Annotation of src/usr.bin/signify/signify.1, Revision 1.6
1.6 ! tedu 1: .\" $OpenBSD: signify.1,v 1.5 2013/12/31 18:18:36 jmc Exp $
1.1 tedu 2: .\"
3: .\"Copyright (c) 2013 Marc Espie <espie@openbsd.org>
4: .\"Copyright (c) 2013 Ted Unangst <tedu@openbsd.org>
5: .\"
6: .\"Permission to use, copy, modify, and distribute this software for any
7: .\"purpose with or without fee is hereby granted, provided that the above
8: .\"copyright notice and this permission notice appear in all copies.
9: .\"
10: .\"THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11: .\"WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12: .\"MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13: .\"ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14: .\"WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15: .\"ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16: .\"OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
1.2 tedu 17: .Dd $Mdocdate: December 31 2013 $
1.1 tedu 18: .Dt SIGNIFY 1
19: .Os
20: .Sh NAME
21: .Nm signify
22: .Nd cryptographically sign and verify files
23: .Sh SYNOPSIS
24: .Nm signify
1.6 ! tedu 25: .Op Fl n
! 26: .Op Fl i Ar input
! 27: .Op Fl o Ar output
! 28: .Op Fl p Ar pubkey
! 29: .Op Fl s Ar seckey
! 30: .Fl G | S | V
1.1 tedu 31: .Sh DESCRIPTION
32: The
33: .Nm
34: utility creates and verifies cryptographic signatures.
1.4 jmc 35: The mode of operation is selected by the
1.6 ! tedu 36: .Fl G ,
! 37: .Fl S ,
! 38: or
1.4 jmc 39: .Fl V
1.6 ! tedu 40: options.
1.4 jmc 41: .Pp
42: The options are as follows:
43: .Bl -tag -width Ds
1.6 ! tedu 44: .It Fl G
! 45: Generate a new keypair.
! 46: .It Fl i Ar input
1.4 jmc 47: Input file to sign or verify.
1.6 ! tedu 48: .It Fl n
1.1 tedu 49: Do not ask for a passphrase during key generation.
50: Otherwise,
51: .Nm
1.4 jmc 52: will prompt the user for a passphrase on the terminal.
1.6 ! tedu 53: .It Fl o Ar output
1.1 tedu 54: The signature file to create or verify.
55: The default is
1.5 jmc 56: .Ar input Ns .sig .
1.6 ! tedu 57: .It Fl p Ar pubkey
1.1 tedu 58: Public key produced by
1.6 ! tedu 59: .Ar G ,
1.1 tedu 60: and used by
1.6 ! tedu 61: .Ar V
1.1 tedu 62: to check a signature.
1.6 ! tedu 63: .It Fl S
! 64: Sign the input file.
! 65: .It Fl s Ar seckey
1.1 tedu 66: Secret (private) key produced by
1.6 ! tedu 67: .Ar G ,
1.1 tedu 68: and used by
1.6 ! tedu 69: .Ar S
1.1 tedu 70: to sign a message.
1.6 ! tedu 71: .It Fl V
! 72: Verify the input file and signature match.
1.1 tedu 73: .El
1.4 jmc 74: .Pp
75: The key and signature files created by
76: .Nm
77: have the same format.
78: The first line of the file is a free form text comment that may be edited,
79: so long as it does not exceed a single line.
80: The second line of the file is the actual key or signature base64 encoded.
1.1 tedu 81: .Sh EXIT STATUS
1.4 jmc 82: .Ex -std signify
83: It may fail because of one of the following reasons:
84: .Pp
1.1 tedu 85: .Bl -bullet -compact
1.4 jmc 86: .It
1.1 tedu 87: Some necessary files do not exist.
88: .It
89: Entered passphrase is incorrect.
90: .It
91: The message file was corrupted and its signature does not match.
92: .It
93: The message file is too large.
94: .El
95: .Sh EXAMPLES
96: Create a new keypair:
1.6 ! tedu 97: .Dl $ signify -p newkey.pub -s newkey.sec -G
1.4 jmc 98: .Pp
99: Sign a file, specifying a signature name:
1.6 ! tedu 100: .Dl $ signify -s key.sec -i message.txt -o msg.sig -S
1.4 jmc 101: .Pp
1.1 tedu 102: Verify a signature, using the default signature name:
1.6 ! tedu 103: .Dl $ signify -p key.pub -i generalsorders.txt -V
1.1 tedu 104: .Sh SEE ALSO
105: .Xr cmp 1 ,
106: .Xr sha256 1 ,
107: .Xr ssh 1
108: .Sh HISTORY
109: The
110: .Nm
111: command first appeared in
112: .Ox 5.5