1 .\" $OpenBSD: readpassphrase.3,v 1.17 2007/05/31 19:19:28 jmc Exp $
3 .\" Copyright (c) 2000, 2002 Todd C. Miller <Todd.Miller@courtesan.com>
5 .\" Permission to use, copy, modify, and distribute this software for any
6 .\" purpose with or without fee is hereby granted, provided that the above
7 .\" copyright notice and this permission notice appear in all copies.
9 .\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 .\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 .\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 .\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 .\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 .\" Sponsored in part by the Defense Advanced Research Projects
18 .\" Agency (DARPA) and Air Force Research Laboratory, Air Force
19 .\" Materiel Command, USAF, under agreement number F39502-99-1-0512.
21 .\" $FreeBSD: head/lib/libc/gen/readpassphrase.3 215236 2010-11-13 10:38:06Z delphij $
28 .Nd get a passphrase from the user
35 .Fn readpassphrase "const char *prompt" "char *buf" "size_t bufsiz" "int flags"
39 function displays a prompt to, and reads in a passphrase from,
41 If this file is inaccessible
46 displays the prompt on the standard error output and reads from the standard
48 In this case it is generally not possible to turn off echo.
52 \- 1 characters (one is for the
54 are read into the provided buffer
57 characters and the terminating newline (or return) character are discarded.
62 takes the following optional
65 .Bl -tag -width ".Dv RPP_REQUIRE_TTY" -compact
67 turn off echo (default behavior)
70 .It Dv RPP_REQUIRE_TTY
71 fail if there is no tty
73 force input to lower case
75 force input to upper case
77 strip the high bit from input
79 force read of passphrase from stdin
82 The calling process should zero the passphrase as soon as possible to
83 avoid leaving the cleartext passphrase visible in the process's address
86 Upon successful completion,
88 returns a pointer to the null-terminated passphrase.
89 If an error is encountered, the terminal state is restored and
94 .Bl -tag -width ".Pa /dev/tty" -compact
98 The following code fragment will read a passphrase from
102 .Bd -literal -offset indent
107 if (readpassphrase("Response: ", passbuf, sizeof(passbuf),
108 RPP_REQUIRE_TTY) == NULL)
109 errx(1, "unable to read passphrase");
111 if (compare(transform(passbuf), epass) != 0)
112 errx(1, "bad passphrase");
116 memset(passbuf, 0, sizeof(passbuf));
123 function was interrupted by a signal.
129 The process is a member of a background process attempting to read
130 from its controlling terminal, the process is ignoring or blocking
133 signal or the process group is orphaned.
135 The process has already reached its limit for open file descriptors.
137 The system file table is full.
139 There is no controlling terminal and the
147 will catch the following signals:
149 .Bl -tag -compact -width ".Dv SIGQUIT"
161 When one of the above signals is intercepted, terminal echo will
162 be restored if it had previously been turned off.
163 If a signal handler was installed for the signal when
165 was called that handler is then executed.
166 If no handler was previously installed for the signal then the
167 default action is taken as per
171 .Dv SIGTSTP , SIGTTIN ,
174 signals (stop signal generated from keyboard or due to terminal I/O
175 from a background process) are treated specially.
176 When the process is resumed after it has been stopped,
178 will reprint the prompt and the user may then enter a passphrase.
186 extension and should not be used if portability is desired.
190 function first appeared in