Annotation of src/usr.bin/signify/signify.1, Revision 1.7
1.7 ! espie 1: .\" $OpenBSD: signify.1,v 1.6 2014/01/01 17:50:33 tedu Exp $
1.1 tedu 2: .\"
3: .\"Copyright (c) 2013 Marc Espie <espie@openbsd.org>
4: .\"Copyright (c) 2013 Ted Unangst <tedu@openbsd.org>
5: .\"
6: .\"Permission to use, copy, modify, and distribute this software for any
7: .\"purpose with or without fee is hereby granted, provided that the above
8: .\"copyright notice and this permission notice appear in all copies.
9: .\"
10: .\"THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11: .\"WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12: .\"MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13: .\"ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14: .\"WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15: .\"ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16: .\"OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
1.7 ! espie 17: .Dd $Mdocdate: January 1 2014 $
1.1 tedu 18: .Dt SIGNIFY 1
19: .Os
20: .Sh NAME
21: .Nm signify
22: .Nd cryptographically sign and verify files
23: .Sh SYNOPSIS
24: .Nm signify
1.6 tedu 25: .Op Fl n
1.7 ! espie 26: .Fl p Ar pubkey
! 27: .Fl s Ar seckey
! 28: .Fl G
! 29: .Nm signify
! 30: .Op Fl o Ar output
! 31: .Fl s Ar seckey
! 32: .Fl S
! 33: .Ar input
! 34: .Nm signify
1.6 tedu 35: .Op Fl o Ar output
1.7 ! espie 36: .Fl p Ar pubkey
! 37: .Fl V
! 38: .Ar input
1.1 tedu 39: .Sh DESCRIPTION
40: The
41: .Nm
1.7 ! espie 42: utility creates and verifies cryptographic signatures for
! 43: an input file
! 44: .Ar input .
1.4 jmc 45: The mode of operation is selected by the
1.6 tedu 46: .Fl G ,
47: .Fl S ,
48: or
1.4 jmc 49: .Fl V
1.6 tedu 50: options.
1.4 jmc 51: .Pp
52: The options are as follows:
1.7 ! espie 53: .Bl -tag -width Dssoutput
1.6 tedu 54: .It Fl G
55: Generate a new keypair.
56: .It Fl n
1.1 tedu 57: Do not ask for a passphrase during key generation.
58: Otherwise,
59: .Nm
1.4 jmc 60: will prompt the user for a passphrase on the terminal.
1.6 tedu 61: .It Fl o Ar output
1.1 tedu 62: The signature file to create or verify.
63: The default is
1.5 jmc 64: .Ar input Ns .sig .
1.6 tedu 65: .It Fl p Ar pubkey
1.1 tedu 66: Public key produced by
1.7 ! espie 67: .Fl G ,
1.1 tedu 68: and used by
1.7 ! espie 69: .Fl V
1.1 tedu 70: to check a signature.
1.6 tedu 71: .It Fl S
72: Sign the input file.
73: .It Fl s Ar seckey
1.1 tedu 74: Secret (private) key produced by
1.7 ! espie 75: .Fl G ,
1.1 tedu 76: and used by
1.7 ! espie 77: .Fl S
1.1 tedu 78: to sign a message.
1.6 tedu 79: .It Fl V
80: Verify the input file and signature match.
1.1 tedu 81: .El
1.4 jmc 82: .Pp
83: The key and signature files created by
84: .Nm
85: have the same format.
86: The first line of the file is a free form text comment that may be edited,
87: so long as it does not exceed a single line.
88: The second line of the file is the actual key or signature base64 encoded.
1.1 tedu 89: .Sh EXIT STATUS
1.4 jmc 90: .Ex -std signify
91: It may fail because of one of the following reasons:
92: .Pp
1.1 tedu 93: .Bl -bullet -compact
1.4 jmc 94: .It
1.1 tedu 95: Some necessary files do not exist.
96: .It
97: Entered passphrase is incorrect.
98: .It
99: The message file was corrupted and its signature does not match.
100: .It
101: The message file is too large.
102: .El
103: .Sh EXAMPLES
104: Create a new keypair:
1.7 ! espie 105: .Dl $ signify -G -p newkey.pub -s newkey.sec
1.4 jmc 106: .Pp
107: Sign a file, specifying a signature name:
1.7 ! espie 108: .Dl $ signify -S -s key.sec -o msg.sig message.txt
1.4 jmc 109: .Pp
1.1 tedu 110: Verify a signature, using the default signature name:
1.7 ! espie 111: .Dl $ signify -V -p key.pub generalsorders.txt
1.1 tedu 112: .Sh SEE ALSO
113: .Xr cmp 1 ,
114: .Xr sha256 1 ,
115: .Xr ssh 1
116: .Sh HISTORY
117: The
118: .Nm
119: command first appeared in
1.7 ! espie 120: .Ox 5.5 .