Minisign
Minisign is a dead simple tool to sign files and verify signatures.
It is portable, lightweight, and uses the highly secure Ed25519 public-key signature system.
Creating a key pair
$ minisign -G
The public key is printed and put into the minisign.pub
file. The secret key
is encrypted and saved as a file named ~/.minisign/minisign.key
.
Signing a file
$ minisign -Sm myfile.txt
Or to include a comment in the signature, that will be verified and displayed when verifying the file:
$ minisign -Sm myfile.txt -t 'This comment will be signed as well'
The signature is put into myfile.txt.minisig
.
Starting with version 0.8, multiple files can also be signed at once:
$ minisign -Sm file1.txt file2.txt *.jpg
Verifying a file
$ minisign -Vm myfile.txt -P RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3
or
$ minisign -Vm myfile.txt -p signature.pub
This requires the signature myfile.txt.minisig
to be present in the same
directory.
The public key can either reside in a file (./minisign.pub
by default) or be
directly specified on the command line.
Usage
$ minisign -G [-p pubkey] [-s seckey]
$ minisign -S [-H] [-x sigfile] [-s seckey] [-c untrusted_comment] [-t trusted_comment] -m file
$ minisign -V [-x sigfile] [-p pubkeyfile | -P pubkey] [-o] [-q] -m file
-G generate a new key pair
-S sign a file
-V verify that a signature is valid for a given file
-m <file> file to sign/verify
-o combined with -V, output the file content after verification
-H combined with -S, pre-hash in order to sign large files
-p <pubkeyfile> public key file (default: ./minisign.pub)
-P <pubkey> public key, as a base64 string
-s <seckey> secret key file (default: ~/.minisign/minisign.key)
-x <sigfile> signature file (default: <file>.minisig)
-c <comment> add a one-line untrusted comment
-t <comment> add a one-line trusted comment
-q quiet mode, suppress output
-Q pretty quiet mode, only print the trusted comment
-f force. Combined with -G, overwrite a previous key pair
-v display version number
Trusted comments
Signature files include an untrusted comment line that can be freely modified, even after signature creation.
They also include a second comment line, that cannot be modified without the secret key.
Trusted comments can be used to add instructions or application-specific metadata (intended file name, timestamps, resource identifiers, version numbers to prevent downgrade attacks).
Compilation / installation
Dependencies:
- libsodium
- cmake
Compilation:
$ mkdir build
$ cd build
$ cmake ..
$ make
# make install
Compatibility with OpenBSD signify
Signature written by minisign can be verified using OpenBSD's signify tool: public key files and signature files are compatible.
However, minisign uses a slightly different format to store secret keys.
Minisign signatures include trusted comments in addition to untrusted comments. Trusted comments are signed, thus verified, before being displayed.
This adds two lines to the signature files, that signify silently ignores.
Pre-hashing
By default, signing and verification require as much memory as the size of the file.
Huge files can be signed and verified with very low memory requirements, by pre-hashing the content.
The -H
command-line switch, in combination with -S
, generates a pre-hashed signature (HashEdDSA):
$ minisign -SHm myfile.txt
Verification of such a signature doesn't require any specific switch: the appropriate algorithm will automatically be detected.
Signature format
untrusted comment: <arbitrary text>
base64(<signature_algorithm> || <key_id> || <signature>)
trusted_comment: <arbitrary text>
base64(<global_signature>)
-
signature_algorithm
:Ed
(for PureEdDSA) orED
(for HashedEdDSA) -
key_id
: 8 random bytes, matching the public key -
signature
(PureEdDSA):ed25519(<file data>)
-
signature
(HashedEdDSA):ed25519(Blake2b-512(<file data>))
-
global_signature
:ed25519(<signature> || <trusted_comment>)
Public key format
untrusted comment: <arbitrary text>
base64(<signature_algorithm> || <key_id> || <public_key>)
-
signature_algorithm
:Ed
-
key_id
: 8 random bytes -
public_key
: Ed25519 public key
Secret key format
untrusted comment: <arbitrary text>
base64(<signature_algorithm> || <kdf_algorithm> || <cksum_algorithm> ||
<kdf_salt> || <kdf_opslimit> || <kdf_memlimit> || <keynum_sk>)
-
signature_algorithm
:Ed
-
kdf_algorithm
:Sc
-
cksum_algorithm
:B2
-
kdf_salt
: 32 random bytes -
kdf_opslimit
:crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_SENSITIVE
-
kdf_memlimit
:crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_SENSITIVE
-
keynum_sk
:<kdf_output> ^ (<key_id> || <secret_key> || <public_key> || <checksum>)
, 104 bytes -
key_id
: 8 random bytes -
secret_key
: Ed25519 secret key -
public_key
: Ed25519 public key -
checksum
:Blake2b-256(<signature_algorithm> || <key_id> || <secret_key> || <public_key>)
, 32 bytes