Skip to content

Commit

Permalink
Clear password buffer
Browse files Browse the repository at this point in the history
  • Loading branch information
@Barquadd
Barquadd committed Jan 1, 2023
1 parent c5494e6 commit 0a36caa
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 2 deletions.
3 changes: 2 additions & 1 deletion Cargo.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,4 +15,5 @@ aes-gcm = "0.10.1"
clap = {version="4.0.32", features=["cargo"]}
rand = "0.8.5"
rpassword = "7.2.0"
sha2 = "0.10.6"
sha2 = "0.10.6"
zeroize = "1.5.7"
4 changes: 3 additions & 1 deletion src/main.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ use aes_gcm::{
use clap::{arg, command, value_parser};
use sha2::{Digest, Sha256};
use std::{fs::write, path::PathBuf};
use zeroize::Zeroize;

fn hash_vec_n_times(v: &Vec<u8>, n: u32) -> Vec<u8> {
let mut hasher = Sha256::new();
Expand All @@ -22,8 +23,9 @@ fn hash_vec_n_times(v: &Vec<u8>, n: u32) -> Vec<u8> {
fn get_user_pass() -> Vec<u8> {
let password = rpassword::prompt_password("Please enter a password: ").unwrap();
let password = password.trim();
let password: Vec<u8> = password.as_bytes().to_vec();
let mut password: Vec<u8> = password.as_bytes().to_vec();
let key: Vec<u8> = hash_vec_n_times(&password, 100_000);
password.zeroize();
key
}

Expand Down

0 comments on commit 0a36caa

Please sign in to comment.