eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-13 20:00:08 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix luks-header-from-active to not require header on device and add UUID setting.

Browse Source
This commit is contained in:
Milan Broz
2012-06-19 14:43:10 +02:00
parent 96f31a2cff
commit c4a533c3d5
1 changed files with 26 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
misc/luks-header-from-active
View File

@@ -2,7 +2,7 @@
# Try to get LUKS info and master key from active mapping and prepare parameters for cryptsetup. # Try to get LUKS info and master key from active mapping and prepare parameters for cryptsetup.
# #
# Copyright (C) 2010,2011 Milan Broz <asi@ucw.cz> # Copyright (C) 2010,2011,2012 Milan Broz <asi@ucw.cz>
# #
# This copyrighted material is made available to anyone wishing to use, # This copyrighted material is made available to anyone wishing to use,
# modify, copy, or redistribute it subject to the terms and conditions # modify, copy, or redistribute it subject to the terms and conditions
@@ -12,11 +12,22 @@
# along with this program; if not, write to the Free Software Foundation, # along with this program; if not, write to the Free Software Foundation,
# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. # Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
# #
umask 0077
fail() { echo -e $1 ; exit 1 ; } fail() { echo -e $1 ; exit 1 ; }
field() { echo $(dmsetup table --target crypt --showkeys $DEVICE | sed 's/.*: //' | cut -d' ' -f$1) ; } field() { echo $(dmsetup table --target crypt --showkeys $DEVICE | sed 's/.*: //' | cut -d' ' -f$1) ; }
field_cryptsetup() { echo $(cryptsetup status $DEVICE | grep $1 | sed "s/.*$1:\s*//;s/\ .*//") ; } field_uuid() { echo $(dmsetup info $1 --noheadings -c -o uuid) ; }
field_device() {
TEMP=$(readlink /sys/dev/block/$1 | sed -e 's/.*\///')
if [ ${TEMP:0:3} = "dm-" -a -e /sys/block/$TEMP/dm/name ] ; then
TEMP=/dev/mapper/$(cat /sys/block/$TEMP/dm/name)
else
TEMP=/dev/$TEMP
fi
echo $TEMP
}
which readlink >/dev/null || fail "You need readlink (part of coreutils package)."
which xxd >/dev/null || fail "You need xxd (part of vim package) installed to convert key." which xxd >/dev/null || fail "You need xxd (part of vim package) installed to convert key."
[ -z "$2" ] && fail "Recover LUKS header from active mapping, use:\n $0 crypt_mapped_device mk_file_name" [ -z "$2" ] && fail "Recover LUKS header from active mapping, use:\n $0 crypt_mapped_device mk_file_name"
@@ -26,20 +37,23 @@ MK_FILE=$2
[ -z "$(field 4)" ] && fail "Mapping $1 not active or it is not crypt target." [ -z "$(field 4)" ] && fail "Mapping $1 not active or it is not crypt target."
# FIXME: CIPHER=$(field 4)
# - add UUID OFFSET=$(field 8)
# - check for CRYPT-LUKS1-* DM-UUID SYS_DEVICE=$(field 7)
REAL_DEVICE=$(field_device $SYS_DEVICE)
CIPHER=$(field_cryptsetup cipher)
OFFSET=$(field_cryptsetup offset)
REAL_DEVICE=$(field_cryptsetup device)
KEY_SIZE=$(field_cryptsetup keysize)
KEY=$(field 5) KEY=$(field 5)
KEY_SIZE=$(( ${#KEY} / 2 * 8 ))
SYS_UUID=$(field_uuid $DEVICE)
UUID="${SYS_UUID:12:8}-${SYS_UUID:20:4}-${SYS_UUID:24:4}-${SYS_UUID:28:4}-${SYS_UUID:32:12}"
[ -z "$CIPHER" -o -z "$OFFSET" -o "$OFFSET" -le 383 -o -z "$KEY" ] && fail "Incompatible device, sorry." #echo "CIPHER=$CIPHER OFFSET=$OFFSET SYS_DEVICE=$SYS_DEVICE REAL_DEVICE=$REAL_DEVICE KEY_SIZE=$KEY_SIZE KEY=$KEY UUID=$UUID SYS_UUID=$SYS_UUID"
[ -z "$CIPHER" -o -z "$OFFSET" -o "$OFFSET" -le 383 -o \
-z "$KEY" -o -z "$UUID" -o -z "$REAL_DEVICE" -o "${SYS_UUID:0:12}" != "CRYPT-LUKS1-" ] && \
fail "Incompatible device, sorry."
echo "Generating master key to file $MK_FILE." echo "Generating master key to file $MK_FILE."
echo -E -n $KEY| xxd -r -p >$MK_FILE echo -E -n $KEY| xxd -r -p >$MK_FILE
echo "You can now try to reformat LUKS device using:" echo "You can now try to reformat LUKS device using:"
echo " cryptsetup luksFormat -c $CIPHER -s $KEY_SIZE --align-payload=$OFFSET --master-key-file=$MK_FILE $REAL_DEVICE" echo " cryptsetup luksFormat -c $CIPHER -s $KEY_SIZE --align-payload=$OFFSET --master-key-file=$MK_FILE --uuid=$UUID $REAL_DEVICE"