1.\" $NetBSD: netpgpverify.1,v 1.5.10.1 2012/10/20 04:59:53 agc Exp $
2.\"
3.\" Copyright (c) 2012 Alistair Crooks <agc@NetBSD.org>
4.\" All rights reserved.
5.\"
6.\" Redistribution and use in source and binary forms, with or without
7.\" modification, are permitted provided that the following conditions
8.\" are met:
9.\" 1. Redistributions of source code must retain the above copyright
10.\" notice, this list of conditions and the following disclaimer.
11.\" 2. Redistributions in binary form must reproduce the above copyright
--- 6 unchanged lines hidden (view full) ---
18.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
19.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
20.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
21.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
22.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
23.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
24.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25.\"
26.Dd September 28, 2012
27.Dt NETPGPVERIFY 1
28.Os
29.Sh NAME
30.Nm netpgpverify
31.Nd standalone program for digital signature verification
32.Sh SYNOPSIS
33.Nm
34.Op Fl c Ar command
35.Op Fl k Ar keyring
36.Op Ar
37.Sh DESCRIPTION
38The
39.Nm
40program is an extremely small, stand-alone utility for metching
41and verifying digital signatures.
42It has been rewritten from scratch from RFC 4880 to be small
43and lightweight, and to only verify signatures on a file or on memory.
44.Nm
45complements the
46.Xr netpgp 1
47program, and duplicates its verification functionality in
48a single standalone program.
49The reason for this duplication is simply because verification
50of digital signatures
51is such a common operation that a single, much smaller,
52standalone program can be used.
53.Pp
54The
55.Nm
56command uses the
57.Xr libnetpgpverify 3
58library to do the signature verification.
59The following commands are used to verify signatures:
60.Bl -tag -width Ar
61.It Fl c Ar command
62This argument takes a single word as an option, and performs the matching according
63to the command.
64The usual behavior is to match, and to print success or failure of that verification.
65The
66.Dv cat
67command can be used to do the signature verification,
68and, if successful,
69to print the signed contents to
70.Dv stdout.
71.It Fl k Ar keyring
72is used to specify a keyring, holding the public keys of the people who may
73sign data.
74.Pp
75Multiple files may be specified on the command line, and they
76will all have their signatures verified at the same time.
77.El
78.Sh SIGNING AND VERIFICATION
79Verification of a file's signature is best viewed using the following example:
80.Bd -literal
81% netpgp --sign --userid=agc@netbsd.org a
82signature 2048/RSA (Encrypt or Sign) 1b68dcfcc0596823 2004-01-12
83Key fingerprint: d415 9deb 336d e4cc cdfa 00cd 1b68 dcfc c059 6823
84uid Alistair Crooks \*[Lt]alistair@hockley-crooks.com\*[Gt]
85uid Alistair Crooks \*[Lt]agc@pkgsrc.org\*[Gt]
86uid Alistair Crooks \*[Lt]agc@netbsd.org\*[Gt]
87uid Alistair Crooks \*[Lt]agc@alistaircrooks.com\*[Gt]
88uid Alistair Crooks (Yahoo!) \*[Lt]agcrooks@yahoo-inc.com\*[Gt]
89encryption 2048/RSA (Encrypt or Sign) 79deb61e488eee74 2004-01-12
90netpgp passphrase:
91% netpgpverify a.gpg
92Good signature for a.gpg made Thu Jan 29 03:06:00 2009
93using RSA (Encrypt or Sign) key 1B68DCFCC0596823
94signature 2048/RSA (Encrypt or Sign) 1b68dcfcc0596823 2004-01-12
95Key fingerprint: d415 9deb 336d e4cc cdfa 00cd 1b68 dcfc c059 6823
96uid Alistair Crooks \*[Lt]alistair@hockley-crooks.com\*[Gt]
97uid Alistair Crooks \*[Lt]agc@pkgsrc.org\*[Gt]
98uid Alistair Crooks \*[Lt]agc@netbsd.org\*[Gt]
99uid Alistair Crooks \*[Lt]agc@alistaircrooks.com\*[Gt]
100uid Alistair Crooks (Yahoo!) \*[Lt]agcrooks@yahoo-inc.com\*[Gt]
101encryption 2048/RSA (Encrypt or Sign) 79deb61e488eee74 2004-01-12
102%
103.Ed
104.Pp
105In the example above, a signature is made on a single file called
106.Dq Pa a
107using a user identity corresponding to
108.Dq agc@netbsd.org
109and using the
110.Xr netpgp 1
111program.
112The key located for the user identity is displayed, and
113the user is prompted to type in their passphrase.
114The resulting file, called
115.Dq Pa a.gpg
116is placed in the same directory.
117The second part of the example shows a verification
118using
119.Nm
120of the signed file
121taking place.
122The time and user identity of the signatory is displayed, followed
123by a fuller description of the public key of the signatory.
124In both cases, the exit value from the utility was a successful one.
125.Sh EXIT STATUS
126The
127.Nm
128utility will return 0 for a successful signature verification,
129or 1 if the file's signature does not match what was expected.
130.Sh SEE ALSO
131.Xr netpgp 1 ,
132.\" .Xr libbz2 3 ,
133.Xr libnetpgpverify 3
134.Sh STANDARDS
135The
136.Nm
137utility is designed to conform to IETF RFC 4880.
138.Sh HISTORY
139The
140.Nm
141command first appeared in
142.Nx 6.0 .
143This version was written and first appeared in this form in
144.Nx 7.0 .
145.Sh AUTHORS
146.An -nosplit
147.An Alistair Crooks Aq agc@NetBSD.org .
2.\"
3.\" Copyright (c) 2012 Alistair Crooks <agc@NetBSD.org>
4.\" All rights reserved.
5.\"
6.\" Redistribution and use in source and binary forms, with or without
7.\" modification, are permitted provided that the following conditions
8.\" are met:
9.\" 1. Redistributions of source code must retain the above copyright
10.\" notice, this list of conditions and the following disclaimer.
11.\" 2. Redistributions in binary form must reproduce the above copyright
--- 6 unchanged lines hidden (view full) ---
18.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
19.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
20.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
21.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
22.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
23.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
24.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25.\"
26.Dd September 28, 2012
27.Dt NETPGPVERIFY 1
28.Os
29.Sh NAME
30.Nm netpgpverify
31.Nd standalone program for digital signature verification
32.Sh SYNOPSIS
33.Nm
34.Op Fl c Ar command
35.Op Fl k Ar keyring
36.Op Ar
37.Sh DESCRIPTION
38The
39.Nm
40program is an extremely small, stand-alone utility for metching
41and verifying digital signatures.
42It has been rewritten from scratch from RFC 4880 to be small
43and lightweight, and to only verify signatures on a file or on memory.
44.Nm
45complements the
46.Xr netpgp 1
47program, and duplicates its verification functionality in
48a single standalone program.
49The reason for this duplication is simply because verification
50of digital signatures
51is such a common operation that a single, much smaller,
52standalone program can be used.
53.Pp
54The
55.Nm
56command uses the
57.Xr libnetpgpverify 3
58library to do the signature verification.
59The following commands are used to verify signatures:
60.Bl -tag -width Ar
61.It Fl c Ar command
62This argument takes a single word as an option, and performs the matching according
63to the command.
64The usual behavior is to match, and to print success or failure of that verification.
65The
66.Dv cat
67command can be used to do the signature verification,
68and, if successful,
69to print the signed contents to
70.Dv stdout.
71.It Fl k Ar keyring
72is used to specify a keyring, holding the public keys of the people who may
73sign data.
74.Pp
75Multiple files may be specified on the command line, and they
76will all have their signatures verified at the same time.
77.El
78.Sh SIGNING AND VERIFICATION
79Verification of a file's signature is best viewed using the following example:
80.Bd -literal
81% netpgp --sign --userid=agc@netbsd.org a
82signature 2048/RSA (Encrypt or Sign) 1b68dcfcc0596823 2004-01-12
83Key fingerprint: d415 9deb 336d e4cc cdfa 00cd 1b68 dcfc c059 6823
84uid Alistair Crooks \*[Lt]alistair@hockley-crooks.com\*[Gt]
85uid Alistair Crooks \*[Lt]agc@pkgsrc.org\*[Gt]
86uid Alistair Crooks \*[Lt]agc@netbsd.org\*[Gt]
87uid Alistair Crooks \*[Lt]agc@alistaircrooks.com\*[Gt]
88uid Alistair Crooks (Yahoo!) \*[Lt]agcrooks@yahoo-inc.com\*[Gt]
89encryption 2048/RSA (Encrypt or Sign) 79deb61e488eee74 2004-01-12
90netpgp passphrase:
91% netpgpverify a.gpg
92Good signature for a.gpg made Thu Jan 29 03:06:00 2009
93using RSA (Encrypt or Sign) key 1B68DCFCC0596823
94signature 2048/RSA (Encrypt or Sign) 1b68dcfcc0596823 2004-01-12
95Key fingerprint: d415 9deb 336d e4cc cdfa 00cd 1b68 dcfc c059 6823
96uid Alistair Crooks \*[Lt]alistair@hockley-crooks.com\*[Gt]
97uid Alistair Crooks \*[Lt]agc@pkgsrc.org\*[Gt]
98uid Alistair Crooks \*[Lt]agc@netbsd.org\*[Gt]
99uid Alistair Crooks \*[Lt]agc@alistaircrooks.com\*[Gt]
100uid Alistair Crooks (Yahoo!) \*[Lt]agcrooks@yahoo-inc.com\*[Gt]
101encryption 2048/RSA (Encrypt or Sign) 79deb61e488eee74 2004-01-12
102%
103.Ed
104.Pp
105In the example above, a signature is made on a single file called
106.Dq Pa a
107using a user identity corresponding to
108.Dq agc@netbsd.org
109and using the
110.Xr netpgp 1
111program.
112The key located for the user identity is displayed, and
113the user is prompted to type in their passphrase.
114The resulting file, called
115.Dq Pa a.gpg
116is placed in the same directory.
117The second part of the example shows a verification
118using
119.Nm
120of the signed file
121taking place.
122The time and user identity of the signatory is displayed, followed
123by a fuller description of the public key of the signatory.
124In both cases, the exit value from the utility was a successful one.
125.Sh EXIT STATUS
126The
127.Nm
128utility will return 0 for a successful signature verification,
129or 1 if the file's signature does not match what was expected.
130.Sh SEE ALSO
131.Xr netpgp 1 ,
132.\" .Xr libbz2 3 ,
133.Xr libnetpgpverify 3
134.Sh STANDARDS
135The
136.Nm
137utility is designed to conform to IETF RFC 4880.
138.Sh HISTORY
139The
140.Nm
141command first appeared in
142.Nx 6.0 .
143This version was written and first appeared in this form in
144.Nx 7.0 .
145.Sh AUTHORS
146.An -nosplit
147.An Alistair Crooks Aq agc@NetBSD.org .