On Fri, Jan 03, 2014 at 10:46:45AM -0500, Ted Unangst wrote:
> On Fri, Jan 03, 2014 at 16:39, Marc Espie wrote:
> > Rechecked that -G was working (broken) and jmc wants identical
> > SYNOPSIS/usage.
> > Together with the \n for base64...
>
>
>
> > + } else if (verb == NONE) {
> > usage();
>
> this is weird, mixing that into the middle.
Well, do you prefer that ?
Index: signify.1
===================================================================
RCS file: /cvs/src/usr.bin/signify/signify.1,v
retrieving revision 1.6
diff -u -p -r1.6 signify.1
--- signify.1 1 Jan 2014 17:50:33 -0000 1.6
+++ signify.1 3 Jan 2014 15:53:58 -0000
@@ -23,15 +23,25 @@
.Sh SYNOPSIS
.Nm signify
.Op Fl n
-.Op Fl i Ar input
+.Fl p Ar pubkey
+.Fl s Ar seckey
+.Fl G
+.Nm signify
.Op Fl o Ar output
-.Op Fl p Ar pubkey
-.Op Fl s Ar seckey
-.Fl G | S | V
+.Fl s Ar seckey
+.Fl S
+.Ar input
+.Nm signify
+.Op Fl o Ar output
+.Fl p Ar pubkey
+.Fl V
+.Ar input
.Sh DESCRIPTION
The
.Nm
-utility creates and verifies cryptographic signatures.
+utility creates and verifies cryptographic signatures for
+an input file
+.Ar input .
The mode of operation is selected by the
.Fl G ,
.Fl S ,
@@ -40,11 +50,9 @@ or
options.
.Pp
The options are as follows:
-.Bl -tag -width Ds
+.Bl -tag -width Dssoutput
.It Fl G
Generate a new keypair.
-.It Fl i Ar input
-Input file to sign or verify.
.It Fl n
Do not ask for a passphrase during key generation.
Otherwise,
@@ -56,17 +64,17 @@ The default is
.Ar input Ns .sig .
.It Fl p Ar pubkey
Public key produced by
-.Ar G ,
+.Fl G ,
and used by
-.Ar V
+.Fl V
to check a signature.
.It Fl S
Sign the input file.
.It Fl s Ar seckey
Secret (private) key produced by
-.Ar G ,
+.Fl G ,
and used by
-.Ar S
+.Fl S
to sign a message.
.It Fl V
Verify the input file and signature match.
@@ -94,13 +102,13 @@ The message file is too large.
.El
.Sh EXAMPLES
Create a new keypair:
-.Dl $ signify -p newkey.pub -s newkey.sec -G
+.Dl $ signify -G -p newkey.pub -s newkey.sec
.Pp
Sign a file, specifying a signature name:
-.Dl $ signify -s key.sec -i message.txt -o msg.sig -S
+.Dl $ signify -S -s key.sec -o msg.sig message.txt
.Pp
Verify a signature, using the default signature name:
-.Dl $ signify -p key.pub -i generalsorders.txt -V
+.Dl $ signify -V -p key.pub generalsorders.txt
.Sh SEE ALSO
.Xr cmp 1 ,
.Xr sha256 1 ,
@@ -109,4 +117,4 @@ Verify a signature, using the default si
The
.Nm
command first appeared in
-.Ox 5.5
+.Ox 5.5 .
Index: signify.c
===================================================================
RCS file: /cvs/src/usr.bin/signify/signify.c,v
retrieving revision 1.8
diff -u -p -r1.8 signify.c
--- signify.c 3 Jan 2014 15:42:22 -0000 1.8
+++ signify.c 3 Jan 2014 15:53:58 -0000
@@ -64,8 +64,11 @@ extern char *__progname;
static void
usage(void)
{
- fprintf(stderr, "usage: %s [-n] [-i input] [-o output] [-p pubkey] [-s
seckey] "
- "-G | -S | -V\n", __progname);
+ fprintf(stderr, "usage:"
+ "\t%s [-n] -p pubkey -s seckey -G\n"
+ "\t%s [-o output] -s seckey -S input\n"
+ "\t%s [-o output] -p pubkey -V input\n",
+ __progname, __progname, __progname);
exit(1);
}
@@ -339,7 +342,7 @@ main(int argc, char **argv)
rounds = 42;
- while ((ch = getopt(argc, argv, "GSVi:no:p:s:")) != -1) {
+ while ((ch = getopt(argc, argv, "GSVno:p:s:")) != -1) {
switch (ch) {
case 'G':
if (verb)
@@ -356,9 +359,6 @@ main(int argc, char **argv)
usage();
verb = VERIFY;
break;
- case 'i':
- inputfile = optarg;
- break;
case 'n':
rounds = 0;
break;
@@ -377,30 +377,37 @@ main(int argc, char **argv)
}
}
argc -= optind;
- if (argc != 0)
- usage();
-
- if (inputfile && !sigfile) {
- if (snprintf(sigfilebuf, sizeof(sigfilebuf), "%s.sig",
- inputfile) >= sizeof(sigfilebuf))
- errx(1, "path too long");
- sigfile = sigfilebuf;
- }
+ argv += optind;
if (verb == GENERATE) {
- if (!pubkeyfile || !seckeyfile)
+ if (!pubkeyfile || !seckeyfile || argc != 0)
usage();
generate(pubkeyfile, seckeyfile, rounds);
- } else if (verb == SIGN) {
- if (!seckeyfile || !inputfile)
+ } else if (verb == SIGN || verb == VERIFY) {
+ if (argc != 1)
usage();
- sign(seckeyfile, inputfile, sigfile);
- } else if (verb == VERIFY) {
- if (!pubkeyfile || !inputfile)
- usage();
- verify(pubkeyfile, inputfile, sigfile);
+
+ inputfile = argv[0];
+
+ if (!sigfile) {
+ if (snprintf(sigfilebuf, sizeof(sigfilebuf), "%s.sig",
+ inputfile) >= sizeof(sigfilebuf))
+ errx(1, "path too long");
+ sigfile = sigfilebuf;
+ }
+
+ if (verb == SIGN) {
+ if (!seckeyfile)
+ usage();
+ sign(seckeyfile, inputfile, sigfile);
+ } else if (verb == VERIFY) {
+ if (!pubkeyfile)
+ usage();
+ verify(pubkeyfile, inputfile, sigfile);
+ }
} else {
usage();
}
+
return 0;
}