1 .TH zpm-sign 8 2019-02-15 "ZPM 0.3"
3 zpm-sign \- manage package signatures
28 .BI -m " messagestring"
33 manages signatures on zpm packages. It can generate signing keys,
34 sign files, and verify signatures. The ed25519 algorithms are
35 used exclusively, and all the signature code is taken from the
36 ref10 implementation. Signatures themselves are hex encoded
37 representions of the signature metadata and the actual signature value.
39 Private keys are potentially encrypted with chacha20 before storing
45 Generate a private key
48 Extract a public key from a private key.
51 Sign a file or message. In addition to the message to be signed,
52 signature metadata is signed.
55 Verify a signature on a file or message.
61 Increase the debug level. May be given more than once.
64 Output the raw signature, rather than a full zpm certificate.
65 This also just signs the data given, without any signature
69 Specify a passphrase to decrypt a private key.
72 Specify a message to be signed or verified. If not set with the -m option, the
73 message is taken from file named with the first non-option argument.
76 Take the private key for message signing from the path given. This
77 defaults to ~/.zpm/key. If ~/.zpm/key is not found and the euid
78 is root, /var/lib/zpm/key is tried.
81 Take the private key from the command line argument. This is not
82 particularly secure and is primarily intended for testing.
85 Use sigstring as the signature to verify.
88 Specify a message to be signed or verified. If not set with the -m option, the
89 message is taken from file named with the first non-option argument.
93 lists all files in the local database
95 0 on success non zero on failure