summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJakob Unterwurzacher2018-02-18 15:22:22 +0100
committerJakob Unterwurzacher2018-02-18 15:22:22 +0100
commit2cf050d69e9cab45015619e48ea96993129bab44 (patch)
tree097ed3e3da99be30861614804e1e886dff15b76f
parent3b8f5cbb17c964224456bb36b096feafb0e24f44 (diff)
main: zero password once we are done with it
Overwrite the password we have got from the user with zeros once we don't need it anymore, and make sure the variable runs out of scope.
-rw-r--r--gocryptfs-xray/xray_main.go3
-rw-r--r--init_dir.go5
-rw-r--r--main.go15
3 files changed, 18 insertions, 5 deletions
diff --git a/gocryptfs-xray/xray_main.go b/gocryptfs-xray/xray_main.go
index 85470ec..522878a 100644
--- a/gocryptfs-xray/xray_main.go
+++ b/gocryptfs-xray/xray_main.go
@@ -67,6 +67,9 @@ func dumpMasterKey(fn string) {
exitcodes.Exit(err)
}
fmt.Println(hex.EncodeToString(masterkey))
+ for i := range pw {
+ pw[i] = 0
+ }
}
func inspectCiphertext(fd *os.File) {
diff --git a/init_dir.go b/init_dir.go
index b13f741..ea902ec 100644
--- a/init_dir.go
+++ b/init_dir.go
@@ -45,8 +45,9 @@ func initDir(args *argContainer) {
tlog.Fatal.Println(err)
os.Exit(exitcodes.WriteConf)
}
- // Note: cannot overwrite password because in Go, strings are
- // read-only byte slices.
+ for i := range password {
+ password[i] = 0
+ }
// password runs out of scope here
}
// Forward mode with filename encryption enabled needs a gocryptfs.diriv
diff --git a/main.go b/main.go
index ed5784f..ddb4f4e 100644
--- a/main.go
+++ b/main.go
@@ -49,6 +49,9 @@ func loadConfig(args *argContainer) (masterkey []byte, confFile *configfile.Conf
pw := readpassword.Once(args.extpass)
tlog.Info.Println("Decrypting master key")
masterkey, confFile, err = configfile.LoadConfFile(args.config, pw)
+ for i := range pw {
+ pw[i] = 0
+ }
}
if err != nil {
tlog.Fatal.Println(err)
@@ -64,9 +67,15 @@ func changePassword(args *argContainer) {
exitcodes.Exit(err)
}
tlog.Info.Println("Please enter your new password.")
- newPw := readpassword.Twice(args.extpass)
- readpassword.CheckTrailingGarbage()
- confFile.EncryptKey(masterkey, newPw, confFile.ScryptObject.LogN())
+ {
+ newPw := readpassword.Twice(args.extpass)
+ readpassword.CheckTrailingGarbage()
+ confFile.EncryptKey(masterkey, newPw, confFile.ScryptObject.LogN())
+ for i := range newPw {
+ newPw[i] = 0
+ }
+ // newPw runs out of scope here
+ }
// Are we resetting the password without knowing the old one using
// "-masterkey"?
if args.masterkey != "" {