go-scm/manifest/sign.go

// SPDX-License-Identifier: EUPL-1.2

package manifest

import (
	"crypto/ed25519"
	"encoding/base64"

	coreerr "dappco.re/go/core/log"
	"gopkg.in/yaml.v3"
)

// signable returns the canonical bytes to sign (manifest without sign field).
func signable(m *Manifest) ([]byte, error) {
	tmp := *m
	tmp.Sign = ""
	return yaml.Marshal(&tmp)
}

// Sign computes the ed25519 signature and stores it in m.Sign (base64).
// Usage: Sign(...)
func Sign(m *Manifest, priv ed25519.PrivateKey) error {
	if m == nil {
		return coreerr.E("manifest.Sign", "nil manifest", nil)
	}
	if len(priv) != ed25519.PrivateKeySize {
		return coreerr.E("manifest.Sign", "invalid private key length", nil)
	}

	msg, err := signable(m)
	if err != nil {
		return coreerr.E("manifest.Sign", "marshal failed", err)
	}
	sig := ed25519.Sign(priv, msg)
	m.Sign = base64.StdEncoding.EncodeToString(sig)
	return nil
}

// Verify checks the ed25519 signature in m.Sign against the public key.
// Usage: Verify(...)
func Verify(m *Manifest, pub ed25519.PublicKey) (bool, error) {
	if m == nil {
		return false, coreerr.E("manifest.Verify", "nil manifest", nil)
	}
	if m.Sign == "" {
		return false, coreerr.E("manifest.Verify", "no signature present", nil)
	}
	if len(pub) != ed25519.PublicKeySize {
		return false, coreerr.E("manifest.Verify", "invalid public key length", nil)
	}
	sig, err := base64.StdEncoding.DecodeString(m.Sign)
	if err != nil {
		return false, coreerr.E("manifest.Verify", "decode failed", err)
	}
	msg, err := signable(m)
	if err != nil {
		return false, coreerr.E("manifest.Verify", "marshal failed", err)
	}
	return ed25519.Verify(pub, msg, sig), nil
}
chore(ax): normalize SPDX header identifier 2026-03-30 00:54:20 +00:00			`// SPDX-License-Identifier: EUPL-1.2`
refactor(ax): align code with AX principles 2026-03-29 23:59:48 +00:00
feat: add manifest, marketplace, plugin, repos subpackages Extracted from core/go pkg/{manifest,marketplace,plugin,repos}. Also swapped agentci/forge/gitea config imports to go-config. These packages handle package manifests, marketplace installation, plugin lifecycle, and multi-repo registry management. Co-Authored-By: Virgil <virgil@lethean.io> 2026-03-06 13:20:12 +00:00			`package manifest`

			`import (`
			`"crypto/ed25519"`
			`"encoding/base64"`

chore: migrate to dappco.re vanity import path Change module path from forge.lthn.ai/core/go-scm to dappco.re/go/core/scm. Update all Go source imports for migrated packages: - go-log -> dappco.re/go/core/log - go-io -> dappco.re/go/core/io - go-i18n -> dappco.re/go/core/i18n - go-ws -> dappco.re/go/core/ws - api -> dappco.re/go/core/api Non-migrated packages (cli, config) left on forge.lthn.ai paths. Replace directives use local paths (../go, ../go-io, etc.) until the dappco.re vanity URL server resolves these modules. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> 2026-03-21 23:54:23 +00:00			`coreerr "dappco.re/go/core/log"`
feat: add manifest, marketplace, plugin, repos subpackages Extracted from core/go pkg/{manifest,marketplace,plugin,repos}. Also swapped agentci/forge/gitea config imports to go-config. These packages handle package manifests, marketplace installation, plugin lifecycle, and multi-repo registry management. Co-Authored-By: Virgil <virgil@lethean.io> 2026-03-06 13:20:12 +00:00			`"gopkg.in/yaml.v3"`
			`)`

			`// signable returns the canonical bytes to sign (manifest without sign field).`
			`func signable(m *Manifest) ([]byte, error) {`
			`tmp := *m`
			`tmp.Sign = ""`
			`return yaml.Marshal(&tmp)`
			`}`

			`// Sign computes the ed25519 signature and stores it in m.Sign (base64).`
chore(ax): add usage docs to exported APIs Co-Authored-By: Virgil <virgil@lethean.io> 2026-03-30 14:11:15 +00:00			`// Usage: Sign(...)`
feat: add manifest, marketplace, plugin, repos subpackages Extracted from core/go pkg/{manifest,marketplace,plugin,repos}. Also swapped agentci/forge/gitea config imports to go-config. These packages handle package manifests, marketplace installation, plugin lifecycle, and multi-repo registry management. Co-Authored-By: Virgil <virgil@lethean.io> 2026-03-06 13:20:12 +00:00			`func Sign(m *Manifest, priv ed25519.PrivateKey) error {`
fix(manifest): validate signing inputs Co-Authored-By: Virgil <virgil@lethean.io> 2026-04-02 14:30:04 +00:00			`if m == nil {`
			`return coreerr.E("manifest.Sign", "nil manifest", nil)`
			`}`
			`if len(priv) != ed25519.PrivateKeySize {`
			`return coreerr.E("manifest.Sign", "invalid private key length", nil)`
			`}`

feat: add manifest, marketplace, plugin, repos subpackages Extracted from core/go pkg/{manifest,marketplace,plugin,repos}. Also swapped agentci/forge/gitea config imports to go-config. These packages handle package manifests, marketplace installation, plugin lifecycle, and multi-repo registry management. Co-Authored-By: Virgil <virgil@lethean.io> 2026-03-06 13:20:12 +00:00			`msg, err := signable(m)`
			`if err != nil {`
refactor: replace fmt.Errorf/errors.New with coreerr.E() Replace all remaining fmt.Errorf and errors.New calls in production code with coreerr.E("caller.Method", "message", err) from go-log. This standardises error handling across 23 files using the structured error convention already established in the plugin package. Co-Authored-By: Virgil <virgil@lethean.io> 2026-03-16 20:37:25 +00:00			`return coreerr.E("manifest.Sign", "marshal failed", err)`
feat: add manifest, marketplace, plugin, repos subpackages Extracted from core/go pkg/{manifest,marketplace,plugin,repos}. Also swapped agentci/forge/gitea config imports to go-config. These packages handle package manifests, marketplace installation, plugin lifecycle, and multi-repo registry management. Co-Authored-By: Virgil <virgil@lethean.io> 2026-03-06 13:20:12 +00:00			`}`
			`sig := ed25519.Sign(priv, msg)`
			`m.Sign = base64.StdEncoding.EncodeToString(sig)`
			`return nil`
			`}`

			`// Verify checks the ed25519 signature in m.Sign against the public key.`
chore(ax): add usage docs to exported APIs Co-Authored-By: Virgil <virgil@lethean.io> 2026-03-30 14:11:15 +00:00			`// Usage: Verify(...)`
feat: add manifest, marketplace, plugin, repos subpackages Extracted from core/go pkg/{manifest,marketplace,plugin,repos}. Also swapped agentci/forge/gitea config imports to go-config. These packages handle package manifests, marketplace installation, plugin lifecycle, and multi-repo registry management. Co-Authored-By: Virgil <virgil@lethean.io> 2026-03-06 13:20:12 +00:00			`func Verify(m *Manifest, pub ed25519.PublicKey) (bool, error) {`
fix(manifest): validate signing inputs Co-Authored-By: Virgil <virgil@lethean.io> 2026-04-02 14:30:04 +00:00			`if m == nil {`
			`return false, coreerr.E("manifest.Verify", "nil manifest", nil)`
			`}`
feat: add manifest, marketplace, plugin, repos subpackages Extracted from core/go pkg/{manifest,marketplace,plugin,repos}. Also swapped agentci/forge/gitea config imports to go-config. These packages handle package manifests, marketplace installation, plugin lifecycle, and multi-repo registry management. Co-Authored-By: Virgil <virgil@lethean.io> 2026-03-06 13:20:12 +00:00			`if m.Sign == "" {`
refactor: replace fmt.Errorf/errors.New with coreerr.E() Replace all remaining fmt.Errorf and errors.New calls in production code with coreerr.E("caller.Method", "message", err) from go-log. This standardises error handling across 23 files using the structured error convention already established in the plugin package. Co-Authored-By: Virgil <virgil@lethean.io> 2026-03-16 20:37:25 +00:00			`return false, coreerr.E("manifest.Verify", "no signature present", nil)`
feat: add manifest, marketplace, plugin, repos subpackages Extracted from core/go pkg/{manifest,marketplace,plugin,repos}. Also swapped agentci/forge/gitea config imports to go-config. These packages handle package manifests, marketplace installation, plugin lifecycle, and multi-repo registry management. Co-Authored-By: Virgil <virgil@lethean.io> 2026-03-06 13:20:12 +00:00			`}`
fix(manifest): reject invalid public keys in verify Co-Authored-By: Virgil <virgil@lethean.io> 2026-04-02 14:36:38 +00:00			`if len(pub) != ed25519.PublicKeySize {`
			`return false, coreerr.E("manifest.Verify", "invalid public key length", nil)`
			`}`
feat: add manifest, marketplace, plugin, repos subpackages Extracted from core/go pkg/{manifest,marketplace,plugin,repos}. Also swapped agentci/forge/gitea config imports to go-config. These packages handle package manifests, marketplace installation, plugin lifecycle, and multi-repo registry management. Co-Authored-By: Virgil <virgil@lethean.io> 2026-03-06 13:20:12 +00:00			`sig, err := base64.StdEncoding.DecodeString(m.Sign)`
			`if err != nil {`
refactor: replace fmt.Errorf/errors.New with coreerr.E() Replace all remaining fmt.Errorf and errors.New calls in production code with coreerr.E("caller.Method", "message", err) from go-log. This standardises error handling across 23 files using the structured error convention already established in the plugin package. Co-Authored-By: Virgil <virgil@lethean.io> 2026-03-16 20:37:25 +00:00			`return false, coreerr.E("manifest.Verify", "decode failed", err)`
feat: add manifest, marketplace, plugin, repos subpackages Extracted from core/go pkg/{manifest,marketplace,plugin,repos}. Also swapped agentci/forge/gitea config imports to go-config. These packages handle package manifests, marketplace installation, plugin lifecycle, and multi-repo registry management. Co-Authored-By: Virgil <virgil@lethean.io> 2026-03-06 13:20:12 +00:00			`}`
			`msg, err := signable(m)`
			`if err != nil {`
refactor: replace fmt.Errorf/errors.New with coreerr.E() Replace all remaining fmt.Errorf and errors.New calls in production code with coreerr.E("caller.Method", "message", err) from go-log. This standardises error handling across 23 files using the structured error convention already established in the plugin package. Co-Authored-By: Virgil <virgil@lethean.io> 2026-03-16 20:37:25 +00:00			`return false, coreerr.E("manifest.Verify", "marshal failed", err)`
feat: add manifest, marketplace, plugin, repos subpackages Extracted from core/go pkg/{manifest,marketplace,plugin,repos}. Also swapped agentci/forge/gitea config imports to go-config. These packages handle package manifests, marketplace installation, plugin lifecycle, and multi-repo registry management. Co-Authored-By: Virgil <virgil@lethean.io> 2026-03-06 13:20:12 +00:00			`}`
			`return ed25519.Verify(pub, msg, sig), nil`
			`}`