Like any other piece of software (and information generally), sigs
comes with NO WARRANTY.


Things you have to decide before starting:

* Where programs will be installed, normally /usr/local/bin/sigs. To
change this directory, edit conf-bin now.

* Where man pages will be installed, normally /usr/local/man/sigs. To
change this directory, edit conf-man now.


How to install:

 1. Compile the programs:
       % make
    You will need GMP 2 installed as -lgmp.
 2. Create the formatted man pages, *.0:
       % make man
 3. Install the programs and man pages:
       # make setup

How to test:

 4. Create a predictable 2048-bit ``secret'' key, and check that it
    matches my prediction:
       % ./predictable | ./secretkey 2048 > KEY
       % cmp KEY TESTKEY
 5. Create the corresponding public key, and check that it matches my
    prediction:
       % ./publickey < KEY > PUBLIC
       % cmp PUBLIC TESTPUBLIC
 6. Generate a signature for snefrusboxes.c, and check that it matches
    my prediction:
       % ./sign KEY < snefrusr.c > SIG
       % cmp SIG TESTSIG
 7. Create a predictable ``secret'' judge, and check that it matches my
    prediction:
       % ./predictable | ./secretjudge > JUDGE
       % cmp JUDGE TESTJUDGE
 8. Check that the signature refers to snefrusboxes.c:
       % ./match SIG < snefrusr.c
 9. Check that the signature is under this public key:
       % ./prove PUBLIC SIG
10. Use the judge for an even faster verification:
       % ./verify JUDGE PUBLIC SIG
11. Make your own secret key and secret judge, using a secret stream of
    cryptographically random bits:
       % mkdir ~/Keys
       % ./secretkey 2048 < /dev/random > ~/Keys/sigs
       % ./publickey < ~/Keys/sigs > ~/Keys/sigs.public
       % ./secretjudge < /dev/random > ~/Keys/judge
    Note that /dev/random will pause if your system is completely idle.
    If your system does not support a cryptographically secure
    /dev/random, find another cryptographic generator and use that.
12. Try signing and verifying an empty document with your key:
       % ./sign ~/Keys/sigs < /dev/null > SIG
       % ./match SIG < /dev/null
       % ./verify ~/Keys/judge ~/Keys/sigs.public SIG
       % ./prove ~/Keys/sigs.public SIG
       % rm SIG
    Now publish sigs.public. Anyone can use sigs.public to verify your
    signatures.


That's it! To report success:
       % ( echo 'First M. Last'; cat `cat SYSDEPS` ) \
         | mail djb-qst@koobera.math.uic.edu
Replace First M. Last with your name.
