mp-modsqrt: Always return the smaller possible square root.

[u/mdw/catacomb] / key.1

diff --git a/key.1 b/key.1
index 07237a7..459a0b3 100644 (file)
--- a/key.1
+++ b/key.1
@@ -98,6 +98,10 @@ is one of:
 .I tag
 .IR attr ...
 .br
 .I tag
 .IR attr ...
 .br

+.B getattr
+.I tag
+.I attr
+.br

 .B lock
 .I qtag
 .br
 .B lock
 .I qtag
 .br


@@ -117,6 +121,14 @@ is one of:
 .IR hash ]
 .RI [ tag ...]
 .br
 .IR hash ]
 .RI [ tag ...]
 .br

+.B verify
+.RB [ \-f
+.IR filter ]
+.RB [ \-a
+.IR hash ]
+.I tag
+.I fingerprint
+.br

 .B tidy
 .br
 .B extract
 .B tidy
 .br
 .B extract


@@ -301,7 +313,9 @@ command.
 .B hash
 The hash functions which can be used with the
 .B fingerprint
 .B hash
 The hash functions which can be used with the
 .B fingerprint

-command.
+and
+.B verify
+commands.

 .TP
 .B ec
 The built-in elliptic curves which can be used with the
 .TP
 .B ec
 The built-in elliptic curves which can be used with the


@@ -613,7 +627,7 @@ Finally, the
 option can be given, in which case the parameters are taken directly
 from the provided group specification, which may either be the the name
 of one of the built-in groups (say
 option can be given, in which case the parameters are taken directly
 from the provided group specification, which may either be the the name
 of one of the built-in groups (say

-.B "key add \-a dh\-param \-C list 42"
+.B "key show dh"

 for a list) or a triple
 .RI ( p ,\  q ,\  g ).
 separated by commas.  No random generation is done in this case: the
 for a list) or a triple
 .RI ( p ,\  q ,\  g ).
 separated by commas.  No random generation is done in this case: the


@@ -715,7 +729,7 @@ A
 can be given explicitly (in which case
 .RB ` \-b '
 is ignored).  It can either be the name of a built-in curve (say
 can be given explicitly (in which case
 .RB ` \-b '
 is ignored).  It can either be the name of a built-in curve (say

-.B "key add \-a ec\-param \-C list 42"
+.B "key show ec"

 for a list of curve names) or a full specification.  The curve is
 checked for correctness and security according to the SEC1
 specification: failed checks cause a warning to be issued to standard
 for a list of curve names) or a full specification.  The curve is
 checked for correctness and security according to the SEC1
 specification: failed checks cause a warning to be issued to standard


@@ -826,6 +840,13 @@ An attribute can be deleted by assigning it an empty value.  Although
 the keyring file format is capable of representing an attribute with an
 empty value as distinct from a nonexistant attribute, this interface
 does not allow empty attributes to be set.
 the keyring file format is capable of representing an attribute with an
 empty value as distinct from a nonexistant attribute, this interface
 does not allow empty attributes to be set.

+.SS "getattr"
+Fetches a single attribute of a key.  The key whose attribute is to be
+read is given by its
+.IR tag .
+The attribute's value is written to standard output followed by a
+newline.  If the key or attribute is absent, a message is written to
+standard error and the program exits nonzero.

 .SS "comment"
 Sets, deletes or changes the comment attached to a key.  The first
 argument is a key tag or keyid which names the key to be modified; the
 .SS "comment"
 Sets, deletes or changes the comment attached to a key.  The first
 argument is a key tag or keyid which names the key to be modified; the


@@ -868,7 +889,7 @@ decrypt locked keys.  Make sure nobody is looking over your shoulder
 when you do this!
 .SS "fingerprint"
 Reports a fingerprint (secure hash) on components of requested keys.
 when you do this!
 .SS "fingerprint"
 Reports a fingerprint (secure hash) on components of requested keys.

-The following option is supported:
+The following options are supported:

 .TP
 .BI "\-f, \-\-filter " filter
 Specifies a filter.  Only keys and key components which match the filter
 .TP
 .BI "\-f, \-\-filter " filter
 Specifies a filter.  Only keys and key components which match the filter


@@ -877,7 +898,7 @@ components.
 .TP
 .BI "\-a, \-\-algorithm " hash
 Names the hashing algorithm.  Run
 .TP
 .BI "\-a, \-\-algorithm " hash
 Names the hashing algorithm.  Run

-.B hashsum -a list
+.B key show hash

 for a list of hashing algorithms.  The default is
 .BR rmd160 .
 .PP
 for a list of hashing algorithms.  The default is
 .BR rmd160 .
 .PP


@@ -886,6 +907,24 @@ command line arguments.  If no key tags are given, all keys which match
 the filter are fingerprinted.  See
 .BR keyring (5)
 for a description of how key fingerprints are computed.
 the filter are fingerprinted.  See
 .BR keyring (5)
 for a description of how key fingerprints are computed.

+.SS "verify"
+Check a key's fingerprint against a reference copy.  The following
+options are supported:
+.TP
+.BI "\-f, \-\-filter " filter
+Specifies a filter.  Only key components which match the filter are
+hashed.  The default is to only fingerprint nonsecret components.  An
+error is reported if no part of the key matches.
+.TP
+.BI "\-a, \-\-algorithm " hash
+Names the hashing algorithm.  Run
+.B key show hash
+for a list of hashing algorithms.  The default is
+.BR rmd160 .
+.PP
+The reference fingerprint is given as hex, in upper or lower case.  The
+hash may contain hyphens, colons and whitespace.  Other characters are
+not permitted.

 .SS "tidy"
 Simply reads the keyring from file and writes it back again.  This has
 the effect of removing any deleted keys from the file.
 .SS "tidy"
 Simply reads the keyring from file and writes it back again.  This has
 the effect of removing any deleted keys from the file.


@@ -913,5 +952,5 @@ you want them to be replaced during the merge.
 .SH "SEE ALSO"
 .BR keyring (5).
 .SH AUTHOR
 .SH "SEE ALSO"
 .BR keyring (5).
 .SH AUTHOR

-Mark Wooding, <mdw@nsict.org>
+Mark Wooding, <mdw@distorted.org.uk>