summaryrefslogtreecommitdiff
path: root/main.go
diff options
context:
space:
mode:
authorJakob Unterwurzacher2018-02-18 15:33:35 +0100
committerJakob Unterwurzacher2018-02-18 15:36:14 +0100
commitadf7d75d31889e2dbd52c15efdecf3a8304c0bc1 (patch)
tree98d42397b506c5d05bdfd1bb4155b3907f45c40a /main.go
parent2cf050d69e9cab45015619e48ea96993129bab44 (diff)
main: changePassword: zero masterkey
Overwrite the masterkey with zeros once we have encrypted it, and let it run out of scope. Also get rid of the password duplicate in readpassword.Twice.
Diffstat (limited to 'main.go')
-rw-r--r--main.go19
1 files changed, 13 insertions, 6 deletions
diff --git a/main.go b/main.go
index ddb4f4e..1e1de11 100644
--- a/main.go
+++ b/main.go
@@ -61,20 +61,27 @@ func loadConfig(args *argContainer) (masterkey []byte, confFile *configfile.Conf
}
// changePassword - change the password of config file "filename"
+// Does not return (calls os.Exit both on success and on error).
func changePassword(args *argContainer) {
- masterkey, confFile, err := loadConfig(args)
- if err != nil {
- exitcodes.Exit(err)
- }
- tlog.Info.Println("Please enter your new password.")
+ var confFile *configfile.ConfFile
+ var err error
{
+ var masterkey []byte
+ masterkey, confFile, err = loadConfig(args)
+ if err != nil {
+ exitcodes.Exit(err)
+ }
+ tlog.Info.Println("Please enter your new password.")
newPw := readpassword.Twice(args.extpass)
readpassword.CheckTrailingGarbage()
confFile.EncryptKey(masterkey, newPw, confFile.ScryptObject.LogN())
for i := range newPw {
newPw[i] = 0
}
- // newPw runs out of scope here
+ for i := range masterkey {
+ masterkey[i] = 0
+ }
+ // masterkey and newPw run out of scope here
}
// Are we resetting the password without knowing the old one using
// "-masterkey"?