On Tue, Jan 14, 2014 at 04:48:14PM -0500, Ted Unangst wrote: > I don't know how useful this will be, but for tools that script > signify, different exit codes may come in handy. > > There's some overlap between codes, so they aren't perfect, but it's > probably more useful than all 1s. The scheme used is: > 1- user error. mostly related to getopt style stuff > 2- operational error. malloc failed. > 3- file parsing error. key file not a key, unsupported algorithm. > 4- signature verification failure.
Nope. Bad classification. > + errx(4, "signature verification failed"); > + errx(4, "verification failed: checked against wrong key"); Those are about the only ones where it's really hard to differentiate without using signify, and really useful, as actual usage attests... In general, stuff like not opening file is not really useful, fussiness about comments is not really that interesting. Now, format errors (bad pk, bad base64 are in a class by themselves). Key mismatch is something that's impossible to detect from "client" code without duplicating a large part of signify itself.
