1-- 2-- Copyright (c) 2015 Pedro Souza <[email protected]> 3-- Copyright (C) 2018 Kyle Evans <[email protected]> 4-- All rights reserved. 5-- 6-- Redistribution and use in source and binary forms, with or without 7-- modification, are permitted provided that the following conditions 8-- are met: 9-- 1. Redistributions of source code must retain the above copyright 10-- notice, this list of conditions and the following disclaimer. 11-- 2. Redistributions in binary form must reproduce the above copyright 12-- notice, this list of conditions and the following disclaimer in the 13-- documentation and/or other materials provided with the distribution. 14-- 15-- THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 16-- ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 17-- IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 18-- ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 19-- FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 20-- DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 21-- OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 22-- HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 23-- LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 24-- OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 25-- SUCH DAMAGE. 26-- 27-- $FreeBSD$ 28-- 29 30local core = require("core"); 31local screen = require("screen"); 32 33local password = {}; 34 35function password.read() 36 local str = ""; 37 local n = 0; 38 39 repeat 40 ch = io.getchar(); 41 if (ch == core.KEY_ENTER) then 42 break; 43 end 44 -- XXX TODO: Evaluate if we really want this or not, as a 45 -- security consideration of sorts 46 if (ch == core.KEY_BACKSPACE) or (ch == core.KEY_DELETE) then 47 if (n > 0) then 48 n = n - 1; 49 -- loader.printc("\008 \008"); 50 str = str:sub(1, n); 51 end 52 else 53 -- loader.printc("*"); 54 str = str .. string.char(ch); 55 n = n + 1; 56 end 57 until (n == 16); 58 return str; 59end 60 61function password.check() 62 screen.clear(); 63 screen.defcursor(); 64 -- pwd is optionally supplied if we want to check it 65 local function do_prompt(prompt, pwd) 66 while (true) do 67 loader.printc(prompt); 68 local read_pwd = password.read(); 69 if (not pwd) or (pwd == read_pwd) then 70 -- Throw an extra newline after password prompt 71 print(""); 72 return read_pwd; 73 end 74 print("\n\nloader: incorrect password!\n"); 75 loader.delay(3*1000*1000); 76 end 77 end 78 local function compare(prompt, pwd) 79 if (pwd == nil) then 80 return; 81 end 82 do_prompt(prompt, pwd); 83 end 84 85 local boot_pwd = loader.getenv("bootlock_password"); 86 compare("Boot password: ", boot_pwd); 87 88 local geli_prompt = loader.getenv("geom_eli_passphrase_prompt"); 89 if (geli_prompt ~= nil) and (geli_prompt:lower() == "yes") then 90 local passphrase = do_prompt("GELI Passphrase: "); 91 loader.setenv("kern.geom.eli.passphrase", passphrase); 92 end 93 94 local pwd = loader.getenv("password"); 95 if (pwd ~= nil) then 96 core.autoboot(); 97 end 98 compare("Password: ", pwd); 99end 100 101return password; 102