The OpenNET Project / Index page

[ новости /+++ | форум | теги | ]

Интерактивная система просмотра системных руководств (man-ов)

 ТемаНаборКатегория 
 
 [Cписок руководств | Печать]

skiverify (1)
  • >> skiverify (1) ( Solaris man: Команды и прикладные программы пользовательского уровня )
  • 
    NAME
         skiverify - verify signature of file
    
    SYNOPSIS
         skiverify   [-e    [-o    verified_data_file]]    [-h    [-L
         virtual_host]] [-s | -v] [-c cert_path] [-i sig_file]
    
         skiverify [-h [-L virtual_host]] [-s |  -v]  [-c  cert_path]
         [-d data_file] [-i sig_file]
    
    AVAILABILITY
         SUNWski
    
    DESCRIPTION
         The skiverify utility verifies the data signed by  a  signa-
         ture  utility  such  as skisign (1) and displays the name of
         the signer.  If the verification fails, an error message  is
         printed out to stderr, indicating the reason for the failure
         (for example, certificate chain not consistent, none of  the
         CAs  in  the  chain  is  trusted, signature does not verify,
         etc.).
    
         skiverify reads and verifies the digital signature  informa-
         tion  stored  in  sig_file.  If no sig_file is provided, the
         digital signature information is read from stdin.
    
         The digital signature information must  be  formatted  as  a
         PKCS #7 message with content type "signed-data", and must be
         provided in printable encoding  format  as  defined  in  the
         Internet RFC1421 standard.
    
         If the digital signature information includes the data being
         verified  (skisign  default behaviour), the -e option can be
         used to extract the (successfully) verified  data  from  the
         digital  signature  information and store them in a separate
         file.
    
         If the -x option was used when creating the  digital  signa-
         ture  (see  skisign  (1)), the digital signature information
         provided in sig_file will not contain  the  data  which  was
         originally  signed.  In this case, skiverify will prompt the
         user to provide a separate file, data_file,  containing  the
         data to which the signature applies.
    
         If the verification  succeeds,  the  authenticated  signer's
         fully qualified X.500 distinguished name is displayed.
    
         The  -c  option  is  used  to  specify  the  directory  path
         cert_path  where  the  certificates contained in the PKCS #7
         signature information will be stored.  This option  is  con-
         sidered  only in the case where the signature information is
         used to disseminate  a  certificate  (which  may  have  been
         requested  using  a PKCS #10 certification request (see cer-
         treq(1)) and its supporting chain, rather than to  represent
         one  signer's  digital  signature.  If no directory name has
         been specified, the user  will  be  prompted  for  one.  The
         specified  directory  must  not  exist.  Each certificate is
         stored in a separate file in a subdirectory (named  "certs")
         of  the  specified directory. Each certificate file is named
         after the distinguished name of the certificate  owner.  The
         specified  directory name could be used in a subsequent ski-
         store(1) operation, in order to store the received  certifi-
         cates  into the configured naming service (for example, NIS,
         NIS+).
    
         skiverify requires that the user has registered his  or  her
         private key with the SKI keyserver (see skilogin(1)).
    
    OPTIONS
         The following options are supported:
    
         -h   Verify the data on behalf of  the  host.   The  trusted
              public  keys  from  the  host's  key  package  will  be
              retrieved to verify the certificate chain.
    
         -L virtual_host
              Name or the dot separated IP  address  of  the  virtual
              host  on whose behalf the data is verified. This option
              is valid only with -h option.
    
         -e   Extract the data  being  verified  from  the  signature
              input file and store it in a separate file (ignored for
              external signatures). The file where the verified  data
              is  stored is named after sig_file, suffixed by ".veri-
              fied" (if this file already exists, the skiverify  com-
              mand  exits with an error message), or can be specified
              by verified_data_file. If the -e option is provided and
              the  digital  signature  information is read from stdin
              (no sig_file is provided)  and  verified_data_file  has
              not  been  specified,  the verified data is stored in a
              file named "verified" in the current directory (if this
              file  already  exists, the skiverify command exits with
              an error message).
    
         -s   Run application silently (no status or  error  informa-
              tion displayed).
    
         -v   Give verbose output.  If both the -v and the -s options
              are specified, the -v option is ignored.
    
         -c cert_path
              Directory where each certificate included in the signa-
              ture  information  is  stored.  The specified directory
              must not exist.
    
         -d data_file
              File containing the data to be verified (only used  for
              external signatures).
    
         -i sig_file
              Signature input file.
    
         -o verified_data_file
              File where the data being verified is  stored  (ignored
              for external signatures).
    
    EXAMPLES
         The following example verifies the signature information  in
         the  file  "siginfo",  which  includes the data to which the
         signature applies, and stores the content being verified  in
         the file "siginfo.verified":
    
              example% skiverify -i siginfo -e
    
         The corresponding signature command would have been used  as
         follows:
    
              example% skisign -i some_data -o siginfo
    
         This example verifies the external  signature  in  the  file
         "ext_sig", which applies to the data in file "data":
    
              example% skiverify -i ext_sig -d data
    
         The corresponding signature command would have been used  as
         follows:
    
              example% skisign -x -i data -o ext_sig
    
    EXIT STATUS
         The skiverify command exits with 0 if successful and 1  oth-
         erwise.
    
    SEE ALSO
         certreq(1), skiencrypt(1), skidecrypt(1),  skisign(1),  ski-
         store(1)
    
    
    
    


    Поиск по тексту MAN-ов: 




    Партнёры:
    PostgresPro
    Inferno Solutions
    Hosting by Hoster.ru
    Хостинг:

    Закладки на сайте
    Проследить за страницей
    Created 1996-2024 by Maxim Chirkov
    Добавить, Поддержать, Вебмастеру