From 42efb9f221cdf45f393655202e0342973b227014 Mon Sep 17 00:00:00 2001 From: espie Date: Fri, 3 Jan 2014 17:10:27 +0000 Subject: [PATCH] let signify have an actual parameters: the file to sign/verify clarify SYNOPSIS, as options are highly dependent on the mode. okay tedu@, usage suggestion by jmc@ --- usr.bin/signify/signify.1 | 44 +++++++++++++++++------------ usr.bin/signify/signify.c | 58 ++++++++++++++++++++++----------------- 2 files changed, 59 insertions(+), 43 deletions(-) diff --git a/usr.bin/signify/signify.1 b/usr.bin/signify/signify.1 index 2344effd866..6045c0176c1 100644 --- a/usr.bin/signify/signify.1 +++ b/usr.bin/signify/signify.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: signify.1,v 1.6 2014/01/01 17:50:33 tedu Exp $ +.\" $OpenBSD: signify.1,v 1.7 2014/01/03 17:10:27 espie Exp $ .\" .\"Copyright (c) 2013 Marc Espie .\"Copyright (c) 2013 Ted Unangst @@ -14,7 +14,7 @@ .\"WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN .\"ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\"OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.Dd $Mdocdate: January 1 2014 $ +.Dd $Mdocdate: January 3 2014 $ .Dt SIGNIFY 1 .Os .Sh NAME @@ -23,15 +23,25 @@ .Sh SYNOPSIS .Nm signify .Op Fl n -.Op Fl i Ar input +.Fl p Ar pubkey +.Fl s Ar seckey +.Fl G +.Nm signify +.Op Fl o Ar output +.Fl s Ar seckey +.Fl S +.Ar input +.Nm signify .Op Fl o Ar output -.Op Fl p Ar pubkey -.Op Fl s Ar seckey -.Fl G | S | V +.Fl p Ar pubkey +.Fl V +.Ar input .Sh DESCRIPTION The .Nm -utility creates and verifies cryptographic signatures. +utility creates and verifies cryptographic signatures for +an input file +.Ar input . The mode of operation is selected by the .Fl G , .Fl S , @@ -40,11 +50,9 @@ or options. .Pp The options are as follows: -.Bl -tag -width Ds +.Bl -tag -width Dssoutput .It Fl G Generate a new keypair. -.It Fl i Ar input -Input file to sign or verify. .It Fl n Do not ask for a passphrase during key generation. Otherwise, @@ -56,17 +64,17 @@ The default is .Ar input Ns .sig . .It Fl p Ar pubkey Public key produced by -.Ar G , +.Fl G , and used by -.Ar V +.Fl V to check a signature. .It Fl S Sign the input file. .It Fl s Ar seckey Secret (private) key produced by -.Ar G , +.Fl G , and used by -.Ar S +.Fl S to sign a message. .It Fl V Verify the input file and signature match. @@ -94,13 +102,13 @@ The message file is too large. .El .Sh EXAMPLES Create a new keypair: -.Dl $ signify -p newkey.pub -s newkey.sec -G +.Dl $ signify -G -p newkey.pub -s newkey.sec .Pp Sign a file, specifying a signature name: -.Dl $ signify -s key.sec -i message.txt -o msg.sig -S +.Dl $ signify -S -s key.sec -o msg.sig message.txt .Pp Verify a signature, using the default signature name: -.Dl $ signify -p key.pub -i generalsorders.txt -V +.Dl $ signify -V -p key.pub generalsorders.txt .Sh SEE ALSO .Xr cmp 1 , .Xr sha256 1 , @@ -109,4 +117,4 @@ Verify a signature, using the default signature name: The .Nm command first appeared in -.Ox 5.5 +.Ox 5.5 . diff --git a/usr.bin/signify/signify.c b/usr.bin/signify/signify.c index bd46cc22042..ff5caea9be0 100644 --- a/usr.bin/signify/signify.c +++ b/usr.bin/signify/signify.c @@ -1,4 +1,4 @@ -/* $OpenBSD: signify.c,v 1.8 2014/01/03 15:42:22 espie Exp $ */ +/* $OpenBSD: signify.c,v 1.9 2014/01/03 17:10:27 espie Exp $ */ /* * Copyright (c) 2013 Ted Unangst * @@ -64,8 +64,11 @@ extern char *__progname; static void usage(void) { - fprintf(stderr, "usage: %s [-n] [-i input] [-o output] [-p pubkey] [-s seckey] " - "-G | -S | -V\n", __progname); + fprintf(stderr, "usage:" + "\t%s [-n] -p pubkey -s seckey -G\n" + "\t%s [-o output] -s seckey -S input\n" + "\t%s [-o output] -p pubkey -V input\n", + __progname, __progname, __progname); exit(1); } @@ -339,7 +342,7 @@ main(int argc, char **argv) rounds = 42; - while ((ch = getopt(argc, argv, "GSVi:no:p:s:")) != -1) { + while ((ch = getopt(argc, argv, "GSVno:p:s:")) != -1) { switch (ch) { case 'G': if (verb) @@ -356,9 +359,6 @@ main(int argc, char **argv) usage(); verb = VERIFY; break; - case 'i': - inputfile = optarg; - break; case 'n': rounds = 0; break; @@ -377,30 +377,38 @@ main(int argc, char **argv) } } argc -= optind; - if (argc != 0) - usage(); + argv += optind; - if (inputfile && !sigfile) { - if (snprintf(sigfilebuf, sizeof(sigfilebuf), "%s.sig", - inputfile) >= sizeof(sigfilebuf)) - errx(1, "path too long"); - sigfile = sigfilebuf; - } + if (verb == NONE) + usage(); if (verb == GENERATE) { - if (!pubkeyfile || !seckeyfile) + if (!pubkeyfile || !seckeyfile || argc != 0) usage(); generate(pubkeyfile, seckeyfile, rounds); - } else if (verb == SIGN) { - if (!seckeyfile || !inputfile) - usage(); - sign(seckeyfile, inputfile, sigfile); - } else if (verb == VERIFY) { - if (!pubkeyfile || !inputfile) - usage(); - verify(pubkeyfile, inputfile, sigfile); } else { - usage(); + if (argc != 1) + usage(); + + inputfile = argv[0]; + + if (!sigfile) { + if (snprintf(sigfilebuf, sizeof(sigfilebuf), "%s.sig", + inputfile) >= sizeof(sigfilebuf)) + errx(1, "path too long"); + sigfile = sigfilebuf; + } + + if (verb == SIGN) { + if (!seckeyfile) + usage(); + sign(seckeyfile, inputfile, sigfile); + } else if (verb == VERIFY) { + if (!pubkeyfile) + usage(); + verify(pubkeyfile, inputfile, sigfile); + } } + return 0; } -- 2.20.1