blob: 86e067ebb1827099b9b44cf4e49fd6b73df32383 [file] [log] [blame]
/*
* Copyright (C) 2016 Team Win Recovery Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/*
* This computes the "secret" used by Android as one of the parameters
* to decrypt File Based Encryption. The secret is prefixed with
* "Android FBE credential hash" padded with 0s to 128 bytes then the
* user's password is appended to the end of the 128 bytes. This string
* is then hashed with sha512 and the sha512 value is then converted to
* hex with upper-case characters.
*/
#include <stdio.h>
#include <string>
#include <stdlib.h>
#include <openssl/sha.h>
#define PASS_PADDING_SIZE 128
#define SHA512_HEX_SIZE SHA512_DIGEST_LENGTH * 2
std::string HashPassword(const std::string& Password) {
size_t size = PASS_PADDING_SIZE + Password.size();
unsigned char* buffer = (unsigned char*)calloc(1, size);
const char* prefix = "Android FBE credential hash";
memcpy((void*)buffer, (void*)prefix, strlen(prefix));
unsigned char* ptr = buffer + PASS_PADDING_SIZE;
memcpy((void*)ptr, Password.c_str(), Password.size());
unsigned char hash[SHA512_DIGEST_LENGTH];
SHA512_CTX sha512;
SHA512_Init(&sha512);
SHA512_Update(&sha512, buffer, size);
SHA512_Final(hash, &sha512);
int index = 0;
char hex_hash[SHA512_HEX_SIZE + 1];
for(index = 0; index < SHA512_DIGEST_LENGTH; index++)
sprintf(hex_hash + (index * 2), "%02X", hash[index]);
hex_hash[128] = 0;
std::string ret = hex_hash;
return ret;
}