Skip to content

Commit

Permalink
fix: modify firefox asn1 data struct
Browse files Browse the repository at this point in the history
  • Loading branch information
moonD4rk committed Apr 19, 2022
1 parent 8c2f72c commit 4fe335c
Show file tree
Hide file tree
Showing 7 changed files with 69 additions and 64 deletions.
2 changes: 1 addition & 1 deletion internal/browingdata/cookie/cookie.go
Original file line number Diff line number Diff line change
Expand Up @@ -75,7 +75,7 @@ func (c *ChromiumCookie) Parse(masterKey []byte) error {
if masterKey == nil {
value, err = decrypter.DPApi(encryptValue)
} else {
value, err = decrypter.ChromePass(masterKey, encryptValue)
value, err = decrypter.Chromium(masterKey, encryptValue)
}
if err != nil {
log.Error(err)
Expand Down
4 changes: 2 additions & 2 deletions internal/browingdata/creditcard/creditcard.go
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,7 @@ func (c *ChromiumCreditCard) Parse(masterKey []byte) error {
return err
}
} else {
value, err = decrypter.ChromePass(masterKey, encryptValue)
value, err = decrypter.Chromium(masterKey, encryptValue)
if err != nil {
return err
}
Expand Down Expand Up @@ -112,7 +112,7 @@ func (c *YandexCreditCard) Parse(masterKey []byte) error {
return err
}
} else {
value, err = decrypter.ChromePassForYandex(masterKey, encryptValue)
value, err = decrypter.Chromium(masterKey, encryptValue)
if err != nil {
return err
}
Expand Down
4 changes: 2 additions & 2 deletions internal/browingdata/password/password.go
Original file line number Diff line number Diff line change
Expand Up @@ -65,7 +65,7 @@ func (c *ChromiumPassword) Parse(masterKey []byte) error {
if masterKey == nil {
password, err = decrypter.DPApi(pwd)
} else {
password, err = decrypter.ChromePass(masterKey, pwd)
password, err = decrypter.Chromium(masterKey, pwd)
}
if err != nil {
log.Error(err)
Expand Down Expand Up @@ -129,7 +129,7 @@ func (c *YandexPassword) Parse(masterKey []byte) error {
if masterKey == nil {
password, err = decrypter.DPApi(pwd)
} else {
password, err = decrypter.ChromePassForYandex(masterKey, pwd)
password, err = decrypter.Chromium(masterKey, pwd)
}
if err != nil {
log.Errorf("decrypt yandex password error %s", err)
Expand Down
115 changes: 60 additions & 55 deletions internal/decrypter/decrypter.go
Original file line number Diff line number Diff line change
Expand Up @@ -27,9 +27,9 @@ type ASN1PBE interface {

func NewASN1PBE(b []byte) (pbe ASN1PBE, err error) {
var (
n NssPBE
m MetaPBE
l LoginPBE
n nssPBE
m metaPBE
l loginPBE
)
if _, err := asn1.Unmarshal(b, &n); err == nil {
return n, nil
Expand All @@ -43,41 +43,41 @@ func NewASN1PBE(b []byte) (pbe ASN1PBE, err error) {
return nil, errDecodeASN1Failed
}

// NssPBE Struct
// nssPBE Struct
// SEQUENCE (2 elem)
// SEQUENCE (2 elem)
// OBJECT IDENTIFIER
// SEQUENCE (2 elem)
// OCTET STRING (20 byte)
// INTEGER 1
// OCTET STRING (16 byte)
type NssPBE struct {
NssSequenceA
type nssPBE struct {
AlgoAttr struct {
asn1.ObjectIdentifier
SaltAttr struct {
EntrySalt []byte
Len int
}
}
Encrypted []byte
}

type NssSequenceA struct {
DecryptMethod asn1.ObjectIdentifier
NssSequenceB
}

type NssSequenceB struct {
EntrySalt []byte
Len int
func (n nssPBE) entrySalt() []byte {
return n.AlgoAttr.SaltAttr.EntrySalt
}

func (n NssPBE) Decrypt(globalSalt, masterPwd []byte) (key []byte, err error) {
func (n nssPBE) Decrypt(globalSalt, masterPwd []byte) (key []byte, err error) {
glmp := append(globalSalt, masterPwd...)
hp := sha1.Sum(glmp)
s := append(hp[:], n.EntrySalt...)
s := append(hp[:], n.entrySalt()...)
chp := sha1.Sum(s)
pes := paddingZero(n.EntrySalt, 20)
pes := paddingZero(n.entrySalt(), 20)
tk := hmac.New(sha1.New, chp[:])
tk.Write(pes)
pes = append(pes, n.EntrySalt...)
pes = append(pes, n.entrySalt()...)
k1 := hmac.New(sha1.New, chp[:])
k1.Write(pes)
tkPlus := append(tk.Sum(nil), n.EntrySalt...)
tkPlus := append(tk.Sum(nil), n.entrySalt()...)
k2 := hmac.New(sha1.New, chp[:])
k2.Write(tkPlus)
k := append(k1.Sum(nil), k2.Sum(nil)...)
Expand All @@ -102,68 +102,73 @@ func (n NssPBE) Decrypt(globalSalt, masterPwd []byte) (key []byte, err error) {
// OBJECT IDENTIFIER
// OCTET STRING (14 byte)
// OCTET STRING (16 byte)
type MetaPBE struct {
MetaSequenceA
type metaPBE struct {
AlgoAttr algoAttr
Encrypted []byte
}

type MetaSequenceA struct {
PKCS5PBES2 asn1.ObjectIdentifier
MetaSequenceB
}
type MetaSequenceB struct {
MetaSequenceC
MetaSequenceD
}

type MetaSequenceC struct {
PKCS5PBKDF2 asn1.ObjectIdentifier
MetaSequenceE
type algoAttr struct {
asn1.ObjectIdentifier
Data struct {
Data struct {
asn1.ObjectIdentifier
SlatAttr slatAttr
}
IVData ivAttr
}
}

type MetaSequenceD struct {
AES256CBC asn1.ObjectIdentifier
IV []byte
type ivAttr struct {
asn1.ObjectIdentifier
IV []byte
}

type MetaSequenceE struct {
type slatAttr struct {
EntrySalt []byte
IterationCount int
KeySize int
MetaSequenceF
}

type MetaSequenceF struct {
HMACWithSHA256 asn1.ObjectIdentifier
Algorithm struct {
asn1.ObjectIdentifier
}
}

func (m MetaPBE) Decrypt(globalSalt, masterPwd []byte) (key2 []byte, err error) {
func (m metaPBE) Decrypt(globalSalt, masterPwd []byte) (key2 []byte, err error) {
k := sha1.Sum(globalSalt)
key := pbkdf2.Key(k[:], m.EntrySalt, m.IterationCount, m.KeySize, sha256.New)
iv := append([]byte{4, 14}, m.IV...)
key := pbkdf2.Key(k[:], m.entrySalt(), m.iterationCount(), m.keySize(), sha256.New)
iv := append([]byte{4, 14}, m.AlgoAttr.Data.IVData.IV...)
return aes128CBCDecrypt(key, iv, m.Encrypted)
}

// LoginPBE Struct
func (m metaPBE) entrySalt() []byte {
return m.AlgoAttr.Data.Data.SlatAttr.EntrySalt
}

func (m metaPBE) iterationCount() int {
return m.AlgoAttr.Data.Data.SlatAttr.IterationCount
}

func (m metaPBE) keySize() int {
return m.AlgoAttr.Data.Data.SlatAttr.KeySize
}

// loginPBE Struct
// SEQUENCE (3 elem)
// OCTET STRING (16 byte)
// SEQUENCE (2 elem)
// OBJECT IDENTIFIER
// OCTET STRING (8 byte)
// OCTET STRING (16 byte)
type LoginPBE struct {
type loginPBE struct {
CipherText []byte
LoginSequence
Data struct {
asn1.ObjectIdentifier
IV []byte
}
Encrypted []byte
}

type LoginSequence struct {
asn1.ObjectIdentifier
IV []byte
}

func (l LoginPBE) Decrypt(globalSalt, masterPwd []byte) (key []byte, err error) {
return des3Decrypt(globalSalt, l.IV, l.Encrypted)
func (l loginPBE) Decrypt(globalSalt, masterPwd []byte) (key []byte, err error) {
return des3Decrypt(globalSalt, l.Data.IV, l.Encrypted)
}

func aes128CBCDecrypt(key, iv, encryptPass []byte) ([]byte, error) {
Expand Down
2 changes: 1 addition & 1 deletion internal/decrypter/decrypter_darwin.go
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
package decrypter

func ChromePass(key, encryptPass []byte) ([]byte, error) {
func Chromium(key, encryptPass []byte) ([]byte, error) {
if len(encryptPass) > 3 {
if len(key) == 0 {
return nil, errSecurityKeyIsEmpty
Expand Down
2 changes: 1 addition & 1 deletion internal/decrypter/decrypter_linux.go
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
package decrypter

func ChromePass(key, encryptPass []byte) ([]byte, error) {
func Chromium(key, encryptPass []byte) ([]byte, error) {
var chromeIV = []byte{32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32}
if len(encryptPass) > 3 {
if len(key) == 0 {
Expand Down
4 changes: 2 additions & 2 deletions internal/decrypter/decrypter_windows.go
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ import (
"unsafe"
)

func ChromePass(key, encryptPass []byte) ([]byte, error) {
func Chromium(key, encryptPass []byte) ([]byte, error) {
if len(encryptPass) > 15 {
// remove Prefix 'v10'
return aesGCMDecrypt(encryptPass[15:], key, encryptPass[3:15])
Expand All @@ -16,7 +16,7 @@ func ChromePass(key, encryptPass []byte) ([]byte, error) {
}
}

func ChromePassForYandex(key, encryptPass []byte) ([]byte, error) {
func ChromiumForYandex(key, encryptPass []byte) ([]byte, error) {
if len(encryptPass) > 15 {
// remove Prefix 'v10'
// gcmBlockSize = 16
Expand Down

0 comments on commit 4fe335c

Please sign in to comment.