aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJakob Unterwurzacher2018-02-18 15:33:35 +0100
committerJakob Unterwurzacher2018-02-18 15:36:14 +0100
commitadf7d75d31889e2dbd52c15efdecf3a8304c0bc1 (patch)
tree98d42397b506c5d05bdfd1bb4155b3907f45c40a
parent2cf050d69e9cab45015619e48ea96993129bab44 (diff)
main: changePassword: zero masterkey
Overwrite the masterkey with zeros once we have encrypted it, and let it run out of scope. Also get rid of the password duplicate in readpassword.Twice.
-rw-r--r--internal/readpassword/read.go4
-rw-r--r--main.go19
2 files changed, 17 insertions, 6 deletions
diff --git a/internal/readpassword/read.go b/internal/readpassword/read.go
index 047eba9..e2fce8a 100644
--- a/internal/readpassword/read.go
+++ b/internal/readpassword/read.go
@@ -49,6 +49,10 @@ func Twice(extpass string) []byte {
tlog.Fatal.Println("Passwords do not match")
os.Exit(exitcodes.ReadPassword)
}
+ // Wipe the password duplicate from memory
+ for i := range p2 {
+ p2[i] = 0
+ }
return p1
}
diff --git a/main.go b/main.go
index ddb4f4e..1e1de11 100644
--- a/main.go
+++ b/main.go
@@ -61,20 +61,27 @@ func loadConfig(args *argContainer) (masterkey []byte, confFile *configfile.Conf
}
// changePassword - change the password of config file "filename"
+// Does not return (calls os.Exit both on success and on error).
func changePassword(args *argContainer) {
- masterkey, confFile, err := loadConfig(args)
- if err != nil {
- exitcodes.Exit(err)
- }
- tlog.Info.Println("Please enter your new password.")
+ var confFile *configfile.ConfFile
+ var err error
{
+ var masterkey []byte
+ masterkey, confFile, err = loadConfig(args)
+ if err != nil {
+ exitcodes.Exit(err)
+ }
+ tlog.Info.Println("Please enter your new password.")
newPw := readpassword.Twice(args.extpass)
readpassword.CheckTrailingGarbage()
confFile.EncryptKey(masterkey, newPw, confFile.ScryptObject.LogN())
for i := range newPw {
newPw[i] = 0
}
- // newPw runs out of scope here
+ for i := range masterkey {
+ masterkey[i] = 0
+ }
+ // masterkey and newPw run out of scope here
}
// Are we resetting the password without knowing the old one using
// "-masterkey"?