Expand description
§vyre-sigstore — ed25519 signing + verification for vyre conformance certificates
This crate operates on serialized certificate bytes and ed25519 keys. It has
zero dependency on vyre-conform internals — downstream auditors can verify
certificates without pulling the maintainer harness.
§Example
ⓘ
use vyre_sigstore::{sign, verify, SigningKey};
use rand::rngs::OsRng;
let key = SigningKey::generate(&mut OsRng);
let cert_bytes = std::fs::read("certificate.cbor")?;
let signature = sign(&cert_bytes, &key);
verify(&cert_bytes, &signature, &key.verifying_key())?;Structs§
- Signature
- Ed25519 signature.
- Signing
Key - ed25519 signing key which can be used to produce signatures.
- Verifying
Key - An ed25519 public key.
Enums§
- Verify
Error - Verification failure modes.
Functions§
- canonical_
digest - Compute the canonical blake3 digest of certificate bytes.
- sign
- Sign certificate bytes with an ed25519 key.
- verify
- Verify a detached signature against certificate bytes and a public key.