Updated README file.

README.md

@@ -22,8 +22,8 @@ Synopsis
 
 The SlunkCypt command-line program is invoked as follows:
 
-    slunkcrypt --encrypt [[@][:]<passphrase>] <input.txt> <output.enc>
-    slunkcrypt --decrypt [[@][:]<passphrase>] <input.enc> <output.txt>
+    slunkcrypt --encrypt [[@][:]<passphrase>] <input> <output>
+    slunkcrypt --decrypt [[@][:]<passphrase>] <input> <output>
     slunkcrypt --make-pw [<length>]
 
 Commands
@@ -32,24 +32,37 @@ Commands
 One of the following commands must be chosen:
 
 - **`--encrypt` (`-e`):**  
-  Encrypt the plaintext in the given input file. The ciphertext is written to the specified output file.
+  Run application in ***encrypt*** mode. Reads the given *plaintext* and generates *ciphertext*.
 - **`--decrypt` (`-d`):**  
-  Decrypt the ciphertext in the given input file. The plaintext is written to the specified output file.
+  Run application in ***decrypt*** mode. Reads the given *ciphertext* and restores *plaintext*.
 - **`--make-pw` (`-p`):**  
-  Generate and print a random passphrase. An optional length can be specified (default: 24).
+  Generate and output a "strong" random passphrase suitable for use with SlunkCrypt.
 - **`--self-test` (`-t`):**  
-  Run the self-test and exit application.
+  Run application in ***self-test*** mode. Program will exit when test is completed.
 
 Options
 -------
 
 The following options are available:
 
-- If `<passphrase>` is prefixed with a **`@`** character, then it specifies the file to read the passphrase from.  
-  *Note:* Only the first non-empty line in the specified file is used!
-- If `<passphrase>` is prefixed with a **`:`** character, then the leading character is ignored.
-- If `<passphrase>` is omitted, then the passphrase is read from the `SLUNK_PASSPHRASE` environment variable.
-- If `<passphrase>` is set to **`@-`**, then the passphrase is read from the standard input stream.
+- **`<passphrase>`**:  
+  * The passphrase used to "protect" the message. The same passphrase must be used for both, ***encrypt*** and ***decrypt*** mode.
+  * It will only be possible decrypt the ciphertext, if the "correct" passphrase is known.
+  * Use **`--make-pw`** to generate a random passphrase. The passphrase must be kept confidential under all circumstances!
+  * **Syntax:**
+    - If the passphrase is prefixed with an **`@`** character, then it specifies the file to read the passphrase from.
+    - If the passphrase is set to **`@-`**, then the passphrase is read from the standard input stream.
+    - If the passphrase is prefixed with an **`:`** character, then the leading character is ignored; use if passphrase contains **`@`** character.
+    - If the parameter is *omitted*, then the passphrase is read from the `SLUNK_PASSPHRASE` environment variable.
+  * *Note:* In order to thwart brute force attacks, it is recommended to choose a "random" password that is at least 12 characters in length and that consists of upper-case characters, lower-case characters, digits as well as other "special" characters.
+- **`<input>`**:  
+  * In ***encrypt*** mode, specifies the *plaintext* (unencrypted information) file that is to be encrypted.
+  * In ***decrypt*** mode, specifies the *ciphertext* (result of encryption) file that is to be decrypted.
+- **`<output>`**:  
+  * In ***encrypt*** mode, specifies the file where the *ciphertext* (result of encryption) will be stored.
+  * In ***decrypt*** mode, specifies the file where the *plaintext* (unencrypted information) will be stored.
+- **`<length>`**:  
+  * Speicifes the length of the passphrase to be generated, in characters. If *not* specified, defaults to 24.
 
 
 Programming Interface (API)
@@ -203,7 +216,7 @@ Encrypt the next message chunk, using a single buffer.
 
 
 License
--------
+=======
 
 This work has been released under the **CC0 1.0 Universal** license.