mirror of
https://github.com/openbsd/src.git
synced 2026-04-28 16:16:48 +00:00
In -C mode, the public key is optional since it can be deduced from
the untrusted comment. In this case, don't ignore -t but rather make it work as expected. ok tedu
This commit is contained in:
tb
@@ -1,4 +1,4 @@
|
||||
.\" $OpenBSD: signify.1,v 1.48 2019/08/10 03:56:02 deraadt Exp $
|
||||
.\" $OpenBSD: signify.1,v 1.49 2020/01/21 12:13:21 tb Exp $
|
||||
.\"
|
||||
.\"Copyright (c) 2013 Marc Espie <espie@openbsd.org>
|
||||
.\"Copyright (c) 2013 Ted Unangst <tedu@openbsd.org>
|
||||
@@ -14,7 +14,7 @@
|
||||
.\"WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
|
||||
.\"ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
|
||||
.\"OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
||||
.Dd $Mdocdate: August 10 2019 $
|
||||
.Dd $Mdocdate: January 21 2020 $
|
||||
.Dt SIGNIFY 1
|
||||
.Os
|
||||
.Sh NAME
|
||||
@@ -24,7 +24,8 @@
|
||||
.Nm signify
|
||||
.Fl C
|
||||
.Op Fl q
|
||||
.Fl p Ar pubkey
|
||||
.Op Fl p Ar pubkey
|
||||
.Op Fl t Ar keytype
|
||||
.Fl x Ar sigfile
|
||||
.Op Ar
|
||||
.Nm signify
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: signify.c,v 1.134 2019/12/22 06:37:25 espie Exp $ */
|
||||
/* $OpenBSD: signify.c,v 1.135 2020/01/21 12:13:21 tb Exp $ */
|
||||
/*
|
||||
* Copyright (c) 2013 Ted Unangst <tedu@openbsd.org>
|
||||
*
|
||||
@@ -78,7 +78,7 @@ usage(const char *error)
|
||||
fprintf(stderr, "%s\n", error);
|
||||
fprintf(stderr, "usage:"
|
||||
#ifndef VERIFYONLY
|
||||
"\t%1$s -C [-q] -p pubkey -x sigfile [file ...]\n"
|
||||
"\t%1$s -C [-q] [-p pubkey] [-t keytype] -x sigfile [file ...]\n"
|
||||
"\t%1$s -G [-n] [-c comment] -p pubkey -s seckey\n"
|
||||
"\t%1$s -S [-enz] [-x sigfile] -s seckey -m message\n"
|
||||
#endif
|
||||
@@ -715,13 +715,13 @@ verifychecksums(char *msg, int argc, char **argv, int quiet)
|
||||
}
|
||||
|
||||
static void
|
||||
check(const char *pubkeyfile, const char *sigfile, int quiet, int argc,
|
||||
char **argv)
|
||||
check(const char *pubkeyfile, const char *sigfile, const char *keytype,
|
||||
int quiet, int argc, char **argv)
|
||||
{
|
||||
unsigned long long msglen;
|
||||
uint8_t *msg;
|
||||
|
||||
msg = verifyembedded(pubkeyfile, sigfile, quiet, &msglen, NULL);
|
||||
msg = verifyembedded(pubkeyfile, sigfile, quiet, &msglen, keytype);
|
||||
verifychecksums((char *)msg, argc, argv, quiet);
|
||||
|
||||
free(msg);
|
||||
@@ -846,7 +846,7 @@ main(int argc, char **argv)
|
||||
err(1, "pledge");
|
||||
if (!sigfile)
|
||||
usage("must specify sigfile");
|
||||
check(pubkeyfile, sigfile, quiet, argc, argv);
|
||||
check(pubkeyfile, sigfile, keytype, quiet, argc, argv);
|
||||
return 0;
|
||||
}
|
||||
#endif
|
||||
|
||||
Reference in New Issue
Block a user