Move the password reading functions completely away from the DES

section.

Add ui_compat.h for inclusion by those who want the old functions and
provide all of them, not just the higher-level ones, in ui_compat.c.

crypto/des/des.h

@@ -207,12 +207,6 @@ DES_LONG des_quad_cksum(const unsigned char *input,des_cblock output[],
 			long length,int out_count,des_cblock *seed);
 void des_random_seed(des_cblock *key);
 int des_random_key(des_cblock *ret);
-int des_read_password(des_cblock *key,const char *prompt,int verify);
-int des_read_2passwords(des_cblock *key1,des_cblock *key2,
-			const char *prompt,int verify);
-#if 0
-int des_read_pw_string(char *buf,int length,const char *prompt,int verify);
-#endif
 void des_set_odd_parity(des_cblock *key);
 int des_check_key_parity(const_des_cblock *key);
 int des_is_weak_key(const_des_cblock *key);
@@ -230,9 +224,6 @@ void des_cfb64_encrypt(const unsigned char *in,unsigned char *out,long length,
 		       int enc);
 void des_ofb64_encrypt(const unsigned char *in,unsigned char *out,long length,
 		       des_key_schedule schedule,des_cblock *ivec,int *num);
-#if 0
-int des_read_pw(char *buf,char *buff,int size,const char *prompt,int verify);
-#endif
 /* The following definitions provide compatibility with the MIT Kerberos
  * library. The des_key_schedule structure is not binary compatible. */
 

crypto/ui/Makefile.ssl

@@ -32,7 +32,7 @@ LIBOBJ= ui_err.o ui_lib.o ui_openssl.o $(COMPATOBJ)
 
 SRC= $(LIBSRC)
 
-EXHEADER= ui.h
+EXHEADER= ui.h ui_compat.h
 HEADER=	$(EXHEADER) ui_locl.h
 
 ALL=    $(GENERAL) $(SRC) $(HEADER)

crypto/ui/ui_compat.c

@@ -1,4 +1,5 @@
-/* crypto/ui/ui_compat.c */ /* This was previously crypto/des/read2pwd.c */
+/* crypto/ui/ui_compat.c -*- mode:C; c-file-style: "eay" -*- */
+/* This was previously crypto/des/read2pwd.c and partly crypto/des/read_pwd.c */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -63,15 +64,9 @@ int des_read_password(des_cblock *key, const char *prompt, int verify)
 	{
 	int ok;
 	char buf[BUFSIZ],buff[BUFSIZ];
-	UI *ui;
 
-	ui = UI_new();
-	UI_add_input_string(ui,prompt,0,buf,0,BUFSIZ-1);
-	if (verify)
-		UI_add_verify_string(ui,prompt,0,buff,0,BUFSIZ-1,buf);
-	if ((ok=UI_process(ui)) == 0)
+	if ((ok=des_read_pw(buf,buff,BUFSIZ,prompt,verify)) == 0)
 		des_string_to_key(buf,key);
-	UI_free(ui);
 	memset(buf,0,BUFSIZ);
 	memset(buff,0,BUFSIZ);
 	return(ok);
@@ -82,16 +77,33 @@ int des_read_2passwords(des_cblock *key1, des_cblock *key2, const char *prompt,
 	{
 	int ok;
 	char buf[BUFSIZ],buff[BUFSIZ];
+
+	if ((ok=des_read_pw(buf,buff,BUFSIZ,prompt,verify)) == 0)
+		des_string_to_2keys(buf,key1,key2);
+	memset(buf,0,BUFSIZ);
+	memset(buff,0,BUFSIZ);
+	return(ok);
+	}
+
+int des_read_pw_string(char *buf,int length,const char *prompt,int verify)
+	{
+	char buff[BUFSIZ];
+	int ret;
+
+	ret=des_read_pw(buf,buff,(length>BUFSIZ)?BUFSIZ:length,prompt,verify);
+	memset(buff,0,BUFSIZ);
+	return(ret);
+	}
+
+int des_read_pw(char *buf,char *buff,int size,const char *prompt,int verify)
+	{
 	UI *ui;
 
 	ui = UI_new();
 	UI_add_input_string(ui,prompt,0,buf,0,BUFSIZ-1);
 	if (verify)
 		UI_add_verify_string(ui,prompt,0,buff,0,BUFSIZ-1,buf);
-	if ((ok=UI_process(ui)) == 0)
-		des_string_to_2keys(buf,key1,key2);
+	ok=UI_process(ui);
 	UI_free(ui);
-	memset(buf,0,BUFSIZ);
-	memset(buff,0,BUFSIZ);
 	return(ok);
 	}

crypto/ui/ui_compat.h

@@ -0,0 +1,81 @@
+/* crypto/ui/ui.h -*- mode:C; c-file-style: "eay" -*- */
+/* Written by Richard Levitte (levitte@stacken.kth.se) for the OpenSSL
+ * project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_UI_COMPAT_H
+#define HEADER_UI_COMPAT_H
+
+#include <openssl/ui.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/* The following functions were previously part of the DES section,
+   and are provided here for backward compatibility reasons. */
+
+int des_read_password(des_cblock *key,const char *prompt,int verify);
+int des_read_2passwords(des_cblock *key1,des_cblock *key2,
+	const char *prompt,int verify);
+
+int des_read_pw_string(char *buf,int length,const char *prompt,int verify);
+int des_read_pw(char *buf,char *buff,int size,const char *prompt,int verify);
+
+#ifdef  __cplusplus
+}
+#endif
+#endif