main: purge masterkey from memory as soon as possible

Remove the "Masterkey" field from fusefrontend.Args because it should not be stored longer than neccessary. Instead pass the masterkey as a separate argument to the filesystem initializers. Then overwrite it with zeros immediately so we don't have to wait for garbage collection. Note that the crypto implementation still stores at least a masterkey-derived value, so this change makes it harder, but not impossible, to extract the encryption keys from memory. Suggested at https://github.com/rfjakob/gocryptfs/issues/137
author: Jakob Unterwurzacher 2017-08-11 18:42:30 +0200
committer: Jakob Unterwurzacher 2017-08-11 19:02:26 +0200
commit: 0c520845f3623eff28f0277a52e3ccffd928f5c2 (patch)
tree: 82a3e0f8c55ae980d29e33b230954638229089c9 /internal/fusefrontend/args.go
parent: f59479736bed49411bda3368f419d6605f1faa78 (diff)
1 files changed, 0 insertions, 1 deletions
diff --git a/internal/fusefrontend/args.go b/internal/fusefrontend/args.go
index 37f4463..fc9de73 100644
--- a/internal/fusefrontend/args.go
+++ b/internal/fusefrontend/args.go
@@ -7,7 +7,6 @@ import (
 
 // Args is a container for arguments that are passed from main() to fusefrontend
 type Args struct {
-	Masterkey []byte
 	// Cipherdir is the backing storage directory (absolute path).
 	// For reverse mode, Cipherdir actually contains *plaintext* files.
 	Cipherdir      string
author	Jakob Unterwurzacher	2017-08-11 18:42:30 +0200
committer	Jakob Unterwurzacher	2017-08-11 19:02:26 +0200
commit	0c520845f3623eff28f0277a52e3ccffd928f5c2 (patch)
tree	82a3e0f8c55ae980d29e33b230954638229089c9 /internal/fusefrontend/args.go
parent	f59479736bed49411bda3368f419d6605f1faa78 (diff)