main: try to wipe cryptocore's secret keys on unmount

Raise the bar for recovering keys from memory. https://github.com/rfjakob/gocryptfs/issues/211
author: Jakob Unterwurzacher 2018-02-18 11:33:47 +0100
committer: Jakob Unterwurzacher 2018-02-18 11:39:10 +0100
commit: 18f6c6106c66ba1fe6e7b48aaa5dd444ba0f9b09 (patch)
tree: 98d0fd648fee94bd6b4852144250f1a53e247da3 /internal/stupidgcm/without_openssl.go
parent: 719693ec5dd1153318606f151915231d71ddfe0b (diff)
1 files changed, 11 insertions, 7 deletions
diff --git a/internal/stupidgcm/without_openssl.go b/internal/stupidgcm/without_openssl.go
index 0c1c149..deac342 100644
--- a/internal/stupidgcm/without_openssl.go
+++ b/internal/stupidgcm/without_openssl.go
@@ -9,7 +9,7 @@ import (
 	"github.com/rfjakob/gocryptfs/internal/exitcodes"
 )
 
-type stupidGCM struct{}
+type StupidGCM struct{}
 
 const (
 	// BuiltWithoutOpenssl indicates if openssl been disabled at compile-time
@@ -21,28 +21,32 @@ func errExit() {
 	os.Exit(exitcodes.OpenSSL)
 }
 
-func New(_ []byte, _ bool) *stupidGCM {
+func New(_ []byte, _ bool) *StupidGCM {
 	errExit()
 	// Never reached
-	return &stupidGCM{}
+	return &StupidGCM{}
 }
 
-func (g *stupidGCM) NonceSize() int {
+func (g *StupidGCM) NonceSize() int {
 	errExit()
 	return -1
 }
 
-func (g *stupidGCM) Overhead() int {
+func (g *StupidGCM) Overhead() int {
 	errExit()
 	return -1
 }
 
-func (g *stupidGCM) Seal(_, _, _, _ []byte) []byte {
+func (g *StupidGCM) Seal(_, _, _, _ []byte) []byte {
 	errExit()
 	return nil
 }
 
-func (g *stupidGCM) Open(_, _, _, _ []byte) ([]byte, error) {
+func (g *StupidGCM) Open(_, _, _, _ []byte) ([]byte, error) {
 	errExit()
 	return nil, nil
 }
+
+func (g *StupidGCM) Wipe() {
+	errExit()
+}
author	Jakob Unterwurzacher	2018-02-18 11:33:47 +0100
committer	Jakob Unterwurzacher	2018-02-18 11:39:10 +0100
commit	18f6c6106c66ba1fe6e7b48aaa5dd444ba0f9b09 (patch)
tree	98d0fd648fee94bd6b4852144250f1a53e247da3 /internal/stupidgcm/without_openssl.go
parent	719693ec5dd1153318606f151915231d71ddfe0b (diff)