Expand description
Vault recovery backup & restore (KOV-34, spec §10.2).
A mode-aware, encrypted disaster-recovery backup of what a vault needs to
unlock, sealed into a standard, ASCII-armored age blob under a recovery
passphrase (age-scrypt). The plaintext never lands in a file or a log
(I7/I12) — only the encrypted blob is emitted; and because the blob is a
normal age file it stays recoverable with any age implementation (age -d)
even if kovra is unavailable.
The blob is self-describing (BackupKind): import restores it to the
right backend regardless of the machine’s current mode, and respects the
vault’s mode — it never silently migrates one mode to another:
- keyring vaults store the 32-byte master key → backup carries the key, restored into the OS keyring.
- passphrase vaults derive the key (
Argon2(passphrase, salt)), so an arbitrary key cannot be stored; the recoverable material kovra holds is thekdf.salt→ backup carries the salt, restored tokdf.salt. The passphrase stays with the user and is never exported.
Round-tripping a backup in the same mode is idempotent (the same key/salt is restored).
This module is pure: it knows nothing about the keyring backend or the
filesystem. The CLI wires export/import around it.
Enums§
- Backup
Kind - What a backup blob carries, so
importrestores it to the right backend (KOV-34). Serialized inside the encrypted payload, never in the clear.
Functions§
- export_
backup - Encrypt
data(a master key or a kdf salt, perkind) into an ASCII-armoredageblob underpassphrase(age-scrypt). The transient plaintext is wiped at the end of the call; only the encrypted blob is returned (I7/I12). - import_
backup - Decrypt an
export_backupblob withpassphrase, returning what it carries (the caller restores it to the right backend). A wrong passphrase, a tampered blob, or an unknown format fails cleanly — never a panic, never the bytes.