.B fingerprint
.RB [ \-f
.IR filter ]
+.RB [ \-p
+.IR style ]
.RB [ \-a
.IR hash ]
.RI [ tag ...]
.B verify
.RB [ \-f
.IR filter ]
+.RB [ \-p
+.IR style ]
.RB [ \-a
.IR hash ]
.I tag
option of the
.B add
command.
+.TP
+.B fpres
+Fingerprint presentation styles, as used by the
+.B fingerprint
+and
+.B verify
+commands.
.SS add
The
.B add
key-generation algorithms have a subsidiary key size.
.TP
.BI "\-p, \-\-parameters " tag
-Selects a key containing parameter values to copy. Not all
-key-generation algorithms allow the use of shared parameters. A new key
-also inherits attributes from its parameter key.
+Selects a key containing parameter values to copy.
+A new key also inherits attributes from its parameter key.
.TP
.BI "\-A, \-\-seedalg " seed-alg
Use the deterministic random number generator algorithm
.I x
\(mu
.IR G .
+.TP
+.B empty
+Generate an empty key, with trivial contents.
+This is useful as a `parameters' key,
+carrying attributes to be applied to other keys
+if they don't require more detailed parameters.
.SS "expire"
Forces keys to immediately expire. An expired key is not chosen when a
program requests a key by its type. The keys to expire are listed by
are fingerprinted. The default is to only fingerprint nonsecret
components.
.TP
+.BI "\-p, \-\-presentation " style
+Write fingerprints in the given
+.IR style .
+See below for a list of presentation styles.
+.TP
.BI "\-a, \-\-algorithm " hash
Names the hashing algorithm. Run
.B key show hash
the filter are fingerprinted. See
.BR keyring (5)
for a description of how key fingerprints are computed.
+.PP
+The fingerprint may be shown in the following styles.
+.TP
+.B hex
+Lowercase hexadecimal, with groups of eight digits separated by hyphens
+(`\-'). This is the default presentation style. (On input, colons are
+also permitted as separators.)
+.TP
+.B base32
+Lowercase Base32 encoding, without `=' padding, with groups of six
+digits separated by colons (`:'). (On input, padding characters are
+ignored.)
.SS "verify"
Check a key's fingerprint against a reference copy. The following
options are supported:
hashed. The default is to only fingerprint nonsecret components. An
error is reported if no part of the key matches.
.TP
+.BI "\-p, \-\-presentation " style
+Expect the
+.I fingerprint
+to be in the given presentation
+.IR style .
+These match the styles produced by the
+.B fingerprint
+command described above.
+.TP
.BI "\-a, \-\-algorithm " hash
Names the hashing algorithm. Run
.B key show hash
for a list of hashing algorithms. The default is
.BR rmd160 .
.PP
-The reference fingerprint is given as hex, in upper or lower case. The
-hash may contain hyphens, colons and whitespace. Other characters are
-not permitted.
+The fingerprint should be provided in the form printed by the
+.B fingerprint
+command, using the same presentation
+.IR style .
+A little flexibility is permitted: separators may be placed anywhere (or
+not at all) and are ignored; whitespace is permitted and ignored; and
+case is ignored in presentation styles which don't make use of both
+upper- and lower-case characters.
.SS "tidy"
Simply reads the keyring from file and writes it back again. This has
the effect of removing any deleted keys from the file.
~mdw / catacomb / blobdiff