-.\" $OpenBSD: signify.1,v 1.6 2014/01/01 17:50:33 tedu Exp $
+.\" $OpenBSD: signify.1,v 1.7 2014/01/03 17:10:27 espie Exp $
.\"
.\"Copyright (c) 2013 Marc Espie <espie@openbsd.org>
.\"Copyright (c) 2013 Ted Unangst <tedu@openbsd.org>
.\"WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
.\"ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\"OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-.Dd $Mdocdate: January 1 2014 $
+.Dd $Mdocdate: January 3 2014 $
.Dt SIGNIFY 1
.Os
.Sh NAME
.Sh SYNOPSIS
.Nm signify
.Op Fl n
-.Op Fl i Ar input
+.Fl p Ar pubkey
+.Fl s Ar seckey
+.Fl G
+.Nm signify
+.Op Fl o Ar output
+.Fl s Ar seckey
+.Fl S
+.Ar input
+.Nm signify
.Op Fl o Ar output
-.Op Fl p Ar pubkey
-.Op Fl s Ar seckey
-.Fl G | S | V
+.Fl p Ar pubkey
+.Fl V
+.Ar input
.Sh DESCRIPTION
The
.Nm
-utility creates and verifies cryptographic signatures.
+utility creates and verifies cryptographic signatures for
+an input file
+.Ar input .
The mode of operation is selected by the
.Fl G ,
.Fl S ,
options.
.Pp
The options are as follows:
-.Bl -tag -width Ds
+.Bl -tag -width Dssoutput
.It Fl G
Generate a new keypair.
-.It Fl i Ar input
-Input file to sign or verify.
.It Fl n
Do not ask for a passphrase during key generation.
Otherwise,
.Ar input Ns .sig .
.It Fl p Ar pubkey
Public key produced by
-.Ar G ,
+.Fl G ,
and used by
-.Ar V
+.Fl V
to check a signature.
.It Fl S
Sign the input file.
.It Fl s Ar seckey
Secret (private) key produced by
-.Ar G ,
+.Fl G ,
and used by
-.Ar S
+.Fl S
to sign a message.
.It Fl V
Verify the input file and signature match.
.El
.Sh EXAMPLES
Create a new keypair:
-.Dl $ signify -p newkey.pub -s newkey.sec -G
+.Dl $ signify -G -p newkey.pub -s newkey.sec
.Pp
Sign a file, specifying a signature name:
-.Dl $ signify -s key.sec -i message.txt -o msg.sig -S
+.Dl $ signify -S -s key.sec -o msg.sig message.txt
.Pp
Verify a signature, using the default signature name:
-.Dl $ signify -p key.pub -i generalsorders.txt -V
+.Dl $ signify -V -p key.pub generalsorders.txt
.Sh SEE ALSO
.Xr cmp 1 ,
.Xr sha256 1 ,
The
.Nm
command first appeared in
-.Ox 5.5
+.Ox 5.5 .
-/* $OpenBSD: signify.c,v 1.8 2014/01/03 15:42:22 espie Exp $ */
+/* $OpenBSD: signify.c,v 1.9 2014/01/03 17:10:27 espie Exp $ */
/*
* Copyright (c) 2013 Ted Unangst <tedu@openbsd.org>
*
static void
usage(void)
{
- fprintf(stderr, "usage: %s [-n] [-i input] [-o output] [-p pubkey] [-s seckey] "
- "-G | -S | -V\n", __progname);
+ fprintf(stderr, "usage:"
+ "\t%s [-n] -p pubkey -s seckey -G\n"
+ "\t%s [-o output] -s seckey -S input\n"
+ "\t%s [-o output] -p pubkey -V input\n",
+ __progname, __progname, __progname);
exit(1);
}
rounds = 42;
- while ((ch = getopt(argc, argv, "GSVi:no:p:s:")) != -1) {
+ while ((ch = getopt(argc, argv, "GSVno:p:s:")) != -1) {
switch (ch) {
case 'G':
if (verb)
usage();
verb = VERIFY;
break;
- case 'i':
- inputfile = optarg;
- break;
case 'n':
rounds = 0;
break;
}
}
argc -= optind;
- if (argc != 0)
- usage();
+ argv += optind;
- if (inputfile && !sigfile) {
- if (snprintf(sigfilebuf, sizeof(sigfilebuf), "%s.sig",
- inputfile) >= sizeof(sigfilebuf))
- errx(1, "path too long");
- sigfile = sigfilebuf;
- }
+ if (verb == NONE)
+ usage();
if (verb == GENERATE) {
- if (!pubkeyfile || !seckeyfile)
+ if (!pubkeyfile || !seckeyfile || argc != 0)
usage();
generate(pubkeyfile, seckeyfile, rounds);
- } else if (verb == SIGN) {
- if (!seckeyfile || !inputfile)
- usage();
- sign(seckeyfile, inputfile, sigfile);
- } else if (verb == VERIFY) {
- if (!pubkeyfile || !inputfile)
- usage();
- verify(pubkeyfile, inputfile, sigfile);
} else {
- usage();
+ if (argc != 1)
+ usage();
+
+ inputfile = argv[0];
+
+ if (!sigfile) {
+ if (snprintf(sigfilebuf, sizeof(sigfilebuf), "%s.sig",
+ inputfile) >= sizeof(sigfilebuf))
+ errx(1, "path too long");
+ sigfile = sigfilebuf;
+ }
+
+ if (verb == SIGN) {
+ if (!seckeyfile)
+ usage();
+ sign(seckeyfile, inputfile, sigfile);
+ } else if (verb == VERIFY) {
+ if (!pubkeyfile)
+ usage();
+ verify(pubkeyfile, inputfile, sigfile);
+ }
}
+
return 0;
}
projects / openbsd / commitdiff