[Linux-ima-user] [RFC v4 11/11] Documentation for file signing

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

This patch adds documentation for signing files.

Signed-off-by: Fionnuala Gunter <fi...@li...>
---
 doc/rpmsign.8 | 22 +++++++++++++++++++++-
 1 file changed, 21 insertions(+), 1 deletion(-)

diff --git a/doc/rpmsign.8 b/doc/rpmsign.8
index 53f2d70..b19f172 100644
--- a/doc/rpmsign.8
+++ b/doc/rpmsign.8
@@ -2,11 +2,17 @@
 .SH NAME
 rpmsign \- RPM Package Signing
 .SH SYNOPSIS
+.SS "SIGNING PACKAGES:"
+.PP
 
-\fBrpm\fR \fB--addsign|--resign\fR \fB\fIPACKAGE_FILE\fB\fR\fI ...\fR
+\fBrpm\fR \fB--addsign|--resign\fR [\fBrpmsign-options\fR] \fB\fIPACKAGE_FILE\fB\fR\fI ...\fR
 
 \fBrpm\fR \fB--delsign\fR \fB\fIPACKAGE_FILE\fB\fR\fI ...\fR
 
+.SS "rpmsign-options"
+.PP
+ \fB--fskpath \fIKEY\fB\fR] [\fB--signfiles\fR]
+
 .SH DESCRIPTION
 .PP
 Both of the \fB--addsign\fR and \fB--resign\fR
@@ -20,6 +26,19 @@ there is no difference in behavior currently.
 .PP
 Delete all signatures from each package \fIPACKAGE_FILE\fR given.
 
+.SS "SIGN OPTIONS"
+.PP
+.TP
+\fB--fskpath \fIKEY\fB\fR
+Used with \fB--signfiles\fR, use file signing key \fIKEY\fR.
+.TP
+\fB--signfiles\fR
+Sign package files. The macro \fB%_binary_filedigest_algorithm\fR must be set
+before building the package, and the macro must be set to a supported algorithm:
+2, 8, 9, or 10, which represent SHA1, SHA256, SHA384, and SHA512, respectively.
+The file signing key (RSA private key) can be configured on the command line
+with \fB--fskpath\fR or the macro \fB%_file_signing_key\fR.
+
 .SS "USING GPG TO SIGN PACKAGES"
 .PP
 In order to sign packages using GPG, \fBrpm\fR
@@ -78,4 +97,5 @@ Marc Ewing <ma...@re...>
 Jeff Johnson <jb...@re...>
 Erik Troan <ew...@re...>
 Panu Matilainen <pma...@re...>
+Fionnuala Gunter <fi...@li...>
 .fi
-- 
1.9.3



