Interface: AttestationSigner

Defined in: packages/core/src/introspection/CryptoAttestation.ts:89

Pluggable signer interface for external KMS integration.

Implementations should be stateless and async-safe. The sign() method receives the canonical digest string and returns a signature (hex-encoded or base64).

Properties

name

readonly name: string;

Defined in: packages/core/src/introspection/CryptoAttestation.ts:91

Human-readable name (e.g., 'sigstore', 'aws-kms')

Methods

sign()

sign(digest): Promise<string>;

Defined in: packages/core/src/introspection/CryptoAttestation.ts:93

Sign a digest string

Parameters

Parameter	Type
digest	string

Returns

Promise<string>

---

verify()

verify(digest, signature): Promise<boolean>;

Defined in: packages/core/src/introspection/CryptoAttestation.ts:95

Verify a digest against a signature

Parameters

Parameter	Type
digest	string
signature	string

Returns

Promise<boolean>