/* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ /* With the exception of GetPasswordString, this file was copied from NSS's cmd/lib/secutil.c hg revision 8f011395145e */ #include "nss_secutil.h" #include "prprf.h" #ifdef XP_WIN #include <io.h> #else #include <unistd.h> #endif static char consoleName[] = { #ifdef XP_UNIX "/dev/tty" #else "CON:" #endif }; #if defined(_WINDOWS) static char * quiet_fgets (char *buf, int length, FILE *input) { int c; char *end = buf; /* fflush (input); */ memset (buf, 0, length); if (!isatty(fileno(input))) { return fgets(buf,length,input); } while (1) { #if defined (_WIN32_WCE) c = getchar(); /* gets a character from stdin */ #else c = getch(); /* getch gets a character from the console */ #endif if (c == '\b') { if (end > buf) end--; } else if (--length > 0) *end++ = c; if (!c || c == '\n' || c == '\r') break; } return buf; } #endif char * GetPasswordString(void *arg, char *prompt) { FILE *input = stdin; char phrase[200] = {'\0'}; int isInputTerminal = isatty(fileno(stdin)); #ifndef _WINDOWS if (isInputTerminal) { input = fopen(consoleName, "r"); if (input == NULL) { fprintf(stderr, "Error opening input terminal for read\n"); return NULL; } } #endif if (isInputTerminal) { fprintf(stdout, "Please enter your password:\n"); fflush(stdout); } if (!QUIET_FGETS(phrase, sizeof(phrase), input)) { fprintf(stderr, "QUIET_FGETS failed\n"); return NULL; } if (isInputTerminal) { fprintf(stdout, "\n"); } #ifndef _WINDOWS if (isInputTerminal) { fclose(input); } #endif /* Strip off the newlines if present */ if (phrase[PORT_Strlen(phrase)-1] == '\n' || phrase[PORT_Strlen(phrase)-1] == '\r') { phrase[PORT_Strlen(phrase)-1] = 0; } return (char*) PORT_Strdup(phrase); } char * SECU_FilePasswd(PK11SlotInfo *slot, PRBool retry, void *arg) { char* phrases, *phrase; PRFileDesc *fd; int32_t nb; char *pwFile = arg; int i; const long maxPwdFileSize = 4096; char* tokenName = NULL; int tokenLen = 0; if (!pwFile) return 0; if (retry) { return 0; /* no good retrying - the files contents will be the same */ } phrases = PORT_ZAlloc(maxPwdFileSize); if (!phrases) { return 0; /* out of memory */ } fd = PR_Open(pwFile, PR_RDONLY, 0); if (!fd) { fprintf(stderr, "No password file \"%s\" exists.\n", pwFile); PORT_Free(phrases); return NULL; } nb = PR_Read(fd, phrases, maxPwdFileSize); PR_Close(fd); if (nb == 0) { fprintf(stderr,"password file contains no data\n"); PORT_Free(phrases); return NULL; } if (slot) { tokenName = PK11_GetTokenName(slot); if (tokenName) { tokenLen = PORT_Strlen(tokenName); } } i = 0; do { int startphrase = i; int phraseLen; /* handle the Windows EOL case */ while (phrases[i] != '\r' && phrases[i] != '\n' && i < nb) i++; /* terminate passphrase */ phrases[i++] = '\0'; /* clean up any EOL before the start of the next passphrase */ while ( (i<nb) && (phrases[i] == '\r' || phrases[i] == '\n')) { phrases[i++] = '\0'; } /* now analyze the current passphrase */ phrase = &phrases[startphrase]; if (!tokenName) break; if (PORT_Strncmp(phrase, tokenName, tokenLen)) continue; phraseLen = PORT_Strlen(phrase); if (phraseLen < (tokenLen+1)) continue; if (phrase[tokenLen] != ':') continue; phrase = &phrase[tokenLen+1]; break; } while (i<nb); phrase = PORT_Strdup((char*)phrase); PORT_Free(phrases); return phrase; } char * SECU_GetModulePassword(PK11SlotInfo *slot, PRBool retry, void *arg) { char prompt[255]; secuPWData *pwdata = (secuPWData *)arg; secuPWData pwnull = { PW_NONE, 0 }; secuPWData pwxtrn = { PW_EXTERNAL, "external" }; char *pw; if (pwdata == NULL) pwdata = &pwnull; if (PK11_ProtectedAuthenticationPath(slot)) { pwdata = &pwxtrn; } if (retry && pwdata->source != PW_NONE) { PR_fprintf(PR_STDERR, "Incorrect password/PIN entered.\n"); return NULL; } switch (pwdata->source) { case PW_NONE: sprintf(prompt, "Enter Password or Pin for \"%s\":", PK11_GetTokenName(slot)); return GetPasswordString(NULL, prompt); case PW_FROMFILE: /* Instead of opening and closing the file every time, get the pw * once, then keep it in memory (duh). */ pw = SECU_FilePasswd(slot, retry, pwdata->data); pwdata->source = PW_PLAINTEXT; pwdata->data = PL_strdup(pw); /* it's already been dup'ed */ return pw; case PW_EXTERNAL: sprintf(prompt, "Press Enter, then enter PIN for \"%s\" on external device.\n", PK11_GetTokenName(slot)); pw = GetPasswordString(NULL, prompt); if (pw) { memset(pw, 0, PORT_Strlen(pw)); PORT_Free(pw); } /* Fall Through */ case PW_PLAINTEXT: return PL_strdup(pwdata->data); default: break; } PR_fprintf(PR_STDERR, "Password check failed: No password found.\n"); return NULL; }