Support for recovering the 48-digit recovery password.

bdetools/bdeinfo.c

@@ -34,6 +34,10 @@
 #include <stdlib.h>
 #endif
 
+#if defined( WINAPI )
+#include <io.h>
+#endif
+
 #include "bdetools_getopt.h"
 #include "bdetools_libbde.h"
 #include "bdetools_libcerror.h"

bdetools/info_handle.c

@@ -1127,7 +1127,7 @@ int info_handle_open(
 
 		if( bdetools_prompt_for_password(
 		     stdout,
-		     "Password",
+		     _SYSTEM_STRING( "Password" ),
 		     password,
 		     64,
 		     error ) != 1 )
@@ -2021,6 +2021,28 @@ int info_handle_volume_fprint(
 			 "\n" );
 		}
 	}
+	{
+		uint8_t recovered_recovery_password[ 56 ];
+
+		if( libbde_volume_get_utf8_recovered_recovery_password(
+		     info_handle->volume,
+		     recovered_recovery_password,
+		     56,
+		     error ) == 1 )
+		{
+			if( recovered_recovery_password[ 0 ] != 0 )
+			{
+				fprintf(
+				 info_handle->notify_stream,
+				 "\tRecovered recovery password:\t%s\n",
+				 recovered_recovery_password );
+			}
+		}
+		memory_set(
+		 recovered_recovery_password,
+		 0,
+		 56 );
+	}
 	return( 1 );
 
 on_error:

include/libbde.h.in

@@ -398,6 +398,18 @@ int libbde_volume_get_utf16_description(
      size_t utf16_string_size,
      libbde_error_t **error );
 
+/* Retrieves the UTF-8 string value of the recovered recovery password
+ * The recovered recovery password is derived from the VMK after successful unlock
+ * The size should include the end of string character
+ * Returns 1 if successful, 0 if not or -1 on error
+ */
+LIBBDE_EXTERN \
+int libbde_volume_get_utf8_recovered_recovery_password(
+     libbde_volume_t *volume,
+     uint8_t *utf8_string,
+     size_t utf8_string_size,
+     libbde_error_t **error );
+
 /* Retrieves the number of volume master key protectors
  * Returns 1 if successful or -1 on error
  */

libbde/libbde_metadata.c

@@ -2265,6 +2265,8 @@ int libbde_metadata_read_full_volume_encryption_key(
      size_t full_volume_encryption_key_size,
      uint8_t *tweak_key,
      size_t tweak_key_size,
+     uint8_t *vmk_bytes_out,
+     size_t vmk_bytes_out_size,
      libcerror_error_t **error )
 {
 	uint8_t *unencrypted_data      = NULL;
@@ -2390,6 +2392,28 @@ int libbde_metadata_read_full_volume_encryption_key(
 
 		return( -1 );
 	}
+	if( vmk_bytes_out == NULL )
+	{
+		libcerror_error_set(
+		 error,
+		 LIBCERROR_ERROR_DOMAIN_ARGUMENTS,
+		 LIBCERROR_ARGUMENT_ERROR_INVALID_VALUE,
+		 "%s: invalid VMK bytes out.",
+		 function );
+
+		return( -1 );
+	}
+	if( vmk_bytes_out_size < 32 )
+	{
+		libcerror_error_set(
+		 error,
+		 LIBCERROR_ERROR_DOMAIN_ARGUMENTS,
+		 LIBCERROR_ARGUMENT_ERROR_VALUE_TOO_SMALL,
+		 "%s: invalid VMK bytes out value too small.",
+		 function );
+
+		return( -1 );
+	}
 	unencrypted_data_size = metadata->full_volume_encryption_key->data_size;
 
 	if( ( unencrypted_data_size == 0 )
@@ -2583,6 +2607,20 @@ int libbde_metadata_read_full_volume_encryption_key(
 
 				goto on_error;
 			}
+			if( memory_copy(
+			     vmk_bytes_out,
+			     &( unencrypted_data[ 28 ] ),
+			     32 ) == NULL )
+			{
+				libcerror_error_set(
+				 error,
+				 LIBCERROR_ERROR_DOMAIN_MEMORY,
+				 LIBCERROR_MEMORY_ERROR_COPY_FAILED,
+				 "%s: unable to copy VMK bytes out.",
+				 function );
+
+				goto on_error;
+			}
 			result = 1;
 		}
 		else if( ( encryption_method == LIBBDE_ENCRYPTION_METHOD_AES_128_CBC_DIFFUSER )

libbde/libbde_metadata.h

@@ -169,6 +169,8 @@ int libbde_metadata_read_full_volume_encryption_key(
      size_t full_volume_encryption_key_size,
      uint8_t *tweak_key,
      size_t tweak_key_size,
+     uint8_t *vmk_bytes_out,
+     size_t vmk_bytes_out_size,
      libcerror_error_t **error );
 
 int libbde_metadata_get_volume_identifier(