added support for authenticated hashes

2025-12-17 03:50:57 +01:00 · 2015-07-21 14:18:03 +02:00
parent 95ab61b3cb
commit 362f7dff6b
14 changed files with 906 additions and 930 deletions
--- a/bindings/py/pypcp/raw.py
+++ b/bindings/py/pypcp/raw.py
@@ -417,7 +417,7 @@ size_t pcp_decrypt_stream(PCPCTX *ptx, Pcpstream *in, Pcpstream* out, pcp_key_t
 size_t pcp_decrypt_stream_sym(PCPCTX *ptx, Pcpstream *in, Pcpstream* out, byte *symkey, pcp_rec_t *recverify);
 /*** ./gencffi.pl: from ../../include/pcp/crypto.h:351 */
-int pcp_checksum(PCPCTX *ptx, Pcpstream *in, byte *checksum);
+int pcp_checksum(PCPCTX *ptx, Pcpstream *in, byte *checksum, byte *key, size_t keylen);
 /*** ./gencffi.pl: from ../../include/pcp/crypto.h:351 */
 pcp_rec_t *pcp_rec_new(byte *cipher, size_t clen, pcp_key_t *secret, pcp_pubkey_t *pub);
@@ -866,34 +866,22 @@ uint8_t *zmq_z85_decode (uint8_t *dest, char *string);
 /*** ./gencffi.pl: from ../../include/pcp/zmq_z85.h:31 */
 char *zmq_z85_encode (char *dest, uint8_t *data, size_t size);'''
 # ./gencffi.pl: from ../../include/pcp/defines.h:172
 EXP_FORMAT_PBP = 2
 # ./gencffi.pl: from ../../include/pcp/defines.h:172
 PCP_ASYM_CIPHER = 5
 # ./gencffi.pl: from ../../include/pcp/defines.h:172
-PCP_BLOCK_SIZE = 32 * 1024
+EXP_SIG_CIPHER = 0x23
 # ./gencffi.pl: from ../../include/pcp/defines.h:172
 EXP_PK_HEADER = "----- BEGIN ED25519-CURVE29915 PUBLIC KEY -----"
 # ./gencffi.pl: from ../../include/pcp/defines.h:172
 EXP_SK_FOOTER = "----- END ED25519-CURVE29915 PRIVATE KEY -----"
 # ./gencffi.pl: from ../../include/pcp/defines.h:172
 PCP_ENFILE_HEADER = "----- BEGIN PCP ENCRYPTED FILE -----\r\n"
 # ./gencffi.pl: from ../../include/pcp/defines.h:172
 EXP_FORMAT_NATIVE = 1
 # ./gencffi.pl: from ../../include/pcp/defines.h:172
 PBP_COMPAT_SALT = "qa~t](84z<1t<1oz:ik.@IRNyhG=8q(on9}4#!/_h#a7wqK{Nt$T?W>,mt8NqYq&6U<GB1$,<$j>,rSYI2GRDd:Bcm"
 # ./gencffi.pl: from ../../include/pcp/defines.h:172
 EXP_HASH_CIPHER = 0x22
@@ -902,20 +890,48 @@ EXP_HASH_CIPHER = 0x22
 EXP_HASH_NAME = "BLAKE2"
 # ./gencffi.pl: from ../../include/pcp/defines.h:172
 PCP_CRYPTO_ADD = (32 - 16)
 # ./gencffi.pl: from ../../include/pcp/defines.h:172
 PCP_ASYM_CIPHER_SIG = 24
 # ./gencffi.pl: from ../../include/pcp/defines.h:172
 EXP_SIG_SUB_KEYFLAGS = 27
 # ./gencffi.pl: from ../../include/pcp/defines.h:172
 EXP_SIG_SUB_NOTATION = 20
 # ./gencffi.pl: from ../../include/pcp/defines.h:172
-EXP_SIG_CIPHER_NAME = "ED25519"
+PCP_VAULT_ID = 14
 # ./gencffi.pl: from ../../include/pcp/defines.h:172
-EXP_SIG_CIPHER = 0x23
+EXP_SK_HEADER = "----- BEGIN ED25519-CURVE29915 PRIVATE KEY -----"
 # ./gencffi.pl: from ../../include/pcp/defines.h:172
-PCP_ZFILE_HEADER = "----- BEGIN Z85 ENCODED FILE -----"
+PCP_ENFILE_HEADER = "----- BEGIN PCP ENCRYPTED FILE -----\r\n"
 # ./gencffi.pl: from ../../include/pcp/defines.h:172
 PCP_SIG_HEADER = "----- BEGIN ED25519 SIGNED MESSAGE -----"
 # ./gencffi.pl: from ../../include/pcp/defines.h:172
 PCP_SIGPREFIX = "\nnacl-"
 # ./gencffi.pl: from ../../include/pcp/defines.h:172
 PCP_ZFILE_FOOTER = "----- END Z85 ENCODED FILE -----"
 # ./gencffi.pl: from ../../include/pcp/defines.h:172
 EXP_SK_FOOTER = "----- END ED25519-CURVE29915 PRIVATE KEY -----"
 # ./gencffi.pl: from ../../include/pcp/defines.h:172
@@ -923,11 +939,15 @@ PCP_SIG_END = "----- END ED25519 SIGNATURE -----"
 # ./gencffi.pl: from ../../include/pcp/defines.h:172
-EXP_PK_CIPHER = 0x21
+PCP_RFC_CIPHER = 0x21 
 # ./gencffi.pl: from ../../include/pcp/defines.h:172
-PCP_RFC_CIPHER = 0x21 
+PCP_ENCRYPT_MAC = 56
 # ./gencffi.pl: from ../../include/pcp/defines.h:172
 PCP_ME = "Pretty Curved Privacy"
 # ./gencffi.pl: from ../../include/pcp/defines.h:172
@@ -939,31 +959,15 @@ PCP_ENFILE_FOOTER = "\r\n----- END PCP ENCRYPTED FILE -----\r\n"
 # ./gencffi.pl: from ../../include/pcp/defines.h:172
-PCP_SYM_CIPHER = 23
+EXP_SIG_SUB_CTIME = 2
 # ./gencffi.pl: from ../../include/pcp/defines.h:172
-EXP_SIG_TYPE = 0x1F 
+PCP_SIG_START = "----- BEGIN ED25519 SIGNATURE -----"
 # ./gencffi.pl: from ../../include/pcp/defines.h:172
-EXP_SIG_SUB_KEYFLAGS = 27
+PCP_ZFILE_HEADER = "----- BEGIN Z85 ENCODED FILE -----"
 # ./gencffi.pl: from ../../include/pcp/defines.h:172
 EXP_SK_HEADER = "----- BEGIN ED25519-CURVE29915 PRIVATE KEY -----"
 # ./gencffi.pl: from ../../include/pcp/defines.h:172
 PCP_SIGPREFIX = "\nnacl-"
 # ./gencffi.pl: from ../../include/pcp/defines.h:172
 PCP_ME = "Pretty Curved Privacy"
 # ./gencffi.pl: from ../../include/pcp/defines.h:172
 PCP_ZFILE_FOOTER = "----- END Z85 ENCODED FILE -----"
 # ./gencffi.pl: from ../../include/pcp/defines.h:172
@@ -971,7 +975,11 @@ EXP_SIG_SUB_SIGEXPIRE = 3
 # ./gencffi.pl: from ../../include/pcp/defines.h:172
-PCP_ENCRYPT_MAC = 56
+EXP_SIG_CIPHER_NAME = "ED25519"
 # ./gencffi.pl: from ../../include/pcp/defines.h:172
 EXP_PK_CIPHER = 0x21
 # ./gencffi.pl: from ../../include/pcp/defines.h:172
@@ -979,19 +987,15 @@ EXP_PK_FOOTER = "----- END ED25519-CURVE29915 PUBLIC KEY -----"
 # ./gencffi.pl: from ../../include/pcp/defines.h:172
-EXP_SIG_SUB_CTIME = 2
+EXP_SIG_SUB_KEYEXPIRE = 9
 # ./gencffi.pl: from ../../include/pcp/defines.h:172
-PCP_VAULT_ID = 14
+EXP_FORMAT_NATIVE = 1
 # ./gencffi.pl: from ../../include/pcp/defines.h:172
-PCP_SIG_HEADER = "----- BEGIN ED25519 SIGNED MESSAGE -----"
+PCP_SYM_CIPHER = 23
 # ./gencffi.pl: from ../../include/pcp/defines.h:172
 PCP_ASYM_CIPHER_SIG = 24
 # ./gencffi.pl: from ../../include/pcp/defines.h:172
@@ -999,16 +1003,12 @@ EXP_PK_CIPHER_NAME = "CURVE25519-ED25519-POLY1305-SALSA20"
 # ./gencffi.pl: from ../../include/pcp/defines.h:172
-EXP_FORMAT_PBP = 2
+PBP_COMPAT_SALT = "qa~t](84z<1t<1oz:ik.@IRNyhG=8q(on9}4#!/_h#a7wqK{Nt$T?W>,mt8NqYq&6U<GB1$,<$j>,rSYI2GRDd:Bcm"
 # ./gencffi.pl: from ../../include/pcp/defines.h:172
-PCP_CRYPTO_ADD = (32 - 16)
+PCP_BLOCK_SIZE = 32 * 1024
 # ./gencffi.pl: from ../../include/pcp/defines.h:172
-EXP_SIG_SUB_KEYEXPIRE = 9
+EXP_SIG_TYPE = 0x1F 
 # ./gencffi.pl: from ../../include/pcp/defines.h:172
 PCP_SIG_START = "----- BEGIN ED25519 SIGNATURE -----"
--- a/include/pcp.h
+++ b/include/pcp.h
@@ -7,7 +7,6 @@ extern "C" {
 #include "pcp/config.h"
 #include "pcp/buffer.h"
 #include "pcp/config.h"
 #include "pcp/context.h"
 #include "pcp/crypto.h"
 #include "pcp/defines.h"
--- a/include/pcp/crypto.h
+++ b/include/pcp/crypto.h
@@ -333,7 +333,7 @@ int pcp_sodium_verify_mac(byte **cleartext,
    \return Returns 0 on error.
 */
-int pcp_checksum(PCPCTX *ptx, Pcpstream *in, byte *checksum);
+int pcp_checksum(PCPCTX *ptx, Pcpstream *in, byte *checksum, byte *key, size_t keylen);
--- a/libpcp/crypto.c
+++ b/libpcp/crypto.c
@@ -812,12 +812,17 @@ http://mrob.com/pub/math/int128.c.txt
 http://locklessinc.com/articles/256bit_arithmetic/
 */
-int pcp_checksum(PCPCTX *ptx, Pcpstream *in, byte *checksum) {
+int pcp_checksum(PCPCTX *ptx, Pcpstream *in, byte *checksum, byte *key, size_t keylen) {
  crypto_generichash_state *st = ucmalloc(sizeof(crypto_generichash_state));
  byte *buf = ucmalloc(PCP_BLOCK_SIZE);
  size_t bufsize = 0;
  int ret = 1;
  if(key != NULL && keylen <= crypto_generichash_KEYBYTES_MAX) {
    crypto_generichash_init(st, key, keylen, crypto_generichash_KEYBYTES_MAX);
  }
  else
    crypto_generichash_init(st, NULL, 0, 0);
  while(!ps_end(in)) {
--- a/man/options.pod
+++ b/man/options.pod
@@ -132,8 +132,12 @@
                           uses stdin/stdout
 Misc Options:
- -C --checksum             Calculate a Blake2 checksum of one or more files.
+ -C --checksum [<key>]     Calculate a Blake2b checksum of one or more files.
                           If <key> is provided, an authenticated hash will
                           be calculated, otherwise a normal hash. If you don't
                           want to generate an authenticated hash, specify
                           -- after -C.
                           Use -I to specify one file or put multiple file
-                           names after -C like "pcp1 -C file1 file2 file3".
+                           names after -C like "pcp1 -C -- file1 file2 file3".
--- a/man/pcp1.1
+++ b/man/pcp1.1
@@ -1,4 +1,4 @@
-.\" Automatically generated by Pod::Man 2.25 (Pod::Simple 3.16)
+.\" Automatically generated by Pod::Man 2.27 (Pod::Simple 3.28)
 .\"
 .\" Standard preamble:
 .\" ========================================================================
@@ -38,6 +38,8 @@
 .    ds PI \(*p
 .    ds L" ``
 .    ds R" ''
 .    ds C`
 .    ds C'
 'br\}
 .\"
 .\" Escape single quotes in literal strings from groff's Unicode transform.
@@ -48,17 +50,24 @@
 .\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
 .\" entries marked with X<> in POD.  Of course, you'll have to process the
 .\" output yourself in some meaningful fashion.
-.ie \nF \{\
+.\"
 .\" Avoid warning from groff about undefined register 'F'.
 .de IX
 ..
 .nr rF 0
 .if \n(.g .if rF .nr rF 1
 .if (\n(rF:(\n(.g==0)) \{
 .    if \nF \{
 .        de IX
 .        tm Index:\\$1\t\\n%\t"\\$2"
 ..
 .        if !\nF==2 \{
 .            nr % 0
-.    rr F
+.            nr F 2
-.\}
+.        \}
-.el \{\
+.    \}
 .    de IX
 ..
 .\}
 .rr rF
 .\"
 .\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
 .\" Fear.  Run.  Save yourself.  No user-serviceable parts.
@@ -124,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "PCP1 1"
-.TH PCP1 1 "2015-07-17" "PCP 0.2.6" "USER CONTRIBUTED DOCUMENTATION"
+.TH PCP1 1 "2015-07-21" "PCP 0.3.0" "USER CONTRIBUTED DOCUMENTATION"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
@@ -184,7 +193,7 @@ Pretty Curved Privacy \- File encryption using eliptic curve cryptography.
 \&  \-a \-\-armor \-\-textmode     same as \-z
 \&  
 \&  Misc Options:
-\&  \-C \-\-checksum             calculate a Blake2 checksum of one or more files.
+\&  \-C \-\-checksum [<key>]     calculate a Blake2 checksum of one or more files.
 \&  
 \&  Arguments:
 \&  Extra arguments after options are treated as filenames or
@@ -323,9 +332,13 @@ Pretty Curved Privacy \- File encryption using eliptic curve cryptography.
 \&                           uses stdin/stdout
 \& 
 \& Misc Options:
-\& \-C \-\-checksum             Calculate a Blake2 checksum of one or more files.
+\& \-C \-\-checksum [<key>]     Calculate a Blake2b checksum of one or more files.
 \&                           If <key> is provided, an authenticated hash will
 \&                           be calculated, otherwise a normal hash. If you don\*(Aqt
 \&                           want to generate an authenticated hash, specify
 \&                           \-\- after \-C.
 \&                           Use \-I to specify one file or put multiple file
-\&                           names after \-C like "pcp1 \-C file1 file2 file3".
+\&                           names after \-C like "pcp1 \-C \-\- file1 file2 file3".
 .Ve
 .SH "DESCRIPTION"
 .IX Header "DESCRIPTION"
@@ -333,7 +346,7 @@ Pretty Curved Privacy \- File encryption using eliptic curve cryptography.
 be used to encrypt files. \fBpcp1\fR uses eliptc curve cryptography
 for encryption (\s-1CURVE25519\s0 by Dan J. Bernstein). While \s-1CURVE25519\s0
 is no worldwide accepted standard it hasn't been compromised by
-the \s-1NSA\s0 \- which might be better, depending on your point of view.
+the \s-1NSA \-\s0 which might be better, depending on your point of view.
 .PP
 \&\fBCaution\fR: since \s-1CURVE25519\s0 is no accepted standard, \fBpcp1\fR has
 to be considered as experimental software. In fact, I wrote it just
@@ -711,7 +724,7 @@ don't use it for anything remotely serious.
 \&\fBIn short: don \s-1NOT\s0 use this software for production purposes!\fR
 .SH "INTERNALS"
 .IX Header "INTERNALS"
-.SS "\s-1VAULT\s0 \s-1FORMAT\s0"
+.SS "\s-1VAULT FORMAT\s0"
 .IX Subsection "VAULT FORMAT"
 The vault file contains all public and secret keys. It's a portable
 binary file.
@@ -758,7 +771,7 @@ Type can be one of:
 .Ve
 .PP
 The key header is followed by the actual key, see below.
-.SS "\s-1SECRET\s0 \s-1KEY\s0 \s-1FORMAT\s0"
+.SS "\s-1SECRET KEY FORMAT\s0"
 .IX Subsection "SECRET KEY FORMAT"
 A secret key is a binary structure with the following format:
 .PP
@@ -827,7 +840,7 @@ are otherwise unrelated. If one of them leaks, the other
 cannot be recalculated from it.
 .PP
 Take a look at the function \fB\f(BIpcp_keypairs()\fB\fR for details.
-.SS "\s-1PUBLIC\s0 \s-1KEY\s0 \s-1EXPORT\s0 \s-1FORMAT\s0"
+.SS "\s-1PUBLIC KEY EXPORT FORMAT\s0"
 .IX Subsection "PUBLIC KEY EXPORT FORMAT"
 Exported public and secret keys will be written in a portable
 way. Pcp uses \s-1RFC4880\s0 export format for public keys with some
@@ -931,7 +944,7 @@ So, a full pubkey export looks like this
 \&    hash
 \&    signature
 .Ve
-.SS "\s-1SECRET\s0 \s-1KEY\s0 \s-1EXPORT\s0 \s-1FORMAT\s0"
+.SS "\s-1SECRET KEY EXPORT FORMAT\s0"
 .IX Subsection "SECRET KEY EXPORT FORMAT"
 Secret keys are exported in a proprietary format.
 .PP
@@ -963,7 +976,7 @@ to encrypt the data and looks after encryption as such:
 .Vb 1
 \&  Nonce | Cipher
 .Ve
-.SS "\s-1ENCRYPTED\s0 \s-1OUTPUT\s0 \s-1FORMAT\s0"
+.SS "\s-1ENCRYPTED OUTPUT FORMAT\s0"
 .IX Subsection "ENCRYPTED OUTPUT FORMAT"
 The encryption protocol used by \s-1PCP\s0 uses mostly standard
 libsodium facilities with the exception that \s-1PCP\s0 uses counter
@@ -1056,7 +1069,7 @@ of the sender.
 The encrypted output maybe Z85 encoded. In this case the Z85
 encoding will be done blockwise with blocks of 16k bytes. The
 decoded content inside will be as described above.
-.SS "\s-1SIGNATURE\s0 \s-1FORMAT\s0"
+.SS "\s-1SIGNATURE FORMAT\s0"
 .IX Subsection "SIGNATURE FORMAT"
 There are different signature formats. Standard binary \s-1NACL\s0
 signatures have the following format:
@@ -1108,15 +1121,15 @@ Armored signatures have the following format:
 .PP
 The Z85 encoded signature at the end contains the same signature
 contents as the binary signature outlined above (hash+sig).
-.SS "\s-1SIGNED\s0 \s-1ENCRYPTION\s0 \s-1FORMAT\s0"
+.SS "\s-1SIGNED ENCRYPTION FORMAT\s0"
 .IX Subsection "SIGNED ENCRYPTION FORMAT"
 Signed encrypted files are in binary form only. The first part is
-the standard encrypted file as described in \fB\s-1ENCRYPTED\s0 \s-1OUTPUT\s0 \s-1FORMAT\s0\fR
+the standard encrypted file as described in \fB\s-1ENCRYPTED OUTPUT FORMAT\s0\fR
-followed by the binary encrypted signature described in \fB\s-1SIGNATURE\s0 \s-1FORMAT\s0\fR
+followed by the binary encrypted signature described in \fB\s-1SIGNATURE FORMAT\s0\fR
 without the offset separator.
 .PP
 However, not only the hash of the file content will be signed but the
-recipient list described in \fB\s-1ENCRYPTED\s0 \s-1OUTPUT\s0 \s-1FORMAT\s0\fR as well. A
+recipient list described in \fB\s-1ENCRYPTED OUTPUT FORMAT\s0\fR as well. A
 valid recipient is therefore not able to re-encrypt the decrypted
 message, append the original signature and send it to other recipients.
 The signature would not match since the recipient list differs and
@@ -1156,7 +1169,7 @@ Before encryption the signature format is:
 \& +\-\-\-\-\-\-\-\-\-\-\-\-\-|\-\-\-\-\-\-\-\-|\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-+
 .Ve
 .PP
-where R is: C(recipient)|C(recipient)... (see \fB\s-1ENCRYPTED\s0 \s-1OUTPUT\s0 \s-1FORMAT\s0\fR).
+where R is: C(recipient)|C(recipient)... (see \fB\s-1ENCRYPTED OUTPUT FORMAT\s0\fR).
 .PP
 Pseudocode:
 .PP
@@ -1223,9 +1236,9 @@ pcp1 \-z \-I file \-O file.z85
 Reverse the process:
 .PP
 pcp1 \-Z \-I file.z85 \-O file
-.SS "\s-1PBP\s0 \s-1COMPATIBILITY\s0"
+.SS "\s-1PBP COMPATIBILITY\s0"
 .IX Subsection "PBP COMPATIBILITY"
-\&\s-1PCP\s0 tries to be fully compatible with \s-1PBP\s0 (https://github.com/stef/pbp). Encrypted
+\&\s-1PCP\s0 tries to be fully compatible with \s-1PBP \s0(https://github.com/stef/pbp). Encrypted
 files and signatures \- at least their binary versions \- should be exchangable. However,
 this is a work in progress and might not work under all circumstances. Also there's currently
 no shared key format between pbp and pcp. However, it is possible to export and
@@ -1249,8 +1262,8 @@ functions:
 .PD
 .PP
 \&\s-1JSON\s0 support can be used either with the commandline tool \fBpcp1\fR or programmatically
-using the C, \*(C+ or Python \s-1API\s0.
+using the C, \*(C+ or Python \s-1API.\s0
-.SS "\s-1USING\s0 \s-1JSON\s0 \s-1FROM\s0 \s-1THE\s0 C \s-1API\s0"
+.SS "\s-1USING JSON FROM THE C API\s0"
 .IX Subsection "USING JSON FROM THE C API"
 In order to use \s-1JSON\s0 all you've got to do is to switch a context flag:
 .PP
@@ -1260,9 +1273,9 @@ In order to use \s-1JSON\s0 all you've got to do is to switch a context flag:
 .Ve
 .PP
 That all to it. Now any function normally used for key import and export works
-with \s-1JSON\s0, just fill the \fBBuffer\fR object with a \s-1JSON\s0 string for imports or
+with \s-1JSON,\s0 just fill the \fBBuffer\fR object with a \s-1JSON\s0 string for imports or
 fetch the Buffer content of an export function as a string.
-.SS "\s-1USING\s0 \s-1JSON\s0 \s-1FROM\s0 \s-1THE\s0 \s-1COMMANDLINE\s0"
+.SS "\s-1USING JSON FROM THE COMMANDLINE\s0"
 .IX Subsection "USING JSON FROM THE COMMANDLINE"
 In order to use \s-1JSON\s0 on the commandline, add \fB\-j\fR. This can be used in
 conjunction with the following options:
@@ -1280,9 +1293,9 @@ Public and secret key import.
 Text view mode (aka inspect mode).
 .PP
 The \fB\-z\fR and \fB\-Z\fR options are ignored in \s-1JSON\s0 mode.
-.SS "\s-1JSON\s0 \s-1OBJECT\s0 \s-1STRUCTURE\s0"
+.SS "\s-1JSON OBJECT STRUCTURE\s0"
 .IX Subsection "JSON OBJECT STRUCTURE"
-\fI\s-1JSON\s0 \s-1PUBLIC\s0 \s-1KEY\s0 (pcp1 \-p \-j)\fR
+\fI\s-1JSON PUBLIC KEY \s0(pcp1 \-p \-j)\fR
 .IX Subsection "JSON PUBLIC KEY (pcp1 -p -j)"
 .PP
 The \s-1JSON\s0 object for a public key looks like this:
@@ -1311,7 +1324,7 @@ Fields containing byte arrays are hex encoded.
 .PP
 Numbers are represented as literal integers.
 .PP
-\fI\s-1JSON\s0 \s-1SECRET\s0 \s-1KEY\s0 (pcp1 \-s \-j)\fR
+\fI\s-1JSON SECRET KEY \s0(pcp1 \-s \-j)\fR
 .IX Subsection "JSON SECRET KEY (pcp1 -s -j)"
 .PP
 The \s-1JSON\s0 object for a public key looks like this:
@@ -1342,7 +1355,7 @@ secret key material. Pcp does not support exporting a secret key unencrypted.
 The \fBnonce\fR is required for a later import and shall not be changed or
 decoupled from \fBsecrets\fR. This may change in the future.
 .PP
-\fI\s-1JSON\s0 \s-1VAULT\s0 (pcp1 \-t)\fR
+\fI\s-1JSON VAULT \s0(pcp1 \-t)\fR
 .IX Subsection "JSON VAULT (pcp1 -t)"
 .PP
 The \s-1JSON\s0 object for the vault looks like this:
@@ -1361,7 +1374,7 @@ The \s-1JSON\s0 object for the vault looks like this:
 The field \fBkeys\fR is an array containing one or more of the already
 described key objects.
 .PP
-\fI\s-1JSON\s0 \s-1PROGRAM\s0 \s-1OUTPUT\s0\fR
+\fI\s-1JSON PROGRAM OUTPUT\s0\fR
 .IX Subsection "JSON PROGRAM OUTPUT"
 .PP
 Currently pcp does not support \s-1JSON\s0 program output, that is, success or
@@ -1410,7 +1423,7 @@ under the \fB\s-1GPL\s0\fR as well.
 \&\fIT.v.Dein <tom \s-1AT\s0 vondein \s-1DOT\s0 org\fR>
 .SH "LICENSE"
 .IX Header "LICENSE"
-Licensed under the  \s-1GNU\s0 \s-1GENERAL\s0 \s-1PUBLIC\s0 \s-1LICENSE\s0 version 3.
+Licensed under the  \s-1GNU GENERAL PUBLIC LICENSE\s0 version 3.
 .SH "HOME"
 .IX Header "HOME"
 The homepage of Pretty Curved Privacy can be found on
--- a/man/pcp1.html
+++ b/man/pcp1.html
--- a/man/pcp1.pod
+++ b/man/pcp1.pod
@@ -56,7 +56,7 @@ Pretty Curved Privacy - File encryption using eliptic curve cryptography.
  -a --armor --textmode     same as -z
  Misc Options:
-  -C --checksum             calculate a Blake2 checksum of one or more files.
+  -C --checksum [<key>]     calculate a Blake2 checksum of one or more files.
  Arguments:
  Extra arguments after options are treated as filenames or
@@ -195,9 +195,13 @@ Pretty Curved Privacy - File encryption using eliptic curve cryptography.
                           uses stdin/stdout
 Misc Options:
- -C --checksum             Calculate a Blake2 checksum of one or more files.
+ -C --checksum [<key>]     Calculate a Blake2b checksum of one or more files.
                           If <key> is provided, an authenticated hash will
                           be calculated, otherwise a normal hash. If you don't
                           want to generate an authenticated hash, specify
                           -- after -C.
                           Use -I to specify one file or put multiple file
-                           names after -C like "pcp1 -C file1 file2 file3".
+                           names after -C like "pcp1 -C -- file1 file2 file3".
--- a/src/encryption.c
+++ b/src/encryption.c
@@ -360,9 +360,19 @@ int pcpencrypt(char *id, char *infile, char *outfile, char *passwd, plist_t *rec
  return 1;
 }
-void pcpchecksum(char **files, int filenum) {
+void pcpchecksum(char **files, int filenum, char *key) {
  int i;
  byte *checksum = ucmalloc(crypto_generichash_BYTES_MAX);
  byte *keyhash = NULL;
  size_t hashlen = 0;
  if(key != NULL) {
    keyhash = ucmalloc(crypto_generichash_BYTES);
    crypto_generichash(keyhash, crypto_generichash_BYTES,
 		       (byte *)key, strlen(key),
 		       NULL, crypto_generichash_BYTES);
    hashlen = crypto_generichash_BYTES;
  }
  for(i=0; i<filenum; i++) {
    FILE *in;
@@ -377,9 +387,9 @@ void pcpchecksum(char **files, int filenum) {
      }
    }
    Pcpstream *pin = ps_new_file(in);
-    if(pcp_checksum(ptx, pin, checksum) > 0) {
+    if(pcp_checksum(ptx, pin, checksum, keyhash, hashlen) > 0) {
      char *hex = _bin2hex(checksum, crypto_generichash_BYTES_MAX);
-      fprintf(stdout, "BLAKE2 (%s) = %s\n", files[i], hex);
+      fprintf(stdout, "BLAKE2b (%s) = %s\n", files[i], hex);
      free(hex);
    }
    else
@@ -387,4 +397,7 @@ void pcpchecksum(char **files, int filenum) {
  }
  free(checksum);
  if(keyhash != NULL)
    free(keyhash);
 }
--- a/src/encryption.h
+++ b/src/encryption.h
@@ -40,6 +40,6 @@
 int pcpdecrypt(char *id, int useid, char *infile, char *outfile, char *passwd, int verify);
 int pcpencrypt(char *id, char *infile, char *outfile, char *passwd, plist_t *recipient, int signcrypt, int armor, int anon);
-void pcpchecksum(char **files, int filenum);
+void pcpchecksum(char **files, int filenum, char *key);
 #endif /*  _HAVE_ENCRYPTION_H */
--- a/src/pcp.c
+++ b/src/pcp.c
@@ -114,7 +114,7 @@ int main (int argc, char **argv)  {
    { "decrypt",         no_argument,       NULL,           'd' },
    { "anonymous",       no_argument,       NULL,           'A' },
    { "add-myself",      no_argument,       NULL,           'M' },
-    { "checksum",        no_argument,       NULL,           'C' },
+    { "checksum",        optional_argument, NULL,           'C' },
    /*  encoding */
    { "z85-encode",      no_argument,       NULL,           'z' },
@@ -136,7 +136,7 @@ int main (int argc, char **argv)  {
    { NULL,              0,                 NULL,            0 }
  };
-  while ((opt = getopt_long(argc, argv, "klLV:vdehsO:i:I:pSPRtEx:DzaZr:gcmf:b1F:0KAMX:jC",
+  while ((opt = getopt_long(argc, argv, "klLV:vdehsO:i:I:pSPRtEx:DzaZr:gcmf:b1F:0KAMX:jC:",
 			    longopts, NULL)) != -1) {
    switch (opt)  {
@@ -233,6 +233,10 @@ int main (int argc, char **argv)  {
 	break;
      case 'C':
 	mode += PCP_MODE_CHECKSUM;
 	if(strlen(optarg) > 0 && strncmp(optarg, "--", 3) > 0) {
 	  xpass = smalloc(strlen(optarg)+1);
 	  strncpy(xpass, optarg, strlen(optarg)+1);
 	}
 	break;	
      case 'f':
 	sigfile = ucmalloc(strlen(optarg)+1);
@@ -612,16 +616,16 @@ int main (int argc, char **argv)  {
 	if(argc == 0) {
 	  char *list[1];
 	  list[0] = NULL;
-	  pcpchecksum(list, 1);
+	  pcpchecksum(list, 1, xpass);
 	}
 	else {
-	  pcpchecksum(argv, argc);
+	  pcpchecksum(argv, argc, xpass);
 	}
      }
      else {
 	char *list[1];
 	list[0] = infile;
-	pcpchecksum(list, 1);
+	pcpchecksum(list, 1, xpass);
      }
      break;
--- a/src/usage.h
+++ b/src/usage.h
@@ -51,7 +51,7 @@
 "-a --armor --textmode     same as -z\n" \
 "\n" \
 "Misc Options:\n" \
-"-C --checksum             calculate a Blake2 checksum of one or more files.\n" \
+"-C --checksum [<key>]     calculate a Blake2 checksum of one or more files.\n" \
 "\n" \
 "Arguments:\n" \
 "Extra arguments after options are treated as filenames or\n" \
--- a/src/usage.txt
+++ b/src/usage.txt
@@ -49,7 +49,7 @@ Encoding Options:
 -a --armor --textmode     same as -z
 Misc Options:
-C --checksum             calculate a Blake2 checksum of one or more files.
+-C --checksum [<key>]     calculate a Blake2 checksum of one or more files.
 Arguments:
 Extra arguments after options are treated as filenames or
--- a/tests/unittests.cfg
+++ b/tests/unittests.cfg
@@ -574,16 +574,22 @@ temporarily disabled
 # checksum tests
 <test checksums>
  blake2     = 5baec1cad5bf54287028749d83f2bf3e3ed09f0ee38a233f35dbda1361c6a67fd824e17c86ee3a85181038eb44836c17c42e6beff17fdf997075417914056992
  blake2auth = 6d74340db1e77021861443d6cc0d1acedefed8c6d863789778ed800b99d32b6c96b782d087209ea180e983af51bd649064eff58ef0826c8996ae8017c35082b3
  key        = 9U3Dk2s
  <test check-checksum-copying>
-    cmd = $pcp -C ../COPYING
+    cmd = $pcp -C -- ../COPYING
    expect = /$blake2/
  </test>
  <test check-checksum-authenticated-copying>
    cmd = $pcp -C $key ../COPYING
    expect = /$blake2auth/
  </test>
  <test check-checksum-copying-stdin>
-    cmd = $pcp -C < ../COPYING
+    cmd = $pcp -C -- < ../COPYING
    expect = /$blake2/
  </test>
  <test check-checksum-multiple>
-    cmd = $pcp -C ../COPYING ../README
+    cmd = $pcp -C -- ../COPYING ../README
    expect = /README/
  </test>
 </test>