Update man page

Fixes jedisct1#106
filehira · Oct 24, 2021 · e74428c · e74428c
1 parent aa99a5c
commit e74428c
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 72 deletions.
diff --git a/share/man/man1/minisign.1 b/share/man/man1/minisign.1
@@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "MINISIGN" "1" "June 2020" "" ""
+.TH "MINISIGN" "1" "October 2021" "" ""
 .
 .SH "NAME"
 \fBminisign\fR \- A dead simple tool to sign files and verify signatures\.
@@ -48,10 +48,6 @@ File to sign/verify
 Combined with \-V, output the file content after verification
 .
 .TP
-\fB\-H\fR
-Combined with \-S, pre\-hash in order to sign large files
-.
-.TP
 \fB\-p <pubkeyfile>\fR
 Public key file (default: \./minisign\.pub)
 .
@@ -76,10 +72,18 @@ Add a one\-line untrusted comment
 Add a one\-line trusted comment
 .
 .TP
+\fB\-l\fR
+Sign using the legacy format
+.
+.TP
 \fB\-q\fR
 Quiet mode, suppress output
 .
 .TP
+\fB\-H\fR
+Requires the input to be prehashed
+.
+.TP
 \fB\-Q\fR
 Pretty quiet mode, only print the trusted comment
 .
@@ -138,9 +142,6 @@ This requires the signature \fBmyfile\.txt\.minisig\fR to be present in the same
 The public key can either reside in a file (\fB\./minisign\.pub\fR by default) or be directly specified on the command line\.
 .
 .SH "Notes"
-\fBTrusted comments\fR
-.
-.P
 Signature files include an untrusted comment line that can be freely modified, even after signature creation\.
 .
 .P
@@ -149,41 +150,5 @@ They also include a second comment line, that cannot be modified without the sec
 .P
 Trusted comments can be used to add instructions or application\-specific metadata (intended file name, timestamps, resource identifiers, version numbers to prevent downgrade attacks)\.
 .
-.P
-\fBCompatibility with OpenBSD signify\fR
-.
-.P
-Signatures written by \fBminisign\fR can be verified using OpenBSD\'s \fBsignify\fR tool: public key files and signature files are compatible\.
-.
-.P
-However, \fBminisign\fR uses a slightly different format to store secret keys\.
-.
-.P
-\fBMinisign\fR signatures include trusted comments in addition to untrusted comments\. Trusted comments are signed, thus verified, before being displayed\.
-.
-.P
-This adds two lines to the signature files, that signify silently ignores\.
-.
-.P
-\fBPre\-hashing\fR
-.
-.P
-By default, signing and verification require as much memory as the size of the file\.
-.
-.P
-Since \fBMinisign 0\.6\fR, huge files can be signed and verified with very low memory requirements, by pre\-hashing the content\.
-.
-.P
-The \-H command\-line switch, in combination with \-S, generates a pre\-hashed signature (HashEdDSA):
-.
-.P
-$ \fBminisign\fR \-SHm myfile\.txt
-.
-.P
-Verification of such a signature doesn\'t require any specific switch: the appropriate algorithm will automatically be detected\.
-.
-.P
-Signatures generated that way are not compatible with OpenBSD\'s \fBsignify\fR tool and are not compatible with \fBMinisign\fR versions prior to 0\.6\.
-.
 .SH "AUTHOR"
 Frank Denis (github [at] pureftpd [dot] org)
diff --git a/src/manpage.md b/src/manpage.md
@@ -34,8 +34,6 @@ These options control the actions of `minisign`.
     File to sign/verify
   * `-o`:
     Combined with -V, output the file content after verification
-  * `-H`:
-    Combined with -S, pre-hash in order to sign large files
   * `-p <pubkeyfile>`:
     Public key file (default: ./minisign.pub)
   * `-P <pubkey>`:
@@ -48,8 +46,12 @@ These options control the actions of `minisign`.
     Add a one-line untrusted comment
   * `-t <comment>`:
     Add a one-line trusted comment
+  * `-l`:
+    Sign using the legacy format
   * `-q`:
     Quiet mode, suppress output
+  * `-H`:
+    Requires the input to be prehashed
   * `-Q`:
     Pretty quiet mode, only print the trusted comment
   * `-R`:
@@ -93,38 +95,12 @@ The public key can either reside in a file (`./minisign.pub` by default) or be d
 
 ## Notes
 
-**Trusted comments**
-
 Signature files include an untrusted comment line that can be freely modified, even after signature creation.
 
 They also include a second comment line, that cannot be modified without the secret key.
 
 Trusted comments can be used to add instructions or application-specific metadata (intended file name, timestamps, resource identifiers, version numbers to prevent downgrade attacks).
 
-**Compatibility with OpenBSD signify**
-
-Signatures written by `minisign` can be verified using OpenBSD's `signify` tool: public key files and signature files are compatible.
-
-However, `minisign` uses a slightly different format to store secret keys.
-
-`Minisign` signatures include trusted comments in addition to untrusted comments. Trusted comments are signed, thus verified, before being displayed.
-
-This adds two lines to the signature files, that signify silently ignores.
-
-**Pre-hashing**
-
-By default, signing and verification require as much memory as the size of the file.
-
-Since `Minisign 0.6`, huge files can be signed and verified with very low memory requirements, by pre-hashing the content.
-
-The -H command-line switch, in combination with -S, generates a pre-hashed signature (HashEdDSA):
-
-$ `minisign` -SHm myfile.txt
-
-Verification of such a signature doesn't require any specific switch: the appropriate algorithm will automatically be detected.
-
-Signatures generated that way are not compatible with OpenBSD's `signify` tool and are not compatible with `Minisign` versions prior to 0.6.
-
 ## AUTHOR
 
 Frank Denis (github [at] pureftpd [dot] org)