@@ -456,6 +456,150 @@ For details on how fingerprints are calculated, see [DESIGN.md](DESIGN.md).
456456Guide
457457-----
458458
459+ The `[DIRECTORY]` argument in examples can be omitted, in which case it
460+ defaults to the current directory.
461+
462+ # ## Creating a Package
463+
464+ To create a filepack manifest :
465+
466+ ` ` ` shell
467+ filepack create [DIRECTORY]
468+ ` ` `
469+
470+ This creates `filepack.json` containing hashes and file sizes of all files in
471+ the `DIRECTORY` and subdirectories.
472+
473+ To enable linting, use the `--deny` flag with a lint or lint group :
474+
475+ ` ` ` sh
476+ filepack create --deny <LINT> [DIRECTORY]
477+ ` ` `
478+
479+ To view all lints :
480+
481+ ` ` ` shell
482+ filepack lints
483+ ` ` `
484+
485+ Please feel free to open issues requesting new lints.
486+
487+ # ## Creating a Package with Metadata
488+
489+ To create a package with metadata describing the package, create a file named
490+ `metadata.yaml` in the package directory, for example :
491+
492+ ` ` ` yaml
493+ title: The Necronomicon
494+ creator: Abdul Alhazred
495+ description: >
496+ The Old Ones, their history, and the rites by which they may be summoned.
497+ language: la
498+ ` ` `
499+
500+ Then, to create the package :
501+
502+ ` ` ` shell
503+ filepack create [DIRECTORY]
504+ ` ` `
505+
506+ Which will validate metadata if present.
507+
508+ See [metadata](#metadata) for the full schema.
509+
510+ # ## Signing a Package
511+
512+ To sign a package when creating it, first create a new public and private key
513+ pair :
514+
515+ ` ` ` shell
516+ filepack keygen
517+ ` ` `
518+
519+ This creates a new public key, `master.public`, with corresponding private key,
520+ ` master.private` , in the filepack keychain directory.
521+
522+ The `filepack info` command will print the path to the filepack data directory,
523+ keychain directory, and any public keys in the keychain directory.
524+
525+ Your public key can be printed with :
526+
527+ ` ` ` shell
528+ filepack key
529+ ` ` `
530+
531+ To sign a new package :
532+
533+ ` ` ` shell
534+ filepack create --sign [DIRECTORY]
535+ ` ` `
536+
537+ To add a signature to an existing package :
538+
539+ ` ` ` shell
540+ filepack sign
541+ ` ` `
542+
543+ # ## Getting the Package Fingerprint
544+
545+ To print the fingerprint of a package :
546+
547+ ` ` ` shell
548+ filepack fingerprint [DIRECTORY]
549+ ` ` `
550+
551+ # ## Publishing a Manifest
552+
553+ Manifests contain only hashes and not file content, and so can be published
554+ anywhere, including places where technical or legal limitations would preclude
555+ publication of the content itself.
556+
557+ # ## Verifying a Package
558+
559+ Package content can be verified with :
560+
561+ ` ` ` shell
562+ filepack verify [DIRECTORY]
563+ ` ` `
564+
565+ Any extra files, missing files, or modified files will produce an error.
566+
567+ This verifies files against hashes stored in the manifest.
568+
569+ Running `filepack verify` on its own can detect accidental corruption, but not
570+ intentional modification, since an attacker could modify package content, and
571+ then modify the manifest to make it match the modified content and thus pass
572+ verification.
573+
574+ However, if the manifest was obtained from a trusted source, verification will
575+ catch any modifications, intentional or otherwise, even if the package content
576+ was obtained from an untrusted source.
577+
578+ To detect intentional modification, you can either verify a package against a
579+ known-good fingerprint :
580+
581+ ` ` ` sh
582+ filepack verify --fingerprint <FINGERPRINT> [DIRECTORY]
583+ ` ` `
584+
585+ This verifies both the contents of the package and that the manifest has the
586+ expected fingerprint. The former protects against accidental corruption, and
587+ the latter against intentional modification.
588+
589+ Packages can also be verified by checking for a signature by a known public
590+ key. This also protects against intentional modification, as long as the
591+ private key corresponding to the public key is protected, and only known to
592+ you, or someone you trust.
593+
594+ To verify that a package has a signature from a particular public key :
595+
596+ ` ` ` sh
597+ filepack verify --key <PUBLIC_KEY> [DIRECTORY]
598+ ` ` `
599+
600+ The `--key` option can be repeated to require signatures from multiple public
601+ keys.
602+
459603# ## Detecting Accidental Corruption
460604
461605Create a filepack manifest with :
0 commit comments