From 635a9c911c419932e4f27eeae349bb265011ca86 Mon Sep 17 00:00:00 2001 From: Eli Schwartz Date: Sun, 21 Oct 2018 13:28:41 -0400 Subject: pacman-key: just accept one file to verify, and enforce detached sigs Simply pass options on to gpg the same way gpg uses them -- no looping through and checking lots of signatures. This prevents a situation where the signature file to be verified is manipulated to contain an embedded signature which is valid, but not a detached signature for the file you are actually trying to verify. gpg does not offer an option to verify many files at once by naming each signature/file pair, and there's no reason for us to do so either, since it would be quite tiresome to do so. In the event that there is no signature/file pair specified to pacman-key itself, - preserve gpg's behavior, *if* the matching file does not exist, by - assuming the signature is an embedded signature - deviate from gpg's behavior, by - offering a security warning about which one is happening - when there is an embedded signature *and* a matching detached file, assume the latter is desired Signed-off-by: Eli Schwartz Signed-off-by: Allan McRae --- doc/pacman-key.8.asciidoc | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'doc') diff --git a/doc/pacman-key.8.asciidoc b/doc/pacman-key.8.asciidoc index f0b5ac08..e32fe5d8 100644 --- a/doc/pacman-key.8.asciidoc +++ b/doc/pacman-key.8.asciidoc @@ -97,7 +97,13 @@ Operations Displays the program version. *-v, \--verify*:: - Verify the file(s) specified by the signature(s). + Assume that the first argument is a signature and verify it. If a second + argument is provided, it is the file to be verified. ++ +With only one argument given, assume that the signature is a detached +signature, and look for a matching data file to verify by stripping the file +extension. If no matching data file is found, fall back on GnuPG semantics and +attempt to verify a file with an embedded signature. Options -- cgit v1.2.3-24-g4f1b