summaryrefslogtreecommitdiff
path: root/internal
diff options
context:
space:
mode:
authorSebastian Lackner2018-12-26 21:17:54 +0100
committerrfjakob2018-12-27 18:47:14 +0100
commit07c486603c42af00c81d9e76e3b0731aa986e881 (patch)
tree0dea41f79d3634c3f1ccdb0e78e240ff271a1a95 /internal
parent874eaf9734cc10940e08f7b043652449e1e220b5 (diff)
configfile: Explicitly wipe scrypt derived key after decrypting/encrypting master key.
Further raises the bar for recovering keys from memory.
Diffstat (limited to 'internal')
-rw-r--r--internal/configfile/config_file.go14
-rw-r--r--internal/contentenc/content.go7
2 files changed, 21 insertions, 0 deletions
diff --git a/internal/configfile/config_file.go b/internal/configfile/config_file.go
index e589060..c6c6e6d 100644
--- a/internal/configfile/config_file.go
+++ b/internal/configfile/config_file.go
@@ -224,6 +224,15 @@ func (cf *ConfFile) DecryptMasterKey(password []byte) (masterkey []byte, err err
tlog.Warn.Enabled = false // Silence DecryptBlock() error messages on incorrect password
masterkey, err = ce.DecryptBlock(cf.EncryptedKey, 0, nil)
tlog.Warn.Enabled = true
+
+ // Purge scrypt-derived key
+ for i := range scryptHash {
+ scryptHash[i] = 0
+ }
+ scryptHash = nil
+ ce.Wipe()
+ ce = nil
+
if err != nil {
tlog.Warn.Printf("failed to unlock master key: %s", err.Error())
return nil, exitcodes.NewErr("Password incorrect.", exitcodes.PasswordIncorrect)
@@ -239,14 +248,19 @@ func (cf *ConfFile) EncryptKey(key []byte, password []byte, logN int) {
// Generate scrypt-derived key from password
cf.ScryptObject = NewScryptKDF(logN)
scryptHash := cf.ScryptObject.DeriveKey(password)
+
// Lock master key using password-based key
useHKDF := cf.IsFeatureFlagSet(FlagHKDF)
ce := getKeyEncrypter(scryptHash, useHKDF)
cf.EncryptedKey = ce.EncryptBlock(key, 0, nil)
+
// Purge scrypt-derived key
for i := range scryptHash {
scryptHash[i] = 0
}
+ scryptHash = nil
+ ce.Wipe()
+ ce = nil
}
// WriteFile - write out config in JSON format to file "filename.tmp"
diff --git a/internal/contentenc/content.go b/internal/contentenc/content.go
index bda3fdc..c0f9851 100644
--- a/internal/contentenc/content.go
+++ b/internal/contentenc/content.go
@@ -324,3 +324,10 @@ func (be *ContentEnc) MergeBlocks(oldData []byte, newData []byte, offset int) []
}
return out[0:outLen]
}
+
+// Wipe tries to wipe secret keys from memory by overwriting them with zeros
+// and/or setting references to nil.
+func (be *ContentEnc) Wipe() {
+ be.cryptoCore.Wipe()
+ be.cryptoCore = nil
+}