From bd7492de28963b7e74e8e5d3f17ec9a5a287d9c3 Mon Sep 17 00:00:00 2001 From: Ethan Yonker Date: Wed, 7 Dec 2016 13:55:01 -0600 Subject: Support File Based Encryption Change-Id: Ib688ddd0c32d3999590cacd86b6d9b18eac336e9 --- crypto/ext4crypt/HashPassword.cpp | 53 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 53 insertions(+) create mode 100644 crypto/ext4crypt/HashPassword.cpp (limited to 'crypto/ext4crypt/HashPassword.cpp') diff --git a/crypto/ext4crypt/HashPassword.cpp b/crypto/ext4crypt/HashPassword.cpp new file mode 100644 index 000000000..86e067ebb --- /dev/null +++ b/crypto/ext4crypt/HashPassword.cpp @@ -0,0 +1,53 @@ +/* + * Copyright (C) 2016 Team Win Recovery Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/* + * This computes the "secret" used by Android as one of the parameters + * to decrypt File Based Encryption. The secret is prefixed with + * "Android FBE credential hash" padded with 0s to 128 bytes then the + * user's password is appended to the end of the 128 bytes. This string + * is then hashed with sha512 and the sha512 value is then converted to + * hex with upper-case characters. + */ + +#include +#include +#include +#include + +#define PASS_PADDING_SIZE 128 +#define SHA512_HEX_SIZE SHA512_DIGEST_LENGTH * 2 + +std::string HashPassword(const std::string& Password) { + size_t size = PASS_PADDING_SIZE + Password.size(); + unsigned char* buffer = (unsigned char*)calloc(1, size); + const char* prefix = "Android FBE credential hash"; + memcpy((void*)buffer, (void*)prefix, strlen(prefix)); + unsigned char* ptr = buffer + PASS_PADDING_SIZE; + memcpy((void*)ptr, Password.c_str(), Password.size()); + unsigned char hash[SHA512_DIGEST_LENGTH]; + SHA512_CTX sha512; + SHA512_Init(&sha512); + SHA512_Update(&sha512, buffer, size); + SHA512_Final(hash, &sha512); + int index = 0; + char hex_hash[SHA512_HEX_SIZE + 1]; + for(index = 0; index < SHA512_DIGEST_LENGTH; index++) + sprintf(hex_hash + (index * 2), "%02X", hash[index]); + hex_hash[128] = 0; + std::string ret = hex_hash; + return ret; +} -- cgit v1.2.3