signify ported from OpenBSD
C Roff Other
Switch branches/tags
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
.gitignore
.tarballignore
Makefile.am
README
base64.c
bcrypt_pbkdf.c
blf.h
blowfish.c
configure.ac
crypto_api.c
crypto_api.h
explicit_bzero.c
fe25519.c
fe25519.h
ge25519.h
ge25519_base.data
helper.c
mod_ed25519.c
mod_ge25519.c
ohash.c
ohash.h
portability.patch
sc25519.c
sc25519.h
sha2.c
sha2.h
sha256hl.c
sha512_256hl.c
sha512hl.c
signify.1
signify.c
signify.h
timingsafe_bcmp.c
update.sh
zsig.c

README

Signify
=======

This is a port of the OpenBSD signify[1] tool that compiles on Linux.  The
sources are minimally modified versions of those that appear in the OpenBSD
release that compile on Linux with the help of libbsd.

[1] http://www.tedunangst.com/flak/post/signify

Examples
--------

Create a new key pair:
      $ signify -G -p newkey.pub -s newkey.sec

Sign a file, specifying a signature name:
      $ signify -S -s key.sec -m message.txt -x msg.sig

Verify a signature, using the default signature name:
      $ signify -V -p key.pub -m generalsorders.txt

Verify a release directory containing SHA256.sig and a full set of release files:
      $ signify -C -p /etc/signify/openbsd-58-base.pub -x SHA256.sig

Verify a bsd.rd before an upgrade:
      $ signify -C -p /etc/signify/openbsd-58-base.pub -x SHA256.sig bsd.rd

To Install
----------

    apt-get install libbsd-dev
    autoreconf -ivf # (only needed if compiling from git, not tarball)
    ./configure
    make
    sudo make install

To Update
---------

    mkdir openbsd
    tar xzf /path/to/OpenBSD/src.tar.gz -C openbsd
    OPENBSD_SOURCE=openbsd ./update.sh

This will automatically pull in the source from the OpenBSD source tree and
patch it as necessary.  The update script was built for 6.0 and may need
changes in the future.