{"id":16712758,"url":"https://github.com/aead/minisign","last_synced_at":"2025-04-05T06:04:09.884Z","repository":{"id":47350959,"uuid":"343213984","full_name":"aead/minisign","owner":"aead","description":"A dead simple tool to sign files and verify digital signatures.","archived":false,"fork":false,"pushed_at":"2025-01-29T22:27:12.000Z","size":59,"stargazers_count":126,"open_issues_count":4,"forks_count":15,"subscribers_count":6,"default_branch":"main","last_synced_at":"2025-03-29T05:02:06.400Z","etag":null,"topics":["cryptography","ed25519","golang","pgp","signature"],"latest_commit_sha":null,"homepage":"https://jedisct1.github.io/minisign/","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/aead.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-02-28T21:02:16.000Z","updated_at":"2025-03-13T10:10:10.000Z","dependencies_parsed_at":"2023-02-04T10:16:49.216Z","dependency_job_id":"c705706d-9433-4037-b023-a7e206b9263b","html_url":"https://github.com/aead/minisign","commit_stats":null,"previous_names":[],"tags_count":6,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/aead%2Fminisign","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/aead%2Fminisign/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/aead%2Fminisign/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/aead%2Fminisign/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/aead","download_url":"https://codeload.github.com/aead/minisign/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247294516,"owners_count":20915340,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cryptography","ed25519","golang","pgp","signature"],"created_at":"2024-10-12T20:43:58.880Z","updated_at":"2025-04-05T06:04:09.865Z","avatar_url":"https://github.com/aead.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"[![Go Reference](https://pkg.go.dev/badge/aead.dev/minisign.svg)](https://pkg.go.dev/aead.dev/minisign)\n![Github CI](https://github.com/aead/minisign/actions/workflows/go.yml/badge.svg?branch=main)\n[![latest](https://badgen.net/github/tag/aead/minisign)](https://github.com/aead/minisign/releases/latest)\n\n# minisign\n\nminisign is a dead simple tool to sign files and verify signatures.\n\n```\n$ minisign -G \nPlease enter a password to protect the secret key.\n\nEnter Password: \nEnter Password (one more time): \nDeriving a key from the password in order to encrypt the secret key... done\n\nThe secret key was saved as ~/.minisign/minisign.key - Keep it secret!\nThe public key was saved as minisign.pub - That one can be public.\n\nFiles signed using this key pair can be verified with the following command:\n\nminisign -Vm \u003cfile\u003e -P RWSYKA736yqh+JrZ7cRDdWgck/WKtwW9ATBFmk8pQ1lHeUKXtV6uJ7Fu\n```\n```\n$ minisign -Sm message.txt\nEnter password: \nDeriving a key from the password in order to decrypt the secret key... done\n```\n```\n$ minisign -Vm message.txt\nSignature and comment signature verified\nTrusted comment: timestamp:1614718943\tfilename:message.txt\n```\n\nThis is a Go implementation of the [original C implementation](https://github.com/jedisct1/minisign) by [Frank Denis](https://github.com/jedisct1).\n\n## Usage\n\n```\nUsage:\n minisign -G [-p \u003cpubKey\u003e] [-s \u003csecKey\u003e] [-W]\n minisign -R [-s \u003csecKey\u003e] [-p \u003cpubKey\u003e]\n minisign -C [-s \u003csecKey\u003e] [-W]\n minisign -S [-x \u003csignature\u003e] [-s \u003csecKey\u003e] [-c \u003ccomment\u003e] [-t \u003ccomment\u003e] -m \u003cfile\u003e...\n minisign -V [-H] [-x \u003csignature\u003e] [-p \u003cpubKey\u003e | -P \u003cpubKey\u003e] [-o] [-q | -Q ] -m \u003cfile\u003e\n\nOptions:\n -G Generate a new public/secret key pair.\n -R Re-create a public key file from a secret key.\n -C Change or remove the password of the secret key.\n -S Sign files with a secret key.\n -V Verify files with a public key.\n -m \u003cfile\u003e The file to sign or verify.\n -o Combined with -V, output the file after verification.\n -H Combined with -V, require a signature over a pre-hashed file.\n -p \u003cpubKey\u003e Public key file (default: ./minisign.pub)\n -P \u003cpubKey\u003e Public key as base64 string\n -s \u003csecKey\u003e Secret key file (default: $HOME/.minisign/minisign.key)\n -W Do not encrypt/decrypt the secret key with a password.\n -x \u003csignature\u003e Signature file (default: \u003cfile\u003e.minisig)\n -c \u003ccomment\u003e Add a one-line untrusted comment.\n -t \u003ccomment\u003e Add a one-line trusted comment.\n -q Quiet mode. Suppress output.\n -Q Pretty quiet mode. Combined with -V, only print the trusted comment.\n -f Combined with -G or -R, overwrite any existing public/secret key pair.\n -v Print version information.\n```\n\n## Installation\n\nWith an up-to-date Go toolchain:\n```\ngo install aead.dev/minisign/cmd/minisign@latest\n```\n\nOn windows, linux and macOS, you can also use the pre-built binaries:\n| OS | ARCH | Latest Release |\n|:---------:|:-------:|:-----------------------------------------------------------------------------------------------------------------------|\n| Linux | amd64 | [minisign-linux-amd64.tar.gz](https://github.com/aead/minisign/releases/download/v0.3.0/minisign-linux-amd64.tar.gz) |\n| Linux | arm64 | [minisign-linux-arm64.tar.gz](https://github.com/aead/minisign/releases/download/v0.3.0/minisign-linux-arm64.tar.gz) |\n| MacOS | arm64 | [minisign-darwin-arm64.tar.gz](https://github.com/aead/minisign/releases/download/v0.3.0/minisign-darwin-arm64.tar.gz) |\n| Windows | amd64 | [minisign-windows-amd64.zip](https://github.com/aead/minisign/releases/download/v0.3.0/minisign-windows-amd64.zip) |\n\nFrom source:\n1. Clone the repository\n ```\n git clone https://aead.dev/minisign \u0026\u0026 cd minisign\n ```\n2. Build the binary\n ```\n make build\n ```\n\n## Library\n\n```Go\nimport \"aead.dev/minisign\" \n```\n\nThe following example generates a minisign public/private key pair, signs a message and verifies the message signature.\n\n```Go\npackage main\n\nimport (\n\t\"crypto/rand\"\n\t\"log\"\n\n\t\"aead.dev/minisign\"\n)\n\nfunc main() {\n\tvar message = []byte(\"Hello World!\")\n\n\tpublicKey, privateKey, err := minisign.GenerateKey(rand.Reader)\n\tif err != nil {\n\t\tlog.Fatalln(err)\n\t}\n\n\tsignature := minisign.Sign(privateKey, message)\n\t\n\tif !minisign.Verify(publicKey, message, signature) {\n\t\tlog.Fatalln(\"signature verification failed\")\n\t}\n\tlog.Println(string(message))\n}\n```\nFor more examples visit the package [documentation](https://pkg.go.dev/aead.dev/minisign).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Faead%2Fminisign","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Faead%2Fminisign","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Faead%2Fminisign/lists"}