This patchset introduces support decryption for Android 11.
In this update we deprecate ext4crypt. To specify the
policy version to use, use TW_USE_FSCRYPT_POLICY := 1 or
TW_USE_FSCRYPT_POLICY := 2. By default policy version will
be set to 2 if this variable is omitted.
Change-Id: I62a29c1bef36c259ec4b11259f71be613d20a112
The stored id for the different types of the lock pattern was chnaged
with Android 11. You can find the updated list in the LockPatternUtils:
https://android.googlesource.com/platform/frameworks/base/+/refs/tags/android-11.0.0_r25/core/java/com/android/internal/widget/LockPatternUtils.java#113
It was changed in 5e891bcc04556a3595ab349381acc2a2e36a69d1:
5e891bcc04
The old CREDENTIAL_TYPE_PASSWORD_OR_PIN was essentialy split in
CREDENTIAL_TYPE_PASSWORD and CREDENTIAL_TYPE_PASSWORD_OR_PIN.
This code updates the matching in twrp, so that the correct unlocking
method for file base decryption can be found. Without these changes twrp
always try to use the default password and obviously fails. With these
changes the usual password dialog is shown and the decryption is
successfully.
Change-Id: Ia8d47223b30a5301d4b9d2230241039612055ebb
Signed-off-by: Alexander Sulfrian <asulfrian@zedat.fu-berlin.de>
Co-authored-by: althafvly <althafvly@gmail.com>
* Add CLI support using the command "twrp decrypt <PASSWORD> [USER ID]"
* Add GUI support using the menu Advanced --> Decrypt User
multiuser: Parse users only when Decrypt_DE runs successfully
multiuser: Warn when not all users are decrypted
Change-Id: Ia5e943b13c2d5ec5c34ae97661133c19ff471e6d
for android-10
This will support updating the ramdisk to a different
compression format and co-exist with magisk.
We are also cleaning up and removing non android-10
api makefile actions.
We are also moving twrp repacking to its own class. We
check the new ramdisk format and if it's different
we have magisk compress using the new ramdisk format.
Change-Id: I770030aae7797e75817178b2f0fccd9f39dc23af
fscrypt aosp doc: https://source.android.com/security/encryption/file-based
kernel fscrypt doc: https://www.kernel.org/doc/html/v4.18/filesystems/fscrypt.html
This commit implements the ability for TWRP to use fscrypt to decrypt
files on the fscrypt implementation. It has been implemented mostly
in a new successor library to e4crypt called libtwrpfscrypt. Most of the
code was ported from AOSP vold.
Notable updates include:
- updated policy storage by libtar
- lookup of fbe policies by libtwrpfscrypt
- threaded keystore operations
Big thanks to Dees_Troy for the initial trailblazing
of encryption in TWRP.
Change-Id: I69cd2eba3693a9914e00213d4943229635d0cdae
