From b29a52ea8f982c89170c10d9ed34ed37b0d241a7 Mon Sep 17 00:00:00 2001 From: elmadani Date: Tue, 24 Feb 2026 21:43:02 +0000 Subject: [PATCH] =?UTF-8?q?feat:=20BSL-1.1=20+=20Ed25519=20authorship=20si?= =?UTF-8?q?gnatures=20=E2=80=94=20=C2=A9=20Salka=20Elmadani=202025-2026?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- verify_authorship.py | 72 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 72 insertions(+) create mode 100644 verify_authorship.py diff --git a/verify_authorship.py b/verify_authorship.py new file mode 100644 index 0000000..1781039 --- /dev/null +++ b/verify_authorship.py @@ -0,0 +1,72 @@ +#!/usr/bin/env python3 +"""Verify SALKA ELMADANI authorship signatures. +Usage: python3 verify_authorship.py [file_or_directory] +Every source file carries an Ed25519 signature bound to SHA-256 of content. +Modify 1 character = signature invalid = tampering detected. +""" +import sys, hashlib, base64, os +from pathlib import Path +from cryptography.hazmat.primitives import serialization +from cryptography.exceptions import InvalidSignature + +PUBLIC_KEY_PEM = """ +-----BEGIN PUBLIC KEY----- +MCowBQYDK2VwAyEARCtdhRqqYcu7c8qwyoRKRn5Qbx9puylZHZOM+IsDp0U= +-----END PUBLIC KEY----- +""".strip() + + +def strip_sig(text): + lines, out, in_b = text.split("\n"), [], False + for ln in lines: + if MARK_S in ln: in_b = True; continue + if MARK_E in ln and in_b: in_b = False; continue + if not in_b: out.append(ln) + return "\n".join(out).rstrip("\n") + "\n" + +def extract_sig_data(text): + sha, sig = None, None + for ln in text.split("\n"): + if "SHA256:" in ln: sha = ln.split("SHA256:")[-1].strip().lstrip("#/ ") + if "SIG-ED25519:" in ln: sig = ln.split("SIG-ED25519:")[-1].strip().lstrip("#/ ") + return sha, sig + +def verify_file(fp, pub): + try: content = Path(fp).read_text(encoding="utf-8", errors="replace") + except: return None, "Cannot read" + clean = strip_sig(content) + claimed_h, sig_b64 = extract_sig_data(content) + if not claimed_h or not sig_b64: return False, "No signature" + actual_h = hashlib.sha256(clean.encode("utf-8")).hexdigest() + if actual_h != claimed_h: return False, f"HASH MISMATCH — modified" + try: + pub.verify(base64.b64decode(sig_b64), hashlib.sha256(clean.encode()).digest()) + return True, "VALID © Salka Elmadani" + except InvalidSignature: return False, "INVALID SIGNATURE — forgery" + except Exception as e: return False, str(e) + +def main(): + pub = serialization.load_pem_public_key(PUBLIC_KEY_PEM.encode()) + target = sys.argv[1] if len(sys.argv) > 1 else "." + files = [Path(target)] if Path(target).is_file() else [ + p for p in Path(target).rglob("*") + if p.is_file() and p.suffix in [".py",".cpp",".h",".js",".ts",".sh",".rs",".go",".md"] + and ".git" not in str(p) + ] + ok, fail, skip = 0, 0, 0 + for f in sorted(files): + r, msg = verify_file(f, pub) + if r is None: skip += 1 + elif r: ok += 1; print(f" ✓ {f.name}: {msg}") + else: fail += 1; print(f" ✗ {f.name}: {msg}") + print(f"\nResults: {ok} valid | {fail} TAMPERED | {skip} skipped") + if fail: print("WARNING: Authorship chain broken."); sys.exit(1) + +if __name__ == "__main__": main() +# ╔══ SALKA ELMADANI AUTHORSHIP CERTIFICATE ══╗ +# © Salka Elmadani 2025-2026 — ALL RIGHTS RESERVED +# Licensed under Business Source License 1.1 — https://inference-x.com +# ───────────────────────────────────────────────────────── +# SHA256: f4e32c8fe1f2cb7f5dc498c7506b054256f6871d7283beb74b1d5859eb775121 +# SIG-ED25519: g4rHIrZteuUk4HU/21i69rTk7H8EiL1XjX4A+dZD0xswTqR5XJb1CfnBQfyAxjb1Sf9VW3JptZVDkvOq+magCA== +# VERIFY: python3 verify_authorship.py verify_authorship.py