.RI [ item ...]
.br
.B sign
-.RB [ \-0bqv ]
+.RB [ \-0bpqvC ]
.RB [ \-c
.IR comment ]
.RB [ \-k
\h'8n'
.RB [ \-f
.IR file ]
+.RB [ \-h
+.IR file ]
.RB [ \-o
.IR output ]
.br
.B verify
-.RB [ \-qv ]
+.RB [ \-pqvjC ]
.RI [ file ]
.SH DESCRIPTION
The
.B rsapkcs1
This is almost the same as the RSASSA-PKCS1-v1_5 algorithm described in
RFC3447; the difference is that the hash is left bare rather than being
-wrapped in a DER-encoded
+wrapped in a DER-encoded
.B DigestInfo
structure. This doesn't affect security since the key can only be used
with the one hash function anyway, and dropping the DER wrapping permits
to generate the key.
.TP
.B dsa
-This is the DSA algorithm described in FIPS180-1 and FIPS180-2. Use the
+This is the DSA algorithm described in FIPS180-1 and FIPS180-2. Use the
.B dsa
algorithm of the
.B key add
.BR sha .
.hP \*o
For
-.BR kcdsa
+.BR kcdsa
and
.BR eckcdsa ,
the default hash function is
as a comment in the output file. The comment's integrity is protected
by the signature.
.TP
+.BI "\-p, \-\-progress"
+Write a progress meter to standard error while processing large files.
+.TP
.BI "\-f, \-\-file " name
Read filenames from
.I name
instead of from standard input.
.TP
+.BI "\-h, \-\-hashes " name
+Rather than hashing files, read precomputed hashes from the file
+.IR name ,
+which should be in the format produced by
+.BR hashsum (1).
+.TP
.BI "\-o, \-\-output " name
Write output to
.I name
The default is to expire 28 days from creation. Use
.B forever
to make the signature not expire.
+.TP
+.B "\-C, \-\-nocheck"
+Don't check the private key for validity. This makes signing go much
+faster, but at the risk of using a duff key, and potentially leaking
+information about the private key.
.PP
The whitespace-separated format for filenames allows quoting and
escaping of strange characters. The backslash
.TP
.B "\-q, \-\-quiet"
Produce less information output.
+.TP
+.B "\-j, \-\-junk"
+Report files whose hashes have not been checked.
+.TP
+.BI "\-p, \-\-progress"
+Write a progress meter to standard error while processing large files.
+.TP
+.B "\-C, \-\-nocheck"
+Don't check the public key for validity. This makes verification go
+much faster, but at the risk of using a duff key, and potentially
+accepting false signatures.
.PP
Output is written to standard output in a machine-readable format.
Formatting errors cause the program to write a diagnostic to standard
.TP
.BI "BAD " reason
The signature is bad: some file had the wrong hash or the signature is
-invalid.
+invalid.
.TP
.BI "WARN " reason
.B dsig
.BI "OK " message
The signature verified correctly.
.TP
+.BI "JUNK " type " " name
+The file
+.I name
+was found (as a result of the search requested by the
+.RB ` \-j '
+option), but it was not mentioned in the signature file and therefore
+has not been checked.
+.TP
.BI "INFO " note
-Any other information.
+Any other information.
.PP
The information written at the various verbosity levels is as follows.
.hP 0.
.TP
.BR "date: " (3)
The date the signature was made. In a text file, this has the form
-.IB yyyy-mm-dd
+.IB yyyy-mm-dd
.IB hh:mm:ss
.IR timezone ;
in a binary file, it's a 64-bit integer representing the POSIX time.
.BR key (1),
.BR hashsum (1),
.BR catcrypt (1),
+.BR catsign (1),
.BR keyring (5).
.SH AUTHOR
-Mark Wooding, <mdw@nsict.org>
+Mark Wooding, <mdw@distorted.org.uk>