A C++17 library for verifying Ed25519-signed gzip archives. Signatures are embedded in the gzip comment field, making signed archives self-contained and easy to distribute.
- Ed25519 signature verification (via libsodium)
- BLAKE3 content hashing for integrity verification
- Self-contained signatures stored in gzip comment field
- Modern C++17 API with
tl::expectederror handling - In-memory and file-based verification
- Public key loading from files or base64
- C++17 compiler
- CMake 3.16+
- zlib
- libsodium
BLAKE3 and tl::expected are fetched automatically via CMake.
mkdir build && cd build
cmake ..
makeTo build with tests:
cmake -DBUILD_TESTS=ON ..
make
ctestcmake --install . --prefix /usr/local#include <signify-gzip/signify_gzip.hpp>
// Verify with key file path
auto result = signify::verify("archive.gz", "key.pub");
if (result.has_value()) {
std::cout << "Verification successful" << std::endl;
} else {
std::cerr << result.error().message() << std::endl;
}auto key = signify::PublicKey::from_file("key.pub");
if (!key) {
std::cerr << key.error().message() << std::endl;
return 1;
}
auto result = signify::verify("archive.gz", *key);std::vector<uint8_t> gzip_data = /* read file */;
auto key = signify::PublicKey::from_file("key.pub");
auto result = signify::verify(gzip_data.data(), gzip_data.size(), *key);auto key = signify::PublicKey::from_base64("RWTe5//5LhzMD...");All functions return tl::expected<T, std::error_code>. Error codes include:
FileNotFound- Input file does not existFileReadError- Failed to read fileInvalidGzip- Not a valid gzip fileNoSignature- No signature in gzip commentInvalidSignature- Malformed signature dataInvalidPublicKey- Malformed public keyFingerprintMismatch- Key fingerprint doesn't match signatureVerificationFailed- Signature verification failedDecompressionError- Gzip decompression failed
Apache License 2.0