pub fn readpassphrase<'a>(
prompt: &CStr,
buf: &'a mut [u8],
flags: RppFlags,
) -> Result<&'a str, Error>Expand description
Reads a passphrase using readpassphrase(3), returning a &str.
This function reads a password of up to buf.len() - 1 bytes into buf. If the entered
password is longer, it is truncated to the maximum length. If readpasspharse(3) itself fails,
or if the entered password is not valid UTF-8, then Error is returned.
§Security
The passed buffer might contain sensitive data, even if this function returns an error.
Therefore it should be zeroed as soon as possible. This can be achieved, for example, with
zeroize::Zeroizing:
use zeroize::Zeroizing;
let mut buf = Zeroizing::new(vec![0u8; PASSWORD_LEN]);
let pass = readpassphrase(c"Pass: ", &mut buf, RppFlags::default())?;Examples found in repository?
examples/owned.rs (line 15)
12fn main() -> Result<(), Error> {
13 let mut buf = vec![0u8; PASSWORD_LEN];
14 let pass =
15 Zeroizing::new(readpassphrase(c"Password: ", &mut buf, RppFlags::ECHO_ON)?.to_string());
16 let mut buf = Some(buf);
17 loop {
18 let mut res = readpassphrase_owned(
19 c"Confirmation: ",
20 buf.take().unwrap(),
21 RppFlags::REQUIRE_TTY,
22 )?;
23 if *pass == res {
24 res.zeroize();
25 break;
26 }
27 buf = Some(res.into());
28 }
29 Ok(())
30}More examples
examples/inplace.rs (line 17)
14fn main() {
15 let mut buf = Zeroizing::new(vec![0u8; PASSWORD_LEN]);
16 let password = Zeroizing::new(
17 readpassphrase(c"Password: ", &mut buf, RppFlags::empty())
18 .expect("failed reading passphrase")
19 .to_string(),
20 );
21 for _ in 0..5 {
22 let confirm = readpassphrase(c"Confirmation: ", &mut buf, RppFlags::REQUIRE_TTY)
23 .expect("failed reading confirmation");
24 if *password == confirm {
25 eprintln!("Passwords match.");
26 return;
27 }
28 eprintln!("Passwords don’t match.");
29 }
30 eprintln!("Too many attempts.");
31 exit(1);
32}