Lib.rs

密码学
#public-key #sign #command-line #verify-signature

minisign

一个用于签名文件和验证签名的crate

Frank Denis 5位贡献者 编写

37个版本

0.7.6 2023年12月15日
0.7.5 2023年6月3日
0.7.3 2023年3月6日
0.7.2 2022年12月12日
0.5.11 2019年6月20日

#99 in 密码学

Download history 5167/week @ 2024-04-28 7229/week @ 2024-05-05 6528/week @ 2024-05-12 5737/week @ 2024-05-19 5310/week @ 2024-05-26 6954/week @ 2024-06-02 6448/week @ 2024-06-09 5507/week @ 2024-06-16 4103/week @ 2024-06-23 4716/week @ 2024-06-30 3937/week @ 2024-07-07 4763/week @ 2024-07-14 4100/week @ 2024-07-21 4946/week @ 2024-07-28 3940/week @ 2024-08-04 3589/week @ 2024-08-11

16,865 每月下载量
28 个crate中使用 (13个直接使用)

MIT 许可证

155KB
4.5K SLoC

CI status Last version Documentation

rust-minisign

Minisign签名系统的纯Rust实现。

这是一个crate,旨在供应用程序内部使用。

有关基于此crate并在Rust中重新实现Minisign实用程序的命令行工具,请参阅 rsign2

有关仅验证签名的最小crate,请参阅 minisign-verify

API文档

在docs.rs上的API文档

示例

fn main() {
    extern crate minisign;
    use minisign::{KeyPair, PublicKeyBox, SecretKeyBox, SignatureBox};
    use std::io::Cursor;

    // Generate and return a new key pair
    // The key is encrypted using a password.
    // If `None` is given, the password will be asked for interactively.
    let KeyPair { pk, sk } =
        KeyPair::generate_encrypted_keypair(Some("key password".to_string())).unwrap();

    // In order to be stored to disk, keys have to be converted to "boxes".
    // A box is just a container, with some metadata about its content.
    // Boxes can be converted to/from strings, making them convenient to use for storage.
    let pk_box_str = pk.to_box().unwrap().to_string();
    let sk_box_str = sk
        .to_box(None) // Optional comment about the key
        .unwrap()
        .to_string();

    // `pk_box_str` and `sk_box_str` can now be saved to disk.
    // This is a long-term key pair, that can be used to sign as many files as needed.
    // For conveniency, the `KeyPair::generate_and_write_encrypted_keypair()` function
    // is available: it generates a new key pair, and saves it to disk (or any `Writer`)
    // before returning it.

    // Assuming that `sk_box_str` is something we previously saved and just reloaded,
    // it can be converted back to a secret key box:
    let sk_box = SecretKeyBox::from_string(&sk_box_str).unwrap();

    // and the box can be opened using the password to reveal the original secret key:
    let sk = sk_box
        .into_secret_key(Some("key password".to_string()))
        .unwrap();

    // Now, we can use the secret key to sign anything.
    let data = b"lorem ipsum";
    let data_reader = Cursor::new(data);
    let signature_box = minisign::sign(None, &sk, data_reader, None, None).unwrap();

    // We have a signature! Let's inspect it a little bit.
    println!(
        "Untrusted comment: [{}]",
        signature_box.untrusted_comment().unwrap()
    );
    println!(
        "Trusted comment: [{}]",
        signature_box.trusted_comment().unwrap()
    );

    // Converting the signature box to a string in order to save it is easy.
    let signature_box_str = signature_box.into_string();

    // Now, let's verify the signature.
    // Assuming we just loaded it into `signature_box_str`, get the box back.
    let signature_box = SignatureBox::from_string(&signature_box_str).unwrap();

    // Load the public key from the string.
    let pk_box = PublicKeyBox::from_string(&pk_box_str).unwrap();
    let pk = pk_box.into_public_key().unwrap();

    // And verify the data.
    let data_reader = Cursor::new(data);
    let verified = minisign::verify(&pk, &signature_box, data_reader, true, false, false);
    match verified {
        Ok(()) => println!("Success!"),
        Err(_) => println!("Verification failed"),
    };
}

依赖项

~0.7–11MB
~63K SLoC