memset(ctr, 0, sizeof(ctr));
memset(mackey, 0, sizeof(mackey));
memset(xtskey, 0, sizeof(xtskey));
+ memset(tweak, 0, sizeof(tweak));
memset(&sk, 0, sizeof(struct skein));
memset(&tfe, 0, sizeof(struct tfe_stream));
tfc_say("convert encrypted data into ASCII format to ease transmission.");
tfc_say("\n");
tfc_say(" -e, -d: encrypt, decrypt (it maybe required).");
+ tfc_say(" -L <file>: load tfcrypt defaults from file.");
+ tfc_say(" defaults is text file which defines salt, nr_turns and default mode.");
tfc_say(" -s <file>: load tfcrypt salt from file.");
tfc_say(" -s disable: disable key salting at all.");
tfc_say(" -p: instead of using key, ask for password.");
tfc_say(" -z: ask for key in plain C string form through password asker.");
tfc_say(" -x: ask for key in hex string form through password asker.");
tfc_say(" -K <file>: generate key from keyfile or password and write it to file.");
- tfc_say(" -T: enable tfcrypt1 old mode (useful only for old encryptions).");
- tfc_say(" -t <file>: use tweak from file (useful only for old encryptions).");
+ tfc_say(" -t <file>: use (raw) tweak from file.");
tfc_say(" -w: overwrite source file. If not file, ignored.");
tfc_say(" -n TURNS: number of turns to perform in Skein function.");
tfc_say(" Default is always defined when building tfcrypt.");
tfc_say(" show: do default action, then dump CTR value to stderr,");
tfc_say(" head: when decrypting, read CTR from beginning of stream,");
tfc_say(" rand: generate random CTR and write it to beginning of stream,");
+ tfc_say(" zero: assume zero CTR is used, do not read from and write it to stream,");
tfc_say(" <file>: read CTR from given file (both when encrypting/decrypting).");
tfc_say(" default is to derive CTR from user provided password or keyfile with");
tfc_say(" a single Skein function turn over derived, %u byte raw key", TFC_U(TF_KEY_SIZE));
tfc_say(" when the whole status line width is smaller than tty width.");
tfc_say(" statless: emit less information in status line (only processed data).");
tfc_say(" norepeat: do not ask for any possible password confirmations.");
+ tfc_say(" showsecrets: show passwords in plaintext instead of masking them.");
tfc_say(" prompt=str: set main password prompts to this string.");
tfc_say(" macprompt=str: set MAC password prompts to this string.");
tfc_say(" shorthex: with -H, do not print printable characters, dump only hex string.");
tfc_say(" xkey=val: take only val bytes from user keyfile.");
tfc_say(" okey=val: seek the key before reading it (usually a device).");
tfc_say(" xctr=val: specify size in bytes of initial counter prepended or read.");
+ tfc_say(" fullkey: occupy tweak space by key space, extending key size by 256 bits.");
tfc_say(" -P: plain IO mode: disable encryption/decryption code at all.");
tfc_say("\n");
tfc_say("Default is to ask for password, then encrypt stdin into stdout.");