.RI [ item ...]
.br
.B encrypt
-.RB [ \-a ]
+.RB [ \-aC ]
.RB [ \-k
.IR tag ]
.RB [ \-f
.RI [ file ]
.br
.B decrypt
-.RB [ \-aqv ]
+.RB [ \-aqvC ]
.RB [ \-f
.IR format ]
.RB [ \-o
Write output to
.I file
rather than to standard output.
+.TP
+.B "\-C, \-\-nocheck"
+Don't check the public key for validity. This makes encryption go much
+faster, but at the risk of using a duff key.
.SS decrypt
The
.B decrypt
instead of to standard output. The file is written in binary mode.
Fixing line-end conventions is your problem; there are lots of good
tools for dealing with it.
+.TP
+.B "\-C, \-\-nocheck"
+Don't check the private key for validity. This makes decryption go much
+faster, but at the risk of using a duff key, and possibly leaking
+information about the private key.
.PP
Output is written to standard output in a machine-readable format.
Major problems cause the program to write a diagnostic to standard error
enc *e;
#define f_bogus 1u
+#define f_nocheck 2u
for (;;) {
static const struct option opt[] = {
{ "armor", 0, 0, 'a' },
{ "format", OPTF_ARGREQ, 0, 'f' },
{ "output", OPTF_ARGREQ, 0, 'o' },
+ { "nocheck", 0, 0, 'C' },
{ 0, 0, 0, 0 }
};
- i = mdwopt(argc, argv, "k:s:af:o:", opt, 0, 0, 0);
+ i = mdwopt(argc, argv, "k:s:af:o:C", opt, 0, 0, 0);
if (i < 0) break;
switch (i) {
case 'k': kn = optarg; break;
case 'a': ef = "pem"; break;
case 'f': ef = optarg; break;
case 'o': of = optarg; break;
+ case 'C': f |= f_nocheck; break;
default: f |= f_bogus; break;
}
}
key_fulltag(k, &d);
e = initenc(eo, ofp, "CATCRYPT ENCRYPTED MESSAGE");
km = getkem(k, "cckem", 0);
- if ((err = km->ops->check(km)) != 0)
+ if (!(f & f_nocheck) && (err = km->ops->check(km)) != 0)
moan("key %s fails check: %s", d.buf, err);
if (sk) {
dstr_reset(&d);
return (0);
#undef f_bogus
+#undef f_nocheck
}
/*---- Decryption ---------------------------------------------------------*/
#define f_bogus 1u
#define f_buffer 2u
+#define f_nocheck 4u
for (;;) {
static const struct option opt[] = {
{ "buffer", 0, 0, 'b' },
{ "verbose", 0, 0, 'v' },
{ "quiet", 0, 0, 'q' },
+ { "nocheck", 0, 0, 'C' },
{ "format", OPTF_ARGREQ, 0, 'f' },
{ "output", OPTF_ARGREQ, 0, 'o' },
{ 0, 0, 0, 0 }
};
- i = mdwopt(argc, argv, "abf:o:qv", opt, 0, 0, 0);
+ i = mdwopt(argc, argv, "abf:o:qvC", opt, 0, 0, 0);
if (i < 0) break;
switch (i) {
case 'a': ef = "pem"; break;
case 'b': f |= f_buffer; break;
case 'v': verb++; break;
case 'q': if (verb) verb--; break;
+ case 'C': f |= f_nocheck; break;
case 'f': ef = optarg; break;
case 'o': of = optarg; break;
default: f |= f_bogus; break;
s = getsig(sk, "ccsig", 0);
dstr_reset(&d);
key_fulltag(sk, &d);
- if (verb && (err = s->ops->check(s)) != 0)
+ if (!(f & f_nocheck) && verb && (err = s->ops->check(s)) != 0)
printf("WARN verification key %s fails check: %s\n", d.buf, err);
dstr_reset(&d);
dstr_ensure(&d, 1024);
#undef f_bogus
#undef f_buffer
+#undef f_nocheck
}
/*----- Main code ---------------------------------------------------------*/
CMD_ENCODE,
CMD_DECODE,
{ "encrypt", encrypt,
- "encrypt [-a] [-k TAG] [-s TAG] [-f FORMAT]\n\t\
+ "encrypt [-aC] [-k TAG] [-s TAG] [-f FORMAT]\n\t\
[-o OUTPUT] [FILE]", "\
Options:\n\
\n\
-k, --key=TAG Use public encryption key named by TAG.\n\
-s, --sign-key=TAG Use private signature key named by TAG.\n\
-o, --output=FILE Write output to FILE.\n\
+-C, --nocheck Don't check the public key.\n\
" },
{ "decrypt", decrypt,
- "decrypt [-abqv] [-f FORMAT] [-o OUTPUT] [FILE]", "\
+ "decrypt [-abqvC] [-f FORMAT] [-o OUTPUT] [FILE]", "\
Options:\n\
\n\
-a, --armour Same as `-f pem'.\n\
-o, --output=FILE Write output to FILE.\n\
-q, --quiet Produce fewer messages.\n\
-v, --verbose Produce more verbose messages.\n\
+-C, --nocheck Don't check the private key.\n\
" }, /* ' emacs is confused */
{ 0, 0, 0 }
};
.RI [ item ...]
.br
.B sign
-.RB [ \-adt ]
+.RB [ \-adtC ]
.RB [ \-k
.IR tag ]
.RB [ \-f
.RI [ file ]
.br
.B verify
-.RB [ \-aquv ]
+.RB [ \-aquvC ]
.RB [ \-k
.IR tag ]
.RB [ \-f
.TP
.B "\-t, \-\-text"
Read and sign the input as text. This is the default.
+.TP
+.B "\-C, \-\-nocheck"
+Don't check the private key for validity. This makes signing go much
+faster, but at the risk of using a duff key, and potentially leaking
+information about the private key.
.SS verify
The
.B verify
mode as appropriate. The default is to write the message to standard
output unless verifying a detached signature, in which case nothing is
written.
+.TP
+.B "\-C, \-\-nocheck"
+Don't check the public key for validity. This makes verification go
+much faster, but at the risk of using a duff key, and potentially
+accepting false signatures.
.PP
Output is written to standard output in a machine-readable format.
Major problems cause the program to write a diagnostic to standard error
#define F_BOGUS 128u
#define F_BUFFER 256u
#define F_UTC 512u
+#define F_NOCHECK 1024u
/*----- Chunk I/O ---------------------------------------------------------*/
{ "format", OPTF_ARGREQ, 0, 'f' },
{ "output", OPTF_ARGREQ, 0, 'o' },
{ "text", 0, 0, 't' },
+ { "nocheck", 0, 0, 'C' },
{ 0, 0, 0, 0 }
};
- i = mdwopt(argc, argv, "k:f:o:abdt", opt, 0, 0, 0);
+ i = mdwopt(argc, argv, "k:f:o:abdtC", opt, 0, 0, 0);
if (i < 0) break;
switch (i) {
case 'k': kn = optarg; break;
case 't': f &= ~F_BINARY; break;
case 'b': f |= F_BINARY; break;
case 'd': f |= F_DETACH; break;
+ case 'C': f |= F_NOCHECK; break;
default: f |= F_BOGUS; break;
}
}
dstr_reset(&d);
key_fulltag(k, &d);
s.s = getsig(k, "ccsig", 1);
- if ((err = s.s->ops->check(s.s)) != 0)
+ if (!(f & F_NOCHECK) && (err = s.s->ops->check(s.s)) != 0)
moan("key %s fails check: %s", d.buf, err);
keyhash(k, s.s, &s.kh);
e = initenc(eo, ofp,
{ "fresh-time", 0, 0, 't' },
{ "gmt", 0, 0, 'u' },
{ "verbose", 0, 0, 'v' },
+ { "nocheck", 0, 0, 'C' },
{ 0, 0, 0, 0 }
};
i = mdwopt(argc, argv, "k:f:o:abqt:uv", opt, 0, 0, 0);
case 'f': ef = optarg; break;
case 'o': of = optarg; break;
case 'u': v.f |= F_UTC; break;
+ case 'C': v.f |= F_NOCHECK; break;
case 't':
if (strcmp(optarg, "always") == 0) t_fresh = 0;
else if ((t_fresh = get_date(optarg, 0)) < 0)
s.s = getsig(k, "ccsig", 0);
dstr_reset(&d); key_fulltag(k, &d);
- if (v.verb && (err = s.s->ops->check(s.s)) != 0)
+ if (!(v.f & F_NOCHECK) && v.verb && (err = s.s->ops->check(s.s)) != 0)
printf("WARN verification key %s fails check: %s\n", d.buf, err);
dstr_reset(&dd); keyhash(k, s.s, &dd);
CMD_ENCODE,
CMD_DECODE,
{ "sign", sign,
- "sign [-adt] [-k TAG] [-f FORMAT] [-o OUTPUT] [FILE]", "\
+ "sign [-adtC] [-k TAG] [-f FORMAT] [-o OUTPUT] [FILE]", "\
Options:\n\
\n\
-a, --armour Same as `-f pem'.\n\
-k, --key=TAG Use public encryption key named by TAG.\n\
-o, --output=FILE Write output to FILE.\n\
-t, --text Canonify input message as a text file.\n\
+-C, --nocheck Don't check the private key.\n\
" },
{ "verify", verify,
- "verify [-abquv] [-f FORMAT] [-k TAG] [-o OUTPUT]\n\t\
+ "verify [-abquvC] [-f FORMAT] [-k TAG] [-o OUTPUT]\n\t\
[FILE [MESSAGE]]", "\
Options:\n\
\n\
-t, --freshtime=TIME Only accept signatures made after this time.\n\
-u, --utc Show dates in UTC rather than local time.\n\
-v, --verbose Produce more verbose messages.\n\
+-C, --nocheck Don't check the public key.\n\
" },
{ "info", info,
"info [-au] [-f FORMAT] [FILE]", "\
.RI [ item ...]
.br
.B sign
-.RB [ \-0bqv ]
+.RB [ \-0bqvC ]
.RB [ \-c
.IR comment ]
.RB [ \-k
.IR output ]
.br
.B verify
-.RB [ \-qv ]
+.RB [ \-qvC ]
.RI [ file ]
.SH DESCRIPTION
The
The default is to expire 28 days from creation. Use
.B forever
to make the signature not expire.
+.TP
+.B "\-C, \-\-nocheck"
+Don't check the private key for validity. This makes signing go much
+faster, but at the risk of using a duff key, and potentially leaking
+information about the private key.
.PP
The whitespace-separated format for filenames allows quoting and
escaping of strange characters. The backslash
.TP
.B "\-q, \-\-quiet"
Produce less information output.
+.TP
+.B "\-C, \-\-nocheck"
+Don't check the public key for validity. This makes verification go
+much faster, but at the risk of using a duff key, and potentially
+accepting false signatures.
.PP
Output is written to standard output in a machine-readable format.
Formatting errors cause the program to write a diagnostic to standard
#define f_raw 1u
#define f_bin 2u
#define f_bogus 4u
+#define f_nocheck 8u
unsigned f = 0;
const char *ki = "dsig";
{ "output", OPTF_ARGREQ, 0, 'o' },
{ "key", OPTF_ARGREQ, 0, 'k' },
{ "expire", OPTF_ARGREQ, 0, 'e' },
+ { "nocheck", OPTF_ARGREQ, 0, 'C' },
{ 0, 0, 0, 0 }
};
- int i = mdwopt(argc, argv, "+0vqb" "c:" "f:o:" "k:e:", opts, 0, 0, 0);
+ int i = mdwopt(argc, argv, "+0vqbC" "c:" "f:o:" "k:e:", opts, 0, 0, 0);
if (i < 0)
break;
switch (i) {
if (verb > 0)
verb--;
break;
+ case 'C':
+ f |= f_nocheck;
+ break;
case 'c':
c = optarg;
break;
/* --- Check the key --- */
- if ((err = s->ops->check(s)) != 0)
+ if (!(f & f_nocheck) && (err = s->ops->check(s)) != 0)
moan("key `%s' fails check: %s", d.buf, err);
/* --- Open files --- */
#undef f_raw
#undef f_bin
#undef f_bogus
+#undef f_nocheck
}
/*----- Signature verification --------------------------------------------*/
#define f_bogus 1u
#define f_bin 2u
#define f_ok 4u
+#define f_nocheck 8u
unsigned f = 0;
unsigned verb = 1;
static struct option opts[] = {
{ "verbose", 0, 0, 'v' },
{ "quiet", 0, 0, 'q' },
+ { "nocheck", 0, 0, 'C' },
{ 0, 0, 0, 0 }
};
- int i = mdwopt(argc, argv, "+vq", opts, 0, 0, 0);
+ int i = mdwopt(argc, argv, "+vqC", opts, 0, 0, 0);
if (i < 0)
break;
switch (i) {
if (verb)
verb--;
break;
+ case 'C':
+ f |= f_nocheck;
+ break;
default:
f |= f_bogus;
break;
argc -= optind;
argv += optind;
if ((f & f_bogus) || argc > 1)
- die(EXIT_FAILURE, "Usage: verify [-qv] [FILE]");
+ die(EXIT_FAILURE, "Usage: verify [-qvC] [FILE]");
/* --- Open the key file, and start reading the input file --- */
}
s = getsig(k, "dsig", 0);
- if (verb && (err = s->ops->check(s)) != 0)
+ if (!(f & f_nocheck) && verb && (err = s->ops->check(s)) != 0)
printf("WARN public key fails check: %s", err);
for (;;) {
#undef f_bogus
#undef f_bin
#undef f_ok
+#undef f_nocheck
}
/*----- Main code ---------------------------------------------------------*/
{ "help", cmd_help, "help [COMMAND...]" },
{ "show", cmd_show, "show [ITEM...]" },
{ "sign", sign,
- "sign [-0bqv] [-c COMMENT] [-k TAG] [-e EXPIRE]\n\t\
+ "sign [-0bqvC] [-c COMMENT] [-k TAG] [-e EXPIRE]\n\t\
[-f FILE] [-o OUTPUT]",
"\
Options:\n\
-b, --binary Produce a binary output file.\n\
-q, --quiet Produce fewer messages while working.\n\
-v, --verbose Produce more messages while working.\n\
+-C, --nocheck Don't check the private key.\n\
-c, --comment=COMMENT Include COMMENT in the output file.\n\
-f, --file=FILE Read filenames to hash from FILE.\n\
-o, --output=FILE Write the signed result to FILE.\n\
-e, --expire=TIME The signature should expire after TIME.\n\
" },
{ "verify", verify,
- "verify [-qv] [FILE]", "\
+ "verify [-qvC] [FILE]", "\
Options:\n\
\n\
-q, --quiet Produce fewer messages while working.\n\
-v, --verbose Produce more messages while working.\n\
+-C, --nocheck Don't check the public key.\n\
" },
{ 0, 0, 0 }
};
projects / u / mdw / catacomb / commitdiff