diff --git a/README.md b/README.md index 6ff9327..9c1a86b 100644 --- a/README.md +++ b/README.md @@ -135,6 +135,15 @@ margin. Let's play with random data! #decrypt a large file ccr -daS symkey.asc big_data.iso + #password-protect all your private keys + ccr -L + + #protect a symmetric key using another symmetric key + ccr -L -S symkey1 -w symkey2 + + #password-protect symkey2 with a custom cipher + ccr -L -S symkey2 -w @xsynd,cube512 + ## Option reference For completeness I add listing of all options here (also available from @@ -148,8 +157,8 @@ For completeness I add listing of all options here (also available from -T, --test perform (probably nonexistent) testing/debugging stuff Global options: - -R, --in input file, default is stdin - -o, --out output file, default is stdout + -R, --in set input file, default is stdin + -o, --out set output file, default is stdout -E, --err the same for stderr -a, --armor use ascii-armored I/O -y, --yes assume that answer is `yes' everytime @@ -166,13 +175,13 @@ For completeness I add listing of all options here (also available from -C, --clearsign work with cleartext signatures -b, --detach-sign specify file with detached signature -S, --symmetric enable symmetric mode of operation where encryption - is done using symmetric cipher and signatures are - hashes, and specify a filename of symmetric key or hashes + is done using symmetric cipher and signatures are + hashes, and specify a filename of symmetric key or hashes Key management: -g, --gen-key generate keys for specified algorithm -g help list available cryptographic algorithms - -k, --list list contents of keyring + -k, --list list the contents of keyring -K, --list-secret -i, --import import keys -I, --import-secret @@ -182,12 +191,17 @@ For completeness I add listing of all options here (also available from -X, --delete-secret -m, --rename rename matching keys -M, --rename-secret + -L, --lock lock secrets + -U, --unlock unlock secrets Key management options: - -n, --no-action on import, only show what would be imported - -N, --name specify a new name for renaming or importing -F, --filter only work with keys with matching names -f, --fingerprint format full key IDs nicely for human eyes + -N, --name specify a new name for renaming or importing + -n, --no-action on import, only show what would be imported + -w, --with-lock specify the symmetric key for (un)locking the secrets, + -w @SPEC ask for password and expand it to a symmetric key + of type SPEC for (un)locking the secret ## Disclaimer diff --git a/man/ccr.1 b/man/ccr.1 index e5983f0..1625e82 100644 --- a/man/ccr.1 +++ b/man/ccr.1 @@ -1,4 +1,4 @@ -.TH CCR 1 2017-10-22 "ccr" "Codecrypt" +.TH CCR 1 2017-10-23 "ccr" "Codecrypt" .SH NAME .B ccr \- The post-quantum cryptography encryption and signing tool @@ -498,6 +498,15 @@ ccr -eaS symkey.asc -R big_data.iso -o big_data_encrypted.iso #decrypt a large file ccr -daS symkey.asc big_data.iso + +#password-protect all your private keys +ccr -L + +#protect a symmetric key using another symmetric key +ccr -L -S symkey1 -w symkey2 + +#password-protect symkey2 with a custom cipher +ccr -L -S symkey2 -w @xsynd,cube512 .fi .SH DISCLAIMER diff --git a/src/main.cpp b/src/main.cpp index 06d3f78..ae38e1a 100644 --- a/src/main.cpp +++ b/src/main.cpp @@ -85,6 +85,8 @@ void print_help (char*pname) out (" -N, --name specify a new name for renaming or importing"); out (" -n, --no-action on import, only show what would be imported"); out (" -w, --with-lock specify the symmetric key for (un)locking the secrets"); + out (" -w @SPEC ask for password and expand it to a symmetric key"); + out(" of type SPEC for (un)locking the secret"); outeol; out (" With -S and -w, using `@' as the key file name will cause the program to"); out (" interactively ask for a password and derive the symmetric key from it.");