Documentation
¶
Overview ¶
Package signing implements HMAC-SHA256 config signing and verification for BubbleFish Nexus compiled config files. The sign-config CLI writes *.sig files alongside each compiled *.json; the daemon verifies them at startup and on hot reload when [daemon.signing] enabled = true.
Reference: Tech Spec Section 6.5.
Index ¶
- func SignAll(compiledDir string, key []byte, logger *slog.Logger) error
- func SignFile(jsonPath string, key []byte) error
- func VerifyAll(compiledDir string, key []byte, onEvent SecurityEventFunc, logger *slog.Logger) error
- func VerifyFile(jsonPath string, key []byte, onEvent SecurityEventFunc) error
- type SecurityEventFunc
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func SignAll ¶
SignAll signs every *.json file in compiledDir. Returns an error on the first failure. The key is never logged.
func SignFile ¶
SignFile computes HMAC-SHA256 over the contents of jsonPath using key and writes the hex-encoded signature to jsonPath + ".sig" atomically (temp file + fsync + rename in the same directory).
Permissions: sig file is 0600.
func VerifyAll ¶
func VerifyAll(compiledDir string, key []byte, onEvent SecurityEventFunc, logger *slog.Logger) error
VerifyAll verifies the HMAC-SHA256 signature of every *.json file in compiledDir. Returns an error on the first failure. If onEvent is non-nil, it is called for each verification failure.
func VerifyFile ¶
func VerifyFile(jsonPath string, key []byte, onEvent SecurityEventFunc) error
VerifyFile checks that jsonPath has a valid *.sig sidecar containing the correct HMAC-SHA256 for the file contents. Returns nil on success.
If onEvent is non-nil, it is called with event type "config_signature_invalid" on any verification failure.
Types ¶
type SecurityEventFunc ¶
SecurityEventFunc is a callback invoked when a signature verification failure occurs. The eventType is always "config_signature_invalid".
Source Files