Package dev.sigstore.proto.bundle.v1

Class Bundle.Builder

  • All Implemented Interfaces:
    com.google.protobuf.Message.Builder, com.google.protobuf.MessageLite.Builder, com.google.protobuf.MessageLiteOrBuilder, com.google.protobuf.MessageOrBuilder, BundleOrBuilder, java.lang.Cloneable
    Enclosing class:
    Bundle
    public static final class Bundle.Builder
extends com.google.protobuf.GeneratedMessage.Builder<Bundle.Builder>
implements BundleOrBuilder
    Protobuf type dev.sigstore.bundle.v1.Bundle

    • Method Detail

      • getDescriptor

        public static final com.google.protobuf.Descriptors.Descriptor getDescriptor()

      • internalGetFieldAccessorTable

        protected com.google.protobuf.GeneratedMessage.FieldAccessorTable internalGetFieldAccessorTable()
        Specified by:
        internalGetFieldAccessorTable in class com.google.protobuf.GeneratedMessage.Builder<Bundle.Builder>

      • clear

        public Bundle.Builder clear()
        Specified by:
        clear in interface com.google.protobuf.Message.Builder
        Specified by:
        clear in interface com.google.protobuf.MessageLite.Builder
        Overrides:
        clear in class com.google.protobuf.GeneratedMessage.Builder<Bundle.Builder>

      • getDescriptorForType

        public com.google.protobuf.Descriptors.Descriptor getDescriptorForType()
        Specified by:
        getDescriptorForType in interface com.google.protobuf.Message.Builder
        Specified by:
        getDescriptorForType in interface com.google.protobuf.MessageOrBuilder
        Overrides:
        getDescriptorForType in class com.google.protobuf.GeneratedMessage.Builder<Bundle.Builder>

      • getDefaultInstanceForType

        public Bundle getDefaultInstanceForType()
        Specified by:
        getDefaultInstanceForType in interface com.google.protobuf.MessageLiteOrBuilder
        Specified by:
        getDefaultInstanceForType in interface com.google.protobuf.MessageOrBuilder

      • build

        public Bundle build()
        Specified by:
        build in interface com.google.protobuf.Message.Builder
        Specified by:
        build in interface com.google.protobuf.MessageLite.Builder

      • buildPartial

        public Bundle buildPartial()
        Specified by:
        buildPartial in interface com.google.protobuf.Message.Builder
        Specified by:
        buildPartial in interface com.google.protobuf.MessageLite.Builder

      • mergeFrom

        public Bundle.Builder mergeFrom​(com.google.protobuf.Message other)
        Specified by:
        mergeFrom in interface com.google.protobuf.Message.Builder
        Overrides:
        mergeFrom in class com.google.protobuf.AbstractMessage.Builder<Bundle.Builder>

      • isInitialized

        public final boolean isInitialized()
        Specified by:
        isInitialized in interface com.google.protobuf.MessageLiteOrBuilder
        Overrides:
        isInitialized in class com.google.protobuf.GeneratedMessage.Builder<Bundle.Builder>

      • mergeFrom

        public Bundle.Builder mergeFrom​(com.google.protobuf.CodedInputStream input,
                                com.google.protobuf.ExtensionRegistryLite extensionRegistry)
                         throws java.io.IOException
        Specified by:
        mergeFrom in interface com.google.protobuf.Message.Builder
        Specified by:
        mergeFrom in interface com.google.protobuf.MessageLite.Builder
        Overrides:
        mergeFrom in class com.google.protobuf.AbstractMessage.Builder<Bundle.Builder>
        Throws:
        java.io.IOException

      • getMediaType

        public java.lang.String getMediaType()
         MUST be application/vnd.dev.sigstore.bundle.v0.3+json when
 when encoded as JSON.
 Clients must to be able to accept media type using the previously
 defined formats:
 * application/vnd.dev.sigstore.bundle+json;version=0.1
 * application/vnd.dev.sigstore.bundle+json;version=0.2
 * application/vnd.dev.sigstore.bundle+json;version=0.3
        string media_type = 1;
        Specified by:
        getMediaType in interface BundleOrBuilder
        Returns:
        The mediaType.

      • getMediaTypeBytes

        public com.google.protobuf.ByteString getMediaTypeBytes()
         MUST be application/vnd.dev.sigstore.bundle.v0.3+json when
 when encoded as JSON.
 Clients must to be able to accept media type using the previously
 defined formats:
 * application/vnd.dev.sigstore.bundle+json;version=0.1
 * application/vnd.dev.sigstore.bundle+json;version=0.2
 * application/vnd.dev.sigstore.bundle+json;version=0.3
        string media_type = 1;
        Specified by:
        getMediaTypeBytes in interface BundleOrBuilder
        Returns:
        The bytes for mediaType.

      • setMediaType

        public Bundle.Builder setMediaType​(java.lang.String value)
         MUST be application/vnd.dev.sigstore.bundle.v0.3+json when
 when encoded as JSON.
 Clients must to be able to accept media type using the previously
 defined formats:
 * application/vnd.dev.sigstore.bundle+json;version=0.1
 * application/vnd.dev.sigstore.bundle+json;version=0.2
 * application/vnd.dev.sigstore.bundle+json;version=0.3
        string media_type = 1;
        Parameters:
        value - The mediaType to set.
        Returns:
        This builder for chaining.

      • clearMediaType

        public Bundle.Builder clearMediaType()
         MUST be application/vnd.dev.sigstore.bundle.v0.3+json when
 when encoded as JSON.
 Clients must to be able to accept media type using the previously
 defined formats:
 * application/vnd.dev.sigstore.bundle+json;version=0.1
 * application/vnd.dev.sigstore.bundle+json;version=0.2
 * application/vnd.dev.sigstore.bundle+json;version=0.3
        string media_type = 1;
        Returns:
        This builder for chaining.

      • setMediaTypeBytes

        public Bundle.Builder setMediaTypeBytes​(com.google.protobuf.ByteString value)
         MUST be application/vnd.dev.sigstore.bundle.v0.3+json when
 when encoded as JSON.
 Clients must to be able to accept media type using the previously
 defined formats:
 * application/vnd.dev.sigstore.bundle+json;version=0.1
 * application/vnd.dev.sigstore.bundle+json;version=0.2
 * application/vnd.dev.sigstore.bundle+json;version=0.3
        string media_type = 1;
        Parameters:
        value - The bytes for mediaType to set.
        Returns:
        This builder for chaining.

      • hasVerificationMaterial

        public boolean hasVerificationMaterial()
         When a signer is identified by a X.509 certificate, a verifier MUST
 verify that the signature was computed at the time the certificate
 was valid as described in the Sigstore client spec: "Verification
 using a Bundle".
 <https://docs.google.com/document/d/1kbhK2qyPPk8SLavHzYSDM8-Ueul9_oxIMVFuWMWKz0E/edit#heading=h.x8bduppe89ln>
 If the verification material contains a public key identifier
 (key hint) and the `content` is a DSSE envelope, the key hints
 MUST be exactly the same in the verification material and in the
 DSSE envelope.
        .dev.sigstore.bundle.v1.VerificationMaterial verification_material = 2 [(.google.api.field_behavior) = REQUIRED];
        Specified by:
        hasVerificationMaterial in interface BundleOrBuilder
        Returns:
        Whether the verificationMaterial field is set.

      • getVerificationMaterial

        public VerificationMaterial getVerificationMaterial()
         When a signer is identified by a X.509 certificate, a verifier MUST
 verify that the signature was computed at the time the certificate
 was valid as described in the Sigstore client spec: "Verification
 using a Bundle".
 <https://docs.google.com/document/d/1kbhK2qyPPk8SLavHzYSDM8-Ueul9_oxIMVFuWMWKz0E/edit#heading=h.x8bduppe89ln>
 If the verification material contains a public key identifier
 (key hint) and the `content` is a DSSE envelope, the key hints
 MUST be exactly the same in the verification material and in the
 DSSE envelope.
        .dev.sigstore.bundle.v1.VerificationMaterial verification_material = 2 [(.google.api.field_behavior) = REQUIRED];
        Specified by:
        getVerificationMaterial in interface BundleOrBuilder
        Returns:
        The verificationMaterial.

      • setVerificationMaterial

        public Bundle.Builder setVerificationMaterial​(VerificationMaterial value)
         When a signer is identified by a X.509 certificate, a verifier MUST
 verify that the signature was computed at the time the certificate
 was valid as described in the Sigstore client spec: "Verification
 using a Bundle".
 <https://docs.google.com/document/d/1kbhK2qyPPk8SLavHzYSDM8-Ueul9_oxIMVFuWMWKz0E/edit#heading=h.x8bduppe89ln>
 If the verification material contains a public key identifier
 (key hint) and the `content` is a DSSE envelope, the key hints
 MUST be exactly the same in the verification material and in the
 DSSE envelope.
        .dev.sigstore.bundle.v1.VerificationMaterial verification_material = 2 [(.google.api.field_behavior) = REQUIRED];

      • setVerificationMaterial

        public Bundle.Builder setVerificationMaterial​(VerificationMaterial.Builder builderForValue)
         When a signer is identified by a X.509 certificate, a verifier MUST
 verify that the signature was computed at the time the certificate
 was valid as described in the Sigstore client spec: "Verification
 using a Bundle".
 <https://docs.google.com/document/d/1kbhK2qyPPk8SLavHzYSDM8-Ueul9_oxIMVFuWMWKz0E/edit#heading=h.x8bduppe89ln>
 If the verification material contains a public key identifier
 (key hint) and the `content` is a DSSE envelope, the key hints
 MUST be exactly the same in the verification material and in the
 DSSE envelope.
        .dev.sigstore.bundle.v1.VerificationMaterial verification_material = 2 [(.google.api.field_behavior) = REQUIRED];

      • mergeVerificationMaterial

        public Bundle.Builder mergeVerificationMaterial​(VerificationMaterial value)
         When a signer is identified by a X.509 certificate, a verifier MUST
 verify that the signature was computed at the time the certificate
 was valid as described in the Sigstore client spec: "Verification
 using a Bundle".
 <https://docs.google.com/document/d/1kbhK2qyPPk8SLavHzYSDM8-Ueul9_oxIMVFuWMWKz0E/edit#heading=h.x8bduppe89ln>
 If the verification material contains a public key identifier
 (key hint) and the `content` is a DSSE envelope, the key hints
 MUST be exactly the same in the verification material and in the
 DSSE envelope.
        .dev.sigstore.bundle.v1.VerificationMaterial verification_material = 2 [(.google.api.field_behavior) = REQUIRED];

      • clearVerificationMaterial

        public Bundle.Builder clearVerificationMaterial()
         When a signer is identified by a X.509 certificate, a verifier MUST
 verify that the signature was computed at the time the certificate
 was valid as described in the Sigstore client spec: "Verification
 using a Bundle".
 <https://docs.google.com/document/d/1kbhK2qyPPk8SLavHzYSDM8-Ueul9_oxIMVFuWMWKz0E/edit#heading=h.x8bduppe89ln>
 If the verification material contains a public key identifier
 (key hint) and the `content` is a DSSE envelope, the key hints
 MUST be exactly the same in the verification material and in the
 DSSE envelope.
        .dev.sigstore.bundle.v1.VerificationMaterial verification_material = 2 [(.google.api.field_behavior) = REQUIRED];

      • getVerificationMaterialBuilder

        public VerificationMaterial.Builder getVerificationMaterialBuilder()
         When a signer is identified by a X.509 certificate, a verifier MUST
 verify that the signature was computed at the time the certificate
 was valid as described in the Sigstore client spec: "Verification
 using a Bundle".
 <https://docs.google.com/document/d/1kbhK2qyPPk8SLavHzYSDM8-Ueul9_oxIMVFuWMWKz0E/edit#heading=h.x8bduppe89ln>
 If the verification material contains a public key identifier
 (key hint) and the `content` is a DSSE envelope, the key hints
 MUST be exactly the same in the verification material and in the
 DSSE envelope.
        .dev.sigstore.bundle.v1.VerificationMaterial verification_material = 2 [(.google.api.field_behavior) = REQUIRED];

      • getVerificationMaterialOrBuilder

        public VerificationMaterialOrBuilder getVerificationMaterialOrBuilder()
         When a signer is identified by a X.509 certificate, a verifier MUST
 verify that the signature was computed at the time the certificate
 was valid as described in the Sigstore client spec: "Verification
 using a Bundle".
 <https://docs.google.com/document/d/1kbhK2qyPPk8SLavHzYSDM8-Ueul9_oxIMVFuWMWKz0E/edit#heading=h.x8bduppe89ln>
 If the verification material contains a public key identifier
 (key hint) and the `content` is a DSSE envelope, the key hints
 MUST be exactly the same in the verification material and in the
 DSSE envelope.
        .dev.sigstore.bundle.v1.VerificationMaterial verification_material = 2 [(.google.api.field_behavior) = REQUIRED];
        Specified by:
        getVerificationMaterialOrBuilder in interface BundleOrBuilder

      • hasMessageSignature

        public boolean hasMessageSignature()
        .dev.sigstore.common.v1.MessageSignature message_signature = 3 [(.google.api.field_behavior) = REQUIRED];
        Specified by:
        hasMessageSignature in interface BundleOrBuilder
        Returns:
        Whether the messageSignature field is set.

      • getMessageSignature

        public MessageSignature getMessageSignature()
        .dev.sigstore.common.v1.MessageSignature message_signature = 3 [(.google.api.field_behavior) = REQUIRED];
        Specified by:
        getMessageSignature in interface BundleOrBuilder
        Returns:
        The messageSignature.

      • setMessageSignature

        public Bundle.Builder setMessageSignature​(MessageSignature value)
        .dev.sigstore.common.v1.MessageSignature message_signature = 3 [(.google.api.field_behavior) = REQUIRED];

      • setMessageSignature

        public Bundle.Builder setMessageSignature​(MessageSignature.Builder builderForValue)
        .dev.sigstore.common.v1.MessageSignature message_signature = 3 [(.google.api.field_behavior) = REQUIRED];

      • mergeMessageSignature

        public Bundle.Builder mergeMessageSignature​(MessageSignature value)
        .dev.sigstore.common.v1.MessageSignature message_signature = 3 [(.google.api.field_behavior) = REQUIRED];

      • clearMessageSignature

        public Bundle.Builder clearMessageSignature()
        .dev.sigstore.common.v1.MessageSignature message_signature = 3 [(.google.api.field_behavior) = REQUIRED];

      • getMessageSignatureBuilder

        public MessageSignature.Builder getMessageSignatureBuilder()
        .dev.sigstore.common.v1.MessageSignature message_signature = 3 [(.google.api.field_behavior) = REQUIRED];

      • hasDsseEnvelope

        public boolean hasDsseEnvelope()
         A DSSE envelope can contain arbitrary payloads.
 Verifiers must verify that the payload type is a
 supported and expected type. This is part of the DSSE
 protocol which is defined here:
 <https://github.com/secure-systems-lab/dsse/blob/master/protocol.md>
 DSSE envelopes in a bundle MUST have exactly one signture.
 This is a limitation from the DSSE spec, as it can contain
 multiple signatures. There are two primary reasons:
 1. It simplfies the verification logic and policy
 2. The bundle (currently) can only contain a single
 instance of the required verification materials
 During verification a client MUST reject an envelope if
 the number of signatures is not equal to one.
        .io.intoto.Envelope dsse_envelope = 4 [(.google.api.field_behavior) = REQUIRED];
        Specified by:
        hasDsseEnvelope in interface BundleOrBuilder
        Returns:
        Whether the dsseEnvelope field is set.

      • getDsseEnvelope

        public EnvelopeOuterClass.Envelope getDsseEnvelope()
         A DSSE envelope can contain arbitrary payloads.
 Verifiers must verify that the payload type is a
 supported and expected type. This is part of the DSSE
 protocol which is defined here:
 <https://github.com/secure-systems-lab/dsse/blob/master/protocol.md>
 DSSE envelopes in a bundle MUST have exactly one signture.
 This is a limitation from the DSSE spec, as it can contain
 multiple signatures. There are two primary reasons:
 1. It simplfies the verification logic and policy
 2. The bundle (currently) can only contain a single
 instance of the required verification materials
 During verification a client MUST reject an envelope if
 the number of signatures is not equal to one.
        .io.intoto.Envelope dsse_envelope = 4 [(.google.api.field_behavior) = REQUIRED];
        Specified by:
        getDsseEnvelope in interface BundleOrBuilder
        Returns:
        The dsseEnvelope.

      • setDsseEnvelope

        public Bundle.Builder setDsseEnvelope​(EnvelopeOuterClass.Envelope value)
         A DSSE envelope can contain arbitrary payloads.
 Verifiers must verify that the payload type is a
 supported and expected type. This is part of the DSSE
 protocol which is defined here:
 <https://github.com/secure-systems-lab/dsse/blob/master/protocol.md>
 DSSE envelopes in a bundle MUST have exactly one signture.
 This is a limitation from the DSSE spec, as it can contain
 multiple signatures. There are two primary reasons:
 1. It simplfies the verification logic and policy
 2. The bundle (currently) can only contain a single
 instance of the required verification materials
 During verification a client MUST reject an envelope if
 the number of signatures is not equal to one.
        .io.intoto.Envelope dsse_envelope = 4 [(.google.api.field_behavior) = REQUIRED];

      • setDsseEnvelope

        public Bundle.Builder setDsseEnvelope​(EnvelopeOuterClass.Envelope.Builder builderForValue)
         A DSSE envelope can contain arbitrary payloads.
 Verifiers must verify that the payload type is a
 supported and expected type. This is part of the DSSE
 protocol which is defined here:
 <https://github.com/secure-systems-lab/dsse/blob/master/protocol.md>
 DSSE envelopes in a bundle MUST have exactly one signture.
 This is a limitation from the DSSE spec, as it can contain
 multiple signatures. There are two primary reasons:
 1. It simplfies the verification logic and policy
 2. The bundle (currently) can only contain a single
 instance of the required verification materials
 During verification a client MUST reject an envelope if
 the number of signatures is not equal to one.
        .io.intoto.Envelope dsse_envelope = 4 [(.google.api.field_behavior) = REQUIRED];

      • mergeDsseEnvelope

        public Bundle.Builder mergeDsseEnvelope​(EnvelopeOuterClass.Envelope value)
         A DSSE envelope can contain arbitrary payloads.
 Verifiers must verify that the payload type is a
 supported and expected type. This is part of the DSSE
 protocol which is defined here:
 <https://github.com/secure-systems-lab/dsse/blob/master/protocol.md>
 DSSE envelopes in a bundle MUST have exactly one signture.
 This is a limitation from the DSSE spec, as it can contain
 multiple signatures. There are two primary reasons:
 1. It simplfies the verification logic and policy
 2. The bundle (currently) can only contain a single
 instance of the required verification materials
 During verification a client MUST reject an envelope if
 the number of signatures is not equal to one.
        .io.intoto.Envelope dsse_envelope = 4 [(.google.api.field_behavior) = REQUIRED];

      • clearDsseEnvelope

        public Bundle.Builder clearDsseEnvelope()
         A DSSE envelope can contain arbitrary payloads.
 Verifiers must verify that the payload type is a
 supported and expected type. This is part of the DSSE
 protocol which is defined here:
 <https://github.com/secure-systems-lab/dsse/blob/master/protocol.md>
 DSSE envelopes in a bundle MUST have exactly one signture.
 This is a limitation from the DSSE spec, as it can contain
 multiple signatures. There are two primary reasons:
 1. It simplfies the verification logic and policy
 2. The bundle (currently) can only contain a single
 instance of the required verification materials
 During verification a client MUST reject an envelope if
 the number of signatures is not equal to one.
        .io.intoto.Envelope dsse_envelope = 4 [(.google.api.field_behavior) = REQUIRED];

      • getDsseEnvelopeBuilder

        public EnvelopeOuterClass.Envelope.Builder getDsseEnvelopeBuilder()
         A DSSE envelope can contain arbitrary payloads.
 Verifiers must verify that the payload type is a
 supported and expected type. This is part of the DSSE
 protocol which is defined here:
 <https://github.com/secure-systems-lab/dsse/blob/master/protocol.md>
 DSSE envelopes in a bundle MUST have exactly one signture.
 This is a limitation from the DSSE spec, as it can contain
 multiple signatures. There are two primary reasons:
 1. It simplfies the verification logic and policy
 2. The bundle (currently) can only contain a single
 instance of the required verification materials
 During verification a client MUST reject an envelope if
 the number of signatures is not equal to one.
        .io.intoto.Envelope dsse_envelope = 4 [(.google.api.field_behavior) = REQUIRED];

      • getDsseEnvelopeOrBuilder

        public EnvelopeOuterClass.EnvelopeOrBuilder getDsseEnvelopeOrBuilder()
         A DSSE envelope can contain arbitrary payloads.
 Verifiers must verify that the payload type is a
 supported and expected type. This is part of the DSSE
 protocol which is defined here:
 <https://github.com/secure-systems-lab/dsse/blob/master/protocol.md>
 DSSE envelopes in a bundle MUST have exactly one signture.
 This is a limitation from the DSSE spec, as it can contain
 multiple signatures. There are two primary reasons:
 1. It simplfies the verification logic and policy
 2. The bundle (currently) can only contain a single
 instance of the required verification materials
 During verification a client MUST reject an envelope if
 the number of signatures is not equal to one.
        .io.intoto.Envelope dsse_envelope = 4 [(.google.api.field_behavior) = REQUIRED];
        Specified by:
        getDsseEnvelopeOrBuilder in interface BundleOrBuilder