Gitiles
Code Review Sign In
gerrit.twrp.me / android_bootable_recovery / 58f2132bc3954fc704787d477500a209eedb8e29 / . / crypto / ext4crypt / HashPassword.cpp
blob: 817c984bdfb71db028b50fc7e31f4e47bd4f5dc1 [file] [log] [blame]
Ethan Yonkerbd7492d2016-12-07 13:55:01 -0600[diff] [blame]1/*
2 * Copyright (C) 2016 Team Win Recovery Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17/*
18 * This computes the "secret" used by Android as one of the parameters
19 * to decrypt File Based Encryption. The secret is prefixed with
20 * "Android FBE credential hash" padded with 0s to 128 bytes then the
21 * user's password is appended to the end of the 128 bytes. This string
22 * is then hashed with sha512 and the sha512 value is then converted to
23 * hex with upper-case characters.
24 */
25
26#include <stdio.h>
27#include <string>
28#include <stdlib.h>
29#include <openssl/sha.h>
30
Ethan Yonkerfefe5912017-09-30 22:22:13 -0500[diff] [blame]31#include "HashPassword.h"
32
Ethan Yonkerbd7492d2016-12-07 13:55:01 -0600[diff] [blame]33#define PASS_PADDING_SIZE 128
34#define SHA512_HEX_SIZE SHA512_DIGEST_LENGTH * 2
35
Ethan Yonkerfefe5912017-09-30 22:22:13 -0500[diff] [blame]36void* PersonalizedHashBinary(const char* prefix, const char* key, const size_t key_size) {
37 size_t size = PASS_PADDING_SIZE + key_size;
Ethan Yonkerbd7492d2016-12-07 13:55:01 -0600[diff] [blame]38 unsigned char* buffer = (unsigned char*)calloc(1, size);
Ethan Yonkerfefe5912017-09-30 22:22:13 -0500[diff] [blame]39 if (!buffer) return NULL; // failed to malloc
Ethan Yonkerbd7492d2016-12-07 13:55:01 -0600[diff] [blame]40 memcpy((void*)buffer, (void*)prefix, strlen(prefix));
41 unsigned char* ptr = buffer + PASS_PADDING_SIZE;
Ethan Yonkerfefe5912017-09-30 22:22:13 -0500[diff] [blame]42 memcpy((void*)ptr, key, key_size);
43 unsigned char hash[SHA512_DIGEST_LENGTH];
44 SHA512_CTX sha512;
45 SHA512_Init(&sha512);
46 SHA512_Update(&sha512, buffer, size);
47 SHA512_Final(hash, &sha512);
48 free(buffer);
49 void* ret = malloc(SHA512_DIGEST_LENGTH);
50 if (!ret) return NULL; // failed to malloc
51 memcpy(ret, (void*)&hash[0], SHA512_DIGEST_LENGTH);
52 return ret;
53}
54
55std::string PersonalizedHash(const char* prefix, const char* key, const size_t key_size) {
56 size_t size = PASS_PADDING_SIZE + key_size;
57 unsigned char* buffer = (unsigned char*)calloc(1, size);
58 if (!buffer) return ""; // failed to malloc
59 memcpy((void*)buffer, (void*)prefix, strlen(prefix));
60 unsigned char* ptr = buffer + PASS_PADDING_SIZE;
61 memcpy((void*)ptr, key, key_size);
Ethan Yonkerbd7492d2016-12-07 13:55:01 -0600[diff] [blame]62 unsigned char hash[SHA512_DIGEST_LENGTH];
63 SHA512_CTX sha512;
64 SHA512_Init(&sha512);
65 SHA512_Update(&sha512, buffer, size);
66 SHA512_Final(hash, &sha512);
67 int index = 0;
68 char hex_hash[SHA512_HEX_SIZE + 1];
69 for(index = 0; index < SHA512_DIGEST_LENGTH; index++)
70 sprintf(hex_hash + (index * 2), "%02X", hash[index]);
71 hex_hash[128] = 0;
72 std::string ret = hex_hash;
Ethan Yonkerfefe5912017-09-30 22:22:13 -0500[diff] [blame]73 free(buffer);
Ethan Yonkerbd7492d2016-12-07 13:55:01 -0600[diff] [blame]74 return ret;
75}
Ethan Yonkerfefe5912017-09-30 22:22:13 -0500[diff] [blame]76
77std::string PersonalizedHash(const char* prefix, const std::string& Password) {
78 return PersonalizedHash(prefix, Password.c_str(), Password.size());
79}
80
81std::string HashPassword(const std::string& Password) {
82 const char* prefix = FBE_PERSONALIZATION;
83 return PersonalizedHash(prefix, Password);
84}