X-Git-Url: https://git.distorted.org.uk/u/mdw/catacomb/blobdiff_plain/ba6e6b64033b1f9de49feccb5c9cd438354481f7..0f00dc4c8eb47e67bc0f148c2dd109f73a451e0a:/dsig.1 diff --git a/dsig.1 b/dsig.1 deleted file mode 100644 index 85056aa..0000000 --- a/dsig.1 +++ /dev/null @@ -1,548 +0,0 @@ -.\" -*-nroff-*- -.de VS -.sp 1 -.RS -.nf -.ft B -.. -.de VE -.ft R -.fi -.RE -.sp 1 -.. -.ie t \{\ -. if \n(.g \{\ -. fam P -. \} -.\} -.de hP -.IP -.ft B -\h'-\w'\\$1\ 'u'\\$1\ \c -.ft P -.. -.ie t .ds o \(bu -.el .ds o o -.TH dsig 1 "30 September 2004" "Straylight/Edgeware" "Catacomb cryptographic library" -.SH NAME -dsig \- compute and verify signatures on collections of files -.SH SYNOPSIS -.B dsig -.RB [ \-k -.IR keyring ] -.I command -.PP -where -.I command -is one of: -.PP -.B help -.RI [ command ...] -.br -.B show -.RI [ item ...] -.br -.B sign -.RB [ \-0bpqvC ] -.RB [ \-c -.IR comment ] -.RB [ \-k -.IR tag ] -.RB [ \-e -.IR expire ] -.br -\h'8n' -.RB [ \-f -.IR file ] -.RB [ \-h -.IR file ] -.RB [ \-o -.IR output ] -.br -.B verify -.RB [ \-pqvjC ] -.RI [ file ] -.SH DESCRIPTION -The -.B dsig -command signs and verifies signatures on a collection of files. It -provides a number of subcommands, by which the various operations may be -carried out. -.SS "Global options" -Before the command name, -.I "global options" -may be given. The following global options are supported: -.TP -.BR "\-h, \-\-help " [ \fIcommand ...] -Writes a brief summary of -.BR dsig 's -various options to standard output, and returns a successful exit -status. With command names, gives help on those commands. -.TP -.B "\-v, \-\-version" -Writes the program's version number to standard output, and returns a -successful exit status. -.TP -.B "\-u, \-\-usage" -Writes a very terse command line summary to standard output, and returns -a successful exit status. -.TP -.BI "\-k, \-\-keyring " file -Names the keyring file which -.B key -is to process. The default keyring, used if this option doesn't specify -one, is the file named -.B keyring -in the current directory. See -.BR key (1) -and -.BR keyring (5) -for more details about keyring files. -.SH "KEY SETUP" -A -.I sigalgspec -has the form -.IR sig \c -.RB [ / \c -.IR hash ]. -If a -.B sig -attribute is present on the key, then it must have this form; otherwise, -the key's type must have the form -.BI dsig- \c -.IR sigalgspec . -Algorithm selections are taken from appropriately-named attributes, or, -failing that, from the -.IR sigalgspec . -.PP -The signature algorithm is chosen according to the setting of -.I sig -as follows. Run -.B dsig show sig -for a list of supported signature algorithms. -.TP -.B rsapkcs1 -This is almost the same as the RSASSA-PKCS1-v1_5 algorithm described in -RFC3447; the difference is that the hash is left bare rather than being -wrapped in a DER-encoded -.B DigestInfo -structure. This doesn't affect security since the key can only be used -with the one hash function anyway, and dropping the DER wrapping permits -rapid adoption of new hash functions. Regardless, use of this algorithm -is not recommended, since the padding method has been shown vulnerable -to attack. Use the -.B rsa -algorithm of the -.B key add -command (see -.BR key (1)) -to generate the key. -.TP -.B rsapss -This is the RSASSA-PSS algorithm described in RFC3447. It is the -preferred RSA-based signature scheme. Use the -.B rsa -algorithm of the -.B key add -command (see -.BR key (1)) -to generate the key. -.TP -.B dsa -This is the DSA algorithm described in FIPS180-1 and FIPS180-2. Use the -.B dsa -algorithm of the -.B key add -command (see -.BR key (1)) -to generate the key. -.TP -.B ecdsa -This is the ECDSA algorithm described in ANSI X9.62 and FIPS180-2. Use -the -.B ec -algorithm of the -.B key add -command (see -.BR key (1)) -to generate the key. -.TP -.B kcdsa -This is the revised KCDSA (Korean Certificate-based Digital Signature -Algorithm) described in -.I The Revised Version of KCDSA -.RB ( http://dasan.sejong.ac.kr/~chlim/pub/kcdsa1.ps ). -Use the -.B dh -algorithm of the -.B key add -command with the -.B \-LS -options (see -.BR key (1)) -to generate the key. -.TP -.B eckcdsa -This is an unofficial elliptic-curve analogue of the KCDSA algorithm. -Use the -.B ec -algorithm of the -.B key add -command (see -.BR key (1)) -to generate the key. -.PP -As well as the signature algorithm itself, a hash function is used. -This is taken from the -.B hash -attribute on the key, or, failing that, from the -.I hash -specified in the -.IR sigalgspec , -or, if that is absent, determined by the signature algorithm as follows. -.hP \*o -For -.BR rsapkcs1 , -.BR rsapss , -.BR dsa , -and -.BR ecdsa , -the default hash function is -.BR sha . -.hP \*o -For -.BR kcdsa -and -.BR eckcdsa , -the default hash function is -.BR has160 . -.PP -Run -.B dsig show hash -for a list of supported hash functions. -.SH "COMMAND REFERENCE" -.SS help -The -.B help -command behaves exactly as the -.B \-\-help -option. With no arguments, it shows an overview of -.BR dsig 's -options; with arguments, it describes the named subcommands. -.SS show -The -.B show -command prints various lists of tokens understood by -.BR dsig . -With no arguments, it prints all of the lists; with arguments, it prints -just the named lists, in order. The recognized lists can be enumerated -using the -.VS -dsig show list -.VE -command. The lists are as follows. -.TP -.B list -The lists which can be enumerated by the -.B show -command. -.TP -.B sig -The signature algorithms which can be used in a key's -.B sig -attribute. -.TP -.B hash -The hash functions which can be used in a key's -.B hash -attribute. -.SS sign -The -.B sign -command creates a signature for a collection of files. The default -behaviour is to read a list of whitespace-separated file names (see -below for the precise format) from standard input and write the -an output file, containing hashes of the files and a digital signature -made by the key -.B dsig -in the current keyring, to standard output, in plain text with binary -values Base64-encoded. It is intended to be used in conjunction with -.BR find (1). -This behaviour can be modified by specifying command-line options. -.TP -.B "\-0, \-\-null" -Read null-terminated filenames, rather than whitespace-separated names. -This is the recommended mode of operation if you have a -.BR find (1) -which understands the -.B \-print0 -option. -.TP -.B "\-b, \-\-binary" -Produce output in raw binary rather than the textual output. This isn't -a useful thing to do unless you're trying to debug -.BR dsig . -.TP -.B "\-v, \-\-verbose" -Makes -.B dsig -more verbose. At present, this just means that it'll print the hashes -of files that it comes across in hex. (Use -.BR hashsum (1) -if this is the output you actually wanted.) -.TP -.B "\-q, \-\-quiet" -Makes -.B dsig -less verbose. -.TP -.BI "\-c, \-\-comment " string -Writes -.I string -as a comment in the output file. The comment's integrity is protected -by the signature. -.TP -.BI "\-p, \-\-progress" -Write a progress meter to standard error while processing large files. -.TP -.BI "\-f, \-\-file " name -Read filenames from -.I name -instead of from standard input. -.TP -.BI "\-h, \-\-hashes " name -Rather than hashing files, read precomputed hashes from the file -.IR name , -which should be in the format produced by -.BR hashsum (1). -.TP -.BI "\-o, \-\-output " name -Write output to -.I name -instead of to standard output. -.TP -.BI "\-k, \-\-key " tag -Use the key named -.I tag -rather than the default -.BR dsig . -.TP -.BI "\-e, \-\-expire " date -Set the signature to expire at -.IR date . -The default is to expire 28 days from creation. Use -.B forever -to make the signature not expire. -.TP -.B "\-C, \-\-nocheck" -Don't check the private key for validity. This makes signing go much -faster, but at the risk of using a duff key, and potentially leaking -information about the private key. -.PP -The whitespace-separated format for filenames allows quoting and -escaping of strange characters. The backslash -.RB ` \e ' -can be used to escape whitespace, quotes, or other special characters -(including itself), and to represent special characters using the -standard C escape sequences -.RB ` \ea ', -.RB ` \eb ', -.RB ` \ef ', -.RB ` \en ', -.RB ` \et ', -and -.RB ` \eb '. -A filename can be quoted in -.BR ` ... ', -.BR ' ... ' -or -.BR """" ... """". -Whitespace within quotes is part of the filename. The quotes must be at -the beginning and end of the name. -.SS verify -The -.B verify -command will verify signatures made by the -.B sign -command. With no arguments, it expects to read a text-format signature -file from standard input; with an argument, it examines the file it -names to see whether it's text or binary. -.PP -Command-line options provided are: -.TP -.B "\-v, \-\-verbose" -Produce more informational output. The default verbosity level is 1. -.TP -.B "\-q, \-\-quiet" -Produce less information output. -.TP -.B "\-j, \-\-junk" -Report files whose hashes have not been checked. -.TP -.BI "\-p, \-\-progress" -Write a progress meter to standard error while processing large files. -.TP -.B "\-C, \-\-nocheck" -Don't check the public key for validity. This makes verification go -much faster, but at the risk of using a duff key, and potentially -accepting false signatures. -.PP -Output is written to standard output in a machine-readable format. -Formatting errors cause the program to write a diagnostic to standard -error and exit nonzero as usual. Lines begin with a keyword: -.TP -.BI "FAIL " reason -An error prevented verification. -.TP -.BI "BAD " reason -The signature is bad: some file had the wrong hash or the signature is -invalid. -.TP -.BI "WARN " reason -.B dsig -encountered a situation which may or may not invalidate the signature. -.TP -.BI "OK " message -The signature verified correctly. -.TP -.BI "JUNK " type " " name -The file -.I name -was found (as a result of the search requested by the -.RB ` \-j ' -option), but it was not mentioned in the signature file and therefore -has not been checked. -.TP -.BI "INFO " note -Any other information. -.PP -The information written at the various verbosity levels is as follows. -.hP 0. -No output. Watch the exit status. -.B dsig -exits zero if the signature was good. -.hP 1. -All -.BR OK , -.B FAIL -and -.B WARN -messages are printed. -.hP 2. -As for level 1; also -.B BAD -messages are printed describing reasons why the signature verification -failed, and an -.B INFO -message is printed showing the signature file's comment if any. -.hP 3. -As for level 2; also -.B INFO -messages are shown listing the signing program's identification string, -the signing key, the signature and expiry dates, and actual signature -verification. -.hP 4. -As for level 3; also -.B INFO -messages are printed for each file covered, showing its name and hash. -.SH "OUTPUT FORMAT" -There are two output formats: textual and binary. The hash used in the -digital signature is always computed on the -.I binary -version of the data, regardless of the external representation. -.SS "Textual format" -Within the file, whitespace and comments between strings are ignored. A -comment begins with a hash -.RB (` # ') -and extends until the next newline. -.PP -Strings are either quoted or whitespace-delimited. A string may be -quoted by -.BR ` ... ', -.BR ' ... ' -or -.BR """" ... """". -The end-quote character can be backslash-escaped within the string. An -occurrence of the unescaped end-quote character terminates the string. -A whitespace-delimited string is terminated by any unescaped whitespace -character. The C-language escape sequences -.RB ` \ea ', -.RB ` \eb ', -.RB ` \ef ', -.RB ` \en ', -.RB ` \et ', -and -.RB ` \eb ' -are recognized within either kind of string. -.PP -Blocks within the file consist of sequences of strings. The first -string is a -.I tag -\(en a simple string ending in a colon -.RB (` : ') -\(en which describes the format of the remaining strings. -.SS "Binary format" -The file consists of a sequence of blocks, each of which begins with a -tag byte. The format of the test of the block depends on the tag. -Strings are null-terminated; all integers are in network byte order. -.PP -A binary file always begins with an ident block, which has a tag of 0. -.SS "Block types" -The following block types are known. They must appear in the order -given, and except where noted must appear exactly once each. -.TP -.BR "ident: " (0) -Identification string of the generating program. -.BR "keyid: " (1) -The signing key's id, as eight hex digits (text) or a 32-bit integer -(binary). -.TP -.BR "comment: " (2) -The comment string set with the -.B \-c -option to the -.B sign -command. This block need not appear. -.TP -.BR "date: " (3) -The date the signature was made. In a text file, this has the form -.IB yyyy-mm-dd -.IB hh:mm:ss -.IR timezone ; -in a binary file, it's a 64-bit integer representing the POSIX time. -.TP -.BR "expires: " (4) -The expiry time of the signature, expressed as for -.BR date: . -A non-expiring signature is represented by the string -.B forever -in text files, or all-bits-set in binary. -.TP -.BR "file: " (5) -A file hash. In text, this is two strings which are the Base-64-encoded -hash and the file name; in binary, this is a 16-bit hash length, the raw -hash, and the null-terminated filename. There can be any number of -.B file: -blocks. -.TP -.BR "signature: " (6) -The signature. In text, this is the Base-64-encoded signature; in -binary, it is a 16-bit length followed by the binary signature. -.PP -The signature covers the -.I binary -representations of the file's -.BR date: , -.B expires: -and -.B file: -blocks. -.SH "SEE ALSO" -.BR key (1), -.BR hashsum (1), -.BR catcrypt (1), -.BR catsign (1), -.BR keyring (5). -.SH AUTHOR -Mark Wooding,