{"id":22911996,"url":"https://github.com/opencoff/go-sign","last_synced_at":"2025-09-01T05:32:19.523Z","repository":{"id":57555095,"uuid":"123353338","full_name":"opencoff/go-sign","owner":"opencoff","description":"Ed25519 key and signature generation, storage in portable format","archived":false,"fork":false,"pushed_at":"2018-06-12T05:33:27.000Z","size":19,"stargazers_count":7,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-05-09T01:44:13.448Z","etag":null,"topics":["cryptographic-checksum","ed25519","ed25519-serialization","file-checksum","golang"],"latest_commit_sha":null,"homepage":null,"language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/opencoff.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-02-28T23:06:36.000Z","updated_at":"2023-11-15T04:51:27.000Z","dependencies_parsed_at":"2022-09-26T18:51:32.511Z","dependency_job_id":null,"html_url":"https://github.com/opencoff/go-sign","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/opencoff/go-sign","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/opencoff%2Fgo-sign","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/opencoff%2Fgo-sign/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/opencoff%2Fgo-sign/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/opencoff%2Fgo-sign/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/opencoff","download_url":"https://codeload.github.com/opencoff/go-sign/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/opencoff%2Fgo-sign/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":273077227,"owners_count":25041358,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-01T02:00:09.058Z","response_time":120,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cryptographic-checksum","ed25519","ed25519-serialization","file-checksum","golang"],"created_at":"2024-12-14T04:19:31.339Z","updated_at":"2025-09-01T05:32:19.497Z","avatar_url":"https://github.com/opencoff.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"[![GoDoc](https://godoc.org/github.com/opencoff/go-sign?status.svg)](https://godoc.org/github.com/opencoff/go-sign)\n\n# go-sign - Ed25519 signature calculation and verification\n\n## What is it?\nA library to generate, verify and store Ed25519 keys and signatures.\nIt uses the extended library (golang.org/x/crypto) for the\nunderlying operations.\n\nThe generated keys and signatures are proper YAML files and human\nreadable.\n\nThe signature file contains a hash of the public key - so that at\nverification time, the right private key may be used (in situations\nwhere there are lots of keys).\n\nSignatures on large files are calculated efficiently by reading them\nin memory mapped mode (```mmap(2)```) and hashing the file contents\nusing SHA-512. The Ed25519 signature is calculated on the file-hash.\n\n## Example of Keys, Signature\n\n### Ed25519 Public Key\nA serialized Ed25519 public key looks like so:\n\n    pk: uxpDh+gqXojAmxA/6vxZHzA+Uk+8wogUwvEhPBlWgvo=\n\n### Ed25519 Private Key\nAnd, a serialized Ed25519 private key looks like so:\n\n    esk: t3vfqHbgUiA733KKPymFjWT8DdnBEkiMfsDHolPUdQWpvVn/F1Z4J6KYV3M5rGO9xgKxh5RAmqt+6LKgOiJAMQ==\n    salt: pPHKG55UJYtJ5wU0G9hBvNQJ0DvT0a7T4Fmj4aPB84s=\n    algo: scrypt-sha256\n    verify: JvjRjJMKhJhBmZngC3Pvq7x3KCLKt7gar1AAz7HB4qM=\n    Z: 131072\n    r: 16\n    p: 1\n\nThe Ed25519 private key is encrypted using Scrypt password hashing\nmechanism. Any user supplied passphrase to protect the private key\nis first pre-hashed using SHA-512 before being used in\n```scrypt()``. In pseudo code, this operation looks like below:\n\n    passphrase = get_user_passphrase()\n    hpass      = SHA512(passphrase)\n    salt       = randombytes(32)\n    xorkey     = Scrypt(hpass, salt, N, r, p)\n    verify     = SHA256(salt, xorkey)\n    esk        = ed25519_private_key ^ xorkey\n\nWhere, ```N```, ```r```, ```p``` are Scrypt parameters. In our\nimplementation:\n\n    N = 131072\n    r = 16\n    p = 1\n\n```verify```  is used during the decryption of the Ed25519 private\nkey - before actually doing the \"xor\" operation. The code checks to\nensure that the supplied passphrase yields the same value as\n```verify```.\n\n### Ed25519 Signature\nA generated signature looks like below after serialization:\n\n    comment: inpfile=/tmp/file.txt\n    pkhash: 36z9tCwTIVNwwDlExrB0SQ==\n    signature: ow2oBP+buDbEvlNakOrsxgB5Yc/7PYyPVZCkfyu7oahw8BakF4Qf32uswPaKGZ8RVz4uXboYHdZtfrEjCgP/Cg==\n\nHere, ```pkhash`` is a SHA256 of the public key needed to verify\nthis signature.\n\n## License\nGPL v2.0\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fopencoff%2Fgo-sign","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fopencoff%2Fgo-sign","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fopencoff%2Fgo-sign/lists"}