Minisign is a simple and convenient command line tool for signing files using Ed25519 and verifying their signatures. This exercise gives a basic introduction to Minisign and demonstrates how you can use it to sign files (e.g., your coursework submissions) and verify the authenticity of files.

Installing Minisign

We recommend that you install and use Minisign on your own PC. If you have a Mac, you can install using Homebrew. On Windows, you can install with the Scoop or Chocolatey package managers. Alternatively, you can download macOS or Windows binaries directly if you prefer.

On Ubuntu Linux, you can add a PPA for Minisign and then install in the usual way:

sudo add-apt-repository ppa:dysfunctionalprogramming/minisign
sudo apt update
sudo apt install minisign

On any Linux (including WSL), you can compile from source – see the Minisign README for further details of the required commands. Note that there are three prerequisites for compilation: CMake, pkg-config and libsodium. You should be able to install all three of these using your Linux distribution’s package manager. (The package name for libsodium will most likely be libsodium-dev.)

A binary that works on SoC Linux machines is available in Minerva.

Generating a Key Pair

1. Once the minisign executable is available in your PATH, you can generate a key pair and output the public key like so:

   minisign -G -p public.key
   

   The -p option is not strictly required but allows you to specify a filename for the public key. By default, the private key will be written to .minisign/minisign.key, under your home directory.

   Note: You will be prompted to supply a password that protects your private key. Make sure you remember it!

   If you ever need to generate a new key pair, replacing the old one, add the -f option to the command above.

2. Submit your public key, using the link provided for this purpose in Minerva. This will ensure that we can verify any signed files that you submit to us – e.g., coursework submissions.

   Keep the public key to help you experiment with signature verification. When you’ve finished this exercise, you can remove it. If you ever need the public key again in future, it can easily be recovered, with

   minisign -R -p public.key
   

Signing a File

1. Download song.txt. This is a small text file containing some song lyrics. Examine the file’s contents in a text editor.

2. Try signing the file with this command:

   minisign -S -m song.txt
   

   Because this operation involves your private key, you will be prompted to enter the password that you chose when you created the key pair.

3. The Ed25519 signature for song.txt is in the file song.txt.minisig. Open this file in a text editor. Refer to the Minisign documentation for a full explanation of the file format. Note, in particular, the inclusion of untrusted comments and trusted comments.

   There are, in fact, two signatures in the signature file: one computed for song.txt, and a second ‘global signature’ computed over the first signature and the trusted comment. This means that verification will fail if either the signed file or the trusted comment have been modified. The untrusted comment is not involved in any way in computation of the signature.

   Minisign will pick suitable defaults for the untrusted and trusted comments, but you can override these with comments of your own choosing, using the -c and -t command line options, respectively.

Verifying a Signature

1. To verify the signature generated for song.txt, enter this:

   minisign -V -m song.txt -p public.key
   

   You won’t be prompted for a password here, because the operation involves a public key, not a private key. Minisign should display the message “Signature and comment signature verified”, followed by the trusted comment.

2. Open song.txt in a text editor. Change the first character, then save the file and try verifying again. This time Minisign should report “Signature verification failed”. Edit song.txt and return it to its original state, then save the file again. Check that the signature now verifies, just as it did before.

3. Now open song.txt.minisig in a text editor. Change a single character of the untrusted comment, then save the file. You should find that the signature still verifies, because the untrusted comment wasn’t used when computing the signature.

4. Finally, open song.txt.minisig in a text editor. Change a single character of the trusted comment, then save the file. You should now find that Minisign reports “Comment signature verification failed”.