Unable to decrypt using Disk Utility while booted from Recovery HD

Originator:rtrouton
Number:rdar://14099359 Date Originated:6-8-2013
Status:Closed Resolved:8-16-2015
Product:OS X Product Version:OS X 10.8.4 Build 12E55
Classification:Security Reproducible:Always
 
Summary:

It appears that Disk Utility on Mac OS X 10.8.4's Recovery HD partition no longer can decrypt FileVault 2-encrypted Macs. 

If you boot from a 10.8.4 Recovery HD partition, you can unlock a FileVault 2-encrypted boot drive but you can't decrypt it from Disk Utility.

Steps to Reproduce:

1. Boot Mac and hold down ⌘-R (Command –R) to boot from the Mac’s Recovery HD partition.

2. Open Disk Utility.

3. Select your locked hard drive.

4. Under the File menu, select "Turn Off Encryption…"


Expected Results:

1. Boot Mac and hold down ⌘-R (Command –R) to boot from the Mac’s Recovery HD partition.

2. Open Disk Utility.

3. Select your locked hard drive.

4. Under the File menu, select "Turn Off Encryption…"

5. When prompted for a password, enter the password of any authorized account on the drive.

6. Mac should begin decrypting.

Actual Results:

1. Boot Mac and hold down ⌘-R (Command –R) to boot from the Mac’s Recovery HD partition.

2. Open Disk Utility.

3. Select your locked hard drive.

4. Under the File menu, unable to select "Turn Off Encryption…" due to it being grayed out.

Regression:

Went back to 10.8.3's Recovery HD and saw the same behavior.

Notes:

All testing done in VMware running OS X VMs

Comments

Closing bug report as resolved

I found a fix for this issue; see https://derflounder.wordpress.com/2013/06/11/decrypting-filevault-2-on-mac-os-x-10-8-4-unlock-first-then-decrypt/

Blog post

Added blog post with findings: http://derflounder.wordpress.com/2013/06/08/mac-os-x-10-8-4s-recovery-hd-removes-ability-to-decrypt-filevault-2-encrypted-mac/

Successfully reproduced outside of VMware

I've now reproduced my results on a 2011 MacBook Pro.


Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!