From 60ee58b106829ac400016f9bf490ef891c6486e1 Mon Sep 17 00:00:00 2001
From: "git@daemon.de" <git@daemon.de>
Date: Fri, 8 Nov 2013 12:50:04 +0100
Subject: [PATCH] changed key format, now includes the ed25519 pubkey for
 signing.

---
 ChangeLog             | 25 ++++++++++++++++++++
 VERSION               |  2 +-
 include/pcp/defines.h |  4 ++--
 include/pcp/key.h     |  2 ++
 include/pcp/version.h |  2 +-
 libpcp/ed.c           |  9 ++++++--
 libpcp/key.c          | 14 +++++++++++
 man/pcp1.1            | 13 ++++++++++-
 man/pcp1.pod          | 11 +++++++++
 src/keyprint.c        | 14 +++++++++--
 src/keyprint.h        |  1 +
 src/pcp.c             |  2 +-
 src/signature.c       |  8 ++++---
 src/signature.h       |  2 +-
 src/usage.h           | 11 +++++++++
 src/usage.txt         | 11 +++++++++
 tests/bart.pub        | 48 +++++++++++++++++++-------------------
 tests/gentestkeys.sh  | 28 ++++++++++++++++++++++
 tests/key-alicia-pub  | 52 ++++++++++++++++++++---------------------
 tests/key-alicia-sec  | 36 ++++++++++++++---------------
 tests/key-bobby-pub   | 54 +++++++++++++++++++++----------------------
 tests/key-bobby-sec   | 36 ++++++++++++++---------------
 tests/keys.cfg        |  6 +++++
 tests/unittests.cfg   | 25 ++++++++++++--------
 tests/unittests.pl    |  1 +
 25 files changed, 281 insertions(+), 136 deletions(-)
 create mode 100755 tests/gentestkeys.sh
 create mode 100644 tests/keys.cfg

diff --git a/ChangeLog b/ChangeLog
index a3fe0ec..708bdad 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,28 @@
+0.1.3   Added signature support using ED25519.
+
+	Key format has changed it now contains the ed25519
+	public key part as well, required for signing. Key
+	version is now 0x2 and vault version 0x2. There's
+	no backwards compatibility, since this is still beta.
+
+	Re-organized header files.
+
+	Added support for self encryption using the users
+	own key pair for encryption and decryption.
+
+	Backport of issue https://github.com/zeromq/zeromq4-x/issues/29
+
+	Fixed key export, now uses big endianess as well.
+
+	Updated POD documentation.
+
+	Fixed a couple of minor bugs which lead to crashes.
+
+	Options -r and -R exchanged: -R = remove key, -r =
+	recipient.
+
+	Added support for derived keys (using -r).
+
 0.1.2   Fixed bug in pcp_derivekey() which derives encryption
 	keys. it generated collisions due coding error, e.g.
 	passphase 'a' resulted in the same encryptionkey as
diff --git a/VERSION b/VERSION
index d917d3e..b1e80bb 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-0.1.2
+0.1.3
diff --git a/include/pcp/defines.h b/include/pcp/defines.h
index 0be0fa3..bbf9699 100644
--- a/include/pcp/defines.h
+++ b/include/pcp/defines.h
@@ -45,7 +45,7 @@ typedef unsigned int    qbyte;          //  Quad byte = 32 bits
 
 #define PCP_ME "Pretty Curved Privacy"
 
-#define PCP_KEY_VERSION 0x00000001U
+#define PCP_KEY_VERSION 0x00000002U
 #define PCP_KEY_PRIMITIVE "CURVE25519-ED25519-SALSA20-POLY1305"
 
 #define PCP_KEY_TYPE_MAINSECRET 0x01
@@ -60,7 +60,7 @@ typedef unsigned int    qbyte;          //  Quad byte = 32 bits
 
 // vault id
 #define PCP_VAULT_ID 0xC4
-#define PCP_VAULT_VERSION 0x01
+#define PCP_VAULT_VERSION 0x02
 
 // sigs
 #define PCP_SIG_VERSION 0x01
diff --git a/include/pcp/key.h b/include/pcp/key.h
index b4a091f..75068ee 100644
--- a/include/pcp/key.h
+++ b/include/pcp/key.h
@@ -79,6 +79,7 @@ extern "C" {
 struct _pcp_key_t {
   byte public[32];
   byte secret[32];
+  byte edpub[32];
   byte nonce[24];
   byte encrypted[48];
   char owner[255];
@@ -93,6 +94,7 @@ struct _pcp_key_t {
 
 struct _pcp_pubkey_t {
   byte public[32];
+  byte edpub[32];
   char owner[255];
   char mail[255];
   char id[17];
diff --git a/include/pcp/version.h b/include/pcp/version.h
index d79deca..8454671 100644
--- a/include/pcp/version.h
+++ b/include/pcp/version.h
@@ -25,7 +25,7 @@
 
 #define PCP_VERSION_MAJOR 0
 #define PCP_VERSION_MINOR 1
-#define PCP_VERSION_PATCH 2
+#define PCP_VERSION_PATCH 3
 
 #define PCP_MAKE_VERSION(major, minor, patch) \
     ((major) * 10000 + (minor) * 100 + (patch))
diff --git a/libpcp/ed.c b/libpcp/ed.c
index 6d6f320..f45ecad 100644
--- a/libpcp/ed.c
+++ b/libpcp/ed.c
@@ -27,7 +27,7 @@ int pcp_ed_verify(unsigned char *input, size_t inputlen, pcp_sig_t *sig, pcp_pub
   unsigned char *check = ucmalloc(crypto_hash_sha256_BYTES); // from file
   size_t mlen = 0;
 
-  if(crypto_sign_open(hash, &mlen, sig->edsig, crypto_hash_sha256_BYTES + crypto_sign_BYTES, p->public) != 0) {
+  if(crypto_sign_open(hash, &mlen, sig->edsig, crypto_hash_sha256_BYTES + crypto_sign_BYTES, p->edpub) != 0) {
     fatal("Failed to open the signature using the public key 0x%s!\n", p->id);
     goto errve1;
   }
@@ -50,13 +50,18 @@ int pcp_ed_verify(unsigned char *input, size_t inputlen, pcp_sig_t *sig, pcp_pub
 }
 
 pcp_sig_t *pcp_ed_sign(unsigned char *message, size_t messagesize, pcp_key_t *s) {
+  byte edpub[32] = { 0 };
+  byte edsec[64] = { 0 };
+
+  crypto_sign_seed_keypair(edpub, edsec, s->secret);
+
   unsigned char *hash = ucmalloc(crypto_hash_sha256_BYTES);
   size_t slen = crypto_hash_sha256_BYTES + crypto_sign_BYTES;
   unsigned char *signature = ucmalloc(slen);
 
   crypto_hash_sha256(hash, message, messagesize);
 
-  crypto_sign(signature, &slen, hash, crypto_hash_sha256_BYTES, s->secret);
+  crypto_sign(signature, &slen, hash, crypto_hash_sha256_BYTES, edsec);
 
   pcp_sig_t *sig = pcp_ed_newsig(signature, s->id);
 
diff --git a/libpcp/key.c b/libpcp/key.c
index 2f4cf61..d174148 100644
--- a/libpcp/key.c
+++ b/libpcp/key.c
@@ -69,6 +69,9 @@ char *pcp_getkeyid(pcp_key_t *k) {
 pcp_key_t * pcpkey_new () {
   byte public[32] = { 0 };
   byte secret[32] = { 0 };
+  byte edpub[32] = { 0 };
+  byte edsec[64] = { 0 };
+
 
   // generate curve 25519 keypair
   if(crypto_box_keypair (public, secret) != 0) {
@@ -76,11 +79,15 @@ pcp_key_t * pcpkey_new () {
     return NULL;
   }
 
+  // generate ed25519 keypair from box secret
+  crypto_sign_seed_keypair(edpub, edsec, secret);
+
   // fill in our struct
   pcp_key_t *key = urmalloc(sizeof(pcp_key_t));
   memcpy (key->public, public, 32);
   memcpy (key->secret, secret, 32);
   memcpy (key->id, pcp_getkeyid(key), 17);
+  memcpy (key->edpub, edpub, 32);
   
   key->ctime = (long)time(0);
 
@@ -154,6 +161,7 @@ pcp_pubkey_t *pcpkey_pub_from_secret(pcp_key_t *key) {
   //pcp_dumpkey(key);
   pcp_pubkey_t *pub = urmalloc(sizeof (pcp_pubkey_t));
   memcpy(pub->public, key->public, 32);
+  memcpy(pub->edpub, key->edpub, 32);
   memcpy(pub->owner, key->owner, 255);
   memcpy(pub->mail, key->mail, 255);
   memcpy(pub->id, key->id, 17);
@@ -254,6 +262,8 @@ pcp_pubkey_t *pubkey2native(pcp_pubkey_t *k) {
 }
 
 pcp_key_t *pcp_derive_pcpkey (pcp_key_t *ours, char *theirs) {
+  byte edpub[32] = { 0 };
+  byte edsec[64] = { 0 };
   size_t thlen = strnlen(theirs, 255);
   size_t inlen = 32 + thlen;
   unsigned char *both = ucmalloc(inlen);
@@ -288,9 +298,13 @@ pcp_key_t *pcp_derive_pcpkey (pcp_key_t *ours, char *theirs) {
   // calculate pub from secret
   crypto_scalarmult_curve25519_base(tmp->public, tmp->secret); 
 
+  // generate ed25519 keypair from box secret
+  crypto_sign_seed_keypair(edpub, edsec, tmp->secret);
+
   memcpy(tmp->owner, ours->owner, 255);
   memcpy(tmp->mail, ours->mail, 255);
   memcpy(tmp->id, pcp_getkeyid(tmp), 17);
+  memcpy(tmp->edpub, edpub, 32);
 
   memset(both, 0, inlen);
   memset(xor, 0, crypto_secretbox_KEYBYTES);
diff --git a/man/pcp1.1 b/man/pcp1.1
index 5b51a22..c0126a1 100644
--- a/man/pcp1.1
+++ b/man/pcp1.1
@@ -124,7 +124,7 @@
 .\" ========================================================================
 .\"
 .IX Title "PCP1 1"
-.TH PCP1 1 "2013-11-08" "PCP 0.1.2" "USER CONTRIBUTED DOCUMENTATION"
+.TH PCP1 1 "2013-11-08" "PCP 0.1.3" "USER CONTRIBUTED DOCUMENTATION"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
@@ -199,6 +199,17 @@ Pretty Curved Privacy \- File encryption using eliptic curve cryptography.
 \&                            one will be used. Otherwise you\*(Aqll have
 \&                            to specify the keyid (\-i) of the key.
 \&  
+\&  Signature Options:
+\&  \-g \-\-sign                 Create a signature of file specified with
+\&                            \-I (or from stdin) using your primary
+\&                            secret key. If \-r has been given, a derived
+\&                            secret key will be used for signing.
+\&  
+\&  \-c \-\-check\-signature <file> Verify a signature in file <file> against
+\&                            the file specified with \-I (or stdin).
+\&                            The public key required for this must
+\&                            exist in your vault file.
+\&  
 \&  Encoding Options:
 \&  \-z \-\-z85\-encode           Encode something to Z85 encoding. Use
 \&                            \-I and \-O respectively, otherwise it
diff --git a/man/pcp1.pod b/man/pcp1.pod
index 0df3772..b358011 100644
--- a/man/pcp1.pod
+++ b/man/pcp1.pod
@@ -71,6 +71,17 @@ Pretty Curved Privacy - File encryption using eliptic curve cryptography.
                             one will be used. Otherwise you'll have
                             to specify the keyid (-i) of the key.
   
+  Signature Options:
+  -g --sign                 Create a signature of file specified with
+                            -I (or from stdin) using your primary
+                            secret key. If -r has been given, a derived
+                            secret key will be used for signing.
+  
+  -c --check-signature <file> Verify a signature in file <file> against
+                            the file specified with -I (or stdin).
+                            The public key required for this must
+                            exist in your vault file.
+  
   Encoding Options:
   -z --z85-encode           Encode something to Z85 encoding. Use
                             -I and -O respectively, otherwise it
diff --git a/src/keyprint.c b/src/keyprint.c
index 22bcddb..9db0baf 100644
--- a/src/keyprint.c
+++ b/src/keyprint.c
@@ -26,14 +26,16 @@
 void pcptext_key(char *keyid) {
   pcp_key_t *s = pcpkey_exists(keyid);
   if(s != NULL) {
+    if(debug)
+      pcp_dumpkey(s);
     pcpkey_print(s, stdout);
-    free(s);
   }
   else {
     pcp_pubkey_t *p = pcppubkey_exists(keyid);
     if(p != NULL) {
+      if(debug)
+	pcp_dumppubkey(p);
       pcppubkey_print(p, stdout);
-      free(p);
     }
     else {
       fatal("No key with id 0x%s found!\n", keyid);
@@ -191,6 +193,10 @@ void pcp_dumpkey(pcp_key_t *k) {
   for ( i = 0;i < 32;++i) printf("%02x",(unsigned int) k->secret[i]);
   printf("\n");
 
+  printf("    edpub: ");
+  for ( i = 0;i < 32;++i) printf("%02x",(unsigned int) k->edpub[i]);
+  printf("\n");
+
   printf("    nonce: ");
   for ( i = 0;i < 24;++i) printf("%02x",(unsigned int) k->nonce[i]);
   printf("\n");
@@ -222,6 +228,10 @@ void pcp_dumppubkey(pcp_pubkey_t *k) {
   for ( i = 0;i < 32;++i) printf("%02x",(unsigned int) k->public[i]);
   printf("\n");
 
+  printf("    edpub: ");
+  for ( i = 0;i < 32;++i) printf("%02x",(unsigned int) k->edpub[i]);
+  printf("\n");
+
   printf("    owner: %s\n", k->owner);
 
   printf("     mail: %s\n", k->mail);
diff --git a/src/keyprint.h b/src/keyprint.h
index fe0cb28..56aaefe 100644
--- a/src/keyprint.h
+++ b/src/keyprint.h
@@ -26,6 +26,7 @@
 #include "mem.h"
 #include "key.h"
 #include "vault.h"
+#include "pcp.h"
 
 void pcp_dumpkey(pcp_key_t *k);
 void pcp_dumppubkey(pcp_pubkey_t *k);
diff --git a/src/pcp.c b/src/pcp.c
index 27d6e39..6091be2 100644
--- a/src/pcp.c
+++ b/src/pcp.c
@@ -370,7 +370,7 @@ int main (int argc, char **argv)  {
 	break;	
 
       case PCP_MODE_SIGN:
-	pcpsign(infile, outfile, xpass);
+	pcpsign(infile, outfile, recipient, xpass);
 	break;
 
       case PCP_MODE_VERIFY:
diff --git a/src/signature.c b/src/signature.c
index 0485727..e13dc97 100644
--- a/src/signature.c
+++ b/src/signature.c
@@ -23,7 +23,7 @@
 #include "signature.h"
 #include "defines.h"
 
-int pcpsign(char *infile, char *outfile, char *passwd) {
+int pcpsign(char *infile, char *outfile, char *recipient, char *passwd) {
   FILE *in = NULL;
   FILE *out = NULL;
   pcp_key_t *secret = NULL;
@@ -33,6 +33,10 @@ int pcpsign(char *infile, char *outfile, char *passwd) {
     fatal("Could not find a secret key in vault %s!\n", vault->filename);
     goto errs1;
   }
+  
+  if(recipient != NULL) {
+    secret = pcp_derive_pcpkey(secret, recipient);
+  }
 
   if(infile == NULL)
     in = stdin;
@@ -205,7 +209,6 @@ int pcpverify(char *infile, char *sigfile) {
 
   free(decoded);
   free(encoded);
-  free(sig);
   free(input);
   return 0;
 
@@ -214,7 +217,6 @@ int pcpverify(char *infile, char *sigfile) {
 
  errv3:
   free(decoded);
-  free(sig);
 
  errv2:
   //  free(encoded); why???
diff --git a/src/signature.h b/src/signature.h
index cc6bf4a..5c4cefc 100644
--- a/src/signature.h
+++ b/src/signature.h
@@ -32,7 +32,7 @@
 #include "uthash.h"
 #include "z85.h"
 
-int pcpsign(char *infile, char *outfile, char *passwd);
+int pcpsign(char *infile, char *outfile, char *recipient, char *passwd);
 int pcpverify(char *infile, char *sigfile);
 
 
diff --git a/src/usage.h b/src/usage.h
index 8c610b1..29f428c 100644
--- a/src/usage.h
+++ b/src/usage.h
@@ -66,6 +66,17 @@
 "                          one will be used. Otherwise you'll have\n" \
 "                          to specify the keyid (-i) of the key.\n" \
 "\n" \
+"Signature Options:\n" \
+"-g --sign                 Create a signature of file specified with\n" \
+"                          -I (or from stdin) using your primary\n" \
+"                          secret key. If -r has been given, a derived\n" \
+"                          secret key will be used for signing.\n" \
+"\n" \
+"-c --check-signature <file> Verify a signature in file <file> against\n" \
+"                          the file specified with -I (or stdin).\n" \
+"                          The public key required for this must\n" \
+"                          exist in your vault file.\n" \
+"\n" \
 "Encoding Options:\n" \
 "-z --z85-encode           Encode something to Z85 encoding. Use\n" \
 "                          -I and -O respectively, otherwise it\n" \
diff --git a/src/usage.txt b/src/usage.txt
index cda1d3d..bf76055 100644
--- a/src/usage.txt
+++ b/src/usage.txt
@@ -64,6 +64,17 @@ Encryption Options:
                           one will be used. Otherwise you'll have
                           to specify the keyid (-i) of the key.
 
+Signature Options:
+-g --sign                 Create a signature of file specified with
+                          -I (or from stdin) using your primary
+                          secret key. If -r has been given, a derived
+                          secret key will be used for signing.
+
+-c --check-signature <file> Verify a signature in file <file> against
+                          the file specified with -I (or stdin).
+                          The public key required for this must
+                          exist in your vault file.
+
 Encoding Options:
 -z --z85-encode           Encode something to Z85 encoding. Use
                           -I and -O respectively, otherwise it
diff --git a/tests/bart.pub b/tests/bart.pub
index 4f88c97..ac7b32c 100644
--- a/tests/bart.pub
+++ b/tests/bart.pub
@@ -3,34 +3,34 @@
         Cipher: CURVE25519-ED25519-SALSA20-POLY1305
          Owner: Bart
           Mail: bart@local
-        Key-ID: 0xEA14904F02A39174
-    Public-Key: 1mGl04^7vzH8]/0L+sT^nct*Db9{9<Re[deDsG%]Ee<lE
- Creation Time: 2013-11-04T13:58:37
-      Checksum: BC:65:9A:2E:12:31:AE:2B:61:77:5A:A0:2A:A8:53:13
-                B7:C0:0C:A3:7F:C4:CF:82:88:E9:7A:68:E6:44:E8:AC
- Serial Number: 0x1A184AFF
-   Key Version: 0x00000001
+        Key-ID: 0x955C5AF3D4BABB18
+    Public-Key: 1k2a5(H12:G5bm[.R[Ca^8T[1N%P!9Sqo2M6XGa9wb(Pf
+ Creation Time: 2013-11-08T12:21:02
+      Checksum: 05:D9:A2:09:C1:E8:9F:79:ED:85:C2:45:E4:81:E2:C4
+                BA:91:B5:22:2A:6D:20:4A:F8:82:98:3A:F0:5E:B4:CA
+ Serial Number: 0xDDE1E3AD
+   Key Version: 0x00000002
  Random Art ID: +----------------+
                 |                |
                 |                |
                 |                |
-                |          o o . |
-                |        .o + o  |
-                |     .   .. o   |
-                |    .... ...    |
-                |     .o oo.     |
+                |       o        |
+                |      . o       |
+                |     . .        |
+                |    o.oo        |
+                |   o+B*.o       |
                 +----------------+
 
-1mGl04^7vzH8]/0L+sT^nct*Db9{9<Re[deDsG%]El}v.Bo7<SY!)0yf7LNv>M8$>Ybu<pa
-{wS#a:1C(JqgdN^)]]J>7I!4uuZL75%!FjJP<K&N1YA<!%X>5)VimU[&0GL:/rRr)sEb38i
-EG>fEN*.G6FaN-a=d7R)9V%oc*J#=D&qO.5u>)fTG(a9dOgYy&SDND:1?C:9]O{3CJXOSOS
-}]:rUXWA*Z4hkUd$sAxA.rCxLXVvXB#BZ{$4(?zhk=SjvKVc&sVbDpDBQUHydV[LuA)qW2e
-aZM8%IOfbAz!jZlj(uM2b.tKILO@J=vs4uA1[MKSM}Co^OSzn?IZn5eup-FiG<<PASY]F/A
--:D-evQTq0kX$vGvqC{X)P<:NnW(Mz*Jt!<RQftH-/E{^4T!gkBD#)kjb:a4ng8@<7!IDWp
-#2idY$3fWSTer6(bK4u>@BkhpGI*5+=AaFci)p]pN<.y:C23Hq5+HeE-@u3mA$&AhuowdSI
-oe+vc3DFlgjj(/DN)IuWhBK-:RmrYMO)[m1e8PPc!c<3yoj#A$[tIw@>$CFGX#z8lTt3UjP
-ekeONv@R!ZxG]suov=C[qT+BdUzYrn=SKebdQ}X93MtbBB4kV<EAv0pbgRv@R]-oNQer&X^
-7.]5EyQobHxAbgxNSXJJ}YdUwNmzX2%]]nR{ZA^[&k}$hRfF(lMgc)YRf/H]?4GDFe08!3e
-@qV/$0u8!E@@URXCBJ=YZR{TZ8r4iypJ79>Qf/MQKs0Fh-N/]YCA}B:SimA8We7O0Fcq>zi
-/umH!>1.$8jiah0cn73Qw$n]
+1k2a5(H12:G5bm[.R[Ca^8T[1N%P!9Sqo2M6XGa9wtpO9d/o}%adp*siueSCw4!g!8J-H*X
+1mqSnSCUyc{?u.Bo3EeyH$VMJnEI(Pe5-MYVA[r[CL>[s0MBTQR1(Z?-TFjMV4W%7]:n+bI
+^=Wb]NgZX995XE/oe@KICx!ujUrKk9zcOkq&yXkjYHo!x(<.zjH?x:B?qN?AgM[^acU5])f
+zz-A4s70B-awtpMnbd<SVs:bCyme#/5zq.Qf%U!e}x)Au[q+3?I0C3K#!G2*W22)OPm9[oW
+jF:.yuX8joMN<Gjj1=CvR4aN&%vt{2vaokZRPp#u+D%(3E01uc$EyMVAY?3Qx]^AbHeh3Bp
+D0$FoPCxg0{UM5=)2RA8ktEo#^acjG%163^fy0DT+YW/vvQTq0kX$vGvqC}^S.38x{RttX1
+U3]N3Z#&=HUSIG*gGm(zfRgEVS%95yujI<W*[NEXE6M3g{Ix[u/5}m8wjIwKwyW8)A>-PDI
+^PCvBA1ELu7PS(h:gK-$}cR3D8Ytox94?KlL{-yp?yhUI<8{s6+g8QC31hTp6M9W6wm}@O&
+t2OmQ3C@p{[sX%$c).&/u-YdN/wm+N*VM8VanKoonHUqD)$gBANhnzG&A*izju2&#qnS-3O
+^1>/(i=Yr:/p)a7GdIx.2YBi{yN-I3@0Y}oaR1B3+D/*e2f]mo6G]%&V&[0!)FrCw8xwp2r
+{mp&==Ue!dh8N-Uk$iT#g^TF{lnpC1iSGcW08!i^9SMfu0]q?}TPI$un%A4S5n{i%3TQ6C4
+%0Hqoxfb4.Gg^pK0P(DJVVV/6t?<1odt65J=(I:fw}UqFn1jB}hi@pvYr:%r@-j2
 ------ END PCP PUBLICKEY ------
diff --git a/tests/gentestkeys.sh b/tests/gentestkeys.sh
new file mode 100755
index 0000000..079d83e
--- /dev/null
+++ b/tests/gentestkeys.sh
@@ -0,0 +1,28 @@
+#!/bin/sh
+pcp="../src/pcp1 -V vxxx"
+
+(echo Alicia; echo alicia@local) | $pcp -k -x a
+(echo Bobby;  echo bobby@local)  | $pcp -k -x b
+(echo Bart;   echo bart@local)   | $pcp -k -x a
+
+
+ida=`$pcp -l | grep Alicia | awk '{print $1}'`
+idb=`$pcp -l | grep Bobby  | awk '{print $1}'`
+ids=`$pcp -l | grep Bart   | awk '{print $1}'`
+
+$pcp -p -O key-alicia-pub -i $ida
+$pcp -s -O key-alicia-sec -i $ida
+$pcp -p -O key-bobby-pub -i $idb
+$pcp -s -O key-bobby-sec -i $idb
+$pcp -p -O bart.pub -i $ids
+
+ser=`grep Serial bart.pub | awk '{print $3}'`
+
+echo "bartid = $ids
+bartserial = $ser
+idbobby  = $idb
+idalicia = $ida
+mailbobby = bobby@local
+mailalicia = alicia@local" > keys.cfg
+
+rm -f vxxx
diff --git a/tests/key-alicia-pub b/tests/key-alicia-pub
index 218eabe..1d494bd 100644
--- a/tests/key-alicia-pub
+++ b/tests/key-alicia-pub
@@ -3,34 +3,34 @@
         Cipher: CURVE25519-ED25519-SALSA20-POLY1305
          Owner: Alicia
           Mail: alicia@local
-        Key-ID: 0xC7062F147D8C4D91
-    Public-Key: 1njv6!EZrC2u6Ot@{G*xnXCgt9BpE4)Hf*Sq:):J761sm
- Creation Time: 2013-11-04T14:00:55
-      Checksum: 23:A1:2C:A3:C6:55:80:84:72:15:3D:01:F7:97:04:C0
-                70:6B:96:66:53:49:33:0B:BF:63:AB:18:DF:C8:F6:F2
- Serial Number: 0xD9C07D23
-   Key Version: 0x00000001
+        Key-ID: 0x244407F39FFA0333
+    Public-Key: 0$V[6<mc=m[dKuF8s9&RBd#W/(KA/%zRZr./5.1Ef-RgN
+ Creation Time: 2013-11-08T12:21:02
+      Checksum: 54:43:8B:3B:C3:65:21:9F:A5:EB:19:24:07:AB:D3:94
+                55:31:97:EC:0C:09:81:5C:C6:C9:EE:C4:A8:41:25:06
+ Serial Number: 0x0C8363E0
+   Key Version: 0x00000002
  Random Art ID: +----------------+
-                |      o.        |
-                |     . ..       |
                 |      ..        |
-                |       oo       |
-                |      . +o      |
-                |     o o...     |
-                |    . . ...     |
-                |         o.     |
+                |    . *.        |
+                |     +.B .      |
+                |      o.+ +     |
+                |        .o .    |
+                |                |
+                |                |
+                |                |
                 +----------------+
 
-1njv6!EZrC2u6Ot@{G*xnXCgt9BpE4)Hf*Sq:):J7c#+Jv}/uK-PEqtw%{]wnFot4U^$)43
-%%unPk$cD]2!]VX/@>iQ{PK+4r^K%rytsMcASJr4^DG^s1tsmS5s!rQUW/iXK#ooAs$N>Ez
-7G@c@ZG?&0jJi0{g7qg1ATTs8>N>4w:n}o)edBd/pBVYmPjrwOiJrF6m=:YPzYK*@5y=AV9
-D]2dAdLBoE+/taf6*}O/9{Z^&Q+h?OfaVF25{^LG&<Zf1FQvYKtPS<9RHhrdm{Ij%&5jy2$
->Sw^lKEliT{uT][/aC}A@O@(TIT%W8*3l6H{R3<9)[Qh9))#-O+C9@6Q^NfIsb0?2Mk)R/0
-3Yo7pvqGT/x<<nyz!0i(0nHL.Bq.USRQ)NZX0A0%MjjRNpE)>B:AF94rm5M1g4wuXI89gF@
-Xp#Je#A3$JglUr3Ayl}j$B=0yjuMSAGI1Gt1x:*S6V>Boy*pqQiqk1BPf+M4j)CQqRFthIh
-+=nuI^C=+.98BdSz8W45d}/sXpf=AStp8ZS$P1ct$XD}3jd!oq8s+&$yY*V@.Jd*8/[>X!4
-]d]3]OIu6rz0L-6EO/nf%C]#!bMF)):yu{}>db{csH9h/IGyJ1DSn?tkPB:A>%5sBuVqw$9
-b&Lb(lmtSx6]ewYpK$WjDx[s9bsRW!f}Zk&4W[>sqh.WcBmLM.Ul]WK<l]=$4rSAa108!3f
-Hx4qO0OLnpblF2Z:#gV?CCcm.SM]WOirb4?Ojt!-6YuYp+EkjsSqLreIAF@U4-qXOa3ZRO}
-(3g:g!gRI0:{<?lqMu]j]+M.
+0$V[6<mc=m[dKuF8s9&RBd#W/(KA/%zRZr./5.1Eg01WH@(Mc=uV-!$kxB/j+yM?O^EvfwN
+R@+wyWB3sJ6Rn]v}/uKwGw=UC5ymsefA3:oG}4RdJ^tzaZ4H=ZK(g&+=K4(y$}52S+AX6dC
+8KlJrjE!(=b*w=v63F{d?iz6zdzm)D>fC^ReqE.x^boltZnM&lG{$nzLg+<Q1%tV?n@V6h.
+/vl{cxH4m%bVcBD.QL8#kO4vRta(@lJV=!cYjc&rr/a@*ve4=:I5btckwNiyE<qv)OP6]L.
+{5Rigem^seRXp>j*9V6KOz!oMpTbZWvu+((u^kOw!r!op(7HzqmM1zdKJ=t5}unHbEB8.1X
+cqgBIm3u)<LpZQR)vU+(5=&+XIr4])mz3OQ/4)[jpHiB:vqGT/x<<nyz!0i(0f.*Ix2i<T5
+-Tm!<>V+dlI:yGMkn-oD30u299n<msI%q4PVdUu6+(!.*{S.(?*Gi:Yj?9S8m>sVFpg91.*
+IWdE>]^h[fvo@Xhva&MYwdct02wrdA[xJn6h]m<CZNDM9v0j=M3?3gqIbGqgEJCJg74NZ96
+<tP{A%eJ0)k@BFU98iPd639c$cF=Fphs5V^}q0e6omVTZS^@8CG{($#Un@m&g1+wj@E}[5S
+%/S=i4=pQ4[:^IxknCKUQC.>xlmxUiofNKt-osOtoE@*A3CF1z&VnAeu(7d7I>{R>Vu8YRE
+xP2X4au{F]g=d3yh+2O-mN/V$gCZ/!WeZgb08!i^9SMfu0T%Y>?#+!4q)TCm:w?gthgI#C*
+uAwuou4r<pq5sbrgrIcA*<FgGl!q&da4$6)EKB}RV[u-V9(W1^t(+*airR1i@/lX
 ------ END PCP PUBLICKEY ------
diff --git a/tests/key-alicia-sec b/tests/key-alicia-sec
index ba94340..b46beae 100644
--- a/tests/key-alicia-sec
+++ b/tests/key-alicia-sec
@@ -1,23 +1,23 @@
 ----- BEGIN PCP SECRET KEY -----
   Generated by: Pretty Curved Privacy Version 0.1.2
         Cipher: CURVE25519-ED25519-SALSA20-POLY1305
-        Key-ID: 0xC7062F147D8C4D91
- Creation Time: 2013-11-04T14:00:55
- Serial Number: 0xC29B2AD6
-   Key Version: 0x00000001
+        Key-ID: 0x244407F39FFA0333
+ Creation Time: 2013-11-08T12:21:02
+ Serial Number: 0xEA570081
+   Key Version: 0x00000002
 
-1njv6!EZrC2u6Ot@{G*xnXCgt9BpE4)Hf*Sq:):J767(6Rxa:$=uc[7^R%GlrP0pMX%A.J}
-Ynmqs]))PJP-Km6xk}aty?Y{d#uV&8lbTba$.!q}/7RD5d9Z?hfS&a0xXwVZ3+#VJn8L3wL
-=)mN5bGDmUFMxLQvg(bI2l7dX]*IVQ5zwv}/uK-PEqtw%{]wnFot4U^$)43%%unPk$cD]2!
-]VX/@>iQ{PK+4r^K%rytsMcASJr4^DG^s1tsmS5s!rQUW/iXK#ooAs$N>Ez7G@c@ZG?&0jJ
-i0{g7qg1ATTs8>N>4w:n}o)edBd/pBVYmPjrwOiJrF6m=:YPzYK*@5y=AV9D]2dAdLBoE+/
-taf6*}O/9{Z^&Q+h?OfaVF25{^LG&<Zf1FQvYKtPS<9RHhrdm{Ij%&5jy2$>Sw^lKEliT{u
-T][/aC}A@O@(TIT%W8*3l6H{R3<9)[Qh9))#-O+C9@6Q^NfIsb0?2Mk)R/03Yo7pvqGT/x<
-<nyz!0i(0nHL.Bq.USRQ)NZX0A0%MjjRNpE)>B:AF94rm5M1g4wuXI89gF@Xp#Je#A3$Jgl
-Ur3Ayl}j$B=0yjuMSAGI1Gt1x:*S6V>Boy*pqQiqk1BPf+M4j)CQqRFthIh+=nuI^C=+.98
-BdSz8W45d}/sXpf=AStp8ZS$P1ct$XD}3jd!oq8s+&$yY*V@.Jd*8/[>X!4]d]3]OIu6rz0
-L-6EO/nf%C]#!bMF)):yu{}>db{csH9h/IGyJ1DSn?tkPB:A>%5sBuVqw$9b&Lb(lmtSx6]
-ewYpK$WjDx[s9bsRW!f}Zk&4W[>sqh.WcBmLM.Ul]WK<l]=$4lJv8^08!3fHx4qO0M7rQ!=
-zF+c{QV-1vaUi0seV90000000000005(^0seV9000000000000000000000evsu0seV901Y
-bg0mMLn:P8qv
+0$V[6<mc=m[dKuF8s9&RBd#W/(KA/%zRZr./5.1Ef-RtSg<)<u{yX%$(#Iz7))^<5LO]Sb6
+XCL*}b>1ZYVtAc@(Mc=uV-!$kxB/j+yM?O^EvfwNR@+wyWB3sJ7{fO:/gev+?A}#&BPP7g7
+$M^k-6FzEB?CxJLzJ)lRZZ.L[]-@R2N/(&wr6^z9kK4+6?514qYhJPt)xx>29<eKnCm?x*D
+MHv}/uKwGw=UC5ymsefA3:oG}4RdJ^tzaZ4H=ZK(g&+=K4(y$}52S+AX6dC8KlJrjE!(=b*
+w=v63F{d?iz6zdzm)D>fC^ReqE.x^boltZnM&lG{$nzLg+<Q1%tV?n@V6h./vl{cxH4m%bV
+cBD.QL8#kO4vRta(@lJV=!cYjc&rr/a@*ve4=:I5btckwNiyE<qv)OP6]L.{5Rigem^seRX
+p>j*9V6KOz!oMpTbZWvu+((u^kOw!r!op(7HzqmM1zdKJ=t5}unHbEB8.1XcqgBIm3u)<Lp
+ZQR)vU+(5=&+XIr4])mz3OQ/4)[jpHiB:vqGT/x<<nyz!0i(0f.*Ix2i<T5-Tm!<>V+dlI:
+yGMkn-oD30u299n<msI%q4PVdUu6+(!.*{S.(?*Gi:Yj?9S8m>sVFpg91.*IWdE>]^h[fvo
+@Xhva&MYwdct02wrdA[xJn6h]m<CZNDM9v0j=M3?3gqIbGqgEJCJg74NZ96<tP{A%eJ0)k@
+BFU98iPd639c$cF=Fphs5V^}q0e6omVTZS^@8CG{($#Un@m&g1+wj@E}[5S%/S=i4=pQ4[:
+^IxknCKUQC.>xlmxUiofNKt-osOtoE@*A3CF1z&VnAeu(7d7I>{R>Vu8YRExP2X4au{F]g=
+d3yh+2O-mN/V$gCZ/!=hW?A08!i^9SMfu0{S?!FDr3I==W2=NlYWl0seV90000000000004
+xD0seV9000000000000000000000h+5x0seV901Ybg0gJN5^/ovF
 ------ END PCP SECRET KEY ------
diff --git a/tests/key-bobby-pub b/tests/key-bobby-pub
index 615c329..217f7fa 100644
--- a/tests/key-bobby-pub
+++ b/tests/key-bobby-pub
@@ -3,34 +3,34 @@
         Cipher: CURVE25519-ED25519-SALSA20-POLY1305
          Owner: Bobby
           Mail: bobby@local
-        Key-ID: 0x9BBC8CFD7B519006
-    Public-Key: 1bWN>*CM00/#EgxhxEeJDuYRht*=}Zz5pR%XOsZHy5!kl
- Creation Time: 2013-11-04T14:01:05
-      Checksum: AD:FD:96:AA:35:98:79:90:55:33:99:1F:6D:31:24:09
-                6E:E3:77:63:C9:29:DA:69:C1:8E:BE:5D:09:74:A8:13
- Serial Number: 0xE11E885A
-   Key Version: 0x00000001
+        Key-ID: 0x26C77B2A1548F4AB
+    Public-Key: 1o5q3y.SNnO!odQ<U>Y^yOu:0>lJIWQ@*rFJ*QQuwDhYg
+ Creation Time: 2013-11-08T12:21:02
+      Checksum: D0:21:AA:87:7E:24:F5:A6:8F:FC:2A:21:14:04:57:99
+                30:D9:BD:35:D4:AF:F4:20:50:7D:72:DB:6D:6B:6F:21
+ Serial Number: 0xB4410F61
+   Key Version: 0x00000002
  Random Art ID: +----------------+
-                |                |
-                |                |
-                |     o          |
-                |    + . o       |
-                |   + o o..      |
-                |  o o.o.        |
-                |   o...         |
-                |   .o           |
+                |    .           |
+                |   . .          |
+                | .. .           |
+                |o..  ..         |
+                |.o  .  o.       |
+                |   .  ...       |
+                |   ...  ..      |
+                |   .o    ..     |
                 +----------------+
 
-1bWN>*CM00/#EgxhxEeJDuYRht*=}Zz5pR%XOsZHyc(&FvTd%jsaN@2uJtG&D<AQunLUNFH
-r)p)F#/19.PZd5Q2=}7WZWMMVKA9Qo@?5kMbBl2iqOE)b(E0?[9}E)v%<VA7<fOTf$TtPS>
-(VK5-W.4E+qp]K}^A&2+kFOeIzgR+N}3::iP(c:bPgc6qHX@NK9IGb-RP(V1Z8h@LY%wuf=
-@mTe^x3*NHtkzn):5F6}9/)}D5iqn3%4TC343M&ov1qvIg7?Dzv?)wU^mJ&8bicJqul46Qd
-zFAPV9XB:bt4<F]sKYKyz[s9hxB{n7n151!Ixm1X9qRL$&3$v6aFL!NRf[w7@CM%DX?ft=d
-P9pSHvSbZ+C%Dg:v{%fNOI=0g:$]8eM:2KitQIeK9oMtHG3#V0+e:(L1OG1$U0(Iv5z5%:f
-!YOH9Q3t!7jSq9r0C1ToZuE*o@s{>VfZ7G!i%UYnq-/KKtKWuO%&(e4ZeMv^@sJ&yk2&U^I
-MgvKvjy?Zn%pAB3u?Ur(X=u[A(Y4g!-as+*@Lhwn%l^3KO@<tQq.gnBUaYABy8VAM{@3G:/
-[v}rAzXK(s*O=Wx6Yc..{(VX!7>H1K^O<e9?Yd[R?9wL^c(F)cPCTxjNYD!j0.}TETb)gH=
-$t-n)dlz&XSL18d09}B^(6^647WRq<HuAu-xny:N$lpa40lQ<E5lnZFTfFCx+2lj-708!3f
-KPkvY0Pt8Qs{7Coh76J4=x1szUjJ3@noLp5D#TxEAD+H%!Stur)mJuLA%51nrngw/HPYA[C
-}GyOb5G&#?Ov!{>-)uw(I{[+
+1o5q3y.SNnO!odQ<U>Y^yOu:0>lJIWQ@*rFJ*QQuw-NU)7*y@CnN%qTNwEsQ8UI0JFzL5N]
+:[U5Ya%?E3QO=vvTd$h22]DXl8f6>aEy/#}]4:xH{$1bZv[7@dMPmEr^w$rCwm+{WwmPlHp
+y!/SI&//[fhw%2scogf$RsnHNm6*-XlZpR1vg8XIm<mamGE{YfPuSiz}Yyq0UzBRq!JdD%G
+kf<)!6xraTlRYybc!l=lIcsYY3C==2<{X2BWGy]NlOi@4DIR8m(/-w*//nS>RSkaTz(DYg7
+oG8QKemj%)6k[ic:U8QD]y?CND}xFUzGZ=>8}hBJl4@>^r?^AY#t[5Qn9g##I{XpbF5C2h[
+pD$R!=wRs>:JLbed^]$FOZ>N40Awpyu.#%h:sug:@Y(2CvSbZ+C%Dg:v{%fNE?/hR3GG0J*
+7cO=UnJR[J18xFS5}AI/GCjw-9mQ)GJFCotP4.!5qxn810i]1i&9WQw#[9]tgB{kuzKIorx
+^[xc2zU>X)I&s/tYoEplQ0FJre*M.p![>HZ>YF3CfJ(Prp8m+IQIeJTs(?JI&7@F}c*#61b
+12v!ysq}6L-?26>zTbVb@OZG^oXfM&m8dAdl}Qk^i<I5V9VziPt#87PD*twr+W.{8?9^CuM
+NZy7H69@rulO]&EKqlOgP7?CzGt{h^L)j1L)2UV[5FM$DealB>]nxtvW!p(@rZY)M#uXcf8
+)]C-BF3eM4hBxzZlny?Yh8EoZg^KCdKPkvY08!i^9SMfu0<>l7vfo-E^5H8:rEPW}IWMM)n
+9O]:9.h#9eg#3N+Nwg=(FZ!o&vjwh*@-/k:pP+l3Gn(Gar.6q(jT9C=nq*9Ee<lE
 ------ END PCP PUBLICKEY ------
diff --git a/tests/key-bobby-sec b/tests/key-bobby-sec
index 532d528..c967ede 100644
--- a/tests/key-bobby-sec
+++ b/tests/key-bobby-sec
@@ -1,23 +1,23 @@
 ----- BEGIN PCP SECRET KEY -----
   Generated by: Pretty Curved Privacy Version 0.1.2
         Cipher: CURVE25519-ED25519-SALSA20-POLY1305
-        Key-ID: 0x9BBC8CFD7B519006
- Creation Time: 2013-11-04T14:01:05
- Serial Number: 0x546425D2
-   Key Version: 0x00000001
+        Key-ID: 0x26C77B2A1548F4AB
+ Creation Time: 2013-11-08T12:21:02
+ Serial Number: 0x048CC072
+   Key Version: 0x00000002
 
-1bWN>*CM00/#EgxhxEeJDuYRht*=}Zz5pR%XOsZHy5*J]Urv[i[fHQp/-tjXqD=}e@XCf1>
-Q1s1as!yn!$T?Qz[?d-tX:DK0&:bOZa?9KOtmcY0J9@!n6MOac8i0I3!}83l4+wWuS)??on
-/r<eV[}3O$64hON:SNEvH$w7R-O{]fNw8vTd%jsaN@2uJtG&D<AQunLUNFHr)p)F#/19.PZ
-d5Q2=}7WZWMMVKA9Qo@?5kMbBl2iqOE)b(E0?[9}E)v%<VA7<fOTf$TtPS>(VK5-W.4E+qp
-]K}^A&2+kFOeIzgR+N}3::iP(c:bPgc6qHX@NK9IGb-RP(V1Z8h@LY%wuf=@mTe^x3*NHtk
-zn):5F6}9/)}D5iqn3%4TC343M&ov1qvIg7?Dzv?)wU^mJ&8bicJqul46QdzFAPV9XB:bt4
-<F]sKYKyz[s9hxB{n7n151!Ixm1X9qRL$&3$v6aFL!NRf[w7@CM%DX?ft=dP9pSHvSbZ+C%
-Dg:v{%fNOI=0g:$]8eM:2KitQIeK9oMtHG3#V0+e:(L1OG1$U0(Iv5z5%:f!YOH9Q3t!7jS
-q9r0C1ToZuE*o@s{>VfZ7G!i%UYnq-/KKtKWuO%&(e4ZeMv^@sJ&yk2&U^IMgvKvjy?Zn%p
-AB3u?Ur(X=u[A(Y4g!-as+*@Lhwn%l^3KO@<tQq.gnBUaYABy8VAM{@3G:/[v}rAzXK(s*O
-=Wx6Yc..{(VX!7>H1K^O<e9?Yd[R?9wL^c(F)cPCTxjNYD!j0.}TETb)gH=$t-n)dlz&XSL
-18d09}B^(6^647WRq<HuAu-xny:N$lpa40lQ<E5lnZFTfFCx+7YTKo08!3fKPkvY0ArOQ^G
-m^jWX=/Qm)F+00seV9005=:0seV90000000000000000000000000000000evBx0seV901Y
-bg0oPGiUk!L5
+1o5q3y.SNnO!odQ<U>Y^yOu:0>lJIWQ@*rFJ*QQuwDkSN1)h.]3aGrN{@#OpkKg+VAzobA3
+f7?d[VKYM/Yl<l7*y@CnN%qTNwEsQ8UI0JFzL5N]:[U5Ya%?E3+b.wOe.zsGKUG[<3N9p:C
+pDWVcEjzKx7nIPx7tx0}bFZN%SKvUaImjf{23dOo9M@(rb6J7sZG[Z#c01lHJ7FFG#C6=Q8
+LVvTd$h22]DXl8f6>aEy/#}]4:xH{$1bZv[7@dMPmEr^w$rCwm+{WwmPlHpy!/SI&//[fhw
+%2scogf$RsnHNm6*-XlZpR1vg8XIm<mamGE{YfPuSiz}Yyq0UzBRq!JdD%Gkf<)!6xraTlR
+Yybc!l=lIcsYY3C==2<{X2BWGy]NlOi@4DIR8m(/-w*//nS>RSkaTz(DYg7oG8QKemj%)6k
+[ic:U8QD]y?CND}xFUzGZ=>8}hBJl4@>^r?^AY#t[5Qn9g##I{XpbF5C2h[pD$R!=wRs>:J
+Lbed^]$FOZ>N40Awpyu.#%h:sug:@Y(2CvSbZ+C%Dg:v{%fNE?/hR3GG0J*7cO=UnJR[J18
+xFS5}AI/GCjw-9mQ)GJFCotP4.!5qxn810i]1i&9WQw#[9]tgB{kuzKIorx^[xc2zU>X)I&
+s/tYoEplQ0FJre*M.p![>HZ>YF3CfJ(Prp8m+IQIeJTs(?JI&7@F}c*#61b12v!ysq}6L-?
+26>zTbVb@OZG^oXfM&m8dAdl}Qk^i<I5V9VziPt#87PD*twr+W.{8?9^CuMNZy7H69@rulO
+]&EKqlOgP7?CzGt{h^L)j1L)2UV[5FM$DealB>]nxtvW!p(@rZY)M#uXcf8)]C-BF3eM4hB
+xzZlny?Yh8EoZg^KCdCk}Qy08!i^9SMfu0TaE$ASP8H!S5r{ZcHPW0seV9004lz0seV9004
+JH0seV9000000000000000000000h+hB0seV901Ybg07FFv:n=hu
 ------ END PCP SECRET KEY ------
diff --git a/tests/keys.cfg b/tests/keys.cfg
new file mode 100644
index 0000000..05e29cd
--- /dev/null
+++ b/tests/keys.cfg
@@ -0,0 +1,6 @@
+bartid = 0x955C5AF3D4BABB18
+bartserial = 0xDDE1E3AD
+idbobby  = 0x26C77B2A1548F4AB
+idalicia = 0x244407F39FFA0333
+mailbobby = bobby@local
+mailalicia = alicia@local
diff --git a/tests/unittests.cfg b/tests/unittests.cfg
index 8953994..562fe58 100644
--- a/tests/unittests.cfg
+++ b/tests/unittests.cfg
@@ -23,6 +23,9 @@
 pcp   = ../src/pcp1
 vault = v1
 passwd = xxx
+md5msg   = 66b8c4ca9e5d2a7e3c0559c3cdea3d50
+
+include keys.cfg
 
 <test check-show-help>
   cmd    = $pcp -h
@@ -70,8 +73,6 @@ dxmorg@florida.cops.gov
   expect-file-contains = testkey-self Dexter
 </test>
 
-bartid     = 0xEA14904F02A39174
-bartserial = 0x1A184AFF
 <test check-import-public-key>
   cmd = $pcp -V $vault -P -I bart.pub
   expect = /key $bartid added/
@@ -89,7 +90,7 @@ bartserial = 0x1A184AFF
 
 <test check-if-vault-still-valid>
   cmd = $pcp -V $vault -t
-  expect = /Vault version: 00000001/
+  expect = /Vault version: 00000002/
 </test>
 
 <test check-if-deleted-public-key-is-away>
@@ -99,11 +100,6 @@ bartserial = 0x1A184AFF
 
 #
 # encryption tests
-idbobby  = 0x9BBC8CFD7B519006
-idalicia = 0xC7062F147D8C4D91
-mailbobby = bobby@local
-mailalicia = alicia@local
-md5msg   = 66b8c4ca9e5d2a7e3c0559c3cdea3d50
 <test check-crypto-alicia-init>
   # alicias part
   prepare = echo ${md5msg} > testmessage
@@ -197,11 +193,22 @@ md5msg   = 66b8c4ca9e5d2a7e3c0559c3cdea3d50
   </test>
 </test>
 
+#
+# signature test
+<test check-sign-to-bobby>
+  cmd = $pcp -V va -g -I README -O testsig -x a
+  expect-file testsig
+</test>
+<test check-verify-signature>
+  cmd = $pcp -V vb -c testsig -I README
+  expect = /verified/
+</test>
+
 
 #
 # negative tests, check for error handling
 <test check-if-catch-conflicting-params>
-  cmd = $pcp -S -P
+  cmd = $pcp -V $vault -S -P
   expect = /invalid combination of commandline parameters/
 </test>
 
diff --git a/tests/unittests.pl b/tests/unittests.pl
index 6dee04c..ff5339e 100755
--- a/tests/unittests.pl
+++ b/tests/unittests.pl
@@ -37,6 +37,7 @@ if (! $config) {
 
 my %cfg = ParseConfig(-ConfigFile => $config,
 		      -InterPolateVars => 1,
+		      -UseApacheInclude => 1,
 		      -Tie => "Tie::IxHash" );
 my $verbose = $cfg{verbose};