xref: /freebsd/stand/lua/password.lua (revision eb69d1f144a6fcc765d1b9d44a5ae8082353e70b) 
1--
2-- Copyright (c) 2015 Pedro Souza <pedrosouza@freebsd.org>
3-- All rights reserved.
4--
5-- Redistribution and use in source and binary forms, with or without
6-- modification, are permitted provided that the following conditions
7-- are met:
8-- 1. Redistributions of source code must retain the above copyright
9--    notice, this list of conditions and the following disclaimer.
10-- 2. Redistributions in binary form must reproduce the above copyright
11--    notice, this list of conditions and the following disclaimer in the
12--    documentation and/or other materials provided with the distribution.
13--
14-- THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
15-- ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16-- IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17-- ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
18-- FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19-- DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
20-- OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21-- HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22-- LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23-- OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
24-- SUCH DAMAGE.
25--
26-- $FreeBSD$
27--
28
29local password = {};
30
31local core = require("core");
32local screen = require("screen");
33
34function password.read()
35	local str = "";
36	local n = 0;
37
38	repeat
39		ch = io.getchar();
40		if (ch == core.KEY_ENTER) then
41			break;
42		end
43		-- XXX TODO: Evaluate if we really want this or not, as a
44		-- security consideration of sorts
45		if (ch == core.KEY_BACKSPACE) or (ch == core.KEY_DELETE) then
46			if (n > 0) then
47				n = n - 1;
48				-- loader.printc("\008 \008");
49				str = str:sub(1, n);
50			end
51		else
52			-- loader.printc("*");
53			str = str .. string.char(ch);
54			n = n + 1;
55		end
56	until (n == 16);
57	return str;
58end
59
60function password.check()
61	screen.defcursor();
62	-- pwd is optionally supplied if we want to check it
63	local function do_prompt(prompt, pwd)
64		while (true) do
65			loader.printc(prompt);
66			local read_pwd = password.read();
67			if (not pwd) or (pwd == read_pwd) then
68				-- Throw an extra newline after password prompt
69				print("");
70				return read_pwd;
71			end
72			print("\n\nloader: incorrect password!\n");
73			loader.delay(3*1000*1000);
74		end
75	end
76	local function compare(prompt, pwd)
77		if (pwd == nil) then
78			return;
79		end
80		do_prompt(prompt, pwd);
81	end
82
83	local boot_pwd = loader.getenv("bootlock_password");
84	compare("Boot password: ", boot_pwd);
85
86	local geli_prompt = loader.getenv("geom_eli_passphrase_prompt");
87	if (geli_prompt ~= nil) and (geli_prompt:lower() == "yes") then
88		local passphrase = do_prompt("GELI Passphrase: ");
89		loader.setenv("kern.geom.eli.passphrase", passphrase);
90	end
91
92	local pwd = loader.getenv("password");
93	if (pwd ~= nil) then
94		core.autoboot();
95	end
96	compare("Password: ", pwd);
97end
98
99return password;
100