duo-initiator/com.silencelaboratories.silentshard.duo.initiator/DuoSession/verifyBackup

verifyBackup

abstract suspend fun verifyBackup(keyshare: ByteArray, backupData: ByteArray, rsaPublicKey: ByteArray, label: String = ""): Result<Boolean>

Verifies the integrity of a backup using RSA signature.

Ensures backup hasn't been tampered with and was created by legitimate service. Use before restoring to prevent importing malicious data.

Example: Verify Before Restore

suspend fun safeRestore(
    backupData: ByteArray,
    session: DuoSession,
    keyshare: ByteArray
) {
    // Get backup service's RSA public key
    val rsaPublicKey = getBackupServicePublicKey()

    // Verify backup integrity
    val isValid = session.verifyBackup(
        keyshare = keyshare,
        backupData = backupData,
        rsaPublicKey = rsaPublicKey,
        label = "wallet_backup_v1"
    ).getOrThrow()

    if (isValid) {
        println("✓ Backup verified - safe to restore")
        proceedWithRestore(backupData)
    } else {
        println("✗ WARNING: Backup verification failed!")
        println("This backup may be corrupted or tampered with.")
        throw SecurityException("Invalid backup signature")
    }
}
Content copied to clipboard

Return

Result containing true if backup is valid, false otherwise

Parameters

keyshare

The keyshare to use for verification

backupData

The backup data to verify

rsaPublicKey

RSA public key of the backup service/signer

label

Optional label for verification context (e.g., user ID, version)

See also

to create backups

to restore from backups

Generated by Dokka
© 2026 Copyright