Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support signfiy -C, checksum verification #12

Open
dehanj opened this issue Nov 20, 2023 · 0 comments
Open

Support signfiy -C, checksum verification #12

dehanj opened this issue Nov 20, 2023 · 0 comments

Comments

@dehanj
Copy link
Member

dehanj commented Nov 20, 2023
edited

If we would sign an entire checksum file we would be able to use signify's feature of verifying the signature and checksum of a file, removing the need of an additional script to be compatible with Signify.

As an example an openBSD checksum file below.
It includes their comment, the signature and the file that was signed.

Can be verified using signify -Cp openbsd-74-base.pub -x SHA256.sig

It seems possible to use SHA512 instead of SHA256.
But we need to sign the entire file, not just the digest of a file.

untrusted comment: verify with openbsd-74-base.pub
RWRoyQmAD08ajdRJYwgoC1homYDTdeoVPjmN3KKPYTMR1q4qgURl+IMh72Cv6MhJLtgoV/Q2/I7p+busOoiJgHUvW6bxA06HjwM=
SHA256 (BOOTAA64.EFI) = dee5711fa4502c797650c3c4354178360bf112e2b854cff6f31e7ab0596b4355
SHA256 (BUILDINFO) = 0871fe1e438438bd32ec9ffc2d460fdd73c63600dc359c2b36e2c4ab6f473c98
SHA256 (INSTALL.arm64) = f0c7f82b6eb7479ff41358ff005024517098d681b4df83fb3e029b684a9491f4
SHA256 (base74.tgz) = fa926e58c9f8a172eec5ef2ce0ff9edd5d33bbeb358e79e868372b5eacedbaa5
SHA256 (bsd) = 250eddf69f42ed32e71c324a809a7e6d5a5babded2fe8c134622f553fd0748db
SHA256 (bsd.mp) = 850b5186dfa4851db785d08f44165da3188927e4976023bf634f1ff76e0400ae
SHA256 (bsd.rd) = 81f32e6b342f060221e77528eb5cbc23c570c29aa25d8752c7822d75488e8aee
SHA256 (comp74.tgz) = 1470f016e95231942dc4ae3c9529d93766580725e912dd20c0a115eabac60cc9
SHA256 (game74.tgz) = 41cffbf05f1194ec5976dc357af1eb6f5a382ce80ad00f95566d8015fa69f28a
SHA256 (install74.img) = 09e4d0fe6d3f49f2c4c99b6493142bb808253fa8a8615ae1ca8e5f0759cfebd8
SHA256 (man74.tgz) = a8293717479316c725e57c6dbbb9aa62daaaefce4c72d98841b7262277aa0700
SHA256 (miniroot74.img) = 7b08b2ce081cff6408d183f7152ddcfd2779912104866e4fdf6ae2d864b51142
SHA256 (xbase74.tgz) = 9b80de8f58aa7ad48bf5a201f78a4f77827396dc1178f482252b0e7f87a0142f
SHA256 (xfont74.tgz) = 000e0936929bbcbfc23700d05801e0ba149141b2f656629cf099ce2a08b8188b
SHA256 (xserv74.tgz) = eb28285fbe08321f07df85d6979e2e6566ad8df34e8aa320878c0e5f5c0fab78
SHA256 (xshare74.tgz) = 2b7e11800bfba8147c243d6731f9d8c9767e39adc53f86ba5f7b2837044881a6
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@dehanj