-
Notifications
You must be signed in to change notification settings - Fork 15
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
add support new backup format #14
Comments
@chirayudesai says:
@grote says:
here's the tink library: https://pypi.org/project/tink/ |
seedvault-app/seedvault#383 will be helpful for testing this change |
i have access to a reference backup now and am working on a python-tink based decryption tool. traveling for the next few weeks, so not a ton of time to allocate, but making slow steady progress. |
@khimaros please add me t o list of people waiting for an updated tool. I accidently erased several people from my contacts. I'm hoping I can extract just those contacts from backup once it is decrypted. The only other alternative I cxan think of would involve backing up my device, restoring the seed vault I've preserved, extracting the missing contact records, and followed by a restoration of the backup I made at the beginning. But this doesn't seem like a great option given a) the time involved, and b) the likelihood that something will go wrong. |
Did you ever managed to do this? If not, have you anything to help me? |
Hey @khimaros, could it be an option to share your current progress? I think there are many people interested in this, maybe we could help with testing. |
I've just finished writing a tool to extract v1 backups - it's available here: https://github.com/jackwilsdon/seedvault-extractor Feel free to open an issue or start a discussion if you need any help! |
@jackwilsdon this is excellent! thank you for your efforts! i'll test this out. what are the main challenges for supporting KV extraction? |
I think implementing KV support should be pretty straightforward - it appears that it might just be an encrypted gzip'd SQLite database looking at KVRestore.kt. I'll see if I can find some time over the next few days to add it. |
It ended up being simple enough to dump the SQLite database to disk, so I've gone ahead and implemented it in jackwilsdon/seedvault-extractor@e2875f7. Ideally it'd be exported in a more user-friendly format (JSON?), but this is at least a start. |
@jackwilsdon dumping the sqlite database seems adequate to me! it's easy enough to use other tools to export sqlite into a csv, json, or other format. i tested that changelist against a reference backup provided by the seedvault team and it seemed to work! at least, i was able to select some rows from kv_entry and some of them were human readable. the reference backup i'm referring to was originally uploaded to a git repo with restricted access. @chirayudesai -- is it okay if i upload a tarball and link it here? i think it would be generally useful to others. |
Thanks @jackwilsdon , glad to see this!
I'd prefer it not be, it likely doesn't have any PII but I'd rather be safe than sorry. What we can do is just create a backup from an emulator and that should be ok to share. The git repo idea also didn't work because I tried to put some data on it and that quickly exceeded GitHub LFS limits, but maybe we can use releases. |
I'm setting up a new device on LineageOS 20 with Seedvault to try and diagnose jackwilsdon/seedvault-extractor#2 - I'm happy to upload a new backup here once I've confirmed it is valid. |
@jackwilsdon that sounds great! i'd be happy to help build a test harness that compares the golden data to the data extracted by your tool. so if you can grab both the full sdcard contents as well as the seedvault backup, that will be very helpful! |
Backup (including storage): SeedVaultAndroidBackup.zip |
@jackwilsdon this is a great start, but hard to write tests against this unless we also have the golden scard data that the backup was generated from (everything in the emulated storage device). not urgent, but would be helpful for development i reckon. |
Would an |
Include link to related project, to clear up misexpectations as in tlambertz#14
I actually did
Yes, I pushed a couple random images, took some screenshots (including of the recovery code :D), etc. |
After a fresh reset, I took a few screenshots as you suggested and backed up apps and storage. Here is The backup can be found at I've tested restoring this backup after another reset and it appears to restore settings and files just fine 👍 |
I don't think we really need the unencrypted data (if the decryption is verifying authentication tags, as it should). When using tink's |
PR #16 is able to fully decrypt this backup. There are actually 3 files in the storage: @ladar, @Adri-Fa, @nettnikl: Check out this PR and see if it works for you. |
Hey, have not gone fully through in detail, as its quite the bump in functionality, but what ive seen looks good. Sorry for being a bit paranoid, but can we maybe use known (used in public, hashsum known) test images? The recent xz security issue has shown again how risky any blobs, even just in unit tests, are. Maybe just the Lenna image from wikipedia or something similar? What do you say @khimaros ? |
Perhaps I misunderstand you or I'm misunderstood. I understand you to be worried about the test backup posted by @jackwilsdon. To be clear I don't really care about people testing my code against that. I've already done it and am confident that its fine. One the otherhand, because any test backup will be encrypted, how do you know for sure what's inside before decrypting it? Even if someone else says is good? I'm more interested in people testing against there own backups to catch any missed corner cases (eg it looks like @khimaros may have found one as mentioned in the PR). As far as my code it concerned there are no binary blobs introduced and I never execute any code from the backup, so the xz-style attack doesn't really apply. All my code is python source, so for there to be an exploit issues they would have to take advantage of bugs in the Python interpreter or dependencies, which would likely required 0-days. Please correct me if you meant something else. |
Hey @crass , sorry, i was a bit unclear. I meant the proposal to have proper unit-testing. That would need blobs included in the repo, exactly like in the xz error. Not talking about the manual testing, though, im completely wirh you on that. |
with the update to android 12, seedvault has also bumped the metadata version.
it would be great to be able to use this tool with newer backups.
The text was updated successfully, but these errors were encountered: