class Google::Apis::ContaineranalysisV1alpha1::BuildSignature
Message encapsulating the signature of the verified build.
Attributes
An Id for the key used to sign. This could be either an Id for the key stored in `public_key` (such as the Id or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service). Corresponds to the JSON property `keyId` @return [String]
The type of the key, either stored in `public_key` or referenced in `key_id` Corresponds to the JSON property `keyType` @return [String]
Public key of the builder which can be used to verify that the related findings are valid and unchanged. If `key_type` is empty, this defaults to PEM encoded public keys. This field may be empty if `key_id` references an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes from ` BuildDetails` are base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature: `openssl sha256 -verify public.pem - signature signature.bin signed.bin` Corresponds to the JSON property `publicKey` @return [String]
Signature of the related `BuildProvenance`, encoded in a base64 string. Corresponds to the JSON property `signature` @return [String]
Public Class Methods
# File lib/google/apis/containeranalysis_v1alpha1/classes.rb, line 428 def initialize(**args) update!(**args) end
Public Instance Methods
Update properties of this object
# File lib/google/apis/containeranalysis_v1alpha1/classes.rb, line 433 def update!(**args) @key_id = args[:key_id] if args.key?(:key_id) @key_type = args[:key_type] if args.key?(:key_type) @public_key = args[:public_key] if args.key?(:public_key) @signature = args[:signature] if args.key?(:signature) end