v8.0: cmdline options à la POSIX. Type ./triops -h

Changes.md

@@ -1,8 +1,12 @@
+v8.0
+
+* cmdline options à la POSIX. Now multiple input files are admitted. Check ./triops -h
+
 v7.3
 
 * Large file support (LFS): no limit on the size of the files read/written (up to 8 EiB = 2^63 bytes, or the max filesystem file size).
 * patch: files to read/write are tested after password check and before any other operation, so no empty or overwritten file is created.
-* patch: (since v7.2) no valid password files resulted in abnormal program termination (nothing were overwritten, though).
+* patch: (since v7.2) invalid password files resulted in abnormal program termination (nothing were overwritten, though).
 
 v7.2.2
 

README.md

@@ -4,13 +4,13 @@ It uses [CHACHA20](http://en.wikipedia.org/wiki/Salsa20#ChaCha_variant) as algor
 
 Executables for some platforms (linux, Windows, HP-UX, Solaris and [Android](https://www.github.com/circulosmeos/triops.apk)) are available [here](https://circulosmeos.wordpress.com/2015/05/18/triops-a-multiplatform-cmdline-encryption-tool-using-chacha20-keccak).    
 
-Last version available and compiled is v7.2. Check [list of changes between versions](Changes.md).   
+Last version available and compiled is v8.0. Check [list of changes between versions](Changes.md).   
 
 There's an [Android app available here](https://www.github.com/circulosmeos/triops.apk).   
 
 Features:   
 
-* Code can be compiled with any C99 compiler, no matter platform, endianness or word size (32-64 bits): it has been tested on Windows, linux, Solaris, HP-UX OS's and Intel/AMD, ARM, MIPS and Itanium processors.
+* Code can be compiled with any C99 compiler, no matter platform, endianness or word size (32-64 bits): it has been tested on Windows, linux, Solaris and HP-UX OS's and Intel/AMD, ARM, MIPS, SPARC and Itanium processors.
 * Same content produces different encrypted outputs every time. This is attained with a random initialization vector (IV) stored within the encrypted file.
 * Files are (by default) encrypted/decrypted on-the-fly, so content is overwritten. This is interesting from a security point of view, as no clear content is left on disk.
 * When decrypting, if password is not the one used for encrypting, the process is aborted, so the file cannot be rendered unusable. This behaviour is achieved thanks to a password hint stored within the encrypted file. (This hint can optionally be not stored: in this case the file could end up being decrypted with an incorrect password, so its contents would be irrecoverable.)
@@ -42,51 +42,73 @@ For other compilers or platforms, modify the gcc command line contained in the M
 
 Examples of use:   
 
->    $ ./triops.exe   
-
-    triops {file with passphrase (remove '\n' !) |   
-                binary file to use as passphrase |   
-                _passphrase_ rounded by '_' |   
-                __ : read passphrase from keyboard}   
-        {file to encrypt/decrypt}   
-        {path to encrypted/decrypted file |   
-                '=' or empty if there's no 4th param : overwrite file}   
-        [3 (or any value): encrypt file (extension will be '.$#3') |   
-                empty : decrypt file]   
-        [1 (or any value): don't store password hint (be careful!)]   
-
+>    $ ./triops.exe -h   
+       
+    triops v8.0.  (goo.gl/lqT5eP) (wp.me/p2FmmK-7Q)   
+       
+    Encrypt and decrypt files with secure password checking and   
+    data overwriting, using CHACHA20 and KECCAK-512 algorithms.   
+       
+    $ triops {-kpP} [-oedHbh] <file> ...   
+
+        <file> ... : one or more files to encrypt/decrypt   
+        -k : read passphrase from keyboard   
+        -p <password> : password is indicated in cmdline   
+                (beware of shell history!)   
+        -P <password_file> : use hashed <password_file> as password   
+        -o <output_file>: do not overwrite, but write to <output_file>   
+                This option is not possible with multiple input files.   
+        -e <type>: encrypt.   
+                Actually only '-e 3' value is allowed (file extension '.$#3').   
+                Other algorithms can be available in the future.   
+        -d : decrypt. This is the default action.   
+                Decryption type is guessed from file extension.   
+                Actually the only decryption extension available is '.$#3'   
+        -H : do not store password hash hint when encrypting   
+                Note that this way, an incorrect decryption password   
+                with data overwrting, will render the file unusable.   
+        -b : break actions on first error encountered   
+        -h : print this help   
+
 
 Example of encryption: encrypt plaintext.txt file, overwriting it, using password stored in file "password.txt". Resulting file will be renamed plaintext.txt.$#3   
 
->    $ ./triops.exe password.txt plaintext.txt = 3   
+>    $ ./triops.exe -P password.txt -e 3 plaintext.txt   
 
 Example of encryption: encrypt plaintext.txt file on encryptedtext.txt.$#3, using password stored in file "password.txt" (Caution: usually text files end with a "return" (line feed, \n, \r\n, \r) which will be used as the rest of chars in the file as part of the password. (Use $ cat > password + Ctrl+D to avoid this)):   
 
->    $ ./triops.exe password.txt plaintext.txt encryptedtext.txt 3   
+>    $ ./triops.exe -P password.txt -e 3 -o encryptedtext.txt plaintext.txt   
 
-Example of encryption: encrypt plaintext.txt file, overwriting it, using the password introduced with keyboard:   
+Example of encryption: encrypt complexdata.tgz file, overwriting it, using the password introduced with keyboard:   
 
->    $ ./triops.exe \_\_ plaintext.txt = 3   
+>    $ ./triops.exe -k -e 3 complexdata.tgz   
 
     Enter password and press [enter]:   
 
-    ----+----+----+----+---1/2---+----+----+----+----+ 1293 MiB   
+    ----+----+----+----+---1/2---+----+----+----+----+ 5293 MiB   
     ################################################## 100%   
 
-    completed   
+    'complexdata.tgz' processed   
 
 Example of encryption: encrypt plaintext.txt file, overwriting it, using the password "triops!":   
 
->    $ ./triops.exe \_triops!\_ plaintext.txt = 3   
-
-Example of decryption: decrypt plaintext.txt.$#3 file, overwriting it, using the password "triops!":   
-
->    $ ./triops.exe \_triops!\_ plaintext.txt.\$\\#3   
+>    $ ./triops.exe -p triops! -e 3 plaintext.txt   
+   
+Example of encryption without storing password hash hint (-H):   
 
-Example of encryption without storing password hash (add a 5th non-empty argument):   
+>    $ ./triops.exe -p triops! -H -e 3 plaintext.txt   
+   
+Example of encryption: encrypt plaintext.txt, gplv3.txt and A1.jpg, using the password "triops!":   
+
+>    $ ./triops.exe -p triops! -e 3 plaintext.txt gplv3.txt A1.jpg   
 
->    $ ./triops.exe \_triops!\_ plaintext.txt = 3 1   
+Example of decryption: decrypt plaintext.txt.$#3 file, writing result to clear.txt, using the password "triops!":   
+
+>    $ ./triops.exe -p triops! -d -o clear.txt plaintext.txt.\$#3   
+   
+Example of decryption: decrypt plaintext.txt.$#3, gplv3.txt.$#3 and A1.jpg.$#3, overwriting each of them, using the password introduced with keyboard:   
 
+>    $ ./triops.exe -k -d plaintext.txt.\$#3 gplv3.txt.\$#3 A1.jpg.\$#3