Index of Section 1 Manual Pages
| Interix / SUA | pkg_sign.1 | Interix / SUA |
PKG_SIGN(1) System General Commands Manual PKG_SIGN(1)
NAME
pkg_sign, check_sign - handle package signatures
SYNOPSIS
pkg_sign [-csV] [-t type] [-u id] [file ...]
pkg_check [-sc] [-u id] [file ...]
DESCRIPTION
pkg_sign embeds a cryptographic signature within a gzip file file. type
can be pgp (default) or sha1. If type is pgp, it will always prompt you
for a passphrase to unlock your private pgp key, even if you don't use a
passphrase (which is a bad idea, anyway). If type is sha1, you must sup-
ply an id, which will be recorded as the name of the package, and printed
as the SHA1 checksum.
pkg_check checks that cryptographic signature. It currently disregards
type and checks only the topmost signature. For sha1, it checksums the
file and verifies that the result matches the list of checksums recorded
in /var/db/pkg/SHA1.
Options -s and -c can be used to force package signing or signature
checking mode.
For pgp, the id to use to sign the package or verify the signature can be
forced with -u.
If file is a single dash (`-') or absent, check_sign reads from the stan-
dard input.
The -V option will print the current version and exit successfully.
Package signing uses a feature of the gzip format, namely that one can
set a flag EXTRA_FIELD in the gzip header and store extra data between
the gzip header and the compressed file proper. The OpenBSD signing
scheme uses eight bytes markers such `SIGPGP' + length or `CKSHA1' +
length for its signatures (those markers are conveniently eight bytes
long).
RESULTS
pkg_sign and pkg_check return with an exit code > 0 if anything went
wrong for any file. For pkg_check, this usually indicates that the pack-
age is not signed, or that the signature is forged.
DIAGNOSTICS
File %s is already signed There is a signature embedded within the gzip
file already. pkg_sign currently does not handle multiple signatures.
File %s is not a signed gzip file This is an unsigned package.
File %s is not a gzip file The program couldn't find a proper gzip
header.
File %s contains an unknown extension The extended area of the gzip file
has been used for an unknown purpose.
File %s uses old signatures, no longer supported The gzip file uses a
very early version of package signing that was substantially slower.
BUGS
pgp(1) is an ill-designed program, which is hard to interface with. For
instance, the `separate signing scheme' it pretends to offer is useless,
as it can't be used with pipes, so that pgp_sign needs to kludge it by
knowing the length of a pgp signature, and invoking pgp in `seamless'
signature mode, without compression of the main file, and just retrieving
the signature.
The checking scheme is little less convoluted, namely we rebuild the file
that pgp expects on the fly.
Paths to pgp and the checksum file are hard-coded to avoid tampering and
hinder flexibility.
FILES
file.sign Temporary file built by pkg_sign from file.
/usr/local/bin/pgp Default path to pgp(1).
/var/db/pkgs/SHA1 Recorded checksums.
SEE ALSO
gzip(1), pgp(1), pkg_add(1), sha1(1)
Interix September 24, 1999 Interix