src/or/config.c · 8dcbdf58a7fe3b1865b78387126cfe74dd0f0602 · Mike Perry / Tor

Support encrypted offline master keys with a new --keygen flag · b6eee531

Nick Mathewson authored Mar 01, 2015

When --keygen is provided, we prompt for a passphrase when we make a
new master key; if it is nonempty, we store the secret key in a new
crypto_pwbox.

Also, if --keygen is provided and there *is* an encrypted master key,
we load it and prompt for a passphrase unconditionally.

We make a new signing key unconditionally when --keygen is provided.
We never overwrite a master key.

b6eee531