mirrors/minisign
1
0
Fork 0
mirror of https://github.com/jedisct1/minisign.git synced 2025-04-04 11:27:42 +03:00
Code Issues Projects Releases Packages Wiki Activity

Normalize Markdown files

Browse source
This commit is contained in:
Frank Denis 2025-03-11 18:31:14 +01:00
parent d5a2f02bc0
commit 74365c0f51
2 changed files with 81 additions and 86 deletions
Download patch file Download diff file Expand all files Collapse all files

76
README.md
View file

@ -1,7 +1,6 @@
![CodeQL scan](https://github.com/jedisct1/minisign/workflows/CodeQL%20scan/badge.svg) ![CodeQL scan](https://github.com/jedisct1/minisign/workflows/CodeQL%20scan/badge.svg)
Minisign # Minisign
========
Minisign is a dead simple tool to sign files and verify signatures. Minisign is a dead simple tool to sign files and verify signatures.
@ -13,15 +12,14 @@ public key:
RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3 RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3
Compilation / installation ## Compilation / installation
--------------------------
## Building with Zig ## Building with Zig
Dependencies: Dependencies:
* [libsodium](https://libsodium.org/) (*optional*) - [libsodium](https://libsodium.org/) (_optional_)
* [zig](https://ziglang.org) - [zig](https://ziglang.org)
Compilation with libsodium, dynamically linked (libsodium will need to be installed on the system for the command to run): Compilation with libsodium, dynamically linked (libsodium will need to be installed on the system for the command to run):
@ -43,10 +41,10 @@ In all these examples, `ReleaseFast` can be replaced with `ReleaseSmall` to favo
Dependencies: Dependencies:
* [libsodium](https://libsodium.org/) (*required*) - [libsodium](https://libsodium.org/) (_required_)
* cmake - cmake
* pkg-config - pkg-config
* gcc or clang - gcc or clang
Compilation: Compilation:
@ -98,39 +96,37 @@ OQTDtJeciX9LF9hEbs1J1fzZHRdRhV4OTqcq0jTW9PXnrSSZlk1fbkE/5w==
-----END PUBLIC KEY----- -----END PUBLIC KEY-----
``` ```
Additional tools, libraries and implementations ## Additional tools, libraries and implementations
-----------------------------------------------
* [minizign](https://github.com/jedisct1/zig-minisign) is a compact - [minizign](https://github.com/jedisct1/zig-minisign) is a compact
implementation in Zig, that can also use ssh-encoded keys. implementation in Zig, that can also use ssh-encoded keys.
* [minisign-misc](https://github.com/JayBrown/minisign-misc) is a very - [minisign-misc](https://github.com/JayBrown/minisign-misc) is a very
nice set of workflows and scripts for macOS to verify and sign files nice set of workflows and scripts for macOS to verify and sign files
with minisign. with minisign.
* [go-minisign](https://github.com/jedisct1/go-minisign) is a small module - [go-minisign](https://github.com/jedisct1/go-minisign) is a small module
in Go to verify Minisign signatures. in Go to verify Minisign signatures.
* [rust-minisign](https://github.com/jedisct1/rust-minisign) is a Minisign - [rust-minisign](https://github.com/jedisct1/rust-minisign) is a Minisign
library written in pure Rust, that can be embedded in other applications. library written in pure Rust, that can be embedded in other applications.
* [rsign2](https://github.com/jedisct1/rsign2) is a reimplementation of - [rsign2](https://github.com/jedisct1/rsign2) is a reimplementation of
the command-line tool in Rust. the command-line tool in Rust.
* [minisign (go)](https://github.com/aead/minisign) is a rewrite of Minisign - [minisign (go)](https://github.com/aead/minisign) is a rewrite of Minisign
in the Go language. It reimplements the CLI but can also be used as a library. in the Go language. It reimplements the CLI but can also be used as a library.
* [minisign-verify](https://github.com/jedisct1/rust-minisign-verify) is - [minisign-verify](https://github.com/jedisct1/rust-minisign-verify) is
a small Rust crate to verify Minisign signatures. a small Rust crate to verify Minisign signatures.
* [minisign-net](https://github.com/bitbeans/minisign-net) is a .NET library - [minisign-net](https://github.com/bitbeans/minisign-net) is a .NET library
to handle and create Minisign signatures. to handle and create Minisign signatures.
* [minisign](https://github.com/chm-diederichs/minisign) a Javascript - [minisign](https://github.com/chm-diederichs/minisign) a Javascript
implementation. implementation.
* WebAssembly implementations of [rsign2](https://wapm.io/package/jedisct1/rsign2) - WebAssembly implementations of [rsign2](https://wapm.io/package/jedisct1/rsign2)
and [minisign-cli](https://wapm.io/package/jedisct1/minisign) are available on and [minisign-cli](https://wapm.io/package/jedisct1/minisign) are available on
WAPM. WAPM.
* [minisign-php](https://github.com/soatok/minisign-php) is a PHP implementation. - [minisign-php](https://github.com/soatok/minisign-php) is a PHP implementation.
* [py-minisign](https://github.com/x13a/py-minisign) is a Python - [py-minisign](https://github.com/x13a/py-minisign) is a Python
implementation. implementation.
* [minisign](https://hexdocs.pm/minisign/Minisign.html) is an Elixir implementation - [minisign](https://hexdocs.pm/minisign/Minisign.html) is an Elixir implementation
(verification only) (verification only)
Signature determinism ## Signature determinism
---------------------
This implementation uses deterministic signatures, unless libsodium This implementation uses deterministic signatures, unless libsodium
was compiled with the `ED25519_NONDETERMINISTIC` macro defined. This was compiled with the `ED25519_NONDETERMINISTIC` macro defined. This

91
src/manpage.md
View file

@ -1,8 +1,8 @@
<!--- <!---
This man page can be generated using ronn - https://rtomayko.github.io/ronn/ This man page can be generated using ronn - https://rtomayko.github.io/ronn/
--> -->
minisign(1) -- A dead simple tool to sign files and verify signatures.
====================================================================== # minisign(1) -- A dead simple tool to sign files and verify signatures.
## SYNOPSIS ## SYNOPSIS
@ -26,47 +26,46 @@ It is portable, lightweight, and uses the highly secure [Ed25519](http://ed25519
These options control the actions of `minisign`. These options control the actions of `minisign`.
* `-G`: - `-G`:
Generate a new key pair Generate a new key pair
* `-C`: - `-C`:
Change/remove the password of a secret key Change/remove the password of a secret key
* `-R`: - `-R`:
Recreate a public key file from a secret key file Recreate a public key file from a secret key file
* `-S`: - `-S`:
Sign files Sign files
* `-V`: - `-V`:
Verify that a signature is valid for a given file Verify that a signature is valid for a given file
* `-H`: - `-H`:
Requires the input to be prehashed Requires the input to be prehashed
* `-l`: - `-l`:
Sign using the legacy format Sign using the legacy format
* `-m <file>`: - `-m <file>`:
File to sign/verify File to sign/verify
* `-o`: - `-o`:
Combined with -V, output the file content after verification Combined with -V, output the file content after verification
* `-p <pubkey_file>`: - `-p <pubkey_file>`:
Public key file (default: ./minisign.pub) Public key file (default: ./minisign.pub)
* `-P <pubkey>`: - `-P <pubkey>`:
Public key, as a base64 string Public key, as a base64 string
* `-s <seckey_file>`: - `-s <seckey_file>`:
Secret key file (default: ~/.minisign/minisign.key) Secret key file (default: ~/.minisign/minisign.key)
* `-W`: - `-W`:
Do not encrypt/decrypt the secret key with a password Do not encrypt/decrypt the secret key with a password
* `-x <sig_file>`: - `-x <sig_file>`:
Signature file (default: &lt;file&gt;.minisig) Signature file (default: &lt;file&gt;.minisig)
* `-c <comment>`: - `-c <comment>`:
Add a one-line untrusted comment Add a one-line untrusted comment
* `-t <comment>`: - `-t <comment>`:
Add a one-line trusted comment Add a one-line trusted comment
* `-q`: - `-q`:
Quiet mode, suppress output Quiet mode, suppress output
* `-Q`: - `-Q`:
Pretty quiet mode, only print the trusted comment Pretty quiet mode, only print the trusted comment
* `-f`: - `-f`:
Force. Combined with -G, overwrite a previous key pair Force. Combined with -G, overwrite a previous key pair
* `-v`: - `-v`:
Display version number Display version number
## EXAMPLES ## EXAMPLES
@ -79,7 +78,7 @@ The public key is printed and put into the `minisign.pub` file. The secret key i
Signing files Signing files
$ `minisign` -Sm myfile.txt $ `minisign` -Sm myfile.txt
$ `minisign` -Sm myfile.txt myfile2.txt *.c $ `minisign` -Sm myfile.txt myfile2.txt \*.c
Or to include a comment in the signature, that will be verified and displayed when verifying the file: Or to include a comment in the signature, that will be verified and displayed when verifying the file:
@ -89,7 +88,7 @@ The secret key is loaded from `${MINISIGN_CONFIG_DIR}/minisign.key`, `~/.minisig
Verifying a file Verifying a file
$ `minisign` -Vm myfile.txt -P &lt;pubkey&gt; $ `minisign` -Vm myfile.txt -P &lt;pubkey&gt;
or or
@ -99,7 +98,7 @@ This requires the signature `myfile.txt.minisig` to be present in the same direc
The public key can either reside in a file (`./minisign.pub` by default) or be directly specified on the command line. The public key can either reside in a file (`./minisign.pub` by default) or be directly specified on the command line.
## Notes ## NOTES
Signature files include an untrusted comment line that can be freely modified, even after signature creation. Signature files include an untrusted comment line that can be freely modified, even after signature creation.