Reference documentation and code samples for the Binary Authorization V1 API class Grafeas::V1::AttestationOccurrence.
Occurrence that represents a single "attestation". The authenticity of an attestation can be verified using the attached signature. If the verifier trusts the public key of the signer, then verifying the signature is sufficient to establish trust. In this circumstance, the authority to which this attestation is attached is primarily useful for lookup (how to find this attestation if you already know the authority and artifact to be verified) and intent (for which authority this attestation was intended to sign.
Inherits
- Object
Extended By
- Google::Protobuf::MessageExts::ClassMethods
Includes
- Google::Protobuf::MessageExts
Methods
#jwts
def jwts() -> ::Array<::Grafeas::V1::Jwt>
-
(::Array<::Grafeas::V1::Jwt>) — One or more JWTs encoding a self-contained attestation.
Each JWT encodes the payload that it verifies within the JWT itself.
Verifier implementation SHOULD ignore the
serialized_payload
field when verifying these JWTs. If only JWTs are present on this AttestationOccurrence, then theserialized_payload
SHOULD be left empty. Each JWT SHOULD encode a claim specific to theresource_uri
of this Occurrence, but this is not validated by Grafeas metadata API implementations. The JWT itself is opaque to Grafeas.
#jwts=
def jwts=(value) -> ::Array<::Grafeas::V1::Jwt>
-
value (::Array<::Grafeas::V1::Jwt>) — One or more JWTs encoding a self-contained attestation.
Each JWT encodes the payload that it verifies within the JWT itself.
Verifier implementation SHOULD ignore the
serialized_payload
field when verifying these JWTs. If only JWTs are present on this AttestationOccurrence, then theserialized_payload
SHOULD be left empty. Each JWT SHOULD encode a claim specific to theresource_uri
of this Occurrence, but this is not validated by Grafeas metadata API implementations. The JWT itself is opaque to Grafeas.
-
(::Array<::Grafeas::V1::Jwt>) — One or more JWTs encoding a self-contained attestation.
Each JWT encodes the payload that it verifies within the JWT itself.
Verifier implementation SHOULD ignore the
serialized_payload
field when verifying these JWTs. If only JWTs are present on this AttestationOccurrence, then theserialized_payload
SHOULD be left empty. Each JWT SHOULD encode a claim specific to theresource_uri
of this Occurrence, but this is not validated by Grafeas metadata API implementations. The JWT itself is opaque to Grafeas.
#serialized_payload
def serialized_payload() -> ::String
-
(::String) — Required. The serialized payload that is verified by one or more
signatures
.
#serialized_payload=
def serialized_payload=(value) -> ::String
-
value (::String) — Required. The serialized payload that is verified by one or more
signatures
.
-
(::String) — Required. The serialized payload that is verified by one or more
signatures
.
#signatures
def signatures() -> ::Array<::Grafeas::V1::Signature>
-
(::Array<::Grafeas::V1::Signature>) — One or more signatures over
serialized_payload
. Verifier implementations should consider this attestation message verified if at least onesignature
verifiesserialized_payload
. SeeSignature
in common.proto for more details on signature structure and verification.
#signatures=
def signatures=(value) -> ::Array<::Grafeas::V1::Signature>
-
value (::Array<::Grafeas::V1::Signature>) — One or more signatures over
serialized_payload
. Verifier implementations should consider this attestation message verified if at least onesignature
verifiesserialized_payload
. SeeSignature
in common.proto for more details on signature structure and verification.
-
(::Array<::Grafeas::V1::Signature>) — One or more signatures over
serialized_payload
. Verifier implementations should consider this attestation message verified if at least onesignature
verifiesserialized_payload
. SeeSignature
in common.proto for more details on signature structure and verification.