only JWTs are present on this AttestationOccurrence, then the serialized_payload SHOULD be left empty. Each JWT SHOULD encode a claim specific to the resource_uri of this Occurrence, but this is not validated by Grafeas metadata API implementations. The JWT itself is opaque to Grafeas.

Parameter
Name Description
var array<Grafeas\V1\Jwt>
Returns
Type Description
$this