From 31becca303647c6009baca775fb120e13fae7dd8 Mon Sep 17 00:00:00 2001 From: Dimitri Sokolyuk Date: Fri, 16 Feb 2018 06:18:03 +0100 Subject: exclude orig from build --- orig/signify.1 | 199 --------------------------------------------------------- 1 file changed, 199 deletions(-) delete mode 100644 orig/signify.1 (limited to 'orig/signify.1') diff --git a/orig/signify.1 b/orig/signify.1 deleted file mode 100644 index 569c14e..0000000 --- a/orig/signify.1 +++ /dev/null @@ -1,199 +0,0 @@ -.\" $OpenBSD: signify.1,v 1.41 2017/03/09 19:42:05 benno Exp $ -.\" -.\"Copyright (c) 2013 Marc Espie -.\"Copyright (c) 2013 Ted Unangst -.\" -.\"Permission to use, copy, modify, and distribute this software for any -.\"purpose with or without fee is hereby granted, provided that the above -.\"copyright notice and this permission notice appear in all copies. -.\" -.\"THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\"WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\"MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\"ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\"WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\"ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\"OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.Dd $Mdocdate: March 9 2017 $ -.Dt SIGNIFY 1 -.Os -.Sh NAME -.Nm signify -.Nd cryptographically sign and verify files -.Sh SYNOPSIS -.Nm signify -.Fl C -.Op Fl q -.Fl p Ar pubkey -.Fl x Ar sigfile -.Op Ar -.Nm signify -.Fl G -.Op Fl n -.Op Fl c Ar comment -.Fl p Ar pubkey -.Fl s Ar seckey -.Nm signify -.Fl S -.Op Fl ez -.Op Fl x Ar sigfile -.Fl s Ar seckey -.Fl m Ar message -.Nm signify -.Fl V -.Op Fl eqz -.Op Fl p Ar pubkey -.Op Fl t Ar keytype -.Op Fl x Ar sigfile -.Fl m Ar message -.Sh DESCRIPTION -The -.Nm -utility creates and verifies cryptographic signatures. -A signature verifies the integrity of a -.Ar message . -The mode of operation is selected with the following options: -.Bl -tag -width Dsssigfile -.It Fl C -Verify a signed checksum list, and then verify the checksum for -each file. -If no files are specified, all of them are checked. -.Ar sigfile -should be the signed output of -.Xr sha256 1 . -.It Fl G -Generate a new key pair. -Keynames should follow the convention of -.Pa keyname.pub -and -.Pa keyname.sec -for the public and secret keys, respectively. -.It Fl S -Sign the specified message file and create a signature. -.It Fl V -Verify the message and signature match. -.El -.Pp -The other options are as follows: -.Bl -tag -width Dsssignature -.It Fl c Ar comment -Specify the comment to be added during key generation. -.It Fl e -When signing, embed the message after the signature. -When verifying, extract the message from the signature. -(This requires that the signature was created using -.Fl e -and creates a new message file as output.) -.It Fl m Ar message -When signing, the file containing the message to sign. -When verifying, the file containing the message to verify. -When verifying with -.Fl e , -the file to create. -.It Fl n -Do not ask for a passphrase during key generation. -Otherwise, -.Nm -will prompt the user for a passphrase to protect the secret key. -.It Fl p Ar pubkey -Public key produced by -.Fl G , -and used by -.Fl V -to check a signature. -.It Fl q -Quiet mode. -Suppress informational output. -.It Fl s Ar seckey -Secret (private) key produced by -.Fl G , -and used by -.Fl S -to sign a message. -.It Fl t Ar keytype -When deducing the correct key to check a signature, make sure -the actual key matches -.Pa /etc/signify/*-keytype.pub . -.It Fl x Ar sigfile -The signature file to create or verify. -The default is -.Ar message Ns .sig . -.It Fl z -Sign and verify -.Xr gzip 1 -archives, where the signing data -is embedded in the -.Xr gzip 1 -header. -.El -.Pp -The key and signature files created by -.Nm -have the same format. -The first line of the file is a free form text comment that may be edited, -so long as it does not exceed a single line. -Signature comments will be generated based on the name of the secret -key used for signing. -This comment can then be used as a hint for the name of the public key -when verifying. -The second line of the file is the actual key or signature base64 encoded. -.Sh EXIT STATUS -.Ex -std signify -It may fail because of one of the following reasons: -.Pp -.Bl -bullet -compact -.It -Some necessary files do not exist. -.It -Entered passphrase is incorrect. -.It -The message file was corrupted and its signature does not match. -.It -The message file is too large. -.El -.Sh EXAMPLES -Create a new key pair: -.Dl $ signify -G -p newkey.pub -s newkey.sec -.Pp -Sign a file, specifying a signature name: -.Dl $ signify -S -s key.sec -m message.txt -x msg.sig -.Pp -Verify a signature, using the default signature name: -.Dl $ signify -V -p key.pub -m generalsorders.txt -.Pp -Verify a release directory containing -.Pa SHA256.sig -and a full set of release files: -.Bd -literal -offset indent -compact -$ signify -C -p /etc/signify/openbsd-62-base.pub -x SHA256.sig -.Ed -.Pp -Verify a bsd.rd before an upgrade: -.Bd -literal -offset indent -compact -$ signify -C -p /etc/signify/openbsd-62-base.pub -x SHA256.sig bsd.rd -.Ed -.Pp -Sign a gzip archive: -.Bd -literal -offset indent -compact -$ signify -Sz -s key-arc.sec -m in.tgz -x out.tgz -.Ed -.Pp -Verify a gzip pipeline: -.Bd -literal -offset indent -compact -$ ftp url | signify -Vz -t arc | tar ztf - -.Ed -.Sh SEE ALSO -.Xr fw_update 1 , -.Xr gzip 1 , -.Xr pkg_add 1 , -.Xr sha256 1 -.Sh HISTORY -The -.Nm -command first appeared in -.Ox 5.5 . -.Sh AUTHORS -.An -nosplit -.An Ted Unangst Aq Mt tedu@openbsd.org -and -.An Marc Espie Aq Mt espie@openbsd.org . -- cgit v1.2.3