Skip to content

bodrovis-learning/brave_signer

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

27 Commits
.github
.github
 
 
cmd
cmd
 
 
docs
docs
 
 
internal
internal
 
 
tools
tools
 
 
.gitignore
.gitignore
 
 
.goreleaser.yaml
.goreleaser.yaml
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 

Repository files navigation

BraveSigner

Bravely generate key pairs, sign files, and check signatures.

BraveSigner is a Go-powered CLI tool that lets you generate cryptographic key pairs, sign files, and verify digital signatures using Ed25519. It prioritizes strong encryption practices, ease of use, and flexibility.

Full command reference in /docs/brave_signer.md

Usage

brave_signer COMMAND FLAGS

Available commands:

  • keys generate [--pub-key-path pub_key.pem] [--priv-key-path priv_key.pem]
    Generate an Ed25519 key pair.
    The private key is encrypted with XChaCha20Poly1305 using a passphrase you enter, derived securely via Argon2.

  • signatures signfile --file-path PATH_TO_FILE --signer-id SIGNER_NAME_OR_ID [--priv-key-path priv_key.pem]
    Sign a file using your private key.
    A .sig file will be created next to the original file, containing the signature and signer ID (up to 65,535 characters).

  • signatures verifyfile --file-path PATH_TO_FILE [--pub-key-path pub_key.pem]
    Verify a file against its .sig using an Ed25519 public key.
    The .sig file should be named <filename>.sig and stored alongside the original.

Configuration

All command line arguments can also be specified inside a config file. By default the script searches for a config.yaml file inside the current directory but it can be adjusted with the following CLI arguments:

  • --config-file-name (defaults to config)
  • --config-file-type (defaults to yaml)
  • --config-path (defaults to .)

For example, to adjust the signer:

signer-id: John Doe

In this case, you don't need to provide --signer-id when calling signatures signfile.

Note that CLI flags have priority over the parameters provided in the config file.

Environment variables

All parameters can also be provided via environment variables. This is useful in CI/CD setups, containerized environments, or when you want to avoid hardcoding values in config files.

Environment variables follow this format:

BRAVE_SIGNER_<PARAMETER_NAME>

Hyphens (-) in parameter names are replaced with underscores (_). For example --file-path can be set with BRAVE_SIGNER_FILE_PATH.

Precedence order

When resolving configuration values, the priority is as follows:

  1. Command-line arguments
  2. Environment variables
  3. Config file (config.yaml, etc.)
  4. Default values

License

(c) Ilya Krukowski

About

Bravely generate key pairs, sign files, and check signatures.

Topics

go golang argon2 ed25519 signature-verification

Resources

Readme

License

View license

Contributing

Contributing
Activity
Custom properties

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 5

v1.1.0 Latest
Jul 30, 2025
+ 4 releases

Contributors

Languages