Custom TWRP 3.2.3 to decrypt Android 8/9 encryption

I’ve removed encryption and ‘convinced’ Android not to start encryption process at boot like described here: Lineage-16.0 (Android Pie) Beta

2 Likes

gonna try this! thanks a lot for this hint!

After updating to current signed/official LOS 16 versión, twrp’s decryption is no longer working for me either…

Will this fix the TWRP decrypt problem on LOS 16 ?

1 Like

Amazing! It worked! Thanks a lot!

No. Not related.

Chris

1 Like

A post was merged into an existing topic: TWRP 3.3.0-0 can’t decrypt Android 7/8/9 encryption

Thanks. May sound silly but my problem is to type the “_” I cannot see in TWRP what i type because it shows only stars. In Android I can see the text at least for a second. Is there any possibility to show the password?

There’s no setting for this.
You will have to watch what you type, the “keys” get darker for a moment when you tap them (lowlighted?).

Did some tests in the TWRP- terminal. There my problem was obvious as I can see what I type. The small figures on the keyboard and my big fingers do not work well together :wink:
Anyway, I am sure that after sufficient testing I inserted: default_password but it did not work.
One reason could be that I flashed 3.2.3 over 3.3.0. Will format my phone again this afternoon and do a clean install.

This shouldn’t cause any problem in the case of TWRP, don’t worry.

Users have previously reported that trying to decrypt data in the custom 3.2.3 TWRP works randomly, not in every case. No clue why this happens for now.

3 Likes

Whereas …

What’s the status currently? Have you encrypted with or without a password?


Not likely (as in: I want to outright say “No.” but I’m too cautious :slight_smile: ).

With password. But it is not accepted.

Then “default_password” will not work, because you encrypted with a password.

The custom TWRP 3.2.3 given in this topic as of now may or may not decrypt Android 8/9 encryption with your password.
I’ve seen it working sometimes with my password, but most times it failed …

And twrp.me TWRP 3.3.0-0 as of now will not decrypt any encryption on the Fairphone 2.

3 Likes

@chrmhoffmann: I stumbled upon this here …

https://gerrit.omnirom.org/#/c/android_bootable_recovery/+/34092/

… which apparently fixed decryption on the Pixel XL (referenced here).

Is this perhaps something useful, or is it just old news and/or not applicable?

1 Like

If anybody’s still playing around with this, I found a nice idea here …

https://github.com/TeamWin/Team-Win-Recovery-Project/issues/1440#issuecomment-487282734

So … if this custom TWRP here doesn’t decrypt at startup, you don’t need to reboot to try again. Just Cancel the initial password request, then go to Advanced - Terminal and run twrp decrypt password as many times as you like, substituting password with your password, of course.

I’ve got no luck so far with my daily driver LineageOS 16.0 encrypted phone, but it worked for me on a 15.1 encrypted test install … decrypting at startup failed, decrypting via Terminal worked after that.

If you use a pattern to decrypt, the bottom of this page shows the translation from pattern to password string … https://twrp.me/faq/openrecoveryscript.html.

6 Likes

Any updates on this?

I’m getting into a scenario, where I have to choose between LineageOS-15.1 without security updates, no encryption or no working recovery. And really don’t like none of these possibilities.
(Only other option is to go stock Android, which is actually great for the FP2. But I really like LineageOS and Android >= 8)

If there’s a bug bounty for this, I’d really like to contribute.

 


 

@chrmhoffmann

Could you consider re-adding FDE support for LOS-16.0 on the FP2 until this has been resolved?

I’ve seen at least the following LOS-16.0 builds (official, unofficial, microg) for other phones with FDE support.

So if FDE support for LOS-16.0 on the FP2 would be readded, one could still use TWRP-3.2.* for recovery.

3 Likes

While I agree about the super-inconvenience that is the missing encryption support as of Android 8+ … the recovery is working as intended.

You mean for a TWRP backup including decrypted data, not for recovery.

It’s not as if you couldn’t make a backup without TWRP supporting encryption.
Backup your App APKs and copy the whole Internal Storage to somewhere else … and I think a TWRP backup of the OS state would include settings, but these could also be restored manually … and what’s missing then?

1 Like

I’m not sure what you mean.

FDE encryption was supported in TWRP < 3.3. And in TWRP >= 3.3 neither FDE nor FBE works. I’m not sure if it’s a common problem for FBE and FDE. But I don’t think the referenced TWRP page (Why doesn't TWRP support encryption on my device?) applies here, because encryption for FP2 was already supported.

 

Sure, you can boot into recovery and flash new system images. But you can’t do anything on the data partition.

And yes, you can do app backups inside the running LineageOS. But TWRP does much more than that. You can backup the whole OS state - e.g. before doing an OS update. And you can also rescue files when the OS somehow doesn’t boot anymore. That’s why I really don’t want to miss a recovery with access to files in the data partition.

You made it sound like the TWRP recovery would be broken regarding its main purpose without encryption support.
I just wanted to point out that TWRP isn’t broken in this sense, it’s still a working recovery. It just doesn’t support a feature anymore which it doesn’t guarantee to support, however much we might want to have that feature.

I totally get that you consider it broken because of your priorities.