.RI [ item ...]
.br
.B add
-.RB [ \-lqrLS ]
+.RB [ \-lqrLKS ]
.RB [ \-a
.IR alg ]
.RB [ \-b | \-B
.I tag
.IR attr ...
.br
+.B getattr
+.I tag
+.I attr
+.br
.B lock
.I qtag
.br
.IR hash ]
.RI [ tag ...]
.br
+.B verify
+.RB [ \-f
+.IR filter ]
+.RB [ \-a
+.IR hash ]
+.I tag
+.I fingerprint
+.br
.B tidy
.br
.B extract
.B hash
The hash functions which can be used with the
.B fingerprint
-command.
+and
+.B verify
+commands.
.TP
.B ec
The built-in elliptic curves which can be used with the
Suppresses the progress indication which is usually generated while
time-consuming key generation tasks are being performed.
.TP
-.BI "\-L, --lim-lee"
+.BI "\-L, \-\-lim-lee"
When generating Diffie-Hellman parameters, generate a Lim-Lee prime
rather than a random (or safe) prime. See the details on Diffie-Hellman
key generation below.
.TP
-.BI "\-S, --subgroup"
+.BI "\-K, \-\-kcdsa"
+When generating Diffie-Hellman parameters, generate a KCDSA-style
+Lim-Lee prime rather than a random (or safe) prime. See the details on
+Diffie-Hellman key generation below.
+.TP
+.BI "\-S, \-\-subgroup"
When generating Diffie-Hellman parameters with a Lim-Lee prime, choose a
generator of a prime-order subgroup rather than a subgroup of order
.RI ( p "- 1)/2."
.IR p ;
the default size is 1024 bits.
.IP
-If no
+If no
.I q
size is selected using the
.B \-B
-option and the Lim-Lee prime option is disabled, then
+option and the Lim-Lee prime options are disabled, then
.I p
is chosen to be a `safe' prime (i.e.,
.IR p \ =\ 2 q \ +\ 1,
.IP
If the
.B \-L
-option was given Lim-Lee primes are selected: the parameters are chosen
+option was given, Lim-Lee primes are selected: the parameters are chosen
such that
.IR p \ =\ 2\ q \*(us0\*(ue\ q \*(us1\*(ue\ q \*(us2\*(ue\ ...\ +\ 1,
where the
option (or 256 bits, if no setting was given).
.IP
If the
+.B \-K
+option was given, KCDSA-style Lim-Lee primes are selected: the
+parameters are chosen such that
+.IR p \ =\ 2\ q\ v \ +\ 1,
+where
+.IR p,
+.I q
+and
+.I v
+are primes.
+.IP
+If the
.B \-S
-option was given, the generator
+or
+.B \-K
+options were given, the generator
.I g
is chosen to generate the subgroup of order
.IR q \*(us0\*(ue;
option can be given, in which case the parameters are taken directly
from the provided group specification, which may either be the the name
of one of the built-in groups (say
-.B "key add \-a dh\-param \-C list 42"
+.B "key show dh"
for a list) or a triple
.RI ( p ,\ q ,\ g ).
separated by commas. No random generation is done in this case: the
can be given explicitly (in which case
.RB ` \-b '
is ignored). It can either be the name of a built-in curve (say
-.B "key add \-a ec\-param \-C list 42"
+.B "key show ec"
for a list of curve names) or a full specification. The curve is
checked for correctness and security according to the SEC1
specification: failed checks cause a warning to be issued to standard
then an optional
.RB ` , '
and the representation of the normal element \*(*b; an optional
-.RB ` / ';
+.RB ` ; ';
a
.IR "curve type" ,
which is one of
the two field-element parameters
.I a
and
-.IR b
+.IR b
which define the elliptic curve
.IR E ,
separated by an optional
.RB ` , ';
an optional
-.RB ` / ';
-the
+.RB ` ; ';
+the
.IR x -
and
.IR y -coordinates
.RB ` : ';
the order
.I r
-of the group generated by
+of the group generated by
.IR G ;
an optional
.RB ` * ';
-and the
+and the
.I cofactor
.I h
=
the keyring file format is capable of representing an attribute with an
empty value as distinct from a nonexistant attribute, this interface
does not allow empty attributes to be set.
+.SS "getattr"
+Fetches a single attribute of a key. The key whose attribute is to be
+read is given by its
+.IR tag .
+The attribute's value is written to standard output followed by a
+newline. If the key or attribute is absent, a message is written to
+standard error and the program exits nonzero.
.SS "comment"
Sets, deletes or changes the comment attached to a key. The first
argument is a key tag or keyid which names the key to be modified; the
when you do this!
.SS "fingerprint"
Reports a fingerprint (secure hash) on components of requested keys.
-The following option is supported:
+The following options are supported:
.TP
.BI "\-f, \-\-filter " filter
Specifies a filter. Only keys and key components which match the filter
.TP
.BI "\-a, \-\-algorithm " hash
Names the hashing algorithm. Run
-.B hashsum -a list
+.B key show hash
for a list of hashing algorithms. The default is
.BR rmd160 .
.PP
the filter are fingerprinted. See
.BR keyring (5)
for a description of how key fingerprints are computed.
+.SS "verify"
+Check a key's fingerprint against a reference copy. The following
+options are supported:
+.TP
+.BI "\-f, \-\-filter " filter
+Specifies a filter. Only key components which match the filter are
+hashed. The default is to only fingerprint nonsecret components. An
+error is reported if no part of the key matches.
+.TP
+.BI "\-a, \-\-algorithm " hash
+Names the hashing algorithm. Run
+.B key show hash
+for a list of hashing algorithms. The default is
+.BR rmd160 .
+.PP
+The reference fingerprint is given as hex, in upper or lower case. The
+hash may contain hyphens, colons and whitespace. Other characters are
+not permitted.
.SS "tidy"
Simply reads the keyring from file and writes it back again. This has
the effect of removing any deleted keys from the file.
.SH "SEE ALSO"
.BR keyring (5).
.SH AUTHOR
-Mark Wooding, <mdw@nsict.org>
+Mark Wooding, <mdw@distorted.org.uk>