Skip to main content

Interfaces & Data

Interfaces

InterfaceType
archive-hasherCLI (Go)
manifest-signerCLI (Go)

Deliberately no HTTP surface, no daemon mode — both tools are single-shot CLIs.

Produces

  • snapshot-hashes.txt — the canonical 8-algorithm hash manifest
  • snapshot-hashes.txt.asc / .sig — detached PGP signature
  • snapshot-hashes.txt.sphincs / .slh-dsa — detached post-quantum signature (optional)

Consumes

  • An archive artifact file (any format — hashing is content-based, not format-aware)
  • A PGP private key (ASCII-armored)
  • A post-quantum private key (OpenSSL SLH-DSA format, optional)

Depends on

  • Go 1.26
  • GnuPG (for PGP signing)
  • liboqs (for SLH-DSA support)
  • OpenSSL (used for the PQ signing invocation)

Used by

Not currently recorded in the analyzer's evidence — used_by came back empty in the index. In practice this sits downstream of any Aptlantis project publishing an archive artifact under AAMHS, but that consumption hasn't been captured as explicit evidence yet.

Where it sits in Aptlantis governance

ArchiveHasher's primary standard is CTS, but its entire purpose is implementing the AAMHS v2.0 archive integrity workflow (documented separately in the CityHall standards site). This is a good example of a CTS tool whose reason for existing is entirely about satisfying a different standard's requirements — the command-tool shape is CTS, but the behavior it exists to produce is AAMHS-defined.

A repo-path discrepancy exists between README.md (which references an E:/ path) and the canonical manifest (D:/) — the manifest was treated as authoritative during analysis.