mirror of
https://github.com/moonD4rk/HackBrowserData.git
synced 2026-07-04 21:37:47 +02:00
refactor(keys): extract master-key package to top-level keys/
Master-key acquisition and the cross-host dump format are a concern distinct from the raw crypto primitives, so crypto/keyretriever moves to an importable top-level keys/. KeyRetriever→Retriever drops the keys.KeyRetriever stutter.
This commit is contained in:
+10
-10
@@ -4,21 +4,21 @@ import (
|
||||
"fmt"
|
||||
|
||||
"github.com/moond4rk/hackbrowserdata/crypto"
|
||||
"github.com/moond4rk/hackbrowserdata/crypto/keyretriever"
|
||||
"github.com/moond4rk/hackbrowserdata/keys"
|
||||
)
|
||||
|
||||
// decryptValue decrypts a Chromium-encrypted value by dispatching on the ciphertext's version
|
||||
// prefix to the matching tier in keys:
|
||||
// prefix to the matching tier in masterKeys:
|
||||
//
|
||||
// - v10 → keys.V10 (Windows DPAPI / macOS Keychain / Linux peanuts kV10Key)
|
||||
// - v11 → keys.V11 (Linux keyring kV11Key; nil on Windows/macOS — Chromium doesn't emit v11 there)
|
||||
// - v20 → keys.V20 (Windows ABE; nil on non-Windows — Chromium doesn't emit v20 there)
|
||||
// - v10 → masterKeys.V10 (Windows DPAPI / macOS Keychain / Linux peanuts kV10Key)
|
||||
// - v11 → masterKeys.V11 (Linux keyring kV11Key; nil on Windows/macOS — Chromium doesn't emit v11 there)
|
||||
// - v20 → masterKeys.V20 (Windows ABE; nil on non-Windows — Chromium doesn't emit v20 there)
|
||||
//
|
||||
// A single profile can carry mixed prefixes (Chrome 127+ upgrades on Windows; Linux session-mode
|
||||
// changes), so every applicable key must be populated upstream for lossless extraction. Missing
|
||||
// tier keys surface as decrypt errors at the ciphertext level; the extract layer treats those as
|
||||
// empty plaintexts rather than fatal errors.
|
||||
func decryptValue(keys keyretriever.MasterKeys, ciphertext []byte) ([]byte, error) {
|
||||
func decryptValue(masterKeys keys.MasterKeys, ciphertext []byte) ([]byte, error) {
|
||||
if len(ciphertext) == 0 {
|
||||
return nil, nil
|
||||
}
|
||||
@@ -26,18 +26,18 @@ func decryptValue(keys keyretriever.MasterKeys, ciphertext []byte) ([]byte, erro
|
||||
version := crypto.DetectVersion(ciphertext)
|
||||
switch version {
|
||||
case crypto.CipherV10:
|
||||
return crypto.DecryptChromium(keys.V10, ciphertext)
|
||||
return crypto.DecryptChromium(masterKeys.V10, ciphertext)
|
||||
case crypto.CipherV11:
|
||||
// v11 is Linux-only and shares v10's AES-CBC path, but uses the keyring-derived kV11Key
|
||||
// rather than the peanuts-derived kV10Key — so a Linux profile with both prefixes needs
|
||||
// distinct per-tier keys to decrypt everything.
|
||||
return crypto.DecryptChromium(keys.V11, ciphertext)
|
||||
return crypto.DecryptChromium(masterKeys.V11, ciphertext)
|
||||
case crypto.CipherV20:
|
||||
// v20 is cross-platform AES-GCM; routed through a dedicated function so Linux/macOS CI can
|
||||
// exercise the same decryption path as Windows.
|
||||
return crypto.DecryptChromiumV20(keys.V20, ciphertext)
|
||||
return crypto.DecryptChromiumV20(masterKeys.V20, ciphertext)
|
||||
case crypto.CipherV12:
|
||||
// Chromium's SecretPortalKeyProvider (Flatpak / xdg-desktop-portal) — HKDF-SHA256 +
|
||||
// Chromium's SecretPortalKeyRetriever (Flatpak / xdg-desktop-portal) — HKDF-SHA256 +
|
||||
// AES-256-GCM with a secret retrieved via org.freedesktop.portal.Desktop. Recognized here
|
||||
// to surface an actionable "known gap" error rather than the generic "unsupported" one.
|
||||
return nil, fmt.Errorf("unsupported cipher version v12 (Chromium SecretPortal / Flatpak; not yet implemented)")
|
||||
|
||||
Reference in New Issue
Block a user