You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
Adrian Perez de Castro d08ebeaf5d
Updated to upstream CVS sources as of 2020.04.10
4 months ago
.github/workflows [CI] Setup using GitHub actions 6 months ago
libwaive @ cdf7c1688d Update libwaive and pledge_waive.c to use WAIVE_SOCKET 4 years ago
regress regress/run: Redirect to stderr instead of /dev/tty 6 months ago
.gitattributes .gitattributes: Set which files to skip for tarballs 6 months ago
.gitignore Fix memory corruption due to compat.h defines. 1 year ago
.gitmodules Provide a pledge() implementation using waive() 4 years ago
.ycm_extra_conf.py Initial import 6 years ago
CHANGELOG.md Release version 29 5 months ago
COPYING Include ISC license in separate file 5 months ago
Makefile Make: Add convenience targets for static builds 5 months ago
README.md Make: Add convenience targets for static builds 5 months ago
base64.c Updated to upstream CVS sources as of 2015.02.19 5 years ago
bcrypt_pbkdf.c Updated to upstream CVS sources as of 2020.01.13 7 months ago
blf.h Initial import 6 years ago
blowfish.c Updated to upstream sources as of 2015.12.01 4 years ago
compat.h compat: Provide u_uintN_t aliases 5 months ago
crypto_api.c Updated to upstream sources as of 2016.01.06 4 years ago
crypto_api.h Updated to upstream CVS sources as of 2018.09.03 1 year ago
cvs-files Fix explict_bzero.c to do what it's supposed to do. 3 years ago
explicit_bzero.c Fix explict_bzero.c to do what it's supposed to do. 3 years ago
explicit_bzero.h Automatically use glibc's explicit_bzero() where available 3 years ago
fe25519.c Updated to upstream CVS sources as of 2015.07.14 5 years ago
fe25519.h Updated to upstream CVS sources as of 2015.07.14 5 years ago
ge25519.h Updated to upstream CVS sources as of 2015.07.14 5 years ago
ge25519_base.data Updated to upstream CVS sources as of 2016.11.04 3 years ago
helper.c Updated to upstream CVS sources as of 2019.07.16 1 year ago
mod_ed25519.c Initial import 6 years ago
mod_ge25519.c Updated to upstream CVS sources as of 2016.11.04 3 years ago
ohash.c Updated to upstream CVS sources as of 2016.11.04 3 years ago
ohash.h Remove usage of __BEGIN_DECLS/__END_DECLS 4 years ago
pledge_noop.c Update pledge() declaration to the new one in OpenBSD 6.3 1 year ago
pledge_waive.c Update pledge() declaration to the new one in OpenBSD 6.3 1 year ago
sc25519.c Updated to upstream CVS sources as of 2015.07.14 5 years ago
sc25519.h Updated to upstream CVS sources as of 2015.07.14 5 years ago
sha2.c Updated to upstream CVS sources as of 2019.11.04 9 months ago
sha2.h Updated to upstream CVS sources as of 2016.11.04 3 years ago
signify.1 Updated to upstream CVS sources as of 2020.04.10 4 months ago
signify.c Updated to upstream CVS sources as of 2020.02.03 6 months ago
signify.h Updated to upstream CVS sources as of 2019.04.28 1 year ago
timingsafe_bcmp.c Updated to upstream sources as of 2015.12.01 4 years ago
update-cvs-files Update CVSWeb URL in update-cvs-files script 4 years ago
zsig.c Updated to upstream CVS sources as of 2020.01.13 7 months ago

README.md

Signify - Sign and Verify

Build Status

OpenBSD tool to sign and verify signatures on files. This is a portable version which uses libbsd (version 0.8 or newer is required).

See https://www.tedunangst.com/flak/post/signify for more information.

License

Signify is distributed under the terms of the ISC license.

Installation

Some GNU/Linux distributions have readily available packages in their repositories. It is recommended to use these, unless you absolutely need to build from source code:

  • Debian: apt install signify-openbsd
  • Arch Linux: pacman -S signify

Building

Dependencies

  • GNU Make (any version above 3.70).
  • C compiler. Both GCC and Clang are tested and supported.
  • libbsd 0.8 or newer.

If your system does not provide a package for libbsd, it is possible to download and compile it automatically, check the build options section for more details.

Options

The following options can be passed to Make:

  • VERIFY_ONLY=1

    Build only the verification code. Support for signing will not be available in the built signify binary. Note that this is unsupported and compilation may not succeed.

  • BOUNDS_CHECKING=1

    Enables bounds-checking using __attribute__((bounded)). Your compiler must have support for this. Clang 3.4 is known to work.

  • BUNDLED_LIBBSD=1

    Downloads, builds libbsd, and links it statically into Signify. This can be used when the version installed in the system is an unsupported version, or when installing it in the system is not desirable.

    Enabling this option requires wget, xz, tar, and gpg installed on the build system. To avoid downloading files while building, there are two options:

    • make BUNDLED_LIBBSD=1 libbsd-print-urls will print the URLs of the files which need to be downloaded, one per line.
    • make BUNDLED_LIBBSD=1 libbsd-download will download the needed files.

    Pre-downloading the files will avoid hitting the network during build, but will still check the PGP signature of the libbsd tarball.

  • BUNDLED_LIBBSD_VERIFY_GPG=0

    Disables checking the PGP signature of the bundled libbsd tarball. This avoids the need for GnuPG to be installed for building.

  • BUNDLED_LIBBSD_VERIFY_GPG=/path/to/gpg

    Set the path to the gpg binary used for checking signatures. If not specified, the program is searched in the $PATH.

  • MUSL=1

    Enable linking against the Musl libc. At the moment this needs a patched libbsd, so enabling this option will automatically set BUNDLED_LIBBSD=1 and patch the locally-built version.

  • LTO=1

    Perform Link-Time Optimizations. Both your compiler and linker must have support for this. Recent binutils and GCC/Clang are known to work.

  • PLEDGE=…

    Choose among one of the alternative implementations of the pledge(2) system call. For the moment the only supported values are:

    • noop (default): Uses an implementation which does nothing
    • waive (Linux-only): Uses libwaive, which itself uses seccomp filters.

    To use your own implementation, use an empty value, and pass the needed flags for linking its code. For example: make PLEDGE='' EXTRA_LDFLAGS=my-pledge.o.

  • BZERO=…

    Choose which implementation of explicit_bzero(3) to use. Supported values are:

    • libc: Relies on the system C library providing the function definition in the <string.h> header.
    • bundled: Use the portable implementation included with Signify’s source code in explicit_bzero.c.

    The build system will try to detect whether the C library includes the function, and in most cases it will not be needed to specify this option. Providing a value for BZERO disables the automatic detection.

  • EXTRA_CFLAGS=…, EXTRA_LDFLAGS=…

    Additional flags to be passed to the compiler and the linker, respectively.

For example, you can build a size-optimized version with:

make EXTRA_CFLAGS='-Os -s' LTO=1

Convenience Targets

The following Make targets are provided as convenience for building static signify binaries:

  • make static: Build a static binary bundling libbsd and using the system default C library.
  • make static-musl: Build a static binary bundling libbsd using the Musl C library. This will set musl-gcc both as the compiler and linker to use and may not work on systems where this wrapper scripts is not available.

Troubleshooting

  • Problem: Undefined references to clock_gettime.
    Solution: Your system has an old glibc version, you need to pass LDLIBS=-lrt to make.

Other implementations

  • asignify can read signatures generated by Signify (generating them is not yet implemented), and can be used as a library.
  • signify-rs, a re-implementation in Rust. It’s fully compatible with the original implementation.