search

aead / minisign

A dead simple tool to sign files and verify digital signatures.
https://jedisct1.github.io/minisign/
MIT License
116 stars 15 forks source link

Reading password from stdin does not work #34

Open beep-beep-beep-boop opened 1 month ago

beep-beep-beep-boop commented 1 month ago

It looks like in #12 support was added for reading pw from stdin, but this isn't working for me.

$ echo 12345678 | minisign -G -s my-key.key -p my-key.pub
Please enter a password to protect the secret key.

Password:
Password (one more time): get_password()

It then exits, and no keys are saved on the disk.

aead commented 1 month ago

@beep-beep-beep-boop I cannot reproduce this.

» echo 12345678 | minisign -G -s my-key.key -p my-key.pub
Deriving a key from the password in order to encrypt the secret key... done

The secret key was saved as my-key.key - Keep it secret!
The public key was saved as my-key.pub - That one can be public.

Files signed using this key pair can be verified with the following command:

minisign -Vm <file> -P RWRhmi/k8vRcsGBkeg8hYWh7+0JAC6HzsuHSIhoWZozOHQ3DJGKKrj/Q
» cat my-key.pub
untrusted comment: minisign public key: B05CF4F2E42F9A61
RWRhmi/k8vRcsGBkeg8hYWh7+0JAC6HzsuHSIhoWZozOHQ3DJGKKrj/Q

» cat my-key.key
untrusted comment: minisign encrypted secret key
RWRTY0IymwhdxsG+nfaUBmiPqP3adwMfszI+k2JkKuYEbM8xNlIAAAACAAAAAAAAAEAAAAAAd8zmq3roqJg86kyH3NLcX5FXZaQ1ZfE5BhD4/9wWFuIJm37cyvfCYsL2hnKkjqbXKuXua2zcbT46ILI/fG/xckFL0mb/e8v7rIjMmNLmfNxSt7f5brdcQ668sZTjs67wrHOMuGOkWNQ=

What's the output of minisign -v