X-Git-Url: https://jxself.org/git/?a=blobdiff_plain;f=tfc_error.c;h=a40ab0ae9bfed2aa8a2a9bc56eefc126444fe0a1;hb=c0dc5614a87ed6d0eed4906447171ef4c73b306e;hp=e33131504fa1051b22b1f419202fd137b0d23a97;hpb=2da8baf01e863c80eccdeb5f428f16e1cf3a0473;p=tfcrypt.git

diff --git a/tfc_error.c b/tfc_error.c
index e331315..a40ab0a 100644
--- a/tfc_error.c
+++ b/tfc_error.c
@@ -2,7 +2,7 @@
  * tfcrypt -- high security Threefish encryption tool.
  *
  * tfcrypt is copyrighted:
- * Copyright (C) 2012-2018 Andrey Rys. All rights reserved.
+ * Copyright (C) 2012-2019 Andrey Rys. All rights reserved.
  *
  * tfcrypt is licensed to you under the terms of std. MIT/X11 license:
  *
@@ -69,6 +69,7 @@ void xexit(int status)
 	memset(ctr, 0, sizeof(ctr));
 	memset(mackey, 0, sizeof(mackey));
 	memset(xtskey, 0, sizeof(xtskey));
+	memset(tweak, 0, sizeof(tweak));
 	memset(&sk, 0, sizeof(struct skein));
 	memset(&tfe, 0, sizeof(struct tfe_stream));
 
@@ -90,7 +91,11 @@ void usage(void)
 	tfc_yesno is_embedded_prog = NO;
 
 	if (optopt == 'V') {
+		char shash[64];
 		tfc_say("tfcrypt toolkit, version %s.", _TFCRYPT_VERSION);
+		hash_defaults(shash, sizeof(shash));
+		tfc_say("Defaults hash: %s", shash);
+		memset(shash, 0, sizeof(shash));
 		xexit(0);
 	}
 
@@ -151,6 +156,8 @@ void usage(void)
 	tfc_say("convert encrypted data into ASCII format to ease transmission.");
 	tfc_say("\n");
 	tfc_say("  -e, -d: encrypt, decrypt (it maybe required).");
+	tfc_say("  -L <file>: load tfcrypt defaults from file.");
+	tfc_say("    defaults is text file which defines salt, nr_turns and default mode.");
 	tfc_say("  -s <file>: load tfcrypt salt from file.");
 	tfc_say("  -s disable: disable key salting at all.");
 	tfc_say("  -p: instead of using key, ask for password.");
@@ -158,8 +165,7 @@ void usage(void)
 	tfc_say("  -z: ask for key in plain C string form through password asker.");
 	tfc_say("  -x: ask for key in hex string form through password asker.");
 	tfc_say("  -K <file>: generate key from keyfile or password and write it to file.");
-	tfc_say("  -T: enable tfcrypt1 old mode (useful only for old encryptions).");
-	tfc_say("  -t <file>: use tweak from file (useful only for old encryptions).");
+	tfc_say("  -t <file>: use (raw) tweak from file.");
 	tfc_say("  -w: overwrite source file. If not file, ignored.");
 	tfc_say("  -n TURNS: number of turns to perform in Skein function.");
 	tfc_say("    Default is always defined when building tfcrypt.");
@@ -169,6 +175,12 @@ void usage(void)
 	tfc_say("    show: do default action, then dump CTR value to stderr,");
 	tfc_say("    head: when decrypting, read CTR from beginning of stream,");
 	tfc_say("    rand: generate random CTR and write it to beginning of stream,");
+	tfc_say("    zero: assume zero CTR is used, do not read from and write it to stream,");
+	tfc_say("    hexc:nr[,hexc:nr,...]: construct counter from given pattern.");
+	tfc_say("      Example: \"ff:124,08:2,80:2\" will fill counter first with 124 0xff bytes,");
+	tfc_say("      then with 2 0x08 bytes, then 2 0x80 bytes. To fill with zeroes, it is");
+	tfc_say("      simple to specify just a \"0:128\" as a pattern. Note that bytes that");
+	tfc_say("      exceed CTR space will be just dropped, and any unused bytes are set to zeroes.");
 	tfc_say("    <file>: read CTR from given file (both when encrypting/decrypting).");
 	tfc_say("      default is to derive CTR from user provided password or keyfile with");
 	tfc_say("      a single Skein function turn over derived, %u byte raw key", TFC_U(TF_KEY_SIZE));
@@ -221,7 +233,8 @@ void usage(void)
 	tfc_say("      Note that both sync and lsync work only with read errors!");
 	tfc_say("  default error action is exit with printing status if not quiet.");
 	tfc_say("  -E xall: turn on error actions above for all errors, not just EIO errors.");
-	tfc_say("    This must be a separate option given before usual -E how option.");
+	tfc_say("  -E xseek: ignore positioning and other seek related errors.");
+	tfc_say("    Multiple -E specifiers may be given in separate options.");
 	tfc_say("  -O opts: set options (comma separated list):");
 	tfc_say("    sync: request a synchronous I/O for a output,");
 	tfc_say("    fsync: on each write() call a corresponding fsync(fd),");
@@ -235,6 +248,7 @@ void usage(void)
 	tfc_say("    when the whole status line width is smaller than tty width.");
 	tfc_say("    statless: emit less information in status line (only processed data).");
 	tfc_say("    norepeat: do not ask for any possible password confirmations.");
+	tfc_say("    showsecrets: show passwords in plaintext instead of masking them.");
 	tfc_say("    prompt=str: set main password prompts to this string.");
 	tfc_say("    macprompt=str: set MAC password prompts to this string.");
 	tfc_say("    shorthex: with -H, do not print printable characters, dump only hex string.");
@@ -251,8 +265,12 @@ void usage(void)
 	tfc_say("    Internally this number is translated into number of %u byte blocks.", TFC_U(TF_BLOCK_SIZE));
 	tfc_say("    oseek=val: seek destination file/device by these val bytes.");
 	tfc_say("    count=val: process only these val bytes, both input and output.");
+	tfc_say("    ftrunc=val: truncate output file to these val bytes before closing it.");
+	tfc_say("    ftrunc=tail: truncate output's tail, leaving only processed data.");
 	tfc_say("    xkey=val: take only val bytes from user keyfile.");
+	tfc_say("    okey=val: seek the key before reading it (usually a device).");
 	tfc_say("    xctr=val: specify size in bytes of initial counter prepended or read.");
+	tfc_say("    fullkey: occupy tweak space by key space, extending key size by 256 bits.");
 	tfc_say("  -P: plain IO mode: disable encryption/decryption code at all.");
 	tfc_say("\n");
 	tfc_say("Default is to ask for password, then encrypt stdin into stdout.");