From 8067d9bace148a254528fdf752f083d2a0debada Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Fri, 19 Oct 2012 10:08:26 -0400 Subject: [PATCH 38/41] Add support to read the pin from stdin in client. Signed-off-by: Peter Jones --- src/client.c | 10 +++++++--- src/password.c | 41 +++++++++++++++++++++++++++++++++++++++++ src/password.h | 1 + src/signer_info.c | 45 +-------------------------------------------- 4 files changed, 50 insertions(+), 47 deletions(-) diff --git a/src/client.c b/src/client.c index 777197a..1ec582b 100644 --- a/src/client.c +++ b/src/client.c @@ -212,10 +212,14 @@ get_token_pin(int pinfd, char *pinfile, char *envname) fclose(pinf); return pin; - } else - return strdup(getenv(envname)); + } else { + pin = getenv(envname); + if (pin) + return strdup(pin); + } - return NULL; + pin = readpw(NULL, PR_FALSE, NULL); + return pin; } static void diff --git a/src/password.c b/src/password.c index 100c584..c663955 100644 --- a/src/password.c +++ b/src/password.c @@ -17,6 +17,7 @@ * Author(s): Peter Jones */ +#include #include #include #include @@ -289,4 +290,44 @@ SECU_GetModulePassword(PK11SlotInfo *slot, PRBool retry, void *arg) return NULL; } +#if 0 +#warning investigate killing readpw +#endif +char * +readpw(PK11SlotInfo *slot, PRBool retry, void *arg) +{ + struct termios sio, tio; + char line[LINE_MAX], *p; + if (tcgetattr(fileno(stdin), &sio) < 0) { + fprintf(stderr, "Could not read password from standard input.\n"); + return NULL; + } + tio = sio; + tio.c_lflag &= ~ECHO; + if (tcsetattr(fileno(stdin), 0, &tio) < 0) { + fprintf(stderr, "Could not read password from standard input.\n"); + return NULL; + } + + fprintf(stdout, "Enter passphrase for private key: "); + if (fgets(line, sizeof(line), stdin) == NULL) { + fprintf(stdout, "\n"); + tcsetattr(fileno(stdin), 0, &sio); + return NULL; + } + fprintf(stdout, "\n"); + tcsetattr(fileno(stdin), 0, &sio); + + p = line + strcspn(line, "\r\n"); + if (p != NULL) + *p = '\0'; + + char *ret = strdup(line); + memset(line, '\0', sizeof (line)); + if (!ret) { + fprintf(stderr, "Could not read passphrase.\n"); + return NULL; + } + return ret; +} diff --git a/src/password.h b/src/password.h index 853bd5a..bcbac44 100644 --- a/src/password.h +++ b/src/password.h @@ -22,5 +22,6 @@ extern char *SECU_GetModulePassword(PK11SlotInfo *slot, PRBool retry, void *arg); extern char *get_password_passthrough(PK11SlotInfo *slot, PRBool retry, void *arg); extern char *get_password_fail(PK11SlotInfo *slot, PRBool retry, void *arg); +extern char *readpw(PK11SlotInfo *slot, PRBool retry, void *arg); #endif /* PASSWORD_H */ diff --git a/src/signer_info.c b/src/signer_info.c index 932b896..f755bf6 100644 --- a/src/signer_info.c +++ b/src/signer_info.c @@ -19,10 +19,8 @@ #include "pesign.h" -#include #include #include -#include #include #include @@ -159,47 +157,6 @@ err: return -1; } -#if 0 -#warning investigate killing getpw -#endif -static char *getpw(PK11SlotInfo *slot, PRBool retry, void *arg) -{ - struct termios sio, tio; - char line[LINE_MAX], *p; - - if (tcgetattr(fileno(stdin), &sio) < 0) { - fprintf(stderr, "Could not read password from standard input.\n"); - return NULL; - } - tio = sio; - tio.c_lflag &= ~ECHO; - if (tcsetattr(fileno(stdin), 0, &tio) < 0) { - fprintf(stderr, "Could not read password from standard input.\n"); - return NULL; - } - - fprintf(stdout, "Enter passphrase for private key: "); - if (fgets(line, sizeof(line), stdin) == NULL) { - fprintf(stdout, "\n"); - tcsetattr(fileno(stdin), 0, &sio); - return NULL; - } - fprintf(stdout, "\n"); - tcsetattr(fileno(stdin), 0, &sio); - - p = line + strcspn(line, "\r\n"); - if (p != NULL) - *p = '\0'; - - char *ret = strdup(line); - memset(line, '\0', sizeof (line)); - if (!ret) { - fprintf(stderr, "Could not read passphrase.\n"); - return NULL; - } - return ret; -} - static int sign_blob(cms_context *cms, SECItem *sigitem, SECItem *sign_content) { @@ -216,7 +173,7 @@ sign_blob(cms_context *cms, SECItem *sigitem, SECItem *sign_content) if (!oid) goto err; - PK11_SetPasswordFunc(cms->func ? cms->func : getpw); + PK11_SetPasswordFunc(cms->func ? cms->func : readpw); SECKEYPrivateKey *privkey = PK11_FindKeyByAnyCert(cms->cert, cms->pwdata ? cms->pwdata : NULL); if (!privkey) { -- 1.7.12.1