scip/pcp
1
0
Fork 0
mirror of https://codeberg.org/scip/pcp.git synced 2025-12-16 19:40:57 +01:00
Code Issues Packages Projects Releases Wiki Activity

bump

Browse Source
This commit is contained in:
Thomas von Dein
2016-10-20 23:12:00 +02:00
parent 94ea152460
commit f664cc24c4
9 changed files with 1100 additions and 1153 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
ChangeLog
View File

@@ -1,4 +1,4 @@
NEXT
0.4.0
Changed -C again: doesnt support a key argument
anymore, instead I use the facilities I already
have in place (-x and -X). Also, I don't generate
@@ -28,6 +28,8 @@ NEXT
Added -v support for -d and -e.
Removed endian conversion stuff. see util.c for details.
0.3.0
Changed publuc key signature storage, previously

28
README
View File

@@ -1,27 +1,27 @@
DESCRIPTION
Pretty Curved Privacy (pcp1) is a commandline utility which can be used
to encrypt files. pcp1 uses elliptic curve cryptography for encryption
(CURVE25519 by Dan J. Bernstein). While CURVE25519 is not a worldwide
to encrypt files. pcp1 uses eliptc curve cryptography for encryption
(CURVE25519 by Dan J. Bernstein). While CURVE25519 is no worldwide
accepted standard it hasn't been compromised by the NSA - which might be
better, depending on your point of view.
Caution: since CURVE25519 is not an accepted standard, pcp1 has to be
considered experimental software. In fact, I wrote it just to learn
Caution: since CURVE25519 is no accepted standard, pcp1 has to be
considered as experimental software. In fact, I wrote it just to learn
about the curve and see how it works.
Beside some differences it works like GNUPG. So, if you already know how
to use gpg, you'll feel almost at home.
to use gpg, you'll feel almost home.
QUICKSTART
Lets say, Alicia and Bobby want to exchange encrypted messages. Here's
what they need to do.
what the've got to do.
First, both have to create a secret key:
First, both have create a secret key:
Alicia Bobby
pcp1 -k pcp1 -k
After entering their name, email address, and a passphrase to protect the
After entering their name, email address and a passphrase to protect the
key, it will be stored in their vault file (by default ~/.pcpvault).
Now, both of them have to export the public key, which has to be
@@ -32,18 +32,18 @@ QUICKSTART
Alicia Bobby
pcp1 -p -r Bobby -O alicia.pub pcp1 -p -r Alicia -O bobby.pub
They've got to exchange the public key somehow (which is not my problem at
the moment, use ssh, encrypted mail, etc). Once exchanged, they
They've to exchange the public key somehow (which is not my problem at
the moment, use ssh, encrypted mail, whatever). Once exchanged, they
have to import it:
Alicia Bobby
pcp1 -K -I bobby.pub pcp1 -K -I alicia.pub
They will see a response when this is done:
They will see a response as this when done:
key 0x29A323A2C295D391 added to .pcpvault.
Now, Alicia finally writes the secret message, encrypts it, and sends it
Now, Alicia finally writes the secret message, encrypts it and sends it
to Bobby, who in turn decrypts it:
Alicia Bobby
@@ -84,7 +84,7 @@ FILES AND PIPES
ssh remote cat file | pcp1 -ez | mailx -s 'as requested' bob@somewhere
Here we encrypt a file symmetrically without downloading it from a
here we encrypt a file symmetrically without downloading it from a
remote ssh server and sending the encrypted result via email to someone.
The behavior is the same with any other functionality where files are
@@ -151,7 +151,7 @@ ADDITIONAL COPYRIGHTS
Random art image from OpenSSH keygen
Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
Committed by Alexander von Gernler in rev 1.7.
Comitted by Alexander von Gernler in rev 1.7.
Every incorporated source code is opensource and licensed under the GPL
as well.

26
README.pod
View File

@@ -13,29 +13,29 @@
=head1 DESCRIPTION
B<Pretty Curved Privacy> (pcp1) is a commandline utility which can
be used to encrypt files. B<pcp1> uses elliptic curve cryptography
be used to encrypt files. B<pcp1> uses eliptc curve cryptography
for encryption (CURVE25519 by Dan J. Bernstein). While CURVE25519
is not a worldwide accepted standard it hasn't been compromised by
is no worldwide accepted standard it hasn't been compromised by
the NSA - which might be better, depending on your point of view.
B<Caution>: since CURVE25519 is not an accepted standard, B<pcp1> has
to be considered experimental software. In fact, I wrote it just
B<Caution>: since CURVE25519 is no accepted standard, B<pcp1> has
to be considered as experimental software. In fact, I wrote it just
to learn about the curve and see how it works.
Beside some differences it works like B<GNUPG>. So, if you already
know how to use gpg, you'll feel almost at home.
know how to use gpg, you'll feel almost home.
=head1 QUICKSTART
Lets say, Alicia and Bobby want to exchange encrypted messages.
Here's what they need to do.
Here's what the've got to do.
First, both have to create a secret key:
First, both have create a secret key:
Alicia Bobby
pcp1 -k pcp1 -k
After entering their name, email address, and a passphrase to protect
After entering their name, email address and a passphrase to protect
the key, it will be stored in their B<vault file> (by default ~/.pcpvault).
Now, both of them have to export the public key, which has to be
@@ -46,18 +46,18 @@ a derived public key especially for the recipient:
Alicia Bobby
pcp1 -p -r Bobby -O alicia.pub pcp1 -p -r Alicia -O bobby.pub
They've got to exchange the public key somehow (which is not my
problem at the moment, use ssh, encrypted mail, etc). Once exchanged,
They've to exchange the public key somehow (which is not my
problem at the moment, use ssh, encrypted mail, whatever). Once exchanged,
they have to import it:
Alicia Bobby
pcp1 -K -I bobby.pub pcp1 -K -I alicia.pub
They will see a response when this is done:
They will see a response as this when done:
key 0x29A323A2C295D391 added to .pcpvault.
Now, Alicia finally writes the secret message, encrypts it, and
Now, Alicia finally writes the secret message, encrypts it and
sends it to Bobby, who in turn decrypts it:
Alicia Bobby
@@ -100,7 +100,7 @@ realistic example:
ssh remote cat file | pcp1 -ez | mailx -s 'as requested' bob@somewhere
Here we encrypt a file symmetrically without downloading it from a
here we encrypt a file symmetrically without downloading it from a
remote ssh server and sending the encrypted result via email to
someone.

2
TODO
View File

@@ -1,3 +1,5 @@
keysig to vault: use sig2blog and blog2sig, just like we do with keys
pcpstream.c: use static tmp buffers, avoid alloc mem during each iteration
detach keysig generation from pub key export, so that an existing

2
VERSION
View File

@@ -1 +1 @@
0.3.1
0.4.0

461
bindings/py/pypcp/raw.py
View File

@@ -1,79 +1,79 @@
PCP_RAW_CODE = '''
typedef enum {
JSON_OBJECT,
JSON_ARRAY,
JSON_STRING,
JSON_INTEGER,
JSON_REAL,
JSON_TRUE,
JSON_FALSE,
JSON_NULL
JSON_OBJECT,
JSON_ARRAY,
JSON_STRING,
JSON_INTEGER,
JSON_REAL,
JSON_TRUE,
JSON_FALSE,
JSON_NULL
} json_type;
typedef struct json_t {
json_type type;
size_t refcount;
json_type type;
size_t refcount;
} json_t;
/*** ./gencffi.pl: from ../../include/pcp/defines.h:183 */
/*** ./gencffi.pl: from ../../include/pcp/defines.h:185 */
typedef unsigned char byte;
/*** ./gencffi.pl: from ../../include/pcp/defines.h:183 */
/*** ./gencffi.pl: from ../../include/pcp/defines.h:185 */
typedef unsigned short dbyte;
/*** ./gencffi.pl: from ../../include/pcp/defines.h:183 */
/*** ./gencffi.pl: from ../../include/pcp/defines.h:185 */
typedef unsigned int qbyte;
/*** ./gencffi.pl: from ../../include/pcp/plist.h:83 */
typedef struct _plist_t plist_t;
/*** ./gencffi.pl: from ../../include/pcp/structs.h:379 */
/*** ./gencffi.pl: from ../../include/pcp/structs.h:380 */
typedef struct _pcp_key_t pcp_key_t;
/*** ./gencffi.pl: from ../../include/pcp/structs.h:379 */
/*** ./gencffi.pl: from ../../include/pcp/structs.h:380 */
typedef struct _pcp_pubkey_t pcp_pubkey_t;
/*** ./gencffi.pl: from ../../include/pcp/structs.h:379 */
/*** ./gencffi.pl: from ../../include/pcp/structs.h:380 */
typedef struct _pbp_pubkey_t pbp_pubkey_t;
/*** ./gencffi.pl: from ../../include/pcp/structs.h:379 */
/*** ./gencffi.pl: from ../../include/pcp/structs.h:380 */
typedef struct _pcp_rec_t pcp_rec_t;
/*** ./gencffi.pl: from ../../include/pcp/structs.h:379 */
/*** ./gencffi.pl: from ../../include/pcp/structs.h:380 */
typedef struct _pcp_keysig_t pcp_keysig_t;
/*** ./gencffi.pl: from ../../include/pcp/structs.h:379 */
/*** ./gencffi.pl: from ../../include/pcp/structs.h:380 */
typedef struct _pcp_ctx_t PCPCTX;
/*** ./gencffi.pl: from ../../include/pcp/structs.h:379 */
/*** ./gencffi.pl: from ../../include/pcp/structs.h:380 */
typedef struct _vault_t vault_t;
/*** ./gencffi.pl: from ../../include/pcp/structs.h:379 */
/*** ./gencffi.pl: from ../../include/pcp/structs.h:380 */
typedef struct _vault_header_t vault_header_t;
/*** ./gencffi.pl: from ../../include/pcp/structs.h:379 */
/*** ./gencffi.pl: from ../../include/pcp/structs.h:380 */
typedef struct _vault_item_header_t vault_item_header_t;
/*** ./gencffi.pl: from ../../include/pcp/structs.h:379 */
/*** ./gencffi.pl: from ../../include/pcp/structs.h:380 */
typedef struct _pcp_buffer Buffer;
/*** ./gencffi.pl: from ../../include/pcp/structs.h:379 */
/*** ./gencffi.pl: from ../../include/pcp/structs.h:380 */
typedef struct _pcp_stream_t Pcpstream;
/*** ./gencffi.pl: from ../../include/pcp/structs.h:379 */
/*** ./gencffi.pl: from ../../include/pcp/structs.h:380 */
typedef struct _pcp_rfc_pubkey_header_t rfc_pub_h;
/*** ./gencffi.pl: from ../../include/pcp/structs.h:379 */
/*** ./gencffi.pl: from ../../include/pcp/structs.h:380 */
typedef struct _pcp_rfc_pubkey_0x21_t rfc_pub_k;
/*** ./gencffi.pl: from ../../include/pcp/structs.h:379 */
/*** ./gencffi.pl: from ../../include/pcp/structs.h:380 */
typedef struct _pcp_rfc_pubkey_sigheader_0x21_t rfc_pub_sig_h;
/*** ./gencffi.pl: from ../../include/pcp/structs.h:379 */
/*** ./gencffi.pl: from ../../include/pcp/structs.h:380 */
typedef struct _pcp_rfc_pubkey_sigsub_0x21_t rfc_pub_sig_s;
/*** ./gencffi.pl: from ../../include/pcp/structs.h:379 */
/*** ./gencffi.pl: from ../../include/pcp/structs.h:380 */
typedef struct _pcp_ks_bundle_t pcp_ks_bundle_t;
/*** ./gencffi.pl: from ../../include/pcp/plist.h:83 */
struct _plist_t {
@@ -82,7 +82,7 @@ struct _plist_t {
struct _plist_t *first;
};
/*** ./gencffi.pl: from ../../include/pcp/structs.h:379 */
/*** ./gencffi.pl: from ../../include/pcp/structs.h:380 */
struct _pcp_key_t {
byte masterpub[LEDPUB]; /**< ED25519 master public key signing key */
byte mastersecret[LEDSEC]; /**< ED25519 master secret key signing key */
@@ -102,7 +102,7 @@ struct _pcp_key_t {
byte hh[56];
};
/*** ./gencffi.pl: from ../../include/pcp/structs.h:379 */
/*** ./gencffi.pl: from ../../include/pcp/structs.h:380 */
struct _pcp_pubkey_t {
byte masterpub[LEDPUB]; /**< ED25519 master public key signing key */
byte pub[LBOXPUB]; /**< Curve25519 encryption public key */
@@ -119,7 +119,7 @@ struct _pcp_pubkey_t {
byte hh[56];
};
/*** ./gencffi.pl: from ../../include/pcp/structs.h:379 */
/*** ./gencffi.pl: from ../../include/pcp/structs.h:380 */
struct _pbp_pubkey_t {
byte masterpub[32];
byte edpub[32];
@@ -129,7 +129,7 @@ struct _pbp_pubkey_t {
char name[1024];
};
/*** ./gencffi.pl: from ../../include/pcp/structs.h:379 */
/*** ./gencffi.pl: from ../../include/pcp/structs.h:380 */
struct _pcp_rec_t {
size_t ciphersize; /**< the size of the encrypted recipient list */
byte *cipher; /**< contains the whole encrypted recipient list */
@@ -137,7 +137,7 @@ struct _pcp_rec_t {
pcp_pubkey_t *pub; /**< if verification were ok, contains the public key of the signer */
};
/*** ./gencffi.pl: from ../../include/pcp/structs.h:379 */
/*** ./gencffi.pl: from ../../include/pcp/structs.h:380 */
struct _pcp_keysig_t {
uint8_t type;
uint32_t size;
@@ -147,7 +147,7 @@ struct _pcp_keysig_t {
byte hh[56];
};
/*** ./gencffi.pl: from ../../include/pcp/structs.h:379 */
/*** ./gencffi.pl: from ../../include/pcp/structs.h:380 */
struct _pcp_ctx_t {
char *pcp_err; /**< last error message. retrieve with fatals_ifany() */
byte pcp_errset; /**< indicates if an error occurred. */
@@ -159,7 +159,7 @@ struct _pcp_ctx_t {
pcp_keysig_t *pcpkeysig_hash; /**< hash for key sigs */
};
/*** ./gencffi.pl: from ../../include/pcp/structs.h:379 */
/*** ./gencffi.pl: from ../../include/pcp/structs.h:380 */
struct _vault_t {
char *filename; /**< The filename of the vault (full path) */
FILE *fd; /**< Filehandle if opened */
@@ -172,14 +172,14 @@ struct _vault_t {
byte checksum[LSHA]; /**< SHA256 checksum over the whole vault */
};
/*** ./gencffi.pl: from ../../include/pcp/structs.h:379 */
/*** ./gencffi.pl: from ../../include/pcp/structs.h:380 */
struct _vault_header_t {
uint8_t fileid; /**< File id, proprietary. Marks the vault as a vault */
uint32_t version; /**< File version */
byte checksum[LSHA]; /**< SHA256 checksum over the whole vault */
};
/*** ./gencffi.pl: from ../../include/pcp/structs.h:379 */
/*** ./gencffi.pl: from ../../include/pcp/structs.h:380 */
struct _vault_item_header_t {
uint8_t type; /**< Item type (secret key, public, key, keysig, \see _PCP_KEY_TYPES */
uint32_t size; /**< Size of the item */
@@ -187,7 +187,7 @@ struct _vault_item_header_t {
byte checksum[LSHA]; /**< SHA256 checksum of the item */
};
/*** ./gencffi.pl: from ../../include/pcp/structs.h:379 */
/*** ./gencffi.pl: from ../../include/pcp/structs.h:380 */
struct _pcp_buffer {
char *name; /**< just for convenience in error messages and the like, so we know which buffer cause trouble */
uint8_t allocated; /**< marks the buffer as allocated */
@@ -199,13 +199,14 @@ struct _pcp_buffer {
void *buf; /**< the actual storage buffer */
};
/*** ./gencffi.pl: from ../../include/pcp/structs.h:379 */
/*** ./gencffi.pl: from ../../include/pcp/structs.h:380 */
struct _pcp_stream_t {
FILE *fd; /**< The backend FILE stream */
Buffer *b; /**< The backend Buffer object */
Buffer *cache; /**< The caching Buffer object (for look ahead read) */
Buffer *next; /**< The caching Next-Buffer object (for look ahead read) */
Buffer *save; /**< Temporary buffer to backup overflow data */
byte *xb; /**< Temporary byte buffer for reading/writing data */
uint8_t is_buffer; /**< Set to 1 if the backend is a Buffer */
uint8_t eof; /**< Set to 1 if EOF reached */
uint8_t err; /**< Set to 1 if an error occured */
@@ -219,21 +220,21 @@ struct _pcp_stream_t {
size_t pos; /**< remember i/o position */
};
/*** ./gencffi.pl: from ../../include/pcp/structs.h:379 */
/*** ./gencffi.pl: from ../../include/pcp/structs.h:380 */
struct _pcp_rfc_pubkey_header_t {
uint8_t version;
uint64_t ctime;
uint8_t cipher;
};
/*** ./gencffi.pl: from ../../include/pcp/structs.h:379 */
/*** ./gencffi.pl: from ../../include/pcp/structs.h:380 */
struct _pcp_rfc_pubkey_0x21_t {
byte sig_ed25519_pub[32];
byte ed25519_pub[32];
byte curve25519_pub[32];
};
/*** ./gencffi.pl: from ../../include/pcp/structs.h:379 */
/*** ./gencffi.pl: from ../../include/pcp/structs.h:380 */
struct _pcp_rfc_pubkey_sigheader_0x21_t {
uint8_t version;
uint8_t type;
@@ -242,13 +243,13 @@ struct _pcp_rfc_pubkey_sigheader_0x21_t {
uint16_t numsubs;
};
/*** ./gencffi.pl: from ../../include/pcp/structs.h:379 */
/*** ./gencffi.pl: from ../../include/pcp/structs.h:380 */
struct _pcp_rfc_pubkey_sigsub_0x21_t {
uint32_t size;
uint8_t type;
};
/*** ./gencffi.pl: from ../../include/pcp/structs.h:379 */
/*** ./gencffi.pl: from ../../include/pcp/structs.h:380 */
struct _pcp_ks_bundle_t {
pcp_pubkey_t *p;
pcp_keysig_t *s;
@@ -463,82 +464,88 @@ char *pcp_get_passphrase(char *prompt);
/*** ./gencffi.pl: from ../../include/pcp/jenhash.h:25 */
unsigned jen_hash ( unsigned char *k, unsigned length, unsigned initval );
/*** ./gencffi.pl: from ../../include/pcp/key.h:320 */
/*** ./gencffi.pl: from ../../include/pcp/key.h:324 */
pcp_key_t *pcpkey_new ();
/*** ./gencffi.pl: from ../../include/pcp/key.h:320 */
/*** ./gencffi.pl: from ../../include/pcp/key.h:324 */
void pcp_keypairs(byte *msk, byte *mpk, byte *csk, byte *cpk, byte *esk, byte *epk);
/*** ./gencffi.pl: from ../../include/pcp/key.h:320 */
/*** ./gencffi.pl: from ../../include/pcp/key.h:324 */
char *pcppubkey_get_art(pcp_pubkey_t *k);
/*** ./gencffi.pl: from ../../include/pcp/key.h:320 */
/*** ./gencffi.pl: from ../../include/pcp/key.h:324 */
char *pcpkey_get_art(pcp_key_t *k);
/*** ./gencffi.pl: from ../../include/pcp/key.h:320 */
/*** ./gencffi.pl: from ../../include/pcp/key.h:324 */
pcp_key_t *pcpkey_encrypt(PCPCTX *ptx, pcp_key_t *key, char *passphrase);
/*** ./gencffi.pl: from ../../include/pcp/key.h:320 */
/*** ./gencffi.pl: from ../../include/pcp/key.h:324 */
pcp_key_t *pcpkey_decrypt(PCPCTX *ptx, pcp_key_t *key, char *passphrase);
/*** ./gencffi.pl: from ../../include/pcp/key.h:320 */
/*** ./gencffi.pl: from ../../include/pcp/key.h:324 */
pcp_pubkey_t *pcpkey_pub_from_secret(pcp_key_t *key);
/*** ./gencffi.pl: from ../../include/pcp/key.h:320 */
/*** ./gencffi.pl: from ../../include/pcp/key.h:324 */
char *pcp_getkeyid(pcp_key_t *k);
/*** ./gencffi.pl: from ../../include/pcp/key.h:320 */
/*** ./gencffi.pl: from ../../include/pcp/key.h:324 */
char *pcp_getpubkeyid(pcp_pubkey_t *k);
/*** ./gencffi.pl: from ../../include/pcp/key.h:320 */
/*** ./gencffi.pl: from ../../include/pcp/key.h:324 */
byte *pcppubkey_getchecksum(pcp_pubkey_t *k);
/*** ./gencffi.pl: from ../../include/pcp/key.h:320 */
/*** ./gencffi.pl: from ../../include/pcp/key.h:324 */
byte *pcpkey_getchecksum(pcp_key_t *k);
/*** ./gencffi.pl: from ../../include/pcp/key.h:320 */
/*** ./gencffi.pl: from ../../include/pcp/key.h:324 */
pcp_key_t * key2be(pcp_key_t *k);
/*** ./gencffi.pl: from ../../include/pcp/key.h:320 */
/*** ./gencffi.pl: from ../../include/pcp/key.h:324 */
pcp_key_t *key2native(pcp_key_t *k);
/*** ./gencffi.pl: from ../../include/pcp/key.h:320 */
/*** ./gencffi.pl: from ../../include/pcp/key.h:324 */
pcp_pubkey_t * pubkey2be(pcp_pubkey_t *k);
/*** ./gencffi.pl: from ../../include/pcp/key.h:320 */
/*** ./gencffi.pl: from ../../include/pcp/key.h:324 */
pcp_pubkey_t *pubkey2native(pcp_pubkey_t *k);
/*** ./gencffi.pl: from ../../include/pcp/key.h:320 */
/*** ./gencffi.pl: from ../../include/pcp/key.h:324 */
byte * pcp_gennonce();
/*** ./gencffi.pl: from ../../include/pcp/key.h:320 */
/*** ./gencffi.pl: from ../../include/pcp/key.h:324 */
byte *pcp_derivekey(PCPCTX *ptx, char *passphrase, byte *nonce);
/*** ./gencffi.pl: from ../../include/pcp/key.h:320 */
/*** ./gencffi.pl: from ../../include/pcp/key.h:324 */
void pcp_seckeyblob(Buffer *b, pcp_key_t *k);
/*** ./gencffi.pl: from ../../include/pcp/key.h:320 */
/*** ./gencffi.pl: from ../../include/pcp/key.h:324 */
void pcp_pubkeyblob(Buffer *b, pcp_pubkey_t *k);
/*** ./gencffi.pl: from ../../include/pcp/key.h:320 */
/*** ./gencffi.pl: from ../../include/pcp/key.h:324 */
Buffer *pcp_keyblob(void *k, int type);
/*** ./gencffi.pl: from ../../include/pcp/key.h:320 */
/*** ./gencffi.pl: from ../../include/pcp/key.h:324 */
pcp_key_t *pcp_blob2key(Buffer *b);
/*** ./gencffi.pl: from ../../include/pcp/key.h:324 */
pcp_pubkey_t *pcp_blob2pubkey(Buffer *b);
/*** ./gencffi.pl: from ../../include/pcp/key.h:324 */
int pcp_sanitycheck_pub(PCPCTX *ptx, pcp_pubkey_t *key);
/*** ./gencffi.pl: from ../../include/pcp/key.h:320 */
/*** ./gencffi.pl: from ../../include/pcp/key.h:324 */
int pcp_sanitycheck_key(PCPCTX *ptx, pcp_key_t *key);
/*** ./gencffi.pl: from ../../include/pcp/key.h:320 */
/*** ./gencffi.pl: from ../../include/pcp/key.h:324 */
void pcp_dumpkey(pcp_key_t *k);
/*** ./gencffi.pl: from ../../include/pcp/key.h:320 */
/*** ./gencffi.pl: from ../../include/pcp/key.h:324 */
void pcp_dumppubkey(pcp_pubkey_t *k);
/*** ./gencffi.pl: from ../../include/pcp/key.h:320 */
/*** ./gencffi.pl: from ../../include/pcp/key.h:324 */
void pcpkey_setowner(pcp_key_t *key, char *owner, char *mail);
/*** ./gencffi.pl: from ../../include/pcp/key.h:320 */
/*** ./gencffi.pl: from ../../include/pcp/key.h:324 */
double pcp_getentropy(char *source);
/*** ./gencffi.pl: from ../../include/pcp/keyhash.h:153 */
@@ -604,61 +611,61 @@ void ucfree(void *d, size_t len);
/*** ./gencffi.pl: from ../../include/pcp/mem.h:58 */
void sfree(void *d);
/*** ./gencffi.pl: from ../../include/pcp/mgmt.h:188 */
/*** ./gencffi.pl: from ../../include/pcp/mgmt.h:193 */
Buffer *pcp_export_rfc_pub (PCPCTX *ptx, pcp_key_t *sk);
/*** ./gencffi.pl: from ../../include/pcp/mgmt.h:188 */
/*** ./gencffi.pl: from ../../include/pcp/mgmt.h:193 */
Buffer *pcp_export_pbp_pub(pcp_key_t *sk);
/*** ./gencffi.pl: from ../../include/pcp/mgmt.h:188 */
/*** ./gencffi.pl: from ../../include/pcp/mgmt.h:193 */
Buffer *pcp_export_secret(PCPCTX *ptx, pcp_key_t *sk, char *passphrase);
/*** ./gencffi.pl: from ../../include/pcp/mgmt.h:188 */
/*** ./gencffi.pl: from ../../include/pcp/mgmt.h:193 */
Buffer *pcp_export_json_pub(PCPCTX *ptx, pcp_key_t *sk, byte *sig, size_t siglen);
/*** ./gencffi.pl: from ../../include/pcp/mgmt.h:188 */
/*** ./gencffi.pl: from ../../include/pcp/mgmt.h:193 */
Buffer *pcp_export_json_secret(PCPCTX *ptx, pcp_key_t *sk, byte *nonce, byte *cipher, size_t clen);
/*** ./gencffi.pl: from ../../include/pcp/mgmt.h:188 */
/*** ./gencffi.pl: from ../../include/pcp/mgmt.h:193 */
json_t *pcp_sk2json(pcp_key_t *sk, byte *sig,size_t siglen);
/*** ./gencffi.pl: from ../../include/pcp/mgmt.h:188 */
/*** ./gencffi.pl: from ../../include/pcp/mgmt.h:193 */
json_t *pcp_pk2json(pcp_pubkey_t *pk);
/*** ./gencffi.pl: from ../../include/pcp/mgmt.h:188 */
/*** ./gencffi.pl: from ../../include/pcp/mgmt.h:193 */
pcp_ks_bundle_t *pcp_import_pub_json(PCPCTX *ptx, byte *raw, size_t rawsize);
/*** ./gencffi.pl: from ../../include/pcp/mgmt.h:188 */
/*** ./gencffi.pl: from ../../include/pcp/mgmt.h:193 */
Buffer *pcp_import_secret_json(PCPCTX *ptx, Buffer *json);
/*** ./gencffi.pl: from ../../include/pcp/mgmt.h:188 */
/*** ./gencffi.pl: from ../../include/pcp/mgmt.h:193 */
pcp_ks_bundle_t *pcp_import_pub(PCPCTX *ptx, byte *raw, size_t rawsize);
/*** ./gencffi.pl: from ../../include/pcp/mgmt.h:188 */
/*** ./gencffi.pl: from ../../include/pcp/mgmt.h:193 */
pcp_ks_bundle_t *pcp_import_binpub(PCPCTX *ptx, byte *raw, size_t rawsize);
/*** ./gencffi.pl: from ../../include/pcp/mgmt.h:188 */
/*** ./gencffi.pl: from ../../include/pcp/mgmt.h:193 */
pcp_ks_bundle_t *pcp_import_pub_rfc(PCPCTX *ptx, Buffer *blob);
/*** ./gencffi.pl: from ../../include/pcp/mgmt.h:188 */
/*** ./gencffi.pl: from ../../include/pcp/mgmt.h:193 */
pcp_ks_bundle_t *pcp_import_pub_pbp(PCPCTX *ptx, Buffer *blob);
/*** ./gencffi.pl: from ../../include/pcp/mgmt.h:188 */
/*** ./gencffi.pl: from ../../include/pcp/mgmt.h:193 */
pcp_key_t *pcp_import_binsecret(PCPCTX *ptx, byte *raw, size_t rawsize, char *passphrase);
/*** ./gencffi.pl: from ../../include/pcp/mgmt.h:188 */
/*** ./gencffi.pl: from ../../include/pcp/mgmt.h:193 */
pcp_key_t *pcp_import_secret(PCPCTX *ptx, byte *raw, size_t rawsize, char *passphrase);
/*** ./gencffi.pl: from ../../include/pcp/mgmt.h:188 */
/*** ./gencffi.pl: from ../../include/pcp/mgmt.h:193 */
pcp_key_t *pcp_import_secret_native(PCPCTX *ptx, Buffer *cipher, char *passphrase);
/*** ./gencffi.pl: from ../../include/pcp/mgmt.h:188 */
/*** ./gencffi.pl: from ../../include/pcp/mgmt.h:193 */
int _check_keysig_h(PCPCTX *ptx, Buffer *blob, rfc_pub_sig_h *h);
/*** ./gencffi.pl: from ../../include/pcp/mgmt.h:188 */
/*** ./gencffi.pl: from ../../include/pcp/mgmt.h:193 */
int _check_hash_keysig(PCPCTX *ptx, Buffer *blob, pcp_pubkey_t *p, pcp_keysig_t *sk);
/*** ./gencffi.pl: from ../../include/pcp/mgmt.h:188 */
/*** ./gencffi.pl: from ../../include/pcp/mgmt.h:193 */
int _check_sigsubs(PCPCTX *ptx, Buffer *blob, pcp_pubkey_t *p, rfc_pub_sig_s *subheader);
/*** ./gencffi.pl: from ../../include/pcp/pcpstream.h:291 */
@@ -745,27 +752,45 @@ int pcp_readpass_fromprog(PCPCTX *ptx, char **passwd, const char *askpass);
/*** ./gencffi.pl: from ../../include/pcp/scrypt.h:42 */
byte * pcp_scrypt(PCPCTX *ptx, char *passwd, size_t passwdlen, byte *nonce, size_t noncelen);
/*** ./gencffi.pl: from ../../include/pcp/util.h:128 */
/*** ./gencffi.pl: from ../../include/pcp/util.h:141 */
char *_lc(char *in);
/*** ./gencffi.pl: from ../../include/pcp/util.h:128 */
/*** ./gencffi.pl: from ../../include/pcp/util.h:141 */
long int _findoffset(byte *bin, size_t binlen, char *sigstart, size_t hlen);
/*** ./gencffi.pl: from ../../include/pcp/util.h:128 */
/*** ./gencffi.pl: from ../../include/pcp/util.h:141 */
void _xorbuf(byte *iv, byte *buf, size_t xlen);
/*** ./gencffi.pl: from ../../include/pcp/util.h:128 */
/*** ./gencffi.pl: from ../../include/pcp/util.h:141 */
void _dump(char *n, byte *d, size_t s);
/*** ./gencffi.pl: from ../../include/pcp/util.h:128 */
/*** ./gencffi.pl: from ../../include/pcp/util.h:141 */
char *_bin2hex(byte *bin, size_t len);
/*** ./gencffi.pl: from ../../include/pcp/util.h:128 */
/*** ./gencffi.pl: from ../../include/pcp/util.h:141 */
size_t _hex2bin(const char *hex_str, unsigned char *byte_array, size_t byte_array_max);
/*** ./gencffi.pl: from ../../include/pcp/util.h:128 */
/*** ./gencffi.pl: from ../../include/pcp/util.h:141 */
int cst_time_memcmp(const void *m1, const void *m2, size_t n);
/*** ./gencffi.pl: from ../../include/pcp/util.h:141 */
uint64_t _wireto64(byte *data);
/*** ./gencffi.pl: from ../../include/pcp/util.h:141 */
uint32_t _wireto32(byte *data);
/*** ./gencffi.pl: from ../../include/pcp/util.h:141 */
uint16_t _wireto16(byte *data);
/*** ./gencffi.pl: from ../../include/pcp/util.h:141 */
void _64towire(uint64_t i, byte *data);
/*** ./gencffi.pl: from ../../include/pcp/util.h:141 */
void _32towire(uint32_t i, byte *data);
/*** ./gencffi.pl: from ../../include/pcp/util.h:141 */
void _16towire(uint16_t i, byte *data);
/*** ./gencffi.pl: from ../../include/pcp/vault.h:230 */
vault_t *pcpvault_init(PCPCTX *ptx, char *filename);
@@ -871,145 +896,145 @@ uint8_t *zmq_z85_decode (uint8_t *dest, char *string);
/*** ./gencffi.pl: from ../../include/pcp/zmq_z85.h:31 */
char *zmq_z85_encode (char *dest, uint8_t *data, size_t size);'''
# ./gencffi.pl: from ../../include/pcp/defines.h:183
PCP_ASYM_CIPHER = 5
# ./gencffi.pl: from ../../include/pcp/defines.h:183
PCP_BLOCK_SIZE = 32 * 1024
# ./gencffi.pl: from ../../include/pcp/defines.h:183
EXP_PK_HEADER = "----- BEGIN ED25519-CURVE29915 PUBLIC KEY -----"
# ./gencffi.pl: from ../../include/pcp/defines.h:183
EXP_SK_FOOTER = "----- END ED25519-CURVE29915 PRIVATE KEY -----"
# ./gencffi.pl: from ../../include/pcp/defines.h:183
PCP_ENFILE_HEADER = "----- BEGIN PCP ENCRYPTED FILE -----\r\n"
# ./gencffi.pl: from ../../include/pcp/defines.h:183
EXP_FORMAT_NATIVE = 1
# ./gencffi.pl: from ../../include/pcp/defines.h:183
PBP_COMPAT_SALT = "qa~t](84z<1t<1oz:ik.@IRNyhG=8q(on9}4#!/_h#a7wqK{Nt$T?W>,mt8NqYq&6U<GB1$,<$j>,rSYI2GRDd:Bcm"
# ./gencffi.pl: from ../../include/pcp/defines.h:183
EXP_HASH_CIPHER = 0x22
# ./gencffi.pl: from ../../include/pcp/defines.h:183
EXP_HASH_NAME = "BLAKE2"
# ./gencffi.pl: from ../../include/pcp/defines.h:183
EXP_SIG_SUB_NOTATION = 20
# ./gencffi.pl: from ../../include/pcp/defines.h:183
EXP_SIG_CIPHER_NAME = "ED25519"
# ./gencffi.pl: from ../../include/pcp/defines.h:183
EXP_SIG_CIPHER = 0x23
# ./gencffi.pl: from ../../include/pcp/defines.h:183
PCP_ZFILE_HEADER = "----- BEGIN Z85 ENCODED FILE -----"
# ./gencffi.pl: from ../../include/pcp/defines.h:183
PCP_SIG_END = "----- END ED25519 SIGNATURE -----"
# ./gencffi.pl: from ../../include/pcp/defines.h:183
EXP_PK_CIPHER = 0x21
# ./gencffi.pl: from ../../include/pcp/defines.h:183
PCP_RFC_CIPHER = 0x21
# ./gencffi.pl: from ../../include/pcp/defines.h:183
PCP_ASYM_CIPHER_ANON = 6
# ./gencffi.pl: from ../../include/pcp/defines.h:183
PCP_ENFILE_FOOTER = "\r\n----- END PCP ENCRYPTED FILE -----\r\n"
# ./gencffi.pl: from ../../include/pcp/defines.h:183
PCP_SYM_CIPHER = 23
# ./gencffi.pl: from ../../include/pcp/defines.h:183
# ./gencffi.pl: from ../../include/pcp/defines.h:185
EXP_SIG_TYPE = 0x1F
# ./gencffi.pl: from ../../include/pcp/defines.h:183
EXP_SIG_SUB_KEYFLAGS = 27
# ./gencffi.pl: from ../../include/pcp/defines.h:183
EXP_SK_HEADER = "----- BEGIN ED25519-CURVE29915 PRIVATE KEY -----"
# ./gencffi.pl: from ../../include/pcp/defines.h:183
PCP_SIGPREFIX = "\nnacl-"
# ./gencffi.pl: from ../../include/pcp/defines.h:183
PCP_ME = "Pretty Curved Privacy"
# ./gencffi.pl: from ../../include/pcp/defines.h:183
PCP_ZFILE_FOOTER = "----- END Z85 ENCODED FILE -----"
# ./gencffi.pl: from ../../include/pcp/defines.h:183
EXP_SIG_SUB_SIGEXPIRE = 3
# ./gencffi.pl: from ../../include/pcp/defines.h:183
EXP_SIG_SUB_CTIME = 2
# ./gencffi.pl: from ../../include/pcp/defines.h:183
EXP_PK_FOOTER = "----- END ED25519-CURVE29915 PUBLIC KEY -----"
# ./gencffi.pl: from ../../include/pcp/defines.h:183
# ./gencffi.pl: from ../../include/pcp/defines.h:185
PCP_VAULT_ID = 14
# ./gencffi.pl: from ../../include/pcp/defines.h:183
PCP_ASYM_CIPHER_ANON_SIG = 7
# ./gencffi.pl: from ../../include/pcp/defines.h:185
EXP_SIG_SUB_KEYFLAGS = 27
# ./gencffi.pl: from ../../include/pcp/defines.h:183
PCP_SIG_HEADER = "----- BEGIN ED25519 SIGNED MESSAGE -----"
# ./gencffi.pl: from ../../include/pcp/defines.h:185
PCP_ASYM_CIPHER_ANON = 6
# ./gencffi.pl: from ../../include/pcp/defines.h:183
PCP_ASYM_CIPHER_SIG = 24
# ./gencffi.pl: from ../../include/pcp/defines.h:185
PCP_SIGPREFIX = "\nnacl-"
# ./gencffi.pl: from ../../include/pcp/defines.h:183
# ./gencffi.pl: from ../../include/pcp/defines.h:185
EXP_PK_CIPHER_NAME = "CURVE25519-ED25519-POLY1305-SALSA20"
# ./gencffi.pl: from ../../include/pcp/defines.h:183
EXP_FORMAT_PBP = 2
# ./gencffi.pl: from ../../include/pcp/defines.h:185
PCP_ZFILE_HEADER = "----- BEGIN Z85 ENCODED FILE -----"
# ./gencffi.pl: from ../../include/pcp/defines.h:183
# ./gencffi.pl: from ../../include/pcp/defines.h:185
EXP_SIG_SUB_CTIME = 2
# ./gencffi.pl: from ../../include/pcp/defines.h:185
PCP_ENFILE_FOOTER = "\r\n----- END PCP ENCRYPTED FILE -----\r\n"
# ./gencffi.pl: from ../../include/pcp/defines.h:185
EXP_PK_FOOTER = "----- END ED25519-CURVE29915 PUBLIC KEY -----"
# ./gencffi.pl: from ../../include/pcp/defines.h:185
EXP_PK_CIPHER = 0x21
# ./gencffi.pl: from ../../include/pcp/defines.h:185
PCP_SYM_CIPHER = 23
# ./gencffi.pl: from ../../include/pcp/defines.h:185
PCP_RFC_CIPHER = 0x21
# ./gencffi.pl: from ../../include/pcp/defines.h:185
PCP_BLOCK_SIZE = 32 * 1024
# ./gencffi.pl: from ../../include/pcp/defines.h:185
EXP_SIG_SUB_KEYEXPIRE = 9
# ./gencffi.pl: from ../../include/pcp/defines.h:183
# ./gencffi.pl: from ../../include/pcp/defines.h:185
EXP_HASH_NAME = "BLAKE2"
# ./gencffi.pl: from ../../include/pcp/defines.h:185
EXP_PK_HEADER = "----- BEGIN ED25519-CURVE29915 PUBLIC KEY -----"
# ./gencffi.pl: from ../../include/pcp/defines.h:185
PCP_ZFILE_FOOTER = "----- END Z85 ENCODED FILE -----"
# ./gencffi.pl: from ../../include/pcp/defines.h:185
PCP_SIG_END = "----- END ED25519 SIGNATURE -----"
# ./gencffi.pl: from ../../include/pcp/defines.h:185
PBP_COMPAT_SALT = "qa~t](84z<1t<1oz:ik.@IRNyhG=8q(on9}4#!/_h#a7wqK{Nt$T?W>,mt8NqYq&6U<GB1$,<$j>,rSYI2GRDd:Bcm"
# ./gencffi.pl: from ../../include/pcp/defines.h:185
EXP_SK_HEADER = "----- BEGIN ED25519-CURVE29915 PRIVATE KEY -----"
# ./gencffi.pl: from ../../include/pcp/defines.h:185
PCP_SIG_HEADER = "----- BEGIN ED25519 SIGNED MESSAGE -----"
# ./gencffi.pl: from ../../include/pcp/defines.h:185
PCP_ENFILE_HEADER = "----- BEGIN PCP ENCRYPTED FILE -----\r\n"
# ./gencffi.pl: from ../../include/pcp/defines.h:185
PCP_ASYM_CIPHER = 5
# ./gencffi.pl: from ../../include/pcp/defines.h:185
PCP_SIG_START = "----- BEGIN ED25519 SIGNATURE -----"
# ./gencffi.pl: from ../../include/pcp/defines.h:185
EXP_HASH_CIPHER = 0x22
# ./gencffi.pl: from ../../include/pcp/defines.h:185
PCP_ME = "Pretty Curved Privacy"
# ./gencffi.pl: from ../../include/pcp/defines.h:185
EXP_FORMAT_PBP = 2
# ./gencffi.pl: from ../../include/pcp/defines.h:185
EXP_SK_FOOTER = "----- END ED25519-CURVE29915 PRIVATE KEY -----"
# ./gencffi.pl: from ../../include/pcp/defines.h:185
EXP_SIG_CIPHER = 0x23
# ./gencffi.pl: from ../../include/pcp/defines.h:185
PCP_ASYM_CIPHER_ANON_SIG = 7
# ./gencffi.pl: from ../../include/pcp/defines.h:185
EXP_SIG_CIPHER_NAME = "ED25519"
# ./gencffi.pl: from ../../include/pcp/defines.h:185
EXP_FORMAT_NATIVE = 1
# ./gencffi.pl: from ../../include/pcp/defines.h:185
PCP_ASYM_CIPHER_SIG = 24
# ./gencffi.pl: from ../../include/pcp/defines.h:185
EXP_SIG_SUB_NOTATION = 20
# ./gencffi.pl: from ../../include/pcp/defines.h:185
EXP_SIG_SUB_SIGEXPIRE = 3

81
man/pcp1.1
View File

@@ -1,4 +1,4 @@
.\" Automatically generated by Pod::Man 2.25 (Pod::Simple 3.16)
.\" Automatically generated by Pod::Man 2.28 (Pod::Simple 3.30)
.\"
.\" Standard preamble:
.\" ========================================================================
@@ -38,6 +38,8 @@
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
@@ -48,17 +50,24 @@
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.ie \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
. nr % 0
. rr F
.\}
.el \{\
. de IX
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{
. if \nF \{
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
@@ -124,7 +133,7 @@
.\" ========================================================================
.\"
.IX Title "PCP1 1"
.TH PCP1 1 "2016-01-21" "PCP 0.3.1" "USER CONTRIBUTED DOCUMENTATION"
.TH PCP1 1 "2016-10-20" "PCP 0.4.0" "USER CONTRIBUTED DOCUMENTATION"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
@@ -342,7 +351,7 @@ Pretty Curved Privacy \- File encryption using eliptic curve cryptography.
be used to encrypt files. \fBpcp1\fR uses eliptc curve cryptography
for encryption (\s-1CURVE25519\s0 by Dan J. Bernstein). While \s-1CURVE25519\s0
is no worldwide accepted standard it hasn't been compromised by
the \s-1NSA\s0 \- which might be better, depending on your point of view.
the \s-1NSA \-\s0 which might be better, depending on your point of view.
.PP
\&\fBCaution\fR: since \s-1CURVE25519\s0 is no accepted standard, \fBpcp1\fR has
to be considered as experimental software. In fact, I wrote it just
@@ -668,10 +677,10 @@ Enable debugging output, where supported. Same as \fB\-D\fR.
.IX Header "EXIT STATUS"
Pcp may return one of several error codes if it encounters problems.
.IP "0 No problems occurred." 4
.IX Item "0 No problems occurred."
.IX Item "0 No problems occurred."
.PD 0
.IP "1 Generic error code." 4
.IX Item "1 Generic error code."
.IX Item "1 Generic error code."
.PD
.SH "FILES"
.IX Header "FILES"
@@ -738,7 +747,7 @@ for the worst like passphrases like \*(L"aaa\*(R" or \*(L"x\*(R".
.PP
Pcp considers passphrases with an entropy measurement of 3.32 or higher
as acceptable. This may change in the future.
.SS "\s-1VAULT\s0 \s-1FORMAT\s0"
.SS "\s-1VAULT FORMAT\s0"
.IX Subsection "VAULT FORMAT"
The vault file contains all public and secret keys. It's a portable
binary file.
@@ -785,7 +794,7 @@ Type can be one of:
.Ve
.PP
The key header is followed by the actual key, see below.
.SS "\s-1SECRET\s0 \s-1KEY\s0 \s-1FORMAT\s0"
.SS "\s-1SECRET KEY FORMAT\s0"
.IX Subsection "SECRET KEY FORMAT"
A secret key is a binary structure with the following format:
.PP
@@ -854,7 +863,7 @@ are otherwise unrelated. If one of them leaks, the other
cannot be recalculated from it.
.PP
Take a look at the function \fB\f(BIpcp_keypairs()\fB\fR for details.
.SS "\s-1PUBLIC\s0 \s-1KEY\s0 \s-1EXPORT\s0 \s-1FORMAT\s0"
.SS "\s-1PUBLIC KEY EXPORT FORMAT\s0"
.IX Subsection "PUBLIC KEY EXPORT FORMAT"
Exported public and secret keys will be written in a portable
way. Pcp uses \s-1RFC4880\s0 export format for public keys with some
@@ -958,7 +967,7 @@ So, a full pubkey export looks like this
\& hash
\& signature
.Ve
.SS "\s-1SECRET\s0 \s-1KEY\s0 \s-1EXPORT\s0 \s-1FORMAT\s0"
.SS "\s-1SECRET KEY EXPORT FORMAT\s0"
.IX Subsection "SECRET KEY EXPORT FORMAT"
Secret keys are exported in a proprietary format.
.PP
@@ -990,7 +999,7 @@ to encrypt the data and looks after encryption as such:
.Vb 1
\& Nonce | Cipher
.Ve
.SS "\s-1ENCRYPTED\s0 \s-1OUTPUT\s0 \s-1FORMAT\s0"
.SS "\s-1ENCRYPTED OUTPUT FORMAT\s0"
.IX Subsection "ENCRYPTED OUTPUT FORMAT"
The encryption protocol used by \s-1PCP\s0 uses mostly standard
libsodium facilities with the exception that \s-1PCP\s0 uses counter
@@ -1083,7 +1092,7 @@ of the sender.
The encrypted output maybe Z85 encoded. In this case the Z85
encoding will be done blockwise with blocks of 16k bytes. The
decoded content inside will be as described above.
.SS "\s-1SIGNATURE\s0 \s-1FORMAT\s0"
.SS "\s-1SIGNATURE FORMAT\s0"
.IX Subsection "SIGNATURE FORMAT"
There are different signature formats. Standard binary \s-1NACL\s0
signatures have the following format:
@@ -1135,15 +1144,15 @@ Armored signatures have the following format:
.PP
The Z85 encoded signature at the end contains the same signature
contents as the binary signature outlined above (hash+sig).
.SS "\s-1SIGNED\s0 \s-1ENCRYPTION\s0 \s-1FORMAT\s0"
.SS "\s-1SIGNED ENCRYPTION FORMAT\s0"
.IX Subsection "SIGNED ENCRYPTION FORMAT"
Signed encrypted files are in binary form only. The first part is
the standard encrypted file as described in \fB\s-1ENCRYPTED\s0 \s-1OUTPUT\s0 \s-1FORMAT\s0\fR
followed by the binary encrypted signature described in \fB\s-1SIGNATURE\s0 \s-1FORMAT\s0\fR
the standard encrypted file as described in \fB\s-1ENCRYPTED OUTPUT FORMAT\s0\fR
followed by the binary encrypted signature described in \fB\s-1SIGNATURE FORMAT\s0\fR
without the offset separator.
.PP
However, not only the hash of the file content will be signed but the
recipient list described in \fB\s-1ENCRYPTED\s0 \s-1OUTPUT\s0 \s-1FORMAT\s0\fR as well. A
recipient list described in \fB\s-1ENCRYPTED OUTPUT FORMAT\s0\fR as well. A
valid recipient is therefore not able to re-encrypt the decrypted
message, append the original signature and send it to other recipients.
The signature would not match since the recipient list differs and
@@ -1183,7 +1192,7 @@ Before encryption the signature format is:
\& +\-\-\-\-\-\-\-\-\-\-\-\-\-|\-\-\-\-\-\-\-\-|\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-+
.Ve
.PP
where R is: C(recipient)|C(recipient)... (see \fB\s-1ENCRYPTED\s0 \s-1OUTPUT\s0 \s-1FORMAT\s0\fR).
where R is: C(recipient)|C(recipient)... (see \fB\s-1ENCRYPTED OUTPUT FORMAT\s0\fR).
.PP
Pseudocode:
.PP
@@ -1250,9 +1259,9 @@ pcp1 \-z \-I file \-O file.z85
Reverse the process:
.PP
pcp1 \-Z \-I file.z85 \-O file
.SS "\s-1PBP\s0 \s-1COMPATIBILITY\s0"
.SS "\s-1PBP COMPATIBILITY\s0"
.IX Subsection "PBP COMPATIBILITY"
\&\s-1PCP\s0 tries to be fully compatible with \s-1PBP\s0 (https://github.com/stef/pbp). Encrypted
\&\s-1PCP\s0 tries to be fully compatible with \s-1PBP \s0(https://github.com/stef/pbp). Encrypted
files and signatures \- at least their binary versions \- should be exchangable. However,
this is a work in progress and might not work under all circumstances. Also there's currently
no shared key format between pbp and pcp. However, it is possible to export and
@@ -1276,8 +1285,8 @@ functions:
.PD
.PP
\&\s-1JSON\s0 support can be used either with the commandline tool \fBpcp1\fR or programmatically
using the C, \*(C+ or Python \s-1API\s0.
.SS "\s-1USING\s0 \s-1JSON\s0 \s-1FROM\s0 \s-1THE\s0 C \s-1API\s0"
using the C, \*(C+ or Python \s-1API.\s0
.SS "\s-1USING JSON FROM THE C API\s0"
.IX Subsection "USING JSON FROM THE C API"
In order to use \s-1JSON\s0 all you've got to do is to switch a context flag:
.PP
@@ -1287,9 +1296,9 @@ In order to use \s-1JSON\s0 all you've got to do is to switch a context flag:
.Ve
.PP
That all to it. Now any function normally used for key import and export works
with \s-1JSON\s0, just fill the \fBBuffer\fR object with a \s-1JSON\s0 string for imports or
with \s-1JSON,\s0 just fill the \fBBuffer\fR object with a \s-1JSON\s0 string for imports or
fetch the Buffer content of an export function as a string.
.SS "\s-1USING\s0 \s-1JSON\s0 \s-1FROM\s0 \s-1THE\s0 \s-1COMMANDLINE\s0"
.SS "\s-1USING JSON FROM THE COMMANDLINE\s0"
.IX Subsection "USING JSON FROM THE COMMANDLINE"
In order to use \s-1JSON\s0 on the commandline, add \fB\-j\fR. This can be used in
conjunction with the following options:
@@ -1307,9 +1316,9 @@ Public and secret key import.
Text view mode (aka inspect mode).
.PP
The \fB\-z\fR and \fB\-Z\fR options are ignored in \s-1JSON\s0 mode.
.SS "\s-1JSON\s0 \s-1OBJECT\s0 \s-1STRUCTURE\s0"
.SS "\s-1JSON OBJECT STRUCTURE\s0"
.IX Subsection "JSON OBJECT STRUCTURE"
\fI\s-1JSON\s0 \s-1PUBLIC\s0 \s-1KEY\s0 (pcp1 \-p \-j)\fR
\fI\s-1JSON PUBLIC KEY \s0(pcp1 \-p \-j)\fR
.IX Subsection "JSON PUBLIC KEY (pcp1 -p -j)"
.PP
The \s-1JSON\s0 object for a public key looks like this:
@@ -1338,7 +1347,7 @@ Fields containing byte arrays are hex encoded.
.PP
Numbers are represented as literal integers.
.PP
\fI\s-1JSON\s0 \s-1SECRET\s0 \s-1KEY\s0 (pcp1 \-s \-j)\fR
\fI\s-1JSON SECRET KEY \s0(pcp1 \-s \-j)\fR
.IX Subsection "JSON SECRET KEY (pcp1 -s -j)"
.PP
The \s-1JSON\s0 object for a public key looks like this:
@@ -1369,7 +1378,7 @@ secret key material. Pcp does not support exporting a secret key unencrypted.
The \fBnonce\fR is required for a later import and shall not be changed or
decoupled from \fBsecrets\fR. This may change in the future.
.PP
\fI\s-1JSON\s0 \s-1VAULT\s0 (pcp1 \-t)\fR
\fI\s-1JSON VAULT \s0(pcp1 \-t)\fR
.IX Subsection "JSON VAULT (pcp1 -t)"
.PP
The \s-1JSON\s0 object for the vault looks like this:
@@ -1388,7 +1397,7 @@ The \s-1JSON\s0 object for the vault looks like this:
The field \fBkeys\fR is an array containing one or more of the already
described key objects.
.PP
\fI\s-1JSON\s0 \s-1PROGRAM\s0 \s-1OUTPUT\s0\fR
\fI\s-1JSON PROGRAM OUTPUT\s0\fR
.IX Subsection "JSON PROGRAM OUTPUT"
.PP
Currently pcp does not support \s-1JSON\s0 program output, that is, success or
@@ -1437,7 +1446,7 @@ under the \fB\s-1GPL\s0\fR as well.
\&\fIT.v.Dein <tom \s-1AT\s0 vondein \s-1DOT\s0 org\fR>
.SH "LICENSE"
.IX Header "LICENSE"
Licensed under the \s-1GNU\s0 \s-1GENERAL\s0 \s-1PUBLIC\s0 \s-1LICENSE\s0 version 3.
Licensed under the \s-1GNU GENERAL PUBLIC LICENSE\s0 version 3.
.SH "HOME"
.IX Header "HOME"
The homepage of Pretty Curved Privacy can be found on

1605
man/pcp1.html
View File

File diff suppressed because it is too large Load Diff

44
tests/unittests.cfg
View File

@@ -451,30 +451,30 @@ temporarily disabled
<test invalid>
prepare = ./invalidkeys
<test check-testkey-wrong-version>
cmd = $pcp -V $vault -K -I testkey-wrong-version -x xxx
expect = /unknown key version/
</test>
<test check-testkey-wrong-version>
cmd = $pcp -V $vault -K -I testkey-wrong-version -x xxx
expect = /unknown key version/
</test>
<test check-testkey-wrong-serial>
cmd = $pcp -V $vault -K -I testkey-wrong-serial -x xxx
expect = /invalid serial number/
</test>
<test check-testkey-wrong-ctime>
cmd = $pcp -V $vault -K -I testkey-invalid-ctime -x xxx
expect = /invalid creation timestamp/
</test>
/*
<test check-testpubkey-wrong-type>
cmd = $pcp -V $vault -K -I testpubkey-wrong-type
expect = /key type is not PUBLIC/
</test>
<test check-testkey-wrong-serial>
cmd = $pcp -V $vault -K -I testkey-wrong-serial -x xxx
expect = /invalid serial number/
</test>
<test check-testkey-wrong-ctime>
cmd = $pcp -V $vault -K -I testkey-invalid-ctime -x xxx
expect = /invalid creation timestamp/
</test>
/*
<test check-testpubkey-wrong-type>
cmd = $pcp -V $vault -K -I testpubkey-wrong-type
expect = /key type is not PUBLIC/
</test>
<test check-testpubkey-wrong-version>
cmd = $pcp -V $vault -K -I testpubkey-wrong-version
expect = /unknown key version/
</test>
*/
<test check-testpubkey-wrong-version>
cmd = $pcp -V $vault -K -I testpubkey-wrong-version
expect = /unknown key version/
</test>
*/
</test>
<test check-vault-invalid-header>