Skip to content

jedisct1/zig-minisign

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

85 Commits
src
src
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
build.zig
build.zig
 
 
build.zig.zon
build.zig.zon
 
 
test_compatibility.sh
test_compatibility.sh
 
 

Repository files navigation

zig-minisign

A Zig implementation of Minisign.

minizign supports signature verification, signing, and key generation.

Compilation

Requires the current master version of Zig.

Compile with:

zig build -Doptimize=ReleaseSmall

for a size-optimized version, or

zig build -Doptimize=ReleaseFast

for a speed-optimized version.

Usage

Usage: -h, --help Display this help and exit -p, --publickey-path <PATH> Public key path to a file -P, --publickey <STRING> Public key, as a BASE64-encoded string -s, --secretkey-path <PATH> Secret key path to a file -l, --legacy Accept legacy signatures -m, --input <PATH> Input file -o, --output <PATH> Output file (signature) -q, --quiet Quiet mode -V, --verify Verify -S, --sign Sign -G, --generate Generate a new key pair -C, --convert Convert the given public key to SSH format -t, --trusted-comment <STRING> Trusted comment -c, --untrusted-comment <STRING> Untrusted comment

Examples

Key Generation

Generate a new key pair:

minizign -G -s minisign.key -p minisign.pub

This will prompt for a password to encrypt the secret key. Leave empty for an unencrypted key.

Signing

Sign a file:

minizign -S -s minisign.key -m file.txt

This creates file.txt.minisig. You can specify a custom output path with -o.

Verification

Verify public-resolvers.md using public-resolvers.md.minisig and the public key file minisign.pub:

minizign -V -p minisign.pub -m public-resolvers.md

Verify public-resolvers.md by directly providing the public key on the command-line:

minizign -V -P RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3 -m public-resolvers.md

SSH-encoded public keys

minizign can encode public keys in SSH format, so that they can be uploaded to GitHub:

minizign -p minisign.pub -C
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHmlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3 minisign key E7620F1842B4E81F

GitHub makes public SSH keys available at https://github.com/<username>.keys.

SSH-encoded keys can be loaded by minizign the same way as native keys, with -p <key file>. They will be automatically recognized as such.

Features

minizign supports prehashing (which can be forced if you know this is how the signature was created), has zero dependencies and can be cross-compiled to anything that Zig can cross-compile to, including WebAssembly.

About

Minisign reimplemented in Zig.

Topics

crypto zig signatures minisign zig-package

Resources

Readme

License

View license
Activity

Stars

78 stars

Watchers

4 watching

Forks

9 forks
Report repository

Releases 2

0.1.7 Latest
Oct 3, 2025
+ 1 release

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •  

Languages