Add support for multi-user decryption
* Add CLI support using the command "twrp decrypt <PASSWORD> [USER ID]"
* Add GUI support using the menu Advanced --> Decrypt User
multiuser: Parse users only when Decrypt_DE runs successfully
multiuser: Warn when not all users are decrypted
Change-Id: Ia5e943b13c2d5ec5c34ae97661133c19ff471e6d
diff --git a/crypto/ext4crypt/Decrypt.cpp b/crypto/ext4crypt/Decrypt.cpp
index 85d14ea..d486aa4 100755
--- a/crypto/ext4crypt/Decrypt.cpp
+++ b/crypto/ext4crypt/Decrypt.cpp
@@ -549,13 +549,16 @@
std::string disk_decryption_secret_key = "";
std::string keystore_alias_subid;
- if (!Find_Keystore_Alias_SubID_And_Prep_Files(user_id, keystore_alias_subid, handle_str)) {
- printf("failed to scan keystore alias subid and prep keystore files\n");
- return disk_decryption_secret_key;
- }
+ // Can be stored in user 0, so check for both.
+ if (!Find_Keystore_Alias_SubID_And_Prep_Files(user_id, keystore_alias_subid, handle_str) &&
+ !Find_Keystore_Alias_SubID_And_Prep_Files(0, keystore_alias_subid, handle_str))
+ {
+ printf("failed to scan keystore alias subid and prep keystore files\n");
+ return disk_decryption_secret_key;
+ }
// First get the keystore service
- sp<IBinder> binder = getKeystoreBinderRetry();
+ sp<IBinder> binder = getKeystoreBinderRetry();
#ifdef USE_KEYSTORAGE_4
sp<IKeystoreService> service = interface_cast<IKeystoreService>(binder);
#else
@@ -1165,15 +1168,15 @@
printf("e4crypt_unlock_user_key returned fail\n");
return Free_Return(retval, weaver_key, &pwd);
}
-#ifdef USE_KEYSTORAGE_4
+/*#ifdef USE_KEYSTORAGE_4
if (!e4crypt_prepare_user_storage("", user_id, 0, flags)) {
#else
if (!e4crypt_prepare_user_storage(nullptr, user_id, 0, flags)) {
#endif
printf("failed to e4crypt_prepare_user_storage\n");
return Free_Return(retval, weaver_key, &pwd);
- }
- printf("Decrypted Successfully!\n");
+ }*/
+ printf("User %i Decrypted Successfully!\n", user_id);
retval = true;
return Free_Return(retval, weaver_key, &pwd);
}
@@ -1255,15 +1258,15 @@
printf("e4crypt_unlock_user_key returned fail\n");
return false;
}
-#ifdef USE_KEYSTORAGE_4
+/*#ifdef USE_KEYSTORAGE_4
if (!e4crypt_prepare_user_storage("", user_id, 0, flags)) {
#else
if (!e4crypt_prepare_user_storage(nullptr, user_id, 0, flags)) {
#endif
printf("failed to e4crypt_prepare_user_storage\n");
return false;
- }
- printf("Decrypted Successfully!\n");
+ }*/
+ printf("User %i Decrypted Successfully!\n", user_id);
return true;
}
if (stat("/data/system_de/0/spblob", &st) == 0) {
@@ -1343,14 +1346,14 @@
printf("e4crypt_unlock_user_key returned fail\n");
return false;
}
-#ifdef USE_KEYSTORAGE_4
+/*#ifdef USE_KEYSTORAGE_4
if (!e4crypt_prepare_user_storage("", user_id, 0, flags)) {
#else
if (!e4crypt_prepare_user_storage(nullptr, user_id, 0, flags)) {
#endif
printf("failed to e4crypt_prepare_user_storage\n");
return false;
- }
- printf("Decrypted Successfully!\n");
+ }*/
+ printf("User %i Decrypted Successfully!\n", user_id);
return true;
}