Interfaces & Data
Interfaces
| Interface | Type |
|---|---|
archive-hasher | CLI (Go) |
manifest-signer | CLI (Go) |
Deliberately no HTTP surface, no daemon mode — both tools are single-shot CLIs.
Produces
snapshot-hashes.txt— the canonical 8-algorithm hash manifestsnapshot-hashes.txt.asc/.sig— detached PGP signaturesnapshot-hashes.txt.sphincs/.slh-dsa— detached post-quantum signature (optional)
Consumes
- An archive artifact file (any format — hashing is content-based, not format-aware)
- A PGP private key (ASCII-armored)
- A post-quantum private key (OpenSSL SLH-DSA format, optional)
Depends on
- Go 1.26
- GnuPG (for PGP signing)
- liboqs (for SLH-DSA support)
- OpenSSL (used for the PQ signing invocation)
Used by
Not currently recorded in the analyzer's evidence — used_by came back empty in the index. In practice this sits downstream of any Aptlantis project publishing an archive artifact under AAMHS, but that consumption hasn't been captured as explicit evidence yet.
Where it sits in Aptlantis governance
ArchiveHasher's primary standard is CTS, but its entire purpose is implementing the AAMHS v2.0 archive integrity workflow (documented separately in the CityHall standards site). This is a good example of a CTS tool whose reason for existing is entirely about satisfying a different standard's requirements — the command-tool shape is CTS, but the behavior it exists to produce is AAMHS-defined.
A repo-path discrepancy exists between README.md (which references an E:/ path) and the canonical manifest (D:/) — the manifest was treated as authoritative during analysis.