You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
If we would sign an entire checksum file we would be able to use signify's feature of verifying the signature and checksum of a file, removing the need of an additional script to be compatible with Signify.
As an example an openBSD checksum file below.
It includes their comment, the signature and the file that was signed.
Can be verified using signify -Cp openbsd-74-base.pub -x SHA256.sig
It seems possible to use SHA512 instead of SHA256.
But we need to sign the entire file, not just the digest of a file.
If we would sign an entire checksum file we would be able to use signify's feature of verifying the signature and checksum of a file, removing the need of an additional script to be compatible with Signify.
As an example an openBSD checksum file below.
It includes their comment, the signature and the file that was signed.
Can be verified using
signify -Cp openbsd-74-base.pub -x SHA256.sig
It seems possible to use SHA512 instead of SHA256.
But we need to sign the entire file, not just the digest of a file.
The text was updated successfully, but these errors were encountered: