diff options
Diffstat (limited to 'lib')
-rw-r--r-- | lib/libkeynote/keynote.1 | 40 | ||||
-rw-r--r-- | lib/libkeynote/keynote.3 | 18 |
2 files changed, 41 insertions, 17 deletions
diff --git a/lib/libkeynote/keynote.1 b/lib/libkeynote/keynote.1 index cade4d6c743..a1c21c58996 100644 --- a/lib/libkeynote/keynote.1 +++ b/lib/libkeynote/keynote.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: keynote.1,v 1.35 2013/07/16 15:21:11 schwarze Exp $ +.\" $OpenBSD: keynote.1,v 1.36 2014/12/05 15:06:09 schwarze Exp $ .\" .\" The author of this code is Angelos D. Keromytis (angelos@dsl.cis.upenn.edu) .\" @@ -20,7 +20,7 @@ .\" MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR .\" PURPOSE. .\" -.Dd $Mdocdate: July 16 2013 $ +.Dd $Mdocdate: December 5 2014 $ .Dt KEYNOTE 1 .\" .TH keynote 1 local .Os @@ -28,7 +28,8 @@ .Nm keynote .Nd command line tool for keynote operations .Sh SYNOPSIS -.Nm keynote keygen +.Nm keynote +.Cm keygen .Ar AlgorithmName .Ar KeySize .Ar PublicKeyFile @@ -36,7 +37,8 @@ .Op Ar print-offset .Op Ar print-length .Pp -.Nm keynote sign +.Nm +.Cm sign .Op Fl v .Ar AlgorithmName .Ar AssertionFile @@ -44,10 +46,12 @@ .Op Ar print-offset .Op Ar print-length .Pp -.Nm keynote sigver +.Nm +.Cm sigver .Op Ar AssertionFile .Pp -.Nm keynote verify +.Nm +.Cm verify .Op Fl h .Op Fl e Ar file .Op Fl k Ar file @@ -59,7 +63,8 @@ For more details on .Nm KeyNote , see RFC 2704. .Sh KEY GENERATION -.Nm keynote keygen +.Nm +.Cm keygen creates a public/private key of size .Ar KeySize (in bits), for the algorithm specified by @@ -104,7 +109,8 @@ the end of each line, and the double quotes at the beginning and end of the key encoding. Default values are 12 and 50 respectively. .Sh ASSERTION SIGNING -.Nm keynote sign +.Nm +.Cm sign reads the assertion contained in .Ar AssertionFile and generates a signature specified by @@ -112,7 +118,8 @@ and generates a signature specified by using the private key stored in .Ar PrivateKeyFile . The private key is expected to be of the form output by -.Nm keynote keygen . +.Nm +.Cm keygen . The private key algorithm and the .Ar AlgorithmName specified as an argument are expected to match. @@ -161,7 +168,8 @@ string. If the .Fl v flag is provided, -.Nm keynote sign +.Nm +.Cm sign will also verify the newly-created signature using the .Ar Authorizer field key. @@ -184,14 +192,16 @@ the end of each line, and the double quotes at the beginning and end of the signature encoding. Default values are 12 and 50 respectively. .Sh SIGNATURE VERIFICATION -.Nm keynote sigver +.Nm +.Cm sigver reads the assertions contained in .Ar AssertionFile and verifies the public-key signatures on all of them. .Sh QUERY TOOL For each operand that names a .Ar file , -.Nm keynote verify +.Nm +.Cm verify reads the file and parses the assertions contained therein (one assertion per file). .Pp @@ -240,10 +250,12 @@ and .Fl k flags should be given per invocation. If no flags are given, -.Nm keynote verify +.Nm +.Cm verify prints the usage message and exits with error code \-1. .Pp -.Nm keynote verify +.Nm +.Cm verify exits with code \-1 if there was an error, and 0 on success. .Sh SEE ALSO .Xr keynote 3 , diff --git a/lib/libkeynote/keynote.3 b/lib/libkeynote/keynote.3 index 8f0e831677f..f80c676b656 100644 --- a/lib/libkeynote/keynote.3 +++ b/lib/libkeynote/keynote.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: keynote.3,v 1.47 2014/09/17 06:21:46 jmc Exp $ +.\" $OpenBSD: keynote.3,v 1.48 2014/12/05 15:06:09 schwarze Exp $ .\" .\" The author of this code is Angelos D. Keromytis (angelos@dsl.cis.upenn.edu) .\" @@ -20,7 +20,7 @@ .\" MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR .\" PURPOSE. .\" -.Dd $Mdocdate: September 17 2014 $ +.Dd $Mdocdate: December 5 2014 $ .Dt KEYNOTE 3 .\" .TH KeyNote 3 local .Os @@ -81,7 +81,19 @@ struct keynote_keylist { .Ft int .Fn kn_close "int sessid" .Ft int -.Fn kn_query "struct environment *env" "char **returnvalues, int numvalues" "char **trusted, int *trustedlen, int numtrusted" "char **untrusted, int *untrustedlen, int numuntrusted" "char **authorizers, int numauthauthorizers" +.Fo kn_query +.Fa "struct environment *env" +.Fa "char **returnvalues" +.Fa "int numvalues" +.Fa "char **trusted" +.Fa "int *trustedlen" +.Fa "int numtrusted" +.Fa "char **untrusted" +.Fa "int *untrustedlen" +.Fa "int numuntrusted" +.Fa "char **authorizers" +.Fa "int numauthauthorizers" +.Fc .Ft char ** .Fn kn_read_asserts "char *array" "int arraylen" "int *numassertions" .Ft int |