added support for self-encryption mode, updated POD accordingly.

src/encryption.c

@@ -103,9 +103,20 @@ int pcpdecrypt(char *id, int useid, char *infile, char *outfile, char *passwd) {
     }
   }
   if(public == NULL) {
-    fatal("Could not find a usable public key in vault %s!\n",
+    // maybe self encryption, try secrets
+    pcp_key_t *s = NULL;
+    for(s=pcpkey_hash; s != NULL; s=(pcp_key_t*)(s->hh.next)) {
+      crypto_hash(check, (unsigned char*)s->id, 16);
+      if(memcmp(check, hash, crypto_hash_BYTES) == 0) {
+        // matching secret
+        public = pcpkey_pub_from_secret(s);
+      }
+    }
+    if(public == NULL) {
+      fatal("Could not find a usable public key in vault %s!\n",
 	  vault->filename);
-    goto errde0;
+      goto errde0;
+    }
   }
 
   if(debug) {
@@ -183,9 +194,17 @@ int pcpencrypt(char *id, char *infile, char *outfile, char *passwd, char *recipi
   // look if we've got that key
   HASH_FIND_STR(pcppubkey_hash, id, public);
   if(public == NULL) {
-    fatal("Could not find a public key with id 0x%s in vault %s!\n",
+    // self-encryption: look if its a secret one
+    pcp_key_t *s = NULL;
+    HASH_FIND_STR(pcpkey_hash, id, s);
+    if(s != NULL) {
+      public = pcpkey_pub_from_secret(s);
+    }
+    else {
+      fatal("Could not find a public key with id 0x%s in vault %s!\n",
 	  id, vault->filename);
-    goto erren3;
+      goto erren3;
+    }
   }
 
   secret = pcp_find_primary_secret();

src/pcp.c

@@ -315,6 +315,11 @@ int main (int argc, char **argv)  {
 	if(useid == 0 && userec == 1) {
 	  id = pcp_find_id_byrec(recipient);
 	}
+        if(useid == 0 && userec == 0) {
+          pcp_key_t *k = pcp_find_primary_secret();
+	  id = ucmalloc(17);
+          memcpy(id, k->id, 17);
+        }
 	if(id != NULL) {
 	  pcpencrypt(id, infile, outfile, xpass, recipient);
 	  free(id);

src/usage.h

@@ -50,10 +50,13 @@
 "\n" \
 "Encryption Options:\n" \
 "-e --encrypt              Encrypt a message. Read from stdin or\n" \
-"                          specified via -I. A keyid (-i) of the\n" \
-"                          public key of the receipient must be\n" \
-"                          specified. Output to stdout or written\n" \
-"                          to the file specified via -O.\n" \
+"                          specified via -I. If a keyid (-i) has been\n" \
+"                          given, use that public key for encryption.\n" \
+"                          If a recipient (-r) has been given, use\n" \
+"                          a derived public key. If none of -i or\n" \
+"                          -r has been given, use the primary\n" \
+"                          secret key and the public part of it\n" \
+"                          for encrytion (self-encryption mode).\n" \
 "-d --decrypt              Decrypt a message. Read from stdin or\n" \
 "                          specified via -I. Output to stdout or\n" \
 "                          written to the file specified via -O.\n" \

src/usage.txt

@@ -48,10 +48,13 @@ Keymanagement Options:
 
 Encryption Options:
 -e --encrypt              Encrypt a message. Read from stdin or
-                          specified via -I. A keyid (-i) of the
-                          public key of the receipient must be
-                          specified. Output to stdout or written
-                          to the file specified via -O.
+                          specified via -I. If a keyid (-i) has been
+                          given, use that public key for encryption.
+                          If a recipient (-r) has been given, use
+                          a derived public key. If none of -i or
+                          -r has been given, use the primary
+                          secret key and the public part of it
+                          for encrytion (self-encryption mode).
 -d --decrypt              Decrypt a message. Read from stdin or
                           specified via -I. Output to stdout or
                           written to the file specified via -O.