Null out local variables containing secrets after use

[gl-johnson]

Desired Outcome

In security review, we discussed making sure that local variables containing secret values are nulled out to make sure they are no longer in memory after being used.

Implemented Changes

Explicitly null out local variables which could contain secret values. After some research, this is more reliable and secure with byte slices than strings since Golang treats strings as immutable and may be left hanging around in memory, so switch to using slices where possible

Definition of Done

At least 1 todo must be completed in the sections below for the PR to be merged.

Changelog

• [ ] The CHANGELOG has been updated, or
• [x] This PR does not include user-facing changes and doesn't require a CHANGELOG update

Test coverage

• [ ] This PR includes new unit and integration tests to go with the code changes, or
• [x] The changes in this PR do not require tests

Documentation

• [ ] Docs (e.g. READMEs) were updated in this PR
• [ ] A follow-up issue to update official docs has been filed here: [insert issue ID]
• [x] This PR does not require updating any documentation

Behavior

• [ ] This PR changes product behavior and has been reviewed by a PO, or
• [ ] These changes are part of a larger initiative that will be reviewed later, or
• [x] No behavior was changed with this PR

Security

• [x] Security architect has reviewed the changes in this PR,
• [ ] These changes are part of a larger initiative with a separate security review, or
• [ ] There are no security aspects to these changes

[codeclimate[bot]]

Code Climate has analyzed commit aac4d1ea and detected 0 issues on this pull request.

The test coverage on the diff in this pull request is 100.0% (50% is the threshold).

This pull request will bring the total coverage in the repository to 88.2% (0.0% change).

View more on Code Climate.