sigchk

ed25519 signature management tool (deprecated)
git clone git://z3bra.org/sick
Log | Files | Refs | Submodules | README | LICENSE

README (1415B)


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
# sigchk

Sign and check files using ed25519.
sigchk(1) will let your generate private/public key pairs, sign files using your
private key, and check a file signature using public keys stored in a keyring.

## Generating keys

To generate a key pair, run

	$ sigchk -g alice

It will create the files `alice.key`, which is the private key, and
`alice.pub`, the public key.
If you don't provide any name "ed25519" will be used as a default name.

## Signing files

To sign a file, you need to provide the path to your private key:

	$ sigchk -s -f ~/.keys/priv/alice.key /tmp/archive.tar.bz2

This will create a 64 bytes signature and append it after the file.
If you try to sign it again, you will get the following error:

	$ sigchk -s -f ~/.keys/priv/alice.key /tmp/archive.tar.bz2
	/tmp/archive.tar.bz2: Already signed

## Checking signatures

sigchk(1) uses a keyring to check signatures. The keyring is simply a directory
containing the public keys you trust:

	$ find ~/.keys/trusted -type f
	/home/z3bra/.keys/trusted/
	/home/z3bra/.keys/trusted/alice.pub
	/home/z3bra/.keys/trusted/bob.pub

Once your public key is in your keyring, you can start checking files with:

	$ sigchk /tmp/archive.tar.bz2
	/tmp/archive.tar.bz2

If the signature check is successful, the path to the file is printed to
`stdout`. If no public key in your keyring match the signature, the filename
is not printed, and 1 is returned.