projects
/
u
/
mdw
/
catacomb
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
dsig.c: Allow precomputed hashes to be read from a file.
[u/mdw/catacomb]
/
dsig.1
diff --git
a/dsig.1
b/dsig.1
index
10fe6c6
..
ad5b6fe
100644
(file)
--- a/
dsig.1
+++ b/
dsig.1
@@
-44,7
+44,7
@@
is one of:
.RI [ item ...]
.br
.B sign
.RI [ item ...]
.br
.B sign
-.RB [ \-0bqvC ]
+.RB [ \-0b
p
qvC ]
.RB [ \-c
.IR comment ]
.RB [ \-k
.RB [ \-c
.IR comment ]
.RB [ \-k
@@
-55,11
+55,13
@@
is one of:
\h'8n'
.RB [ \-f
.IR file ]
\h'8n'
.RB [ \-f
.IR file ]
+.RB [ \-h
+.IR file ]
.RB [ \-o
.IR output ]
.br
.B verify
.RB [ \-o
.IR output ]
.br
.B verify
-.RB [ \-qvC ]
+.RB [ \-
p
qvC ]
.RI [ file ]
.SH DESCRIPTION
The
.RI [ file ]
.SH DESCRIPTION
The
@@
-123,7
+125,7
@@
for a list of supported signature algorithms.
.B rsapkcs1
This is almost the same as the RSASSA-PKCS1-v1_5 algorithm described in
RFC3447; the difference is that the hash is left bare rather than being
.B rsapkcs1
This is almost the same as the RSASSA-PKCS1-v1_5 algorithm described in
RFC3447; the difference is that the hash is left bare rather than being
-wrapped in a DER-encoded
+wrapped in a DER-encoded
.B DigestInfo
structure. This doesn't affect security since the key can only be used
with the one hash function anyway, and dropping the DER wrapping permits
.B DigestInfo
structure. This doesn't affect security since the key can only be used
with the one hash function anyway, and dropping the DER wrapping permits
@@
-148,7
+150,7
@@
command (see
to generate the key.
.TP
.B dsa
to generate the key.
.TP
.B dsa
-This is the DSA algorithm described in FIPS180-1 and FIPS180-2.
Use the
+This is the DSA algorithm described in FIPS180-1 and FIPS180-2. Use the
.B dsa
algorithm of the
.B key add
.B dsa
algorithm of the
.B key add
@@
-210,7
+212,7
@@
the default hash function is
.BR sha .
.hP \*o
For
.BR sha .
.hP \*o
For
-.BR kcdsa
+.BR kcdsa
and
.BR eckcdsa ,
the default hash function is
and
.BR eckcdsa ,
the default hash function is
@@
-301,11
+303,20
@@
Writes
as a comment in the output file. The comment's integrity is protected
by the signature.
.TP
as a comment in the output file. The comment's integrity is protected
by the signature.
.TP
+.BI "\-p, \-\-progress"
+Write a progress meter to standard error while processing large files.
+.TP
.BI "\-f, \-\-file " name
Read filenames from
.I name
instead of from standard input.
.TP
.BI "\-f, \-\-file " name
Read filenames from
.I name
instead of from standard input.
.TP
+.BI "\-h, \-\-hashes " name
+Rather than hashing files, read precomputed hashes from the file
+.IR name ,
+which should be in the format produced by
+.BR hashsum (1).
+.TP
.BI "\-o, \-\-output " name
Write output to
.I name
.BI "\-o, \-\-output " name
Write output to
.I name
@@
-366,6
+377,9
@@
Produce more informational output. The default verbosity level is 1.
.B "\-q, \-\-quiet"
Produce less information output.
.TP
.B "\-q, \-\-quiet"
Produce less information output.
.TP
+.BI "\-p, \-\-progress"
+Write a progress meter to standard error while processing large files.
+.TP
.B "\-C, \-\-nocheck"
Don't check the public key for validity. This makes verification go
much faster, but at the risk of using a duff key, and potentially
.B "\-C, \-\-nocheck"
Don't check the public key for validity. This makes verification go
much faster, but at the risk of using a duff key, and potentially
@@
-380,7
+394,7
@@
An error prevented verification.
.TP
.BI "BAD " reason
The signature is bad: some file had the wrong hash or the signature is
.TP
.BI "BAD " reason
The signature is bad: some file had the wrong hash or the signature is
-invalid.
+invalid.
.TP
.BI "WARN " reason
.B dsig
.TP
.BI "WARN " reason
.B dsig
@@
-390,7
+404,7
@@
encountered a situation which may or may not invalidate the signature.
The signature verified correctly.
.TP
.BI "INFO " note
The signature verified correctly.
.TP
.BI "INFO " note
-Any other information.
+Any other information.
.PP
The information written at the various verbosity levels is as follows.
.hP 0.
.PP
The information written at the various verbosity levels is as follows.
.hP 0.
@@
-482,7
+496,7
@@
command. This block need not appear.
.TP
.BR "date: " (3)
The date the signature was made. In a text file, this has the form
.TP
.BR "date: " (3)
The date the signature was made. In a text file, this has the form
-.IB yyyy-mm-dd
+.IB yyyy-mm-dd
.IB hh:mm:ss
.IR timezone ;
in a binary file, it's a 64-bit integer representing the POSIX time.
.IB hh:mm:ss
.IR timezone ;
in a binary file, it's a 64-bit integer representing the POSIX time.