misc/luks-header-from-active - manifest_repos/cryptsetup - Git at Google

 #!/bin/bash

 # Try to get LUKS info and master key from active mapping and prepare parameters for cryptsetup.
 #
 # Copyright (C) 2010,2011,2012 Milan Broz <gmazyland@gmail.com>
 #
 # This copyrighted material is made available to anyone wishing to use,
 # modify, copy, or redistribute it subject to the terms and conditions
 # of the GNU General Public License v.2.
 #
 # You should have received a copy of the GNU General Public License
 # along with this program; if not, write to the Free Software Foundation,
 # Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 #
 umask 0077

 fail() { echo -e $1 ; exit 1 ; }
 field() { echo $(dmsetup table --target crypt --showkeys $DEVICE | sed 's/.*: //' | cut -d' ' -f$1) ; }
 field_uuid() { echo $(dmsetup info $1 --noheadings -c -o uuid) ; }
 field_device() {
 	TEMP=$(readlink /sys/dev/block/$1 | sed -e 's/.*\///')
 	if [  ${TEMP:0:3} = "dm-" -a -e /sys/block/$TEMP/dm/name ] ; then
 		TEMP=/dev/mapper/$(cat /sys/block/$TEMP/dm/name)
 	else
 		TEMP=/dev/$TEMP
 	fi
 	echo $TEMP
 }

 which readlink >/dev/null || fail "You need readlink (part of coreutils package)."
 which xxd >/dev/null || fail "You need xxd (part of vim package) installed to convert key."

 [ -z "$2" ] && fail "Recover LUKS header from active mapping, use:\n $0 crypt_mapped_device mk_file_name"

 DEVICE=$1
 MK_FILE=$2

 [ -z "$(field 4)" ] && fail "Mapping $1 not active or it is not crypt target."

 CIPHER=$(field 4)
 OFFSET=$(field 8)
 SYS_DEVICE=$(field 7)
 REAL_DEVICE=$(field_device $SYS_DEVICE)
 KEY=$(field 5)
 KEY_SIZE=$(( ${#KEY} / 2 * 8 ))
 SYS_UUID=$(field_uuid $DEVICE)
 UUID="${SYS_UUID:12:8}-${SYS_UUID:20:4}-${SYS_UUID:24:4}-${SYS_UUID:28:4}-${SYS_UUID:32:12}"

 #echo "CIPHER=$CIPHER OFFSET=$OFFSET SYS_DEVICE=$SYS_DEVICE REAL_DEVICE=$REAL_DEVICE KEY_SIZE=$KEY_SIZE KEY=$KEY UUID=$UUID SYS_UUID=$SYS_UUID"

 [ -z "$CIPHER" -o -z "$OFFSET" -o "$OFFSET" -le 383 -o \
 -z "$KEY" -o -z "$UUID" -o -z "$REAL_DEVICE" -o "${SYS_UUID:0:12}" != "CRYPT-LUKS1-" ] && \
 fail "Incompatible device, sorry."

 echo "Generating master key to file $MK_FILE."
 echo -E -n $KEY| xxd -r -p >$MK_FILE

 echo "You can now try to reformat LUKS device using:"
 echo "  cryptsetup luksFormat -c $CIPHER -s $KEY_SIZE --align-payload=$OFFSET --master-key-file=$MK_FILE --uuid=$UUID $REAL_DEVICE"
	#!/bin/bash

	# Try to get LUKS info and master key from active mapping and prepare parameters for cryptsetup.
	#
	# Copyright (C) 2010,2011,2012 Milan Broz <gmazyland@gmail.com>
	#
	# This copyrighted material is made available to anyone wishing to use,
	# modify, copy, or redistribute it subject to the terms and conditions
	# of the GNU General Public License v.2.
	#
	# You should have received a copy of the GNU General Public License
	# along with this program; if not, write to the Free Software Foundation,
	# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
	#
	umask 0077

	fail() { echo -e $1 ; exit 1 ; }
	field() { echo $(dmsetup table --target crypt --showkeys $DEVICE \| sed 's/.*: //' \| cut -d' ' -f$1) ; }
	field_uuid() { echo $(dmsetup info $1 --noheadings -c -o uuid) ; }
	field_device() {
	TEMP=$(readlink /sys/dev/block/$1 \| sed -e 's/.*\///')
	if [ ${TEMP:0:3} = "dm-" -a -e /sys/block/$TEMP/dm/name ] ; then
	TEMP=/dev/mapper/$(cat /sys/block/$TEMP/dm/name)
	else
	TEMP=/dev/$TEMP
	fi
	echo $TEMP
	}

	which readlink >/dev/null \|\| fail "You need readlink (part of coreutils package)."
	which xxd >/dev/null \|\| fail "You need xxd (part of vim package) installed to convert key."

	[ -z "$2" ] && fail "Recover LUKS header from active mapping, use:\n $0 crypt_mapped_device mk_file_name"

	DEVICE=$1
	MK_FILE=$2

	[ -z "$(field 4)" ] && fail "Mapping $1 not active or it is not crypt target."

	CIPHER=$(field 4)
	OFFSET=$(field 8)
	SYS_DEVICE=$(field 7)
	REAL_DEVICE=$(field_device $SYS_DEVICE)
	KEY=$(field 5)
	KEY_SIZE=$(( ${#KEY} / 2 * 8 ))
	SYS_UUID=$(field_uuid $DEVICE)
	UUID="${SYS_UUID:12:8}-${SYS_UUID:20:4}-${SYS_UUID:24:4}-${SYS_UUID:28:4}-${SYS_UUID:32:12}"

	#echo "CIPHER=$CIPHER OFFSET=$OFFSET SYS_DEVICE=$SYS_DEVICE REAL_DEVICE=$REAL_DEVICE KEY_SIZE=$KEY_SIZE KEY=$KEY UUID=$UUID SYS_UUID=$SYS_UUID"

	[ -z "$CIPHER" -o -z "$OFFSET" -o "$OFFSET" -le 383 -o \
	-z "$KEY" -o -z "$UUID" -o -z "$REAL_DEVICE" -o "${SYS_UUID:0:12}" != "CRYPT-LUKS1-" ] && \
	fail "Incompatible device, sorry."

	echo "Generating master key to file $MK_FILE."
	echo -E -n $KEY\| xxd -r -p >$MK_FILE

	echo "You can now try to reformat LUKS device using:"
	echo " cryptsetup luksFormat -c $CIPHER -s $KEY_SIZE --align-payload=$OFFSET --master-key-file=$MK_FILE --uuid=$UUID $REAL_DEVICE"