--- pgp/src/passwd.c 2018/04/24 16:37:53 1.1.1.1 +++ pgp/src/passwd.c 2018/04/24 16:41:07 1.1.1.5 @@ -1,7 +1,23 @@ /* passwd.c - Password reading/hashing routines - (c) 1989 Philip Zimmermann. All rights reserved. Implemented in Microsoft C. Routines for getting a pass phrase from the user's console. + + (c) Copyright 1990-1994 by Philip Zimmermann. All rights reserved. + The author assumes no liability for damages resulting from the use + of this software, even if the damage results from defects in this + software. No warranty is expressed or implied. + + Note that while most PGP source modules bear Philip Zimmermann's + copyright notice, many of them have been revised or entirely written + by contributors who frequently failed to put their names in their + code. Code that has been incorporated into PGP from other authors + was either originally published in the public domain or is used with + permission from the various authors. + + PGP is available for free to the public under certain restrictions. + See the PGP User's Guide (included in the release package) for + important information about licensing, patent restrictions on + certain algorithms, trademarks, copyrights, and export controls. */ #include /* for fprintf() */ @@ -24,20 +40,18 @@ boolean showpass = FALSE; */ void hashpass (char *keystring, int keylen, byte *hash) { - MD5_CTX mdContext; - int i; + struct MD5Context mdContext; /* Calculate the hash */ MD5Init(&mdContext); MD5Update(&mdContext, (unsigned char *) keystring, keylen); - MD5Final(&mdContext); - /* Copy it to return variable */ - memcpy(hash, mdContext.digest, 16); -} /* hashpass */ + MD5Final(hash, &mdContext); +} /* hashpass */ /* -** getideakey - get pass phrase from user, hashes it to an IDEA key. +** GetHashedPassPhrase - get pass phrase from user, + hashes it to an IDEA key. Parameters: returns char *keystring as the pass phrase itself return char *hash as the 16-byte hash of the pass phrase @@ -49,29 +63,34 @@ void hashpass (char *keystring, int keyl Return 0 if no characters are input, else return 1. If we return 0, the hashed key will not be useful. */ -int getideakey(char *keystring, char *hash, boolean noecho) -{ char keystr2[MAXKEYLEN+2]; +int GetHashedPassPhrase(char *hash, boolean noecho) +{ char keystr1[MAXKEYLEN+2], keystr2[MAXKEYLEN+2]; int len; if (showpass) noecho = 0; - while (TRUE) { - fprintf(pgpout,PSTR("\nEnter pass phrase: ")); - getstring(keystring,MAXKEYLEN-1,!noecho); + for (;;) { + fprintf(pgpout,LANG("\nEnter pass phrase: ")); + getstring(keystr1,MAXKEYLEN-1,!noecho); if (noecho<2) /* no need to ask again if user can see it */ break; - fprintf(pgpout,PSTR("\nEnter same pass phrase again: ")); + fprintf(pgpout,LANG("\nEnter same pass phrase again: ")); getstring(keystr2,MAXKEYLEN-1,!noecho); - if (strcmp(keystring,keystr2)==0) + if (strcmp(keystr1,keystr2)==0) break; - fprintf(pgpout,PSTR("\n\007Error: Pass phrases were different. Try again.")); + fprintf(pgpout,LANG("\n\007Error: Pass phrases were different. Try again.")); + memset(keystr2, 0, sizeof(keystr2)); } + if (noecho && (filter_mode || quietmode)) + putc('\n', pgpout); - len = strlen(keystring); + len = strlen(keystr1); if (len == 0) return 0; - INTERNAL(keystring); - hashpass (keystring, strlen(keystring), (byte *) hash); + /* We assume ASCII pass phrases, with no charset conversions. */ + /* This will have to change for EBCDIC */ + hashpass (keystr1, strlen(keystr1), (byte *) hash); + memset(keystr1, 0, sizeof(keystr1)); return 1; -} /* getideakey */ +} /* GetHashedPassPhrase */