main: changePassword: zero masterkey

Overwrite the masterkey with zeros once we have encrypted it, and let it run out of scope. Also get rid of the password duplicate in readpassword.Twice.
author: Jakob Unterwurzacher 2018-02-18 15:33:35 +0100
committer: Jakob Unterwurzacher 2018-02-18 15:36:14 +0100
commit: adf7d75d31889e2dbd52c15efdecf3a8304c0bc1 (patch)
tree: 98d42397b506c5d05bdfd1bb4155b3907f45c40a /main.go
parent: 2cf050d69e9cab45015619e48ea96993129bab44 (diff)
1 files changed, 13 insertions, 6 deletions
diff --git a/main.go b/main.go
index ddb4f4e..1e1de11 100644
--- a/main.go
+++ b/main.go
@@ -61,20 +61,27 @@ func loadConfig(args *argContainer) (masterkey []byte, confFile *configfile.Conf
 }
 
 // changePassword - change the password of config file "filename"
+// Does not return (calls os.Exit both on success and on error).
 func changePassword(args *argContainer) {
-	masterkey, confFile, err := loadConfig(args)
-	if err != nil {
-		exitcodes.Exit(err)
-	}
-	tlog.Info.Println("Please enter your new password.")
+	var confFile *configfile.ConfFile
+	var err error
 	{
+		var masterkey []byte
+		masterkey, confFile, err = loadConfig(args)
+		if err != nil {
+			exitcodes.Exit(err)
+		}
+		tlog.Info.Println("Please enter your new password.")
 		newPw := readpassword.Twice(args.extpass)
 		readpassword.CheckTrailingGarbage()
 		confFile.EncryptKey(masterkey, newPw, confFile.ScryptObject.LogN())
 		for i := range newPw {
 			newPw[i] = 0
 		}
-		// newPw runs out of scope here
+		for i := range masterkey {
+			masterkey[i] = 0
+		}
+		// masterkey and newPw run out of scope here
 	}
 	// Are we resetting the password without knowing the old one using
 	// "-masterkey"?
author	Jakob Unterwurzacher	2018-02-18 15:33:35 +0100
committer	Jakob Unterwurzacher	2018-02-18 15:36:14 +0100
commit	adf7d75d31889e2dbd52c15efdecf3a8304c0bc1 (patch)
tree	98d42397b506c5d05bdfd1bb4155b3907f45c40a /main.go
parent	2cf050d69e9cab45015619e48ea96993129bab44 (diff)