Workflow

Minisign

Latest version: v0.1.0

Safety actively analyzes 621622 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 1 of 2

0.9

- New option: `-R` to recover the public key from a secret key.
- `minisign` can now be compiled to WebAssembly.
- Error messages have been improved.
- Key derivation is now possible on devices with limited memory.
- Compilation on OpenWRT is now possible using `cmake`.
- A Docker image is now available.
- 64-bit Windows binaries have been added, and macOS binaries are notarized.

0.8

- Multiple files can now be signed at once.
- Support for HaikuOS was added.
- The command-line switch to use custom file names when generating key pairs didn't work properly; this has been fixed.

0.7

- The default location of the secret key was changed to `~/.minisign/minisign.key`.
- Generating a new set of keys (`-G`) doesn't replace an existing key pair any more; the additional `-f` switch is required in order to force this operation.
- Improved error messages and Windows compatibility.
- A man page was added.

0.6

Support for pre-hashing (HashEdDSA) was added.

The `-H` command-line switch, in addition to `-S`, enables HashEdDSA signatures instead of the default, pure EdDSA signatures.

HashEdDSA signatures:
- Require very little memory to be generated and verified, even with huge files
- Are faster to generate and verify than pure EdDSA signatures
- Require Minisign >= 0.6. In particular, they are not compatible with OpenBSD `signify` tool.
- Would not remain secure against (improbable) collisions in the Blake2b-512 hash function.

PureEdDSA signatures (default):
- Require as much memory as the size of the file to sign
- Cannot be used with files whose size is over 1 Gb
- Are compatible with all Minisign versions, as well as OpenBSD `signify`.
- Would remain secure against (improbable) collisions in the Blake2b-512 hash function.

0.5

The return code is now `1` on verification/password error, and `2` for system errors.

Bug fix: `-p` and `-V` could not be used together. It has been fixed.

New option: `-o`, that can be combined with `-V` in order to send the content of the signed file to `stdout` after successful verification.

0.4

New switch: `-Q`, to display only the trusted comment (after verification)

Page 1 of 2

Links

Releases

Has known vulnerabilities

Next

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.