Crate libsignify
source · [−]Expand description
Create cryptographic signatures for files and verify them.
This is based on signify, the OpenBSD tool to sign and verify signatures on files. It is based on the Ed25519 public-key signature system by Bernstein et al.
libsignify
can verify and create signatures that are interoperable with BSD signify.
You can read more about the ideas and concepts behind signify
in Securing OpenBSD From Us To You.
This crate is #![no_std]
by default, but still relies on liballoc
so your platform must
provide an allocator to use libsignify
.
To enable support for std::error::Error
, enable the std
feature.
Examples
A simple CLI that verifies some example data:
//! Basic example that shows how to verify a signature of some file.
//!
//! You could, for example, replace the file reading with a HTTP client.
use libsignify::{Codeable, PublicKey, Signature};
use std::{fs, path::Path};
fn main() -> Result<(), Box<dyn std::error::Error>> {
println!("verifying signature of message file");
// Boilerplate so this code can run both via `cargo test --doc` and `cargo run --example`.
// Not relevant to the example otherwise.
let base_path = if std::env::var("CARGO_CRATE_NAME").is_ok() {
Path::new("./examples/")
} else {
Path::new("./libsignify/examples/")
};
// First, open the message to verify the validity of.
let message = fs::read(base_path.join("message.txt"))?;
// Then, get the public key of the signer.
let (signer_id, _) = {
let public_key_contents = fs::read_to_string(base_path.join("test_key.pub"))?;
PublicKey::from_base64(&public_key_contents)?
};
// Now, fetch the signature we have for the message.
//
// This could be from anywhere trusted, including a HTTP server for example.
let (signature, _) = {
let signature_contents = fs::read_to_string(base_path.join("message.txt.sig"))?;
Signature::from_base64(&signature_contents)?
};
// With all of the parts needed, the message can be checked now.
match signer_id.verify(&message, &signature) {
Ok(()) => {
println!("message was verified!");
Ok(())
}
Err(e) => {
eprintln!("message did not verify: {}", e);
Err(Box::new(e))
}
}
}
Re-exports
pub use consts::KeyNumber;
Modules
Constants and type definitions from the signify
design.
Structs
Enums
The error type which is returned when some signify
operation fails.
The error that is returned when a file’s contents didn’t adhere
to the signify
file container format.
Key derivation options available when creating a new key.
Traits
A structure that can be converted to and from bytes and the signify
file format.