summaryrefslogtreecommitdiff
path: root/internal/configfile/config_file.go
diff options
context:
space:
mode:
authorJakob Unterwurzacher2018-02-18 14:26:54 +0100
committerJakob Unterwurzacher2018-02-18 14:26:54 +0100
commit3b8f5cbb17c964224456bb36b096feafb0e24f44 (patch)
tree1caae8dbf736510b971790b94c1975b325dfe377 /internal/configfile/config_file.go
parent14c063428dcded6a1060395bb45bf7bd5d185738 (diff)
readpassword: convert from string to []byte
This will allows us to overwrite the password with zeros once we are done with it. https://github.com/rfjakob/gocryptfs/issues/211
Diffstat (limited to 'internal/configfile/config_file.go')
-rw-r--r--internal/configfile/config_file.go8
1 files changed, 4 insertions, 4 deletions
diff --git a/internal/configfile/config_file.go b/internal/configfile/config_file.go
index 01e3b80..3fd16c7 100644
--- a/internal/configfile/config_file.go
+++ b/internal/configfile/config_file.go
@@ -67,7 +67,7 @@ func randBytesDevRandom(n int) []byte {
// CreateConfFile - create a new config with a random key encrypted with
// "password" and write it to "filename".
// Uses scrypt with cost parameter logN.
-func CreateConfFile(filename string, password string, plaintextNames bool, logN int, creator string, aessiv bool, devrandom bool) error {
+func CreateConfFile(filename string, password []byte, plaintextNames bool, logN int, creator string, aessiv bool, devrandom bool) error {
var cf ConfFile
cf.filename = filename
cf.Creator = creator
@@ -114,7 +114,7 @@ func CreateConfFile(filename string, password string, plaintextNames bool, logN
//
// If "password" is empty, the config file is read
// but the key is not decrypted (returns nil in its place).
-func LoadConfFile(filename string, password string) ([]byte, *ConfFile, error) {
+func LoadConfFile(filename string, password []byte) ([]byte, *ConfFile, error) {
var cf ConfFile
cf.filename = filename
@@ -171,7 +171,7 @@ func LoadConfFile(filename string, password string) ([]byte, *ConfFile, error) {
return nil, nil, fmt.Errorf("Deprecated filesystem")
}
- if password == "" {
+ if len(password) == 0 {
// We have validated the config file, but without a password we cannot
// decrypt the master key. Return only the parsed config.
return nil, &cf, nil
@@ -199,7 +199,7 @@ func LoadConfFile(filename string, password string) ([]byte, *ConfFile, error) {
// and store it in cf.EncryptedKey.
// Uses scrypt with cost parameter logN and stores the scrypt parameters in
// cf.ScryptObject.
-func (cf *ConfFile) EncryptKey(key []byte, password string, logN int) {
+func (cf *ConfFile) EncryptKey(key []byte, password []byte, logN int) {
// Generate scrypt-derived key from password
cf.ScryptObject = NewScryptKDF(logN)
scryptHash := cf.ScryptObject.DeriveKey(password)