Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/badboy/signify-rs

Create cryptographic signatures for files and verify them.
https://github.com/badboy/signify-rs

Last synced: 3 days ago
JSON representation

Create cryptographic signatures for files and verify them.

Host: GitHub
URL: https://github.com/badboy/signify-rs
Owner: badboy
License: mit
Created: 2016-06-14T18:49:51.000Z (over 8 years ago)
Default Branch: main
Last Pushed: 2024-12-07T18:21:27.000Z (about 1 month ago)
Last Synced: 2025-01-11T07:33:01.086Z (9 days ago)
Language: Rust
Homepage: https://crates.io/crates/signify
Size: 169 KB
Stars: 90
Watchers: 5
Forks: 12
Open Issues: 6
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- License: LICENSE

Awesome Lists containing this project

README

        # Signify - Ed25519 signature tool

[![crates.io](https://img.shields.io/crates/v/signify.svg?style=flat-square)](https://crates.io/crates/signify)

[![docs.rs docs](https://img.shields.io/badge/docs-latest-blue.svg?style=flat-square)]([documentation])

[![License: MIT](https://img.shields.io/github/license/badboy/signify-rs?style=flat-square)](LICENSE)

[![Build Status](https://img.shields.io/github/workflow/status/badboy/signify-rs/CI/main?style=flat-square)](https://github.com/badboy/signify-rs/actions/workflows/ci.yml)

Create cryptographic signatures for files and verify them.

This is based on [signify][], the OpenBSD tool to sign and verify signatures on files.

It is based on the [Ed25519 public-key signature system][ed25519] by Bernstein et al.

`signify-rs` is fully compatible with the original implementation. It can verify signatures generated by OpenBSD `signify` and signs data in a format that it can verify as well.

You can read more about the ideas and concepts behind `signify` in [Securing OpenBSD From Us To You](https://www.openbsd.org/papers/bsdcan-signify.html).

## Installation

```

cargo install signify

```

## Usage

The CLI is designed to be compatible with the reference implementation and accepts the same command line flags as it.

Create a key pair:

```

signify -G -p pubkey -s seckey

```

Sign a file using the secret key:

```

signify -S -s seckey -m README.md

```

Verify the signature:

```

signify -V -p pubkey -m README.md

```

To see how to use `libsignify`, check out the `examples/` directory or the [documentation].

## Testing

There are basic unit tests, but many more are needed for good coverage :disappointed:.

However, we ensure that a full cycle of generating a keypair, then signing & verifying works.

To run them, use the following commands:

```bash

./tests/full-cycle.sh

```

For correctness, we compare interoperability with the OpenBSD `signify`:

```bash

./tests/compare.sh

```

The complete test suite can be conveniently ran with `make test`.

## License

MIT. See [LICENSE](LICENSE).

[documentation]: https://docs.rs/libsignify

[signify]: https://github.com/aperezdc/signify

[ed25519]: https://ed25519.cr.yp.to/