search

pajowu / signal-backup-decode

Decode Signal Backups
GNU General Public License v3.0
217 stars 18 forks source link

Support new backup file format #60

Open pascalgn opened 1 year ago

pascalgn commented 1 year ago

Fixes #58

I updated the Backups.proto file from here: https://github.com/signalapp/Signal-Android/blob/c6473ca9e63236af3eae9959a50cfa643d53272e/app/src/main/protowire/Backups.proto

I changed it so that the length is decrypted. However, the decryption wasn't straightforward, because the length is not a separate block, so I had to adapt the existing decrypt function a bit

Decryption in Signal:

      int frameLength;
      if (BackupVersions.isFrameLengthEncrypted(version)) {
        mac.update(length);
        // this depends upon cipher being a stream cipher mode in order to get back the length without needing a full AES block-size input
        byte[] decryptedLength = cipher.update(length);
        if (decryptedLength.length != length.length) {
          throw new IOException("Cipher was not a stream cipher!");
        }
        frameLength = Conversions.byteArrayToInt(decryptedLength);
      } else {
        frameLength = Conversions.byteArrayToInt(length);
      }

https://github.com/signalapp/Signal-Android/commit/c6473ca9e63236af3eae9959a50cfa643d53272e#diff-cf445f7d302fb0629f925b7cf39cb340defe74a485bb7756159c6c9c86b31c0f

pajowu commented 1 year ago

🫶 thanks for digging into this and creating a PR. I’ll try to test it as soon as possible, but since i’m at ccc-camp, this might not be until next week. If you didn’t hear anything back until end of next week, please ping me

ribbons commented 1 year ago

From me instead of @pascalgn and a bit more than a week later but here's a gentle nudge :smile:

SloppyPuppy commented 1 year ago

Plz someone merge a fix for this, pascalgn patch works, just need to run cargo update so the build doesn't fail.

RndUsername commented 1 year ago

@pajowu ping...

frans-fuerst commented 1 year ago

For me the change works for newer backup files but older fail (for different reasons):

path/to/signal-backup-decode/target/debug/signal-backup-decode -f /path/to/signal-2021-08-27-09-11-17.backup --password-file /path/to/pw-file
16:32:35 [INFO] Output path: signal-2021-08-27-09-11-17
16:32:35 [INFO] Input file: /path/to/signal-2021-08-27-09-11-17.backup
             Bytes read: [00:00:06] [--------------------------------------------------] 0B/2.15GB
Read vs. written frames: [00:00:06] [--------------------------------------------------]     0/1    
16:32:43 [ERROR] failed to fill whole buffer.
path/to/signal-backup-decode/target/debug/signal-backup-decode -f /path/to/signal-2023-02-10-00-34-13.backup --password-file /path/to/pw-file
16:33:07 [INFO] Output path: signal-2023-02-10-00-34-13
16:33:07 [INFO] Input file: /path/to/signal-2023-02-10-00-34-13.backup
thread '<unnamed>' panicked at /home/frans/.cargo/registry/src/index.crates.io-6f17d22bba15001f/openssl-0.10.32/src/symm.rs:597:13:
assertion failed: output.len() <= c_int::max_value() as usize
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
Read vs. written frames: [00:00:40] [--------------------------------------------------]     0/1   
[RUNS FOREVER]

Both files worked with the main version of signal-backup-decode, which doesn't work with recent backup files.

Note: I had to change 

openssl = "^0.10"

to

openssl = { version = "0.10", features = ["vendored"] }

in Cargo.toml to make cargo build run, see https://stackoverflow.com/questions/65553557/why-rust-is-failing-to-build-command-for-openssl-sys-v0-9-60-even-after-local-in#comment118424959_65554916

pajowu commented 1 year ago

This raises a good point, can we detect older files and use an old version.

PS: I’m still following the discussion but didn’t get to test yet

frans-fuerst commented 1 year ago

@pajowu : you might also have a look at https://github.com/pajowu/signal-backup-decode/issues/63 and my comment https://github.com/pajowu/signal-backup-decode/issues/63#issuecomment-1784071366 I didn't have a look at the actual change but it works for older (2019) and recent files

lapseofreason commented 1 year ago

@pajowu You might want to check out https://github.com/mossblaser/signal_for_android_decryption/pull/6 on how to detect older versions. According to @frans-fuerst it works for older versions.

I in turn used the info on this PR to implement it.

pascalgn commented 1 year ago

I should've made it a bit clearer, but I'm not really a Rust expert, so this PR was only intended as a proof of concept.

I've now added some more code, to check the backup file version and run the according decryption logic. However, I don't have any old backup files either, so I cannot really test it. I hope it works.

flberger commented 7 months ago

It's been 5 months, any chance of getting this merged and released? I am still unable to decrypt my backups with the latest official release.

THEnterprises commented 7 months ago

Let's try to be more patient. This repo is owned by one person, who does this in their spare time. If you're desperate for the merge, then fork it and merge on your fork.

Let's stop contributing to an environment that takes advantage of people who are overworked and unpaid volunteers. Not only does that make it easier for stuff like this to happen, it's just wrong, in and of itself.

ivystopia commented 1 month ago

This branch is working, but to get it to build on Ubuntu 22.04 I had to modify Cargo.toml to build openssl from source, instead of relying on libssl-dev from apt:

-openssl = "^0.10"
+openssl = { version = "0.10", features = ["vendored"] }