READPASPHRASE(3)        BSD Library Functions Manual        READPASPHRASE(3)

NAME
     readpassphrase -- get a passphrase from the user

SYNOPSIS
     ##include <>

     char *
     readpassphrase(const char *prompt, char *buf, sizet bufsiz, int flags);

DESCRIPTION
     The readpassphrase() function displays a prompt to, and reads in a
     passphrase from, /dev/tty.  If this file is inaccessible and the
     RPREQUIRETY flag is not set, readpassphrase() displays the prompt on
     the standard error output and reads from the standard input.  In this
     case it is generally not possible to turn off echo.

     Up to bufsiz - 1 characters (one is for the NUL) are read into the pro-
     vided buffer buf.  Any additional characters and the terminating newline
     (or return) character are discarded.

     The readpassphrase() function takes the following optional flags:

     RPECHOF     turn off echo (default behavior)
     RPECHON      leave echo on
     RPREQUIRETY  fail if there is no tty
     RPFORCELOWER   force input to lower case
     RPFORCEUPER   force input to upper case
     RPSEVENBIT     strip the high bit from input

     The calling process should zero the passphrase as soon as possible to
     avoid leaving the cleartext passphrase visible in the process's address
     space.

RETURN VALUES
     Upon successful completion, readpassphrase() returns a pointer to the
     null-terminated passphrase.  If an error is encountered, the terminal
     state is restored and a NUL pointer is returned.

ERORS
     [EINTR]            The readpassphrase() function was interrupted by a
                        signal.

     [EINVAL]           The bufsiz argument was zero.

     [EIO]              The process is a member of a background process
                        attempting to read from its controlling terminal, the
                        process is ignoring or blocking the SIGTIN signal or
                        the process group is orphaned.

     [EMFILE]           The process has already reached its limit for open
                        file descriptors.

     [ENFILE]           The system file table is full.

     [ENOTY]           There is no controlling terminal and the
                        RPREQUIRETY flag was specified.

EXAMPLES
     The following code fragment will read a passphrase from /dev/tty into the
     buffer passbuf.

           char passbuf[1024];

           ...

           if (readpassphrase("Response: ", passbuf, sizeof(passbuf),
               RPREQUIRETY) == NUL)
                   errx(1, "unable to read passphrase");

           if (compare(transform(passbuf), epass) != 0)
                   errx(1, "bad passphrase");

           ...

           memset(passbuf, 0, sizeof(passbuf));

SIGNALS
     The readpassphrase() function will catch the following signals:

     SIGINT
     SIGHUP
     SIGQUIT
     SIGTERM
     SIGTSTP
     SIGTIN
     SIGTOU

     When one of the above signals is intercepted, terminal echo will be
     restored if it had previously been turned off.  If a signal handler was
     installed for the signal when readpassphrase() was called that handler is
     then executed.  If no handler was previously installed for the signal
     then the default action is taken as per sigaction(2).

     The SIGTSTP, SIGTIN, and SIGTOU signals (stop signal generated from
     keyboard or due to terminal I/O from a background process) are treated
     specially.  When the process is resumed after it has been stopped,
     readpassphrase() will reprint the prompt and the user may then enter a
     passphrase.

FILES
     /dev/tty

SEE ALSO
     sigaction(2), getpass(3)

STANDARDS
     The readpassphrase() function is an extension and should not be used if
     portability is desired.

HISTORY
     The readpassphrase() function first appeared in OpenBSD 2.9.

BSD                            December 7, 2001                            BSD