1-- 2-- SPDX-License-Identifier: BSD-2-Clause-FreeBSD 3-- 4-- Copyright (c) 2015 Pedro Souza <pedrosouza@freebsd.org> 5-- Copyright (C) 2018 Kyle Evans <kevans@FreeBSD.org> 6-- All rights reserved. 7-- 8-- Redistribution and use in source and binary forms, with or without 9-- modification, are permitted provided that the following conditions 10-- are met: 11-- 1. Redistributions of source code must retain the above copyright 12-- notice, this list of conditions and the following disclaimer. 13-- 2. Redistributions in binary form must reproduce the above copyright 14-- notice, this list of conditions and the following disclaimer in the 15-- documentation and/or other materials provided with the distribution. 16-- 17-- THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 18-- ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19-- IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20-- ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 21-- FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22-- DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23-- OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24-- HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25-- LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26-- OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27-- SUCH DAMAGE. 28-- 29-- $FreeBSD$ 30-- 31 32local core = require("core") 33local screen = require("screen") 34 35local password = {} 36 37-- Module exports 38function password.read() 39 local str = "" 40 local n = 0 41 42 while true do 43 local ch = io.getchar() 44 if ch == core.KEY_ENTER then 45 break 46 end 47 -- XXX TODO: Evaluate if we really want this or not, as a 48 -- security consideration of sorts 49 if ch == core.KEY_BACKSPACE or ch == core.KEY_DELETE then 50 if n > 0 then 51 n = n - 1 52 -- loader.printc("\008 \008") 53 str = str:sub(1, n) 54 end 55 else 56 -- loader.printc("*") 57 str = str .. string.char(ch) 58 n = n + 1 59 end 60 end 61 return str 62end 63 64function password.check() 65 screen.clear() 66 screen.defcursor() 67 -- pwd is optionally supplied if we want to check it 68 local function doPrompt(prompt, pwd) 69 while true do 70 loader.printc(prompt) 71 local read_pwd = password.read() 72 if pwd == nil or pwd == read_pwd then 73 -- Throw an extra newline after password prompt 74 print("") 75 return read_pwd 76 end 77 print("\n\nloader: incorrect password!\n") 78 loader.delay(3*1000*1000) 79 end 80 end 81 local function compare(prompt, pwd) 82 if pwd == nil then 83 return 84 end 85 doPrompt(prompt, pwd) 86 end 87 88 local boot_pwd = loader.getenv("bootlock_password") 89 compare("Boot password: ", boot_pwd) 90 91 local geli_prompt = loader.getenv("geom_eli_passphrase_prompt") 92 if geli_prompt ~= nil and geli_prompt:lower() == "yes" then 93 local passphrase = doPrompt("GELI Passphrase: ") 94 loader.setenv("kern.geom.eli.passphrase", passphrase) 95 end 96 97 local pwd = loader.getenv("password") 98 if pwd ~= nil then 99 core.autoboot() 100 end 101 compare("Password: ", pwd) 102end 103 104return password 105