diff options
Diffstat (limited to 'usr.sbin/pkg_install/sign/pkg_sign.1')
-rw-r--r-- | usr.sbin/pkg_install/sign/pkg_sign.1 | 73 |
1 files changed, 50 insertions, 23 deletions
diff --git a/usr.sbin/pkg_install/sign/pkg_sign.1 b/usr.sbin/pkg_install/sign/pkg_sign.1 index 2f46b9ca094..a3b19eae961 100644 --- a/usr.sbin/pkg_install/sign/pkg_sign.1 +++ b/usr.sbin/pkg_install/sign/pkg_sign.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: pkg_sign.1,v 1.1 1999/09/27 21:40:04 espie Exp $ +.\" $OpenBSD: pkg_sign.1,v 1.2 1999/10/04 21:46:29 espie Exp $ .\" Copyright (c) 1999 Marc Espie. .\" .\" Redistribution and use in source and binary forms, with or without @@ -36,28 +36,44 @@ .Sh SYNOPSIS .Nm pkg_sign .Op Fl sc -.Op Fl u Ar userid +.Op Fl t Ar type +.Op Fl u Ar id .Op Ar .Nm pkg_check .Op Fl sc -.Op Fl u Ar userid +.Op Fl u Ar id .Op Ar .Sh DESCRIPTION .Nm pkg_sign -embeds a cryptographic signature (currently PGP) within a gzip file +embeds a cryptographic signature within a gzip file .Ar file . -It will always prompt you for a passphrase to unlock your private pgp key, -even if you don't use a passphrase (which is a bad idea, anyway). -.Nm pkg_check -cheks that cryptographic signature. +.Ar type +can be +.Li pgp +(default) or +.Li +sha1 . +If +.Ar type +is +.Li pgp , +it will always prompt you for a passphrase to unlock your private +pgp key, even if you don't use a passphrase (which is a bad idea, anyway). +If +.Ar type +is +.Li sha1 , +you must supply an +.Ar id, +which will be recorded as the name of the package, and printed as the +SHA1 checksum. .Pp -This uses a feature of the gzip format, namely that one can set a flag -.Dv EXTRA_FIELD -in the gzip header and store extra data between the gzip header and the -compressed file proper. -The OpenBSD signing scheme uses `SigPGP\\0\\xa8' -as a magic number for its signature (this marker is conveniently 8 bytes -long, and the `\\0\\xa8' is the length of the pgp signature proper). +.Nm pkg_check +checks that cryptographic signature. It currently disregards +.Ar type +and checks only the topmost signature. For sha1, it checksums the file +and verifies that the result matches the list of checksums recorded in +.Pa /var/db/pkg/SHA1 . .Pp Options .Fl s @@ -65,8 +81,8 @@ and .Fl c can be used to force package signing or signature checking mode. .Pp -The -.Ar userid +For pgp, the +.Ar id to use to sign the package or verify the signature can be forced with .Fl u . .Pp @@ -77,6 +93,15 @@ is a single dash or absent, .Nm check_sign reads from the standard input. +.Pp +Package signing uses a feature of the gzip format, namely that one can +set a flag +.Dv EXTRA_FIELD +in the gzip header and store extra data between the gzip header and the +compressed file proper. +The OpenBSD signing scheme uses eight bytes markers such `SIGPGP' \+ length +or `CKSHA1' \+ length for its signatures (those markers are conveniently +eight bytes long). .Sh RESULTS .Nm pkg_sign and @@ -99,6 +124,9 @@ This is an unsigned package. The program couldn't find a proper gzip header. .It "File %s contains an unknown extension" The extended area of the gzip file has been used for an unknown purpose. +.It "File %s uses old signatures, no longer supported" +The gzip file uses a very early version of package signing that was +substantially slower. .El .Sh BUGS .Xr pgp 1 @@ -116,8 +144,7 @@ that pgp expects on the fly. Paths to .Nm pgp and -.Nm gzcat -are hard-coded to avoid tampering and hinder flexibility. +the checksum file are hard-coded to avoid tampering and hinder flexibility. .Sh FILES .Bl -tag -width "/usr/local/bin/pgp" -compact .It Pa file.sign @@ -128,11 +155,11 @@ from .It Pa /usr/local/bin/pgp Default path to .Xr pgp 1 . -.It Pa /usr/bin/gzcat -Default path to -.Xr gzcat 1 . +.It Pa /var/db/pkgs/SHA1 +Recorded checksums. .El .Sh SEE ALSO +.Xr gzip 1 , .Xr pgp 1 , .Xr pkg_add 1 , -.Xr gzip 1 +.Xr sha1 1 |