[patch 6/7] small updates for README

o Tom stuck a CVS id into file. I doubt the usefulness of it,
but if it needs to be in the file then rather at the end.
Also tag it as comment for asciidoc.
o Mention bytea vs. text difference
o Couple clarifications

Index: pgsql/contrib/pgcrypto/README.pgcrypto
===================================================================
*** pgsql.orig/contrib/pgcrypto/README.pgcrypto
--- pgsql/contrib/pgcrypto/README.pgcrypto
***************
*** 1,4 ****
- $PostgreSQL: pgsql/contrib/pgcrypto/README.pgcrypto,v 1.12 2005/07/18 17:17:12 tgl Exp $

pgcrypto - cryptographic functions for PostgreSQL
=================================================
--- 1,3 ----
*************** cracking. Or may not.
*** 278,284 ****
-------------------

The functions here implement the encryption part of OpenPGP (RFC2440)
! standard.


5.1. Overview
--- 277,283 ----
-------------------

The functions here implement the encryption part of OpenPGP (RFC2440)
! standard. Supported are both symmetric-key and public-key encryption.


5.1. Overview
*************** Options are described in section 5.7.
*** 334,339 ****
--- 333,342 ----

Decrypt a symmetric-key encrypted PGP message.

+ Decrypting bytea data with `pgp_sym_decrypt` is disallowed.
+ This is to avoid outputting invalid character data. Decrypting
+ originally textual data with `pgp_sym_decrypt_bytea` is fine.
+
Options are described in section 5.7.


*************** key is password-protected, you must give
*** 362,367 ****
--- 365,374 ----
there is no password, but you want to specify option for function, you
need to give empty password.

+ Decrypting bytea data with `pgp_pub_decrypt` is disallowed.
+ This is to avoid outputting invalid character data. Decrypting
+ originally textual data with `pgp_pub_decrypt_bytea` is fine.
+
Options are described in section 5.7.


*************** cipher-algo::
*** 422,428 ****
Default: aes128
Applies: pgp_sym_encrypt, pgp_pub_encrypt

-
compress-algo::
Which compression algorithm to use. Needs building with zlib.

--- 429,434 ----
*************** s2k-cipher-algo::
*** 492,498 ****
Which cipher to use for encrypting separate session key.

Values: bf, aes, aes128, aes192, aes256
! Default: same as cipher-algo.
Applies: pgp_sym_encrypt

unicode-mode::
--- 498,504 ----
Which cipher to use for encrypting separate session key.

Values: bf, aes, aes128, aes192, aes256
! Default: use cipher-algo.
Applies: pgp_sym_encrypt

unicode-mode::
*************** Generate a new key:
*** 513,519 ****

gpg --gen-key

! You need to pick "DSA and Elgamal" key type, others are sign-only.

List keys:

--- 519,528 ----

gpg --gen-key

! The preferred key type is "DSA and Elgamal".
!
! For RSA encryption you must create either DSA or RSA sign-only key
! as master and then add RSA encryption subkey with `gpg --edit-key`.

List keys:

*************** You need to use `dearmor()` on them befo
*** 531,536 ****
--- 540,548 ----
pgp_pub_* functions. Or if you can handle binary data, you can drop
"-a" from gpg.

+ For more details see `man gpg`, http://www.gnupg.org/gph/en/manual.html[
+ The GNU Privacy Handbook] and other docs on http://www.gnupg.org[] site.
+

5.10. Limitations of PGP code
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
*************** pgp_pub_* functions. Or if you can hand
*** 538,546 ****
- No support for signing. That also means that it is not checked
whether the encryption subkey belongs to master key.

! - No support for RSA keys. Only Elgamal encryption keys are supported

! - No support for several encryption subkeys.


6. Raw encryption
--- 550,562 ----
- No support for signing. That also means that it is not checked
whether the encryption subkey belongs to master key.

! - No support for encryption key as master key. As such practice
! is generally discouraged, it should not be a problem.

! - No support for several subkeys. This may seem like a problem, as this
! is common practice. On the other hand, you should not use your regular
! GPG/PGP keys with pgcrypto, but create new ones, as the usage scenario
! is rather different.


6. Raw encryption
*************** I have used code from following sources:
*** 631,636 ****
--- 647,655 ----
9.1. Useful reading
~~~~~~~~~~~~~~~~~~~~~

+ http://www.gnupg.org/gph/en/manual.html[]::
+ The GNU Privacy Handbook
+
http://www.openwall.com/crypt/[]::
Describes the crypt-blowfish algorithm.

*************** http://jlcooke.ca/random/[]::
*** 673,675 ****
--- 692,698 ----

http://www.cs.ut.ee/~helger/crypto/[]::
Collection of cryptology pointers.
+
+
+ // $PostgreSQL: pgsql/contrib/pgcrypto/README.pgcrypto,v 1.12 2005/07/18 17:17:12 tgl Exp $
+

--