PostQuantum.FileEncryption.Signing 1.4.1

.NET 8.0 This package targets .NET 8.0. The package is compatible with this framework or higher.

Requires NuGet 6.0.0 or higher.

dotnet add package PostQuantum.FileEncryption.Signing --version 1.4.1
                    


                    

                
NuGet\Install-Package PostQuantum.FileEncryption.Signing -Version 1.4.1
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package. 
<PackageReference Include="PostQuantum.FileEncryption.Signing" Version="1.4.1" />
For projects that support PackageReference, copy this XML node into the project file to reference the package. 
<PackageVersion Include="PostQuantum.FileEncryption.Signing" Version="1.4.1" />
                    


                            Directory.Packages.props
                        

                    

                
<PackageReference Include="PostQuantum.FileEncryption.Signing" />
                    


                            Project file
For projects that support Central Package Management (CPM), copy this XML node into the solution Directory.Packages.props file to version the package. 
paket add PostQuantum.FileEncryption.Signing --version 1.4.1
                    


                    

                
#r "nuget: PostQuantum.FileEncryption.Signing, 1.4.1"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package. 
#:package PostQuantum.FileEncryption.Signing@1.4.1
#:package directive can be used in C# file-based apps starting in .NET 10 preview 4. Copy this into a .cs file before any lines of code to reference the package. 
#addin nuget:?package=PostQuantum.FileEncryption.Signing&version=1.4.1
                    


                            Install as a Cake Addin
                        

                    

                
#tool nuget:?package=PostQuantum.FileEncryption.Signing&version=1.4.1
                    


                            Install as a Cake Tool

PostQuantum.FileEncryption.Signing

Detached, post-quantum hybrid signatures for files of any size. Encryption proves a file wasn't altered; a signature proves who produced it. This package signs any file, stream, or buffer — typically a finished .pqfe container — with Ed25519 + ML-DSA-65 (FIPS 204) together, so a signature stays unforgeable even if either algorithm is later broken.

Fully managed (BouncyCastle) — runs anywhere .NET 8 or later runs (net8.0 and net10.0 targets). The content is pre-hashed with streaming SHA-512, so signing a 10 GB backup uses constant memory.

dotnet add package PostQuantum.FileEncryption.Signing --version 1.4.1

Sign and verify a file

using PostQuantum.FileEncryption.Signing;

// Once: generate a key pair; publish PublicKey, guard PrivateKey.
using var keyPair = PqSigningKeyPair.Generate();
byte[] publicKeyBytes = keyPair.PublicKey.Export();   // share this
byte[] privateKeyBytes = keyPair.PrivateKey.Export(); // store this as a secret

// Sign: writes report.pdf.pqfe.sig next to the container (atomic write).
await new PqSigner().SignFileAsync("report.pdf.pqfe", "report.pdf.pqfe.sig", keyPair.PrivateKey);

// Verify: returns on success, throws PqSignatureException on any mismatch.
var publicKey = PqSigningPublicKey.Import(publicKeyBytes);
await new PqVerifier().VerifyFileAsync("report.pdf.pqfe", "report.pdf.pqfe.sig", publicKey);

Streams and in-memory buffers work the same way via SignAsync/SignBytes and VerifyAsync/VerifyBytes.

Fail-closed verification

Verification either succeeds completely or throws. Both signatures must verify — the Ed25519 component and the ML-DSA-65 component — and every cryptographic failure raises the same generic PqSignatureException, so there is no oracle revealing which component failed or why. A structurally invalid signature file (wrong length, bad magic, unknown version) raises PqFormatException before any cryptographic work.

What a detached signature does — and does not — prove

  • ✅ The signed bytes are exactly what the private-key holder signed.
  • ✅ Whoever signed them held the private key matching your trusted public key.
  • ❌ It does not bind the signature to a file name, path, or timestamp.
  • ❌ It does not stop someone who can read the bytes from discarding your .sig and signing the same bytes with their key — trust is anchored in whose public key you verify with, so distribute public keys over a trusted channel.

This is the standard contract of detached signatures (GPG --detach-sign, minisign, signify). See KNOWN-GAPS.md.

Format

The .sig sidecar is 3,379 bytes, versioned, and byte-exactly specified in docs/SIGNATURE-FORMAT.md: a 6-byte header (PQSG, format version, algorithm id) followed by the Ed25519 signature (64 bytes) and the ML-DSA-65 signature (3,309 bytes), both over the domain-separated message Context ‖ SHA-512(content). No change to the .pqfe v2 container format, which remains FROZEN for the 1.x line.

Versioning

This package is kept in lockstep with PostQuantum.FileEncryption: every release of one ships at the same version as the other.

To God be the glory — 1 Corinthians 10:31.

Product Compatible and additional computed target framework versions.
.NET net8.0 is compatible.  net8.0-android was computed.  net8.0-browser was computed.  net8.0-ios was computed.  net8.0-maccatalyst was computed.  net8.0-macos was computed.  net8.0-tvos was computed.  net8.0-windows was computed.  net9.0 was computed.  net9.0-android was computed.  net9.0-browser was computed.  net9.0-ios was computed.  net9.0-maccatalyst was computed.  net9.0-macos was computed.  net9.0-tvos was computed.  net9.0-windows was computed.  net10.0 is compatible.  net10.0-android was computed.  net10.0-browser was computed.  net10.0-ios was computed.  net10.0-maccatalyst was computed.  net10.0-macos was computed.  net10.0-tvos was computed.  net10.0-windows was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages (1)

Showing the top 1 NuGet packages that depend on PostQuantum.FileEncryption.Signing:

Package Downloads
PostQuantum.FileEncryption.Extensions.DependencyInjection

Microsoft.Extensions.DependencyInjection integration for PostQuantum.FileEncryption, for .NET 8 and .NET 10. Adds AddPqFileEncryption(), AddPqHybridFileEncryption(), and AddPqSigning() extension methods that register PqFileEncryptor/PqFileDecryptor, PqHybridEncryptor/PqHybridDecryptor, and PqSigner/PqVerifier as singletons, with optional PqEncryptionOptions. Brings the core library (constant-memory streaming AES-256-GCM over the FROZEN .pqfe v2 container, PBKDF2-HMAC-SHA256 or Argon2id), the production X25519 + ML-KEM-768 hybrid package, and detached Ed25519 + ML-DSA-65 signatures into any host using the standard .NET service container — ASP.NET Core, Worker Services, console hosts. Public API surface locked by Microsoft.CodeAnalysis.PublicApiAnalyzers; CycloneDX SBOM and SLSA-style build-provenance attestation on every release.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last Updated
1.4.1 249 6/13/2026
1.4.0 253 6/13/2026
1.3.0 384 6/13/2026

1.4.1 — tracks PostQuantum.FileEncryption 1.4.1 in lockstep. Documentation and packaging patch only: corrects the package README install snippets and version references that still cited 1.3.0. No change to signing behavior, the .sig sidecar format (v1, docs/SIGNATURE-FORMAT.md), or the .pqfe v2 container format, which remains FROZEN for the 1.x line. See CHANGELOG.md.