Aorimn / dislocker

FUSE driver to read/write Windows' BitLocker-ed volumes under Linux / Mac OSX
GNU General Public License v2.0
1.58k stars 196 forks source link

Feature Request: More friendly way to print keys' identifiers #140

Open intelfx opened 6 years ago

intelfx commented 6 years ago

It would be nice to have a better (more human- and script-friendly) way to determine a partition's key GUIDs (as compared to dislocker-metadata, whose output is nearly incomprehensible to both eye and common scripting).

Something like this:

$ dislocker-keyid --recovery /dev/sdXY # assuming scripting output
B152F155-160D-42DB-BB93-BB252798AD31
5B5BAECE-0A15-4247-9EF4-609A594864A6
<...>
$ dislocker-keyid /dev/sdXY # assuming human output
Recovery key: B152F155-160D-42DB-BB93-BB252798AD31
Recovery key: 5B5BAECE-0A15-4247-9EF4-609A594864A6
<...>

Expected usecase is something like:

$ dislocker-fuse -p$(pass misc/bitlocker/$(dislocker-keyid --recovery /dev/sdXY)) /dev/sdXY ...

(where pass is a well-known password manager)

thinrope commented 6 years ago

I wouldn't add a new command (or symlink), but may be suggest to tweak the metadata output a bit instead... Anyway, as it stands now, for human-readable, any of those:

dislocker-metadata /dev/sdXY |fgrep "Recovery Key GUID:"
dislocker-metadata /dev/sdXY |fgrep "Recovery Key GUID:"|grep --color=always -P '[0-9A-F\-]{24,}'

for scripting:

dislocker-metadata /dev/sdXY |perl -ne 'print "$1\n" if(/Recovery Key GUID: .([0-9A-F\-]{24,})./);'
Andrew-J-Larson commented 3 years ago

Yes I agree this would be very handy. Especially with a script I made to check bitlocker identifiers against escrowed ones for getting recovery passwords. It would be nicer to not have to check each identifier, if it showed more detail on which identifier is which and for what.