From 147d57e8f468a1dfbf08168201ca3879ca7e1dc3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E1=B4=8D=E1=B4=8F=E1=B4=8F=C9=B4D4=CA=80=E1=B4=8B?=
 <moond4rk13@gmail.com>
Date: Sun, 14 Aug 2022 01:18:28 +0800
Subject: [PATCH] refactor: add comments and format code style

---
 internal/decrypter/decrypter.go         | 104 ++++++++++++++----------
 internal/decrypter/decrypter_darwin.go  |  18 ++--
 internal/decrypter/decrypter_linux.go   |  18 ++--
 internal/decrypter/decrypter_windows.go |  35 ++++----
 4 files changed, 100 insertions(+), 75 deletions(-)

diff --git a/internal/decrypter/decrypter.go b/internal/decrypter/decrypter.go
index a00c3f3..4248afc 100644
--- a/internal/decrypter/decrypter.go
+++ b/internal/decrypter/decrypter.go
@@ -44,13 +44,13 @@ func NewASN1PBE(b []byte) (pbe ASN1PBE, err error) {
 }
 
 // nssPBE Struct
-// SEQUENCE (2 elem)
-// 	SEQUENCE (2 elem)
-// 		OBJECT IDENTIFIER
-// 		SEQUENCE (2 elem)
-// 			OCTET STRING (20 byte)
-// 			INTEGER 1
-// 	OCTET STRING (16 byte)
+//
+//	SEQUENCE (2 elem)
+//		OBJECT IDENTIFIER
+//		SEQUENCE (2 elem)
+//			OCTET STRING (20 byte)
+//			INTEGER 1
+//	OCTET STRING (16 byte)
 type nssPBE struct {
 	AlgoAttr struct {
 		asn1.ObjectIdentifier
@@ -62,10 +62,6 @@ type nssPBE struct {
 	Encrypted []byte
 }
 
-func (n nssPBE) entrySalt() []byte {
-	return n.AlgoAttr.SaltAttr.EntrySalt
-}
-
 func (n nssPBE) Decrypt(globalSalt, masterPwd []byte) (key []byte, err error) {
 	glmp := append(globalSalt, masterPwd...)
 	hp := sha1.Sum(glmp)
@@ -82,26 +78,34 @@ func (n nssPBE) Decrypt(globalSalt, masterPwd []byte) (key []byte, err error) {
 	k2.Write(tkPlus)
 	k := append(k1.Sum(nil), k2.Sum(nil)...)
 	iv := k[len(k)-8:]
-	return des3Decrypt(k[:24], iv, n.Encrypted)
+	return des3Decrypt(k[:24], iv, n.encrypted())
+}
+
+func (n nssPBE) entrySalt() []byte {
+	return n.AlgoAttr.SaltAttr.EntrySalt
+}
+
+func (n nssPBE) encrypted() []byte {
+	return n.Encrypted
 }
 
 // MetaPBE Struct
-// SEQUENCE (2 elem)
-// 	SEQUENCE (2 elem)
-//     	OBJECT IDENTIFIER
-//     	SEQUENCE (2 elem)
-//       	SEQUENCE (2 elem)
-//         	OBJECT IDENTIFIER
-//         	SEQUENCE (4 elem)
-//           	OCTET STRING (32 byte)
-//           		INTEGER 1
-//           		INTEGER 32
-//           		SEQUENCE (1 elem)
-//             	OBJECT IDENTIFIER
-//       	SEQUENCE (2 elem)
-//         	OBJECT IDENTIFIER
-//         	OCTET STRING (14 byte)
-//   	OCTET STRING (16 byte)
+//
+//	SEQUENCE (2 elem)
+//		OBJECT IDENTIFIER
+//	    SEQUENCE (2 elem)
+//	    SEQUENCE (2 elem)
+//	      	OBJECT IDENTIFIER
+//	       	SEQUENCE (4 elem)
+//	       	OCTET STRING (32 byte)
+//	      		INTEGER 1
+//	       		INTEGER 32
+//	       		SEQUENCE (1 elem)
+//	          	OBJECT IDENTIFIER
+//	    SEQUENCE (2 elem)
+//	      	OBJECT IDENTIFIER
+//	      	OCTET STRING (14 byte)
+//	OCTET STRING (16 byte)
 type metaPBE struct {
 	AlgoAttr  algoAttr
 	Encrypted []byte
@@ -135,8 +139,8 @@ type slatAttr struct {
 func (m metaPBE) Decrypt(globalSalt, masterPwd []byte) (key2 []byte, err error) {
 	k := sha1.Sum(globalSalt)
 	key := pbkdf2.Key(k[:], m.entrySalt(), m.iterationCount(), m.keySize(), sha256.New)
-	iv := append([]byte{4, 14}, m.AlgoAttr.Data.IVData.IV...)
-	return aes128CBCDecrypt(key, iv, m.Encrypted)
+	iv := append([]byte{4, 14}, m.iv()...)
+	return aes128CBCDecrypt(key, iv, m.encrypted())
 }
 
 func (m metaPBE) entrySalt() []byte {
@@ -151,13 +155,21 @@ func (m metaPBE) keySize() int {
 	return m.AlgoAttr.Data.Data.SlatAttr.KeySize
 }
 
+func (m metaPBE) iv() []byte {
+	return m.AlgoAttr.Data.IVData.IV
+}
+
+func (m metaPBE) encrypted() []byte {
+	return m.Encrypted
+}
+
 // loginPBE Struct
-// SEQUENCE (3 elem)
-// 	OCTET STRING (16 byte)
-// 	SEQUENCE (2 elem)
-// 		OBJECT IDENTIFIER
-// 		OCTET STRING (8 byte)
-// 	OCTET STRING (16 byte)
+//
+//	OCTET STRING (16 byte)
+//	SEQUENCE (2 elem)
+//			OBJECT IDENTIFIER
+//			OCTET STRING (8 byte)
+//	OCTET STRING (16 byte)
 type loginPBE struct {
 	CipherText []byte
 	Data       struct {
@@ -168,7 +180,14 @@ type loginPBE struct {
 }
 
 func (l loginPBE) Decrypt(globalSalt, masterPwd []byte) (key []byte, err error) {
-	return des3Decrypt(globalSalt, l.Data.IV, l.Encrypted)
+	return des3Decrypt(globalSalt, l.iv(), l.encrypted())
+}
+
+func (l loginPBE) iv() []byte {
+	return l.Data.IV
+}
+func (l loginPBE) encrypted() []byte {
+	return l.Encrypted
 }
 
 func aes128CBCDecrypt(key, iv, encryptPass []byte) ([]byte, error) {
@@ -197,7 +216,7 @@ func pkcs5UnPadding(src []byte, blockSize int) []byte {
 	return src[:n-paddingNum]
 }
 
-// des3Decrypt use for decrypter firefox PBE
+// des3Decrypt use for decrypt firefox PBE
 func des3Decrypt(key, iv []byte, src []byte) ([]byte, error) {
 	block, err := des.NewTripleDESCipher(key)
 	if err != nil {
@@ -213,10 +232,9 @@ func paddingZero(s []byte, l int) []byte {
 	h := l - len(s)
 	if h <= 0 {
 		return s
-	} else {
-		for i := len(s); i < l; i++ {
-			s = append(s, 0)
-		}
-		return s
 	}
+	for i := len(s); i < l; i++ {
+		s = append(s, 0)
+	}
+	return s
 }
diff --git a/internal/decrypter/decrypter_darwin.go b/internal/decrypter/decrypter_darwin.go
index d003e12..63ed643 100644
--- a/internal/decrypter/decrypter_darwin.go
+++ b/internal/decrypter/decrypter_darwin.go
@@ -1,17 +1,17 @@
 package decrypter
 
 func Chromium(key, encryptPass []byte) ([]byte, error) {
-	if len(encryptPass) > 3 {
-		if len(key) == 0 {
-			return nil, errSecurityKeyIsEmpty
-		}
-		chromeIV := []byte{32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32}
-		return aes128CBCDecrypt(key, chromeIV, encryptPass[3:])
-	} else {
-		return nil, errDecryptFailed
+	if len(encryptPass) <= 3 {
+		return nil, errPasswordIsEmpty
 	}
+	if len(key) == 0 {
+		return nil, errSecurityKeyIsEmpty
+	}
+
+	iv := []byte{32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32}
+	return aes128CBCDecrypt(key, iv, encryptPass[3:])
 }
 
-func DPApi(data []byte) ([]byte, error) {
+func DPAPI(data []byte) ([]byte, error) {
 	return nil, nil
 }
diff --git a/internal/decrypter/decrypter_linux.go b/internal/decrypter/decrypter_linux.go
index ccd5866..c7257dd 100644
--- a/internal/decrypter/decrypter_linux.go
+++ b/internal/decrypter/decrypter_linux.go
@@ -1,17 +1,17 @@
 package decrypter
 
 func Chromium(key, encryptPass []byte) ([]byte, error) {
-	chromeIV := []byte{32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32}
-	if len(encryptPass) > 3 {
-		if len(key) == 0 {
-			return nil, errSecurityKeyIsEmpty
-		}
-		return aes128CBCDecrypt(key, chromeIV, encryptPass[3:])
-	} else {
-		return nil, errDecryptFailed
+	if len(encryptPass) < 3 {
+		return nil, errPasswordIsEmpty
+	}
+	if len(key) == 0 {
+		return nil, errSecurityKeyIsEmpty
 	}
+
+	chromeIV := []byte{32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32}
+	return aes128CBCDecrypt(key, chromeIV, encryptPass[3:])
 }
 
-func DPApi(data []byte) ([]byte, error) {
+func DPAPI(data []byte) ([]byte, error) {
 	return nil, nil
 }
diff --git a/internal/decrypter/decrypter_windows.go b/internal/decrypter/decrypter_windows.go
index 2569249..8c17f8c 100644
--- a/internal/decrypter/decrypter_windows.go
+++ b/internal/decrypter/decrypter_windows.go
@@ -8,25 +8,29 @@ import (
 )
 
 func Chromium(key, encryptPass []byte) ([]byte, error) {
-	if len(encryptPass) > 15 {
-		// remove Prefix 'v10'
-		return aesGCMDecrypt(encryptPass[15:], key, encryptPass[3:15])
-	} else {
+	if len(encryptPass) < 3 {
 		return nil, errPasswordIsEmpty
 	}
+	if len(key) == 0 {
+		return nil, errSecurityKeyIsEmpty
+	}
+
+	return aesGCMDecrypt(encryptPass[15:], key, encryptPass[3:15])
 }
 
 func ChromiumForYandex(key, encryptPass []byte) ([]byte, error) {
-	if len(encryptPass) > 15 {
-		// remove Prefix 'v10'
-		// gcmBlockSize         = 16
-		// gcmTagSize           = 16
-		// gcmMinimumTagSize    = 12 // NIST SP 800-38D recommends tags with 12 or more bytes.
-		// gcmStandardNonceSize = 12
-		return aesGCMDecrypt(encryptPass[12:], key, encryptPass[0:12])
-	} else {
+	if len(encryptPass) < 3 {
 		return nil, errPasswordIsEmpty
 	}
+	if len(key) == 0 {
+		return nil, errSecurityKeyIsEmpty
+	}
+	// remove Prefix 'v10'
+	// gcmBlockSize         = 16
+	// gcmTagSize           = 16
+	// gcmMinimumTagSize    = 12 // NIST SP 800-38D recommends tags with 12 or more bytes.
+	// gcmStandardNonceSize = 12
+	return aesGCMDecrypt(encryptPass[12:], key, encryptPass[0:12])
 }
 
 // chromium > 80 https://source.chromium.org/chromium/chromium/src/+/master:components/os_crypt/os_crypt_win.cc
@@ -67,9 +71,12 @@ func (b *dataBlob) ToByteArray() []byte {
 	return d
 }
 
-// DPApi
+// DPAPI (Data Protection Application Programming Interface)
+// is a simple cryptographic application programming interface
+// available as a built-in component in Windows 2000 and
+// later versions of Microsoft Windows operating systems
 // chrome < 80 https://chromium.googlesource.com/chromium/src/+/76f496a7235c3432983421402951d73905c8be96/components/os_crypt/os_crypt_win.cc#82
-func DPApi(data []byte) ([]byte, error) {
+func DPAPI(data []byte) ([]byte, error) {
 	dllCrypt := syscall.NewLazyDLL("Crypt32.dll")
 	dllKernel := syscall.NewLazyDLL("Kernel32.dll")
 	procDecryptData := dllCrypt.NewProc("CryptUnprotectData")