aboutsummaryrefslogblamecommitdiffstats
path: root/src/passphrase.c
blob: 3fbdb6803c55a36c3355d0a92a0664c341884bea (plain) (tree)
1
2
3
4
   
                                                                      
   
                                                                           













                                                                        



                    
                   
 





                                  
                                                         



                                 
      

 
                          
                                                                    
 

                                             
         
                                  
                                 
                                   



              
                                                                                       


      



                                                                                      

                                                    
     
                                      




                              
                                                                           
                                
                                         
       
                                              

        

 


                                  
                                                                      
   
                           
 
                                                           
                                     











                                                             

        
                 
                
  
                                                          








                                                                  














































                                                                          

                                           
                              
                          
                                          
                          







                                           
                                            

                                           
                                
                          

                                                 
                          
                                              





                               
                                      
                                                              
                          

                                                     
                                                             



                                     
                                             

                            
                                  

                                       
                                                                                          


                                      
                             
                                                         
                                                

                                                        



                                           

                                           
                                    
                          
                                                  





                                                  




                                               























                                                                         




                                               










                                                   
                                                            
                                               
                                              

                                                  












                                                                         
                                


                                                               


                              



                                     
                                       
                       
                                


                         
                       
      
             
                                 
                               
                                  
     
                                  


                   
                          
             
                                                                               


                            











                                               
                                                                                                             
                

                                                                                                 

           





                                
                                                         
                        
      



            





                                                                                                             











                                                                                          
                                                  





                                                       
   
                                                                                            
   
                                  
 
                                                         

                      

                                 
                                  
                                                        
                                    
      
                                            
      



   
                                                
   
                                   
 
                                                         
                                                  
      

 

                           
/**
 * libpassphrase – Personalisable library for TTY passphrase reading
 * 
 * Copyright © 2013, 2014, 2015  Mattias Andrée (maandree@member.fsf.org)
 * 
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 * 
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 * 
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
#include <stdlib.h>
#include <stdio.h>
#include <termios.h>
#include <unistd.h>
#include <signal.h>

#include "passphrase.h"


#define START_PASSPHRASE_LIMIT  32


#if !defined(PASSPHRASE_ECHO) || defined(PASSPHRASE_MOVE)
/**
 * The original TTY settings
 */
static struct termios saved_stty;
#endif


#ifndef PASSPHRASE_REALLOC
static char* xrealloc(char* array, size_t cur_size, size_t new_size)
{
  char* rc = malloc(new_size * sizeof(char));
  size_t i;
  if (rc)
    for (i = 0; i < cur_size; i++)
	*(rc + i) = *(array + i);
  passphrase_wipe(array, cur_size);
  free(array);
  return rc;
}
#else
#define xrealloc(array, _cur_size, new_size)  realloc(array, (new_size) * sizeof(char))
#endif


#if defined(PASSPHRASE_MOVE) && !defined(PASSPHRASE_STAR) && !defined(PASSPHRASE_ECHO)
#  define xprintf(...)  /* do nothing */
#  define xflush()      /* do nothing */
#elif defined(PASSPHRASE_MOVE) || defined(PASSPHRASE_STAR)
#  define xprintf(...)  fprintf(stderr, __VA_ARGS__)
#  define xflush()      fflush(stderr)
#else
#  define xflush()      fflush(stderr)
#endif


#ifdef PASSPHRASE_MOVE
#  if defined(PASSPHRASE_STAR)
#    define xputchar(C)  ({ if ((C & 0xC0) != 0x80)  fputc('*', stderr); })
#  elif defined(PASSPHRASE_ECHO)
#    define xputchar(C)  fputc(C, stderr)
#  else
#    define xputchar(C)  ({ /* be silent */ })
#  endif
#endif


/**
 * Reads the passphrase from stdin
 * 
 * @return  The passphrase, should be wiped `free`:ed, `NULL` on error
 */
char* passphrase_read(void)
{
  char* rc = malloc(START_PASSPHRASE_LIMIT * sizeof(char));
  long size = START_PASSPHRASE_LIMIT;
  long len =  0;
#ifdef PASSPHRASE_MOVE
  long point = 0;
  long i = 0;
#  ifdef PASSPHRASE_OVERRIDE
#    if defined(PASSPHRASE_INSERT) && defined(DEFAULT_INSERT)
  char insert = 1;
#    elif defined(PASSPHRASE_INSERT)
  char insert = 0;
#    endif
#  endif
#endif
  int c;
  
  if (rc == NULL)
    return NULL;
  
  /* Read password until EOF or Enter, skip all \0 as that
     is probably not a part of the passphrase (good luck typing
     that in X.org) and can be echoed into stdin by the kernel. */
  for (;;)
    {
      c = getchar();
      if ((c < 0) || (c == '\n'))
	break;
      if (c != 0)
        {
#if defined(PASSPHRASE_MOVE)
	  /* \e[1~  \eOH  ^A  -1  home   */
	  /* \e[2~            -2  insert */
	  /* \e[3~  ^D        -3  delete */
	  /* \e[4~  \eOF  ^E  -4  end    */
	  /* \8     \127      -5  erase  */
	  /* \e[C   ^F        -6  right  */
	  /* \e[D   ^B        -7  left   */
	  int cc = 0;
#ifdef PASSPHRASE_DEDICATED
	  if (c == '\033')
	    {
	      c = getchar();
	      if (c == 'O')
		{
		  c = getchar();
		  if      (c == 'H')  cc = -1;
		  else if (c == 'F')  cc = -4;
		}
	      else if (c == '[')
		{
		  c = getchar();
		  if      (c == 'C')  cc = -6;
		  else if (c == 'D')  cc = -7;
		  else if (('1' <= c) && (c <= '4') && (getchar() == '~'))
		    cc = -(c - '0');
		}
	    }
	  else
#endif
	    if ((c == 8) || (c == 127))
	      cc = -5;
	    else if ((c < 0) || (c >= ' '))
	      cc = ((int)c) & 255;
#ifdef PASSPHRASE_CONTROL
	    else if (c == 'A' - '@')  cc = -1;
	    else if (c == 'B' - '@')  cc = -7;
	    else if (c == 'D' - '@')  cc = -3;
	    else if (c == 'E' - '@')  cc = -4;
	    else if (c == 'F' - '@')  cc = -6;
#endif
	  
	  if (cc > 0)
	    {
	      c = (char)cc;
	      if (point == len)
		{
#pragma GCC diagnostic push
#pragma GCC diagnostic ignored "-Wpedantic"
		  xputchar(c);
#pragma GCC diagnostic pop
		  *(rc + len++) = (char)c;
		  point++;
		}
#ifdef PASSPHRASE_INSERT
	      else
#ifdef PASSPHRASE_OVERRIDE
		if (insert)
#endif
		  {
		    if ((c & 0xC0) != 0x80)
		      { xprintf("\033[@"); }
#pragma GCC diagnostic push
#pragma GCC diagnostic ignored "-Wpedantic"
		    xputchar(c);
#pragma GCC diagnostic pop
		    for (i = len; i > point; i--)
		      *(rc + i) = *(rc + i - 1);
		    len++;
		    *(rc + point++) = (char)c;
		  }
#endif
#ifdef PASSPHRASE_OVERRIDE
		else
		  {
		    long n = 1;
		    char cn = (char)c;
		    while ((*(rc + point + n) & 0xC0) == 0x80)
		      n++;
		    for (i = point + n; i < len; i++)
		      *(rc + i - n) = *(rc + i);
		    passphrase_wipe(rc + len - n, (size_t)n);
		    len -= n;
		    n = 0;
		    while (cn & 0x80)
		      {
			cn = (char)(cn << 1);
			n++;
		      }
		    n = n ? n : 1;
		    if (len + n > size)
		      {
			if ((rc = xrealloc(rc, (size_t)size, (size_t)size << 1L)) == NULL)
			  return NULL;
			size <<= 1L;
		      }
		    len += n;
		    for (i = len - 1; i > point + n; i--)
		      *(rc + i) = *(rc + i - n);
		    if (len - 1 >= point + n)
		      *(rc + point + n) = *(rc + point);
		    for (i = 0; i < n; i++)
		      {
			if (i)
			  c = getchar();
#pragma GCC diagnostic push
#pragma GCC diagnostic ignored "-Wpedantic"
			xputchar(c);
#pragma GCC diagnostic pop
			*(rc + point++) = (char)c;
		      }
		  }
#endif
	    }
	  else if ((cc == -1) && point) /* home */
	    {
	      long n = 0;
	      for (i = 0; i < point; i++)
		if ((*(rc + i) & 0xC0) != 0x80)
		  n++;
	      xprintf("\033[%liD", n);
	      point = 0;
	    }
#if defined(PASSPHRASE_INSERT) && defined(PASSPHRASE_OVERRIDE)
	  else if (cc == -2) /* insert */
	    insert ^= 1;
#endif
#ifdef PASSPHRASE_DELETE
	  else if ((cc == -3) && (len != point)) /* delete */
	    {
	      xprintf("\033[P");
#ifdef PASSPHRASE_INVALID
	      *(rc + len) = 0;
#endif
	      do
		{
		  for (i = point; i < len; i++)
		    *(rc + i) = *(rc + i + 1);
		  len--;
		}
	      while ((len != point) && ((*(rc + point) & 0xC0) == 0x80));
	    }
#endif
	  else if ((cc == -4) && (len != point)) /* end */
	    {
	      long n = 0;
	      for (i = point; i < len; i++)
		if ((*(rc + i) & 0xC0) != 0x80)
		  n++;
	      xprintf("\033[%liC", n);
	      point = len;
	    }
	  else if ((cc == -5) && point) /* erase */
	    {
	      char redo = 1;
	      xprintf("\033[D\033[P");
#ifdef PASSPHRASE_INVALID
	      *(rc + len) = 0;
#endif
	      while (redo)
		{
		  redo = (*(rc + point - 1) & 0xC0) == 0x80;
		  for (i = point; i < len; i++)
		    *(rc + i - 1) = *(rc + i);
		  if (point <= len)
		    *(rc + len - 1) = *(rc + len);
		  point--;
		  len--;
		}
	    }
	  else if ((cc == -6) && (len != point)) /* right */
	    {
	      xprintf("\033[C");
	      do
		point++;
	      while ((len != point) && ((*(rc + point) & 0xC0) == 0x80));
	    }
	  else if ((cc == -7) && point) /* left */
	    {
	      xprintf("\033[D");
	      point--;
	      while (point && ((*(rc + point) & 0xC0) == 0x80))
	        point--;
	    }
	  
#elif defined(PASSPHRASE_STAR)
	  if ((c == 8) || (c == 127))
	    {
	      if (len == 0)
		continue;
	      xprintf("\033[D \033[D");
	      xflush();
	      *(rc + --len) = 0;
#ifdef DEBUG
	      goto debug;
#else
	      continue;
#endif
	    }
	  if ((c & 0xC0) != 0x80)
	    fputc('*', stderr);
	  *(rc + len++) = (char)c;
#else
	  *(rc + len++) = (char)c;
#endif
	  
	  xflush();
	  if (len == size)
	    {
	      if ((rc = xrealloc(rc, (size_t)size, (size_t)size << 1)) == NULL)
		return NULL;
	      size <<= 1L;
	    }

#ifdef DEBUG
#pragma GCC diagnostic push
#pragma GCC diagnostic ignored "-Wunused-label"
	debug:
	  {
	    long n = 0;
	    for (i = point; i < len; i++)
	      if ((*(rc + i) & 0xC0) != 0x80)
		n++;
	    *(rc + len) = 0;
	    if (n)
	      fprintf(stderr, "\033[s\033[H\033[K%s\033[%liD\033[01;34m%s\033[00m\033[u", rc, n, rc + point);
	    else
	      fprintf(stderr, "\033[s\033[H\033[K%s\033[01;34m%s\033[00m\033[u", rc, rc + point);
	    fflush(stderr);
	  }
#endif
	}
    }
  
  /* NUL-terminate passphrase */
  *(rc + len) = 0;
  
#if !defined(PASSPHRASE_ECHO) || defined(PASSPHRASE_MOVE)
  fprintf(stderr, "\n");
#endif
  return rc;
}


# pragma GCC diagnostic push
# pragma GCC diagnostic ignored "-Wsuggest-attribute=const"
# pragma GCC diagnostic ignored "-Wsuggest-attribute=pure"
/* Must positively absolutely not be flagged as possible to optimise away as it depends on configurations,
   and programs that uses this library must not be forced to be recompiled if the library is reconfigured. */


/**
 * Used to make sure that `passphrase_wipe` is not optimised away even within this library
 */
volatile sig_atomic_t passphrase_wipe_volatile = 1;

/**
 * Forcable write NUL characters to a passphrase
 * 
 * @param  ptr  The password to wipe
 * @param  n    The number of characters to wipe
 */
void passphrase_wipe(volatile char* ptr, size_t n)
{
  size_t i;
  for (i = 0; (i < n) && passphrase_wipe_volatile; i++)
    *(ptr + i) = 0;
}

/**
 * Disable echoing and do anything else to the terminal settnings `passphrase_read` requires
 */
void passphrase_disable_echo(void)
{
#if !defined(PASSPHRASE_ECHO) || defined(PASSPHRASE_MOVE)
  struct termios stty;
  
  tcgetattr(STDIN_FILENO, &stty);
  saved_stty = stty;
  stty.c_lflag &= (tcflag_t)~ECHO;
#if defined(PASSPHRASE_STAR) || defined(PASSPHRASE_MOVE)
  stty.c_lflag &= (tcflag_t)~ICANON;
#endif
  tcsetattr(STDIN_FILENO, TCSAFLUSH, &stty);
#endif
}


/**
 * Undo the actions of `passphrase_disable_echo`
 */
void passphrase_reenable_echo(void)
{
#if !defined(PASSPHRASE_ECHO) || defined(PASSPHRASE_MOVE)
  tcsetattr(STDIN_FILENO, TCSAFLUSH, &saved_stty);
#endif
}

# pragma GCC diagnostic pop