Create cryptographic signatures for files and verify them. This is based on signify, the OpenBSD tool to sign and verify signatures on files. It is based on the Ed25519 public-key signature system by Bernstein et al.
signify-rs
is fully compatible with the original implementation. It can verify signatures generated by OpenBSD signify
and signs data in a format that it can verify as well.
You can read more about the ideas and concepts behind signify
in Securing OpenBSD From Us To You.
cargo install signify
The CLI is designed to be compatible with the reference implementation and accepts the same command line flags as it.
Create a key pair:
signify -G -p pubkey -s seckey
Sign a file using the secret key:
signify -S -s seckey -m README.md
Verify the signature:
signify -V -p pubkey -m README.md
To see how to use libsignify
, check out the examples/
directory or the documentation.
There are basic unit tests, but many more are needed for good coverage 😞.
However, we ensure that a full cycle of generating a keypair, then signing & verifying works. To run them, use the following commands:
./tests/full-cycle.sh
For correctness, we compare interoperability with the OpenBSD signify
:
./tests/compare.sh
The complete test suite can be conveniently ran with make test
.
MIT. See LICENSE.