shred before removing tempfile

create.go

@@ -1,6 +1,7 @@
 package sshvault
 
 import (
+	"fmt"
 	"io/ioutil"
 	"os"
 	"os/exec"
@@ -12,7 +13,7 @@ func (v *vault) Create() ([]byte, error) {
 	if err != nil {
 		return nil, err
 	}
-	defer os.Remove(tmpfile.Name())
+	defer Shred(tmpfile.Name())
 	editor := os.Getenv("EDITOR")
 	if editor == "" {
 		editor = "vi"
@@ -28,5 +29,6 @@ func (v *vault) Create() ([]byte, error) {
 	if err != nil {
 		return nil, err
 	}
+	fmt.Printf("len(b) = %+v\n", len(b))
 	return b, nil
 }

edit.go

@@ -12,7 +12,7 @@ func (v *vault) Edit(data []byte) ([]byte, error) {
 	if err != nil {
 		return nil, err
 	}
-	defer os.Remove(tmpfile.Name())
+	defer Shred(tmpfile.Name())
 	err = ioutil.WriteFile(tmpfile.Name(), data, 0600)
 	if err != nil {
 		return nil, err

shred.go

@@ -0,0 +1,36 @@
+package sshvault
+
+import (
+	"fmt"
+	"os"
+)
+
+func Shred(file string) error {
+	fmt.Printf("file = %+v\n", file)
+	f, err := os.OpenFile(file, os.O_RDWR, 0600)
+
+	if err != nil {
+		panic(err.Error())
+	}
+
+	defer f.Close()
+
+	fileInfo, err := f.Stat()
+	if err != nil {
+		return err
+	}
+
+	var size int64 = fileInfo.Size()
+	zeroBytes := make([]byte, size)
+
+	// fill out the new slice with 0 value
+	copy(zeroBytes[:], "0")
+
+	// wipe the content of the target file
+	_, err = f.Write([]byte(zeroBytes))
+	if err != nil {
+		return err
+	}
+
+	return os.Remove(file)
+}