PHP implementation of Minisign

Overview

Minisign (PHP)

Support me on Patreon

Linux Build Status Latest Stable Version Latest Unstable Version License Downloads

PHP implementation of Minisign. Powered by Libsodium.

Installing

composer require soatok/minisign

Usage (Command Line)

Creating a key pair

vendor/bin/minisign -G

Signing a file

vendor/bin/minisign -Sm myfile.txt

Or to include a comment in the signature, that will be verified and displayed when verifying the file:

vendor/bin/minisign -Sm myfile.txt -t 'This comment will be signed as well'

The signature is put into myfile.txt.minisig.

Multiple files can also be signed at once:

vendor/bin/minisign -Sm file1.txt file2.txt *.jpg

Verifying a file

vendor/bin/minisign -Vm myfile.txt -P RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3

or

vendor/bin/minisign -Vm myfile.txt -p signature.pub

This requires the signature myfile.txt.minisig to be present in the same directory.

The public key can either reside in a file (./minisign.pub by default) or be directly specified on the command line.

Usage (PHP Code)

Creating a key pair

<?php
use Soatok\Minisign\Core\SecretKey;

$secretKey = SecretKey::generate();
$password = 'correct horse battery staple';
$saveToFile = $secretKey->serialize($password);
\file_put_contents('/path/to/secret.key', $saveToFile);

Signing a file

<?php
use Soatok\Minisign\Core\SecretKey;
use Soatok\Minisign\Core\File\MessageFile;

$trustedComment = 'Trusted comment goes here';
$untrustedComment = 'Untrusted comment; can be changed';
$password = 'correct horse battery staple';
$preHash = false; // Set to TRUE to prehash the file

$secretKey = SecretKey::fromFile('/path/to/secret.key', $password);
$fileToSign = MessageFile::fromFile('/path/to/file');
$signature = $fileToSign->sign(
    $secretKey,
    $preHash,
    $trustedComment,
    $untrustedComment
);

\file_put_contents(
    '/path/to/file.minisig',
    $signature->toSigFile()->getContents()
);

Verifying a file

<?php
use Soatok\Minisign\Core\PublicKey;
use Soatok\Minisign\Core\File\{
    MessageFile,
    SigFile
};

$pk = PublicKey::fromFile('/path/to/minisign.pub');
$fileToCheck = MessageFile::fromFile('/path/to/file');
$signature = SigFile::fromFile('/path/to/file.minisig')->deserialize();
if (!$fileToCheck->verify($pk, $signature)) {
    echo 'Invalid signature!', PHP_EOL;
    exit(1);
}
$trusted = $signature->getTrustedComment();
You might also like...
This package contains a PHP implementation to solve 3D bin packing problems.

3D Bin Packager This package contains a PHP implementation to solve 3d bin packing problems based on gedex implementation on Go and enzoruiz implement

PHP implementation for reading and writing Apache Parquet files/streams

php-parquet This is the first parquet file format reader/writer implementation in PHP, based on the Thrift sources provided by the Apache Foundation.

PHP implementation of PSON

PSON-PHP Information This library is an php implementation of PSON. This software is licensed under the MIT License. Installation You can install this

An open-source Minecraft: Java Edition server implementation, written in PHP.
An open-source Minecraft: Java Edition server implementation, written in PHP.

PHPCraft An open-source Minecraft: Java Edition server implementation, written in PHP. What is PHPCraft? PHPCraft is an open-source Minecraft: Java Ed

Php-file-iterator - FilterIterator implementation that filters files based on a list of suffixes, prefixes, and other exclusion criteria.

php-file-iterator Installation You can add this library as a local, per-project dependency to your project using Composer: composer require phpunit/ph

phly-mustache is a Mustache implementation written for PHP

phly-mustache is a Mustache implementation written for PHP. It conforms to the principles of mustache, and allows for extension of the format via pragmas.

This is a JSONPath implementation for PHP based on Stefan Goessner's JSONPath script.
This is a JSONPath implementation for PHP based on Stefan Goessner's JSONPath script.

JSONPath for PHP This is a JSONPath implementation for PHP based on Stefan Goessner's JSONPath script. JSONPath is an XPath-like expression language f

Swaggest JSON-schema implementation for PHP

Swaggest JSON-schema implementation for PHP High definition PHP structures with JSON-schema based validation. Supported schemas: JSON Schema Draft 7 J

This repository demonstrates exemplary implementation of chat using HTTP and Websocket servers in PHP using Kraken Framework components.
This repository demonstrates exemplary implementation of chat using HTTP and Websocket servers in PHP using Kraken Framework components.

This repository demonstrates exemplary implementation of chat using HTTP and Websocket servers in PHP using Kraken Framework components.

Comments
  • Do not require bash

    Do not require bash

    https://github.com/soatok/minisign-php/blob/77080084240942090761f96cec7d1ddc5be910e4/src/CLITrait.php#L59

    Some code I'm using for this, I think this will be more portable (and simpler)...

            // ask for password
            exec('stty -echo');
            echo 'Password: ';
            $userPass = trim(fgets(STDIN));
            echo PHP_EOL.'Password (repeat): ';
            $userPassRepeat = trim(fgets(STDIN));
            exec('stty echo');
            echo PHP_EOL;
    
    opened by fkooman 8
  • Public key is not deserialized correctly

    Public key is not deserialized correctly

    The public key file is not deserialized correctly - it takes first 8 bytes as keyId and next 32 as the key itself. But the PK actually starts with 2 bytes containing the algorithm used. So the ID and the PK itself are offset by 2 characters.

    For example using the public key in your tests:

    Public key (hex encoded): 45644535c704df22f46c6af7f8916cd65e0f3a45e123b0830a9352de2fdc0f20b0f3bd2e4b724112ad69

    It has 84 characters, which are 42 in binary.

    • First 4 (4564) correspond to (Ed), which is the algorithm
    • Next 16 (4535c704df22f46c) correspond to (6CF422DF04C73545) - the key ID
    • Next 64 (6af7f8916cd65e0f3a45e123b0830a9352de2fdc0f20b0f3bd2e4b724112ad69) correspond to the public key itself.

    Currently tho, we starting to substring from the start for the Key ID and right after for the PK. That results in KeyID containing the algorithm and the public key containing parts of the KeyID. Basically everything is offset by 2 characters.

    You can see that here: https://github.com/soatok/minisign-php/blob/a18de251b094cc07678260202ccc613566938939/src/Core/PublicKey.php#L65

    The fix is really simple - just take the key ID from '2' to '10' and the PK from '10' to '42' Which makes the correct lines:

    $algo = Binary::safeSubstr($decoded, 0, 2); // Ignored, here for info what first 2 characters are
    $keyId = Binary::safeSubstr($decoded, 2, 8);
    $pk = Binary::safeSubstr($decoded, 10, 32);
    

    Here is the documentation of the public key format: https://jedisct1.github.io/minisign/#public-key-format

    opened by vuryss 0
Releases(v0.4.0)
Owner
Soatok Dreamseeker
Cryptografur. **Not for employment, just for fun.**
Soatok Dreamseeker
Php-rpc-server - JSON RPC server implementation for PHP.

JSON RPC Server implementation for PHP. The json-rpc is a very simple protocol. You can see this by reading the protocol specification. This library i

null 4 Sep 28, 2022
A pure PHP implementation of the open Language Server Protocol. Provides static code analysis for PHP for any IDE.

A pure PHP implementation of the open Language Server Protocol. Provides static code analysis for PHP for any IDE.

Felix Becker 1.1k Jan 4, 2023
PHP implementation of circuit breaker pattern.

What is php-circuit-breaker A component helping you gracefully handle outages and timeouts of external services (usually remote, 3rd party services).

ArturEjsmont 169 Jul 28, 2022
Implementation of the Token Bucket algorithm in PHP.

Token Bucket This is a threadsafe implementation of the Token Bucket algorithm in PHP. You can use a token bucket to limit an usage rate for a resourc

null 477 Jan 7, 2023
A PHP implementation of the Unleash protocol aka Feature Flags in GitLab.

A PHP implementation of the Unleash protocol aka Feature Flags in GitLab. This implementation conforms to the official Unleash standards and implement

Dominik Chrástecký 2 Aug 18, 2021
An implementation of the Minecraft: Bedrock Edition protocol in PHP

BedrockProtocol An implementation of the Minecraft: Bedrock Edition protocol in PHP This library implements all of the packets in the Minecraft: Bedro

PMMP 94 Jan 6, 2023
PHP Implementation of PASERK

PASERK (PHP) Platform Agnostic SERialized Keys. Requires PHP 7.1 or newer. PASERK Specification The PASERK Specification can be found in this reposito

Paragon Initiative Enterprises 9 Nov 22, 2022
A minimalistic implementation of Promises for PHP

libPromise A minimalistic implementation of Promises for PHP. Installation via DEVirion Install the DEVirion plugin and start your server. This will c

null 8 Sep 27, 2022
PHP's Promse implementation depends on the Swoole module.

php-promise-swoole PHP's Promse implementation depends on the Swoole module. Promise::allsettled([ /** Timer 调用 */ /** Timer call */

拓荒者 3 Mar 15, 2022
A circular buffer implementation in PHP

Circular Buffer Installation ?? This is a great place for showing how to install the package, see below: Run $ composer require lctrs/circular-buffer

null 1 Jan 11, 2022