Main password encrypted in memory

This commit is contained in:
ycc
2026-02-02 18:15:57 +01:00
parent bb56b8dd9c
commit 7cf212fc76
13 changed files with 145 additions and 110 deletions

View File

@@ -2,8 +2,11 @@ package client
import (
"encoding/json"
"errors"
"os"
"sync"
"github.com/awnumar/memguard"
)
type Config struct {
@@ -47,7 +50,7 @@ type Config struct {
DbSuffix string `json:"db_suffix,omitempty"`
// Inner
memoryPassword string
memoryPassword *memguard.LockedBuffer
additionalPasswords []string
me *Identity
}
@@ -95,12 +98,19 @@ func (c *Config) Save(filename string) error {
return nil
}
func (c *Config) SetMemPass(pass string) {
c.memoryPassword = pass
func (c *Config) SetMemPass(pass string) error {
if c.memoryPassword != nil {
c.memoryPassword.Destroy()
}
c.memoryPassword = memguard.NewBufferFromBytes([]byte(pass))
return nil
}
func (c *Config) GetMemPass() string {
return c.memoryPassword
func (c *Config) GetMemPass() (string, error) {
if c.memoryPassword == nil {
return "", errors.New("password not set")
}
return string(c.memoryPassword.Bytes()), nil
}
func (c *Config) GetIdentity() *Identity {
@@ -116,5 +126,9 @@ func (c *Config) SaveIdentity() error {
}
func (c *Config) Clean() {
if c.memoryPassword != nil {
c.memoryPassword.Destroy()
c.memoryPassword = nil
}
c.additionalPasswords = []string{}
}