sign

package

v0.8.0 Latest Latest Go to latest Published: May 28, 2026 License: Apache-2.0 Imports: 9 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/ckumar392/zonegit

Links

Open Source Insights

Documentation ¶

Overview ¶

Package sign provides Ed25519 sign/verify primitives for zonegit commits and tags.

The commit object reserves a "signature" header (see pkg/object/commit.go). A signature is computed over the canonical commit bytes with the "signature" line stripped — exactly the way Git computes GPG signatures over commits. Re-encoding the commit with the new header lands an identical canonical payload byte-for-byte for any future verifier.

Scope of v3 (per roadmap):

file-backed Ed25519 keypairs (no KMS yet)
sign single commits via the CLI
verify a single commit or the first-parent chain to the root

Out of scope here (later milestones): KMS integration, multi-sig, X.509 chains, server-side "refuse unsigned" policy.

Index ¶

Variables
func GenerateKeypair(pubPath, privPath string) error
func LoadPrivateKey(path string) (ed25519.PrivateKey, error)
func LoadPublicKey(path string) (ed25519.PublicKey, error)
func SignCommit(c object.Commit, priv ed25519.PrivateKey) (object.Commit, store.Hash, store.Object, error)
func VerifyCommit(c object.Commit, pub ed25519.PublicKey) error

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	ErrUnsigned           = errors.New("commit has no signature")
	ErrBadSignatureFormat = errors.New("commit signature is not in ed25519:<base64> form")
	ErrSignatureMismatch  = errors.New("commit signature does not verify")
)

Sentinel errors.

Functions ¶

func GenerateKeypair ¶

func GenerateKeypair(pubPath, privPath string) error

GenerateKeypair generates a new Ed25519 keypair and writes the public and private keys (base64) to the given paths. The private file is chmod 0600.

func LoadPrivateKey ¶

func LoadPrivateKey(path string) (ed25519.PrivateKey, error)

LoadPrivateKey reads a base64-encoded Ed25519 private key from path.

func LoadPublicKey ¶

func LoadPublicKey(path string) (ed25519.PublicKey, error)

LoadPublicKey reads a base64-encoded Ed25519 public key from path.

func SignCommit ¶

func SignCommit(c object.Commit, priv ed25519.PrivateKey) (object.Commit, store.Hash, store.Object, error)

SignCommit returns a copy of c with Signature populated. The signature covers the canonical commit bytes with the "signature" header stripped (i.e. exactly the bytes that an unsigned re-encode would produce).

The returned commit hashes differently from the unsigned version; the caller is responsible for writing the new commit object and moving the branch ref (analogous to `git commit --amend -S`).

func VerifyCommit ¶

func VerifyCommit(c object.Commit, pub ed25519.PublicKey) error

VerifyCommit reports whether c's Signature is a valid Ed25519 signature by pub over the unsigned canonical bytes of c.

Returns:

nil if the signature verifies
ErrUnsigned if c.Signature is empty
ErrBadSignatureFormat if the header does not parse
ErrSignatureMismatch if the signature does not verify

Types ¶

This section is empty.

Source Files ¶

View all Source files

sign.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL