Add ozip decryption for Oppo/Realme device

This function will automatically decrypt .ozip file in a .zip and it will
save the .zip in the same folder of the .ozip and with the same name.
After the decryption, the flash will start.

To enable this function you have to set a Boardconfig flag with the
decryption key like i did here:

https://github.com/mauronofrio/android_device_realme_RMX1901/commit/a30625f80a31b9b85e4948fc9f9beeb61d5bcb8a

Original projects:
https://github.com/sabpprook/ozip2zip
https://github.com/bkerler/oppo_ozip_decrypt

Change-Id: Ic93243a565008c442bcf2992069b2801532ac7c1
(cherry picked from commit 0ff59845f2f8dddedb4cee9a9faf86a6294cce66)
This commit is contained in:
mauronofrio
2019-10-26 19:47:55 +02:00
committed by bigbiff
parent 87d73d6620
commit 6d3bf891c4
11 changed files with 207 additions and 4 deletions
+5
View File
@@ -866,6 +866,11 @@ ifeq ($(shell test $(PLATFORM_SDK_VERSION) -lt 24; echo $$?),0)
include $(commands_TWRP_local_path)/libmincrypt/Android.mk
endif
ifneq ($(TW_OZIP_DECRYPT_KEY),)
TWRP_REQUIRED_MODULES += ozip_decrypt
include $(commands_TWRP_local_path)/ozip_decrypt/Android.mk
endif
ifeq ($(TW_INCLUDE_CRYPTO), true)
include $(commands_TWRP_local_path)/crypto/fde/Android.mk
include $(commands_TWRP_local_path)/crypto/scrypt/Android.mk
+5 -1
View File
@@ -76,7 +76,11 @@ endif
ifneq ($(TW_USE_KEY_CODE_TOUCH_SYNC),)
LOCAL_CFLAGS += -DTW_USE_KEY_CODE_TOUCH_SYNC=$(TW_USE_KEY_CODE_TOUCH_SYNC)
endif
ifneq ($(TW_OZIP_DECRYPT_KEY),)
LOCAL_CFLAGS += -DTW_OZIP_DECRYPT_KEY=\"$(TW_OZIP_DECRYPT_KEY)\"
else
LOCAL_CFLAGS += -DTW_OZIP_DECRYPT_KEY=0
endif
ifneq ($(TW_NO_SCREEN_BLANK),)
LOCAL_CFLAGS += -DTW_NO_SCREEN_BLANK
endif
+25
View File
@@ -1029,6 +1029,17 @@ void GUIAction::reinject_after_flash()
}
}
int GUIAction::ozip_decrypt(string zip_path)
{
if (!TWFunc::Path_Exists("/sbin/ozip_decrypt")) {
return 1;
}
gui_msg("ozip_decrypt_decryption=Starting Ozip Decryption...");
TWFunc::Exec_Cmd("ozip_decrypt " + (string)TW_OZIP_DECRYPT_KEY + " '" + zip_path + "'");
gui_msg("ozip_decrypt_finish=Ozip Decryption Finished!");
return 0;
}
int GUIAction::flash(std::string arg)
{
int i, ret_val = 0, wipe_cache = 0;
@@ -1039,6 +1050,20 @@ int GUIAction::flash(std::string arg)
size_t slashpos = zip_path.find_last_of('/');
string zip_filename = (slashpos == string::npos) ? zip_path : zip_path.substr(slashpos + 1);
operation_start("Flashing");
if((zip_path.substr(zip_path.size() - 4, 4)) == "ozip")
{
if((ozip_decrypt(zip_path)) != 0)
{
LOGERR("Unable to find ozip_decrypt!");
break;
}
zip_filename = (zip_filename.substr(0, zip_filename.size() - 4)).append("zip");
zip_path = (zip_path.substr(0, zip_path.size() - 4)).append("zip");
if (!TWFunc::Path_Exists(zip_path)) {
LOGERR("Unable to find decrypted zip");
break;
}
}
DataManager::SetValue("tw_filename", zip_path);
DataManager::SetValue("tw_file", zip_filename);
DataManager::SetValue(TW_ZIP_INDEX, (i + 1));
+1
View File
@@ -288,6 +288,7 @@ protected:
ThreadType getThreadType(const Action& action);
void simulate_progress_bar(void);
int flash_zip(std::string filename, int* wipe_cache);
int ozip_decrypt(std::string zip_path);
void reinject_after_flash();
void operation_start(const string operation_name);
void operation_end(const int operation_status);
+1 -1
View File
@@ -310,7 +310,7 @@
<condition var1="tw_selectimage" var2="0"/>
<placement x="%col2_x_left%" y="%row1a_y%" w="%fileselector_install_width%" h="%fileselector_install_height%"/>
<text>%tw_zip_location%</text>
<filter extn=".zip" folders="0" files="1"/>
<filter extn=".zip;.ozip;.ZIP;.OZIP" folders="0" files="1"/>
<path name="tw_zip_location" default="/sdcard"/>
<data name="tw_filename"/>
<selection name="tw_file"/>
+2
View File
@@ -724,5 +724,7 @@
<string name="unmount_system_err">Failed unmounting System</string>
<string name="flash_ab_inactive">Flashing A/B zip to inactive slot: {1}</string>
<string name="flash_ab_reboot">To flash additional zips, please reboot recovery to switch to the updated slot.</string>
<string name="ozip_decrypt_decryption">Starting Ozip Decryption...</string>
<string name="ozip_decrypt_finish">Ozip Decryption Finished!</string>
</resources>
</language>
+1 -1
View File
@@ -267,7 +267,7 @@
<condition var1="tw_selectimage" var2="0"/>
<placement x="%indent%" y="%row3_y%" w="%content_width%" h="%fileselector_install_height%"/>
<text>%tw_zip_location%</text>
<filter extn=".zip" folders="1" files="1"/>
<filter extn=".zip;.ozip;.ZIP;.OZIP" folders="1" files="1"/>
<path name="tw_zip_location" default="/sdcard"/>
<data name="tw_filename"/>
<selection name="tw_file"/>
+1 -1
View File
@@ -398,7 +398,7 @@
<condition var1="tw_selectimage" var2="0"/>
<placement x="%indent%" y="%row2_header_y%" w="%content_width%" h="%fileselector_install_height%"/>
<text>%tw_zip_location%</text>
<filter extn=".zip" folders="1" files="1"/>
<filter extn=".zip;.ozip;.ZIP;.OZIP" folders="1" files="1"/>
<path name="tw_zip_location" default="/sdcard"/>
<data name="tw_filename"/>
<selection name="tw_file"/>
+11
View File
@@ -0,0 +1,11 @@
LOCAL_PATH := $(call my-dir)
include $(CLEAR_VARS)
LOCAL_MODULE := ozip_decrypt
LOCAL_MODULE_PATH := $(TARGET_RECOVERY_ROOT_OUT)/sbin
LOCAL_MODULE_TAGS := optional
LOCAL_SRC_FILES := ozip_decrypt.cpp
LOCAL_C_INCLUDES := external/boringssl/src/include
LOCAL_SHARED_LIBRARIES := libcrypto
include $(BUILD_EXECUTABLE)
+152
View File
@@ -0,0 +1,152 @@
/*
Copyright 2020 Mauronofrio
This file is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This file is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
GNU General Public License <http://www.gnu.org/licenses/>.
*/
#include <iostream>
#include <string.h>
#include <openssl/evp.h>
#include <openssl/ssl.h>
#define _FILE_OFFSET_BITS 64
//extern "C" __int64 __cdecl _ftelli64(FILE*);
using namespace std;
typedef std::basic_string<unsigned char> u_string;
int decrypt(unsigned char* ciphertext, int ciphertext_len, unsigned char* key,
unsigned char* iv, unsigned char* plaintext)
{
EVP_CIPHER_CTX* ctx;
int len;
int plaintext_len;
ctx = EVP_CIPHER_CTX_new();
EVP_DecryptInit_ex(ctx, EVP_aes_128_ecb(), NULL, key, iv);
EVP_DecryptUpdate(ctx, plaintext, &len, ciphertext, ciphertext_len);
plaintext_len = len;
EVP_DecryptFinal_ex(ctx, plaintext + len, &len);
plaintext_len += len;
EVP_CIPHER_CTX_free(ctx);
return plaintext_len;
}
std::string hexToASCII(string hex)
{
int len = hex.length();
std::string newString;
for (int i = 0; i < len; i += 2)
{
string byte = hex.substr(i, 2);
char chr = (char)(int)strtol(byte.c_str(), nullptr, 16);
newString.push_back(chr);
}
return newString;
}
bool testkey(const char* keyf, const char* path) {
u_string key = (unsigned char*)(hexToASCII(keyf)).c_str();
int data[17];
FILE* fps = fopen(path, "rb");
fseek(fps, 4176, SEEK_SET);
fread(data, sizeof(char), 16, fps);
fclose(fps);
u_string udata = (unsigned char*)data;
EVP_CIPHER_CTX* ctx = EVP_CIPHER_CTX_new();
EVP_CIPHER_CTX_init(ctx);
EVP_DecryptInit_ex(ctx, EVP_aes_128_ecb(), NULL, key.c_str(), NULL);
EVP_CIPHER_CTX_set_padding(ctx, false);
unsigned char buffer[1024], * pointer = buffer;
int outlen;
EVP_DecryptUpdate(ctx, pointer, &outlen, udata.c_str(), udata.length());
pointer += outlen;
EVP_DecryptFinal_ex(ctx, pointer, &outlen);
pointer += outlen;
EVP_CIPHER_CTX_free(ctx);
u_string test= u_string(buffer, pointer - buffer);
u_string checktest = test.substr(0, 4);
if (checktest == ((unsigned char*) "\x50\x4B\x03\x04") || checktest == ((unsigned char*) "\x41\x4E\x44\x52")) {
return true;
}
return false;
}
int main(int argc, char* argv[])
{
if (argc != 3)
{
printf("Usage: ozipdecrypt key [*.ozip]\n");
return 0;
}
const char* key = argv[1];
const char* path = argv[2];
FILE* fp = fopen(path, "rb");
char magic[13];
fgets(magic, sizeof(magic), fp);
string temp(path);
temp = (temp.substr(0, temp.size() - 5)).append(".zip");
const char* destpath= temp.c_str();
if (strcmp(magic, "OPPOENCRYPT!") != 0)
{
printf("This is not an .ozip file!\n");
fclose(fp);
int rencheck = rename(path, destpath);
if (rencheck == 0) {
printf("Renamed .ozip file in .zip file\n");
}
else
{
printf("Unable to rename .ozip file in .zip file\n");
}
return 0;
}
if (testkey(key, path) == false)
{
printf("Key is not good!\n");
fclose(fp);
return 0;
}
else {
printf("Key is good!\n");
}
FILE* fp2 = fopen(destpath, "wb");
fseek(fp, 0L, SEEK_END);
unsigned long int sizetot = ftello(fp);
fseek(fp, 4176, SEEK_SET);
int bdata[16384];
unsigned long int sizeseek;
printf("Decrypting...\n");
while (true)
{
unsigned char data[17];
fread(data, sizeof(char), 16, fp);
decrypt(data, sizeof(data), (unsigned char*)(hexToASCII(key)).c_str(), NULL, data);
fwrite(data, sizeof(char), 16, fp2);
sizeseek = ftello(fp);
if ((sizetot - sizeseek) <= 16384) {
fread(bdata, sizeof(char), (sizetot - sizeseek), fp);
fwrite(bdata, sizeof(char), (sizetot - sizeseek), fp2);
break;
}
else
{
fread(bdata, sizeof(char), 16384, fp);
fwrite(bdata, sizeof(char), 16384, fp2);
}
}
printf("File succesfully decrypted, saved in %s\n", destpath);
fclose(fp2);
fclose(fp);
return 0;
}
+3
View File
@@ -74,6 +74,9 @@ RELINK_SOURCE_FILES += $(TARGET_OUT_EXECUTABLES)/mke2fs
RELINK_SOURCE_FILES += $(TARGET_OUT_EXECUTABLES)/tune2fs
RELINK_SOURCE_FILES += $(TARGET_OUT_EXECUTABLES)/resize2fs
RELINK_SOURCE_FILES += $(TARGET_RECOVERY_ROOT_OUT)/sbin/simg2img
ifneq ($(TW_OZIP_DECRYPT_KEY),)
RELINK_SOURCE_FILES += $(TARGET_RECOVERY_ROOT_OUT)/sbin/ozip_decrypt
endif
ifneq ($(TARGET_ARCH), x86_64)
RELINK_SOURCE_FILES += $(TARGET_OUT_EXECUTABLES)/linker
endif