Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func SignCommit ¶
SignCommit signs commit data from stdin and writes signature to stdout. This implements the gpgsm-compatible signing interface expected by Git. If a bridge cert is present (Level 1+), the CMS signature includes it as an intermediate cert: master → bridge → ephemeral → commit.
Types ¶
type Identity ¶
type Identity struct {
MasterKey *keys.Ed25519Signer
MachineID string
// Optional user attribution (Level 1+)
BridgeCert *x509.Certificate
BridgeKey *keys.SecurePrivateKey
}
Identity represents a signing identity with optional user attribution. Level 0: machine identity only (MasterKey). Level 1+: machine identity + bridge cert for user attribution.
func LoadIdentity ¶
LoadIdentity loads the signing identity from configuration. It always loads the machine master key (Level 0). If bridge cert/key files exist under cfg.Home/git/, they are loaded for Level 1+.
func (*Identity) HasUserAttribution ¶
HasUserAttribution returns true if a bridge cert is configured.
Source Files