Reference documentation and code samples for the Grafeas V1 Client class AttestationOccurrence.
Occurrence that represents a single "attestation". The authenticity of an attestation can be verified using the attached signature. If the verifier trusts the public key of the signer, then verifying the signature is sufficient to establish trust. In this circumstance, the authority to which this attestation is attached is primarily useful for lookup (how to find this attestation if you already know the authority and artifact to be verified) and intent (for which authority this attestation was intended to sign.
Generated from protobuf message grafeas.v1.AttestationOccurrence
Methods
__construct
Constructor.
Parameters | |
---|---|
Name | Description |
data |
array
Optional. Data for populating the Message object. |
↳ serialized_payload |
string
Required. The serialized payload that is verified by one or more |
↳ signatures |
array<Grafeas\V1\Signature>
One or more signatures over |
↳ jwts |
array<Grafeas\V1\Jwt>
One or more JWTs encoding a self-contained attestation. Each JWT encodes the payload that it verifies within the JWT itself. Verifier implementation SHOULD ignore the |
getSerializedPayload
Required. The serialized payload that is verified by one or more
signatures
.
Returns | |
---|---|
Type | Description |
string |
setSerializedPayload
Required. The serialized payload that is verified by one or more
signatures
.
Parameter | |
---|---|
Name | Description |
var |
string
|
Returns | |
---|---|
Type | Description |
$this |
getSignatures
One or more signatures over serialized_payload
. Verifier implementations
should consider this attestation message verified if at least one
signature
verifies serialized_payload
. See Signature
in common.proto
for more details on signature structure and verification.
Returns | |
---|---|
Type | Description |
Google\Protobuf\Internal\RepeatedField |
setSignatures
One or more signatures over serialized_payload
. Verifier implementations
should consider this attestation message verified if at least one
signature
verifies serialized_payload
. See Signature
in common.proto
for more details on signature structure and verification.
Parameter | |
---|---|
Name | Description |
var |
array<Grafeas\V1\Signature>
|
Returns | |
---|---|
Type | Description |
$this |
getJwts
One or more JWTs encoding a self-contained attestation.
Each JWT encodes the payload that it verifies within the JWT itself.
Verifier implementation SHOULD ignore the serialized_payload
field
when verifying these JWTs.
If only JWTs are present on this AttestationOccurrence, then the
serialized_payload
SHOULD be left empty.
Each JWT SHOULD encode a claim specific to the resource_uri
of this
Occurrence, but this is not validated by Grafeas metadata API
implementations. The JWT itself is opaque to Grafeas.
Returns | |
---|---|
Type | Description |
Google\Protobuf\Internal\RepeatedField |
setJwts
One or more JWTs encoding a self-contained attestation.
Each JWT encodes the payload that it verifies within the JWT itself.
Verifier implementation SHOULD ignore the serialized_payload
field
when verifying these JWTs.
If only JWTs are present on this AttestationOccurrence, then the
serialized_payload
SHOULD be left empty.
Each JWT SHOULD encode a claim specific to the resource_uri
of this
Occurrence, but this is not validated by Grafeas metadata API
implementations. The JWT itself is opaque to Grafeas.
Parameter | |
---|---|
Name | Description |
var |
array<Grafeas\V1\Jwt>
|
Returns | |
---|---|
Type | Description |
$this |