For anyone else who might stumble on this thread in the future and who is looking to decrypt repository contents from the command-line without using the client, I’ve been partially successful.
Step one: Obtain the AES encryption key. Currently I use the client for this.
The command-line below will:
- extract several master keys from the repository
- select the AES encryption key
- convert that key from base64 to hexadecimal and output it to stdout
restic -r /path/to/repo cat masterkey | jq -r .encrypt | base64 -d | xxd -p -c32
Step two: Once you have the AES key in hex format, you can feed it to openssl to decrypt restic packfiles. Note that this approach ignores the poly1305 digital signature.
The following command line will:
- extract the ciphertext from the packfile
- extract the IV a packfile and convert it to hexadecimal format
- call openssl to decrypt the ciphertext into plaintext (using the IV and the AES key from step one)
cat packfile | head -c -16 | tail -c +17 | openssl aes-256-ctr -d -iv `cat packfile | head -c 16 | xxd -p` -K aes-encryption-key-in-hex