pacman-key: just accept one file to verify, and enforce detached sigs

Simply pass options on to gpg the same way gpg uses them -- no looping
through and checking lots of signatures.

This prevents a situation where the signature file to be verified is
manipulated to contain an embedded signature which is valid, but not a
detached signature for the file you are actually trying to verify.

gpg does not offer an option to verify many files at once by naming each
signature/file pair, and there's no reason for us to do so either, since
it would be quite tiresome to do so.

In the event that there is no signature/file pair specified to
pacman-key itself,

- preserve gpg's behavior, *if* the matching file does not exist, by
 - assuming the signature is an embedded signature
- deviate from gpg's behavior, by
 - offering a security warning about which one is happening
 - when there is an embedded signature *and* a matching detached file,
   assume the latter is desired

Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>

1 files changed, 7 insertions, 1 deletions

diff --git a/doc/pacman-key.8.asciidoc b/doc/pacman-key.8.asciidoc
index f0b5ac08..e32fe5d8 100644
--- a/doc/pacman-key.8.asciidoc
+++ b/doc/pacman-key.8.asciidoc
@@ -97,7 +97,13 @@ Operations
 	Displays the program version.
 
 *-v, \--verify*::
-	Verify the file(s) specified by the signature(s).
+	Assume that the first argument is a signature and verify it. If a second
+	argument is provided, it is the file to be verified.
++
+With only one argument given, assume that the signature is a detached
+signature, and look for a matching data file to verify by stripping the file
+extension. If no matching data file is found, fall back on GnuPG semantics and
+attempt to verify a file with an embedded signature.
 
 
 Options