NAME

SYNOPSIS

int
des_read_pw(char *buf, char *buff, int length, const char *prompt, int verify);

int
des_read_pw_string(char *buf, int length, const char *prompt, int verify);

#include <openssl/evp.h>

int
EVP_read_pw_string(char *buf, int length, const char *prompt, int verify);

int
EVP_read_pw_string_min(char *buf, int min_length, int length, const char *prompt, int verify);

DESCRIPTION

The DES library contained a few routines to prompt for passwords. These aren't necessarily dependent on DES, and have therefore become part of the UI compatibility library.

des_read_pw() writes the string specified by prompt to standard output, turns echo off, and reads an input string from the terminal. The string is returned in buf, which must have space for at least length bytes. If verify is set, the user is asked for the password twice and unless the two copies match, an error is returned. The second password is stored in buff, which must therefore also be at least length bytes.

des_read_pw_string() is a variant of des_read_pw() that provides a buffer if verify is set. It is available in the MIT Kerberos library as well. If length exceeds BUFSIZ, des_read_pw_string() uses BUFSIZ.

EVP_read_pw_string() and EVP_read_pw_string_min() are functionally similar to des_read_pw_string(). EVP_read_pw_string_min() additionally checks that the password is at least min_length bytes long.

RETURN VALUES

They return -1 if length is less than or equal to zero or on memory allocation failure. They return -1 or -2 if the internal call to UI_process(3) fails.

In addition, EVP_read_pw_string_min returns -1 if min_length is negative, if length is less than or equal to min_length, or if the user entered a password shorter than min_length.

SEE ALSO

HISTORY

EVP_read_pw_string_min() first appeared in OpenSSL 1.0.0 and has been available since OpenBSD 4.9.

AUTHORS