How to decrypt a Passwords backup file with E2E enabled?

monperrus · January 9, 2022, 6:30pm

Hi Marius, all,

I create a backup file with ./occ passwords:backup:export per the documentation at Backups · Wiki · nextcloud / passwords · GitLab (SUCCESS)

Next, I want to decrypt the encrypted properties in the JSON file.

In the JSON backup file, I do find the field sseKey for each entry.

How should I use sseKey and the global E2E password to get the decrypted value?

Thanks!

mdw · January 9, 2022, 7:17pm

What are you up to?

monperrus · January 9, 2022, 7:27pm

I make sure I would be able to restore all my passwords if my server crashes.

mdw · January 9, 2022, 7:51pm

In that case i recommend

setting up a test server
adding the user accounts you want to test (including the correct internal Nextcloud Ids)
and then just restoring the backup on that server

In order to decrypt a password from the backup, you would have to implement the entire E2E encryption flow and SSEv2.