projects
/
u
/
mdw
/
catacomb
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
New function and example program computes Fibonacci numbers fairly fast.
[u/mdw/catacomb]
/
dsig.1
diff --git
a/dsig.1
b/dsig.1
index
10fe6c6
..
85056aa
100644
(file)
--- a/
dsig.1
+++ b/
dsig.1
@@
-44,7
+44,7
@@
is one of:
.RI [ item ...]
.br
.B sign
.RI [ item ...]
.br
.B sign
-.RB [ \-0bqvC ]
+.RB [ \-0b
p
qvC ]
.RB [ \-c
.IR comment ]
.RB [ \-k
.RB [ \-c
.IR comment ]
.RB [ \-k
@@
-55,11
+55,13
@@
is one of:
\h'8n'
.RB [ \-f
.IR file ]
\h'8n'
.RB [ \-f
.IR file ]
+.RB [ \-h
+.IR file ]
.RB [ \-o
.IR output ]
.br
.B verify
.RB [ \-o
.IR output ]
.br
.B verify
-.RB [ \-
qv
C ]
+.RB [ \-
pqvj
C ]
.RI [ file ]
.SH DESCRIPTION
The
.RI [ file ]
.SH DESCRIPTION
The
@@
-123,7
+125,7
@@
for a list of supported signature algorithms.
.B rsapkcs1
This is almost the same as the RSASSA-PKCS1-v1_5 algorithm described in
RFC3447; the difference is that the hash is left bare rather than being
.B rsapkcs1
This is almost the same as the RSASSA-PKCS1-v1_5 algorithm described in
RFC3447; the difference is that the hash is left bare rather than being
-wrapped in a DER-encoded
+wrapped in a DER-encoded
.B DigestInfo
structure. This doesn't affect security since the key can only be used
with the one hash function anyway, and dropping the DER wrapping permits
.B DigestInfo
structure. This doesn't affect security since the key can only be used
with the one hash function anyway, and dropping the DER wrapping permits
@@
-148,7
+150,7
@@
command (see
to generate the key.
.TP
.B dsa
to generate the key.
.TP
.B dsa
-This is the DSA algorithm described in FIPS180-1 and FIPS180-2.
Use the
+This is the DSA algorithm described in FIPS180-1 and FIPS180-2. Use the
.B dsa
algorithm of the
.B key add
.B dsa
algorithm of the
.B key add
@@
-210,7
+212,7
@@
the default hash function is
.BR sha .
.hP \*o
For
.BR sha .
.hP \*o
For
-.BR kcdsa
+.BR kcdsa
and
.BR eckcdsa ,
the default hash function is
and
.BR eckcdsa ,
the default hash function is
@@
-301,11
+303,20
@@
Writes
as a comment in the output file. The comment's integrity is protected
by the signature.
.TP
as a comment in the output file. The comment's integrity is protected
by the signature.
.TP
+.BI "\-p, \-\-progress"
+Write a progress meter to standard error while processing large files.
+.TP
.BI "\-f, \-\-file " name
Read filenames from
.I name
instead of from standard input.
.TP
.BI "\-f, \-\-file " name
Read filenames from
.I name
instead of from standard input.
.TP
+.BI "\-h, \-\-hashes " name
+Rather than hashing files, read precomputed hashes from the file
+.IR name ,
+which should be in the format produced by
+.BR hashsum (1).
+.TP
.BI "\-o, \-\-output " name
Write output to
.I name
.BI "\-o, \-\-output " name
Write output to
.I name
@@
-366,6
+377,12
@@
Produce more informational output. The default verbosity level is 1.
.B "\-q, \-\-quiet"
Produce less information output.
.TP
.B "\-q, \-\-quiet"
Produce less information output.
.TP
+.B "\-j, \-\-junk"
+Report files whose hashes have not been checked.
+.TP
+.BI "\-p, \-\-progress"
+Write a progress meter to standard error while processing large files.
+.TP
.B "\-C, \-\-nocheck"
Don't check the public key for validity. This makes verification go
much faster, but at the risk of using a duff key, and potentially
.B "\-C, \-\-nocheck"
Don't check the public key for validity. This makes verification go
much faster, but at the risk of using a duff key, and potentially
@@
-380,7
+397,7
@@
An error prevented verification.
.TP
.BI "BAD " reason
The signature is bad: some file had the wrong hash or the signature is
.TP
.BI "BAD " reason
The signature is bad: some file had the wrong hash or the signature is
-invalid.
+invalid.
.TP
.BI "WARN " reason
.B dsig
.TP
.BI "WARN " reason
.B dsig
@@
-389,8
+406,16
@@
encountered a situation which may or may not invalidate the signature.
.BI "OK " message
The signature verified correctly.
.TP
.BI "OK " message
The signature verified correctly.
.TP
+.BI "JUNK " type " " name
+The file
+.I name
+was found (as a result of the search requested by the
+.RB ` \-j '
+option), but it was not mentioned in the signature file and therefore
+has not been checked.
+.TP
.BI "INFO " note
.BI "INFO " note
-Any other information.
+Any other information.
.PP
The information written at the various verbosity levels is as follows.
.hP 0.
.PP
The information written at the various verbosity levels is as follows.
.hP 0.
@@
-482,7
+507,7
@@
command. This block need not appear.
.TP
.BR "date: " (3)
The date the signature was made. In a text file, this has the form
.TP
.BR "date: " (3)
The date the signature was made. In a text file, this has the form
-.IB yyyy-mm-dd
+.IB yyyy-mm-dd
.IB hh:mm:ss
.IR timezone ;
in a binary file, it's a 64-bit integer representing the POSIX time.
.IB hh:mm:ss
.IR timezone ;
in a binary file, it's a 64-bit integer representing the POSIX time.