[ новости /+++ | форум | теги | ]

NAME
     skisign - sign file

SYNOPSIS
     skisign [-b]  [-c]  [-s  |  -v]  [-x]  [-i  input_file]  [-o
     sig_file]

AVAILABILITY
     SUNWski

DESCRIPTION
     The skisign utility digitally signs  the  data  provided  in
     input_file    with    the    user's   private   key,   using
     MD5WithRSAEncryption  as  the  signature  algorithm.  If  no
     input_file is given, the input data is read from stdin.  Any
     data signed using the skisign utility  may  be  subsequently
     verfied using the skiverify(1) utility.

     The input data and digital signature information are format-
     ted  as  a  PKCS #7 message with content type "signed-data",
     and stored in sig_file (or stdout).

     By default, the data being signed and the digital  signature
     are stored together.

     If the -x option is provided, however, the data being signed
     is  separated  from  the  digital  signature. Option -x will
     increase the performance noticeably if the data being signed
     is  very  large, because the data being signed is not dupli-
     cated in the signature output.  In  this  case,  it  is  the
     user's  responsibility  to  associate  the data being signed
     with its digital signature.

     If any of the  output  files  with  automatically  generated
     filenames  already  exist, the skisign command exits with an
     error message.

     The user's complete certificate chain (including the  user's
     own certificate) up to the user's Root Certification Author-
     ity (CA) is included in the digital  signature  information.
     If  the  -c option is provided, only the user's own certifi-
     cate is included. The -c option is useful if the  user  does
     not have direct access to the certificates of the CAs in the
     user's certificate chain, or if the  intended  recipient  of
     the  signature  already  trusts  the user's public signature
     key.

     skisign requires that the user has  registered  his  or  her
     private key with the SKI keyserver (see skilogin(1)).

OPTIONS
     The following options are supported:
     -b      Add "BEGIN" and "END" boundaries to the digital sig-
             nature  (by  default, no boundaries are added to the
             digital signature).

     -c      Include only user's  certificate  in  the  signature
             information  (default:  the user's complete certifi-
             cate chain up to the user's Root CA is  included  in
             the signature information).

     -s      Run application silently (no status or error  infor-
             mation displayed).

     -v      Give verbose output.  If both  the  -v  and  the  -s
             options are specified, the -v option is ignored.

     -x      Store the digital signature separately from the data
             being  signed  (default:  digital signature and data
             being signed are stored together).  The digital sig-
             nature  is  stored  in  sig_file. If sig_file is not
             provided, the digital signature is stored in a  file
             named  after  the input_file, suffixed by ".sig". If
             the  data  being  signed  is  read  from  stdin  (no
             input_file  provided),  the  data  being  signed  is
             archived in a file  named  "stdin"  in  the  current
             working  directory,  and  the  digital  signature is
             either stored in sig_file  or,  if  no  sig_file  is
             given,  in  a  file named "stdin.sig" in the current
             working directory.  If the -b option has been speci-
             fied,  the  digital signature will be bounded at the
             beginning by
             "-----BEGIN DIGITAL SIGNATURE-----"
             and will be bounded at the end by
             "-----END DIGITAL SIGNATURE-----".

     -i input_file
             File containing the data being signed.

     -o sig_file
             File where the  digital  signature  is  stored.  The
             digital signature is formatted according to the PKCS
             #7 standard; it  is  output  in  printable  encoding
             (ASCII) as defined in the Internet RFC1421 standard.
             By default, the digital signature contains the  data
             signed.   If  the  -b option has been specified, the
             digital signature will be bounded at  the  beginning
             by
             "-----BEGIN DIGITAL SIGNATURE AND DATA SIGNED-----",
             and will be bounded at the end by
             "-----END DIGITAL SIGNATURE AND DATA SIGNED-----".
             If the -x option is used, the data being  signed  is
             not  included  in  the digital signature.  If the -b
             option has been  specified,  the  digital  signature
             will be bounded at the beginning by
             "-----BEGIN DIGITAL SIGNATURE-----"
             and will be bounded at the end by:
             "-----END DIGITAL SIGNATURE-----".

EXAMPLES
     This example signs the file "appl" with the user's  key  and
     stores  the  signature along with the data in the file "sig-
     file":

          example% skisign -i appl -o sigfile

     The following example stores the signature  separately  from
     the  data  being signed. The signature is stored in the file
     "appl.sig":

          example% skisign -x -i appl

     The following example reads the data being signed (a utility
     called  "prog")  from stdin. The digital signature is stored
     separately from the data being signed: The data being signed
     is  stored in the file "stdin" in the current working direc-
     tory, and the  digital  signature  is  stored  in  the  file
     "stdin.sig" in the same directory:

          example% skisign -x < prog

EXIT STATUS
     The skisign command exits with 0 if successful and 1  other-
     wise.

SEE ALSO
     skiverify(1), skiencrypt(1), skidecrypt(1), skilogin(1)

Партнёры:

Хостинг: