sigchk

sign and check files using ed25519
git clone git://z3bra.org/sick
Log | Files | Refs | Submodules | README | LICENSE

commit e21dd3ee49a2fbb43726a63446f6d81cf25bf971
parent ceead9e0c59797bcb6670dee3ab1183ba3f28a03
Author: z3bra <willyatmailoodotorg>
Date:   Fri Apr 29 09:43:04 2016

Add README

Diffstat:
 README | 46 ++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 46 insertions(+), 0 deletions(-)

diff --git a/README b/README @@ -0,0 +1,46 @@ +# sick + +Sign and check files using ed25519. +sick(1) will let your generate private/public key pairs, sign files using your +private key, and check a file signature using public keys stored in a keyring. + +## Generating keys + +To generate a key pair, run + + $ sick -g alice + +It will create the files `alice.key`, which is the private key, and +`alice.pub`, the public key. +If you don't provide any name "ed25519" will be used as a default name. + +## Signing files + +To sign a file, you need to provide the path to your private key: + + $ sick -s -f ~/.keys/priv/alice.key /tmp/archive.tar.bz2 + +This will create a 64 bytes signature and append it after the file. +If you try to sign it again, you will get the following error: + + $ sick -s -f ~/.keys/priv/alice.key /tmp/archive.tar.bz2 + /tmp/archive.tar.bz2: Already signed + +## Checking signatures + +sick(1) uses a keyring to check signatures. The keyring is simply a directory +containing the public keys you trust: + + $ find ~/.keys/trusted -type f + /home/z3bra/.keys/trusted/ + /home/z3bra/.keys/trusted/alice.pub + /home/z3bra/.keys/trusted/bob.pub + +Once your public key is in your keyring, you can start checking files with: + + $ sick /tmp/archive.tar.bz2 + /tmp/archive.tar.bz2 + +If the signature check is successful, the path to the file is printed to +`stdout`. If no public key in your keyring match the signature, the filename +is not printed, and 1 is returned.