summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJakob Unterwurzacher2018-02-18 12:41:11 +0100
committerJakob Unterwurzacher2018-02-18 12:41:11 +0100
commitbd78b44389189a57816f9d5be3e4c5fb3c73700f (patch)
tree07c546faaf5bd09a0d07e373863e6df2dfdb9b78
parent0efd220d1e10ac8e3d0048ff4d068cc8174e7185 (diff)
cryptocore, main: add two comments
While reading the code, I had to think about what it does, so add a comment that explains it.
-rw-r--r--internal/cryptocore/cryptocore.go3
-rw-r--r--main.go2
2 files changed, 5 insertions, 0 deletions
diff --git a/internal/cryptocore/cryptocore.go b/internal/cryptocore/cryptocore.go
index 43cfdbc..e427350 100644
--- a/internal/cryptocore/cryptocore.go
+++ b/internal/cryptocore/cryptocore.go
@@ -53,6 +53,9 @@ type CryptoCore struct {
// Even though the "GCMIV128" feature flag is now mandatory, we must still
// support 96-bit IVs here because they were used for encrypting the master
// key in gocryptfs.conf up to gocryptfs v1.2. v1.3 switched to 128 bits.
+//
+// Note: "key" is either the scrypt hash of the password (when decrypting
+// a config file) or the masterkey (when finally mounting the filesystem).
func New(key []byte, aeadType AEADTypeEnum, IVBitLen int, useHKDF bool, forceDecode bool) *CryptoCore {
if len(key) != KeyLen {
log.Panic(fmt.Sprintf("Unsupported key length %d", len(key)))
diff --git a/main.go b/main.go
index 483db6f..acaa205 100644
--- a/main.go
+++ b/main.go
@@ -67,6 +67,8 @@ func changePassword(args *argContainer) {
newPw := readpassword.Twice(args.extpass)
readpassword.CheckTrailingGarbage()
confFile.EncryptKey(masterkey, newPw, confFile.ScryptObject.LogN())
+ // Are we resetting the password without knowing the old one using
+ // "-masterkey"?
if args.masterkey != "" {
bak := args.config + ".bak"
err = os.Link(args.config, bak)