code_signing v0.1.0

CodeSigning (code_signing v0.1.0) View Source

Code signing and verification functions for BEAM binaries using Ed25519 signatures.

All strings for paths need to be passed as charlists for Erlang compatibility.

Link to this section Summary

Types

beam()

The filename as a string or the BEAM module binary.

chunkdata()

A tuple of the chunk ID and its binary data.

Functions

load(module, binary, public_key)

Verifies the signature of the given BEAM binary using the Ed25519 public_key. If the signature is valid, the module will be loaded.

load_file(module, beam_path, public_key)

Verifies the signature of the given path to .beam file using the Ed25519 public_key. If the signature is valid, the module will be loaded.

sign(module_or_path, secret_key)

Signs the the given BEAM binary or path to .beam file using the Ed25519 secret_key.

valid_signature?(module_or_path, public_key)

Verifies the signature of the given BEAM binary or path to .beam file using the Ed25519 public_key.

Link to this section Types

Link to this type

beam()

View Source

Specs

beam() :: charlist() | binary()

The filename as a string or the BEAM module binary.

Link to this type

chunkdata()

View Source

Specs

chunkdata() :: {charlist(), binary()}

A tuple of the chunk ID and its binary data.

Link to this section Functions

Link to this function

load(module, binary, public_key)

View Source

Specs

load(atom(), binary(), Ed25519.key()) :: :ok | :error

Verifies the signature of the given BEAM binary using the Ed25519 public_key. If the signature is valid, the module will be loaded.

Link to this function

load_file(module, beam_path, public_key)

View Source

Specs

load_file(atom(), charlist(), Ed25519.key()) :: :ok | :error

Verifies the signature of the given path to .beam file using the Ed25519 public_key. If the signature is valid, the module will be loaded.

Module names should be atoms prefixed with Elixir, such as String.to_atom("Elixir.MyModule")

Link to this function

sign(module_or_path, secret_key)

View Source

Specs

sign(beam(), Ed25519.key()) :: binary()

Signs the the given BEAM binary or path to .beam file using the Ed25519 secret_key.

Returns the modified binary that can be written to a file.

When given a BEAM binary, it will sign the binary.

When given a path to a .beam file, it will sign the binary without modifying the original file.

Link to this function

valid_signature?(module_or_path, public_key)

View Source

Specs

valid_signature?(beam(), Ed25519.key()) :: boolean()

Verifies the signature of the given BEAM binary or path to .beam file using the Ed25519 public_key.

When given a BEAM binary, it will verify the signature of the binary.

When given a path to a .beam file, it will verify the signature of the binary without modifying the original file.