X-Git-Url: https://git.distorted.org.uk/u/mdw/catacomb/blobdiff_plain/f387fcb17a980fe165218d217b0187a8c279508a..c97fbcf9622edc35b594bf574f553f7f13c21164:/catsign.1 diff --git a/catsign.1 b/catsign.1 index 9eb2398..93fe70d 100644 --- a/catsign.1 +++ b/catsign.1 @@ -44,7 +44,7 @@ is one of: .RI [ item ...] .br .B sign -.RB [ \-adt ] +.RB [ \-adtC ] .RB [ \-k .IR tag ] .RB [ \-f @@ -54,13 +54,15 @@ is one of: .RI [ file ] .br .B verify -.RB [ \-aquv ] +.RB [ \-aquvC ] .RB [ \-k .IR tag ] .RB [ \-f .IR format ] +.RB [ \-t +.IR time ] .br - + .RB [ \-o .IR output ] .RI [ file @@ -79,7 +81,7 @@ is one of: .RB [ \-F .IR format ] .br - + .RB [ \-m .IR file ] .RB [ \-o @@ -146,7 +148,7 @@ on the key, or its type. The .B catsign command deals with signing keys. (Note that .B catsign -uses signing keys in the same way as +uses signing keys in the same way as .BR catcrypt (1).) .PP A @@ -174,7 +176,7 @@ for a list of supported signature algorithms. .B rsapkcs1 This is almost the same as the RSASSA-PKCS1-v1_5 algorithm described in RFC3447; the difference is that the hash is left bare rather than being -wrapped in a DER-encoded +wrapped in a DER-encoded .B DigestInfo structure. This doesn't affect security since the key can only be used with the one hash function anyway, and dropping the DER wrapping permits @@ -199,7 +201,7 @@ command (see to generate the key. .TP .B dsa -This is the DSA algorithm described in FIPS180-1 and FIPS180-2. Use the +This is the DSA algorithm described in FIPS180-1 and FIPS180-2. Use the .B dsa algorithm of the .B key add @@ -241,6 +243,21 @@ algorithm of the command (see .BR key (1)) to generate the key. +.TP +.B mac +This uses a symmetric message-authentication algorithm rather than a +digital signature. The precise message-authentication scheme used is +determined by the +.B mac +attribute on the key, which defaults to +.IB hash -hmac +if unspecified. Use the +.B binary +algorithm of the +.B key add +command (see +.BR key (1)) +to generate the key. .PP As well as the signature algorithm itself, a hash function is used. This is taken from the @@ -261,7 +278,7 @@ the default hash function is .BR sha . .hP \*o For -.BR kcdsa +.BR kcdsa and .BR eckcdsa , the default hash function is @@ -356,7 +373,7 @@ The hash functions which can be used in a key's attribute. .TP .B enc -The encodings which can be applied to encrypted messages; see +The encodings which can be applied to encrypted messages; see .B ENCODINGS above. .SS sign @@ -401,6 +418,11 @@ rather than to standard output. .TP .B "\-t, \-\-text" Read and sign the input as text. This is the default. +.TP +.B "\-C, \-\-nocheck" +Don't check the private key for validity. This makes signing go much +faster, but at the risk of using a duff key, and potentially leaking +information about the private key. .SS verify The .B verify @@ -408,7 +430,7 @@ command checks a signature's validity, producing as output information about the signature and the signed message. .PP The first non-option argument is the name of the file containing the -signature data; this may be omitted or +signature data; this may be omitted or .RB ` \- ' to indicate that the signature be read from standard input. The second non-option argument, if any, is the name of the file to read the message @@ -448,6 +470,15 @@ signature. Using this option causes verification to fail unless the signature header specifies the key named .IR tag . .TP +.BI "\-t, \-\-freshtime " time +Only accept signatures claiming to have been made more recently than +.IR time . +If +.I time +is +.B always +(the default) then any timestamp in the past is acceptable. +.TP .B "\-u, \-\-utc" Show the datestamp in the signature in UTC rather than (your) local time. The synonym @@ -461,6 +492,11 @@ The file is written in text or binary mode as appropriate. The default is to write the message to standard output unless verifying a detached signature, in which case nothing is written. +.TP +.B "\-C, \-\-nocheck" +Don't check the public key for validity. This makes verification go +much faster, but at the risk of using a duff key, and potentially +accepting false signatures. .PP Output is written to standard output in a machine-readable format. Major problems cause the program to write a diagnostic to standard error @@ -497,7 +533,7 @@ All messages. .B Warning! All output written has been checked for authenticity. However, output can fail madway through for many reasons, and the resulting message may -therefore be truncated. Don't rely on the output being complete until +therefore be truncated. Don't rely on the output being complete until .B OK is printed or .B catsign verify @@ -585,7 +621,7 @@ This is a (slightly) more complex operation than re-encoding, though it does not require any cryptographic operations. .PP The first non-option argument is the name of the file containing the -signature data; this may be omitted or +signature data; this may be omitted or .RB ` \- ' to indicate that the signature be read from standard input. The second non-option argument, if any, is the name of the file to read the message @@ -652,7 +688,7 @@ The command encodes an input file according to one of the encodings described above in .BR ENCODINGS . -The input is read from the +The input is read from the .I file given on the command line, or from standard input if none is specified. Options provided are: @@ -686,7 +722,7 @@ The command decodes an input file encoded according to one of the encodings described above in .BR ENCODINGS . -The input is read from the +The input is read from the .I file given on the command line, or from standard input if none is specified. Options provided are: @@ -704,7 +740,7 @@ Set the PEM boundary string to i.e., assuming we're encoding in PEM format, start processing input between .BI "\-\-\-\-\-BEGIN " label "\-\-\-\-\-" -and +and .BI "\-\-\-\-\-END " label "\-\-\-\-\-" lines. Without this option, .B catsign