From e4217721c6f60c95ffdd841bc88415c8da4e26f0 Mon Sep 17 00:00:00 2001
From: nbari <nbari@tequila.io>
Date: Sun, 9 Oct 2016 00:47:52 +0200
Subject: [PATCH] shred before removing tempfile

---
 create.go |  4 +++-
 edit.go   |  2 +-
 shred.go  | 36 ++++++++++++++++++++++++++++++++++++
 3 files changed, 40 insertions(+), 2 deletions(-)
 create mode 100644 shred.go

diff --git a/create.go b/create.go
index 8ef54f0..f21b6aa 100644
--- a/create.go
+++ b/create.go
@@ -1,6 +1,7 @@
 package sshvault
 
 import (
+	"fmt"
 	"io/ioutil"
 	"os"
 	"os/exec"
@@ -12,7 +13,7 @@ func (v *vault) Create() ([]byte, error) {
 	if err != nil {
 		return nil, err
 	}
-	defer os.Remove(tmpfile.Name())
+	defer Shred(tmpfile.Name())
 	editor := os.Getenv("EDITOR")
 	if editor == "" {
 		editor = "vi"
@@ -28,5 +29,6 @@ func (v *vault) Create() ([]byte, error) {
 	if err != nil {
 		return nil, err
 	}
+	fmt.Printf("len(b) = %+v\n", len(b))
 	return b, nil
 }
diff --git a/edit.go b/edit.go
index 742a3ce..bf965ba 100644
--- a/edit.go
+++ b/edit.go
@@ -12,7 +12,7 @@ func (v *vault) Edit(data []byte) ([]byte, error) {
 	if err != nil {
 		return nil, err
 	}
-	defer os.Remove(tmpfile.Name())
+	defer Shred(tmpfile.Name())
 	err = ioutil.WriteFile(tmpfile.Name(), data, 0600)
 	if err != nil {
 		return nil, err
diff --git a/shred.go b/shred.go
new file mode 100644
index 0000000..91ee923
--- /dev/null
+++ b/shred.go
@@ -0,0 +1,36 @@
+package sshvault
+
+import (
+	"fmt"
+	"os"
+)
+
+func Shred(file string) error {
+	fmt.Printf("file = %+v\n", file)
+	f, err := os.OpenFile(file, os.O_RDWR, 0600)
+
+	if err != nil {
+		panic(err.Error())
+	}
+
+	defer f.Close()
+
+	fileInfo, err := f.Stat()
+	if err != nil {
+		return err
+	}
+
+	var size int64 = fileInfo.Size()
+	zeroBytes := make([]byte, size)
+
+	// fill out the new slice with 0 value
+	copy(zeroBytes[:], "0")
+
+	// wipe the content of the target file
+	_, err = f.Write([]byte(zeroBytes))
+	if err != nil {
+		return err
+	}
+
+	return os.Remove(file)
+}