Skip to content
A command-line tool to sign files and verify signatures in pure Rust.
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
src/bin/rsign
.gitignore Remove Cargo.lock May 17, 2019
.travis.yml Add Travis Apr 28, 2019
Cargo.toml Bump Jun 25, 2019
LICENSE Initial import Apr 28, 2019
README.md WebAssembly compatibility Apr 29, 2019

README.md

rsign2

A Rust implementation of Minisign.

All signatures produced by rsign can be verified with minisign including trusted comments.

And minisign is able to sign files with keys generated by rsign.

In Rust, signatures can also be verified with the minisign-verify crate.

rsign2 is a maintained fork of rsign, originally written by Daniel Rangel.

Main differences with rsign:

  • rsign2 is written in pure Rust.
  • rsign2 has way less dependencies.
  • rsign2 includes bug fixes and improvements.
  • rsign2 tries to be usable as a library, not just as a command-line tool.
  • rsign2 supports WebAssembly.

API documentation

rsign2 is only a command-line interface. It relies on the Minisign crate, that can be embedded in any application:

API documentation on docs.rs

Usage

rsign generate

Generates a new key pair. The public key is printed in the screen and stored in rsign.pub by default. The secret key will be written at ~/.rsign/rsign.key. You can change the default paths with -p and -s respectively.

rsign sign myfile.txt

Sign myfile.txt with your secret key. You can add a signed trusted comment with:

rsign sign myfile.txt -t "my trusted comment"

If you are signing files larger than 1Gb you must use -H to first hash the file and sign the hash after that:

rsign sign mylargefile.bin -H

And to verify the signature with a given public key you can use:

rsign verify myfile.txt -p rsign.pub

Or if you have saved the signature file with a custom name other than myfile.txt.minisig and want to use a public key string you can use:

rsign verify myfile.txt -P [PUBLIC KEY STRING] -x mysignature.file

You can find more information using the help subcommand as in:

rsign help [SUBCOMMAND]

USAGE:
    rsign [SUBCOMMAND]

FLAGS:
    -h, --help       Prints help information
    -V, --version    Prints version information

SUBCOMMANDS:
    generate    Generate public and private keys
    help        Prints this message or the help of the given subcommand(s)
    sign        Sign a file with a given private key
    verify      Verify a signed file with a given public key
You can’t perform that action at this time.