commit e21dd3ee49a2fbb43726a63446f6d81cf25bf971 parent ceead9e0c59797bcb6670dee3ab1183ba3f28a03 Author: z3bra <willyatmailoodotorg> Date: Fri Apr 29 09:43:04 2016 Add README Diffstat: README | 46 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 46 insertions(+), 0 deletions(-)
diff --git a/README b/README @@ -0,0 +1,46 @@ +# sick + +Sign and check files using ed25519. +sick(1) will let your generate private/public key pairs, sign files using your +private key, and check a file signature using public keys stored in a keyring. + +## Generating keys + +To generate a key pair, run + + $ sick -g alice + +It will create the files `alice.key`, which is the private key, and +`alice.pub`, the public key. +If you don't provide any name "ed25519" will be used as a default name. + +## Signing files + +To sign a file, you need to provide the path to your private key: + + $ sick -s -f ~/.keys/priv/alice.key /tmp/archive.tar.bz2 + +This will create a 64 bytes signature and append it after the file. +If you try to sign it again, you will get the following error: + + $ sick -s -f ~/.keys/priv/alice.key /tmp/archive.tar.bz2 + /tmp/archive.tar.bz2: Already signed + +## Checking signatures + +sick(1) uses a keyring to check signatures. The keyring is simply a directory +containing the public keys you trust: + + $ find ~/.keys/trusted -type f + /home/z3bra/.keys/trusted/ + /home/z3bra/.keys/trusted/alice.pub + /home/z3bra/.keys/trusted/bob.pub + +Once your public key is in your keyring, you can start checking files with: + + $ sick /tmp/archive.tar.bz2 + /tmp/archive.tar.bz2 + +If the signature check is successful, the path to the file is printed to +`stdout`. If no public key in your keyring match the signature, the filename +is not printed, and 1 is returned.