fix usage, add -O fullkey to extend key size.

diff --git a/README b/README
index 6c510c7ef190a4408a4531e418849034bd67e86e..2d8dad9f3c7d72d442d710b4ee7fa12d92e37bf3 100644 (file)
--- a/README
+++ b/README
@@ -20,7 +20,7 @@ OCB mode does not use Skein hash function to hash and verify message, instead, i
 a single pass crypt and verify, thus, it is faster than other modes when both crypt and verify.
 
 Additionally, this version provides a way to virtually "extend" key size to 1280 bits,
-by enabling "full_key" option or changing "do_full_key" default setting in tfcrypt_defs.h.
+by enabling "fullkey" option or changing "do_full_key" default setting in tfcrypt_defs.h.
 In this mode, tweak is ignored, and filled with extended key material.
 
 THREEFISH NOTES

diff --git a/VERSION b/VERSION
index 2bd5a0a98a36cc08ada88b804d3be047e6aa5b8a..409940768f2a684935a7d15a29f96e82c487f439 100644 (file)
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-22
+23

diff --git a/tfc_error.c b/tfc_error.c
index 53753674915966d88e635d8500fd723a23c9bd64..4fd81f1eeb1c1ac24f172e0a9c5d60ce11d1a50a 100644 (file)
--- a/tfc_error.c
+++ b/tfc_error.c
@@ -161,8 +161,7 @@ void usage(void)
        tfc_say("  -z: ask for key in plain C string form through password asker.");
        tfc_say("  -x: ask for key in hex string form through password asker.");
        tfc_say("  -K <file>: generate key from keyfile or password and write it to file.");
-       tfc_say("  -T: enable tfcrypt1 old mode (useful only for old encryptions).");
-       tfc_say("  -t <file>: use tweak from file (useful only for old encryptions).");
+       tfc_say("  -t <file>: use (raw) tweak from file.");
        tfc_say("  -w: overwrite source file. If not file, ignored.");
        tfc_say("  -n TURNS: number of turns to perform in Skein function.");
        tfc_say("    Default is always defined when building tfcrypt.");
@@ -259,6 +258,7 @@ void usage(void)
        tfc_say("    xkey=val: take only val bytes from user keyfile.");
        tfc_say("    okey=val: seek the key before reading it (usually a device).");
        tfc_say("    xctr=val: specify size in bytes of initial counter prepended or read.");
+       tfc_say("    fullkey: occupy tweak space by key space, extending key size by 256 bits.");
        tfc_say("  -P: plain IO mode: disable encryption/decryption code at all.");
        tfc_say("\n");
        tfc_say("Default is to ask for password, then encrypt stdin into stdout.");

diff --git a/tfcrypt.c b/tfcrypt.c
index 3fdf9c65ad893d4b78513ccd6a615101dffeaa26..01c1479c879d839269c058aa4e4c0c4385f44df5 100644 (file)
--- a/tfcrypt.c
+++ b/tfcrypt.c
@@ -73,7 +73,7 @@ _baddfname:
        memset(s, 0, n);
 
        opterr = 0;
-       while ((c = getopt(argc, argv, "L:s:aU:C:r:K:t:TPkzxc:l:qedn:vV:pwE:O:S:AmM:R:Z:WHD:")) != -1) {
+       while ((c = getopt(argc, argv, "L:s:aU:C:r:K:t:Pkzxc:l:qedn:vV:pwE:O:S:AmM:R:Z:WHD:")) != -1) {
                switch (c) {
                        case 'L':
                                read_defaults(optarg, NO);
@@ -161,10 +161,6 @@ _baddfname:
                                tweakf = optarg;
                                do_full_key = NO;
                                break;
-                       case 'T':
-                               tfc_saltsz = 0;
-                               do_full_key = NO;
-                               break;
                        case 'l':
                                if (maxlen != NOFSIZE) break;
 
@@ -229,6 +225,8 @@ _baddfname:
                                                mac_pw_prompt = s+10;
                                        else if (!strcmp(s, "shorthex"))
                                                do_full_hexdump = NO;
+                                       else if (!strcmp(s, "fullkey"))
+                                               do_full_key = YES;
                                        else if (!strncmp(s, "iobs", 4) && *(s+4) == '=') {
                                                s += 5;
                                                blksize = (size_t)tfc_humanfsize(s, &stoi);