updated

ChangeLog

@@ -1,3 +1,33 @@
+0.2.2   Enhanded --edit-key a little, it's now possible to
+	make a secret the primary one.
+
+	Added new option -v (the previous -v has moved to
+	--version only) for verbose. Currently only supported
+	by --list-keys. In this mode more details will be
+	printed. Also added a couple of alias options for
+	existing ones (e.g. -a for armor which is an alias
+	for -z).
+
+	Removed options -P and -S, replaced by -K (long:
+	--import-key) used to import a key. The key type
+	is now determined automatically as well as the
+	encoding.
+
+	Made libpcp threadsafe by removing all global vars
+	and putting that stuff into the new PCP Context
+	class (ptx.h), which now holds errors and key hashes.
+
+	Use 64bit integers for time values in exported
+	keys (we use 64 bit internaly already), to be
+	year 2038 safe.
+
+	Added a new file type (PCP_ASYM_CIPHER_SIG) which
+	marks encrypted+signed files. This is incompatible
+	to pbp, but it doesn't support that feature anyway.
+	To decrypt encrypted+signed files the option -c
+	is therefore no more required, since pcp2 can now
+	determine the file mode itself.
+
 0.2.1   My crypt+sign implementation were wrong (better:
 	defect). It worked but a legal recipient could
 	re-encrypt the message and attach the original
@@ -81,25 +111,9 @@
 	changes. It's like a drug boosting the brain. Love
 	U, man!
 
-	Enhanded --edit-key a little, it's now possible to
-	make a secret the primary one.
 
-	Added new option -v (the previous -v has moved to
-	--version only) for verbose. Currently only supported
-	by --list-keys. In this mode more details will be
-	printed. Also added a couple of alias options for
-	existing ones (e.g. -a for armor which is an alias
-	for -z).
 
-	Removed options -P and -S, replaced by -K (long:
-	--import-key) used to import a key. The key type
-	is now determined automatically as well as the
-	encoding.
 
-	Made libpcp threadsafe by removing all global vars
-	and putting that stuff into the new PCP Context
-	class (ptx.h), which now holds errors and key hashes.
-	
 0.2.0	ED25519 and Curve25519 keys are now generated
 	separately (previously they were generated from
 	one random seed, the curve had been derived from

TODO

@@ -23,10 +23,8 @@ pcp_find_primary_secret() makes a copy ???
 
 c++ destructor double free mess
 
-Use 64bit timte_t counters (either 32bit converted to 64bit or native)
+cpptest 0 uses same Context for encryptor and decryptor,
-see: http://www.openbsd.org/faq/upgrade55.html#time_t
+must be another one for the latter!
-
-change sign+encrypt to encrypt+sign
 
 Python binding, e.g.:
 py % cdll.LoadLibrary("libsodium.so.8")

include/pcp.h

@@ -8,7 +8,6 @@ extern "C" {
 #include "pcp/config.h"
 #include "pcp/base85.h"
 #include "pcp/buffer.h"
-#include "pcp/config.h"
 #include "pcp/context.h"
 #include "pcp/crypto.h"
 #include "pcp/defines.h"

man/details.pod

@@ -122,9 +122,11 @@ Verification by recipient:
 =head1 SIGNED ENCRYPTION
 
 Beside pure encryption and signatures pcp1 also supports signed
-encryption. In this mode an input file will be signed your primary
+encryption. In this mode an input file will be encrypted and a
-secret key from a BLAKE2 hash of the file contents and the recipients
+signature of the encrypted content and encrypted recipients with your primary
-and then encrypted. The signature is encrypted as well.
+secret key will be appended.
+
+The signature is encrypted as well.
 
 Example:
 
@@ -133,25 +135,13 @@ Example:
 Please note the additional B<-g> parameter. The recipient can
 decrypt and verify the so created data like this:
 
- pcp1 -d -c -I README.asc -o README.txt
+ pcp1 -d -I README.asc -o README.txt
-
-Please note the additional B<-c> parameter.
 
 If decryption works, the output file will be written. If signature
 verification fails you will be informed, but the decrypted
 output will be left untouched. It is up to you how to react
 on an invalid signature.
 
-B<Caution: as of this writing (pcp version 0.2.0) there is
-no offset marker included into the output which separates
-the signature from the cipher. Therefore a recipient has to
-know that the file is encrypted AND signed. If, for example,
-the recpient leaves the -c parameter on such a file, the decryption
-process will fail. Otherwise, if the user supplies -c on an
-encrypted file without a signature, decryption will fail as well.>
-
-Note: this behavior might change in the future.
-
 =head1 ALTERNATIVE COMMANDLINES
 
 You can save typing if you supply additional arguments to

src/usage.h

@@ -26,8 +26,7 @@
 "-R --remove-key           Remove a key from the vault.\n" \
 "-s --export-secret        Export a secret key.\n" \
 "-p --export-public        Export a public key.\n" \
-"-S --import-secret        Import a secret key.\n" \
+"-K --import               Import a secret or public key.\n" \
-"-P --import-public        Import a public key.\n" \
 "-y --export-yaml          Export all keys as YAML formatted text.\n" \
 "-F --export-format <fmt>  Specify exportformat, either 'pbp' or 'pcp'.\n" \
 "                          'pcp' is the default if unspecified.\n" \

src/usage.txt

@@ -24,8 +24,7 @@ Keymanagement Options:
 -R --remove-key           Remove a key from the vault.
 -s --export-secret        Export a secret key.
 -p --export-public        Export a public key.
--S --import-secret        Import a secret key.
+-K --import               Import a secret or public key.
--P --import-public        Import a public key.
 -y --export-yaml          Export all keys as YAML formatted text.
 -F --export-format <fmt>  Specify exportformat, either 'pbp' or 'pcp'.
                           'pcp' is the default if unspecified.