Android 4.4 encrypted backup problem (Invalid password or master key checksum)

[jflaflamme]

Hello.

I have an issue with abe.jar, when I try to extract an encrypted backup with the correct password. (the password is working with adb restore )

GOOD PASSWORD ERROR MESSAGE

Strong AES encryption enabled
Magic: ANDROID BACKUP
Version: 1
Compressed: 1
Algorithm: AES-256
….
Caused by: java.lang.RuntimeException: java.lang.IllegalStateException: Invalid password or master key checksum.

BAD PASSWORD ERROR MESSAGE

Strong AES encryption enabled
Magic: ANDROID BACKUP
Version: 1
Compressed: 1
Algorithm: AES-256
….
Caused by: javax.crypto.BadPaddingException: Given final block not properly padded

Thank you for your help

[nelenkov]

This is the result of the change described here: http://android-developers.blogspot.jp/2013/12/changes-to-secretkeyfactory-api-in.html

and can be probably treated as an Android bug, because restoring backups made with 4.3 will most likely fail on 4.4. File one at http://b.android.com if you can confirm this.

The fix is to replace PBEParametersGenerator.PKCS5PasswordToBytes(pwArray) in AndroidBackup.java:413 with PBEParametersGenerator.PKCS5PasswordToUTF8Bytes(pwArray). There probably needs to be some flag to switch behaviour for 4.4 and prior versions.

[jflaflamme]

Totally corrected the problem and I can access my files with your tool. Thank you for this quick answer.

[nelenkov]

Glad it works for you, but let's not close this just yet. I'll have to figure out how fix this properly. Maybe try the second variant if checksum checking fails and only throw an exception if both fail?

[nelenkov]

unpack will now try both variants. When targeting KitKat you need to use pack-kk for packing, otherwise restore will fail.

[lilvalo]

What changes do you have to make in the Perl code to accomplish the same thing?

Also is it possible you can compile a new .jar with the changes and upload it please?

[nelenkov]

IIRC, Perl's PBKDF2 code is actually in C and does not support UTF-8 to start with. The C code needs to be modified to use UTF, to be compatible with current 4.4.

I don't distribute a JAR, please compile from source.

[lilvalo]

I can't for the life of me figure out how to compile it using Eclipse, which is what you suggest.

I can get 2 class files if I compile it with javac, but then get an error. If it's suppose to work with compiling with javac, can you let me know and I'll continue trying to figure out what's causing the errors when I attempt to run it.

If not can you point me somewhere that would help me with getting it compiled in Eclipse please?

Thanks

[lilvalo]

Firstly download the source from HERE and not from the sourceforge, their zip file of the src is horribly out of date.
Secondly the javac works, just copy the .class files to the bin folder and use the abe.sh file.
Thirdly I'll attempt to try it in Eclipse given now that I realized I was looking at code from sf and reading comments on here based on the code here.

[nelenkov]

Nothing special required, just add a recent BouncyCastle jar. You can also use Ant, there is a build.xml file included. If you compile directly with javac, you need to set the classpath accordingly, and include the BouncyCastle jar.

[nelenkov]

Yet, git clone this repository to get latest code. I am not responsible for any other distributions, and have no idea what state they are in.