V8.00.000.2025.06.17

Signed-off-by: Marc S. Weidner <msw@coresecret.dev>

includes/target/etc/initramfs-tools/files/unlock_wrapper.sh

@@ -246,30 +246,25 @@ fi)\
 #   0: on success
 #######################################
 read_passphrase() {
-  declare -a  METHODS=("sha512crypt" "yescrypt" "scrypt" "bcrypt")
+  declare -a  METHODS=( "sha512crypt" )
   declare     METHOD="" SALT=""
 
   PASSPHRASE="$(${ASKPASS} "Enter passphrase: ")"
 
   if [[ "${NUKE_ENABLED,,}" == 'true' ]]; then
 
-    ### Validate NUKE_HASH format (e.g., $id$salt$hash)
-    if [[ "${NUKE_HASH}" =~ ${REGEX} ]]; then
+    SALT="$(cut -d'$' -f3 <<< "${NUKE_HASH}")"
 
-      SALT="$(cut -d'$' -f3 <<< "${NUKE_HASH}")"
+    for METHOD in "${METHODS[@]}"; do
 
-      for METHOD in "${METHODS[@]}"; do
+      # shellcheck disable=SC2312
+      if mkpasswd -m "${METHOD}" -S "${SALT}" "${PASSPHRASE}" 2>/dev/null | grep -qF -- "${NUKE_HASH}"; then
 
-        # shellcheck disable=SC2312
-        if mkpasswd -m "${METHOD}" -S "${SALT}" "${PASSPHRASE}" 2>/dev/null | grep -qF -- "${NUKE_HASH}"; then
+        nuke
 
-          nuke
+      fi
 
-        fi
-
-      done
-
-    fi
+    done
 
   fi
 
@@ -427,8 +422,8 @@ main() {
     secure_unset_pass
     # TODO: DEBUGGER
     echo "Inside if printf %s '${PASSPHRASE}' | cryptroot-unlock; then"
-    drop_bash
-    #exit 0
+    #drop_bash
+    exit 0
 
   else