diff options
| author | Jakob Unterwurzacher | 2017-08-11 18:42:30 +0200 |
|---|---|---|
| committer | Jakob Unterwurzacher | 2017-08-11 19:02:26 +0200 |
| commit | 0c520845f3623eff28f0277a52e3ccffd928f5c2 (patch) | |
| tree | 82a3e0f8c55ae980d29e33b230954638229089c9 /mount.go | |
| parent | f59479736bed49411bda3368f419d6605f1faa78 (diff) | |
main: purge masterkey from memory as soon as possible
Remove the "Masterkey" field from fusefrontend.Args because it
should not be stored longer than neccessary. Instead pass the
masterkey as a separate argument to the filesystem initializers.
Then overwrite it with zeros immediately so we don't have
to wait for garbage collection.
Note that the crypto implementation still stores at least a
masterkey-derived value, so this change makes it harder, but not
impossible, to extract the encryption keys from memory.
Suggested at https://github.com/rfjakob/gocryptfs/issues/137
Diffstat (limited to 'mount.go')
| -rw-r--r-- | mount.go | 12 |
1 files changed, 8 insertions, 4 deletions
@@ -170,7 +170,7 @@ func setOpenFileLimit() { // initFuseFrontend - initialize gocryptfs/fusefrontend // Calls os.Exit on errors -func initFuseFrontend(key []byte, args *argContainer, confFile *configfile.ConfFile) *fuse.Server { +func initFuseFrontend(masterkey []byte, args *argContainer, confFile *configfile.ConfFile) *fuse.Server { // Reconciliate CLI and config file arguments into a fusefrontend.Args struct // that is passed to the filesystem implementation cryptoBackend := cryptocore.BackendGoGCM @@ -187,7 +187,6 @@ func initFuseFrontend(key []byte, args *argContainer, confFile *configfile.ConfF } frontendArgs := fusefrontend.Args{ Cipherdir: args.cipherdir, - Masterkey: key, PlaintextNames: args.plaintextnames, LongNames: args.longnames, CryptoBackend: cryptoBackend, @@ -222,14 +221,19 @@ func initFuseFrontend(key []byte, args *argContainer, confFile *configfile.ConfF var finalFs pathfs.FileSystem var ctlSockBackend ctlsock.Interface if args.reverse { - fs := fusefrontend_reverse.NewFS(frontendArgs) + fs := fusefrontend_reverse.NewFS(masterkey, frontendArgs) finalFs = fs ctlSockBackend = fs } else { - fs := fusefrontend.NewFS(frontendArgs) + fs := fusefrontend.NewFS(masterkey, frontendArgs) finalFs = fs ctlSockBackend = fs } + // fusefrontend / fusefrontend_reverse have initialized their crypto with + // derived keys (HKDF), we can purge the master key from memory. + for i := range masterkey { + masterkey[i] = 0 + } // We have opened the socket early so that we cannot fail here after // asking the user for the password if args._ctlsockFd != nil { |