Query for PIN/PUK/mgmt-key if not supplied on command line

Do not force a user to specify the PIN/PUK/mgmt-key on the command line.
Instead, query the user to supply them through stdin when required for
the requested operation.  This is both more user friendly and more
secure, since the secrets do not end up in the shell history and/or
visible to shoulder-surfers on the terminal.

Signed-off-by: Steffan Karger <steffan@karger.me>
This commit is contained in:
Steffan Karger
2015-07-30 23:52:11 +02:00
parent bc6a0d8465
commit 723fe2f405
3 changed files with 73 additions and 28 deletions
+24
View File
@@ -37,6 +37,7 @@
#include <windows.h>
#endif
#include <openssl/evp.h>
#include <openssl/x509.h>
#include <ykpiv.h>
@@ -238,3 +239,26 @@ bool prepare_rsa_signature(const unsigned char *in, unsigned int in_len, unsigne
*out_len = (unsigned int)i2d_X509_SIG(&digestInfo, &out);
return true;
}
bool read_pw(const char *name, char *pwbuf, size_t pwbuflen, int verify) {
#define READ_PW_PROMPT_BASE "Enter %s: "
char prompt[sizeof(READ_PW_PROMPT_BASE) + 32] = {0};
int ret;
if (pwbuflen < 1) {
fprintf(stderr, "Failed to read %s: buffer too small.", name);
return false;
}
ret = snprintf(prompt, sizeof(prompt), READ_PW_PROMPT_BASE, name);
if (ret < 0 || ((unsigned int) ret) > (sizeof(prompt)-1)) {
fprintf(stderr, "Failed to read %s: snprintf failed.\n", name);
return false;
}
if (0 != EVP_read_pw_string(pwbuf, pwbuflen-1, prompt, verify)) {
fprintf(stderr, "Retrieving %s failed.\n", name);
return false;
}
return true;
}