Skip to content

Create cryptographic signatures for files and verify them.

License

Notifications You must be signed in to change notification settings

badboy/signify-rs

Repository files navigation

Signify - Ed25519 signature tool

crates.io docs.rs docs License: MIT Build Status

Create cryptographic signatures for files and verify them. This is based on signify, the OpenBSD tool to sign and verify signatures on files. It is based on the Ed25519 public-key signature system by Bernstein et al.

signify-rs is fully compatible with the original implementation. It can verify signatures generated by OpenBSD signify and signs data in a format that it can verify as well.

You can read more about the ideas and concepts behind signify in Securing OpenBSD From Us To You.

Installation

cargo install signify

Usage

The CLI is designed to be compatible with the reference implementation and accepts the same command line flags as it.

Create a key pair:

signify -G -p pubkey -s seckey

Sign a file using the secret key:

signify -S -s seckey -m README.md

Verify the signature:

signify -V -p pubkey -m README.md

To see how to use libsignify, check out the examples/ directory or the documentation.

Testing

There are basic unit tests, but many more are needed for good coverage 😞.

However, we ensure that a full cycle of generating a keypair, then signing & verifying works. To run them, use the following commands:

./tests/full-cycle.sh

For correctness, we compare interoperability with the OpenBSD signify:

./tests/compare.sh

The complete test suite can be conveniently ran with make test.

License

MIT. See LICENSE.