JSON output has \0 always appended check from where this comes

pcpstream.c: use static tmp buffers, avoid alloc mem during each iteration

detach keysig generation from pub key export, so that an existing
keysig can be verified later.

key++: normalize id and lc()

allow signing using an alternate secret key, like in pcpdecrypt()

malloc() new pointers in functions only if not NULL, e.g. pcp_gennonce()

check pub key count in pcp.c before calling verify signature, croak if count==0

Add newlines to headers in define.h, so strlen() later catches the whole length.

c++ destructor double free mess