KEK and VEK encryption types have to match

[ghost]

KEK’s encryption type has to match VEK’s encryption type. On Catalina if the system volume is upgraded from HFS with FileVault enabled and converted to APFS the VEK will be 256 bit encryption, but KEK is 128. In order to work if the KEK is 128 bit key the same type has to be used for VEK. Currently it is always set to AES256. The call to unwrap function for VEK should be changed to match the argument when we unwrap the KEK key.

[Weinbery]

@vsv67 Thank you for your explanation, I was known the reason of why I canont get files from the APFS encrypt volume. But I also don't konw how to macth the KEK to VEK. Can you explain it in more detail?

[ghost]

Hello,

It is not the key itself, but the type of decryption.

In KeyMgmt.cpp in lines 627-633 should be somethig like this:

    case 0x00:
    case 0x10:
        encryption_type = AES::AES_256;
                    encryption_size = 0x20;
        rc = Rfc3394_KeyUnwrap(kek, kek_blob.wrapped_kek, encryption_size, dk, encryption_type, &iv);
        break;
    case 0x02:
        encryption_type = AES::AES_128;
                    encryption_size = 0x10;
        rc = Rfc3394_KeyUnwrap(kek, kek_blob.wrapped_kek, encryption_size, dk, encryption_type, &iv);
        break;

And later lines 675-685 should be modified to use the encryption_type variable like this: if (vek_blob.unk_82.unk_00 == 0) { // AES-256. This method is used for wrapping the whole XTS-AES key, // and applies to non-FileVault encrypted APFS volumes. rc = Rfc3394_KeyUnwrap(vek, vek_blob.wrapped_vek, encryption_size kek, encryption_type, &iv); } else if (vek_blob.unk_82.unk_00 == 2) { // AES-128. This method is used for FileVault and CoreStorage encrypted // volumes that have been converted to APFS. rc = Rfc3394_KeyUnwrap(vek, vek_blob.wrapped_vek, encryption_size, kek, encryption_type, &iv);

[Weinbery]

@vsv67 Thank you for your patience！Now I have another problem, and I can got the correct container block data because of it encrypted by secure enclave on the iMac equiped Apple T2 security chip. Have you meet the problem？I think it's a conundrum without any solutions.

[sgan81]

This should (finally) be fixed now ...

[terry9873]

Sorry to revive this but it doesnt appear to have been answered. I have a similar question, albeit my technical know-how is far lower than the OP above! I have a very simple question. Can Apple decrypt our drives now? Before everyone jumps to say NO of course not, why is it that I could keep my disk encryption key in my head and only ever in my head, until Catalina came along. But now, it is IMPOSSIBLE to install Catalina on a pre encrypted volume without giving my OS access to my encryption key (and who knows, maybe Apple too?). If that sounds like an unfair question, why then does Apple FORCE me to hand over my disk encryption key to the OS, there is absolutely no choice in the matter at all?! Hope someone can help allay my concerns. I have used Mojave until now and for many years when i boot up, I have to unlock disk, then I get the login screen. Two passwords, never the twain shall meet. That MUST be more secure than giving Catalina my disk password to play games with KEKs and VEKs with?! Surely one key for my house, forever stored in my pocket, is safer than that PLUS a key hidden under a rock by the door? I'd love to be put right if I am wrong here, but I cant find any info online to do that, so far anyway!