Feature Request: show FVEK on mount with passphrase

libyal / libbde

Library and tools to access the BitLocker Drive Encryption (BDE) encrypted volumes

GNU Lesser General Public License v3.0

214 stars 52 forks source link

Feature Request: show FVEK on mount with passphrase #51

Closed Mips128 closed 3 years ago

Mips128 commented 3 years ago

Dear all,

when mounting a bitlocker encrypted partition using bdemount and the correct passphrase, we would like to dump/extract/see the FVEK. The reasoning for this is that we want to have the correct FVEK as a reference when doing testing on RAM dumps.

Is there an easy way to do this using bdemount/bdeinfo?

Thank you in advance for any help.

Best Regards Dennis

joachimmetz commented 3 years ago

Is there an easy way to do this using bdemount/bdeinfo?

I'm hesitant to add this to the info or mount tool, since you have a very exotic use case. The information you are looking for should be in the debug output.

joachimmetz commented 3 years ago

no additional response, assuming question has been answered