libgocryptfs/init_dir.go
Jakob Unterwurzacher 5b5c7a0a5d main: overwrite keys and let them run out of scope
As soon as we don't need them anymore, overwrite
keys with zeros. Make sure they run out of scope
so we don't create a risk of inadvertedly using
all-zero keys for encryption.

https://github.com/rfjakob/gocryptfs/issues/211
2018-02-18 12:42:22 +01:00

83 lines
2.5 KiB
Go

package main
import (
"os"
"path/filepath"
"strings"
"github.com/rfjakob/gocryptfs/internal/configfile"
"github.com/rfjakob/gocryptfs/internal/exitcodes"
"github.com/rfjakob/gocryptfs/internal/nametransform"
"github.com/rfjakob/gocryptfs/internal/readpassword"
"github.com/rfjakob/gocryptfs/internal/tlog"
)
// initDir prepares a directory for use as a gocryptfs storage directory.
// In forward mode, this means creating the gocryptfs.conf and gocryptfs.diriv
// files in an empty directory.
// In reverse mode, we create .gocryptfs.reverse.conf and the directory does
// not to be empty.
func initDir(args *argContainer) {
var err error
if args.reverse {
_, err = os.Stat(args.config)
if err == nil {
tlog.Fatal.Printf("Config file %q already exists", args.config)
os.Exit(exitcodes.Init)
}
} else {
err = checkDirEmpty(args.cipherdir)
if err != nil {
tlog.Fatal.Printf("Invalid cipherdir: %v", err)
os.Exit(exitcodes.Init)
}
}
// Choose password for config file
if args.extpass == "" {
tlog.Info.Printf("Choose a password for protecting your files.")
}
{
creator := tlog.ProgramName + " " + GitVersion
password := readpassword.Twice(args.extpass)
readpassword.CheckTrailingGarbage()
err = configfile.CreateConfFile(args.config, password, args.plaintextnames, args.scryptn, creator, args.aessiv, args.devrandom)
if err != nil {
tlog.Fatal.Println(err)
os.Exit(exitcodes.WriteConf)
}
// Note: cannot overwrite password because in Go, strings are
// read-only byte slices.
// password runs out of scope here
}
// Forward mode with filename encryption enabled needs a gocryptfs.diriv
// in the root dir
if !args.plaintextnames && !args.reverse {
err = nametransform.WriteDirIV(nil, args.cipherdir)
if err != nil {
tlog.Fatal.Println(err)
os.Exit(exitcodes.Init)
}
}
mountArgs := ""
fsName := "gocryptfs"
if args.reverse {
mountArgs = " -reverse"
fsName = "gocryptfs-reverse"
}
tlog.Info.Printf(tlog.ColorGreen+"The %s filesystem has been created successfully."+tlog.ColorReset,
fsName)
wd, _ := os.Getwd()
friendlyPath, _ := filepath.Rel(wd, args.cipherdir)
if strings.HasPrefix(friendlyPath, "../") {
// A relative path that starts with "../" is pretty unfriendly, just
// keep the absolute path.
friendlyPath = args.cipherdir
}
if strings.Contains(friendlyPath, " ") {
friendlyPath = "\"" + friendlyPath + "\""
}
tlog.Info.Printf(tlog.ColorGrey+"You can now mount it using: %s%s %s MOUNTPOINT"+tlog.ColorReset,
tlog.ProgramName, mountArgs, friendlyPath)
os.Exit(0)
}