fix: add error statement password is empty Close #94

pull/96/head
ᴍᴏᴏɴD4ʀᴋ 3 years ago
parent 751f33c585
commit 93bdf10574
  1. 118
      core/decrypt/decrypt.go

@ -10,14 +10,13 @@ import (
"encoding/asn1" "encoding/asn1"
"errors" "errors"
"hack-browser-data/log"
"golang.org/x/crypto/pbkdf2" "golang.org/x/crypto/pbkdf2"
) )
var ( var (
errSecurityKeyIsEmpty = errors.New("input [security find-generic-password -wa 'Chrome'] in terminal") errSecurityKeyIsEmpty = errors.New("input [security find-generic-password -wa 'Chrome'] in terminal")
errDecryptFailed = errors.New("decrypt failed, password is empty") errPasswordIsEmpty = errors.New("password is empty")
errDecryptFailed = errors.New("decrypt encrypt value failed")
errDecodeASN1Failed = errors.New("decode ASN1 data failed") errDecodeASN1Failed = errors.New("decode ASN1 data failed")
errEncryptedLength = errors.New("length of encrypted password less than block size") errEncryptedLength = errors.New("length of encrypted password less than block size")
) )
@ -44,15 +43,14 @@ func NewASN1PBE(b []byte) (pbe ASN1PBE, err error) {
return nil, errDecodeASN1Failed return nil, errDecodeASN1Failed
} }
/* NSS Struct // NssPBE Struct
SEQUENCE (2 elem) // SEQUENCE (2 elem)
SEQUENCE (2 elem) // SEQUENCE (2 elem)
OBJECT IDENTIFIER // OBJECT IDENTIFIER
SEQUENCE (2 elem) // SEQUENCE (2 elem)
OCTET STRING (20 byte) // OCTET STRING (20 byte)
INTEGER 1 // INTEGER 1
OCTET STRING (16 byte) // OCTET STRING (16 byte)
*/
type NssPBE struct { type NssPBE struct {
NssSequenceA NssSequenceA
Encrypted []byte Encrypted []byte
@ -69,21 +67,11 @@ type NssSequenceB struct {
} }
func (n NssPBE) Decrypt(globalSalt, masterPwd []byte) (key []byte, err error) { func (n NssPBE) Decrypt(globalSalt, masterPwd []byte) (key []byte, err error) {
// byte[] GLMP; // GlobalSalt + MasterPassword
// byte[] HP; // SHA1(GLMP)
// byte[] HPES; // HP + EntrySalt
// byte[] CHP; // SHA1(HPES)
// byte[] PES; // EntrySalt completed to 20 bytes by zero
// byte[] PESES; // PES + EntrySalt
// byte[] k1;
// byte[] tk;
// byte[] k2;
// byte[] k; // final value containing key and iv
glmp := append(globalSalt, masterPwd...) glmp := append(globalSalt, masterPwd...)
hp := sha1.Sum(glmp) hp := sha1.Sum(glmp)
s := append(hp[:], n.EntrySalt...) s := append(hp[:], n.EntrySalt...)
chp := sha1.Sum(s) chp := sha1.Sum(s)
pes := PaddingZero(n.EntrySalt, 20) pes := paddingZero(n.EntrySalt, 20)
tk := hmac.New(sha1.New, chp[:]) tk := hmac.New(sha1.New, chp[:])
tk.Write(pes) tk.Write(pes)
pes = append(pes, n.EntrySalt...) pes = append(pes, n.EntrySalt...)
@ -94,28 +82,26 @@ func (n NssPBE) Decrypt(globalSalt, masterPwd []byte) (key []byte, err error) {
k2.Write(tkPlus) k2.Write(tkPlus)
k := append(k1.Sum(nil), k2.Sum(nil)...) k := append(k1.Sum(nil), k2.Sum(nil)...)
iv := k[len(k)-8:] iv := k[len(k)-8:]
log.Debug("get firefox pbe key and iv success")
return des3Decrypt(k[:24], iv, n.Encrypted) return des3Decrypt(k[:24], iv, n.Encrypted)
} }
/* META Struct // MetaPBE Struct
SEQUENCE (2 elem) // SEQUENCE (2 elem)
SEQUENCE (2 elem) // SEQUENCE (2 elem)
OBJECT IDENTIFIER // OBJECT IDENTIFIER
SEQUENCE (2 elem) // SEQUENCE (2 elem)
SEQUENCE (2 elem) // SEQUENCE (2 elem)
OBJECT IDENTIFIER // OBJECT IDENTIFIER
SEQUENCE (4 elem) // SEQUENCE (4 elem)
OCTET STRING (32 byte) // OCTET STRING (32 byte)
INTEGER 1 // INTEGER 1
INTEGER 32 // INTEGER 32
SEQUENCE (1 elem) // SEQUENCE (1 elem)
OBJECT IDENTIFIER // OBJECT IDENTIFIER
SEQUENCE (2 elem) // SEQUENCE (2 elem)
OBJECT IDENTIFIER // OBJECT IDENTIFIER
OCTET STRING (14 byte) // OCTET STRING (14 byte)
OCTET STRING (16 byte) // OCTET STRING (16 byte)
*/
type MetaPBE struct { type MetaPBE struct {
MetaSequenceA MetaSequenceA
Encrypted []byte Encrypted []byte
@ -158,6 +144,28 @@ func (m MetaPBE) Decrypt(globalSalt, masterPwd []byte) (key2 []byte, err error)
return aes128CBCDecrypt(key, iv, m.Encrypted) return aes128CBCDecrypt(key, iv, m.Encrypted)
} }
// LoginPBE Struct
// SEQUENCE (3 elem)
// OCTET STRING (16 byte)
// SEQUENCE (2 elem)
// OBJECT IDENTIFIER
// OCTET STRING (8 byte)
// OCTET STRING (16 byte)
type LoginPBE struct {
CipherText []byte
LoginSequence
Encrypted []byte
}
type LoginSequence struct {
asn1.ObjectIdentifier
IV []byte
}
func (l LoginPBE) Decrypt(globalSalt, masterPwd []byte) (key []byte, err error) {
return des3Decrypt(globalSalt, l.IV, l.Encrypted)
}
func aes128CBCDecrypt(key, iv, encryptPass []byte) ([]byte, error) { func aes128CBCDecrypt(key, iv, encryptPass []byte) ([]byte, error) {
block, err := aes.NewCipher(key) block, err := aes.NewCipher(key)
if err != nil { if err != nil {
@ -185,7 +193,6 @@ func PKCS5UnPadding(src []byte) []byte {
func des3Decrypt(key, iv []byte, src []byte) ([]byte, error) { func des3Decrypt(key, iv []byte, src []byte) ([]byte, error) {
block, err := des.NewTripleDESCipher(key) block, err := des.NewTripleDESCipher(key)
if err != nil { if err != nil {
log.Error(err)
return nil, err return nil, err
} }
blockMode := cipher.NewCBCDecrypter(block, iv) blockMode := cipher.NewCBCDecrypter(block, iv)
@ -194,7 +201,7 @@ func des3Decrypt(key, iv []byte, src []byte) ([]byte, error) {
return sq, nil return sq, nil
} }
func PaddingZero(s []byte, l int) []byte { func paddingZero(s []byte, l int) []byte {
h := l - len(s) h := l - len(s)
if h <= 0 { if h <= 0 {
return s return s
@ -205,26 +212,3 @@ func PaddingZero(s []byte, l int) []byte {
return s return s
} }
} }
/* Login Struct
SEQUENCE (3 elem)
OCTET STRING (16 byte)
SEQUENCE (2 elem)
OBJECT IDENTIFIER
OCTET STRING (8 byte)
OCTET STRING (16 byte)
*/
type LoginPBE struct {
CipherText []byte
LoginSequence
Encrypted []byte
}
type LoginSequence struct {
asn1.ObjectIdentifier
IV []byte
}
func (l LoginPBE) Decrypt(globalSalt, masterPwd []byte) (key []byte, err error) {
return des3Decrypt(globalSalt, l.IV, l.Encrypted)
}

Loading…
Cancel
Save