memset(ctr, 0, sizeof(ctr));
memset(mackey, 0, sizeof(mackey));
memset(xtskey, 0, sizeof(xtskey));
+ memset(tweak, 0, sizeof(tweak));
memset(&sk, 0, sizeof(struct skein));
memset(&tfe, 0, sizeof(struct tfe_stream));
tfc_yesno is_embedded_prog = NO;
if (optopt == 'V') {
+ char shash[64];
tfc_say("tfcrypt toolkit, version %s.", _TFCRYPT_VERSION);
+ hash_defaults(shash, sizeof(shash));
+ tfc_say("Defaults hash: %s", shash);
+ memset(shash, 0, sizeof(shash));
xexit(0);
}
tfc_say(" -z: ask for key in plain C string form through password asker.");
tfc_say(" -x: ask for key in hex string form through password asker.");
tfc_say(" -K <file>: generate key from keyfile or password and write it to file.");
- tfc_say(" -T: enable tfcrypt1 old mode (useful only for old encryptions).");
- tfc_say(" -t <file>: use tweak from file (useful only for old encryptions).");
+ tfc_say(" -t <file>: use (raw) tweak from file.");
tfc_say(" -w: overwrite source file. If not file, ignored.");
tfc_say(" -n TURNS: number of turns to perform in Skein function.");
tfc_say(" Default is always defined when building tfcrypt.");
tfc_say(" when the whole status line width is smaller than tty width.");
tfc_say(" statless: emit less information in status line (only processed data).");
tfc_say(" norepeat: do not ask for any possible password confirmations.");
+ tfc_say(" showsecrets: show passwords in plaintext instead of masking them.");
tfc_say(" prompt=str: set main password prompts to this string.");
tfc_say(" macprompt=str: set MAC password prompts to this string.");
tfc_say(" shorthex: with -H, do not print printable characters, dump only hex string.");
tfc_say(" Internally this number is translated into number of %u byte blocks.", TFC_U(TF_BLOCK_SIZE));
tfc_say(" oseek=val: seek destination file/device by these val bytes.");
tfc_say(" count=val: process only these val bytes, both input and output.");
+ tfc_say(" ftrunc=val: truncate output file to these val bytes before closing it.");
tfc_say(" xkey=val: take only val bytes from user keyfile.");
tfc_say(" okey=val: seek the key before reading it (usually a device).");
tfc_say(" xctr=val: specify size in bytes of initial counter prepended or read.");
+ tfc_say(" fullkey: occupy tweak space by key space, extending key size by 256 bits.");
tfc_say(" -P: plain IO mode: disable encryption/decryption code at all.");
tfc_say("\n");
tfc_say("Default is to ask for password, then encrypt stdin into stdout.");