mirror of
https://codeberg.org/scip/pcp.git
synced 2025-12-17 03:50:57 +01:00
re-generated to reflect latest changes
This commit is contained in:
TLINDEN
76
man/pcp1.1
76
man/pcp1.1
@@ -1,4 +1,4 @@
|
||||
.\" Automatically generated by Pod::Man 2.23 (Pod::Simple 3.14)
|
||||
.\" Automatically generated by Pod::Man 2.27 (Pod::Simple 3.28)
|
||||
.\"
|
||||
.\" Standard preamble:
|
||||
.\" ========================================================================
|
||||
@@ -38,6 +38,8 @@
|
||||
. ds PI \(*p
|
||||
. ds L" ``
|
||||
. ds R" ''
|
||||
. ds C`
|
||||
. ds C'
|
||||
'br\}
|
||||
.\"
|
||||
.\" Escape single quotes in literal strings from groff's Unicode transform.
|
||||
@@ -48,17 +50,24 @@
|
||||
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
|
||||
.\" entries marked with X<> in POD. Of course, you'll have to process the
|
||||
.\" output yourself in some meaningful fashion.
|
||||
.ie \nF \{\
|
||||
. de IX
|
||||
. tm Index:\\$1\t\\n%\t"\\$2"
|
||||
.\"
|
||||
.\" Avoid warning from groff about undefined register 'F'.
|
||||
.de IX
|
||||
..
|
||||
. nr % 0
|
||||
. rr F
|
||||
.\}
|
||||
.el \{\
|
||||
. de IX
|
||||
.nr rF 0
|
||||
.if \n(.g .if rF .nr rF 1
|
||||
.if (\n(rF:(\n(.g==0)) \{
|
||||
. if \nF \{
|
||||
. de IX
|
||||
. tm Index:\\$1\t\\n%\t"\\$2"
|
||||
..
|
||||
. if !\nF==2 \{
|
||||
. nr % 0
|
||||
. nr F 2
|
||||
. \}
|
||||
. \}
|
||||
.\}
|
||||
.rr rF
|
||||
.\"
|
||||
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
|
||||
.\" Fear. Run. Save yourself. No user-serviceable parts.
|
||||
@@ -124,7 +133,7 @@
|
||||
.\" ========================================================================
|
||||
.\"
|
||||
.IX Title "PCP1 1"
|
||||
.TH PCP1 1 "2015-05-30" "PCP 0.2.6" "USER CONTRIBUTED DOCUMENTATION"
|
||||
.TH PCP1 1 "2015-07-08" "PCP 0.2.6" "USER CONTRIBUTED DOCUMENTATION"
|
||||
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
|
||||
.\" way too many mistakes in technical documents.
|
||||
.if n .ad l
|
||||
@@ -161,9 +170,10 @@ Pretty Curved Privacy \- File encryption using eliptic curve cryptography.
|
||||
\& \-s \-\-export\-secret Export a secret key.
|
||||
\& \-p \-\-export\-public Export a public key.
|
||||
\& \-K \-\-import Import a secret or public key.
|
||||
\& \-y \-\-export\-yaml Export all keys as YAML formatted text.
|
||||
\& \-F \-\-export\-format <fmt> Specify exportformat, either \*(Aqpbp\*(Aq or \*(Aqpcp\*(Aq.
|
||||
\& \*(Aqpcp\*(Aq is the default if unspecified.
|
||||
\& \-j \-\-json Enable JSON output (with \-t, \-p and \-s).
|
||||
\&
|
||||
\& Encryption Options:
|
||||
\& \-e \-\-encrypt Asym\-Encrypt a message. If none of \-i or \-r
|
||||
\& has been given, encrypt the message symetrically.
|
||||
@@ -183,10 +193,8 @@ Pretty Curved Privacy \- File encryption using eliptic curve cryptography.
|
||||
\& Arguments:
|
||||
\& Extra arguments after options are treated as filenames or
|
||||
\& recipients, depending on operation mode.
|
||||
.Ve
|
||||
.SH "OPTIONS"
|
||||
.IX Header "OPTIONS"
|
||||
.Vb 1
|
||||
\&=head1 OPTIONS
|
||||
\&
|
||||
\& Usage: pcp1 [options]
|
||||
\&
|
||||
\& General Options:
|
||||
@@ -249,12 +257,10 @@ Pretty Curved Privacy \- File encryption using eliptic curve cryptography.
|
||||
\& \-K \-\-import Import a key. pcp determines automatically
|
||||
\& \-\-import\-key the key type and encodingg. Use \-I to import
|
||||
\& from a file.
|
||||
\& \-y \-\-export\-yaml Export all keys stored in your vault
|
||||
\& as YAML formatted text. Use \-O to put
|
||||
\& the export into a file.
|
||||
\& \-F \-\-format Export the key in a particular format.
|
||||
\& Currently supported: pcp, pbp, yaml,
|
||||
\& perl and C.
|
||||
\& Currently supported: pcp and pbp.
|
||||
\& \-j \-\-json enable JSON output. Can be used with info
|
||||
\& output (\-t) and key export (\-p and \-s).
|
||||
\&
|
||||
\& Encryption Options:
|
||||
\& \-e \-\-encrypt Asym\-Encrypt a message. Read from stdin or
|
||||
@@ -325,7 +331,7 @@ Pretty Curved Privacy \- File encryption using eliptic curve cryptography.
|
||||
be used to encrypt files. \fBpcp1\fR uses eliptc curve cryptography
|
||||
for encryption (\s-1CURVE25519\s0 by Dan J. Bernstein). While \s-1CURVE25519\s0
|
||||
is no worldwide accepted standard it hasn't been compromised by
|
||||
the \s-1NSA\s0 \- which might be better, depending on your point of view.
|
||||
the \s-1NSA \-\s0 which might be better, depending on your point of view.
|
||||
.PP
|
||||
\&\fBCaution\fR: since \s-1CURVE25519\s0 is no accepted standard, \fBpcp1\fR has
|
||||
to be considered as experimental software. In fact, I wrote it just
|
||||
@@ -649,10 +655,10 @@ Enable debugging output, where supported. Same as \fB\-D\fR.
|
||||
.IX Header "EXIT STATUS"
|
||||
Pcp may return one of several error codes if it encounters problems.
|
||||
.IP "0 No problems occurred." 4
|
||||
.IX Item "0 No problems occurred."
|
||||
.IX Item "0 No problems occurred."
|
||||
.PD 0
|
||||
.IP "1 Generic error code." 4
|
||||
.IX Item "1 Generic error code."
|
||||
.IX Item "1 Generic error code."
|
||||
.PD
|
||||
.SH "FILES"
|
||||
.IX Header "FILES"
|
||||
@@ -691,7 +697,7 @@ may not be the case for you.
|
||||
In short, I'd suggest not to use it on critical systems yet.
|
||||
.SH "INTERNALS"
|
||||
.IX Header "INTERNALS"
|
||||
.SS "\s-1VAULT\s0 \s-1FORMAT\s0"
|
||||
.SS "\s-1VAULT FORMAT\s0"
|
||||
.IX Subsection "VAULT FORMAT"
|
||||
The vault file contains all public and secret keys. It's a portable
|
||||
binary file.
|
||||
@@ -738,7 +744,7 @@ Type can be one of:
|
||||
.Ve
|
||||
.PP
|
||||
The key header is followed by the actual key, see below.
|
||||
.SS "\s-1SECRET\s0 \s-1KEY\s0 \s-1FORMAT\s0"
|
||||
.SS "\s-1SECRET KEY FORMAT\s0"
|
||||
.IX Subsection "SECRET KEY FORMAT"
|
||||
A secret key is a binary structure with the following format:
|
||||
.PP
|
||||
@@ -807,7 +813,7 @@ are otherwise unrelated. If one of them leaks, the other
|
||||
cannot be recalculated from it.
|
||||
.PP
|
||||
Take a look at the function \fB\f(BIpcp_keypairs()\fB\fR for details.
|
||||
.SS "\s-1ENCRYPTED\s0 \s-1OUTPUT\s0 \s-1FORMAT\s0"
|
||||
.SS "\s-1ENCRYPTED OUTPUT FORMAT\s0"
|
||||
.IX Subsection "ENCRYPTED OUTPUT FORMAT"
|
||||
The encryption protocol used by \s-1PCP\s0 uses mostly standard
|
||||
libsodium facilities with the exception that \s-1PCP\s0 uses counter
|
||||
@@ -900,7 +906,7 @@ of the sender.
|
||||
The encrypted output maybe Z85 encoded. In this case the Z85
|
||||
encoding will be done blockwise with blocks of 16k bytes. The
|
||||
decoded content inside will be as described above.
|
||||
.SS "\s-1SIGNATURE\s0 \s-1FORMAT\s0"
|
||||
.SS "\s-1SIGNATURE FORMAT\s0"
|
||||
.IX Subsection "SIGNATURE FORMAT"
|
||||
There are different signature formats. Standard binary \s-1NACL\s0
|
||||
signatures have the following format:
|
||||
@@ -952,15 +958,15 @@ Armored signatures have the following format:
|
||||
.PP
|
||||
The Z85 encoded signature at the end contains the same signature
|
||||
contents as the binary signature outlined above (hash+sig).
|
||||
.SS "\s-1SIGNED\s0 \s-1ENCRYPTION\s0 \s-1FORMAT\s0"
|
||||
.SS "\s-1SIGNED ENCRYPTION FORMAT\s0"
|
||||
.IX Subsection "SIGNED ENCRYPTION FORMAT"
|
||||
Signed encrypted files are in binary form only. The first part is
|
||||
the standard encrypted file as described in \fB\s-1ENCRYPTED\s0 \s-1OUTPUT\s0 \s-1FORMAT\s0\fR
|
||||
followed by the binary encrypted signature described in \fB\s-1SIGNATURE\s0 \s-1FORMAT\s0\fR
|
||||
the standard encrypted file as described in \fB\s-1ENCRYPTED OUTPUT FORMAT\s0\fR
|
||||
followed by the binary encrypted signature described in \fB\s-1SIGNATURE FORMAT\s0\fR
|
||||
without the offset separator.
|
||||
.PP
|
||||
However, not only the hash of the file content will be signed but the
|
||||
recipient list described in \fB\s-1ENCRYPTED\s0 \s-1OUTPUT\s0 \s-1FORMAT\s0\fR as well. A
|
||||
recipient list described in \fB\s-1ENCRYPTED OUTPUT FORMAT\s0\fR as well. A
|
||||
valid recipient is therefore not able to re-encrypt the decrypted
|
||||
message, append the original signature and send it to other recipients.
|
||||
The signature would not match since the recipient list differs and
|
||||
@@ -1000,7 +1006,7 @@ Before encryption the signature format is:
|
||||
\& +\-\-\-\-\-\-\-\-\-\-\-\-\-|\-\-\-\-\-\-\-\-|\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-+
|
||||
.Ve
|
||||
.PP
|
||||
where R is: C(recipient)|C(recipient)... (see \fB\s-1ENCRYPTED\s0 \s-1OUTPUT\s0 \s-1FORMAT\s0\fR).
|
||||
where R is: C(recipient)|C(recipient)... (see \fB\s-1ENCRYPTED OUTPUT FORMAT\s0\fR).
|
||||
.PP
|
||||
Pseudocode:
|
||||
.PP
|
||||
@@ -1067,9 +1073,9 @@ pcp1 \-z \-I file \-O file.z85
|
||||
Reverse the process:
|
||||
.PP
|
||||
pcp1 \-Z \-I file.z85 \-O file
|
||||
.SS "\s-1PBP\s0 \s-1COMPATIBILITY\s0"
|
||||
.SS "\s-1PBP COMPATIBILITY\s0"
|
||||
.IX Subsection "PBP COMPATIBILITY"
|
||||
\&\s-1PCP\s0 tries to be fully compatible with \s-1PBP\s0 (https://github.com/stef/pbp). Encrypted
|
||||
\&\s-1PCP\s0 tries to be fully compatible with \s-1PBP \s0(https://github.com/stef/pbp). Encrypted
|
||||
files and signatures \- at least their binary versions \- should be exchangable. However,
|
||||
this is a work in progress and might not work under all circumstances. Also there's currently
|
||||
no shared key format between pbp and pcp. However, it is possible to export and
|
||||
@@ -1118,7 +1124,7 @@ under the \fB\s-1GPL\s0\fR as well.
|
||||
\&\fIT.v.Dein <tom \s-1AT\s0 vondein \s-1DOT\s0 org\fR>
|
||||
.SH "LICENSE"
|
||||
.IX Header "LICENSE"
|
||||
Licensed under the \s-1GNU\s0 \s-1GENERAL\s0 \s-1PUBLIC\s0 \s-1LICENSE\s0 version 3.
|
||||
Licensed under the \s-1GNU GENERAL PUBLIC LICENSE\s0 version 3.
|
||||
.SH "HOME"
|
||||
.IX Header "HOME"
|
||||
The homepage of Pretty Curved Privacy can be found on
|
||||
|
||||
Reference in New Issue
Block a user