fixed key generation, now the ed25519 key is derived from a seed

and the curve25519 key is derived from the ed25519 key. the encrypted part now contains the ed25519 secret.
2025-12-17 12:00:56 +01:00 · 2013-11-10 14:25:36 +01:00
parent 74a66e7456
commit 71d7121c87
17 changed files with 312 additions and 192 deletions
--- a/7
+++ b/7
@@ -1,3 +1,10 @@
 0.1.4   Changed key format (again), now the main secret
 	is the ED25519 secret key, which will be encrypted.
 	Everything else will be derived from that. Thanks
 	to S.Neives and "CodesInChaos" from the libsodium
 	mailinglist for clarifying it and helping me to
 	understand it.
 0.1.3   Added signature support using ED25519.
 	Key format has changed it now contains the ed25519
--- a/2
+++ b/2
@@ -1 +1 @@
-0.1.3
+0.1.4
--- a/include/pcp/defines.h
+++ b/include/pcp/defines.h
@@ -45,7 +45,7 @@ typedef unsigned int    qbyte;          //  Quad byte = 32 bits
 #define PCP_ME "Pretty Curved Privacy"
-#define PCP_KEY_VERSION 0x00000002U
+#define PCP_KEY_VERSION 0x00000003U
 #define PCP_KEY_PRIMITIVE "CURVE25519-ED25519-SALSA20-POLY1305"
 #define PCP_KEY_TYPE_MAINSECRET 0x01
--- a/include/pcp/key.h
+++ b/include/pcp/key.h
@@ -46,9 +46,10 @@ extern "C" {
  PCP private key structure. Most fields are self explanatory.
  Some notes:
-  'encrypted' contains the encrypted secret key. If it's set,
+  'encrypted' contains the encrypted ed25519 secret key. If it's set,
  the field 'secret' which contains the clear secret key will
-  be zeroed with random values, the first byte will be 0.
+  be zeroed with random values, the first byte will be 0. Same
  for the field 'edsecret'.
  'nonce' contains the nonce required to decrypt the encrypted
  secret, if set.
@@ -80,8 +81,9 @@ struct _pcp_key_t {
  byte public[32];
  byte secret[32];
  byte edpub[32];
  byte edsecret[64];
  byte nonce[24];
-  byte encrypted[48];
+  byte encrypted[80];
  char owner[255];
  char mail[255];
  char id[17];
@@ -114,6 +116,9 @@ pcp_pubkey_t *pcppubkey_hash;
 void pcp_cleanhashes();
 pcp_key_t *pcpkey_new ();
 void pcp_keypairs(byte *csk, byte *cpk, byte *esk, byte *epk, byte *seed);
 void pcp_ed_keypairs(byte *csk, byte *esk);
 char *pcppubkey_get_art(pcp_pubkey_t *k);
 char *pcpkey_get_art(pcp_key_t *k);
--- a/include/pcp/version.h
+++ b/include/pcp/version.h
@@ -25,7 +25,7 @@
 #define PCP_VERSION_MAJOR 0
 #define PCP_VERSION_MINOR 1
-#define PCP_VERSION_PATCH 3
+#define PCP_VERSION_PATCH 4
 #define PCP_MAKE_VERSION(major, minor, patch) \
    ((major) * 10000 + (minor) * 100 + (patch))
--- a/libpcp/ed.c
+++ b/libpcp/ed.c
@@ -22,49 +22,49 @@
 #include "ed.h"
 int pcp_ed_verify(unsigned char *input, size_t inputlen, pcp_sig_t *sig, pcp_pubkey_t *p) {
-  
+  unsigned char *message = ucmalloc(inputlen);
-  unsigned char *hash = ucmalloc(crypto_hash_sha256_BYTES + crypto_sign_BYTES); // from sig
+  unsigned char *tmpsig  = ucmalloc(inputlen + crypto_sign_BYTES); // from sig
  unsigned char *check = ucmalloc(crypto_hash_sha256_BYTES); // from file
  size_t mlen = 0;
-  if(crypto_sign_open(hash, &mlen, sig->edsig, crypto_hash_sha256_BYTES + crypto_sign_BYTES, p->edpub) != 0) {
+  memcpy(tmpsig, sig->edsig, crypto_sign_BYTES);
  memcpy(&tmpsig[crypto_sign_BYTES], input, inputlen);
  if(crypto_sign_open(message, &mlen, tmpsig, inputlen + crypto_sign_BYTES, p->edpub) != 0) {
    fatal("Failed to open the signature using the public key 0x%s!\n", p->id);
    goto errve1;
  }
-  crypto_hash_sha256(check, input, inputlen);
+  if(memcmp(message, input, inputlen) != 0) {
-
+    fatal("Failed to verify the signature, signed messages differ!\n");
  if(memcmp(check, hash, crypto_hash_sha256_BYTES) != 0) {
    fatal("Failed to verify the signature, hashes differ!\n");
    goto errve1;
  }
-  free(hash);
+  free(tmpsig);
-  free(check);
+  free(message);
  return 0;
 errve1:
-  free(hash);
+  free(message);
-  free(check);
+  free(tmpsig);
  return 1;
 }
 pcp_sig_t *pcp_ed_sign(unsigned char *message, size_t messagesize, pcp_key_t *s) {
-  byte edpub[32] = { 0 };
+  size_t mlen = messagesize + crypto_sign_BYTES;
-  byte edsec[64] = { 0 };
+  unsigned char *tmp = ucmalloc(mlen);
  unsigned char *signature = ucmalloc(crypto_sign_BYTES);
-  crypto_sign_seed_keypair(edpub, edsec, s->secret);
+  crypto_sign(tmp, &mlen, message, messagesize, s->edsecret);
-  unsigned char *hash = ucmalloc(crypto_hash_sha256_BYTES);
+  memcpy(signature, tmp, crypto_sign_BYTES);
  size_t slen = crypto_hash_sha256_BYTES + crypto_sign_BYTES;
  unsigned char *signature = ucmalloc(slen);
  crypto_hash_sha256(hash, message, messagesize);
  crypto_sign(signature, &slen, hash, crypto_hash_sha256_BYTES, edsec);
  pcp_sig_t *sig = pcp_ed_newsig(signature, s->id);
  memset(tmp, 0, mlen);
  free(tmp);
  return sig;
 }
--- a/libpcp/key.c
+++ b/libpcp/key.c
@@ -66,28 +66,54 @@ char *pcp_getkeyid(pcp_key_t *k) {
  return id;
 }
 void pcp_keypairs(byte *csk, byte *cpk, byte *esk, byte *epk, byte *seed) {
  // generate ed25519 + curve25519 keypair from random seed
  byte tmp[64];
  crypto_sign_seed_keypair(epk, esk, seed);
  crypto_hash_sha512(tmp, seed, 32);
  tmp[0]  &= 248;
  tmp[31] &= 63;
  tmp[31] |= 64;
  memcpy(csk, tmp, 32);
  crypto_scalarmult_curve25519_base(cpk, csk); 
  memset(tmp, 0, 64);
 }
 void pcp_ed_keypairs(byte *csk, byte *esk) {
  // re-generate (derive) curve25519 secret from ed25519 secret
  // (1st half = seed, 2nd half = pub)
  byte tmp[64];
  byte seed[32];
  memcpy(seed, esk, 32);
  crypto_hash_sha512(tmp, seed, 32);
  tmp[0]  &= 248;
  tmp[31] &= 63;
  tmp[31] |= 64;
  memcpy(csk, tmp, 32);
  memset(tmp, 0, 64);
 }
 pcp_key_t * pcpkey_new () {
  byte public[32] = { 0 };
  byte secret[32] = { 0 };
  byte edpub[32] = { 0 };
  byte edsec[64] = { 0 };
  byte *seed = urmalloc(32);
-  // generate curve 25519 keypair
+  pcp_keypairs(secret, public, edsec, edpub, seed);
  if(crypto_box_keypair (public, secret) != 0) {
    fatal("Failed to generate a CURVE25519 keypair!\n");
    return NULL;
  }
  // generate ed25519 keypair from box secret
  crypto_sign_seed_keypair(edpub, edsec, secret);
  // fill in our struct
  pcp_key_t *key = urmalloc(sizeof(pcp_key_t));
  memcpy (key->public, public, 32);
  memcpy (key->secret, secret, 32);
  memcpy (key->id, pcp_getkeyid(key), 17);
  memcpy (key->edpub, edpub, 32);
  memcpy (key->edsecret, edsec, 64);
  memcpy (key->id, pcp_getkeyid(key), 17);
  key->ctime = (long)time(0);
@@ -114,16 +140,18 @@ pcp_key_t *pcpkey_encrypt(pcp_key_t *key, char *passphrase) {
  unsigned char *encrypted;
  size_t es;
-  es = pcp_sodium_mac(&encrypted, key->secret, 32, key->nonce, encryptkey);
+  es = pcp_sodium_mac(&encrypted, key->edsecret, 64, key->nonce, encryptkey);
  memset(encryptkey, 0, 32);
  free(encryptkey);
-  if(es == 48) {
+  if(es == 80) {
    // success
-    memcpy(key->encrypted, encrypted, 48);
+    memcpy(key->encrypted, encrypted, 80);
    arc4random_buf(key->secret, 32);
    arc4random_buf(key->edsecret, 64);
    key->secret[0] = 0;
    key->edsecret[0] = 0;
  }
  else {
    fatal("failed to encrypt the secret key!\n");
@@ -139,14 +167,18 @@ pcp_key_t *pcpkey_decrypt(pcp_key_t *key, char *passphrase) {
  unsigned char *decrypted;
  size_t es;
-  es = pcp_sodium_verify_mac(&decrypted, key->encrypted, 48, key->nonce, encryptkey);
+  es = pcp_sodium_verify_mac(&decrypted, key->encrypted, 80, key->nonce, encryptkey);
  memset(encryptkey, 0, 32);
  free(encryptkey);
  if(es == 0) {
    // success
-    memcpy(key->secret, decrypted, 32);
+    byte secret[32] = { 0 };
    byte edsec[64] = { 0 };
    pcp_ed_keypairs(secret, decrypted);
    memcpy(key->secret, secret, 32);
    memcpy(key->edsecret, decrypted, 64);
  }
  else {
    fatal("failed to decrypt the secret key (got %d, expected 32)!\n", es);
@@ -264,55 +296,41 @@ pcp_pubkey_t *pubkey2native(pcp_pubkey_t *k) {
 pcp_key_t *pcp_derive_pcpkey (pcp_key_t *ours, char *theirs) {
  byte edpub[32] = { 0 };
  byte edsec[64] = { 0 };
  byte public[32] = { 0 };
  byte secret[32] = { 0 };
  byte *seed = ucmalloc(32);
  size_t thlen = strnlen(theirs, 255);
-  size_t inlen = 32 + thlen;
+  size_t inlen = 64 + thlen;
  unsigned char *both = ucmalloc(inlen);
  unsigned char *hash = ucmalloc(crypto_hash_BYTES);
-  memcpy(both, ours->secret, 32);
+  memcpy(both, ours->edsecret, 64);
-  memcpy(&both[32], theirs, thlen);
+  memcpy(&both[64], theirs, thlen);
-  if(crypto_hash(hash, both, inlen) != 0) {
+  if(crypto_hash(seed, both, inlen) != 0) {
    fatal("Failed to generate a hash of our pub key and recipient id!\n");
    goto errdp1;
  }
-  unsigned char *xor    = ucmalloc(crypto_secretbox_KEYBYTES);
+  pcp_keypairs(secret, public, edsec, edpub, seed);
  unsigned char *secret = ucmalloc(crypto_secretbox_KEYBYTES);
  int i;
  for(i=0; i<crypto_secretbox_KEYBYTES; ++i) {
    xor[i] = hash[i] ^ hash[i + crypto_secretbox_KEYBYTES];
  }
  xor[0]  &= 248;
  xor[31] &= 127;
  xor[31] |= 64;
  memcpy(secret, xor, crypto_secretbox_KEYBYTES);
  pcp_key_t * tmp = pcpkey_new ();
  memcpy(tmp->secret, secret, 32);
-
+  memcpy(tmp->edpub, edpub, 32);
-  // calculate pub from secret
+  memcpy(tmp->edsecret, edsec, 64);
-  crypto_scalarmult_curve25519_base(tmp->public, tmp->secret); 
+  memcpy(tmp->public, public, 32);
  // generate ed25519 keypair from box secret
  crypto_sign_seed_keypair(edpub, edsec, tmp->secret);
  memcpy(tmp->owner, ours->owner, 255);
  memcpy(tmp->mail, ours->mail, 255);
  memcpy(tmp->id, pcp_getkeyid(tmp), 17);
  memcpy(tmp->edpub, edpub, 32);
  memset(both, 0, inlen);
-  memset(xor, 0, crypto_secretbox_KEYBYTES);
+  memset(seed, 0, 32);
  memset(hash, 0, crypto_hash_BYTES);
  free(both);
-  free(xor);
+  free(seed);
  free(hash);
  return tmp;
--- a/man/details.pod
+++ b/man/details.pod
@@ -1,3 +1,4 @@
 # -*-perl-*-
 =head1 PCP1 KEYS
@@ -212,6 +213,8 @@ A secret key is a binary structure with the following format:
 +-------------|--------|----------------------------------+
 | ED25519 Pub |     32 | ED25519 Public Key Part          |
 +-------------|--------|----------------------------------+
 | ED25519 Sec |     64 | ED25519 Secret Key Unencrypted   |
 +-------------|--------|----------------------------------+
 | Nonce       |     24 | Nonce for secret key encryption  |
 +-------------|--------|----------------------------------+
 | Encrypted   |     48 | Encrypted Curve25519 Secret Key  |
@@ -233,7 +236,7 @@ A secret key is a binary structure with the following format:
 Some notes:
-The secret key field will be filled with random data if the
+The secret key fields will be filled with random data if the
 key is encrypted. The first byte of it will be set to 0 in that
 case.
@@ -249,6 +252,36 @@ exported key is imported, only the actual Z85 encoded data
 will be used. Header lines and lines starting with whitespace
 will be ignored. They are only there for convenience.
 Key generation works like this:
 =over
 =item *
 Generate a random seed (32 bytes).
 =item *
 Generate a ED25519 keypair from that seed.
 =item *
 Take the first 32 bytes of the generated ED25519 secret
 and generate a SHA512 hash from it.
 =item *
 Clamp bytes 0 and 31 which turns it into a Curve25519 secret.
 =item *
 Do scalar multiplication from that secret to retrieve
 the matching public key.
 =back
 Take a look at the function B<pcp_keypairs()> for details. 
 =head2 ENCRYPTED OUTPUT FORMAT
 Encrypted output will always be Z85 encoded and has the following
--- a/man/pcp1.1
+++ b/man/pcp1.1
@@ -124,7 +124,7 @@
 .\" ========================================================================
 .\"
 .IX Title "PCP1 1"
-.TH PCP1 1 "2013-11-09" "PCP 0.1.3" "USER CONTRIBUTED DOCUMENTATION"
+.TH PCP1 1 "2013-11-10" "PCP 0.1.4" "USER CONTRIBUTED DOCUMENTATION"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
@@ -298,6 +298,8 @@ to actually decrypt the message.
 Oh \- and if you're wondering why I named them Alicia and Bobby:
 I was just sick of Alice and Bob. We're running NSA-free, so we're
 using other sample names as well.
 .PP
 # \-*\-perl\-*\-
 .SH "PCP1 KEYS"
 .IX Header "PCP1 KEYS"
 \&\fBpcp1\fR keys are stored in a binary file, called \fBthe vault\fR.
@@ -506,6 +508,8 @@ A secret key is a binary structure with the following format:
 \& +\-\-\-\-\-\-\-\-\-\-\-\-\-|\-\-\-\-\-\-\-\-|\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-+
 \& | ED25519 Pub |     32 | ED25519 Public Key Part          |
 \& +\-\-\-\-\-\-\-\-\-\-\-\-\-|\-\-\-\-\-\-\-\-|\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-+
 \& | ED25519 Sec |     64 | ED25519 Secret Key Unencrypted   |
 \& +\-\-\-\-\-\-\-\-\-\-\-\-\-|\-\-\-\-\-\-\-\-|\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-+
 \& | Nonce       |     24 | Nonce for secret key encryption  |
 \& +\-\-\-\-\-\-\-\-\-\-\-\-\-|\-\-\-\-\-\-\-\-|\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-+
 \& | Encrypted   |     48 | Encrypted Curve25519 Secret Key  |
@@ -528,7 +532,7 @@ A secret key is a binary structure with the following format:
 .PP
 Some notes:
 .PP
-The secret key field will be filled with random data if the
+The secret key fields will be filled with random data if the
 key is encrypted. The first byte of it will be set to 0 in that
 case.
 .PP
@@ -543,6 +547,22 @@ Exported keys will be encoded in Z85 encoding. When such an
 exported key is imported, only the actual Z85 encoded data
 will be used. Header lines and lines starting with whitespace
 will be ignored. They are only there for convenience.
 .PP
 Key generation works like this:
 .IP "\(bu" 4
 Generate a random seed (32 bytes).
 .IP "\(bu" 4
 Generate a \s-1ED25519\s0 keypair from that seed.
 .IP "\(bu" 4
 Take the first 32 bytes of the generated \s-1ED25519\s0 secret
 and generate a \s-1SHA512\s0 hash from it.
 .IP "\(bu" 4
 Clamp bytes 0 and 31 which turns it into a Curve25519 secret.
 .IP "\(bu" 4
 Do scalar multiplication from that secret to retrieve
 the matching public key.
 .PP
 Take a look at the function \fB\f(BIpcp_keypairs()\fB\fR for details.
 .SS "\s-1ENCRYPTED\s0 \s-1OUTPUT\s0 \s-1FORMAT\s0"
 .IX Subsection "ENCRYPTED OUTPUT FORMAT"
 Encrypted output will always be Z85 encoded and has the following
--- a/man/pcp1.pod
+++ b/man/pcp1.pod
@@ -164,6 +164,7 @@ Oh - and if you're wondering why I named them Alicia and Bobby:
 I was just sick of Alice and Bob. We're running NSA-free, so we're
 using other sample names as well.
 # -*-perl-*-
 =head1 PCP1 KEYS
@@ -378,6 +379,8 @@ A secret key is a binary structure with the following format:
 +-------------|--------|----------------------------------+
 | ED25519 Pub |     32 | ED25519 Public Key Part          |
 +-------------|--------|----------------------------------+
 | ED25519 Sec |     64 | ED25519 Secret Key Unencrypted   |
 +-------------|--------|----------------------------------+
 | Nonce       |     24 | Nonce for secret key encryption  |
 +-------------|--------|----------------------------------+
 | Encrypted   |     48 | Encrypted Curve25519 Secret Key  |
@@ -399,7 +402,7 @@ A secret key is a binary structure with the following format:
 Some notes:
-The secret key field will be filled with random data if the
+The secret key fields will be filled with random data if the
 key is encrypted. The first byte of it will be set to 0 in that
 case.
@@ -415,6 +418,36 @@ exported key is imported, only the actual Z85 encoded data
 will be used. Header lines and lines starting with whitespace
 will be ignored. They are only there for convenience.
 Key generation works like this:
 =over
 =item *
 Generate a random seed (32 bytes).
 =item *
 Generate a ED25519 keypair from that seed.
 =item *
 Take the first 32 bytes of the generated ED25519 secret
 and generate a SHA512 hash from it.
 =item *
 Clamp bytes 0 and 31 which turns it into a Curve25519 secret.
 =item *
 Do scalar multiplication from that secret to retrieve
 the matching public key.
 =back
 Take a look at the function B<pcp_keypairs()> for details. 
 =head2 ENCRYPTED OUTPUT FORMAT
 Encrypted output will always be Z85 encoded and has the following
--- a/tests/bart.pub
+++ b/tests/bart.pub
@@ -1,36 +1,36 @@
 ----- BEGIN PCP PUBLIC KEY -----
-  Generated by: Pretty Curved Privacy Version 0.1.2
+  Generated by: Pretty Curved Privacy Version 0.1.3
        Cipher: CURVE25519-ED25519-SALSA20-POLY1305
         Owner: Bart
          Mail: bart@local
-        Key-ID: 0x955C5AF3D4BABB18
+        Key-ID: 0x6C0EEA95E11E2533
-    Public-Key: 1k2a5(H12:G5bm[.R[Ca^8T[1N%P!9Sqo2M6XGa9wb(Pf
+    Public-Key: 1kz.R2FXS+})++h8W3<NvR734vWVtWLxd?GlkoqHf8$$L
- Creation Time: 2013-11-08T12:21:02
+ Creation Time: 2013-11-10T14:24:46
-      Checksum: 05:D9:A2:09:C1:E8:9F:79:ED:85:C2:45:E4:81:E2:C4
+      Checksum: AE:31:87:4F:77:52:B4:B5:1C:9E:DD:F5:94:7B:4A:B1
-                BA:91:B5:22:2A:6D:20:4A:F8:82:98:3A:F0:5E:B4:CA
+                06:39:8F:10:DA:C0:32:B6:D0:D5:35:69:BE:F5:37:B2
- Serial Number: 0xDDE1E3AD
+ Serial Number: 0x9273DE28
   Key Version: 0x00000002
 Random Art ID: +----------------+
                |                |
                |                |
                |                |
-                |       o        |
+                |                |
-                |      . o       |
+                |        .    o .|
-                |     . .        |
+                |         o  . = |
-                |    o.oo        |
+                |        . .  = o|
-                |   o+B*.o       |
+                |           .+o*+|
                +----------------+
-1k2a5(H12:G5bm[.R[Ca^8T[1N%P!9Sqo2M6XGa9wtpO9d/o}%adp*siueSCw4!g!8J-H*X
+1kz.R2FXS+})++h8W3<NvR734vWVtWLxd?GlkoqHfgoXon]}I3NVDk48zBw6q/&L9y{&-<r
-1mqSnSCUyc{?u.Bo3EeyH$VMJnEI(Pe5-MYVA[r[CL>[s0MBTQR1(Z?-TFjMV4W%7]:n+bI
+Pb^{Uav$]6*=tHBo5LS]j[xHL@$s7Uf[v5D<j>LR3ope+k8<3jYfckF&!vrcyn+==/LNQPp
-^=Wb]NgZX995XE/oe@KICx!ujUrKk9zcOkq&yXkjYHo!x(<.zjH?x:B?qN?AgM[^acU5])f
+!/<Z]P^9c^e6k/*M69&fx%bb2l}iLq?)%<tr[i*vgX05kLEFBDvnpo>XgHRQ?p6vsX!+h(r
-zz-A4s70B-awtpMnbd<SVs:bCyme#/5zq.Qf%U!e}x)Au[q+3?I0C3K#!G2*W22)OPm9[oW
+yl:?7Tcf}^o8P1kjS5i&x.V!7[en?^8d5^YwSj<3nY+Mkt@gON=6^^@QuVQ4SP][scxx?^z
-jF:.yuX8joMN<Gjj1=CvR4aN&%vt{2vaokZRPp#u+D%(3E01uc$EyMVAY?3Qx]^AbHeh3Bp
+5CG6ZiB<4^rXZOsdA(hOS6$hD%@5Pz&%6}n4+1<p{Y$iu^[:i@LzDjP0jDLv&b*?U2kk+u7
-D0$FoPCxg0{UM5=)2RA8ktEo#^acjG%163^fy0DT+YW/vvQTq0kX$vGvqC}^S.38x{RttX1
+LM$LglW(q}TBofJc%qa-pwKZ?}.Ih]YY}je2uPG$d5fS>vQTq0kX$vGvqC@vk?b^xKBcE.e
-U3]N3Z#&=HUSIG*gGm(zfRgEVS%95yujI<W*[NEXE6M3g{Ix[u/5}m8wjIwKwyW8)A>-PDI
+[D4QWWjWEk!{A}^}{QI)OA<XW.qx@dH6lh7<6WlmCdQPR&h7ppdCUYep6zdIaKa}UKU!mIh
-^PCvBA1ELu7PS(h:gK-$}cR3D8Ytox94?KlL{-yp?yhUI<8{s6+g8QC31hTp6M9W6wm}@O&
+TQZ&-#B)64.=Kdv]e*)jVE:k^R=6!)tw^b9cn^.>n<%N:ZS+3GaQwEmwRy=%EX&L6l4X2WP
-t2OmQ3C@p{[sX%$c).&/u-YdN/wm+N*VM8VanKoonHUqD)$gBANhnzG&A*izju2&#qnS-3O
+G:u$N*zc@kjSs(sDq4oAv7G0+sB6}alyacoNX=.61BqbFeQkg0^<PFMk>y9ewu8W(Pk@/i6
-^1>/(i=Yr:/p)a7GdIx.2YBi{yN-I3@0Y}oaR1B3+D/*e2f]mo6G]%&V&[0!)FrCw8xwp2r
+C@-<Y@UHgL}>:!9XXH%KQ6sN.m[&(cRapHUtpok.CFaEcI@kQhtJ3--[cU+XKB!Pr1Pn!jo
-{mp&==Ue!dh8N-Uk$iT#g^TF{lnpC1iSGcW08!i^9SMfu0]q?}TPI$un%A4S5n{i%3TQ6C4
+W=w}@pzKx$lOH}$k@*!>f!(9Lh8v2*M&E9^08!r69SMfu0*mSYc<emJ:@X+A>@]LR(/(R4w
-%0Hqoxfb4.Gg^pK0P(DJVVV/6t?<1odt65J=(I:fw}UqFn1jB}hi@pvYr:%r@-j2
+Z)G/o=C2W9Pv7hkPcSZXMc#>J{A^N6u6+Z}Eh$L]t2VI)h=$sZe2W{6eFL+T]FC4
 ------ END PCP PUBLICKEY ------
--- a/tests/key-alicia-pub
+++ b/tests/key-alicia-pub
@@ -1,36 +1,36 @@
 ----- BEGIN PCP PUBLIC KEY -----
-  Generated by: Pretty Curved Privacy Version 0.1.2
+  Generated by: Pretty Curved Privacy Version 0.1.3
        Cipher: CURVE25519-ED25519-SALSA20-POLY1305
         Owner: Alicia
          Mail: alicia@local
-        Key-ID: 0x244407F39FFA0333
+        Key-ID: 0xD5F2E247E527F925
-    Public-Key: 0$V[6<mc=m[dKuF8s9&RBd#W/(KA/%zRZr./5.1Ef-RgN
+    Public-Key: 1dO5d*+#bkj0vJNuNQxo&T}daphtuDw^?27XbA02z2:Lo
- Creation Time: 2013-11-08T12:21:02
+ Creation Time: 2013-11-10T14:24:46
-      Checksum: 54:43:8B:3B:C3:65:21:9F:A5:EB:19:24:07:AB:D3:94
+      Checksum: 51:A1:DA:B4:3C:47:6E:4B:58:8A:44:69:53:38:A3:43
-                55:31:97:EC:0C:09:81:5C:C6:C9:EE:C4:A8:41:25:06
+                1A:C1:C6:A1:64:89:ED:0E:AF:C7:7A:E5:C7:FB:85:EF
- Serial Number: 0x0C8363E0
+ Serial Number: 0xF7C8BC9E
   Key Version: 0x00000002
 Random Art ID: +----------------+
                |      ..        |
                |    . *.        |
                |     +.B .      |
                |      o.+ +     |
                |        .o .    |
                |                |
                |                |
                |                |
                |                |
                |    .   .       |
                |     o . = .    |
                |    o . *.=     |
                |     . .o=..    |
                +----------------+
-0$V[6<mc=m[dKuF8s9&RBd#W/(KA/%zRZr./5.1Eg01WH@(Mc=uV-!$kxB/j+yM?O^EvfwN
+1dO5d*+#bkj0vJNuNQxo&T}daphtuDw^?27XbA02zqh<9Otx^7nQ)i?^}@>>O7va7zVWbC]
-R@+wyWB3sJ6Rn]v}/uKwGw=UC5ymsefA3:oG}4RdJ^tzaZ4H=ZK(g&+=K4(y$}52S+AX6dC
+==4ds.SPlT3HMov}/uKjG(9PFKZ#0bxXY9ikVC1Vj=rJ2x]WB=FVbYKaI$ZqR)W$MFrUgYB
-8KlJrjE!(=b*w=v63F{d?iz6zdzm)D>fC^ReqE.x^boltZnM&lG{$nzLg+<Q1%tV?n@V6h.
+nTZ[eMC!NPQcYtZQpVSfRMBgY>2dZAL?[rMVVKuOj+tF5=bOEpR=<@dV<Qur.h4++rU%i6O
-/vl{cxH4m%bVcBD.QL8#kO4vRta(@lJV=!cYjc&rr/a@*ve4=:I5btckwNiyE<qv)OP6]L.
+1^s!g0FT^3z>ls=Nvu.GxAEi%cjEK2d*^w=dN:?/!Z{b(bCuB@!U8pDs-[zxTCcjM:9=1VP
-{5Rigem^seRXp>j*9V6KOz!oMpTbZWvu+((u^kOw!r!op(7HzqmM1zdKJ=t5}unHbEB8.1X
+2BR@6ZIuv)v!=FH*!vh1Xu82c?UDR]nIrYi-<OD)$AnoSJ(rlqvm^{k=vl!7&:KK+g3i6v0
-cqgBIm3u)<LpZQR)vU+(5=&+XIr4])mz3OQ/4)[jpHiB:vqGT/x<<nyz!0i(0f.*Ix2i<T5
+CrEd$2E>Y{>.9vt](x^P}q(bf&em34)TYgBacIl4oA8n6vqGT/x<<nyz!0i(0oH+e*@g3/-
-Tm!<>V+dlI:yGMkn-oD30u299n<msI%q4PVdUu6+(!.*{S.(?*Gi:Yj?9S8m>sVFpg91.*
+GE(M[rzo4-{cl9^uI7uH-rIt4jB+/]&AcFa*qn}s-W/AA*h(bI9=:wjjA{N()UPzE755CCa
-IWdE>]^h[fvo@Xhva&MYwdct02wrdA[xJn6h]m<CZNDM9v0j=M3?3gqIbGqgEJCJg74NZ96
+-qNUY4j?3%yo+-k^<5f<Ta%vcxO?}bX0T&wG89]JaTaFe&njD^(tU5G4N}tpf>$zUOv>G2E
-<tP{A%eJ0)k@BFU98iPd639c$cF=Fphs5V^}q0e6omVTZS^@8CG{($#Un@m&g1+wj@E}[5S
+]Ls})!aN47]1tg=>$N)+=4TrMAicEk)bS5ARyrD6[oIwc6:?^^kNMwE[sMAI^k7ZM[P0Ru0
-%/S=i4=pQ4[:^IxknCKUQC.>xlmxUiofNKt-osOtoE@*A3CF1z&VnAeu(7d7I>{R>Vu8YRE
+m:})s*:3)=.XTGv22aW-04j?-.evZd%j:gd8n$hQPRstGfr^S+)^2s(?S[AR7.zBP7[>]18
-xP2X4au{F]g=d3yh+2O-mN/V$gCZ/!WeZgb08!i^9SMfu0T%Y>?#+!4q)TCm:w?gthgI#C*
+rQ{C3/oEZKhaxt&gbH{Uh8m9WiwJC(aohxw08!r69SMfu0@6^GO=!+-*en&SNdU3QP<ipTQ
-uAwuou4r<pq5sbrgrIcA*<FgGl!q&da4$6)EKB}RV[u-V9(W1^t(+*airR1i@/lX
+er*oE#7r@u34s@tdu+%r6aR+FN5{$JL3ppBGaL^t+0oKC[w#mY[erBP$M1A3&*nc
 ------ END PCP PUBLICKEY ------
--- a/tests/key-alicia-sec
+++ b/tests/key-alicia-sec
@@ -1,23 +1,25 @@
 ----- BEGIN PCP SECRET KEY -----
-  Generated by: Pretty Curved Privacy Version 0.1.2
+  Generated by: Pretty Curved Privacy Version 0.1.3
        Cipher: CURVE25519-ED25519-SALSA20-POLY1305
-        Key-ID: 0x244407F39FFA0333
+        Key-ID: 0xD5F2E247E527F925
- Creation Time: 2013-11-08T12:21:02
+ Creation Time: 2013-11-10T14:24:46
- Serial Number: 0xEA570081
+ Serial Number: 0x33E31A89
   Key Version: 0x00000002
-0$V[6<mc=m[dKuF8s9&RBd#W/(KA/%zRZr./5.1Ef-RtSg<)<u{yX%$(#Iz7))^<5LO]Sb6
+1dO5d*+#bkj0vJNuNQxo&T}daphtuDw^?27XbA02z2*K-*A51(A!tigjW3i$*o:@bI*[3y^
-XCL*}b>1ZYVtAc@(Mc=uV-!$kxB/j+yM?O^EvfwNR@+wyWB3sJ7{fO:/gev+?A}#&BPP7g7
+&B@[FOM6UE+RUqOtx^7nQ)i?^}@>>O7va7zVWbC]==4ds.SPlS@Q4)<?Sr!O$NImB+HLtpR
-$M^k-6FzEB?CxJLzJ)lRZZ.L[]-@R2N/(&wr6^z9kK4+6?514qYhJPt)xx>29<eKnCm?x*D
+?2pAiZ*7v$[])kt&-fYY7iEv&/!^))B4m{y#[ZY#09Dp)7cHJf]S8=]O]JHFwkO/a2]f<{G
-MHv}/uKwGw=UC5ymsefA3:oG}4RdJ^tzaZ4H=ZK(g&+=K4(y$}52S+AX6dC8KlJrjE!(=b*
+dVDZCqNP(6hviK9EawqO3m8Q7F!>4%4&u1L@xzbj7P{(F%s/UfO)vn1[Od?-}BbZ$#-)Cs$
-w=v63F{d?iz6zdzm)D>fC^ReqE.x^boltZnM&lG{$nzLg+<Q1%tV?n@V6h./vl{cxH4m%bV
+/evVI+AxP@x/UJCJ8%!V2/:}u#qAzTO{feeua-B)JLpOd<XiT}Bv}/uKjG(9PFKZ#0bxXY9
-cBD.QL8#kO4vRta(@lJV=!cYjc&rr/a@*ve4=:I5btckwNiyE<qv)OP6]L.{5Rigem^seRX
+ikVC1Vj=rJ2x]WB=FVbYKaI$ZqR)W$MFrUgYBnTZ[eMC!NPQcYtZQpVSfRMBgY>2dZAL?[r
-p>j*9V6KOz!oMpTbZWvu+((u^kOw!r!op(7HzqmM1zdKJ=t5}unHbEB8.1XcqgBIm3u)<Lp
+MVVKuOj+tF5=bOEpR=<@dV<Qur.h4++rU%i6O1^s!g0FT^3z>ls=Nvu.GxAEi%cjEK2d*^w
-ZQR)vU+(5=&+XIr4])mz3OQ/4)[jpHiB:vqGT/x<<nyz!0i(0f.*Ix2i<T5-Tm!<>V+dlI:
+=dN:?/!Z{b(bCuB@!U8pDs-[zxTCcjM:9=1VP2BR@6ZIuv)v!=FH*!vh1Xu82c?UDR]nIrY
-yGMkn-oD30u299n<msI%q4PVdUu6+(!.*{S.(?*Gi:Yj?9S8m>sVFpg91.*IWdE>]^h[fvo
+i-<OD)$AnoSJ(rlqvm^{k=vl!7&:KK+g3i6v0CrEd$2E>Y{>.9vt](x^P}q(bf&em34)TYg
-@Xhva&MYwdct02wrdA[xJn6h]m<CZNDM9v0j=M3?3gqIbGqgEJCJg74NZ96<tP{A%eJ0)k@
+BacIl4oA8n6vqGT/x<<nyz!0i(0oH+e*@g3/-GE(M[rzo4-{cl9^uI7uH-rIt4jB+/]&AcF
-BFU98iPd639c$cF=Fphs5V^}q0e6omVTZS^@8CG{($#Un@m&g1+wj@E}[5S%/S=i4=pQ4[:
+a*qn}s-W/AA*h(bI9=:wjjA{N()UPzE755CCa-qNUY4j?3%yo+-k^<5f<Ta%vcxO?}bX0T&
-^IxknCKUQC.>xlmxUiofNKt-osOtoE@*A3CF1z&VnAeu(7d7I>{R>Vu8YRExP2X4au{F]g=
+wG89]JaTaFe&njD^(tU5G4N}tpf>$zUOv>G2E]Ls})!aN47]1tg=>$N)+=4TrMAicEk)bS5
-d3yh+2O-mN/V$gCZ/!=hW?A08!i^9SMfu0{S?!FDr3I==W2=NlYWl0seV90000000000004
+ARyrD6[oIwc6:?^^kNMwE[sMAI^k7ZM[P0Ru0m:})s*:3)=.XTGv22aW-04j?-.evZd%j:g
-xD0seV9000000000000000000000h+5x0seV901Ybg0gJN5^/ovF
+d8n$hQPRstGfr^S+)^2s(?S[AR7.zBP7[>]18rQ{C3/oEZKhaxt&gbH{Uh8m9WiwJC(e=U>
 K08!r69SMfu0Ye<PI2^)3vS:oPml[7E0seV90000000000004Km0seV9000000000000000
 0000000W{r0seV901Ybg0h!5]4GDFe
 ------ END PCP SECRET KEY ------
--- a/tests/key-bobby-pub
+++ b/tests/key-bobby-pub
@@ -1,36 +1,36 @@
 ----- BEGIN PCP PUBLIC KEY -----
-  Generated by: Pretty Curved Privacy Version 0.1.2
+  Generated by: Pretty Curved Privacy Version 0.1.3
        Cipher: CURVE25519-ED25519-SALSA20-POLY1305
         Owner: Bobby
          Mail: bobby@local
-        Key-ID: 0x26C77B2A1548F4AB
+        Key-ID: 0x80F52DB08164A533
-    Public-Key: 1o5q3y.SNnO!odQ<U>Y^yOu:0>lJIWQ@*rFJ*QQuwDhYg
+    Public-Key: 1ibutw@MLx1y%B6nt5N-j1p9RrIJA!5?aMj/NV/DjPCDZ
- Creation Time: 2013-11-08T12:21:02
+ Creation Time: 2013-11-10T14:24:46
-      Checksum: D0:21:AA:87:7E:24:F5:A6:8F:FC:2A:21:14:04:57:99
+      Checksum: 17:D9:B5:1E:2B:B5:1E:9A:EE:01:68:CB:5E:E5:80:F0
-                30:D9:BD:35:D4:AF:F4:20:50:7D:72:DB:6D:6B:6F:21
+                49:80:62:61:F4:DB:D4:7F:05:67:92:73:60:63:86:A5
- Serial Number: 0xB4410F61
+ Serial Number: 0xEC29D88E
   Key Version: 0x00000002
 Random Art ID: +----------------+
-                |    .           |
+                |      .   .     |
-                |   . .          |
+                |       . = .    |
-                | .. .           |
+                |        = *     |
-                |o..  ..         |
+                |       o B .    |
-                |.o  .  o.       |
+                |        = o     |
-                |   .  ...       |
+                |       .        |
-                |   ...  ..      |
+                |                |
-                |   .o    ..     |
+                |                |
                +----------------+
-1o5q3y.SNnO!odQ<U>Y^yOu:0>lJIWQ@*rFJ*QQuw-NU)7*y@CnN%qTNwEsQ8UI0JFzL5N]
+1ibutw@MLx1y%B6nt5N-j1p9RrIJA!5?aMj/NV/Dj(4dT!OMC={yChgS9Bm:p*{/RW@&mq4
-:[U5Ya%?E3QO=vvTd$h22]DXl8f6>aEy/#}]4:xH{$1bZv[7@dMPmEr^w$rCwm+{WwmPlHp
+hPA1/hb&6<3EV[vTd@IEDCn1gh?O*AO]Pp]T[*2/n#SSc:SPVDlb$h(:z6cmqt0DUIc(hU)
-y!/SI&//[fhw%2scogf$RsnHNm6*-XlZpR1vg8XIm<mamGE{YfPuSiz}Yyq0UzBRq!JdD%G
+IfufJgG1em4]/KdB$SF$R1fu0Uyj:AiYb-ET]kItj[a^i94(:P$G<oU^Ns14-<7Ni@gLn9n
-kf<)!6xraTlRYybc!l=lIcsYY3C==2<{X2BWGy]NlOi@4DIR8m(/-w*//nS>RSkaTz(DYg7
+Qlb8//T4AA5jq.nHU:/B]Xo.u:6vP$NZ8:}D?i@%I?M0})0weS1AaFZ&b@7^S9Hy2eSWZG)
-oG8QKemj%)6k[ic:U8QD]y?CND}xFUzGZ=>8}hBJl4@>^r?^AY#t[5Qn9g##I{XpbF5C2h[
+U^{1AvdLExP+6MH9HE<de}3Y3DR>Wj!s!h9$7ve^NBsb)415Dj^Z9//]G*z=pA))x+{zp4<
-pD$R!=wRs>:JLbed^]$FOZ>N40Awpyu.#%h:sug:@Y(2CvSbZ+C%Dg:v{%fNE?/hR3GG0J*
+V4R37FSAuNYF@L!50FILb.ikdYR9QjY#[SCLuE6:WvoI8vSbZ+C%Dg:v{%fN-Ev6Bg.s8Se
-7cO=UnJR[J18xFS5}AI/GCjw-9mQ)GJFCotP4.!5qxn810i]1i&9WQw#[9]tgB{kuzKIorx
+L&x#naZ8r7R@zd5j2DFn<w$2HY*F}]}Y&Y?GZaVE0TMi=nC!.X{]I6YnIaXBYKIbP(-omT!
-^[xc2zU>X)I&s/tYoEplQ0FJre*M.p![>HZ>YF3CfJ(Prp8m+IQIeJTs(?JI&7@F}c*#61b
+(U(Ae*77C7C>^WcqCB(F&2[C8d^lKzsEhXnpTH-s[RUK-b-Z7DKC)rQ@8=w1VnxG$6=^C.h
-12v!ysq}6L-?26>zTbVb@OZG^oXfM&m8dAdl}Qk^i<I5V9VziPt#87PD*twr+W.{8?9^CuM
+(U3>LYD!!H<lUK?dzs5rb#wlUknk4gU+ov-whNrEM02u!%@hZtF[eR7{<0CgeDg+SR2-?$e
-NZy7H69@rulO]&EKqlOgP7?CzGt{h^L)j1L)2UV[5FM$DealB>]nxtvW!p(@rZY)M#uXcf8
+u7Cy#]:Vhu&{@}siUdO013&:8adw.@ex-R}pXYDj(/D%PG)g[jtyB#?tIM3xtzVnw:1>3s^
-)]C-BF3eM4hBxzZlny?Yh8EoZg^KCdKPkvY08!i^9SMfu0<>l7vfo-E^5H8:rEPW}IWMM)n
+(ZbyD3yO]fH^]Pl{-N!f/y<Oh8v2*k(Z(+08!r69SMfu0{?w*JSQptIgg:z2mt:erb<@UA
-9O]:9.h#9eg#3N+Nwg=(FZ!o&vjwh*@-/k:pP+l3Gn(Gar.6q(jT9C=nq*9Ee<lE
+=>25y?Q=(YO^sy=Rgk$+#[GxtS&GB/mTh$(@bereI-eo*2pGrbaTSZWR^fTOD5S&
 ------ END PCP PUBLICKEY ------
--- a/tests/key-bobby-sec
+++ b/tests/key-bobby-sec
@@ -1,23 +1,25 @@
 ----- BEGIN PCP SECRET KEY -----
-  Generated by: Pretty Curved Privacy Version 0.1.2
+  Generated by: Pretty Curved Privacy Version 0.1.3
        Cipher: CURVE25519-ED25519-SALSA20-POLY1305
-        Key-ID: 0x26C77B2A1548F4AB
+        Key-ID: 0x80F52DB08164A533
- Creation Time: 2013-11-08T12:21:02
+ Creation Time: 2013-11-10T14:24:46
- Serial Number: 0x048CC072
+ Serial Number: 0x9CFF1DC6
   Key Version: 0x00000002
-1o5q3y.SNnO!odQ<U>Y^yOu:0>lJIWQ@*rFJ*QQuwDkSN1)h.]3aGrN{@#OpkKg+VAzobA3
+1ibutw@MLx1y%B6nt5N-j1p9RrIJA!5?aMj/NV/DjPIjyxhLO1q@:+$7?)D][S+0r<Rfgzn
-f7?d[VKYM/Yl<l7*y@CnN%qTNwEsQ8UI0JFzL5N]:[U5Ya%?E3+b.wOe.zsGKUG[<3N9p:C
+tDEQCEP=9pU^5<!OMC={yChgS9Bm:p*{/RW@&mq4hPA1/hb&6&@FQcZ:}Y25*4WG4uMo@Dn
-pDWVcEjzKx7nIPx7tx0}bFZN%SKvUaImjf{23dOo9M@(rb6J7sZG[Z#c01lHJ7FFG#C6=Q8
+]ez5rL8ZZ6/eS[wW=)x&z.me!2?&c6XTM-No(PGmt6WOVbJ(??zP*h]I.5&?]n<y(2e()Bv
-LVvTd$h22]DXl8f6>aEy/#}]4:xH{$1bZv[7@dMPmEr^w$rCwm+{WwmPlHpy!/SI&//[fhw
+mb5lgGjmYPtgOAtGHww3s+*V[JNk9Ug$==U%fbp*oxg!By7ESbm(1$=-on44=#n(&e!DKU3
-%2scogf$RsnHNm6*-XlZpR1vg8XIm<mamGE{YfPuSiz}Yyq0UzBRq!JdD%Gkf<)!6xraTlR
+1JeS&$e-8oi}YPZ0gI$f8EO{xKM8j]%oR/#MboJ1(.r=n2&6Iu>vTd@IEDCn1gh?O*AO]Pp
-Yybc!l=lIcsYY3C==2<{X2BWGy]NlOi@4DIR8m(/-w*//nS>RSkaTz(DYg7oG8QKemj%)6k
+]T[*2/n#SSc:SPVDlb$h(:z6cmqt0DUIc(hU)IfufJgG1em4]/KdB$SF$R1fu0Uyj:AiYb-
-[ic:U8QD]y?CND}xFUzGZ=>8}hBJl4@>^r?^AY#t[5Qn9g##I{XpbF5C2h[pD$R!=wRs>:J
+ET]kItj[a^i94(:P$G<oU^Ns14-<7Ni@gLn9nQlb8//T4AA5jq.nHU:/B]Xo.u:6vP$NZ8:
-Lbed^]$FOZ>N40Awpyu.#%h:sug:@Y(2CvSbZ+C%Dg:v{%fNE?/hR3GG0J*7cO=UnJR[J18
+}D?i@%I?M0})0weS1AaFZ&b@7^S9Hy2eSWZG)U^{1AvdLExP+6MH9HE<de}3Y3DR>Wj!s!h
-xFS5}AI/GCjw-9mQ)GJFCotP4.!5qxn810i]1i&9WQw#[9]tgB{kuzKIorx^[xc2zU>X)I&
+9$7ve^NBsb)415Dj^Z9//]G*z=pA))x+{zp4<V4R37FSAuNYF@L!50FILb.ikdYR9QjY#[S
-s/tYoEplQ0FJre*M.p![>HZ>YF3CfJ(Prp8m+IQIeJTs(?JI&7@F}c*#61b12v!ysq}6L-?
+CLuE6:WvoI8vSbZ+C%Dg:v{%fN-Ev6Bg.s8SeL&x#naZ8r7R@zd5j2DFn<w$2HY*F}]}Y&Y
-26>zTbVb@OZG^oXfM&m8dAdl}Qk^i<I5V9VziPt#87PD*twr+W.{8?9^CuMNZy7H69@rulO
+?GZaVE0TMi=nC!.X{]I6YnIaXBYKIbP(-omT!(U(Ae*77C7C>^WcqCB(F&2[C8d^lKzsEhX
-]&EKqlOgP7?CzGt{h^L)j1L)2UV[5FM$DealB>]nxtvW!p(@rZY)M#uXcf8)]C-BF3eM4hB
+npTH-s[RUK-b-Z7DKC)rQ@8=w1VnxG$6=^C.h(U3>LYD!!H<lUK?dzs5rb#wlUknk4gU+ov
-xzZlny?Yh8EoZg^KCdCk}Qy08!i^9SMfu0TaE$ASP8H!S5r{ZcHPW0seV9004lz0seV9004
+-whNrEM02u!%@hZtF[eR7{<0CgeDg+SR2-?$eu7Cy#]:Vhu&{@}siUdO013&:8adw.@ex-R
-JH0seV9000000000000000000000h+hB0seV901Ybg07FFv:n=hu
+}pXYDj(/D%PG)g[jtyB#?tIM3xtzVnw:1>3s^+(ZbyD3yO]fH^]Pl{-N!f/y<Oh8v2**Ydr
 O08!r69SMfu0?xoh-Sv(D^?4<!>0ldv0seV9004yi0seV9004Wq0seV9000000000000000
 0000000X6v0seV901Ybg02=5[JSo4V
 ------ END PCP SECRET KEY ------
--- a/tests/keys.cfg
+++ b/tests/keys.cfg
@@ -1,6 +1,6 @@
-bartid = 0x955C5AF3D4BABB18
+bartid = 0x6C0EEA95E11E2533
-bartserial = 0xDDE1E3AD
+bartserial = 0x9273DE28
-idbobby  = 0x26C77B2A1548F4AB
+idbobby  = 0x80F52DB08164A533
-idalicia = 0x244407F39FFA0333
+idalicia = 0xD5F2E247E527F925
 mailbobby = bobby@local
 mailalicia = alicia@local
--- a/tests/unittests.cfg
+++ b/tests/unittests.cfg
@@ -29,7 +29,7 @@ include keys.cfg
 <test check-dependencies>
  <test check-dependencies-perl>
-    cmd = perl -MYAML-e 'print 1'
+    cmd = perl -MYAML -e 'print 1'
    expect = 1
  </test>
  <test check-dependencies-shell>