commit fefe5915b06a1121d885fba3680dd1b90027fd5d
author Ethan Yonker <dees_troy@teamw.in> Sat Sep 30 22:22:13 2017 -0500
committer Ethan Yonker <dees_troy@teamw.in> Tue Nov 28 16:03:41 2017 -0600
tree 2370923b618bdbe2592873cd311944628a1d0a62
parent dc864ec8acde6d384a7a402ee071895f12ef1910

FBE for Pixel 2

Includes various minor fixes for building in Android 8 trees with r23+ tag

Update FBE extended header in libtar to version 2 and include the entire
ext4_encryption_policy structure now after translating the policy.

See this post for more details:
https://plus.google.com/u/1/+DeesTroy/posts/i33ygUi7tiu

Change-Id: I2af981e51f459b17fcd895fb8c2d3f6c8200e24b

crypto/ext4crypt/HashPassword.cpp

diff --git a/crypto/ext4crypt/HashPassword.cpp b/crypto/ext4crypt/HashPassword.cpp
index 86e067e..817c984 100644
--- a/crypto/ext4crypt/HashPassword.cpp
+++ b/crypto/ext4crypt/HashPassword.cpp
@@ -28,16 +28,37 @@
 #include <stdlib.h>
 #include <openssl/sha.h>
 
+#include "HashPassword.h"
+
 #define PASS_PADDING_SIZE 128
 #define SHA512_HEX_SIZE SHA512_DIGEST_LENGTH * 2
 
-std::string HashPassword(const std::string& Password) {
-	size_t size = PASS_PADDING_SIZE + Password.size();
+void* PersonalizedHashBinary(const char* prefix, const char* key, const size_t key_size) {
+	size_t size = PASS_PADDING_SIZE + key_size;
 	unsigned char* buffer = (unsigned char*)calloc(1, size);
-	const char* prefix = "Android FBE credential hash";
+	if (!buffer) return NULL; // failed to malloc
 	memcpy((void*)buffer, (void*)prefix, strlen(prefix));
 	unsigned char* ptr = buffer + PASS_PADDING_SIZE;
-	memcpy((void*)ptr, Password.c_str(), Password.size());
+	memcpy((void*)ptr, key, key_size);
+	unsigned char hash[SHA512_DIGEST_LENGTH];
+	SHA512_CTX sha512;
+	SHA512_Init(&sha512);
+	SHA512_Update(&sha512, buffer, size);
+	SHA512_Final(hash, &sha512);
+	free(buffer);
+	void* ret = malloc(SHA512_DIGEST_LENGTH);
+	if (!ret) return NULL; // failed to malloc
+	memcpy(ret, (void*)&hash[0], SHA512_DIGEST_LENGTH);
+	return ret;
+}
+
+std::string PersonalizedHash(const char* prefix, const char* key, const size_t key_size) {
+	size_t size = PASS_PADDING_SIZE + key_size;
+	unsigned char* buffer = (unsigned char*)calloc(1, size);
+	if (!buffer) return ""; // failed to malloc
+	memcpy((void*)buffer, (void*)prefix, strlen(prefix));
+	unsigned char* ptr = buffer + PASS_PADDING_SIZE;
+	memcpy((void*)ptr, key, key_size);
 	unsigned char hash[SHA512_DIGEST_LENGTH];
 	SHA512_CTX sha512;
 	SHA512_Init(&sha512);
@@ -49,5 +70,15 @@
 		sprintf(hex_hash + (index * 2), "%02X", hash[index]);
 	hex_hash[128] = 0;
 	std::string ret = hex_hash;
+	free(buffer);
 	return ret;
 }
+
+std::string PersonalizedHash(const char* prefix, const std::string& Password) {
+	return PersonalizedHash(prefix, Password.c_str(), Password.size());
+}
+
+std::string HashPassword(const std::string& Password) {
+	const char* prefix = FBE_PERSONALIZATION;
+	return PersonalizedHash(prefix, Password);
+}