Decrypt files

[nettnikl]

Currently more of an investigation than actual implementation..

[nettnikl]

As the file backups are stored in protobufs, can we include the proto files here? https://github.com/seedvault-app/seedvault/tree/android13/storage/lib/src/main/proto https://github.com/seedvault-app/seedvault/blob/8bea1be06067eda9c18d984f94f6b1787f2e9614/LICENSE

[jackwilsdon]

Thanks for starting on this! I've already written some code which I haven't pushed up yet, and it seems like we're both on the same track.

I think some refactoring of how the tool is used is in order - maybe we start accepting a path to a whole .SeedVaultAndroidBackup directory and we just extract every backup we find in there? This would let us discover the .sv folders too then.

It does look like we might have to include the .proto files (and the generated Go code for them), but it's a bit less than ideal. I'm going to have a try at parsing the binary data manually, as it doesn't seem like those protobufs have many fields.

[nettnikl]

Some refactoring would help to not duplicate code, fully agree with you. I'm gonna try to make this feature work first though - unless your local branch already has this, then i'd start with refactoring now.

[jackwilsdon]

I haven't started parsing the decrypted metadata yet - I'd be great if you could make a start on that, thank you!

[nettnikl]

Had trouble with the keys derivation for file chunks... Will have to look at it again later, maybe you can spot an obvious issue. Interesting code: https://github.com/seedvault-app/seedvault/blob/8bea1be06067eda9c18d984f94f6b1787f2e9614/storage/lib/src/main/java/org/calyxos/backup/storage/crypto/StreamCrypto.kt#L37

[norpol]

Really cool, just tried it out and works!

What would be nice if you could include it is preserving file-modification/creation dates, at the moment all the files have Access, Modify, Change, Birth at the same second.

[myths-zero]

@nettnikl Nice work! I tried to decrypt my backup, but got a message error: multi chunk files are not supported yet.

[nettnikl]

Thanks! Yeah, that's right.

Bigger files are split into chunks and have to be merged together from the encrypted backup chunks first.

As far as i remember, i didnt implement it, yet. I wasn't sure whether it would be helpful for anyone but me, and i was able to retreive all files taht mattered. For me, the only big files were some APKs for apps i didn't bother copying from the backup. I'll see whether i have some alpha grade code in the repo locally later, and if i have, push it - but don't count on it.

[mirko]

Since I'm very eager to use it to get to my locally backed up identities for various messengers, I just gave it a try - and ran into the following:

$ ./seedvault-extractor/release/seedvault-extractor-linux-amd64 .SeedVaultAndroidBackup/22371d82XXXXXXXX.sv/ "[..]"

storedSnapshots:
panic: runtime error: index out of range [-1]

goroutine 1 [running]:
main.extractFileBackup({0x7ffcfaca5652, 0x2c})
    github.com/jackwilsdon/seedvault-extractor/cmd/extract/main.go:132 +0xefc
main.main()
    github.com/jackwilsdon/seedvault-extractor/cmd/extract/main.go:47 +0xb9

[crass]

I'm currently fully decrypting all V1 backup data via my fork of seedvault_backup_parser, here. It might be useful in figuring out what you're missing for multi-chunk files. A point of clarification, the backed up APKs are not encrypted, only the APK name is encrypted. The metadata contains the hash of the APK, so you know it hasn't been modified/corrupted.