From: espie <espie@openbsd.org>
Date: Fri, 3 Jan 2014 17:10:27 +0000 (+0000)
Subject: let signify have an actual parameters: the file to sign/verify
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=42efb9f221cdf45f393655202e0342973b227014;p=openbsd

let signify have an actual parameters: the file to sign/verify
clarify SYNOPSIS, as options are highly dependent on the mode.
okay tedu@,
usage suggestion by jmc@
---

diff --git a/usr.bin/signify/signify.1 b/usr.bin/signify/signify.1
index 2344effd866..6045c0176c1 100644
--- a/usr.bin/signify/signify.1
+++ b/usr.bin/signify/signify.1
@@ -1,4 +1,4 @@
-.\" $OpenBSD: signify.1,v 1.6 2014/01/01 17:50:33 tedu Exp $
+.\" $OpenBSD: signify.1,v 1.7 2014/01/03 17:10:27 espie Exp $
 .\"
 .\"Copyright (c) 2013 Marc Espie <espie@openbsd.org>
 .\"Copyright (c) 2013 Ted Unangst <tedu@openbsd.org>
@@ -14,7 +14,7 @@
 .\"WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
 .\"ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 .\"OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-.Dd $Mdocdate: January 1 2014 $
+.Dd $Mdocdate: January 3 2014 $
 .Dt SIGNIFY 1
 .Os
 .Sh NAME
@@ -23,15 +23,25 @@
 .Sh SYNOPSIS
 .Nm signify
 .Op Fl n
-.Op Fl i Ar input
+.Fl p Ar pubkey
+.Fl s Ar seckey
+.Fl G
+.Nm signify
+.Op Fl o Ar output
+.Fl s Ar seckey
+.Fl S
+.Ar input
+.Nm signify
 .Op Fl o Ar output
-.Op Fl p Ar pubkey
-.Op Fl s Ar seckey
-.Fl G | S | V
+.Fl p Ar pubkey
+.Fl V
+.Ar input
 .Sh DESCRIPTION
 The
 .Nm
-utility creates and verifies cryptographic signatures.
+utility creates and verifies cryptographic signatures for
+an input file
+.Ar input .
 The mode of operation is selected by the
 .Fl G ,
 .Fl S ,
@@ -40,11 +50,9 @@ or
 options.
 .Pp
 The options are as follows:
-.Bl -tag -width Ds
+.Bl -tag -width Dssoutput
 .It Fl G
 Generate a new keypair.
-.It Fl i Ar input
-Input file to sign or verify.
 .It Fl n
 Do not ask for a passphrase during key generation.
 Otherwise,
@@ -56,17 +64,17 @@ The default is
 .Ar input Ns .sig .
 .It Fl p Ar pubkey
 Public key produced by
-.Ar G ,
+.Fl G ,
 and used by
-.Ar V
+.Fl V
 to check a signature.
 .It Fl S
 Sign the input file.
 .It Fl s Ar seckey
 Secret (private) key produced by
-.Ar G ,
+.Fl G ,
 and used by
-.Ar S
+.Fl S
 to sign a message.
 .It Fl V
 Verify the input file and signature match.
@@ -94,13 +102,13 @@ The message file is too large.
 .El
 .Sh EXAMPLES
 Create a new keypair:
-.Dl $ signify -p newkey.pub -s newkey.sec -G
+.Dl $ signify -G -p newkey.pub -s newkey.sec
 .Pp
 Sign a file, specifying a signature name:
-.Dl $ signify -s key.sec -i message.txt -o msg.sig -S
+.Dl $ signify -S -s key.sec -o msg.sig message.txt
 .Pp
 Verify a signature, using the default signature name:
-.Dl $ signify -p key.pub -i generalsorders.txt -V
+.Dl $ signify -V -p key.pub generalsorders.txt
 .Sh SEE ALSO
 .Xr cmp 1 ,
 .Xr sha256 1 ,
@@ -109,4 +117,4 @@ Verify a signature, using the default signature name:
 The
 .Nm
 command first appeared in
-.Ox 5.5
+.Ox 5.5 .
diff --git a/usr.bin/signify/signify.c b/usr.bin/signify/signify.c
index bd46cc22042..ff5caea9be0 100644
--- a/usr.bin/signify/signify.c
+++ b/usr.bin/signify/signify.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: signify.c,v 1.8 2014/01/03 15:42:22 espie Exp $ */
+/* $OpenBSD: signify.c,v 1.9 2014/01/03 17:10:27 espie Exp $ */
 /*
  * Copyright (c) 2013 Ted Unangst <tedu@openbsd.org>
  *
@@ -64,8 +64,11 @@ extern char *__progname;
 static void
 usage(void)
 {
-	fprintf(stderr, "usage: %s [-n] [-i input] [-o output] [-p pubkey] [-s seckey] "
-	    "-G | -S | -V\n", __progname);
+	fprintf(stderr, "usage:"
+	    "\t%s [-n] -p pubkey -s seckey -G\n"
+	    "\t%s [-o output] -s seckey -S input\n"
+	    "\t%s [-o output] -p pubkey -V input\n",
+	    __progname, __progname, __progname);
 	exit(1);
 }
 
@@ -339,7 +342,7 @@ main(int argc, char **argv)
 
 	rounds = 42;
 
-	while ((ch = getopt(argc, argv, "GSVi:no:p:s:")) != -1) {
+	while ((ch = getopt(argc, argv, "GSVno:p:s:")) != -1) {
 		switch (ch) {
 		case 'G':
 			if (verb)
@@ -356,9 +359,6 @@ main(int argc, char **argv)
 				usage();
 			verb = VERIFY;
 			break;
-		case 'i':
-			inputfile = optarg;
-			break;
 		case 'n':
 			rounds = 0;
 			break;
@@ -377,30 +377,38 @@ main(int argc, char **argv)
 		}
 	}
 	argc -= optind;
-	if (argc != 0)
-		usage();
+	argv += optind;
 
-	if (inputfile && !sigfile) {
-		if (snprintf(sigfilebuf, sizeof(sigfilebuf), "%s.sig",
-		    inputfile) >= sizeof(sigfilebuf))
-			errx(1, "path too long");
-		sigfile = sigfilebuf;
-	}
+	if (verb == NONE)
+		usage();
 
 	if (verb == GENERATE) {
-		if (!pubkeyfile || !seckeyfile)
+		if (!pubkeyfile || !seckeyfile || argc != 0)
 			usage();
 		generate(pubkeyfile, seckeyfile, rounds);
-	} else if (verb == SIGN) {
-		if (!seckeyfile || !inputfile)
-			usage();
-		sign(seckeyfile, inputfile, sigfile);
-	} else if (verb == VERIFY) {
-		if (!pubkeyfile || !inputfile)
-			usage();
-		verify(pubkeyfile, inputfile, sigfile);
 	} else {
-		usage();
+		if (argc != 1)
+			usage();
+
+		inputfile = argv[0];
+
+		if (!sigfile) {
+			if (snprintf(sigfilebuf, sizeof(sigfilebuf), "%s.sig",
+			    inputfile) >= sizeof(sigfilebuf))
+				errx(1, "path too long");
+			sigfile = sigfilebuf;
+		}
+
+		if (verb == SIGN) {
+			if (!seckeyfile)
+				usage();
+			sign(seckeyfile, inputfile, sigfile);
+		} else if (verb == VERIFY) {
+			if (!pubkeyfile)
+				usage();
+			verify(pubkeyfile, inputfile, sigfile);
+		}
 	}
+
 	return 0;
 }