From 74365c0f5178d6143ab2c2fe1e4ecb5cb7c1df6d Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Tue, 11 Mar 2025 18:31:14 +0100 Subject: [PATCH] Normalize Markdown files --- README.md | 76 ++++++++++++++++++++--------------------- src/manpage.md | 91 +++++++++++++++++++++++++------------------------- 2 files changed, 81 insertions(+), 86 deletions(-) diff --git a/README.md b/README.md index b63da9d..bfd82f4 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,6 @@ ![CodeQL scan](https://github.com/jedisct1/minisign/workflows/CodeQL%20scan/badge.svg) -Minisign -======== +# Minisign Minisign is a dead simple tool to sign files and verify signatures. @@ -13,15 +12,14 @@ public key: RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3 -Compilation / installation --------------------------- +## Compilation / installation ## Building with Zig Dependencies: -* [libsodium](https://libsodium.org/) (*optional*) -* [zig](https://ziglang.org) +- [libsodium](https://libsodium.org/) (_optional_) +- [zig](https://ziglang.org) Compilation with libsodium, dynamically linked (libsodium will need to be installed on the system for the command to run): @@ -43,10 +41,10 @@ In all these examples, `ReleaseFast` can be replaced with `ReleaseSmall` to favo Dependencies: -* [libsodium](https://libsodium.org/) (*required*) -* cmake -* pkg-config -* gcc or clang +- [libsodium](https://libsodium.org/) (_required_) +- cmake +- pkg-config +- gcc or clang Compilation: @@ -98,39 +96,37 @@ OQTDtJeciX9LF9hEbs1J1fzZHRdRhV4OTqcq0jTW9PXnrSSZlk1fbkE/5w== -----END PUBLIC KEY----- ``` -Additional tools, libraries and implementations ------------------------------------------------ +## Additional tools, libraries and implementations -* [minizign](https://github.com/jedisct1/zig-minisign) is a compact -implementation in Zig, that can also use ssh-encoded keys. -* [minisign-misc](https://github.com/JayBrown/minisign-misc) is a very -nice set of workflows and scripts for macOS to verify and sign files -with minisign. -* [go-minisign](https://github.com/jedisct1/go-minisign) is a small module -in Go to verify Minisign signatures. -* [rust-minisign](https://github.com/jedisct1/rust-minisign) is a Minisign -library written in pure Rust, that can be embedded in other applications. -* [rsign2](https://github.com/jedisct1/rsign2) is a reimplementation of -the command-line tool in Rust. -* [minisign (go)](https://github.com/aead/minisign) is a rewrite of Minisign -in the Go language. It reimplements the CLI but can also be used as a library. -* [minisign-verify](https://github.com/jedisct1/rust-minisign-verify) is -a small Rust crate to verify Minisign signatures. -* [minisign-net](https://github.com/bitbeans/minisign-net) is a .NET library -to handle and create Minisign signatures. -* [minisign](https://github.com/chm-diederichs/minisign) a Javascript -implementation. -* WebAssembly implementations of [rsign2](https://wapm.io/package/jedisct1/rsign2) -and [minisign-cli](https://wapm.io/package/jedisct1/minisign) are available on -WAPM. -* [minisign-php](https://github.com/soatok/minisign-php) is a PHP implementation. -* [py-minisign](https://github.com/x13a/py-minisign) is a Python -implementation. -* [minisign](https://hexdocs.pm/minisign/Minisign.html) is an Elixir implementation +- [minizign](https://github.com/jedisct1/zig-minisign) is a compact + implementation in Zig, that can also use ssh-encoded keys. +- [minisign-misc](https://github.com/JayBrown/minisign-misc) is a very + nice set of workflows and scripts for macOS to verify and sign files + with minisign. +- [go-minisign](https://github.com/jedisct1/go-minisign) is a small module + in Go to verify Minisign signatures. +- [rust-minisign](https://github.com/jedisct1/rust-minisign) is a Minisign + library written in pure Rust, that can be embedded in other applications. +- [rsign2](https://github.com/jedisct1/rsign2) is a reimplementation of + the command-line tool in Rust. +- [minisign (go)](https://github.com/aead/minisign) is a rewrite of Minisign + in the Go language. It reimplements the CLI but can also be used as a library. +- [minisign-verify](https://github.com/jedisct1/rust-minisign-verify) is + a small Rust crate to verify Minisign signatures. +- [minisign-net](https://github.com/bitbeans/minisign-net) is a .NET library + to handle and create Minisign signatures. +- [minisign](https://github.com/chm-diederichs/minisign) a Javascript + implementation. +- WebAssembly implementations of [rsign2](https://wapm.io/package/jedisct1/rsign2) + and [minisign-cli](https://wapm.io/package/jedisct1/minisign) are available on + WAPM. +- [minisign-php](https://github.com/soatok/minisign-php) is a PHP implementation. +- [py-minisign](https://github.com/x13a/py-minisign) is a Python + implementation. +- [minisign](https://hexdocs.pm/minisign/Minisign.html) is an Elixir implementation (verification only) -Signature determinism ---------------------- +## Signature determinism This implementation uses deterministic signatures, unless libsodium was compiled with the `ED25519_NONDETERMINISTIC` macro defined. This diff --git a/src/manpage.md b/src/manpage.md index 800aacc..eb06f25 100644 --- a/src/manpage.md +++ b/src/manpage.md @@ -1,8 +1,8 @@ -minisign(1) -- A dead simple tool to sign files and verify signatures. -====================================================================== + +# minisign(1) -- A dead simple tool to sign files and verify signatures. ## SYNOPSIS @@ -26,47 +26,46 @@ It is portable, lightweight, and uses the highly secure [Ed25519](http://ed25519 These options control the actions of `minisign`. - * `-G`: - Generate a new key pair - * `-C`: - Change/remove the password of a secret key - * `-R`: - Recreate a public key file from a secret key file - * `-S`: - Sign files - * `-V`: - Verify that a signature is valid for a given file - * `-H`: - Requires the input to be prehashed - * `-l`: - Sign using the legacy format - * `-m `: - File to sign/verify - * `-o`: - Combined with -V, output the file content after verification - * `-p `: - Public key file (default: ./minisign.pub) - * `-P `: - Public key, as a base64 string - * `-s `: - Secret key file (default: ~/.minisign/minisign.key) - * `-W`: - Do not encrypt/decrypt the secret key with a password - * `-x `: - Signature file (default: <file>.minisig) - * `-c `: - Add a one-line untrusted comment - * `-t `: - Add a one-line trusted comment - * `-q`: - Quiet mode, suppress output - * `-Q`: - Pretty quiet mode, only print the trusted comment - * `-f`: - Force. Combined with -G, overwrite a previous key pair - * `-v`: - Display version number - +- `-G`: + Generate a new key pair +- `-C`: + Change/remove the password of a secret key +- `-R`: + Recreate a public key file from a secret key file +- `-S`: + Sign files +- `-V`: + Verify that a signature is valid for a given file +- `-H`: + Requires the input to be prehashed +- `-l`: + Sign using the legacy format +- `-m `: + File to sign/verify +- `-o`: + Combined with -V, output the file content after verification +- `-p `: + Public key file (default: ./minisign.pub) +- `-P `: + Public key, as a base64 string +- `-s `: + Secret key file (default: ~/.minisign/minisign.key) +- `-W`: + Do not encrypt/decrypt the secret key with a password +- `-x `: + Signature file (default: <file>.minisig) +- `-c `: + Add a one-line untrusted comment +- `-t `: + Add a one-line trusted comment +- `-q`: + Quiet mode, suppress output +- `-Q`: + Pretty quiet mode, only print the trusted comment +- `-f`: + Force. Combined with -G, overwrite a previous key pair +- `-v`: + Display version number ## EXAMPLES @@ -79,7 +78,7 @@ The public key is printed and put into the `minisign.pub` file. The secret key i Signing files $ `minisign` -Sm myfile.txt -$ `minisign` -Sm myfile.txt myfile2.txt *.c +$ `minisign` -Sm myfile.txt myfile2.txt \*.c Or to include a comment in the signature, that will be verified and displayed when verifying the file: @@ -89,7 +88,7 @@ The secret key is loaded from `${MINISIGN_CONFIG_DIR}/minisign.key`, `~/.minisig Verifying a file -$ `minisign` -Vm myfile.txt -P <pubkey> +$ `minisign` -Vm myfile.txt -P <pubkey> or @@ -99,7 +98,7 @@ This requires the signature `myfile.txt.minisig` to be present in the same direc The public key can either reside in a file (`./minisign.pub` by default) or be directly specified on the command line. -## Notes +## NOTES Signature files include an untrusted comment line that can be freely modified, even after signature creation.