PawletOS/android_bootable_recovery
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add support for multi-user decryption

Browse Source 
* Add CLI support using the command "twrp decrypt <PASSWORD> [USER ID]"
* Add GUI support using the menu Advanced --> Decrypt User

Change-Id: Id2681bc2b1012a0571417f7a6e0b980b1b25c61c
(cherry picked from commit 5a79f67a1b1bd1bcadeca0a4896a871646652534)
This commit is contained in:
Noah Jacobson
2019-04-28 00:10:07 -04:00
committed by bigbiff
parent 784073e9fe
commit 0b25b1d79b
18 changed files with 640 additions and 655 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
crypto/ext4crypt/Decrypt.cpp
View File

@@ -549,13 +549,16 @@ std::string unwrapSyntheticPasswordBlob(const std::string& spblob_path, const st
std::string disk_decryption_secret_key = "";
std::string keystore_alias_subid;
if (!Find_Keystore_Alias_SubID_And_Prep_Files(user_id, keystore_alias_subid, handle_str)) {
printf("failed to scan keystore alias subid and prep keystore files\n");
return disk_decryption_secret_key;
}
// Can be stored in user 0, so check for both.
if (!Find_Keystore_Alias_SubID_And_Prep_Files(user_id, keystore_alias_subid, handle_str) &&
!Find_Keystore_Alias_SubID_And_Prep_Files(0, keystore_alias_subid, handle_str))
{
printf("failed to scan keystore alias subid and prep keystore files\n");
return disk_decryption_secret_key;
}
// First get the keystore service
sp<IBinder> binder = getKeystoreBinderRetry();
sp<IBinder> binder = getKeystoreBinderRetry();
#ifdef USE_KEYSTORAGE_4
sp<IKeystoreService> service = interface_cast<IKeystoreService>(binder);
#else
@@ -1165,15 +1168,15 @@ bool Decrypt_User_Synth_Pass(const userid_t user_id, const std::string& Password
printf("e4crypt_unlock_user_key returned fail\n");
return Free_Return(retval, weaver_key, &pwd);
}
#ifdef USE_KEYSTORAGE_4
/*#ifdef USE_KEYSTORAGE_4
if (!e4crypt_prepare_user_storage("", user_id, 0, flags)) {
#else
if (!e4crypt_prepare_user_storage(nullptr, user_id, 0, flags)) {
#endif
printf("failed to e4crypt_prepare_user_storage\n");
return Free_Return(retval, weaver_key, &pwd);
}
printf("Decrypted Successfully!\n");
}*/
printf("User %i Decrypted Successfully!\n", user_id);
retval = true;
return Free_Return(retval, weaver_key, &pwd);
}
@@ -1255,15 +1258,15 @@ bool Decrypt_User(const userid_t user_id, const std::string& Password) {
printf("e4crypt_unlock_user_key returned fail\n");
return false;
}
#ifdef USE_KEYSTORAGE_4
/*#ifdef USE_KEYSTORAGE_4
if (!e4crypt_prepare_user_storage("", user_id, 0, flags)) {
#else
if (!e4crypt_prepare_user_storage(nullptr, user_id, 0, flags)) {
#endif
printf("failed to e4crypt_prepare_user_storage\n");
return false;
}
printf("Decrypted Successfully!\n");
}*/
printf("User %i Decrypted Successfully!\n", user_id);
return true;
}
if (stat("/data/system_de/0/spblob", &st) == 0) {
@@ -1343,14 +1346,14 @@ bool Decrypt_User(const userid_t user_id, const std::string& Password) {
printf("e4crypt_unlock_user_key returned fail\n");
return false;
}
#ifdef USE_KEYSTORAGE_4
/*#ifdef USE_KEYSTORAGE_4
if (!e4crypt_prepare_user_storage("", user_id, 0, flags)) {
#else
if (!e4crypt_prepare_user_storage(nullptr, user_id, 0, flags)) {
#endif
printf("failed to e4crypt_prepare_user_storage\n");
return false;
}
printf("Decrypted Successfully!\n");
}*/
printf("User %i Decrypted Successfully!\n", user_id);
return true;
}