Annotation of src/usr.bin/signify/signify.1, Revision 1.8
1.8 ! tedu 1: .\" $OpenBSD: signify.1,v 1.7 2014/01/03 17:10:27 espie Exp $
1.1 tedu 2: .\"
3: .\"Copyright (c) 2013 Marc Espie <espie@openbsd.org>
4: .\"Copyright (c) 2013 Ted Unangst <tedu@openbsd.org>
5: .\"
6: .\"Permission to use, copy, modify, and distribute this software for any
7: .\"purpose with or without fee is hereby granted, provided that the above
8: .\"copyright notice and this permission notice appear in all copies.
9: .\"
10: .\"THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11: .\"WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12: .\"MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13: .\"ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14: .\"WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15: .\"ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16: .\"OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
1.8 ! tedu 17: .Dd $Mdocdate: January 3 2014 $
1.1 tedu 18: .Dt SIGNIFY 1
19: .Os
20: .Sh NAME
21: .Nm signify
22: .Nd cryptographically sign and verify files
23: .Sh SYNOPSIS
24: .Nm signify
1.6 tedu 25: .Op Fl n
1.7 espie 26: .Fl p Ar pubkey
27: .Fl s Ar seckey
28: .Fl G
29: .Nm signify
1.8 ! tedu 30: .Op Fl e
1.7 espie 31: .Op Fl o Ar output
32: .Fl s Ar seckey
33: .Fl S
1.8 ! tedu 34: .Ar message
1.7 espie 35: .Nm signify
1.8 ! tedu 36: .Op Fl e
1.6 tedu 37: .Op Fl o Ar output
1.7 espie 38: .Fl p Ar pubkey
39: .Fl V
1.8 ! tedu 40: .Ar message
1.1 tedu 41: .Sh DESCRIPTION
42: The
43: .Nm
1.7 espie 44: utility creates and verifies cryptographic signatures for
45: an input file
1.8 ! tedu 46: .Ar message .
1.4 jmc 47: The mode of operation is selected by the
1.6 tedu 48: .Fl G ,
49: .Fl S ,
50: or
1.4 jmc 51: .Fl V
1.6 tedu 52: options.
1.4 jmc 53: .Pp
54: The options are as follows:
1.7 espie 55: .Bl -tag -width Dssoutput
1.8 ! tedu 56: .It Fl e
! 57: Embed the message after the signature when signing.
! 58: For verification, extract the message from the signature.
1.6 tedu 59: .It Fl G
60: Generate a new keypair.
61: .It Fl n
1.1 tedu 62: Do not ask for a passphrase during key generation.
63: Otherwise,
64: .Nm
1.4 jmc 65: will prompt the user for a passphrase on the terminal.
1.8 ! tedu 66: .It Fl o Ar sigfile
1.1 tedu 67: The signature file to create or verify.
68: The default is
1.5 jmc 69: .Ar input Ns .sig .
1.6 tedu 70: .It Fl p Ar pubkey
1.1 tedu 71: Public key produced by
1.7 espie 72: .Fl G ,
1.1 tedu 73: and used by
1.7 espie 74: .Fl V
1.1 tedu 75: to check a signature.
1.6 tedu 76: .It Fl S
77: Sign the input file.
78: .It Fl s Ar seckey
1.1 tedu 79: Secret (private) key produced by
1.7 espie 80: .Fl G ,
1.1 tedu 81: and used by
1.7 espie 82: .Fl S
1.1 tedu 83: to sign a message.
1.6 tedu 84: .It Fl V
85: Verify the input file and signature match.
1.1 tedu 86: .El
1.4 jmc 87: .Pp
88: The key and signature files created by
89: .Nm
90: have the same format.
91: The first line of the file is a free form text comment that may be edited,
92: so long as it does not exceed a single line.
93: The second line of the file is the actual key or signature base64 encoded.
1.1 tedu 94: .Sh EXIT STATUS
1.4 jmc 95: .Ex -std signify
96: It may fail because of one of the following reasons:
97: .Pp
1.1 tedu 98: .Bl -bullet -compact
1.4 jmc 99: .It
1.1 tedu 100: Some necessary files do not exist.
101: .It
102: Entered passphrase is incorrect.
103: .It
104: The message file was corrupted and its signature does not match.
105: .It
106: The message file is too large.
107: .El
108: .Sh EXAMPLES
109: Create a new keypair:
1.7 espie 110: .Dl $ signify -G -p newkey.pub -s newkey.sec
1.4 jmc 111: .Pp
112: Sign a file, specifying a signature name:
1.7 espie 113: .Dl $ signify -S -s key.sec -o msg.sig message.txt
1.4 jmc 114: .Pp
1.1 tedu 115: Verify a signature, using the default signature name:
1.7 espie 116: .Dl $ signify -V -p key.pub generalsorders.txt
1.1 tedu 117: .Sh SEE ALSO
118: .Xr cmp 1 ,
119: .Xr sha256 1 ,
120: .Xr ssh 1
121: .Sh HISTORY
122: The
123: .Nm
124: command first appeared in
1.7 espie 125: .Ox 5.5 .