commit 6f76a28ee907c76d3e240b68275e9eb2c1a91723
parent 4c0fbc7aca051d61ded56822b17e017798c92420
Author: parazyd <parazyd@dyne.org>
Date: Fri, 8 Dec 2017 14:23:59 +0100
use 0400 perms after writing files
Diffstat:
1 file changed, 10 insertions(+), 0 deletions(-)
diff --git a/pkg/lib/crypto.go b/pkg/lib/crypto.go
@@ -33,6 +33,7 @@ func GenRsa(bitSize int) (*rsa.PrivateKey, error) {
// SavePub saves a given RSA public key to a given filename.
func SavePub(filename string, pubkey rsa.PublicKey) (bool, error) {
log.Printf("Writing pubkey to %s\n", filename)
+ // FIXME: worry or not about creating the path if it doesn't exist?
outfile, err := os.Create(filename)
defer outfile.Close()
if err != nil {
@@ -53,12 +54,17 @@ func SavePub(filename string, pubkey rsa.PublicKey) (bool, error) {
if err != nil {
return false, err
}
+ err = outfile.Chmod(0400)
+ if err != nil {
+ return false, err
+ }
return true, nil
}
// SavePriv saves a given RSA private key to a given filename.
func SavePriv(filename string, privkey *rsa.PrivateKey) (bool, error) {
log.Printf("Writing private key to %s\n", filename)
+ // FIXME: worry or not about creating the path if it doesn't exist?
outfile, err := os.Create(filename)
defer outfile.Close()
if err != nil {
@@ -74,6 +80,10 @@ func SavePriv(filename string, privkey *rsa.PrivateKey) (bool, error) {
if err != nil {
return false, err
}
+ err = outfile.Chmod(0400)
+ if err != nil {
+ return false, err
+ }
return true, nil
}
