1 unstable release
Uses old Rust 2015
0.1.2 | Oct 5, 2017 |
---|---|
0.1.1 |
|
0.1.0 |
|
#2336 in Cryptography
62KB
1.5K
SLoC
rsign
DISCLAIMER: This is a toy. This has not undergone any formal security analysis. I am not a security expert. Use at your own risk
A simple rust implementation of Minisign tool. All signatures produced by rsign can be verified with minisign including trusted comments. Minisign is also able to sign files with keys generated by rsign.
It uses an asymmetric encryption system (Ed25519) to produce a pair of keys used to sign and verify the files. It also uses a particular combination of Scrypt, Salsa20 / 8 and SHA-256 as key derivation function (KDF) to encrypt and decrypt the keys.
BLAKE2b is used to confirm the integrity of the secret key as well to create a unique identifier for files larger than 1Gb.
Tarballs and pre-compiled binaries can be found here
Compilation / Installation
Dependencies:
Make sure you have libsodium in your default lib path before compiling rsign.
Compilation:
$ git clone https://danielrangel@bitbucket.org/danielrangel/rsign.git
$ cd rsign
$ cargo build --release
Usage
$ rsign generate
Generates a new key pair. The public key is printed in the screen and stored in rsign.pub
by default. The secret key will be written at ~/.rsign/rsign.key
. You can change the default paths with -p
and -s
respectively.
$ rsign sign myfile.txt
Sign myfile.txt
with your secret key. You can add a signed trusted comment with:
$ rsign sign myfile.txt -t "my trusted comment"
If you are signing files larger than 1Gb you must use -H
to first hash the file and sign the hash after that:
$ rsign sign mylargefile.bin -H
And to verify the signature with a given public key you can use:
$ rsign verify myfile.txt -p rsign.pub
Or if you have saved the signature file with a custom name other than myfile.txt.rsign
and want to use a public key string you can use:
$ rsign verify myfile.txt -P [PUBLIC KEY STRING] -x mysignature.file
You can find more information using the help subcommand as in:
$ rsign help [SUBCOMMAND]
USAGE:
rsign [SUBCOMMAND]
FLAGS:
-h, --help Prints help information
-V, --version Prints version information
SUBCOMMANDS:
generate Generate public and private keys
help Prints this message or the help of the given subcommand(s)
sign Sign a file with a given private key
verify Verify a signed file with a given public key
Dependencies
~20MB
~126K SLoC