public/unlock-store: idempotent call for passphrases

This allows the user to call it even after the store has been unlock in order to get the admin token.
2023-11-09 08:59:27 +01:00
parent efa6193954
commit 40d08139db
3 changed files with 27 additions and 1 deletions
--- a/secretstore/secret-store.go
+++ b/secretstore/secret-store.go
@ -175,9 +175,21 @@ func (s *Store) WriteTo(out io.Writer) (n int64, err error) {

 var ErrNoSuchKey = errors.New("no such key")

+func (s *Store) HasKey(passphrase []byte) bool {
+	key, hash := s.keyPairFromPassword(passphrase)
+	defer memzero(key[:])
+
+	for _, k := range s.Keys {
+		if k.Hash == hash {
+			return true
+		}
+	}
+
+	return false
+}
+
 func (s *Store) Unlock(passphrase []byte) (ok bool) {
 	key, hash := s.keyPairFromPassword(passphrase)
-	memzero(passphrase)
 	defer memzero(key[:])

 	var idx = -1