X-Git-Url: https://git.distorted.org.uk/u/mdw/catacomb/blobdiff_plain/946c3f725423fb5b822d809f1befb8c361ac2625..95d9246390251adba7e6e9f0cc70bf0ebe0b2e60:/dsig.1

diff --git a/dsig.1 b/dsig.1
index 10fe6c6..ad5b6fe 100644
--- a/dsig.1
+++ b/dsig.1
@@ -44,7 +44,7 @@ is one of:
 .RI [ item ...]
 .br
 .B sign
-.RB [ \-0bqvC ]
+.RB [ \-0bpqvC ]
 .RB [ \-c
 .IR comment ]
 .RB [ \-k
@@ -55,11 +55,13 @@ is one of:
 \h'8n'
 .RB [ \-f
 .IR file ]
+.RB [ \-h
+.IR file ]
 .RB [ \-o
 .IR output ]
 .br
 .B verify
-.RB [ \-qvC ]
+.RB [ \-pqvC ]
 .RI [ file ]
 .SH DESCRIPTION
 The
@@ -123,7 +125,7 @@ for a list of supported signature algorithms.
 .B rsapkcs1
 This is almost the same as the RSASSA-PKCS1-v1_5 algorithm described in
 RFC3447; the difference is that the hash is left bare rather than being
-wrapped in a DER-encoded 
+wrapped in a DER-encoded
 .B DigestInfo
 structure.  This doesn't affect security since the key can only be used
 with the one hash function anyway, and dropping the DER wrapping permits
@@ -148,7 +150,7 @@ command (see
 to generate the key.
 .TP
 .B dsa
-This is the DSA algorithm described in FIPS180-1 and FIPS180-2.    Use the
+This is the DSA algorithm described in FIPS180-1 and FIPS180-2.  Use the
 .B dsa
 algorithm of the
 .B key add
@@ -210,7 +212,7 @@ the default hash function is
 .BR sha .
 .hP \*o
 For
-.BR kcdsa 
+.BR kcdsa
 and
 .BR eckcdsa ,
 the default hash function is
@@ -301,11 +303,20 @@ Writes
 as a comment in the output file.  The comment's integrity is protected
 by the signature.
 .TP
+.BI "\-p, \-\-progress"
+Write a progress meter to standard error while processing large files.
+.TP
 .BI "\-f, \-\-file " name
 Read filenames from
 .I name
 instead of from standard input.
 .TP
+.BI "\-h, \-\-hashes " name
+Rather than hashing files, read precomputed hashes from the file
+.IR name ,
+which should be in the format produced by
+.BR hashsum (1).
+.TP
 .BI "\-o, \-\-output " name
 Write output to
 .I name
@@ -366,6 +377,9 @@ Produce more informational output.  The default verbosity level is 1.
 .B "\-q, \-\-quiet"
 Produce less information output.
 .TP
+.BI "\-p, \-\-progress"
+Write a progress meter to standard error while processing large files.
+.TP
 .B "\-C, \-\-nocheck"
 Don't check the public key for validity.  This makes verification go
 much faster, but at the risk of using a duff key, and potentially
@@ -380,7 +394,7 @@ An error prevented verification.
 .TP
 .BI "BAD " reason
 The signature is bad: some file had the wrong hash or the signature is
-invalid. 
+invalid.
 .TP
 .BI "WARN " reason
 .B dsig
@@ -390,7 +404,7 @@ encountered a situation which may or may not invalidate the signature.
 The signature verified correctly.
 .TP
 .BI "INFO " note
-Any other information. 
+Any other information.
 .PP
 The information written at the various verbosity levels is as follows.
 .hP 0.
@@ -482,7 +496,7 @@ command.  This block need not appear.
 .TP
 .BR "date: " (3)
 The date the signature was made.  In a text file, this has the form
-.IB yyyy-mm-dd 
+.IB yyyy-mm-dd
 .IB hh:mm:ss
 .IR timezone ;
 in a binary file, it's a 64-bit integer representing the POSIX time.