1
0
Fork 0
mirror of https://github.com/restic/restic.git synced 2024-12-24 00:37:28 +00:00

Clarify documentation about MAC key

This commit is contained in:
Alexander Neumann 2015-08-22 13:28:28 +02:00
parent 16e87d7208
commit b6872fb454

View file

@ -249,13 +249,13 @@ These last 32 bytes are divided into a 16 byte AES key `k` followed by 16 bytes
of secret key `r`. They key `r` is then masked for use with Poly1305 (see the of secret key `r`. They key `r` is then masked for use with Poly1305 (see the
paper for details). paper for details).
This message authentication key is used to compute a MAC over the bytes contained This message authentication key (`k` and `r`) is used to compute a MAC over the
in the JSON field `data` (after removing the Base64 encoding and not including bytes contained in the JSON field `data` (after removing the Base64 encoding
the last 32 byte). If the password is incorrect or the key file has been and not including the last 32 byte). If the password is incorrect or the key
tampered with, the computed MAC will not match the last 16 bytes of the data, file has been tampered with, the computed MAC will not match the last 16 bytes
and restic exits with an error. Otherwise, the data is decrypted with the of the data, and restic exits with an error. Otherwise, the data is decrypted
encryption key derived from `scrypt`. This yields a JSON document which with the encryption key derived from `scrypt`. This yields a JSON document
contains the master encryption and message authentication keys for this which contains the master encryption and message authentication keys for this
repository (encoded in Base64). The command `restic cat masterkey` can be used repository (encoded in Base64). The command `restic cat masterkey` can be used
as follows to decrypt and pretty-print the master key: as follows to decrypt and pretty-print the master key: