I misinterpreted Theo's comments about the option letters before. Revert to lowercase for most options, and change the verb option into three distinct uppercase options, -G -S and -V.
Sorry Marc... Index: signify.1 =================================================================== RCS file: /cvs/src/usr.bin/signify/signify.1,v retrieving revision 1.5 diff -u -p -r1.5 signify.1 --- signify.1 31 Dec 2013 18:18:36 -0000 1.5 +++ signify.1 1 Jan 2014 15:00:28 -0000 @@ -22,47 +22,56 @@ .Nd cryptographically sign and verify files .Sh SYNOPSIS .Nm signify -.Op Fl N -.Op Fl I Ar input -.Op Fl O Ar output -.Op Fl P Ar pubkey -.Op Fl S Ar seckey -.Fl V Ar generate | sign | verify +.Op Fl n +.Op Fl i Ar input +.Op Fl o Ar output +.Op Fl p Ar pubkey +.Op Fl s Ar seckey +.Fl G +.Fl S +.Fl V .Sh DESCRIPTION The .Nm utility creates and verifies cryptographic signatures. The mode of operation is selected by the +.Fl G , +.Fl S , +or .Fl V option. .Pp The options are as follows: .Bl -tag -width Ds -.It Fl I Ar input +.It Fl G +Generate a new keypair. +.It Fl S +Sign the input file. +.It Fl V +Verify the input file and signature match. +.It Fl i Ar input Input file to sign or verify. -.It Fl N +.It Fl n Do not ask for a passphrase during key generation. Otherwise, .Nm will prompt the user for a passphrase on the terminal. -.It Fl O Ar output +.It Fl o Ar output The signature file to create or verify. The default is .Ar input Ns .sig . -.It Fl P Ar pubkey +.It Fl p Ar pubkey Public key produced by .Ar generate , and used by .Ar verify to check a signature. -.It Fl S Ar seckey +.It Fl s Ar seckey Secret (private) key produced by .Ar generate , and used by .Ar sign to sign a message. -.It Fl V Ar generate | sign | verify -Select the desired operation. .El .Pp The key and signature files created by @@ -87,13 +96,13 @@ The message file is too large. .El .Sh EXAMPLES Create a new keypair: -.Dl $ signify -P newkey.pub -S newkey.sec -V generate +.Dl $ signify -p newkey.pub -s newkey.sec -G .Pp Sign a file, specifying a signature name: -.Dl $ signify -S key.sec -I message.txt -O msg.sig -V sign +.Dl $ signify -s key.sec -i message.txt -o msg.sig -S .Pp Verify a signature, using the default signature name: -.Dl $ signify -P key.pub -I generalsorders.txt -V verify +.Dl $ signify -p key.pub -i generalsorders.txt -V .Sh SEE ALSO .Xr cmp 1 , .Xr sha256 1 , Index: signify.c =================================================================== RCS file: /cvs/src/usr.bin/signify/signify.c,v retrieving revision 1.5 diff -u -p -r1.5 signify.c --- signify.c 31 Dec 2013 17:33:17 -0000 1.5 +++ signify.c 1 Jan 2014 15:00:28 -0000 @@ -64,8 +64,8 @@ extern char *__progname; static void usage(void) { - fprintf(stderr, "usage: %s [-N] [-I input] [-O output] [-P pubkey] [-S seckey] " - "-V generate | sign | verify\n", __progname); + fprintf(stderr, "usage: %s [-n] [-i input] [-o output] [-p pubkey] [-s seckey] " + "-G | -S | -V\n", __progname); exit(1); } @@ -316,41 +316,59 @@ verify(const char *pubkeyfile, const cha int main(int argc, char **argv) { - const char *verb = NULL; const char *pubkeyfile = NULL, *seckeyfile = NULL, *inputfile = NULL, *sigfile = NULL; char sigfilebuf[1024]; int ch, rounds; + enum { + NONE, + GENERATE, + SIGN, + VERIFY + } verb = NONE; + rounds = 42; - while ((ch = getopt(argc, argv, "I:NO:P:S:V:")) != -1) { + while ((ch = getopt(argc, argv, "GSVi:no:p:s:")) != -1) { switch (ch) { - case 'I': + case 'G': + if (verb) + usage(); + verb = GENERATE; + break; + case 'S': + if (verb) + usage(); + verb = SIGN; + break; + case 'V': + if (verb) + usage(); + verb = VERIFY; + break; + case 'i': inputfile = optarg; break; - case 'N': + case 'n': rounds = 0; break; - case 'O': + case 'o': sigfile = optarg; break; - case 'P': + case 'p': pubkeyfile = optarg; break; - case 'S': + case 's': seckeyfile = optarg; break; - case 'V': - verb = optarg; - break; default: usage(); break; } } argc -= optind; - if (argc != 0 || verb == NULL) + if (argc != 0) usage(); if (inputfile && !sigfile) { @@ -360,15 +378,15 @@ main(int argc, char **argv) sigfile = sigfilebuf; } - if (streq(verb, "generate")) { + if (verb == GENERATE) { if (!pubkeyfile || !seckeyfile) usage(); generate(pubkeyfile, seckeyfile, rounds); - } else if (streq(verb, "sign")) { + } else if (verb == SIGN) { if (!seckeyfile || !inputfile) usage(); sign(seckeyfile, inputfile, sigfile); - } else if (streq(verb, "verify")) { + } else if (verb == VERIFY) { if (!pubkeyfile || !inputfile) usage(); verify(pubkeyfile, inputfile, sigfile);