2 -- SPDX-License-Identifier: BSD-2-Clause-FreeBSD
4 -- Copyright (c) 2015 Pedro Souza <pedrosouza@freebsd.org>
5 -- Copyright (C) 2018 Kyle Evans <kevans@FreeBSD.org>
6 -- All rights reserved.
8 -- Redistribution and use in source and binary forms, with or without
9 -- modification, are permitted provided that the following conditions
11 -- 1. Redistributions of source code must retain the above copyright
12 -- notice, this list of conditions and the following disclaimer.
13 -- 2. Redistributions in binary form must reproduce the above copyright
14 -- notice, this list of conditions and the following disclaimer in the
15 -- documentation and/or other materials provided with the distribution.
17 -- THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
18 -- ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 -- IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 -- ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
21 -- FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 -- DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 -- OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 -- HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 -- LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 -- OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 local core = require("core")
33 local screen = require("screen")
38 function password.read()
43 local ch = io.getchar()
44 if ch == core.KEY_ENTER then
47 -- XXX TODO: Evaluate if we really want this or not, as a
48 -- security consideration of sorts
49 if ch == core.KEY_BACKSPACE or ch == core.KEY_DELETE then
52 -- loader.printc("\008 \008")
57 str = str .. string.char(ch)
64 function password.check()
67 -- pwd is optionally supplied if we want to check it
68 local function do_prompt(prompt, pwd)
71 local read_pwd = password.read()
72 if pwd == nil or pwd == read_pwd then
73 -- Throw an extra newline after password prompt
77 print("\n\nloader: incorrect password!\n")
78 loader.delay(3*1000*1000)
81 local function compare(prompt, pwd)
85 do_prompt(prompt, pwd)
88 local boot_pwd = loader.getenv("bootlock_password")
89 compare("Boot password: ", boot_pwd)
91 local geli_prompt = loader.getenv("geom_eli_passphrase_prompt")
92 if geli_prompt ~= nil and geli_prompt:lower() == "yes" then
93 local passphrase = do_prompt("GELI Passphrase: ")
94 loader.setenv("kern.geom.eli.passphrase", passphrase)
97 local pwd = loader.getenv("password")
101 compare("Password: ", pwd)