The site uses this callback routine to check the user-supplied
    password against the UAF record provided as the second argument.
    If the password is valid, the routine returns a 1 in R0; if the
    password is invalid, the routine returns a -4 in R0.