From adf7d75d31889e2dbd52c15efdecf3a8304c0bc1 Mon Sep 17 00:00:00 2001
From: Jakob Unterwurzacher
Date: Sun, 18 Feb 2018 15:33:35 +0100
Subject: main: changePassword: zero masterkey

Overwrite the masterkey with zeros once we
have encrypted it, and let it run out of scope.

Also get rid of the password duplicate in
readpassword.Twice.
---
 main.go | 19 +++++++++++++------
 1 file changed, 13 insertions(+), 6 deletions(-)

(limited to 'main.go')

diff --git a/main.go b/main.go
index ddb4f4e..1e1de11 100644
--- a/main.go
+++ b/main.go
@@ -61,20 +61,27 @@ func loadConfig(args *argContainer) (masterkey []byte, confFile *configfile.Conf
 }
 
 // changePassword - change the password of config file "filename"
+// Does not return (calls os.Exit both on success and on error).
 func changePassword(args *argContainer) {
-	masterkey, confFile, err := loadConfig(args)
-	if err != nil {
-		exitcodes.Exit(err)
-	}
-	tlog.Info.Println("Please enter your new password.")
+	var confFile *configfile.ConfFile
+	var err error
 	{
+		var masterkey []byte
+		masterkey, confFile, err = loadConfig(args)
+		if err != nil {
+			exitcodes.Exit(err)
+		}
+		tlog.Info.Println("Please enter your new password.")
 		newPw := readpassword.Twice(args.extpass)
 		readpassword.CheckTrailingGarbage()
 		confFile.EncryptKey(masterkey, newPw, confFile.ScryptObject.LogN())
 		for i := range newPw {
 			newPw[i] = 0
 		}
-		// newPw runs out of scope here
+		for i := range masterkey {
+			masterkey[i] = 0
+		}
+		// masterkey and newPw run out of scope here
 	}
 	// Are we resetting the password without knowing the old one using
 	// "-masterkey"?
-- 
cgit v1.2.3