From adf7d75d31889e2dbd52c15efdecf3a8304c0bc1 Mon Sep 17 00:00:00 2001
From: Jakob Unterwurzacher
Date: Sun, 18 Feb 2018 15:33:35 +0100
Subject: main: changePassword: zero masterkey

Overwrite the masterkey with zeros once we
have encrypted it, and let it run out of scope.

Also get rid of the password duplicate in
readpassword.Twice.
---
 internal/readpassword/read.go | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'internal/readpassword')

diff --git a/internal/readpassword/read.go b/internal/readpassword/read.go
index 047eba9..e2fce8a 100644
--- a/internal/readpassword/read.go
+++ b/internal/readpassword/read.go
@@ -49,6 +49,10 @@ func Twice(extpass string) []byte {
 		tlog.Fatal.Println("Passwords do not match")
 		os.Exit(exitcodes.ReadPassword)
 	}
+	// Wipe the password duplicate from memory
+	for i := range p2 {
+		p2[i] = 0
+	}
 	return p1
 }
 
-- 
cgit v1.2.3