Module pack_sig 

Signature verification for remotely-fetched policy packs.

EMPIRICAL DISCOVERY (2026-05-25, against https://aiegis.ie/v1/harness/policy-packs/):

• <pack>/<ver>.tar.gz — gzip’d tar containing manifest.json plus the <name>.rego file(s) named in the manifest’s rego_files array.
• <pack>/<ver>.sig — exactly 64 raw bytes, the Ed25519 signature over sha256(tarball_bytes) (NOT over the tarball directly, NOT over a canonicalised manifest). Confirmed against /opt/aegis/aegis-registry/src/policy_packs.py::_sign_tarball_sha which calls priv.sign(hashlib.sha256(tarball).digest()).
• The issuer key is Ed25519, raw 32-byte public key e2eec1ad61e7f02051124dca8c53208b5f5524be47f5e813da86caea98433737, loaded by the publisher at runtime from /opt/aegis/config/aiegis_v1_issuer.key (env AIEGIS_V1_ISSUER_KEY_PATH).

GAP (needs-iteration): the publisher’s docstring states the key SHOULD be discoverable at /.well-known/did.json, but the live did.json resolves to a different (P-256) key handled by a separate pages handler. There is no aiegis.ie/v1/harness/policy-packs/.well-known/issuer-key.json. Until Nel publishes a stable discovery endpoint for the harness issuer key, the daemon pins the value via --issuer-pubkey-hex with a built-in default that matches the live key. The verify path itself is real Ed25519 — no stub, no skip.

Enums

SigError

Constants

DEFAULT_PACK_ISSUER_PUBKEY_HEX

Default issuer pubkey discovered empirically on 2026-05-25.

Functions

verify_pack_tarball

Verify a policy-pack tarball signature using the empirically-discovered scheme: Ed25519 over sha256(tarball_bytes).