rsign2
A Rust implementation of Minisign.
All signatures produced by rsign can be verified with minisign and minizign including trusted comments, and vice versa.
In Rust, signatures can also be verified with the minisign-verify crate.
rsign2 is a maintained fork of rsign, originally written by Daniel Rangel.
Main differences with rsign:
rsign2is written in pure Rust.rsign2has way less dependencies.rsign2includes bug fixes and improvements.rsign2supports WebAssembly.
API documentation
rsign2 is only a command-line tool. It relies on the Minisign crate for all cryptographic operations, which can also be embedded in any application:
Usage
Generating a key pair
Generates a new key pair. The public key is stored in rsign.pub by default. The secret key will be written at ~/.rsign/rsign.key. You can change the default paths with -p and -s respectively.
Use -W to create a key without a password, or --unencrypted to store the secret key without any encryption at all (useful for CI pipelines).
Use -f to overwrite an existing key pair.
Signing
Sign myfile.txt with your secret key. Files are prehashed automatically, so there is no size limit.
You can add a signed trusted comment with:
Verifying
Or use a public key string directly:
If the signature file has a custom name (other than myfile.txt.minisig):
Use -q for quiet mode (no output on success), or -o to output the file content after successful verification.
Full help
Usage: rsign [COMMAND]
Commands:
generate Generate public and private keys
verify Verify a signed file with a given public key
sign Sign a file with a given private key
help Print this message or the help of the given subcommand(s)
Options:
-h, --help Print help
-V, --version Print version