mirror of
https://github.com/moonD4rk/HackBrowserData.git
synced 2026-07-04 21:37:47 +02:00
docs: drop RFC citations and what-comments, fix stale refs
Apply the no-internal-citation and WHY-not-WHAT rules to source comments; correct stale identifiers (NewBrowser, PBKDF2Key) and RFC facts (Yandex ciphertext, Firefox PBKDF2 password).
This commit is contained in:
+1
-1
@@ -98,7 +98,7 @@ func (n privateKeyPBE) deriveKeyAndIV(globalSalt []byte) ([]byte, []byte) {
|
||||
return dk[:24], dk[len(dk)-8:]
|
||||
}
|
||||
|
||||
// MetaPBE Struct
|
||||
// passwordCheckPBE Struct
|
||||
//
|
||||
// SEQUENCE (2 elem)
|
||||
// OBJECT IDENTIFIER
|
||||
|
||||
+1
-5
@@ -137,7 +137,6 @@ func AESGCMDecryptBlob(key, blob, aad []byte) ([]byte, error) {
|
||||
return aead.Open(nil, blob[:gcmNonceSize], blob[gcmNonceSize:], aad)
|
||||
}
|
||||
|
||||
// cbcEncrypt adds PKCS5 padding and encrypts plaintext in CBC mode.
|
||||
func cbcEncrypt(block cipher.Block, iv, plaintext []byte) ([]byte, error) {
|
||||
if len(iv) != block.BlockSize() {
|
||||
return nil, errInvalidIVLength
|
||||
@@ -149,7 +148,6 @@ func cbcEncrypt(block cipher.Block, iv, plaintext []byte) ([]byte, error) {
|
||||
return dst, nil
|
||||
}
|
||||
|
||||
// cbcDecrypt decrypts ciphertext in CBC mode and removes PKCS5 padding.
|
||||
func cbcDecrypt(block cipher.Block, iv, ciphertext []byte) ([]byte, error) {
|
||||
bs := block.BlockSize()
|
||||
if len(iv) != bs {
|
||||
@@ -172,8 +170,7 @@ func cbcDecrypt(block cipher.Block, iv, ciphertext []byte) ([]byte, error) {
|
||||
return dst, nil
|
||||
}
|
||||
|
||||
// paddingZero pads src with zero bytes to the given length.
|
||||
// Returns src unchanged if already long enough; otherwise returns a new slice.
|
||||
// paddingZero returns src unchanged if already long enough; otherwise a zero-padded new slice.
|
||||
func paddingZero(src []byte, length int) []byte {
|
||||
if len(src) >= length {
|
||||
return src
|
||||
@@ -195,7 +192,6 @@ func pkcs5Padding(src []byte, blockSize int) []byte {
|
||||
return dst
|
||||
}
|
||||
|
||||
// pkcs5UnPadding removes PKCS5/PKCS7 padding from src.
|
||||
func pkcs5UnPadding(src []byte, blockSize int) ([]byte, error) {
|
||||
length := len(src)
|
||||
if length == 0 {
|
||||
|
||||
+1
-1
@@ -14,7 +14,7 @@ import (
|
||||
// can get a derived key for e.g. AES-256 (which needs a 32-byte key) by
|
||||
// doing:
|
||||
//
|
||||
// dk := pbkdf2.Key([]byte("some password"), salt, 4096, 32, sha1.New)
|
||||
// dk := PBKDF2Key([]byte("some password"), salt, 4096, 32, sha1.New)
|
||||
//
|
||||
// Remember to get a good random salt. At least 8 bytes is recommended by the
|
||||
// RFC.
|
||||
|
||||
@@ -23,7 +23,6 @@ const (
|
||||
// CipherDPAPI is pre-Chrome 80 raw DPAPI encryption (no version prefix).
|
||||
CipherDPAPI CipherVersion = "dpapi"
|
||||
|
||||
// versionPrefixLen is the byte length of the version prefix ("v10", "v20").
|
||||
versionPrefixLen = 3
|
||||
)
|
||||
|
||||
@@ -47,8 +46,6 @@ func DetectVersion(ciphertext []byte) CipherVersion {
|
||||
}
|
||||
}
|
||||
|
||||
// stripPrefix removes the version prefix (e.g. "v10") from ciphertext.
|
||||
// Returns the ciphertext unchanged if no known prefix is found.
|
||||
func stripPrefix(ciphertext []byte) []byte {
|
||||
ver := DetectVersion(ciphertext)
|
||||
if ver == CipherV10 || ver == CipherV11 || ver == CipherV12 || ver == CipherV20 {
|
||||
|
||||
@@ -5,7 +5,8 @@
|
||||
#include <stddef.h>
|
||||
|
||||
// BootstrapScratch describes the IPC contract between the C payload running
|
||||
// inside chrome.exe and the Go injector in our own process. It squats inside
|
||||
// inside the target browser process (chrome.exe, msedge.exe, brave.exe, etc.)
|
||||
// and the Go injector in our own process. It squats inside
|
||||
// the target DLL's PE DOS header region. Windows' PE loader ignores the DOS
|
||||
// stub at 0x40..0x77, and we also borrow a few reserved bytes between 0x28
|
||||
// and 0x3B inside IMAGE_DOS_HEADER. The e_lfanew at 0x3C..0x3F MUST be left
|
||||
|
||||
+1
-1
@@ -22,7 +22,7 @@ var (
|
||||
errYandexKeyTooShort = errors.New("yandex: decrypted intermediate key shorter than 32 bytes")
|
||||
)
|
||||
|
||||
// DecryptYandexIntermediateKey unwraps the per-DB data key from meta.local_encryptor_data. See RFC-012 §4.2.
|
||||
// DecryptYandexIntermediateKey unwraps the per-DB data key from meta.local_encryptor_data.
|
||||
func DecryptYandexIntermediateKey(masterKey, blob []byte) ([]byte, error) {
|
||||
idx := bytes.Index(blob, localEncryptorPrefix)
|
||||
if idx < 0 {
|
||||
|
||||
Reference in New Issue
Block a user