10.13 fdesetup changerecovery -personal with wrong password deletes recovery key

Originator:howie
Number:rdar://34633465 Date Originated:9/25/2017
Status:open Resolved:
Product:macOS + SDK Product Version:10.13
Classification:Serious Bug Reproducible:yes
 
Area:
Something not on this list

Summary: On 10.13, on a FileVault protected APFS disk (upgraded from 10.12.6), changing the recovery key (-personal) and supplying the wrong password deletes the recovery key.

Steps to Reproduce:
- Start with a 10.12.6 system with a Filevault2 protected Disk with a personal recovery key
- Install 10.13
- as root, run "fdesetup list" to verify that there is a recovery key.  The user shows up as "(null)" for the recovery key.
- run "fdesetup validaterecovery" to see that the recovery key is correct.
- run "fdesetup changerecovery -personal" and enter an incorrect password.
- run "fdesetup list" again, and see that the entry for the user "(null)" has disappeared.
- run "fdesetup validaterecovery" again, to see that the recovery key no longer works.

Expected Results:
The changerecovery operation should be rejected due to an incorrect password.

Actual Results:
The recovery key is removed!

Version/Build:
10.13/17A365

Configuration:
MacBookPro 15, late 2013

Comments

Still an issue Beta 5

Beta 5 Apple, srsly?! I will file a bug report too then...


Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!