marnix / synology-decrypt Goto Github PK

View Code? Open in Web Editor NEW

96.0 14.0 23.0 132 KB

An open source implementation/description of the Synology Cloud Sync encryption/decryption algorithm

License: GNU General Public License v3.0

Python 100.00%

decryption-algorithm synology decryption synology-nas

synology-decrypt's Introduction

synology-decrypt

Goal

An open source implementation/description of the encryption/decryption algorithm used by Synology NAS products in their Cloud Sync feature, where one can sync data on the NAS to the likes of Google Drive.

Synology publishes a closed source tool (see below), but I would like to be know how to decrypt my own data with my own password or private key, in the (unlikely) event that I lose access to both a NAS of this type and the closed source tool.

Also, I would like to be able to judge the strength of the encryption.

Official documentation of the encryption algorithm exists, but only on a high level, and the file format is not documented at all.

I've chosen Python, since I think that allows to to express the algorithm most clearly.

(Please note that I explicitly do not want to reverse engineer the closed source 'Synology Cloud Sync Decryption Tool', since I want to avoid doing things that might be construed to be illegal.)

How to install and run

You need to download the source code and install a few dependencies:

git clone this repository.
Make sure you have Python installed (3.2 or later, or 2.7); Linux works, I've never tried it on Windows but that should also Just Work(tm).
Install all Python packages which are mentioned in requirements.txt, e.g. by running pip install -r requirements.txt.
Make sure you have the lz4 binary on your PATH.
- On Ubuntu (at least 18.04) you can install it by running apt install liblz4-tool as root.

This is a command line tool, and running it comes down to the following.

In the root folder of the cloned repository, run python -m syndecrypt followed by the supported command line arguments (leave out or add -h for usage information / help).

Note that currently this tool does not traverse directories: You either mention all files explicitly on a single command line, either you run it repeatedly.

Feedback

Feel very free to create a GitHub issue, create a pull request, or drop me a line, if you have any opinions, bug reports, requests, or whatever about this project. Thanks!

Build Status

Travis CI says:

Codacy says:

License

The code in this repository is licensed under the GPLv3; see LICENSE.txt for details.

Information Sources

There are four pieces of information from Synology, unfortunately spread out over multiple places which are not easy to find, and not linked together at all:

'Synology Cloud Sync Decryption Tool', the closed source decryption tool (Windows and Linux only, apparently GUI only) which Synology provides.

It can be obtained through the Synology Support Download Center at https://www.synology.com/en-us/support/download/, then choose a NAS that offers Cloud Sync (many of them, e.g., DS110j).

As of this writing the current version is 009.

(The GUI has a help icon that opens https://help.synology.com/enu/utility/SynologyCloudSyncDecryptionTool which which contains the same infor as the KB article below. It also returns 404 fairly often.)
Synology Knowledge Base article "What is Synology Cloud Sync Decryption Tool?" describing how to use the above decryption tool.
Page 9 of "Cloud Sync White Paper -- Based on DSM 6.0" (archive.org copy) which I received through Synology Support.
The Synology NAS software just lets me check an 'encrypt' checkbox and asks for a password, and then sends back a zip-file key.zip with files public.pem and private.pem, without any explanation what I can/should do with it.

The above documents make it clear that the files are encrypted individually, and that each file can be decrypted using only the password or only private.pem.

Until now, there is only one unofficial source of information:

The answers and comments on my StackOverflow question: What decryption algorithm is used here?.

To Do

The current code is still basic and does not provide enough explanation yet. I'd still like to do the following:

Core decryption algorithm

Investigate what key2_hash is a hash of.
Warn for any known field that is missing, and for every unknown field.
Rename core to algorithm?
Full documentation of the algorithm in the 'core' module.
Add algorithm diagram.
Support encrypt = 0 and compress = 0 modes. (It is an error if either of these fields is not specified.)
Add verification of @SynologyCloudSync/cloudsync_encrypt.info file using password and/or private key.
Investigate how DSM GUI handles non-ASCII passwords.

Command-line decryption tool

Decrypt directories recursively.
Check password file: check single line, warning if not printable ASCII.
Make log level configurable (default: warning).
Add --verify option, to check decryptability and file structure.
Make --verify option also verify @SynologyCloudSync/cloudsync_encrypt.info files.

Encryption

Add encryption option/algorithm.

synology-decrypt's People

Contributors

Stargazers

Watchers

synology-decrypt's Issues

Update README.md with information on how to run the command line tool

Is there a wiki available how to get this script running.
My NAS drive crashes and all the data wat upload to a WebDAV now try to decrypt with the Synology tool but that crashes everytime.

Found this script but I have no idea how to run this exactly.
Someone here how can help me?

Document dependency on lz4

Took me a while to figure out this program requires the lz4 to be available on my system.

The error message is non-descriptive if you aren't used to Python traces.

INFO: decrypting "/path/to/file" to "/tmp/path/to/file"
ERROR: decryption failed, exception occurred: <type 'exceptions.OSError'>: [Errno 2] No such file or directory

Obviously I tried all permutations for passing the input file, output file and private keys before diving into the code.

New 3.0 file decryption only works for plain text files

Hello, the changes you have merged for 3.0 decryption support only works for plain text files. Any other file format yields and invalid padding byte error.

However, the pull request with changes introduced by @neepl works for 3.0 version regardless of file type.

Support decryption of file format version 3.0

Hey,

it seems that synology updated their storage format to a newer version: the following code part is failing, saying that the version (3...) does not match. could you take a look at the new format?

https://github.com/marnix/synology-decrypt/blob/master/syndecrypt/core.py#L219

btw: great work, original synology decrypt tool is always failing on huge data sources and support will not help :(

Does not decrypt large files

I was unable to decrypt a large (4,09GB) file.

If I remember correctly, I received the following error: "size doesn't fit in an int". I forgot the save the stack trace, but I do want to document the issue.

My solution was to use https://github.com/ewoutp/synology-decrypt-docker and use the tool provided by Synology within a Ubuntu docker container. Of course this adds a lot of overhead and give no insight in the encryption algorithm.

Question on _openssl_kdf

Hello Marnix,
I have a question regarding the function '_openssl_kdf', the implementation skips pkcs5s1 part mentioned in the post
With md5, the function derives different AES key and iv from openssl enc.

Is this a variation Synology takes to simplify key derivation? Is there any Synology documentation that describes the kdf?

Many thanks for this tool. I'm trying to understand the details and replicating your code in .net core.

SyntaxError: invalid hexadecimal literal

I seem to get the following error when running on Ubuntu

# python3 -m syndecrypt -h                                                                                                                                                         [11:33]
Traceback (most recent call last):
  File "/usr/lib/python3.10/runpy.py", line 196, in _run_module_as_main
    return _run_code(code, main_globals, None,
  File "/usr/lib/python3.10/runpy.py", line 86, in _run_code
    exec(code, run_globals)
  File "/opt/synology-decrypt/syndecrypt/__main__.py", line 25, in <module>
    import syndecrypt.files as files
  File "/opt/synology-decrypt/syndecrypt/files.py", line 6, in <module>
    import syndecrypt.core as core
  File "/opt/synology-decrypt/syndecrypt/core.py", line 4, in <module>
    from Cryptodome.Cipher import AES
  File "/home/XXXXXXXXX/.local/share/virtualenvs/synology-decrypt-PJ9kO-mR/lib/python3.10/site-packages/Cryptodome/Cipher/__init__.py", line 7, in <module>
    from Cryptodome.Cipher._mode_ctr import _create_ctr_cipher
  File "/home/XXXXXXXXX/.local/share/virtualenvs/synology-decrypt-PJ9kO-mR/lib/python3.10/site-packages/Cryptodome/Cipher/_mode_ctr.py", line 35, in <module>
    from Cryptodome.Util.number import long_to_bytes
  File "/home/XXXXXXXXX/.local/share/virtualenvs/synology-decrypt-PJ9kO-mR/lib/python3.10/site-packages/Cryptodome/Util/number.py", line 387
    s = pack('>I', n & 0xffffffffL) + s

A also tried the solution here

Uninstall - pip3 uninstall pycryptodome
Update - pip3 install -U pycryptodome
Install cryptodomex - pip3 install pycryptodomex

Any advice?

How effective is this encryption?

You said one of your goals was to determine how safe the files are that are encrypted. Can you offer you opinion on this please?