OK, I've been digging in to this a bit more, and am now sufficiently confident that the first 592 bytes doesn't contain any actual key material (though please let me know if you think I'm wrong!), so I'm going to include that dump at the end of this mail so that others can take a look at it if they'd like. Some things to note however: -the grub-related ascii string is at offset 17F through 19E. The corruption is possibly (probably?) larger than that - that range is just the portion that's legible ascii text)... but this means that restoring just the first 104 bytes from the loop device doesn't look like it'd be sufficent. -according to the on-disk format document, the keyslots start at offset 208, each slot 48 bytes long, the first 4 bytes of which are a unit32_t, indicating the enabled/disabled status of the slot, and should be set to either LUKS_KEY_ENABLED or LUKS_KEY_DISABLED (magic contstants defined in the doc). At keyslot 1 (offset 208) these bytes are zeroed (part of a largish range of zeros which are probably part of what grub overwrote). Keyslots 2-5 have non-zero values not matching either of the magic consts in their enabled fields. At keyslot 6, things start to look OK, with the DISABLED const (0x0000DEAD) in their enabled status field. So it would seem that my keyslots 1-5, and *possibly* some portion prior to the keyslots, is corrupted, but from keyslot 6 on is good data. Unfortunately, keyslot 1 is the only one that was actually in use. But since the keyslot structs don't contain the actual key material, just metadata and an offset to the key material (after the keyslots) this would seem to suggest that my actual key material is intact, I just need to figure out where it is. Assuming I can do that, would my key material be usable without the associated keyslot stuct, or is there some metadata in there which is necessary? I see that there's a salt parameter stored in the keyslot struct.... is that something that if I don't have, I'm screwed? If someone could check my work and verify that the above is correct, that would be really helpful, since I'm a totaly newbie with a hex editor. Here's the hexdump output Arno asked for originally.... not sure if this list accepts attachments, if it does, I'm also including a dd dump of the top 1k of the device 0000000 48eb 5390 beba 0100 6561 0073 0000 0000 0000010 0000 0000 0000 0000 0000 0000 0000 0000 0000020 0000 0000 0000 0000 6263 2d63 7365 6973 0000030 3a76 6873 3261 3635 0000 0000 0000 0203 0000040 00ff 8000 3f3d 013a 0800 90fa f690 80c2 0000050 0275 80b2 59ea 007c 3100 8ec0 8ed8 bcd0 0000060 2000 a0fb 7c40 ff3c 0274 c288 be52 7d7f 0000070 34e8 f601 80c2 5474 41b4 aabb cd55 5a13 0000080 7252 8149 55fb 75aa a043 7c41 c084 0575 0000090 e183 7401 6637 4c8b be10 7c05 44c6 01ff 00000a0 8b66 441e c77c 1004 c700 0244 0001 8966 00000b0 085c 44c7 0006 6670 c031 4489 6604 4489 00000c0 b40c cd42 7213 bb05 7000 7deb 08b4 13cd 00000d0 0a73 c2f6 0f80 ea84 e900 008d 05be c67c 00000e0 ff44 6600 c031 f088 6640 4489 3104 88d2 00000f0 c1ca 02e2 e888 f488 8940 0844 c031 d088 0000100 e8c0 6602 0489 a166 7c44 3166 66d2 34f7 0000110 5488 660a d231 f766 0474 5488 890b 0c44 0000120 443b 7d08 8a3c 0d54 e2c0 8a06 0a4c c1fe 0000130 d108 6c8a 5a0c 748a bb0b 7000 c38e db31 0000140 01b8 cd02 7213 8c2a 8ec3 4806 607c b91e 0000150 0100 db8e f631 ff31 f3fc 1fa5 ff61 4226 0000160 be7c 7d85 40e8 eb00 be0e 7d8a 38e8 eb00 0000170 be06 7d94 30e8 be00 7d99 2ae8 eb00 47fe 0000180 5552 2042 4700 6f65 006d 6148 6472 4420 0000190 7369 006b 6552 6461 2000 7245 6f72 0072 00001a0 01bb b400 cd0e ac10 003c f475 00c3 0000 00001b0 0000 0000 0000 0000 0000 0802 0000 a00f 00001c0 0000 adde 0000 0000 0000 0000 0000 0000 00001d0 0000 0000 0000 0000 0000 0000 0000 0000 00001e0 0000 0000 0000 0000 0000 8802 0000 a00f 00001f0 0000 adde 0000 0000 0000 0000 0000 aa55 0000200 0000 0000 0000 0000 0000 0000 0000 0000 0000210 0000 0000 0000 0000 0000 0803 0000 a00f 0000220 0000 adde 0000 0000 0000 0000 0000 0000 0000230 0000 0000 0000 0000 0000 0000 0000 0000 0000240 0000 0000 0000 0000 0000 8803 0000 a00f 0000250 6096 85e2 52e9 cdb4 d982 46de af91 cd79 0000260 19ed d82e dc38 d956 cb2e 28fd e4b2 79e6 0000270 9f9e 46f6 7739 ec32 bd91 83c1 6272 dd9f 0000280 d9ea cf7e 647b 7cea cb0c e36d 774c f2ac 0000290 ccb6 bb20 7d2a ce83 5e4e cdf7 0e4f f72d 00002a0 d28e e970 0acf cae9 e673 bba9 94eb e392 00002b0 1789 b1c0 f4a3 584a ab61 c4d5 f1ed 118b 00002c0 3934 4fa3 d5f2 262d 2195 d58f a1d3 81d1 00002d0 906c f45c 688d 3e9e b9f9 3712 7153 fdb0 00002e0 f4fd 1666 466f f896 6c27 9903 7991 bd3b 00002f0 8669 bb80 426f b7a6 e524 62fe 34eb 44d3 0000300 72d7 2001 3831 1acf f1ea 5d92 afe6 f48d 0000310 8946 d5a4 73da b754 1059 6af3 3805 1a8a 0000320 d84a daea 5edd e4dc dfd1 a75b d679 ea24 0000330 8df5 87d8 36a3 e79b 6f14 393d b72e 626d 0000340 4d43 6f4f 0a75 a5f3 684c ad04 18b7 0e1c 0000350 4309 f36e 9238 1923 d016 1b23 6ce3 b470 0000360 f0fb 5821 a65a 71ef 6a9b 4b72 7622 9397 0000370 1672 c45c 61d8 2088 5346 35b0 9efc aa9d 0000380 57fb c6a3 32c4 0d57 6e4b 337b f6f4 deab 0000390 9ef7 fec2 bb32 20c7 a4bf a785 22fc 9da1 00003a0 b33f edba 9a11 64b4 3bd2 ad5c a655 627e 00003b0 bf76 fbc7 9ec3 b8d8 45c2 52a7 5521 81c0 00003c0 96b5 a6f5 116f c249 9b5c d45b 627d 7372 00003d0 a349 d659 6ecf 64b7 abc9 d8c5 b991 094b 00003e0 cada f6fe a8a5 7b75 c41b 8007 66b6 d5a9 00003f0 dbb8 aa7f ab77 910c cc29 dfd1 f626 7166 0000400 7472 ce3a 4d72 d92d c7da 8d34 95ad c032 0000410 16dd cee2 dae2 378c 484d 2452 b34d 7113 0000420 7876 6935 4039 779e 69b1 b6f4 bc67 8d8f 0000430 d752 f4dd 8c9c 7b81 dc6e 4ce7 8d5c 25f6 0000440 c29a 2956 d31e 76fc 500e be17 3fc2 a4ee 0000450 5a44 b931 5767 b99c a91b bbb9 2ea6 664b 0000460 18f1 4c6f a7ba 1ed7 9ea7 c12f 6384 ddef 0000470 9952 b8dd 6833 3f9d 5459 60da cc69 7ed1 0000480 c48c 5722 8edf 05b1 d7db 9a03 d29e df90 0000490 fcf2 69fd 5584 f9a3 6d14 899e cf3b b466 00004a0 1fd6 613a f7ad a971 b66d 42a8 2656 e3ee 00004b0 3719 d453 9994 47d0 2fde ec7b 4a29 6398 00004c0 c63b b9d6 3962 3db1 05ef bd25 0d4a fae1 00004d0 5b9b 565a 06c3 efe5 4661 15a7 f2ca 29a6 00004e0 229c bcf6 0b37 7d3c d7b0 4532 69d8 ad62 00004f0 8527 4889 4e22 d346 d2ec 46c6 d392 c129 0000500 c8c6 5ae3 b72f b2dd d20e 8dec 1fc6 5acc 0000510 6825 d5ff 1d4c 72fe da46 93b8 1a26 9174 0000520 99bd 13cb 2b57 5ac9 d9e3 0552 34eb b68c 0000530 75dc 9136 65d0 74cd 0ef3 2978 f840 79c4 0000540 622b db87 26a2 2e35 dadb 6ebd 4ef7 89dc 0000550 9113 7d33 8f60 c96d f976 cf98 9a2c bb47 0000560 79b9 9591 3ad1 94a7 9c69 156c abe4 b991 0000570 da1a b183 d884 5d98 9339 c1b6 66b5 7451 0000580 3c81 7772 45ba d699 d646 d8b7 9469 98c3 0000590 ee2b 39ac 3188 7782 7153 c366 0bb2 bfff 00005a0 6531 c693 9502 5d89 e5cc 05dd ae8b fb86 00005b0 d44d bfe0 6686 ac1c f1d7 cecd 4f44 4f30 00005c0 193c da62 dd9d 34e6 65a7 ab91 ac0a 3b29 00005d0 d4cc bec1 ee9e afd5 65f9 99ed bc91 a3ac 00005e0 8b90 8d9b 6b4e 6d0b ea17 dbdc c92c 3b67 00005f0 78b5 04bb 67af ce65 7acb 71ca 1aa2 34d2 0000600 12ec 11df cd91 ba26 0dd0 278e 2d6d 2144 0000610 2131 0df4 d220 58cc d58b 30ae 36ba c29e 0000620 f2c1 666c 683b 9caf 265e 61ce 2445 0a75 0000630 6225 9e53 9ede 6b38 c699 2758 9bf7 48fd 0000640 4069 4a1a d119 4517 5950 3382 a3a4 74a7 0000650 949d 2963 3d80 8b37 fb2e 1ae1 49af cbe8 0000660 a1a3 dd31 7982 44fa d9c8 3c2d f048 8c65 0000670 1f23 567f cddb 7ae6 da44 9bb4 7713 c941 0000680 bc37 a8d9 45e3 eea2 d0c6 1aef 57d9 a3dd 0000690 c62e cdb9 6a22 d98b 736b ca8b b68f c134 00006a0 edfd 5ead b627 38b7 33dc f137 5bbe 6492 00006b0 9151 76b6 cad9 9f48 e46e 8393 cdbe ab5b 00006c0 df18 0524 2d46 b166 9875 d580 1c16 1dd1 00006d0 5dd0 3ba5 dbcc 9d4f f987 73fd ebe1 3871 00006e0 c3af 1138 7a42 4f9e 4fd8 a903 3ae2 084e 00006f0 10cb 5b30 e6bc 2b37 2155 0b2b 1b6f 1849 0000700 69e9 ceb8 d548 f0ac 41ce 44d5 dd2c b502 0000710 262f 9755 c464 566a 1bb9 569b 7eec 33b3 0000720 4626 86f8 6f75 679b 3495 541e ea57 0e6a 0000730 4dd3 8c63 6c63 5063 bf76 3646 59f3 b5f0 0000740 092b 6bb1 5139 3011 69d9 0c4b 3da5 537f 0000750 f1f4 cbef ad37 a955 aee7 ace1 e895 ed61 0000760 9a04 706a 2871 2f94 96c1 5b32 366b 7e81 0000770 cec8 4ae6 dbbb 766d 85b3 19b5 06f8 c96c 0000780 c16d 191f c45c 55ad 03da 9b99 ff32 9da5 0000790 d638 39fb d413 999c 5308 88f3 5958 a0b0 00007a0 45af de92 bca6 850e bafb 9299 cba1 b9d8 00007b0 f9db 1d58 652f 1196 9dcb 8d6b d46c ccfd 00007c0 cda9 b34f 3563 ca8d b591 3ad7 d9dd 8172 00007d0 326e dcd8 bfe2 67ff 8ab8 ad54 5b3b cecb 00007e0 ca22 edb9 abec bbc5 5adc d8ea 9ade fbdd 00007f0 5d7c 4668 28fe 50e1 e59e eefd b276 6bb7 0000800 5d0d 2019 96c3 e565 75d6 6fb8 70bc a9d6 0000810 9a16 b8e9 d34a a7f5 17d1 8f2e 40d3 b4a6 0000820 5751 79c1 d4e3 38bd 4cd0 613f de7e 2d35 0000830 91bc b48d 7e62 84ad 01ed e030 fcb4 056e 0000840 f8d1 824e 00c9 0000 0a00 2722 0000 29c0 0000850 0000 0028 0fc5 0c0e 80bb fd79 2de7 06ef 0000860 046b cfa4 b35d 5a2d 9615 2eda 6b77 54ca 0000870 f5b3 f29a 4b38 4250 849a 8dd3 470f 82fd 0000880 af07 863d 15a2 73c8 e2b4 5000 f062 1160 0000890 a414 4064 7a11 d678 3516 af51 86da 6182 00008a0 bb99 f676 059d b4ad d5ee 20fc 2412 7255 00008b0 5626 26cf c9ec de76 0147 0ce6 2285 dd92 00008c0 6c8d a9ce a0b2 250e 285c b24d ab97 19f3 00008d0 cbd2 db65 14cb 5adc 9ddd bf34 c20d 4520 00008e0 cb4e a555 f61d 2ee6 978b d596 2baa 4ec0 00008f0 ca6c cd95 2cb3 bfa8 4c95 3bef 15e1 b27a 0000900 1002 4b36 50d9 7dac fd38 ed25 2dbf ebad 0000910 bb59 d59b 7b2a f5ce b461 ddf2 5788 1c5e 0000920 3d3e 8d65 df6b d267 5eeb 26d6 b52e a9de 0000930 c8cb 0bb2 b829 fb8c 1c6b 2050 ca35 bd09 0000940 3bb9 6f27 b178 5ba1 6dd9 3697 8be5 c0f2 0000950 c2ca 0523 1b7b 3f99 9997 a26e 5643 0423 -- Kevin Bowen kevin@xxxxxxxx
--------------------------------------------------------------------- dm-crypt mailing list - http://www.saout.de/misc/dm-crypt/ To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx For additional commands, e-mail: dm-crypt-help@xxxxxxxx
