Could you add an option to display/print the decrypted key for desktop sqlite database (for Windows)

[sam1200]

Great tool!

I think right now you have a print line but it's commented

//std::cout << "KEY !! : " << bepaald::bytesToHexString(key.get(), key_length) << std::endl;

I am on Signal Desktop Windows -- I just need a tool to obtain the decrypted key for the database.
A standalone tool for windows would be nice, but I think it would be pretty easy by just adding an option to display/print the decrypted key, when running for example --importfromdesktop or --exportdesktophtml.

I think a lot of other people have the same demand.

I don't have a Linux machine now and I am having a hard time trying to modify the code and compile on a Windows machine.

Thanks!

[bepaald]

Yes, no problem, this is actually a planned feature and should indeed be very simple. I'm away today, but I'll try to get this done tomorrow. Thanks!

[bepaald]

I had a few moments this morning before I had to go, so I quickly implemented this. Use the --showdesktopkey option to show the desktop key. Let me know if it works, thanks!

[bepaald]

I believe this issue is fixed. Let me know if you think otherwise. Thanks!

[warp-9000]

EDIT:
I installed my archived version of Signal Desktop v7.21.0 on my second Win10 machine and was able to use --showdesktopkey correctly after a fresh install. So, I think my issue is related to signalapp/Signal-Desktop#7005 as I am trying to access a Signal Desktop backup from Aug 20.

---

Hi @bepaald, I agree - great tool!

I tried --showdesktopkey today using signalbackup-tools_win.exe version 20240910.222304 and received the following output:

[Error]: Failed to decrypt key (1)
[Error]: Failed to read key from config.json
[Error]: Failed to get sqlcipher key to decrypt Signal Desktop database

My config.json looks good and is formatted as follows:

{
  "mediaPermissions": true,
  "mediaCameraPermissions": true,
  "encryptedKey": "<key>"
}

Does the latest binary include this feature or should I compile from source?

[bepaald]

I installed my archived version of Signal Desktop v7.21.0 on my second Win10 machine and was able to use --showdesktopkey correctly after a fresh install.

Good!

So, I think my issue is related to signalapp/Signal-Desktop#7005 as I am trying to access a Signal Desktop backup from Aug 20.

I was afraid it wouldn't be long before such an issue would come up. I warned about things like this during the beta when the key encryption was first implemented. I hope they figure something out.

[warp-9000]

I was afraid it wouldn't be long before such an issue would come up. I warned about things like this during the beta when the key encryption was first implemented. I hope they figure something out.

Yeah, it seems we need to wait for Signal devs to implement that 'disable the DB key encryption on Windows' command line flag that exists for Linux that ayumi-signal mentioned.

Given that, I've now started researching how to truly restore credentials for a Windows 10 profile. As it happens I created a mirror image of my old C drive before wiping the contents so it appears I have my older user profile Master Key(s)... now I just have to find a way to get my old credentials to persist somehow (Windows kills them almost immediately after I copy). Anyway, I digress.

If I'm able to get that working so I can decrypt the 'encryptedKey' from my past Signal Desktop install I'll let you know.

[kintonc]

Hi @bepaald, I'm trying to decrypt my Signal SQLite backup, I've tried doing --showdesktopkey and dumpdesktopdb but get:

[Error]: Failed to decrypt key (1)
[Error]: Failed to read key from config.json
[Error]: Failed to get sqlcipher key to decrypt Signal Desktop database

Any advice? thanks!

[bepaald]

Hi @kintonc, did anything happen to your installation? Did you reinstall Windows, are you moving Signal Desktop from another machine or copying from a backup?

Most importantly: can Signal Desktop still open its own database, or are you asked to clear data and re-link?

[assarbad]

signalapp/Signal-Desktop#7038 is another instance of this on Windows. The cause appears to be different, but it really isn't in the end, because both (i.e. also signalapp/Signal-Desktop#7005) are about missing/inaccessible DPAPI master keys. These are stored wrapped and details from the current user account are used to unwrap them. Password changes trigger re-generation of the master keys ordinarily, creating a chain of keys usable for unwrapping old and new DPAPI secrets.