joachimmetz
commented
5 years ago Thx I'll have a look as soon as time permits.
Closed bulhakov-adf closed 3 years ago
joachimmetz
commented
5 years ago Thx I'll have a look as soon as time permits.
joachimmetz
commented
3 years ago Instead of merging the proposed changed, I'll change libfvde_encryption_context_plist_get_passphrase_wrapped_kek to return 0 if there is no PassphraseWrappedKEKStruct
Hi @joachimmetz,
It looks that some "service" users from CryptoUsers don't have KeyWrappedKekStruct which doesn't seem to be an error. Here is decrypted wipeKey sample — EncryptedRoot.plist.wipekey_decrypted.zip
I wanted to add verbose output as well, but it seems like the whole partition is being dumped through stderr.