From dc457b6eb93aab9825b1cbc638ff77e7f24f1985 Mon Sep 17 00:00:00 2001 From: TLINDEN Date: Tue, 6 May 2014 11:51:54 +0200 Subject: [PATCH] updated --- ChangeLog | 46 ++++++++++++++++++++++++++++++---------------- TODO | 6 ++---- include/pcp.h | 1 - man/details.pod | 22 ++++++---------------- src/usage.h | 3 +-- src/usage.txt | 3 +-- 6 files changed, 40 insertions(+), 41 deletions(-) diff --git a/ChangeLog b/ChangeLog index e202f68..669de9c 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,33 @@ +0.2.2 Enhanded --edit-key a little, it's now possible to + make a secret the primary one. + + Added new option -v (the previous -v has moved to + --version only) for verbose. Currently only supported + by --list-keys. In this mode more details will be + printed. Also added a couple of alias options for + existing ones (e.g. -a for armor which is an alias + for -z). + + Removed options -P and -S, replaced by -K (long: + --import-key) used to import a key. The key type + is now determined automatically as well as the + encoding. + + Made libpcp threadsafe by removing all global vars + and putting that stuff into the new PCP Context + class (ptx.h), which now holds errors and key hashes. + + Use 64bit integers for time values in exported + keys (we use 64 bit internaly already), to be + year 2038 safe. + + Added a new file type (PCP_ASYM_CIPHER_SIG) which + marks encrypted+signed files. This is incompatible + to pbp, but it doesn't support that feature anyway. + To decrypt encrypted+signed files the option -c + is therefore no more required, since pcp2 can now + determine the file mode itself. + 0.2.1 My crypt+sign implementation were wrong (better: defect). It worked but a legal recipient could re-encrypt the message and attach the original @@ -81,25 +111,9 @@ changes. It's like a drug boosting the brain. Love U, man! - Enhanded --edit-key a little, it's now possible to - make a secret the primary one. - Added new option -v (the previous -v has moved to - --version only) for verbose. Currently only supported - by --list-keys. In this mode more details will be - printed. Also added a couple of alias options for - existing ones (e.g. -a for armor which is an alias - for -z). - Removed options -P and -S, replaced by -K (long: - --import-key) used to import a key. The key type - is now determined automatically as well as the - encoding. - Made libpcp threadsafe by removing all global vars - and putting that stuff into the new PCP Context - class (ptx.h), which now holds errors and key hashes. - 0.2.0 ED25519 and Curve25519 keys are now generated separately (previously they were generated from one random seed, the curve had been derived from diff --git a/TODO b/TODO index 3da3809..84d1885 100644 --- a/TODO +++ b/TODO @@ -23,10 +23,8 @@ pcp_find_primary_secret() makes a copy ??? c++ destructor double free mess -Use 64bit timte_t counters (either 32bit converted to 64bit or native) -see: http://www.openbsd.org/faq/upgrade55.html#time_t - -change sign+encrypt to encrypt+sign +cpptest 0 uses same Context for encryptor and decryptor, +must be another one for the latter! Python binding, e.g.: py % cdll.LoadLibrary("libsodium.so.8") diff --git a/include/pcp.h b/include/pcp.h index 45255d0..b9881a9 100644 --- a/include/pcp.h +++ b/include/pcp.h @@ -8,7 +8,6 @@ extern "C" { #include "pcp/config.h" #include "pcp/base85.h" #include "pcp/buffer.h" -#include "pcp/config.h" #include "pcp/context.h" #include "pcp/crypto.h" #include "pcp/defines.h" diff --git a/man/details.pod b/man/details.pod index 93c518f..37ec56b 100644 --- a/man/details.pod +++ b/man/details.pod @@ -122,9 +122,11 @@ Verification by recipient: =head1 SIGNED ENCRYPTION Beside pure encryption and signatures pcp1 also supports signed -encryption. In this mode an input file will be signed your primary -secret key from a BLAKE2 hash of the file contents and the recipients -and then encrypted. The signature is encrypted as well. +encryption. In this mode an input file will be encrypted and a +signature of the encrypted content and encrypted recipients with your primary +secret key will be appended. + +The signature is encrypted as well. Example: @@ -133,25 +135,13 @@ Example: Please note the additional B<-g> parameter. The recipient can decrypt and verify the so created data like this: - pcp1 -d -c -I README.asc -o README.txt - -Please note the additional B<-c> parameter. + pcp1 -d -I README.asc -o README.txt If decryption works, the output file will be written. If signature verification fails you will be informed, but the decrypted output will be left untouched. It is up to you how to react on an invalid signature. -B - -Note: this behavior might change in the future. - =head1 ALTERNATIVE COMMANDLINES You can save typing if you supply additional arguments to diff --git a/src/usage.h b/src/usage.h index f9de65c..a6b7a71 100644 --- a/src/usage.h +++ b/src/usage.h @@ -26,8 +26,7 @@ "-R --remove-key Remove a key from the vault.\n" \ "-s --export-secret Export a secret key.\n" \ "-p --export-public Export a public key.\n" \ -"-S --import-secret Import a secret key.\n" \ -"-P --import-public Import a public key.\n" \ +"-K --import Import a secret or public key.\n" \ "-y --export-yaml Export all keys as YAML formatted text.\n" \ "-F --export-format Specify exportformat, either 'pbp' or 'pcp'.\n" \ " 'pcp' is the default if unspecified.\n" \ diff --git a/src/usage.txt b/src/usage.txt index fc1d716..c4b2cd8 100644 --- a/src/usage.txt +++ b/src/usage.txt @@ -24,8 +24,7 @@ Keymanagement Options: -R --remove-key Remove a key from the vault. -s --export-secret Export a secret key. -p --export-public Export a public key. --S --import-secret Import a secret key. --P --import-public Import a public key. +-K --import Import a secret or public key. -y --export-yaml Export all keys as YAML formatted text. -F --export-format Specify exportformat, either 'pbp' or 'pcp'. 'pcp' is the default if unspecified.