It's a stupid question. I'm such an idiot. My hard drives (internal hard drives) are encrypted with BitLocker. No passphrase is set and no 48-digit recovery password is set. The only key protector I have set is the recovery key file (.bek). But my USB stick does not appear to work properly, so BitLocker no longer reads and recognizes the keys. I have also checked the IDs. They are the right keys. I tried the key on a different USB stick with no success. I rather think that the key file is damaged / defective. The only thing I have are the full volume master keys (VMK / FVEK). Why do I have the complete volume master key? I manually extracted the keys with a hex editor from the hibernation file long time before. I printed out the complete master keys on a sheet of paper and also saved them in a file. Elcomsoft Forensic Disk Decryptor seems to be the right tool for my purposes. But I willl not spend € 299 for it. I tested the trial version. Perhaps here are a few experienced programmers? I just need a simple program where the full volume master key has to be an input, for example, in a text field as a parameter and when I click a button that the drive is decrypted with the volume master key. It must be possible. Elcomsoft Forensic Disk Decryptor is the only tool that meets my needs and that I could find. Does anyone here have any ideas? I am not an expert in programming. I tried the "Win32_EncryptableVolume" class with C#: https://msdn.microsoft.com/en-us/library/windows/desktop/aa376483%28v=vs.85%29.aspx
The problem is that these are the only methods to unlock a drive:
UnlockWithCertificateFile
Uses the provided certificate file to obtain the derived key and unlock the encrypted volume.
UnlockWithCertificateThumbprint
Uses the provided certificate thumbprint to obtain the derived key and unlock the encrypted volume.
UnlockWithExternalKey
Uses a provided external key to access the contents of a data volume.
UnlockWithNumericalPassword
Uses a numerical password provided to access the contents of a data volume.
UnlockWithPassphrase
Uses the passphrase to obtain the derived key. After the derived key is Calculated, the derived key is used to unlock the encrypted volume's master key.
I need something like "UnlockWithVolumeMasterKey"
"Uses a provided FVEK to access the contents of a data volume."
I have also tried the method "UnlockWithExternalKey". But I get corresponding return codes / values / error codes.
https://msdn.microsoft.com/de-de/library/windows/desktop/aa376481%28v=vs.85%29.aspx
Thank you for your help in advance.
I don't think this is possible? From my understanding, the VMK is encrypted with the key protector (PIN, External Key, Certificate etc.) so therefore you need a key protector to decrypt the VMK, to decrypt the FVEK, to decrypt the disk.