🚧 wip: working on BMC

bare_minimum_crypto/cpp/bmc_main.cpp

@@ -204,6 +204,7 @@ int main (int argc, char ** argv) {
 		("generate-human-key", "Generate a passphrase-protected key for human use", cxxopts::value <string> ())
 		("generate-machine-key", "Generate a key for machine use, with no passphrase", cxxopts::value <string> ())
 		("generate-key-cert", "Certify a key for 3 months and save the cert here", cxxopts::value <string> ())
+		("generate-data-cert", "Certify data for 1 week and save the cert here", cxxopts::value <string> ())
 		
 		// cxxopts nonsense
 		("using-key", "Key to load for other operations", cxxopts::value <string> ())

bare_minimum_crypto/todo.md

@@ -1,2 +1,14 @@
+User story checklist:
+
+C++ implementation:
+
+- (X) Generate human secret key
+- (X) Generate machine secret key
+- (X) Certify signing key with root secret key
+- ( ) Sign payload with signing key
+- ( ) Verify payload with root pubkey
+
+Todo:
+
 - Use libsodium's secure memory when handling keys / seeds / passphrases
 - Test on Windows (machine_id won't work)