1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
|
.\" $OpenBSD: keynote.1,v 1.8 1999/07/09 13:35:29 aaron Exp $
.\"
.\" The author of this code is Angelos D. Keromytis (angelos@dsl.cis.upenn.edu)
.\"
.\" This code was written by Angelos D. Keromytis in Philadelphia, PA, USA,
.\" in April-May 1998
.\"
.\" Copyright (C) 1998, 1999 by Angelos D. Keromytis.
.\"
.\" Permission to use, copy, and modify this software without fee
.\" is hereby granted, provided that this entire notice is included in
.\" all copies of any software which is or includes a copy or
.\" modification of this software.
.\" You may use this code under the GNU public license if you so wish. Please
.\" contribute changes back to the author.
.\"
.\" THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR
.\" IMPLIED WARRANTY. IN PARTICULAR, THE AUTHORS MAKES NO
.\" REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE
.\" MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR
.\" PURPOSE.
.\"
.Dd April 29, 1999
.Dt keynote 1
.\" .TH keynote 1 local
.Os
.Sh NAME
.Nm keynote
.Nd command line tool for
.Xr KeyNote 3
operations
.Sh SYNOPSIS
.Nm keynote keygen
.Ar AlgorithmName
.Ar KeySize
.Ar PublicKeyFile
.Ar PrivateKeyFile
.Op print-offset
.Op print-length
.Nm keynote sign
.Op Fl v
.Ar AlgorithmName
.Ar AssertionFile
.Ar PrivateKeyFile
.Nm keynote sigver
.Op AssertionFile
.Nm keynote verify
.Op Fl h
.Op Fl e Ar file
.Fl l Ar file
.Fl r Ar retlist
.Op Fl k Ar file
.Op Fl l Ar file
.Op Ar file ...
.Sh KEY GENERATION
"keynote keygen" creates a public/private key of size
.Fa KeySize ,
(in bits) for the algorithm specified by
.Fa AlgorithmName .
Typical keysizes are 512, 1024, or 2048 (bits). The minimum key size
for DSA keys is 512 (bits). Supported
.Fa AlgorithmName
identifiers are:
.Bl -tag -width indent
.It ``dsa-hex:''
.It ``dsa-base64:''
.It ``rsa-hex:''
.It ``rsa-base64:''
.El
.Pp
Notice that the trailing colon is required. The resulting public key is
stored in file
.Fa PublicKeyFile .
Similarly, the resulting private key is stored in file
.Fa PrivateKeyFile .
Either of the filenames can be specified to be ``-'', in which
case the corresponding key(s) will be printed in standard output.
.Pp
The optional parameters
.Fa print-offset
and
.Fa print-length
specify the offset from the begining of the line where the key
will be printed, and the number of characters of the key that will
be printed per line.
.Fa print-length
includes
.Fa AlgorithmName
for the first line and has to be longer (by at least 2) than
.Fa AlgorithmName .
.Fa print-length
also accounts for the line-continuation character (backslash) at
the end of each line, and the doublequotes at the begining and end
of the key encoding. Default values are 12 and 50 respectively.
.Sh ASSERTION SIGNING
"keynote sign" reads the assertion contained in
.Fa AssertionFile
and generates a signature specified by
.Fa AlgorithmName
using the private key stored in
.Fa PrivateKeyFile .
The private key is expected to be of the form output by
"keynote keygen". The private key algorithm and the
.Fa AlgorithmName
specified as an argument are expected to match. There is no requirement
for the internal or ASCII encodings to match. Valid
.Fa AlgorithmName
identifiers are:
.Bl -tag -width indent
.It ``sig-dsa-sha1-hex:''
.It ``sig-dsa-sha1-base64:''
.It ``sig-rsa-sha1-hex:''
.It ``sig-rsa-sha1-base64:''
.It ``sig-rsa-md5-hex:''
.It ``sig-rsa-md5-base64:''
.El
.Pp
Notice that the trailing colon is required.
The resulting signature is printed in standard output. This can then
be added (via cut-and-paste or some script) at the end of the
assertion, in the
.Fa Signature
field.
.Pp
The public key corresponding to the private key in
.Fa PrivateKeyFile
is expected to already be included in the
.Fa Authorizer
field of the assertion, either directly or indirectly (i.e., through
use of a
.Fa Local-Constants
attribute). Furthermore, the assertion must have a
.Fa Signature
field (even if it is empty), as the signature is computed on
everything between the
.Fa KeyNote-Version
and
.Fa Signature
keywords (inclusive), and the
.Fa AlgorithmName
string.
.Pp
If the
.Fl v
flag is provided, "keynote sign" will also verify the newly-created
signature using the
.Fa Authorizer
field key.
.Sh SIGNATURE VERIFICATION
"keynote sigver" reads the assertion contained in
.Fa AssertionFile
and verifies the public-key signature on it.
.Sh QUERY TOOL
For each operand that names a
.A file ,
"keynote verify" reads the file and parses the assertions contained
therein (one assertion per file).
.Pp
Files given with the
.Fl l
flag are assumed to contain trusted assertions (no signature
verification is performed, and the
.Fa Authorizer
field can contain non-key principals.
There should be at least one assertion with the
.Fa POLICY
keyword in the
.Fa Authorizer
field.
.Pp
The
.Fl r
flag is used to provide a comma-separated list of return values, in
increasing order of compliance from left to right.
.Pp
Files given with the
.Fl e
flag are assumed to contain environment variables and their values,
in the format:
.Bd -literal -offset indent
varname = "value"
.Ed
.Pp
.Fa varname
can begin with any letter (upper or lower case) or number,
and can contain underscores.
.Fa value
is a quoted string, and can contain any character, and escape
(backslash) processing is performed, as specified in the KeyNote
draft.
.Pp
The remaining options are:
.Bl -tag -width indent
.It Fl h
Print a usage message and exit.
.It Fl k Ar file
Add a key from
.Fa file
in the action authorizers.
.El
.Pp
Exactly one
.Fl r
and least one of each
.Fl e ,
.Fl l ,
and
.Fl k
flags should be given per invocation. If no flags are given,
"keynote verify" prints the usage message and exits with error code \-1.
.Pp
"keynote verify" exits with code \-1 if there was an error, and 0 on success.
.Sh SEE ALSO
.Xr keynote 3 ,
.Xr keynote 4
.Bl -tag -width "AAAAAAA"
.It ``The KeyNote Trust-Management System''
M. Blaze, J. Feigenbaum, A. D. Keromytis,
Internet Drafts, draft-ietf-trustmgt-keynote-00.txt
.It ``Decentralized Trust Management''
M. Blaze, J. Feigenbaum, J. Lacy,
1996 IEEE Conference on Privacy and Security
.It ``Compliance-Checking in the PolicyMaker Trust Management System''
M. Blaze, J. Feigenbaum, M. Strauss,
1998 Financial Crypto Conference
.El
.Sh AUTHOR
Angelos D. Keromytis (angelos@dsl.cis.upenn.edu)
.Sh WEB PAGE
http://www.cis.upenn.edu/~keynote
.Sh BUGS
None that we know of.
If you find any, please report them at
.Bd -literal -offset indent -compact
keynote@research.att.com
.Ed
|