A Rust implementation of Minisign.
All signatures produced by rsign can be verified with minisign and minizign including trusted comments, and vice versa.
In Rust, signatures can also be verified with the minisign-verify crate.
rsign2 is a maintained fork of rsign, originally written by Daniel Rangel.
Main differences with rsign:
rsign2is written in pure Rust.rsign2has way less dependencies.rsign2includes bug fixes and improvements.rsign2supports WebAssembly.
rsign2 is only a command-line tool. It relies on the Minisign crate for all cryptographic operations, which can also be embedded in any application:
rsign generateGenerates a new key pair. The public key is stored in rsign.pub by default. The secret key will be written at ~/.rsign/rsign.key. You can change the default paths with -p and -s respectively.
Use -W to create a key without a password, or --unencrypted to store the secret key without any encryption at all (useful for CI pipelines).
Use -f to overwrite an existing key pair.
rsign sign myfile.txtSign myfile.txt with your secret key. Files are prehashed automatically, so there is no size limit.
You can add a signed trusted comment with:
rsign sign myfile.txt -t "my trusted comment"rsign verify myfile.txt -p rsign.pubOr use a public key string directly:
rsign verify myfile.txt -P <public key string>If the signature file has a custom name (other than myfile.txt.minisig):
rsign verify myfile.txt -P <public key string> -x mysignature.fileUse -q for quiet mode (no output on success), or -o to output the file content after successful verification.
Usage: rsign [COMMAND]
Commands:
generate Generate public and private keys
verify Verify a signed file with a given public key
sign Sign a file with a given private key
help Print this message or the help of the given subcommand(s)
Options:
-h, --help Print help
-V, --version Print version